Date
July 18, 2025, 2:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.909758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 19.897595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 19.635902] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 19.929925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 19.625195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 19.788910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.550974] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 19.519219] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 19.574789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.110954] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.117793] Modules linked in: [ 96.118810] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 96.119615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.120057] Hardware name: linux,dummy-virt (DT) [ 96.120731] pstate: 11400009 (nzcV daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 96.121157] pc : kunit_test_null_dereference+0x70/0x170 [ 96.121634] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.122150] sp : ffff800082017d30 [ 96.122555] x29: ffff800082017d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.123268] x26: 1ffe000018b26b61 x25: 0000000000000000 x24: 0000000000000004 [ 96.123943] x23: fff00000c5935b0c x22: ffff971ff2022478 x21: fff00000c3db9008 [ 96.124544] x20: 1ffff00010402fa6 x19: ffff800080087990 x18: 00000000d2e6c06f [ 96.125136] x17: 0000000000000001 x16: 0000000000000100 x15: 0000000021083a63 [ 96.125731] x14: 000000005eed36e5 x13: 1ffe00001b48e989 x12: fffd800018c2f62c [ 96.126330] x11: 1ffe000018c2f62b x10: fffd800018c2f62b x9 : ffff971ff20198e0 [ 96.126855] x8 : ffff800082017c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.127583] x5 : ffff700010402fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.128340] x2 : dfff800000000000 x1 : fff00000c617a880 x0 : ffff800080087990 [ 96.128962] Call trace: [ 96.129318] kunit_test_null_dereference+0x70/0x170 (P) [ 96.129787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.130216] kthread+0x328/0x630 [ 96.130597] ret_from_fork+0x10/0x20 [ 96.131302] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.132206] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.656488] ================================================================== [ 51.656589] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.656589] [ 51.656689] Use-after-free read at 0x000000006326224f (in kfence-#165): [ 51.656743] test_krealloc+0x51c/0x830 [ 51.656788] kunit_try_run_case+0x170/0x3f0 [ 51.656836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.656896] kthread+0x328/0x630 [ 51.656935] ret_from_fork+0x10/0x20 [ 51.656975] [ 51.657002] kfence-#165: 0x000000006326224f-0x00000000c312cf43, size=32, cache=kmalloc-32 [ 51.657002] [ 51.657055] allocated by task 337 on cpu 0 at 51.655769s (0.001282s ago): [ 51.657125] test_alloc+0x29c/0x628 [ 51.657165] test_krealloc+0xc0/0x830 [ 51.657205] kunit_try_run_case+0x170/0x3f0 [ 51.657245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.657286] kthread+0x328/0x630 [ 51.657322] ret_from_fork+0x10/0x20 [ 51.657362] [ 51.657385] freed by task 337 on cpu 0 at 51.656081s (0.001300s ago): [ 51.657446] krealloc_noprof+0x148/0x360 [ 51.657492] test_krealloc+0x1dc/0x830 [ 51.657531] kunit_try_run_case+0x170/0x3f0 [ 51.657571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.657614] kthread+0x328/0x630 [ 51.657649] ret_from_fork+0x10/0x20 [ 51.657688] [ 51.657738] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 51.657817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.657857] Hardware name: linux,dummy-virt (DT) [ 51.657894] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.567903] ================================================================== [ 51.568011] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.568011] [ 51.568119] Use-after-free read at 0x0000000031caa30c (in kfence-#164): [ 51.568176] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.568226] kunit_try_run_case+0x170/0x3f0 [ 51.568273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.568318] kthread+0x328/0x630 [ 51.568356] ret_from_fork+0x10/0x20 [ 51.568397] [ 51.568423] kfence-#164: 0x0000000031caa30c-0x00000000d105f7a0, size=32, cache=test [ 51.568423] [ 51.568475] allocated by task 335 on cpu 1 at 51.555790s (0.012682s ago): [ 51.568545] test_alloc+0x230/0x628 [ 51.568585] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.568628] kunit_try_run_case+0x170/0x3f0 [ 51.568668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.568710] kthread+0x328/0x630 [ 51.568744] ret_from_fork+0x10/0x20 [ 51.568784] [ 51.568807] freed by task 335 on cpu 1 at 51.555927s (0.012877s ago): [ 51.568872] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.568916] kunit_try_run_case+0x170/0x3f0 [ 51.568955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.568996] kthread+0x328/0x630 [ 51.569033] ret_from_fork+0x10/0x20 [ 51.569071] [ 51.569119] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 51.569196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.569227] Hardware name: linux,dummy-virt (DT) [ 51.569262] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.901523] ================================================================== [ 28.901681] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.901681] [ 28.901790] Invalid read at 0x000000004ffab9be: [ 28.901963] test_invalid_access+0xdc/0x1f0 [ 28.902028] kunit_try_run_case+0x170/0x3f0 [ 28.902080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.902130] kthread+0x328/0x630 [ 28.902175] ret_from_fork+0x10/0x20 [ 28.902248] [ 28.902313] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 28.902404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.902440] Hardware name: linux,dummy-virt (DT) [ 28.902496] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.672074] ================================================================== [ 28.672167] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.672167] [ 28.672235] Corrupted memory at 0x00000000f1035819 [ ! . . . . . . . . . . . . . . . ] (in kfence-#160): [ 28.672553] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.672603] kunit_try_run_case+0x170/0x3f0 [ 28.672648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.672692] kthread+0x328/0x630 [ 28.672731] ret_from_fork+0x10/0x20 [ 28.672771] [ 28.672796] kfence-#160: 0x00000000368c7d88-0x000000005f1428d5, size=73, cache=kmalloc-96 [ 28.672796] [ 28.672866] allocated by task 325 on cpu 0 at 28.671813s (0.001050s ago): [ 28.672930] test_alloc+0x29c/0x628 [ 28.672972] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.673015] kunit_try_run_case+0x170/0x3f0 [ 28.673054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.673097] kthread+0x328/0x630 [ 28.673134] ret_from_fork+0x10/0x20 [ 28.673174] [ 28.673197] freed by task 325 on cpu 0 at 28.671975s (0.001219s ago): [ 28.673258] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.673302] kunit_try_run_case+0x170/0x3f0 [ 28.673340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.673383] kthread+0x328/0x630 [ 28.673420] ret_from_fork+0x10/0x20 [ 28.673459] [ 28.673512] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 28.673592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.673623] Hardware name: linux,dummy-virt (DT) [ 28.673659] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.568045] ================================================================== [ 28.568158] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.568158] [ 28.568265] Out-of-bounds read at 0x00000000c007d4c5 (105B right of kfence-#159): [ 28.568329] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.568380] kunit_try_run_case+0x170/0x3f0 [ 28.568427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.568472] kthread+0x328/0x630 [ 28.568513] ret_from_fork+0x10/0x20 [ 28.568555] [ 28.568581] kfence-#159: 0x0000000056976e4b-0x00000000b8296c82, size=73, cache=kmalloc-96 [ 28.568581] [ 28.568635] allocated by task 323 on cpu 0 at 28.567771s (0.000860s ago): [ 28.568707] test_alloc+0x29c/0x628 [ 28.568749] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.568794] kunit_try_run_case+0x170/0x3f0 [ 28.568835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.568894] kthread+0x328/0x630 [ 28.568931] ret_from_fork+0x10/0x20 [ 28.568970] [ 28.569023] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 28.569104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.569134] Hardware name: linux,dummy-virt (DT) [ 28.569171] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.536150] ================================================================== [ 22.536260] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.536260] [ 22.536329] Corrupted memory at 0x000000008bdf56be [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 22.537481] test_corruption+0x278/0x378 [ 22.537538] kunit_try_run_case+0x170/0x3f0 [ 22.537584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.537629] kthread+0x328/0x630 [ 22.537668] ret_from_fork+0x10/0x20 [ 22.537710] [ 22.537734] kfence-#101: 0x00000000c0d04b32-0x00000000b17dc187, size=32, cache=kmalloc-32 [ 22.537734] [ 22.537792] allocated by task 311 on cpu 0 at 22.535837s (0.001951s ago): [ 22.537867] test_alloc+0x29c/0x628 [ 22.537909] test_corruption+0xdc/0x378 [ 22.537950] kunit_try_run_case+0x170/0x3f0 [ 22.537991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.538034] kthread+0x328/0x630 [ 22.538071] ret_from_fork+0x10/0x20 [ 22.538111] [ 22.538134] freed by task 311 on cpu 0 at 22.535962s (0.002168s ago): [ 22.538195] test_corruption+0x278/0x378 [ 22.538234] kunit_try_run_case+0x170/0x3f0 [ 22.538275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.538318] kthread+0x328/0x630 [ 22.538353] ret_from_fork+0x10/0x20 [ 22.538393] [ 22.538444] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.538522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.538552] Hardware name: linux,dummy-virt (DT) [ 22.538586] ================================================================== [ 23.055995] ================================================================== [ 23.056096] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.056096] [ 23.056160] Corrupted memory at 0x00000000954ab0a2 [ ! . . . . . . . . . . . . . . . ] (in kfence-#106): [ 23.056479] test_corruption+0x120/0x378 [ 23.056530] kunit_try_run_case+0x170/0x3f0 [ 23.056576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.056621] kthread+0x328/0x630 [ 23.056660] ret_from_fork+0x10/0x20 [ 23.056701] [ 23.056726] kfence-#106: 0x00000000ef8227ec-0x00000000be28ac45, size=32, cache=test [ 23.056726] [ 23.056781] allocated by task 313 on cpu 0 at 23.055821s (0.000956s ago): [ 23.056854] test_alloc+0x230/0x628 [ 23.056896] test_corruption+0xdc/0x378 [ 23.056936] kunit_try_run_case+0x170/0x3f0 [ 23.056976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.057018] kthread+0x328/0x630 [ 23.057056] ret_from_fork+0x10/0x20 [ 23.057095] [ 23.057118] freed by task 313 on cpu 0 at 23.055902s (0.001212s ago): [ 23.057178] test_corruption+0x120/0x378 [ 23.057218] kunit_try_run_case+0x170/0x3f0 [ 23.057257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.057301] kthread+0x328/0x630 [ 23.057337] ret_from_fork+0x10/0x20 [ 23.057376] [ 23.057423] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 23.057510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.057539] Hardware name: linux,dummy-virt (DT) [ 23.057572] ================================================================== [ 22.952131] ================================================================== [ 22.952233] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.952233] [ 22.952300] Corrupted memory at 0x000000003b90e37c [ ! ] (in kfence-#105): [ 22.952436] test_corruption+0x284/0x378 [ 22.952482] kunit_try_run_case+0x170/0x3f0 [ 22.952527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.952569] kthread+0x328/0x630 [ 22.952608] ret_from_fork+0x10/0x20 [ 22.952650] [ 22.952674] kfence-#105: 0x00000000eee4b02e-0x0000000092674b55, size=32, cache=kmalloc-32 [ 22.952674] [ 22.952730] allocated by task 311 on cpu 0 at 22.951821s (0.000906s ago): [ 22.952793] test_alloc+0x29c/0x628 [ 22.952833] test_corruption+0x198/0x378 [ 22.952889] kunit_try_run_case+0x170/0x3f0 [ 22.952928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.952971] kthread+0x328/0x630 [ 22.953006] ret_from_fork+0x10/0x20 [ 22.953045] [ 22.953068] freed by task 311 on cpu 0 at 22.951944s (0.001120s ago): [ 22.953129] test_corruption+0x284/0x378 [ 22.953169] kunit_try_run_case+0x170/0x3f0 [ 22.953207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.953250] kthread+0x328/0x630 [ 22.953284] ret_from_fork+0x10/0x20 [ 22.953324] [ 22.953371] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.953446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.953483] Hardware name: linux,dummy-virt (DT) [ 22.953517] ================================================================== [ 23.160013] ================================================================== [ 23.160113] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.160113] [ 23.160176] Corrupted memory at 0x000000004de68469 [ ! ] (in kfence-#107): [ 23.160295] test_corruption+0x1d8/0x378 [ 23.160342] kunit_try_run_case+0x170/0x3f0 [ 23.160383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.160428] kthread+0x328/0x630 [ 23.160466] ret_from_fork+0x10/0x20 [ 23.160506] [ 23.160531] kfence-#107: 0x0000000090b00df0-0x0000000074124fce, size=32, cache=test [ 23.160531] [ 23.160586] allocated by task 313 on cpu 0 at 23.159839s (0.000743s ago): [ 23.160648] test_alloc+0x230/0x628 [ 23.160689] test_corruption+0x198/0x378 [ 23.160728] kunit_try_run_case+0x170/0x3f0 [ 23.160768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.160811] kthread+0x328/0x630 [ 23.160861] ret_from_fork+0x10/0x20 [ 23.160901] [ 23.160924] freed by task 313 on cpu 0 at 23.159919s (0.001001s ago): [ 23.160984] test_corruption+0x1d8/0x378 [ 23.161022] kunit_try_run_case+0x170/0x3f0 [ 23.161061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.161104] kthread+0x328/0x630 [ 23.161139] ret_from_fork+0x10/0x20 [ 23.161178] [ 23.161223] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 23.161298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.161329] Hardware name: linux,dummy-virt (DT) [ 23.161361] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.432287] ================================================================== [ 22.432382] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.432382] [ 22.432443] Invalid free of 0x000000007e65b193 (in kfence-#100): [ 22.432500] test_invalid_addr_free+0xec/0x238 [ 22.432547] kunit_try_run_case+0x170/0x3f0 [ 22.432589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.432632] kthread+0x328/0x630 [ 22.432670] ret_from_fork+0x10/0x20 [ 22.432709] [ 22.432733] kfence-#100: 0x00000000950d63fc-0x000000008b4113fc, size=32, cache=test [ 22.432733] [ 22.432787] allocated by task 309 on cpu 1 at 22.432158s (0.000625s ago): [ 22.432861] test_alloc+0x230/0x628 [ 22.432902] test_invalid_addr_free+0xd4/0x238 [ 22.432944] kunit_try_run_case+0x170/0x3f0 [ 22.432984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.433028] kthread+0x328/0x630 [ 22.433063] ret_from_fork+0x10/0x20 [ 22.433103] [ 22.433146] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.433224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.433254] Hardware name: linux,dummy-virt (DT) [ 22.433288] ================================================================== [ 22.327996] ================================================================== [ 22.328089] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.328089] [ 22.328152] Invalid free of 0x000000003cc35479 (in kfence-#99): [ 22.328208] test_invalid_addr_free+0x1ac/0x238 [ 22.328255] kunit_try_run_case+0x170/0x3f0 [ 22.328299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.328343] kthread+0x328/0x630 [ 22.328383] ret_from_fork+0x10/0x20 [ 22.328423] [ 22.328448] kfence-#99: 0x00000000fa534c1d-0x000000009cad141c, size=32, cache=kmalloc-32 [ 22.328448] [ 22.328503] allocated by task 307 on cpu 1 at 22.327827s (0.000672s ago): [ 22.328565] test_alloc+0x29c/0x628 [ 22.328610] test_invalid_addr_free+0xd4/0x238 [ 22.328652] kunit_try_run_case+0x170/0x3f0 [ 22.328692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.328736] kthread+0x328/0x630 [ 22.328771] ret_from_fork+0x10/0x20 [ 22.328811] [ 22.328871] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.328952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.328981] Hardware name: linux,dummy-virt (DT) [ 22.329017] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.224050] ================================================================== [ 22.224148] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.224148] [ 22.224213] Invalid free of 0x000000008c3132d1 (in kfence-#98): [ 22.224267] test_double_free+0x100/0x238 [ 22.224311] kunit_try_run_case+0x170/0x3f0 [ 22.224356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.224401] kthread+0x328/0x630 [ 22.224443] ret_from_fork+0x10/0x20 [ 22.224485] [ 22.224510] kfence-#98: 0x000000008c3132d1-0x000000006330bb57, size=32, cache=test [ 22.224510] [ 22.224565] allocated by task 305 on cpu 0 at 22.223826s (0.000735s ago): [ 22.224627] test_alloc+0x230/0x628 [ 22.224666] test_double_free+0xd4/0x238 [ 22.224710] kunit_try_run_case+0x170/0x3f0 [ 22.224749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.224793] kthread+0x328/0x630 [ 22.224828] ret_from_fork+0x10/0x20 [ 22.224881] [ 22.224905] freed by task 305 on cpu 0 at 22.223909s (0.000993s ago): [ 22.224969] test_double_free+0xf0/0x238 [ 22.225009] kunit_try_run_case+0x170/0x3f0 [ 22.225049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.225090] kthread+0x328/0x630 [ 22.225128] ret_from_fork+0x10/0x20 [ 22.225168] [ 22.225221] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.225300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.225330] Hardware name: linux,dummy-virt (DT) [ 22.225362] ================================================================== [ 22.122064] ================================================================== [ 22.122144] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.122144] [ 22.122501] Invalid free of 0x00000000346a6eea (in kfence-#97): [ 22.122626] test_double_free+0x1bc/0x238 [ 22.122785] kunit_try_run_case+0x170/0x3f0 [ 22.123068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.123146] kthread+0x328/0x630 [ 22.123240] ret_from_fork+0x10/0x20 [ 22.123333] [ 22.123372] kfence-#97: 0x00000000346a6eea-0x00000000fb5da685, size=32, cache=kmalloc-32 [ 22.123372] [ 22.123910] allocated by task 303 on cpu 0 at 22.121472s (0.002277s ago): [ 22.124044] test_alloc+0x29c/0x628 [ 22.124325] test_double_free+0xd4/0x238 [ 22.124645] kunit_try_run_case+0x170/0x3f0 [ 22.124692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.125074] kthread+0x328/0x630 [ 22.125304] ret_from_fork+0x10/0x20 [ 22.125396] [ 22.125791] freed by task 303 on cpu 0 at 22.121825s (0.003875s ago): [ 22.125923] test_double_free+0x1ac/0x238 [ 22.126040] kunit_try_run_case+0x170/0x3f0 [ 22.126397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.126502] kthread+0x328/0x630 [ 22.126663] ret_from_fork+0x10/0x20 [ 22.126708] [ 22.127033] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.127410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.127536] Hardware name: linux,dummy-virt (DT) [ 22.127616] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.810805] ================================================================== [ 21.810945] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.810945] [ 21.811066] Use-after-free read at 0x00000000cf0f9903 (in kfence-#94): [ 21.811412] test_use_after_free_read+0x114/0x248 [ 21.811578] kunit_try_run_case+0x170/0x3f0 [ 21.811703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.811810] kthread+0x328/0x630 [ 21.811959] ret_from_fork+0x10/0x20 [ 21.812002] [ 21.812030] kfence-#94: 0x00000000cf0f9903-0x000000006e0a7c27, size=32, cache=test [ 21.812030] [ 21.812244] allocated by task 297 on cpu 0 at 21.809767s (0.002472s ago): [ 21.812529] test_alloc+0x230/0x628 [ 21.812828] test_use_after_free_read+0xd0/0x248 [ 21.813097] kunit_try_run_case+0x170/0x3f0 [ 21.813237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.813288] kthread+0x328/0x630 [ 21.813644] ret_from_fork+0x10/0x20 [ 21.813801] [ 21.813983] freed by task 297 on cpu 0 at 21.810250s (0.003703s ago): [ 21.814096] test_use_after_free_read+0xf0/0x248 [ 21.814201] kunit_try_run_case+0x170/0x3f0 [ 21.814282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.814476] kthread+0x328/0x630 [ 21.814682] ret_from_fork+0x10/0x20 [ 21.814821] [ 21.814978] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.815120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.815432] Hardware name: linux,dummy-virt (DT) [ 21.815961] ================================================================== [ 21.705784] ================================================================== [ 21.705922] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.705922] [ 21.706028] Use-after-free read at 0x00000000eb213f03 (in kfence-#93): [ 21.706081] test_use_after_free_read+0x114/0x248 [ 21.706129] kunit_try_run_case+0x170/0x3f0 [ 21.706619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.706970] kthread+0x328/0x630 [ 21.707060] ret_from_fork+0x10/0x20 [ 21.707169] [ 21.707227] kfence-#93: 0x00000000eb213f03-0x00000000448c44ab, size=32, cache=kmalloc-32 [ 21.707227] [ 21.707285] allocated by task 295 on cpu 0 at 21.704866s (0.002414s ago): [ 21.707672] test_alloc+0x29c/0x628 [ 21.707764] test_use_after_free_read+0xd0/0x248 [ 21.707888] kunit_try_run_case+0x170/0x3f0 [ 21.707933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.708245] kthread+0x328/0x630 [ 21.708341] ret_from_fork+0x10/0x20 [ 21.708478] [ 21.708590] freed by task 295 on cpu 0 at 21.704957s (0.003602s ago): [ 21.708747] test_use_after_free_read+0x1c0/0x248 [ 21.709198] kunit_try_run_case+0x170/0x3f0 [ 21.709530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.709736] kthread+0x328/0x630 [ 21.709938] ret_from_fork+0x10/0x20 [ 21.709980] [ 21.710395] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.710607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.711013] Hardware name: linux,dummy-virt (DT) [ 21.711105] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.497531] ================================================================== [ 21.497656] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.497656] [ 21.498315] Out-of-bounds write at 0x00000000efc9c56e (1B left of kfence-#91): [ 21.498396] test_out_of_bounds_write+0x100/0x240 [ 21.498450] kunit_try_run_case+0x170/0x3f0 [ 21.498495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.498572] kthread+0x328/0x630 [ 21.498617] ret_from_fork+0x10/0x20 [ 21.498675] [ 21.498702] kfence-#91: 0x00000000cac9f02b-0x0000000066d09c0d, size=32, cache=kmalloc-32 [ 21.498702] [ 21.498905] allocated by task 291 on cpu 0 at 21.497244s (0.001629s ago): [ 21.498980] test_alloc+0x29c/0x628 [ 21.499365] test_out_of_bounds_write+0xc8/0x240 [ 21.499496] kunit_try_run_case+0x170/0x3f0 [ 21.499660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.499863] kthread+0x328/0x630 [ 21.499948] ret_from_fork+0x10/0x20 [ 21.499990] [ 21.500042] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.500469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.500560] Hardware name: linux,dummy-virt (DT) [ 21.500708] ================================================================== [ 21.600673] ================================================================== [ 21.600756] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.600756] [ 21.601163] Out-of-bounds write at 0x0000000068502e9e (1B left of kfence-#92): [ 21.601266] test_out_of_bounds_write+0x100/0x240 [ 21.601358] kunit_try_run_case+0x170/0x3f0 [ 21.601405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.601728] kthread+0x328/0x630 [ 21.601806] ret_from_fork+0x10/0x20 [ 21.601887] [ 21.601947] kfence-#92: 0x00000000ed714671-0x000000006763fb48, size=32, cache=test [ 21.601947] [ 21.602022] allocated by task 293 on cpu 0 at 21.600511s (0.001489s ago): [ 21.602150] test_alloc+0x230/0x628 [ 21.602236] test_out_of_bounds_write+0xc8/0x240 [ 21.602282] kunit_try_run_case+0x170/0x3f0 [ 21.602341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.602531] kthread+0x328/0x630 [ 21.602577] ret_from_fork+0x10/0x20 [ 21.602621] [ 21.602948] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.603047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.603161] Hardware name: linux,dummy-virt (DT) [ 21.603317] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.080433] ================================================================== [ 21.080514] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.080514] [ 21.080604] Out-of-bounds read at 0x00000000fb5d2260 (1B left of kfence-#87): [ 21.080681] test_out_of_bounds_read+0x114/0x3e0 [ 21.080730] kunit_try_run_case+0x170/0x3f0 [ 21.080773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.080817] kthread+0x328/0x630 [ 21.081019] ret_from_fork+0x10/0x20 [ 21.081063] [ 21.081128] kfence-#87: 0x0000000019062aec-0x0000000029402598, size=32, cache=test [ 21.081128] [ 21.081200] allocated by task 289 on cpu 0 at 21.080208s (0.000969s ago): [ 21.081271] test_alloc+0x230/0x628 [ 21.081312] test_out_of_bounds_read+0xdc/0x3e0 [ 21.081353] kunit_try_run_case+0x170/0x3f0 [ 21.081634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.081695] kthread+0x328/0x630 [ 21.081732] ret_from_fork+0x10/0x20 [ 21.081836] [ 21.081900] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.081981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.082057] Hardware name: linux,dummy-virt (DT) [ 21.082093] ================================================================== [ 20.665571] ================================================================== [ 20.665713] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.665713] [ 20.665872] Out-of-bounds read at 0x00000000f5c99ef0 (1B left of kfence-#83): [ 20.665955] test_out_of_bounds_read+0x114/0x3e0 [ 20.666387] kunit_try_run_case+0x170/0x3f0 [ 20.666458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.666542] kthread+0x328/0x630 [ 20.666608] ret_from_fork+0x10/0x20 [ 20.666654] [ 20.666708] kfence-#83: 0x00000000b4502e57-0x00000000510be8e4, size=32, cache=kmalloc-32 [ 20.666708] [ 20.666797] allocated by task 287 on cpu 0 at 20.664415s (0.002370s ago): [ 20.666906] test_alloc+0x29c/0x628 [ 20.667101] test_out_of_bounds_read+0xdc/0x3e0 [ 20.667259] kunit_try_run_case+0x170/0x3f0 [ 20.667311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.667358] kthread+0x328/0x630 [ 20.667395] ret_from_fork+0x10/0x20 [ 20.667461] [ 20.667526] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.667837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.667988] Hardware name: linux,dummy-virt (DT) [ 20.668088] ================================================================== [ 20.769067] ================================================================== [ 20.769148] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.769148] [ 20.769337] Out-of-bounds read at 0x000000002655f13d (32B right of kfence-#84): [ 20.769412] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.769462] kunit_try_run_case+0x170/0x3f0 [ 20.769512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.769557] kthread+0x328/0x630 [ 20.769689] ret_from_fork+0x10/0x20 [ 20.769740] [ 20.769765] kfence-#84: 0x000000004b42c9d6-0x000000009a960cbf, size=32, cache=kmalloc-32 [ 20.769765] [ 20.770206] allocated by task 287 on cpu 0 at 20.768805s (0.001352s ago): [ 20.770294] test_alloc+0x29c/0x628 [ 20.770337] test_out_of_bounds_read+0x198/0x3e0 [ 20.770384] kunit_try_run_case+0x170/0x3f0 [ 20.770436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.770488] kthread+0x328/0x630 [ 20.770526] ret_from_fork+0x10/0x20 [ 20.770567] [ 20.770617] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.770695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.770724] Hardware name: linux,dummy-virt (DT) [ 20.770768] ================================================================== [ 21.392329] ================================================================== [ 21.392446] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.392446] [ 21.392530] Out-of-bounds read at 0x00000000907285a9 (32B right of kfence-#90): [ 21.392587] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.392894] kunit_try_run_case+0x170/0x3f0 [ 21.392956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.393014] kthread+0x328/0x630 [ 21.393053] ret_from_fork+0x10/0x20 [ 21.393184] [ 21.393214] kfence-#90: 0x000000006faa6939-0x000000002a07cde9, size=32, cache=test [ 21.393214] [ 21.393452] allocated by task 289 on cpu 0 at 21.392223s (0.001145s ago): [ 21.393564] test_alloc+0x230/0x628 [ 21.393674] test_out_of_bounds_read+0x198/0x3e0 [ 21.393718] kunit_try_run_case+0x170/0x3f0 [ 21.393763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.394146] kthread+0x328/0x630 [ 21.394229] ret_from_fork+0x10/0x20 [ 21.394308] [ 21.394358] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.394562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.394597] Hardware name: linux,dummy-virt (DT) [ 21.394730] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-kmem_cache_double_free
[ 17.906185] ================================================================== [ 17.906445] BUG: KFENCE: invalid free in kmem_cache_double_free+0x190/0x3c8 [ 17.906445] [ 17.906886] Invalid free of 0x0000000062aa973b (in kfence-#64): [ 17.907218] kmem_cache_double_free+0x190/0x3c8 [ 17.907270] kunit_try_run_case+0x170/0x3f0 [ 17.907380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.907426] kthread+0x328/0x630 [ 17.907461] ret_from_fork+0x10/0x20 [ 17.907509] [ 17.908285] kfence-#64: 0x0000000062aa973b-0x000000001e0d8e94, size=200, cache=test_cache [ 17.908285] [ 17.908472] allocated by task 209 on cpu 1 at 17.904669s (0.003745s ago): [ 17.909174] kmem_cache_double_free+0x12c/0x3c8 [ 17.909392] kunit_try_run_case+0x170/0x3f0 [ 17.909490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.909584] kthread+0x328/0x630 [ 17.909734] ret_from_fork+0x10/0x20 [ 17.909936] [ 17.910166] freed by task 209 on cpu 1 at 17.904704s (0.005275s ago): [ 17.910260] kmem_cache_double_free+0x140/0x3c8 [ 17.910410] kunit_try_run_case+0x170/0x3f0 [ 17.910495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.910574] kthread+0x328/0x630 [ 17.910607] ret_from_fork+0x10/0x20 [ 17.910731] [ 17.910871] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.910959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.910987] Hardware name: linux,dummy-virt (DT) [ 17.911022] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.454251] ================================================================== [ 20.454336] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.454511] Write of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.454661] [ 20.454712] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.454801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.455102] Hardware name: linux,dummy-virt (DT) [ 20.455148] Call trace: [ 20.455174] show_stack+0x20/0x38 (C) [ 20.455236] dump_stack_lvl+0x8c/0xd0 [ 20.455287] print_report+0x118/0x5d0 [ 20.455337] kasan_report+0xdc/0x128 [ 20.455388] kasan_check_range+0x100/0x1a8 [ 20.455437] __kasan_check_write+0x20/0x30 [ 20.455527] strncpy_from_user+0x3c/0x2a0 [ 20.455582] copy_user_test_oob+0x5c0/0xec8 [ 20.455664] kunit_try_run_case+0x170/0x3f0 [ 20.455724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.455791] kthread+0x328/0x630 [ 20.455836] ret_from_fork+0x10/0x20 [ 20.455900] [ 20.455921] Allocated by task 285: [ 20.455966] kasan_save_stack+0x3c/0x68 [ 20.456015] kasan_save_track+0x20/0x40 [ 20.456059] kasan_save_alloc_info+0x40/0x58 [ 20.456109] __kasan_kmalloc+0xd4/0xd8 [ 20.456154] __kmalloc_noprof+0x198/0x4c8 [ 20.456194] kunit_kmalloc_array+0x34/0x88 [ 20.456244] copy_user_test_oob+0xac/0xec8 [ 20.456283] kunit_try_run_case+0x170/0x3f0 [ 20.456323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.456368] kthread+0x328/0x630 [ 20.456402] ret_from_fork+0x10/0x20 [ 20.456440] [ 20.456461] The buggy address belongs to the object at fff00000c78e9d00 [ 20.456461] which belongs to the cache kmalloc-128 of size 128 [ 20.456522] The buggy address is located 0 bytes inside of [ 20.456522] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.456591] [ 20.456624] The buggy address belongs to the physical page: [ 20.456662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.456717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.456773] page_type: f5(slab) [ 20.456822] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.457968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.458033] page dumped because: kasan: bad access detected [ 20.458089] [ 20.458110] Memory state around the buggy address: [ 20.458149] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.458618] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.459021] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.459207] ^ [ 20.459289] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.459736] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.459974] ================================================================== [ 20.466564] ================================================================== [ 20.466634] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.467362] Write of size 1 at addr fff00000c78e9d78 by task kunit_try_catch/285 [ 20.467532] [ 20.467641] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.467808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.467853] Hardware name: linux,dummy-virt (DT) [ 20.467901] Call trace: [ 20.468592] show_stack+0x20/0x38 (C) [ 20.468830] dump_stack_lvl+0x8c/0xd0 [ 20.469092] print_report+0x118/0x5d0 [ 20.469480] kasan_report+0xdc/0x128 [ 20.469634] __asan_report_store1_noabort+0x20/0x30 [ 20.469819] strncpy_from_user+0x270/0x2a0 [ 20.470191] copy_user_test_oob+0x5c0/0xec8 [ 20.470364] kunit_try_run_case+0x170/0x3f0 [ 20.470540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.470759] kthread+0x328/0x630 [ 20.471099] ret_from_fork+0x10/0x20 [ 20.471207] [ 20.471262] Allocated by task 285: [ 20.471501] kasan_save_stack+0x3c/0x68 [ 20.471665] kasan_save_track+0x20/0x40 [ 20.471712] kasan_save_alloc_info+0x40/0x58 [ 20.471755] __kasan_kmalloc+0xd4/0xd8 [ 20.471797] __kmalloc_noprof+0x198/0x4c8 [ 20.472048] kunit_kmalloc_array+0x34/0x88 [ 20.472250] copy_user_test_oob+0xac/0xec8 [ 20.472326] kunit_try_run_case+0x170/0x3f0 [ 20.472510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.472722] kthread+0x328/0x630 [ 20.472797] ret_from_fork+0x10/0x20 [ 20.472953] [ 20.473063] The buggy address belongs to the object at fff00000c78e9d00 [ 20.473063] which belongs to the cache kmalloc-128 of size 128 [ 20.473495] The buggy address is located 0 bytes to the right of [ 20.473495] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.473602] [ 20.474034] The buggy address belongs to the physical page: [ 20.474124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.474241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.474523] page_type: f5(slab) [ 20.474630] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.474869] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.475065] page dumped because: kasan: bad access detected [ 20.475264] [ 20.475389] Memory state around the buggy address: [ 20.475430] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.475501] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.475548] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.475919] ^ [ 20.476015] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.476258] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.476443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.441373] ================================================================== [ 20.441454] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.441866] Read of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.441944] [ 20.442282] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.442398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.442623] Hardware name: linux,dummy-virt (DT) [ 20.442697] Call trace: [ 20.442874] show_stack+0x20/0x38 (C) [ 20.442956] dump_stack_lvl+0x8c/0xd0 [ 20.443322] print_report+0x118/0x5d0 [ 20.443567] kasan_report+0xdc/0x128 [ 20.443628] kasan_check_range+0x100/0x1a8 [ 20.443694] __kasan_check_read+0x20/0x30 [ 20.444111] copy_user_test_oob+0x4a0/0xec8 [ 20.444425] kunit_try_run_case+0x170/0x3f0 [ 20.444674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.444822] kthread+0x328/0x630 [ 20.444941] ret_from_fork+0x10/0x20 [ 20.445462] [ 20.445840] Allocated by task 285: [ 20.446056] kasan_save_stack+0x3c/0x68 [ 20.446237] kasan_save_track+0x20/0x40 [ 20.446336] kasan_save_alloc_info+0x40/0x58 [ 20.446490] __kasan_kmalloc+0xd4/0xd8 [ 20.446544] __kmalloc_noprof+0x198/0x4c8 [ 20.446877] kunit_kmalloc_array+0x34/0x88 [ 20.447212] copy_user_test_oob+0xac/0xec8 [ 20.447359] kunit_try_run_case+0x170/0x3f0 [ 20.447508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.447624] kthread+0x328/0x630 [ 20.447768] ret_from_fork+0x10/0x20 [ 20.447822] [ 20.447859] The buggy address belongs to the object at fff00000c78e9d00 [ 20.447859] which belongs to the cache kmalloc-128 of size 128 [ 20.448057] The buggy address is located 0 bytes inside of [ 20.448057] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.448132] [ 20.448158] The buggy address belongs to the physical page: [ 20.448202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.448464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.448526] page_type: f5(slab) [ 20.448576] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.448628] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.448682] page dumped because: kasan: bad access detected [ 20.448719] [ 20.448757] Memory state around the buggy address: [ 20.448826] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.449158] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.449664] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.449802] ^ [ 20.449866] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.450359] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.450541] ================================================================== [ 20.410020] ================================================================== [ 20.410151] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.410340] Write of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.410416] [ 20.410462] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.410913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.410962] Hardware name: linux,dummy-virt (DT) [ 20.411010] Call trace: [ 20.411037] show_stack+0x20/0x38 (C) [ 20.411335] dump_stack_lvl+0x8c/0xd0 [ 20.412375] print_report+0x118/0x5d0 [ 20.412444] kasan_report+0xdc/0x128 [ 20.412492] kasan_check_range+0x100/0x1a8 [ 20.412925] __kasan_check_write+0x20/0x30 [ 20.414063] copy_user_test_oob+0x35c/0xec8 [ 20.414226] kunit_try_run_case+0x170/0x3f0 [ 20.414362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.414620] kthread+0x328/0x630 [ 20.414823] ret_from_fork+0x10/0x20 [ 20.414971] [ 20.415030] Allocated by task 285: [ 20.415062] kasan_save_stack+0x3c/0x68 [ 20.415267] kasan_save_track+0x20/0x40 [ 20.415340] kasan_save_alloc_info+0x40/0x58 [ 20.415418] __kasan_kmalloc+0xd4/0xd8 [ 20.415460] __kmalloc_noprof+0x198/0x4c8 [ 20.415512] kunit_kmalloc_array+0x34/0x88 [ 20.415570] copy_user_test_oob+0xac/0xec8 [ 20.415610] kunit_try_run_case+0x170/0x3f0 [ 20.415999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.416194] kthread+0x328/0x630 [ 20.416414] ret_from_fork+0x10/0x20 [ 20.417121] [ 20.417157] The buggy address belongs to the object at fff00000c78e9d00 [ 20.417157] which belongs to the cache kmalloc-128 of size 128 [ 20.417390] The buggy address is located 0 bytes inside of [ 20.417390] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.417664] [ 20.417712] The buggy address belongs to the physical page: [ 20.417749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.417807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.417874] page_type: f5(slab) [ 20.417918] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.417999] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.418053] page dumped because: kasan: bad access detected [ 20.418087] [ 20.418109] Memory state around the buggy address: [ 20.418146] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.418195] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.418242] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.418285] ^ [ 20.418338] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.418385] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.418433] ================================================================== [ 20.430973] ================================================================== [ 20.431220] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.431449] Write of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.431520] [ 20.431563] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.431656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.432109] Hardware name: linux,dummy-virt (DT) [ 20.432433] Call trace: [ 20.432470] show_stack+0x20/0x38 (C) [ 20.432866] dump_stack_lvl+0x8c/0xd0 [ 20.433117] print_report+0x118/0x5d0 [ 20.433425] kasan_report+0xdc/0x128 [ 20.433599] kasan_check_range+0x100/0x1a8 [ 20.434004] __kasan_check_write+0x20/0x30 [ 20.434123] copy_user_test_oob+0x434/0xec8 [ 20.434275] kunit_try_run_case+0x170/0x3f0 [ 20.434667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.435071] kthread+0x328/0x630 [ 20.435322] ret_from_fork+0x10/0x20 [ 20.435523] [ 20.435655] Allocated by task 285: [ 20.435701] kasan_save_stack+0x3c/0x68 [ 20.435750] kasan_save_track+0x20/0x40 [ 20.435808] kasan_save_alloc_info+0x40/0x58 [ 20.435861] __kasan_kmalloc+0xd4/0xd8 [ 20.435902] __kmalloc_noprof+0x198/0x4c8 [ 20.436327] kunit_kmalloc_array+0x34/0x88 [ 20.436705] copy_user_test_oob+0xac/0xec8 [ 20.436922] kunit_try_run_case+0x170/0x3f0 [ 20.436971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.437254] kthread+0x328/0x630 [ 20.437412] ret_from_fork+0x10/0x20 [ 20.437658] [ 20.437694] The buggy address belongs to the object at fff00000c78e9d00 [ 20.437694] which belongs to the cache kmalloc-128 of size 128 [ 20.437945] The buggy address is located 0 bytes inside of [ 20.437945] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.438111] [ 20.438140] The buggy address belongs to the physical page: [ 20.438177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.438235] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.438291] page_type: f5(slab) [ 20.438336] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.438401] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.438444] page dumped because: kasan: bad access detected [ 20.438498] [ 20.438521] Memory state around the buggy address: [ 20.438569] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.438616] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.438663] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.438705] ^ [ 20.438750] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.438797] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.438853] ================================================================== [ 20.389930] ================================================================== [ 20.390216] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.390305] Read of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.390375] [ 20.390422] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.390512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.390541] Hardware name: linux,dummy-virt (DT) [ 20.390577] Call trace: [ 20.390604] show_stack+0x20/0x38 (C) [ 20.390959] dump_stack_lvl+0x8c/0xd0 [ 20.391042] print_report+0x118/0x5d0 [ 20.391096] kasan_report+0xdc/0x128 [ 20.391466] kasan_check_range+0x100/0x1a8 [ 20.391545] __kasan_check_read+0x20/0x30 [ 20.391602] copy_user_test_oob+0x728/0xec8 [ 20.392106] kunit_try_run_case+0x170/0x3f0 [ 20.392215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.392518] kthread+0x328/0x630 [ 20.392750] ret_from_fork+0x10/0x20 [ 20.393281] [ 20.393393] Allocated by task 285: [ 20.393473] kasan_save_stack+0x3c/0x68 [ 20.393837] kasan_save_track+0x20/0x40 [ 20.393956] kasan_save_alloc_info+0x40/0x58 [ 20.394054] __kasan_kmalloc+0xd4/0xd8 [ 20.394119] __kmalloc_noprof+0x198/0x4c8 [ 20.394327] kunit_kmalloc_array+0x34/0x88 [ 20.394391] copy_user_test_oob+0xac/0xec8 [ 20.394488] kunit_try_run_case+0x170/0x3f0 [ 20.394661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.394714] kthread+0x328/0x630 [ 20.394760] ret_from_fork+0x10/0x20 [ 20.394800] [ 20.394838] The buggy address belongs to the object at fff00000c78e9d00 [ 20.394838] which belongs to the cache kmalloc-128 of size 128 [ 20.394932] The buggy address is located 0 bytes inside of [ 20.394932] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.395007] [ 20.395035] The buggy address belongs to the physical page: [ 20.395072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.395137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.395193] page_type: f5(slab) [ 20.395248] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.395883] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.395944] page dumped because: kasan: bad access detected [ 20.395979] [ 20.396000] Memory state around the buggy address: [ 20.396202] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.396333] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.396585] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.396774] ^ [ 20.396870] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397110] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397318] ================================================================== [ 20.366802] ================================================================== [ 20.367955] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.368175] Write of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.368397] [ 20.368525] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.368991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.369067] Hardware name: linux,dummy-virt (DT) [ 20.369156] Call trace: [ 20.369320] show_stack+0x20/0x38 (C) [ 20.369421] dump_stack_lvl+0x8c/0xd0 [ 20.369787] print_report+0x118/0x5d0 [ 20.369908] kasan_report+0xdc/0x128 [ 20.369967] kasan_check_range+0x100/0x1a8 [ 20.370019] __kasan_check_write+0x20/0x30 [ 20.370068] copy_user_test_oob+0x234/0xec8 [ 20.370116] kunit_try_run_case+0x170/0x3f0 [ 20.370174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.370247] kthread+0x328/0x630 [ 20.370297] ret_from_fork+0x10/0x20 [ 20.370361] [ 20.370398] Allocated by task 285: [ 20.370435] kasan_save_stack+0x3c/0x68 [ 20.370499] kasan_save_track+0x20/0x40 [ 20.370551] kasan_save_alloc_info+0x40/0x58 [ 20.370596] __kasan_kmalloc+0xd4/0xd8 [ 20.370644] __kmalloc_noprof+0x198/0x4c8 [ 20.370711] kunit_kmalloc_array+0x34/0x88 [ 20.370751] copy_user_test_oob+0xac/0xec8 [ 20.370792] kunit_try_run_case+0x170/0x3f0 [ 20.370833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.371438] kthread+0x328/0x630 [ 20.371995] ret_from_fork+0x10/0x20 [ 20.372056] [ 20.372185] The buggy address belongs to the object at fff00000c78e9d00 [ 20.372185] which belongs to the cache kmalloc-128 of size 128 [ 20.372831] The buggy address is located 0 bytes inside of [ 20.372831] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.373012] [ 20.373041] The buggy address belongs to the physical page: [ 20.373144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.373723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.374207] page_type: f5(slab) [ 20.374366] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.374442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.374588] page dumped because: kasan: bad access detected [ 20.374647] [ 20.374732] Memory state around the buggy address: [ 20.375476] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.375737] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.376177] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.376308] ^ [ 20.376527] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.376674] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.376942] ================================================================== [ 20.418972] ================================================================== [ 20.419028] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.419079] Read of size 121 at addr fff00000c78e9d00 by task kunit_try_catch/285 [ 20.419133] [ 20.419168] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.419254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.419284] Hardware name: linux,dummy-virt (DT) [ 20.420057] Call trace: [ 20.420102] show_stack+0x20/0x38 (C) [ 20.420156] dump_stack_lvl+0x8c/0xd0 [ 20.420209] print_report+0x118/0x5d0 [ 20.420258] kasan_report+0xdc/0x128 [ 20.420762] kasan_check_range+0x100/0x1a8 [ 20.420999] __kasan_check_read+0x20/0x30 [ 20.421267] copy_user_test_oob+0x3c8/0xec8 [ 20.421717] kunit_try_run_case+0x170/0x3f0 [ 20.422030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.422151] kthread+0x328/0x630 [ 20.422239] ret_from_fork+0x10/0x20 [ 20.422296] [ 20.422662] Allocated by task 285: [ 20.422887] kasan_save_stack+0x3c/0x68 [ 20.423059] kasan_save_track+0x20/0x40 [ 20.423247] kasan_save_alloc_info+0x40/0x58 [ 20.423565] __kasan_kmalloc+0xd4/0xd8 [ 20.423965] __kmalloc_noprof+0x198/0x4c8 [ 20.424168] kunit_kmalloc_array+0x34/0x88 [ 20.424225] copy_user_test_oob+0xac/0xec8 [ 20.424298] kunit_try_run_case+0x170/0x3f0 [ 20.424340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.424659] kthread+0x328/0x630 [ 20.425005] ret_from_fork+0x10/0x20 [ 20.425279] [ 20.425325] The buggy address belongs to the object at fff00000c78e9d00 [ 20.425325] which belongs to the cache kmalloc-128 of size 128 [ 20.425460] The buggy address is located 0 bytes inside of [ 20.425460] allocated 120-byte region [fff00000c78e9d00, fff00000c78e9d78) [ 20.425605] [ 20.425630] The buggy address belongs to the physical page: [ 20.426073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.426316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.426558] page_type: f5(slab) [ 20.426676] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.426911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.426960] page dumped because: kasan: bad access detected [ 20.427246] [ 20.427373] Memory state around the buggy address: [ 20.427904] fff00000c78e9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.427968] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.428016] >fff00000c78e9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.428067] ^ [ 20.428114] fff00000c78e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.428443] fff00000c78e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.428940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 20.300991] ================================================================== [ 20.301062] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 20.301134] Read of size 8 at addr fff00000c78e9c78 by task kunit_try_catch/281 [ 20.301279] [ 20.301323] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.301450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.301610] Hardware name: linux,dummy-virt (DT) [ 20.301647] Call trace: [ 20.301673] show_stack+0x20/0x38 (C) [ 20.301728] dump_stack_lvl+0x8c/0xd0 [ 20.301780] print_report+0x118/0x5d0 [ 20.301954] kasan_report+0xdc/0x128 [ 20.302020] __asan_report_load8_noabort+0x20/0x30 [ 20.302075] copy_to_kernel_nofault+0x204/0x250 [ 20.302127] copy_to_kernel_nofault_oob+0x158/0x418 [ 20.302180] kunit_try_run_case+0x170/0x3f0 [ 20.302231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.302287] kthread+0x328/0x630 [ 20.302332] ret_from_fork+0x10/0x20 [ 20.302411] [ 20.302446] Allocated by task 281: [ 20.302482] kasan_save_stack+0x3c/0x68 [ 20.302535] kasan_save_track+0x20/0x40 [ 20.303532] kasan_save_alloc_info+0x40/0x58 [ 20.303606] __kasan_kmalloc+0xd4/0xd8 [ 20.303708] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.303800] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.303869] kunit_try_run_case+0x170/0x3f0 [ 20.303930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.304011] kthread+0x328/0x630 [ 20.304556] ret_from_fork+0x10/0x20 [ 20.304805] [ 20.305000] The buggy address belongs to the object at fff00000c78e9c00 [ 20.305000] which belongs to the cache kmalloc-128 of size 128 [ 20.305082] The buggy address is located 0 bytes to the right of [ 20.305082] allocated 120-byte region [fff00000c78e9c00, fff00000c78e9c78) [ 20.305513] [ 20.305617] The buggy address belongs to the physical page: [ 20.306067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.306566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.306783] page_type: f5(slab) [ 20.306889] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.307272] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.307340] page dumped because: kasan: bad access detected [ 20.307508] [ 20.307572] Memory state around the buggy address: [ 20.307613] fff00000c78e9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.307667] fff00000c78e9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.307938] >fff00000c78e9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.308084] ^ [ 20.308210] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.308699] fff00000c78e9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.308943] ================================================================== [ 20.310806] ================================================================== [ 20.310886] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 20.311119] Write of size 8 at addr fff00000c78e9c78 by task kunit_try_catch/281 [ 20.311335] [ 20.311838] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.311966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.311998] Hardware name: linux,dummy-virt (DT) [ 20.312286] Call trace: [ 20.312512] show_stack+0x20/0x38 (C) [ 20.312692] dump_stack_lvl+0x8c/0xd0 [ 20.313109] print_report+0x118/0x5d0 [ 20.313279] kasan_report+0xdc/0x128 [ 20.313536] kasan_check_range+0x100/0x1a8 [ 20.313913] __kasan_check_write+0x20/0x30 [ 20.314453] copy_to_kernel_nofault+0x8c/0x250 [ 20.314523] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 20.314738] kunit_try_run_case+0x170/0x3f0 [ 20.315150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.315377] kthread+0x328/0x630 [ 20.315471] ret_from_fork+0x10/0x20 [ 20.315566] [ 20.315590] Allocated by task 281: [ 20.315634] kasan_save_stack+0x3c/0x68 [ 20.315710] kasan_save_track+0x20/0x40 [ 20.315758] kasan_save_alloc_info+0x40/0x58 [ 20.315810] __kasan_kmalloc+0xd4/0xd8 [ 20.315859] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.315903] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.315943] kunit_try_run_case+0x170/0x3f0 [ 20.315984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.316029] kthread+0x328/0x630 [ 20.316083] ret_from_fork+0x10/0x20 [ 20.316125] [ 20.316149] The buggy address belongs to the object at fff00000c78e9c00 [ 20.316149] which belongs to the cache kmalloc-128 of size 128 [ 20.316464] The buggy address is located 0 bytes to the right of [ 20.316464] allocated 120-byte region [fff00000c78e9c00, fff00000c78e9c78) [ 20.316696] [ 20.316969] The buggy address belongs to the physical page: [ 20.317335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 20.317586] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.317652] page_type: f5(slab) [ 20.318133] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.318386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.318506] page dumped because: kasan: bad access detected [ 20.318658] [ 20.318744] Memory state around the buggy address: [ 20.318827] fff00000c78e9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.318897] fff00000c78e9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.319122] >fff00000c78e9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.319344] ^ [ 20.320172] fff00000c78e9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.320245] fff00000c78e9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.320315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 20.255219] ================================================================== [ 20.255364] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 20.255438] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 20.255490] [ 20.255533] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.255748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.255871] Hardware name: linux,dummy-virt (DT) [ 20.256023] Call trace: [ 20.256103] show_stack+0x20/0x38 (C) [ 20.256197] dump_stack_lvl+0x8c/0xd0 [ 20.256278] print_report+0x310/0x5d0 [ 20.256328] kasan_report+0xdc/0x128 [ 20.256377] __asan_report_load1_noabort+0x20/0x30 [ 20.256439] vmalloc_oob+0x578/0x5d0 [ 20.256485] kunit_try_run_case+0x170/0x3f0 [ 20.256545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.256600] kthread+0x328/0x630 [ 20.256651] ret_from_fork+0x10/0x20 [ 20.256706] [ 20.256751] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 20.256800] The buggy address belongs to the physical page: [ 20.256834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107997 [ 20.256929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.257012] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.257074] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.257118] page dumped because: kasan: bad access detected [ 20.257152] [ 20.257172] Memory state around the buggy address: [ 20.257209] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.257255] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.257310] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.257356] ^ [ 20.257403] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.257448] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.257497] ================================================================== [ 20.258774] ================================================================== [ 20.258834] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 20.258911] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 20.258963] [ 20.259001] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.259085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.259115] Hardware name: linux,dummy-virt (DT) [ 20.259151] Call trace: [ 20.259176] show_stack+0x20/0x38 (C) [ 20.259225] dump_stack_lvl+0x8c/0xd0 [ 20.259275] print_report+0x310/0x5d0 [ 20.261878] kasan_report+0xdc/0x128 [ 20.261942] __asan_report_load1_noabort+0x20/0x30 [ 20.261994] vmalloc_oob+0x51c/0x5d0 [ 20.262042] kunit_try_run_case+0x170/0x3f0 [ 20.262091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.262146] kthread+0x328/0x630 [ 20.262191] ret_from_fork+0x10/0x20 [ 20.262241] [ 20.262265] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 20.262310] The buggy address belongs to the physical page: [ 20.262345] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107997 [ 20.262399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.262466] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.262519] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.262561] page dumped because: kasan: bad access detected [ 20.262594] [ 20.262614] Memory state around the buggy address: [ 20.262648] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.262692] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.262737] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.262776] ^ [ 20.262820] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.262873] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.262914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.024374] ================================================================== [ 20.024587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 20.024669] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.025001] [ 20.025055] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.025428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.025671] Hardware name: linux,dummy-virt (DT) [ 20.025723] Call trace: [ 20.025751] show_stack+0x20/0x38 (C) [ 20.025982] dump_stack_lvl+0x8c/0xd0 [ 20.026085] print_report+0x118/0x5d0 [ 20.026186] kasan_report+0xdc/0x128 [ 20.026240] kasan_check_range+0x100/0x1a8 [ 20.026290] __kasan_check_write+0x20/0x30 [ 20.026351] kasan_atomics_helper+0xf88/0x4858 [ 20.026404] kasan_atomics+0x198/0x2e0 [ 20.026665] kunit_try_run_case+0x170/0x3f0 [ 20.026933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.027134] kthread+0x328/0x630 [ 20.027198] ret_from_fork+0x10/0x20 [ 20.027250] [ 20.027704] Allocated by task 265: [ 20.028031] kasan_save_stack+0x3c/0x68 [ 20.028125] kasan_save_track+0x20/0x40 [ 20.028295] kasan_save_alloc_info+0x40/0x58 [ 20.028340] __kasan_kmalloc+0xd4/0xd8 [ 20.028382] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.028430] kasan_atomics+0xb8/0x2e0 [ 20.028469] kunit_try_run_case+0x170/0x3f0 [ 20.028875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.029508] kthread+0x328/0x630 [ 20.029604] ret_from_fork+0x10/0x20 [ 20.030011] [ 20.030064] The buggy address belongs to the object at fff00000c799a780 [ 20.030064] which belongs to the cache kmalloc-64 of size 64 [ 20.030175] The buggy address is located 0 bytes to the right of [ 20.030175] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.030263] [ 20.030306] The buggy address belongs to the physical page: [ 20.030582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.030974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.031414] page_type: f5(slab) [ 20.031520] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.031575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.031649] page dumped because: kasan: bad access detected [ 20.031968] [ 20.032265] Memory state around the buggy address: [ 20.032411] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.032460] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.032507] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.033176] ^ [ 20.033356] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.033701] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.034143] ================================================================== [ 20.194048] ================================================================== [ 20.194108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 20.194162] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.194214] [ 20.194250] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.194332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.194360] Hardware name: linux,dummy-virt (DT) [ 20.194394] Call trace: [ 20.194418] show_stack+0x20/0x38 (C) [ 20.194468] dump_stack_lvl+0x8c/0xd0 [ 20.194519] print_report+0x118/0x5d0 [ 20.195752] kasan_report+0xdc/0x128 [ 20.195826] __asan_report_load8_noabort+0x20/0x30 [ 20.195894] kasan_atomics_helper+0x3e10/0x4858 [ 20.195996] kasan_atomics+0x198/0x2e0 [ 20.196163] kunit_try_run_case+0x170/0x3f0 [ 20.196559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.196629] kthread+0x328/0x630 [ 20.196703] ret_from_fork+0x10/0x20 [ 20.196823] [ 20.196863] Allocated by task 265: [ 20.196896] kasan_save_stack+0x3c/0x68 [ 20.196941] kasan_save_track+0x20/0x40 [ 20.196981] kasan_save_alloc_info+0x40/0x58 [ 20.197023] __kasan_kmalloc+0xd4/0xd8 [ 20.197603] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.197658] kasan_atomics+0xb8/0x2e0 [ 20.197697] kunit_try_run_case+0x170/0x3f0 [ 20.197899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.197983] kthread+0x328/0x630 [ 20.198018] ret_from_fork+0x10/0x20 [ 20.198186] [ 20.198568] The buggy address belongs to the object at fff00000c799a780 [ 20.198568] which belongs to the cache kmalloc-64 of size 64 [ 20.198658] The buggy address is located 0 bytes to the right of [ 20.198658] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.198726] [ 20.199336] The buggy address belongs to the physical page: [ 20.199405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.199464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.199539] page_type: f5(slab) [ 20.199583] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.199874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.199922] page dumped because: kasan: bad access detected [ 20.200089] [ 20.200357] Memory state around the buggy address: [ 20.200400] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.200566] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.200617] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.200657] ^ [ 20.200885] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.200995] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.201319] ================================================================== [ 20.141206] ================================================================== [ 20.141344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 20.141392] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.141442] [ 20.141472] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.141560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.141587] Hardware name: linux,dummy-virt (DT) [ 20.141618] Call trace: [ 20.141641] show_stack+0x20/0x38 (C) [ 20.141690] dump_stack_lvl+0x8c/0xd0 [ 20.141808] print_report+0x118/0x5d0 [ 20.141868] kasan_report+0xdc/0x128 [ 20.141914] kasan_check_range+0x100/0x1a8 [ 20.141963] __kasan_check_write+0x20/0x30 [ 20.142009] kasan_atomics_helper+0x14e4/0x4858 [ 20.142057] kasan_atomics+0x198/0x2e0 [ 20.142103] kunit_try_run_case+0x170/0x3f0 [ 20.142151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142203] kthread+0x328/0x630 [ 20.142258] ret_from_fork+0x10/0x20 [ 20.142518] [ 20.142546] Allocated by task 265: [ 20.142635] kasan_save_stack+0x3c/0x68 [ 20.142678] kasan_save_track+0x20/0x40 [ 20.142716] kasan_save_alloc_info+0x40/0x58 [ 20.142758] __kasan_kmalloc+0xd4/0xd8 [ 20.142795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.142835] kasan_atomics+0xb8/0x2e0 [ 20.142882] kunit_try_run_case+0x170/0x3f0 [ 20.142939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142982] kthread+0x328/0x630 [ 20.143021] ret_from_fork+0x10/0x20 [ 20.143220] [ 20.143310] The buggy address belongs to the object at fff00000c799a780 [ 20.143310] which belongs to the cache kmalloc-64 of size 64 [ 20.143436] The buggy address is located 0 bytes to the right of [ 20.143436] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.143528] [ 20.143556] The buggy address belongs to the physical page: [ 20.143677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.143735] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.144323] page_type: f5(slab) [ 20.144434] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.144537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.144608] page dumped because: kasan: bad access detected [ 20.144641] [ 20.144661] Memory state around the buggy address: [ 20.144695] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.144740] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.144783] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.144822] ^ [ 20.144868] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.144909] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.144948] ================================================================== [ 20.184925] ================================================================== [ 20.185591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 20.185801] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.185964] [ 20.186357] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.186456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.186485] Hardware name: linux,dummy-virt (DT) [ 20.186589] Call trace: [ 20.186918] show_stack+0x20/0x38 (C) [ 20.187086] dump_stack_lvl+0x8c/0xd0 [ 20.187140] print_report+0x118/0x5d0 [ 20.187199] kasan_report+0xdc/0x128 [ 20.187246] kasan_check_range+0x100/0x1a8 [ 20.187659] __kasan_check_write+0x20/0x30 [ 20.187721] kasan_atomics_helper+0x16d0/0x4858 [ 20.188155] kasan_atomics+0x198/0x2e0 [ 20.188473] kunit_try_run_case+0x170/0x3f0 [ 20.188523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.188578] kthread+0x328/0x630 [ 20.188622] ret_from_fork+0x10/0x20 [ 20.188804] [ 20.188832] Allocated by task 265: [ 20.188878] kasan_save_stack+0x3c/0x68 [ 20.188926] kasan_save_track+0x20/0x40 [ 20.189508] kasan_save_alloc_info+0x40/0x58 [ 20.189690] __kasan_kmalloc+0xd4/0xd8 [ 20.189729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.189950] kasan_atomics+0xb8/0x2e0 [ 20.189987] kunit_try_run_case+0x170/0x3f0 [ 20.190028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.190073] kthread+0x328/0x630 [ 20.190110] ret_from_fork+0x10/0x20 [ 20.190641] [ 20.190669] The buggy address belongs to the object at fff00000c799a780 [ 20.190669] which belongs to the cache kmalloc-64 of size 64 [ 20.190731] The buggy address is located 0 bytes to the right of [ 20.190731] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.191394] [ 20.191423] The buggy address belongs to the physical page: [ 20.191460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.191652] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.191928] page_type: f5(slab) [ 20.192243] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.192299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.192345] page dumped because: kasan: bad access detected [ 20.192409] [ 20.192432] Memory state around the buggy address: [ 20.192467] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.192736] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.192976] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.193022] ^ [ 20.193060] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.193298] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.193341] ================================================================== [ 20.035213] ================================================================== [ 20.035706] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 20.036056] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.036210] [ 20.036279] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.036572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.036608] Hardware name: linux,dummy-virt (DT) [ 20.037027] Call trace: [ 20.037144] show_stack+0x20/0x38 (C) [ 20.037421] dump_stack_lvl+0x8c/0xd0 [ 20.037541] print_report+0x118/0x5d0 [ 20.037657] kasan_report+0xdc/0x128 [ 20.038099] kasan_check_range+0x100/0x1a8 [ 20.038391] __kasan_check_write+0x20/0x30 [ 20.038535] kasan_atomics_helper+0xff0/0x4858 [ 20.038591] kasan_atomics+0x198/0x2e0 [ 20.039199] kunit_try_run_case+0x170/0x3f0 [ 20.039411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.039632] kthread+0x328/0x630 [ 20.039728] ret_from_fork+0x10/0x20 [ 20.039863] [ 20.039886] Allocated by task 265: [ 20.039927] kasan_save_stack+0x3c/0x68 [ 20.040309] kasan_save_track+0x20/0x40 [ 20.040610] kasan_save_alloc_info+0x40/0x58 [ 20.041084] __kasan_kmalloc+0xd4/0xd8 [ 20.041269] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.041445] kasan_atomics+0xb8/0x2e0 [ 20.041507] kunit_try_run_case+0x170/0x3f0 [ 20.041555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.041599] kthread+0x328/0x630 [ 20.041643] ret_from_fork+0x10/0x20 [ 20.041685] [ 20.041726] The buggy address belongs to the object at fff00000c799a780 [ 20.041726] which belongs to the cache kmalloc-64 of size 64 [ 20.041796] The buggy address is located 0 bytes to the right of [ 20.041796] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.041898] [ 20.041938] The buggy address belongs to the physical page: [ 20.041981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.042054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.042108] page_type: f5(slab) [ 20.042176] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.042232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.042276] page dumped because: kasan: bad access detected [ 20.042311] [ 20.042342] Memory state around the buggy address: [ 20.042379] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.042423] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.042469] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.042510] ^ [ 20.042547] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042590] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042640] ================================================================== [ 20.165644] ================================================================== [ 20.165713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 20.165772] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.165823] [ 20.166605] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.166861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.167257] Hardware name: linux,dummy-virt (DT) [ 20.167444] Call trace: [ 20.167473] show_stack+0x20/0x38 (C) [ 20.167529] dump_stack_lvl+0x8c/0xd0 [ 20.167594] print_report+0x118/0x5d0 [ 20.167643] kasan_report+0xdc/0x128 [ 20.168072] kasan_check_range+0x100/0x1a8 [ 20.168129] __kasan_check_write+0x20/0x30 [ 20.168184] kasan_atomics_helper+0x1644/0x4858 [ 20.168235] kasan_atomics+0x198/0x2e0 [ 20.168451] kunit_try_run_case+0x170/0x3f0 [ 20.168512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.168577] kthread+0x328/0x630 [ 20.168871] ret_from_fork+0x10/0x20 [ 20.169509] [ 20.169535] Allocated by task 265: [ 20.169570] kasan_save_stack+0x3c/0x68 [ 20.169992] kasan_save_track+0x20/0x40 [ 20.170225] kasan_save_alloc_info+0x40/0x58 [ 20.170270] __kasan_kmalloc+0xd4/0xd8 [ 20.170725] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.170893] kasan_atomics+0xb8/0x2e0 [ 20.170933] kunit_try_run_case+0x170/0x3f0 [ 20.171328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.171388] kthread+0x328/0x630 [ 20.171676] ret_from_fork+0x10/0x20 [ 20.171729] [ 20.172090] The buggy address belongs to the object at fff00000c799a780 [ 20.172090] which belongs to the cache kmalloc-64 of size 64 [ 20.172184] The buggy address is located 0 bytes to the right of [ 20.172184] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.172252] [ 20.172566] The buggy address belongs to the physical page: [ 20.172628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.173135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.173229] page_type: f5(slab) [ 20.173578] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.173998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.174059] page dumped because: kasan: bad access detected [ 20.174095] [ 20.174117] Memory state around the buggy address: [ 20.174153] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.174198] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.174243] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.174283] ^ [ 20.174319] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.174363] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.174403] ================================================================== [ 20.133000] ================================================================== [ 20.133061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 20.133112] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.133252] [ 20.133425] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.133853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.133945] Hardware name: linux,dummy-virt (DT) [ 20.133977] Call trace: [ 20.134038] show_stack+0x20/0x38 (C) [ 20.134282] dump_stack_lvl+0x8c/0xd0 [ 20.134434] print_report+0x118/0x5d0 [ 20.134593] kasan_report+0xdc/0x128 [ 20.134694] kasan_check_range+0x100/0x1a8 [ 20.134772] __kasan_check_write+0x20/0x30 [ 20.134884] kasan_atomics_helper+0x1414/0x4858 [ 20.134934] kasan_atomics+0x198/0x2e0 [ 20.134981] kunit_try_run_case+0x170/0x3f0 [ 20.135032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.135086] kthread+0x328/0x630 [ 20.135128] ret_from_fork+0x10/0x20 [ 20.135178] [ 20.135199] Allocated by task 265: [ 20.135229] kasan_save_stack+0x3c/0x68 [ 20.135270] kasan_save_track+0x20/0x40 [ 20.135353] kasan_save_alloc_info+0x40/0x58 [ 20.135395] __kasan_kmalloc+0xd4/0xd8 [ 20.135434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.135474] kasan_atomics+0xb8/0x2e0 [ 20.135511] kunit_try_run_case+0x170/0x3f0 [ 20.135550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.135595] kthread+0x328/0x630 [ 20.135629] ret_from_fork+0x10/0x20 [ 20.135665] [ 20.135687] The buggy address belongs to the object at fff00000c799a780 [ 20.135687] which belongs to the cache kmalloc-64 of size 64 [ 20.135771] The buggy address is located 0 bytes to the right of [ 20.135771] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.135837] [ 20.135867] The buggy address belongs to the physical page: [ 20.135901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.135956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.136004] page_type: f5(slab) [ 20.136053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.136106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.136149] page dumped because: kasan: bad access detected [ 20.136183] [ 20.136203] Memory state around the buggy address: [ 20.136237] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.136293] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.136470] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.136512] ^ [ 20.136613] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.136668] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.136708] ================================================================== [ 20.007873] ================================================================== [ 20.007937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.008003] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.008054] [ 20.008092] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.008686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.008838] Hardware name: linux,dummy-virt (DT) [ 20.009011] Call trace: [ 20.009070] show_stack+0x20/0x38 (C) [ 20.009134] dump_stack_lvl+0x8c/0xd0 [ 20.009195] print_report+0x118/0x5d0 [ 20.009278] kasan_report+0xdc/0x128 [ 20.009329] kasan_check_range+0x100/0x1a8 [ 20.009379] __kasan_check_write+0x20/0x30 [ 20.009608] kasan_atomics_helper+0xeb8/0x4858 [ 20.009950] kasan_atomics+0x198/0x2e0 [ 20.010117] kunit_try_run_case+0x170/0x3f0 [ 20.010244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.010307] kthread+0x328/0x630 [ 20.010381] ret_from_fork+0x10/0x20 [ 20.010435] [ 20.010456] Allocated by task 265: [ 20.010497] kasan_save_stack+0x3c/0x68 [ 20.010543] kasan_save_track+0x20/0x40 [ 20.010583] kasan_save_alloc_info+0x40/0x58 [ 20.010625] __kasan_kmalloc+0xd4/0xd8 [ 20.010662] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.010704] kasan_atomics+0xb8/0x2e0 [ 20.010742] kunit_try_run_case+0x170/0x3f0 [ 20.010780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.010825] kthread+0x328/0x630 [ 20.011108] ret_from_fork+0x10/0x20 [ 20.011153] [ 20.011459] The buggy address belongs to the object at fff00000c799a780 [ 20.011459] which belongs to the cache kmalloc-64 of size 64 [ 20.012127] The buggy address is located 0 bytes to the right of [ 20.012127] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.012237] [ 20.012294] The buggy address belongs to the physical page: [ 20.012360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.012655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.012976] page_type: f5(slab) [ 20.013303] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.013763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.013973] page dumped because: kasan: bad access detected [ 20.014124] [ 20.014337] Memory state around the buggy address: [ 20.014733] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.014979] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.015031] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.015643] ^ [ 20.015701] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.016050] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.016268] ================================================================== [ 20.136967] ================================================================== [ 20.137020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 20.137070] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.137119] [ 20.137150] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.137232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.137259] Hardware name: linux,dummy-virt (DT) [ 20.137291] Call trace: [ 20.137315] show_stack+0x20/0x38 (C) [ 20.137436] dump_stack_lvl+0x8c/0xd0 [ 20.137552] print_report+0x118/0x5d0 [ 20.137646] kasan_report+0xdc/0x128 [ 20.138007] kasan_check_range+0x100/0x1a8 [ 20.138061] __kasan_check_write+0x20/0x30 [ 20.138106] kasan_atomics_helper+0x147c/0x4858 [ 20.138155] kasan_atomics+0x198/0x2e0 [ 20.138201] kunit_try_run_case+0x170/0x3f0 [ 20.138249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.138302] kthread+0x328/0x630 [ 20.138345] ret_from_fork+0x10/0x20 [ 20.138391] [ 20.138413] Allocated by task 265: [ 20.138441] kasan_save_stack+0x3c/0x68 [ 20.138483] kasan_save_track+0x20/0x40 [ 20.138521] kasan_save_alloc_info+0x40/0x58 [ 20.138563] __kasan_kmalloc+0xd4/0xd8 [ 20.138600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.138650] kasan_atomics+0xb8/0x2e0 [ 20.138832] kunit_try_run_case+0x170/0x3f0 [ 20.139543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.139609] kthread+0x328/0x630 [ 20.139778] ret_from_fork+0x10/0x20 [ 20.139852] [ 20.139874] The buggy address belongs to the object at fff00000c799a780 [ 20.139874] which belongs to the cache kmalloc-64 of size 64 [ 20.140033] The buggy address is located 0 bytes to the right of [ 20.140033] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.140098] [ 20.140129] The buggy address belongs to the physical page: [ 20.140275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.140328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.140376] page_type: f5(slab) [ 20.140414] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.140466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.140509] page dumped because: kasan: bad access detected [ 20.140541] [ 20.140561] Memory state around the buggy address: [ 20.140594] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.140638] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.140682] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.140721] ^ [ 20.140756] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.140798] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.140838] ================================================================== [ 19.955397] ================================================================== [ 19.955569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.955863] Read of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.956053] [ 19.956224] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.956312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.956342] Hardware name: linux,dummy-virt (DT) [ 19.956617] Call trace: [ 19.956659] show_stack+0x20/0x38 (C) [ 19.956714] dump_stack_lvl+0x8c/0xd0 [ 19.956942] print_report+0x118/0x5d0 [ 19.957038] kasan_report+0xdc/0x128 [ 19.957200] __asan_report_load4_noabort+0x20/0x30 [ 19.957289] kasan_atomics_helper+0x3e04/0x4858 [ 19.957412] kasan_atomics+0x198/0x2e0 [ 19.957460] kunit_try_run_case+0x170/0x3f0 [ 19.957700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.957954] kthread+0x328/0x630 [ 19.958208] ret_from_fork+0x10/0x20 [ 19.958326] [ 19.958435] Allocated by task 265: [ 19.958851] kasan_save_stack+0x3c/0x68 [ 19.958963] kasan_save_track+0x20/0x40 [ 19.959072] kasan_save_alloc_info+0x40/0x58 [ 19.959217] __kasan_kmalloc+0xd4/0xd8 [ 19.959255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.959329] kasan_atomics+0xb8/0x2e0 [ 19.959579] kunit_try_run_case+0x170/0x3f0 [ 19.959885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.960056] kthread+0x328/0x630 [ 19.960133] ret_from_fork+0x10/0x20 [ 19.960181] [ 19.960203] The buggy address belongs to the object at fff00000c799a780 [ 19.960203] which belongs to the cache kmalloc-64 of size 64 [ 19.960268] The buggy address is located 0 bytes to the right of [ 19.960268] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.960482] [ 19.960827] The buggy address belongs to the physical page: [ 19.960926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.961129] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.961213] page_type: f5(slab) [ 19.961594] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.961861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.962117] page dumped because: kasan: bad access detected [ 19.962183] [ 19.962313] Memory state around the buggy address: [ 19.962395] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.962481] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.962608] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.962854] ^ [ 19.963116] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.963256] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.963391] ================================================================== [ 19.964162] ================================================================== [ 19.964583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.965406] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.965750] [ 19.965811] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.965911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.965939] Hardware name: linux,dummy-virt (DT) [ 19.965973] Call trace: [ 19.965999] show_stack+0x20/0x38 (C) [ 19.966055] dump_stack_lvl+0x8c/0xd0 [ 19.966362] print_report+0x118/0x5d0 [ 19.966439] kasan_report+0xdc/0x128 [ 19.966838] kasan_check_range+0x100/0x1a8 [ 19.966902] __kasan_check_read+0x20/0x30 [ 19.967396] kasan_atomics_helper+0xdd4/0x4858 [ 19.967798] kasan_atomics+0x198/0x2e0 [ 19.968025] kunit_try_run_case+0x170/0x3f0 [ 19.968201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.968400] kthread+0x328/0x630 [ 19.968486] ret_from_fork+0x10/0x20 [ 19.968680] [ 19.968778] Allocated by task 265: [ 19.968969] kasan_save_stack+0x3c/0x68 [ 19.969116] kasan_save_track+0x20/0x40 [ 19.969189] kasan_save_alloc_info+0x40/0x58 [ 19.969376] __kasan_kmalloc+0xd4/0xd8 [ 19.969425] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.969598] kasan_atomics+0xb8/0x2e0 [ 19.969647] kunit_try_run_case+0x170/0x3f0 [ 19.969689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.969736] kthread+0x328/0x630 [ 19.969771] ret_from_fork+0x10/0x20 [ 19.969812] [ 19.969837] The buggy address belongs to the object at fff00000c799a780 [ 19.969837] which belongs to the cache kmalloc-64 of size 64 [ 19.970624] The buggy address is located 0 bytes to the right of [ 19.970624] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.970907] [ 19.971135] The buggy address belongs to the physical page: [ 19.971416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.971516] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.971822] page_type: f5(slab) [ 19.972103] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.972194] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.972656] page dumped because: kasan: bad access detected [ 19.972829] [ 19.972901] Memory state around the buggy address: [ 19.973168] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.973446] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.973667] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.974029] ^ [ 19.974146] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974233] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974309] ================================================================== [ 20.202654] ================================================================== [ 20.202727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 20.202788] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.203454] [ 20.203512] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.203608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.203638] Hardware name: linux,dummy-virt (DT) [ 20.203696] Call trace: [ 20.203724] show_stack+0x20/0x38 (C) [ 20.203787] dump_stack_lvl+0x8c/0xd0 [ 20.203839] print_report+0x118/0x5d0 [ 20.204409] kasan_report+0xdc/0x128 [ 20.204481] kasan_check_range+0x100/0x1a8 [ 20.204533] __kasan_check_write+0x20/0x30 [ 20.205115] kasan_atomics_helper+0x175c/0x4858 [ 20.205430] kasan_atomics+0x198/0x2e0 [ 20.205493] kunit_try_run_case+0x170/0x3f0 [ 20.205551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.205606] kthread+0x328/0x630 [ 20.206207] ret_from_fork+0x10/0x20 [ 20.206373] [ 20.206397] Allocated by task 265: [ 20.206951] kasan_save_stack+0x3c/0x68 [ 20.207018] kasan_save_track+0x20/0x40 [ 20.207416] kasan_save_alloc_info+0x40/0x58 [ 20.207464] __kasan_kmalloc+0xd4/0xd8 [ 20.207503] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.207696] kasan_atomics+0xb8/0x2e0 [ 20.207776] kunit_try_run_case+0x170/0x3f0 [ 20.208087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.208398] kthread+0x328/0x630 [ 20.208625] ret_from_fork+0x10/0x20 [ 20.208796] [ 20.208950] The buggy address belongs to the object at fff00000c799a780 [ 20.208950] which belongs to the cache kmalloc-64 of size 64 [ 20.209351] The buggy address is located 0 bytes to the right of [ 20.209351] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.209662] [ 20.209694] The buggy address belongs to the physical page: [ 20.209732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.210398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.210646] page_type: f5(slab) [ 20.210803] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.210899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.211064] page dumped because: kasan: bad access detected [ 20.211356] [ 20.211386] Memory state around the buggy address: [ 20.211427] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.211474] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.211520] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.211732] ^ [ 20.211821] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.212007] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.212055] ================================================================== [ 19.880427] ================================================================== [ 19.880541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 19.880799] Read of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.880871] [ 19.881065] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.881163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.881191] Hardware name: linux,dummy-virt (DT) [ 19.881235] Call trace: [ 19.881412] show_stack+0x20/0x38 (C) [ 19.881491] dump_stack_lvl+0x8c/0xd0 [ 19.881545] print_report+0x118/0x5d0 [ 19.882005] kasan_report+0xdc/0x128 [ 19.882165] __asan_report_load4_noabort+0x20/0x30 [ 19.883091] Allocated by task 265: [ 19.883227] kasan_save_stack+0x3c/0x68 [ 19.884247] kunit_try_run_case+0x170/0x3f0 [ 19.885545] The buggy address is located 0 bytes to the right of [ 19.885545] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.886422] page_type: f5(slab) [ 19.886868] page dumped because: kasan: bad access detected [ 19.887613] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.889945] ================================================================== [ 19.838325] ================================================================== [ 19.838387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.838442] Write of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.839043] [ 19.839232] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.839632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.839898] Hardware name: linux,dummy-virt (DT) [ 19.840059] Call trace: [ 19.840192] show_stack+0x20/0x38 (C) [ 19.840313] dump_stack_lvl+0x8c/0xd0 [ 19.840407] print_report+0x118/0x5d0 [ 19.840483] kasan_report+0xdc/0x128 [ 19.840675] kasan_check_range+0x100/0x1a8 [ 19.841328] kasan_atomics+0x198/0x2e0 [ 19.841551] kunit_try_run_case+0x170/0x3f0 [ 19.841651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.841918] kthread+0x328/0x630 [ 19.842253] [ 19.842961] kasan_save_alloc_info+0x40/0x58 [ 19.843483] kunit_try_run_case+0x170/0x3f0 [ 19.844008] ret_from_fork+0x10/0x20 [ 19.844248] The buggy address is located 0 bytes to the right of [ 19.844248] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.845761] [ 19.846585] ^ [ 19.847151] ================================================================== [ 20.213365] ================================================================== [ 20.213483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 20.213627] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.214015] [ 20.214192] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.214280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.214778] Hardware name: linux,dummy-virt (DT) [ 20.214917] Call trace: [ 20.214945] show_stack+0x20/0x38 (C) [ 20.215016] dump_stack_lvl+0x8c/0xd0 [ 20.215207] print_report+0x118/0x5d0 [ 20.215257] kasan_report+0xdc/0x128 [ 20.215837] __asan_report_load8_noabort+0x20/0x30 [ 20.216018] kasan_atomics_helper+0x3e20/0x4858 [ 20.216069] kasan_atomics+0x198/0x2e0 [ 20.216118] kunit_try_run_case+0x170/0x3f0 [ 20.216168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216224] kthread+0x328/0x630 [ 20.216386] ret_from_fork+0x10/0x20 [ 20.216466] [ 20.216558] Allocated by task 265: [ 20.216644] kasan_save_stack+0x3c/0x68 [ 20.216718] kasan_save_track+0x20/0x40 [ 20.216757] kasan_save_alloc_info+0x40/0x58 [ 20.217303] __kasan_kmalloc+0xd4/0xd8 [ 20.217657] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.218027] kasan_atomics+0xb8/0x2e0 [ 20.218141] kunit_try_run_case+0x170/0x3f0 [ 20.218331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.218601] kthread+0x328/0x630 [ 20.218928] ret_from_fork+0x10/0x20 [ 20.219392] [ 20.219469] The buggy address belongs to the object at fff00000c799a780 [ 20.219469] which belongs to the cache kmalloc-64 of size 64 [ 20.219822] The buggy address is located 0 bytes to the right of [ 20.219822] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.220174] [ 20.220290] The buggy address belongs to the physical page: [ 20.220327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.220506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.220781] page_type: f5(slab) [ 20.220839] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.221015] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.221347] page dumped because: kasan: bad access detected [ 20.221458] [ 20.221619] Memory state around the buggy address: [ 20.221873] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.221950] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.222346] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.222570] ^ [ 20.222858] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.222923] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.223085] ================================================================== [ 19.752307] ================================================================== [ 19.754717] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 19.754923] [ 19.755347] Hardware name: linux,dummy-virt (DT) [ 19.756444] kasan_atomics_helper+0x5b4/0x4858 [ 19.756597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.759406] [ 19.759505] The buggy address belongs to the physical page: [ 19.760290] page_type: f5(slab) [ 19.761249] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.761418] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.761944] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.764077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 19.764645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.766216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.767869] __kasan_kmalloc+0xd4/0xd8 [ 19.769308] [ 19.769453] The buggy address belongs to the physical page: [ 19.769821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.770099] page_type: f5(slab) [ 19.770494] page dumped because: kasan: bad access detected [ 19.771103] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.773399] ================================================================== [ 19.937659] ================================================================== [ 19.937872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.937943] Read of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.938303] [ 19.938552] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.938995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.939077] Hardware name: linux,dummy-virt (DT) [ 19.939188] Call trace: [ 19.939217] show_stack+0x20/0x38 (C) [ 19.939281] dump_stack_lvl+0x8c/0xd0 [ 19.939585] print_report+0x118/0x5d0 [ 19.939783] kasan_report+0xdc/0x128 [ 19.939906] __asan_report_load4_noabort+0x20/0x30 [ 19.940290] kasan_atomics_helper+0x3dd8/0x4858 [ 19.940437] kasan_atomics+0x198/0x2e0 [ 19.940560] kunit_try_run_case+0x170/0x3f0 [ 19.940634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.941138] kthread+0x328/0x630 [ 19.941565] ret_from_fork+0x10/0x20 [ 19.941718] [ 19.941871] Allocated by task 265: [ 19.942104] kasan_save_stack+0x3c/0x68 [ 19.942386] kasan_save_track+0x20/0x40 [ 19.942719] kasan_save_alloc_info+0x40/0x58 [ 19.942865] __kasan_kmalloc+0xd4/0xd8 [ 19.943256] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.943543] kasan_atomics+0xb8/0x2e0 [ 19.943593] kunit_try_run_case+0x170/0x3f0 [ 19.943876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.944038] kthread+0x328/0x630 [ 19.944196] ret_from_fork+0x10/0x20 [ 19.944241] [ 19.944322] The buggy address belongs to the object at fff00000c799a780 [ 19.944322] which belongs to the cache kmalloc-64 of size 64 [ 19.944697] The buggy address is located 0 bytes to the right of [ 19.944697] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.944934] [ 19.944971] The buggy address belongs to the physical page: [ 19.945212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.945279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.945576] page_type: f5(slab) [ 19.945982] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.946257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.946448] page dumped because: kasan: bad access detected [ 19.946676] [ 19.946764] Memory state around the buggy address: [ 19.946891] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.946939] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.947317] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.947380] ^ [ 19.947431] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.947539] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.947581] ================================================================== [ 20.155112] ================================================================== [ 20.155188] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 20.155251] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.155625] [ 20.155860] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.156307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.156454] Hardware name: linux,dummy-virt (DT) [ 20.156490] Call trace: [ 20.156834] show_stack+0x20/0x38 (C) [ 20.157253] dump_stack_lvl+0x8c/0xd0 [ 20.157669] print_report+0x118/0x5d0 [ 20.157787] kasan_report+0xdc/0x128 [ 20.157835] __asan_report_load8_noabort+0x20/0x30 [ 20.158018] kasan_atomics_helper+0x3db0/0x4858 [ 20.158070] kasan_atomics+0x198/0x2e0 [ 20.158125] kunit_try_run_case+0x170/0x3f0 [ 20.158176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.158231] kthread+0x328/0x630 [ 20.158275] ret_from_fork+0x10/0x20 [ 20.158328] [ 20.159088] Allocated by task 265: [ 20.159634] kasan_save_stack+0x3c/0x68 [ 20.159859] kasan_save_track+0x20/0x40 [ 20.159902] kasan_save_alloc_info+0x40/0x58 [ 20.159943] __kasan_kmalloc+0xd4/0xd8 [ 20.160252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.160550] kasan_atomics+0xb8/0x2e0 [ 20.161201] kunit_try_run_case+0x170/0x3f0 [ 20.161695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.161948] kthread+0x328/0x630 [ 20.161985] ret_from_fork+0x10/0x20 [ 20.162234] [ 20.162287] The buggy address belongs to the object at fff00000c799a780 [ 20.162287] which belongs to the cache kmalloc-64 of size 64 [ 20.162353] The buggy address is located 0 bytes to the right of [ 20.162353] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.162420] [ 20.162444] The buggy address belongs to the physical page: [ 20.162480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.163014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.163086] page_type: f5(slab) [ 20.163132] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.163354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.163402] page dumped because: kasan: bad access detected [ 20.163578] [ 20.163615] Memory state around the buggy address: [ 20.163653] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.163700] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.164081] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.164131] ^ [ 20.164407] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.164487] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.164657] ================================================================== [ 20.223986] ================================================================== [ 20.224049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 20.224106] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.224158] [ 20.224198] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.224280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.224310] Hardware name: linux,dummy-virt (DT) [ 20.224344] Call trace: [ 20.225042] show_stack+0x20/0x38 (C) [ 20.225127] dump_stack_lvl+0x8c/0xd0 [ 20.225193] print_report+0x118/0x5d0 [ 20.225622] kasan_report+0xdc/0x128 [ 20.225807] kasan_check_range+0x100/0x1a8 [ 20.226114] __kasan_check_write+0x20/0x30 [ 20.226278] kasan_atomics_helper+0x17ec/0x4858 [ 20.226332] kasan_atomics+0x198/0x2e0 [ 20.226379] kunit_try_run_case+0x170/0x3f0 [ 20.226900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.226984] kthread+0x328/0x630 [ 20.227031] ret_from_fork+0x10/0x20 [ 20.227082] [ 20.227104] Allocated by task 265: [ 20.227136] kasan_save_stack+0x3c/0x68 [ 20.227894] kasan_save_track+0x20/0x40 [ 20.228134] kasan_save_alloc_info+0x40/0x58 [ 20.228192] __kasan_kmalloc+0xd4/0xd8 [ 20.228269] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.228322] kasan_atomics+0xb8/0x2e0 [ 20.228541] kunit_try_run_case+0x170/0x3f0 [ 20.228887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.229095] kthread+0x328/0x630 [ 20.229132] ret_from_fork+0x10/0x20 [ 20.229170] [ 20.229195] The buggy address belongs to the object at fff00000c799a780 [ 20.229195] which belongs to the cache kmalloc-64 of size 64 [ 20.229954] The buggy address is located 0 bytes to the right of [ 20.229954] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.230309] [ 20.230494] The buggy address belongs to the physical page: [ 20.230536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.231059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.231301] page_type: f5(slab) [ 20.231520] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.232068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.232334] page dumped because: kasan: bad access detected [ 20.232384] [ 20.232406] Memory state around the buggy address: [ 20.232865] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.232917] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.233199] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.233244] ^ [ 20.233281] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.233788] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.234333] ================================================================== [ 20.055687] ================================================================== [ 20.055984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 20.056056] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.056108] [ 20.056151] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.056893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.057030] Hardware name: linux,dummy-virt (DT) [ 20.057079] Call trace: [ 20.057237] show_stack+0x20/0x38 (C) [ 20.057412] dump_stack_lvl+0x8c/0xd0 [ 20.057585] print_report+0x118/0x5d0 [ 20.057839] kasan_report+0xdc/0x128 [ 20.058157] kasan_check_range+0x100/0x1a8 [ 20.058411] __kasan_check_write+0x20/0x30 [ 20.058518] kasan_atomics_helper+0x10c0/0x4858 [ 20.058666] kasan_atomics+0x198/0x2e0 [ 20.058717] kunit_try_run_case+0x170/0x3f0 [ 20.059114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.059680] kthread+0x328/0x630 [ 20.059878] ret_from_fork+0x10/0x20 [ 20.060005] [ 20.060028] Allocated by task 265: [ 20.060061] kasan_save_stack+0x3c/0x68 [ 20.060107] kasan_save_track+0x20/0x40 [ 20.060153] kasan_save_alloc_info+0x40/0x58 [ 20.060433] __kasan_kmalloc+0xd4/0xd8 [ 20.060870] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.061139] kasan_atomics+0xb8/0x2e0 [ 20.061235] kunit_try_run_case+0x170/0x3f0 [ 20.061411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.061567] kthread+0x328/0x630 [ 20.061607] ret_from_fork+0x10/0x20 [ 20.061684] [ 20.061940] The buggy address belongs to the object at fff00000c799a780 [ 20.061940] which belongs to the cache kmalloc-64 of size 64 [ 20.062140] The buggy address is located 0 bytes to the right of [ 20.062140] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.062377] [ 20.062709] The buggy address belongs to the physical page: [ 20.062771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.063075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.063223] page_type: f5(slab) [ 20.063291] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.063346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.063391] page dumped because: kasan: bad access detected [ 20.063425] [ 20.063455] Memory state around the buggy address: [ 20.063499] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.063545] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.063591] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.063633] ^ [ 20.063671] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.063714] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.063763] ================================================================== [ 19.995171] ================================================================== [ 19.995239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.995302] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.995354] [ 19.995389] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.995754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.996492] Hardware name: linux,dummy-virt (DT) [ 19.996714] Call trace: [ 19.996782] show_stack+0x20/0x38 (C) [ 19.996921] dump_stack_lvl+0x8c/0xd0 [ 19.996977] print_report+0x118/0x5d0 [ 19.997265] kasan_report+0xdc/0x128 [ 19.997437] __asan_report_store8_noabort+0x20/0x30 [ 19.997959] kasan_atomics_helper+0x3e5c/0x4858 [ 19.998075] kasan_atomics+0x198/0x2e0 [ 19.998210] kunit_try_run_case+0x170/0x3f0 [ 19.998322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.998543] kthread+0x328/0x630 [ 19.998807] ret_from_fork+0x10/0x20 [ 19.999200] [ 19.999238] Allocated by task 265: [ 19.999400] kasan_save_stack+0x3c/0x68 [ 19.999922] kasan_save_track+0x20/0x40 [ 19.999993] kasan_save_alloc_info+0x40/0x58 [ 20.000598] __kasan_kmalloc+0xd4/0xd8 [ 20.000664] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.000984] kasan_atomics+0xb8/0x2e0 [ 20.001054] kunit_try_run_case+0x170/0x3f0 [ 20.001116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.001192] kthread+0x328/0x630 [ 20.001451] ret_from_fork+0x10/0x20 [ 20.001600] [ 20.001684] The buggy address belongs to the object at fff00000c799a780 [ 20.001684] which belongs to the cache kmalloc-64 of size 64 [ 20.001933] The buggy address is located 0 bytes to the right of [ 20.001933] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.002237] [ 20.002384] The buggy address belongs to the physical page: [ 20.002632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.003042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.003467] page_type: f5(slab) [ 20.003522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.003879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.004305] page dumped because: kasan: bad access detected [ 20.004362] [ 20.004383] Memory state around the buggy address: [ 20.004560] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.005143] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.005490] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.005765] ^ [ 20.006084] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.006326] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.006392] ================================================================== [ 20.087164] ================================================================== [ 20.087226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.087280] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.087667] [ 20.088046] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.088195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.088226] Hardware name: linux,dummy-virt (DT) [ 20.088393] Call trace: [ 20.088611] show_stack+0x20/0x38 (C) [ 20.088934] dump_stack_lvl+0x8c/0xd0 [ 20.089123] print_report+0x118/0x5d0 [ 20.089240] kasan_report+0xdc/0x128 [ 20.089361] kasan_check_range+0x100/0x1a8 [ 20.089624] __kasan_check_write+0x20/0x30 [ 20.090271] kasan_atomics_helper+0x11f8/0x4858 [ 20.090434] kasan_atomics+0x198/0x2e0 [ 20.090580] kunit_try_run_case+0x170/0x3f0 [ 20.090663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.091204] kthread+0x328/0x630 [ 20.091504] ret_from_fork+0x10/0x20 [ 20.091648] [ 20.091727] Allocated by task 265: [ 20.091803] kasan_save_stack+0x3c/0x68 [ 20.091978] kasan_save_track+0x20/0x40 [ 20.092034] kasan_save_alloc_info+0x40/0x58 [ 20.092257] __kasan_kmalloc+0xd4/0xd8 [ 20.092413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.092538] kasan_atomics+0xb8/0x2e0 [ 20.092780] kunit_try_run_case+0x170/0x3f0 [ 20.092999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.093115] kthread+0x328/0x630 [ 20.093221] ret_from_fork+0x10/0x20 [ 20.093290] [ 20.093472] The buggy address belongs to the object at fff00000c799a780 [ 20.093472] which belongs to the cache kmalloc-64 of size 64 [ 20.093607] The buggy address is located 0 bytes to the right of [ 20.093607] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.093812] [ 20.094031] The buggy address belongs to the physical page: [ 20.094189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.094389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.094648] page_type: f5(slab) [ 20.094979] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.095275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.095363] page dumped because: kasan: bad access detected [ 20.095674] [ 20.095762] Memory state around the buggy address: [ 20.095994] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.096079] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.096334] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.096443] ^ [ 20.096919] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097001] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097200] ================================================================== [ 20.148813] ================================================================== [ 20.148923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 20.148976] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.149026] [ 20.149060] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.149142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.149169] Hardware name: linux,dummy-virt (DT) [ 20.149201] Call trace: [ 20.149224] show_stack+0x20/0x38 (C) [ 20.149273] dump_stack_lvl+0x8c/0xd0 [ 20.149332] print_report+0x118/0x5d0 [ 20.149381] kasan_report+0xdc/0x128 [ 20.149426] kasan_check_range+0x100/0x1a8 [ 20.149482] __kasan_check_write+0x20/0x30 [ 20.149529] kasan_atomics_helper+0x15b4/0x4858 [ 20.149577] kasan_atomics+0x198/0x2e0 [ 20.149707] kunit_try_run_case+0x170/0x3f0 [ 20.149758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.149811] kthread+0x328/0x630 [ 20.149864] ret_from_fork+0x10/0x20 [ 20.149913] [ 20.149934] Allocated by task 265: [ 20.149971] kasan_save_stack+0x3c/0x68 [ 20.150014] kasan_save_track+0x20/0x40 [ 20.150052] kasan_save_alloc_info+0x40/0x58 [ 20.150094] __kasan_kmalloc+0xd4/0xd8 [ 20.150131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.150172] kasan_atomics+0xb8/0x2e0 [ 20.150239] kunit_try_run_case+0x170/0x3f0 [ 20.150444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.150670] kthread+0x328/0x630 [ 20.150920] ret_from_fork+0x10/0x20 [ 20.151136] [ 20.151240] The buggy address belongs to the object at fff00000c799a780 [ 20.151240] which belongs to the cache kmalloc-64 of size 64 [ 20.151570] The buggy address is located 0 bytes to the right of [ 20.151570] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.151641] [ 20.151708] The buggy address belongs to the physical page: [ 20.151802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.151913] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.152067] page_type: f5(slab) [ 20.152108] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.152676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.152735] page dumped because: kasan: bad access detected [ 20.152771] [ 20.152791] Memory state around the buggy address: [ 20.152828] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.153169] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.153216] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.153329] ^ [ 20.153368] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.153595] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.153636] ================================================================== [ 20.107624] ================================================================== [ 20.108022] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 20.108111] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.108164] [ 20.108307] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.108404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.108516] Hardware name: linux,dummy-virt (DT) [ 20.108553] Call trace: [ 20.108589] show_stack+0x20/0x38 (C) [ 20.108643] dump_stack_lvl+0x8c/0xd0 [ 20.109162] print_report+0x118/0x5d0 [ 20.109293] kasan_report+0xdc/0x128 [ 20.109582] kasan_check_range+0x100/0x1a8 [ 20.109710] __kasan_check_write+0x20/0x30 [ 20.109773] kasan_atomics_helper+0x12d8/0x4858 [ 20.110156] kasan_atomics+0x198/0x2e0 [ 20.110339] kunit_try_run_case+0x170/0x3f0 [ 20.110570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.110919] kthread+0x328/0x630 [ 20.110989] ret_from_fork+0x10/0x20 [ 20.111043] [ 20.111226] Allocated by task 265: [ 20.111277] kasan_save_stack+0x3c/0x68 [ 20.111746] kasan_save_track+0x20/0x40 [ 20.111972] kasan_save_alloc_info+0x40/0x58 [ 20.112174] __kasan_kmalloc+0xd4/0xd8 [ 20.112393] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.112496] kasan_atomics+0xb8/0x2e0 [ 20.112596] kunit_try_run_case+0x170/0x3f0 [ 20.112637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.112685] kthread+0x328/0x630 [ 20.112727] ret_from_fork+0x10/0x20 [ 20.112937] [ 20.113082] The buggy address belongs to the object at fff00000c799a780 [ 20.113082] which belongs to the cache kmalloc-64 of size 64 [ 20.113335] The buggy address is located 0 bytes to the right of [ 20.113335] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.113596] [ 20.113626] The buggy address belongs to the physical page: [ 20.113939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.114473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.114726] page_type: f5(slab) [ 20.114998] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.115283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.115542] page dumped because: kasan: bad access detected [ 20.115714] [ 20.115787] Memory state around the buggy address: [ 20.115916] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.116163] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.116421] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.116668] ^ [ 20.116806] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.117065] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.117113] ================================================================== [ 19.869982] ================================================================== [ 19.870357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.870748] Write of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.870823] [ 19.871115] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.871346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.871383] Hardware name: linux,dummy-virt (DT) [ 19.871417] Call trace: [ 19.871748] show_stack+0x20/0x38 (C) [ 19.871885] dump_stack_lvl+0x8c/0xd0 [ 19.871972] print_report+0x118/0x5d0 [ 19.872196] kasan_report+0xdc/0x128 [ 19.872397] kasan_check_range+0x100/0x1a8 [ 19.872458] __kasan_check_write+0x20/0x30 [ 19.872710] kasan_atomics_helper+0xad4/0x4858 [ 19.873162] kasan_atomics+0x198/0x2e0 [ 19.873358] kunit_try_run_case+0x170/0x3f0 [ 19.873419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.873683] kthread+0x328/0x630 [ 19.873797] ret_from_fork+0x10/0x20 [ 19.873993] [ 19.874145] Allocated by task 265: [ 19.874230] kasan_save_stack+0x3c/0x68 [ 19.874284] kasan_save_track+0x20/0x40 [ 19.874480] kasan_save_alloc_info+0x40/0x58 [ 19.874531] __kasan_kmalloc+0xd4/0xd8 [ 19.874581] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.874634] kasan_atomics+0xb8/0x2e0 [ 19.874673] kunit_try_run_case+0x170/0x3f0 [ 19.874724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.874770] kthread+0x328/0x630 [ 19.874814] ret_from_fork+0x10/0x20 [ 19.874874] [ 19.874906] The buggy address belongs to the object at fff00000c799a780 [ 19.874906] which belongs to the cache kmalloc-64 of size 64 [ 19.874979] The buggy address is located 0 bytes to the right of [ 19.874979] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.875045] [ 19.875079] The buggy address belongs to the physical page: [ 19.875124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.875195] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.875248] page_type: f5(slab) [ 19.875300] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.875382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.875863] page dumped because: kasan: bad access detected [ 19.876157] [ 19.876231] Memory state around the buggy address: [ 19.876305] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.876552] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.876956] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.877287] ^ [ 19.877575] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.877720] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.878145] ================================================================== [ 19.859496] ================================================================== [ 19.859824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.860047] Write of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.860345] [ 19.860410] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.860603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.860673] Hardware name: linux,dummy-virt (DT) [ 19.860943] Call trace: [ 19.860991] show_stack+0x20/0x38 (C) [ 19.861312] dump_stack_lvl+0x8c/0xd0 [ 19.861425] print_report+0x118/0x5d0 [ 19.861520] kasan_report+0xdc/0x128 [ 19.861679] kasan_check_range+0x100/0x1a8 [ 19.861765] __kasan_check_write+0x20/0x30 [ 19.862146] kasan_atomics_helper+0xa6c/0x4858 [ 19.862332] kasan_atomics+0x198/0x2e0 [ 19.862441] kunit_try_run_case+0x170/0x3f0 [ 19.862699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.862955] kthread+0x328/0x630 [ 19.863205] ret_from_fork+0x10/0x20 [ 19.863494] [ 19.863573] Allocated by task 265: [ 19.863704] kasan_save_stack+0x3c/0x68 [ 19.863802] kasan_save_track+0x20/0x40 [ 19.863901] kasan_save_alloc_info+0x40/0x58 [ 19.864152] __kasan_kmalloc+0xd4/0xd8 [ 19.864202] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.864332] kasan_atomics+0xb8/0x2e0 [ 19.864629] kunit_try_run_case+0x170/0x3f0 [ 19.864686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.864880] kthread+0x328/0x630 [ 19.864952] ret_from_fork+0x10/0x20 [ 19.865077] [ 19.865103] The buggy address belongs to the object at fff00000c799a780 [ 19.865103] which belongs to the cache kmalloc-64 of size 64 [ 19.865332] The buggy address is located 0 bytes to the right of [ 19.865332] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.865552] [ 19.865655] The buggy address belongs to the physical page: [ 19.865736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.865944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.866001] page_type: f5(slab) [ 19.866205] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.866946] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.867029] page dumped because: kasan: bad access detected [ 19.867311] [ 19.867381] Memory state around the buggy address: [ 19.867422] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.867483] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.867536] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.867603] ^ [ 19.867665] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.867729] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.868213] ================================================================== [ 19.977001] ================================================================== [ 19.977069] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.977134] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.977187] [ 19.977228] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.977515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.977568] Hardware name: linux,dummy-virt (DT) [ 19.977604] Call trace: [ 19.977629] show_stack+0x20/0x38 (C) [ 19.977688] dump_stack_lvl+0x8c/0xd0 [ 19.977739] print_report+0x118/0x5d0 [ 19.977789] kasan_report+0xdc/0x128 [ 19.977836] __asan_report_load8_noabort+0x20/0x30 [ 19.979201] kasan_atomics_helper+0x3f58/0x4858 [ 19.979317] kasan_atomics+0x198/0x2e0 [ 19.979398] kunit_try_run_case+0x170/0x3f0 [ 19.979542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.979604] kthread+0x328/0x630 [ 19.979650] ret_from_fork+0x10/0x20 [ 19.979703] [ 19.979724] Allocated by task 265: [ 19.979757] kasan_save_stack+0x3c/0x68 [ 19.980240] kasan_save_track+0x20/0x40 [ 19.980895] kasan_save_alloc_info+0x40/0x58 [ 19.981290] __kasan_kmalloc+0xd4/0xd8 [ 19.981359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.981572] kasan_atomics+0xb8/0x2e0 [ 19.981641] kunit_try_run_case+0x170/0x3f0 [ 19.981996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.982717] kthread+0x328/0x630 [ 19.982801] ret_from_fork+0x10/0x20 [ 19.983275] [ 19.983370] The buggy address belongs to the object at fff00000c799a780 [ 19.983370] which belongs to the cache kmalloc-64 of size 64 [ 19.983523] The buggy address is located 0 bytes to the right of [ 19.983523] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.983833] [ 19.983923] The buggy address belongs to the physical page: [ 19.984044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.984194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.984310] page_type: f5(slab) [ 19.984383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.984737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.984868] page dumped because: kasan: bad access detected [ 19.984986] [ 19.985056] Memory state around the buggy address: [ 19.985333] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.985584] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.985711] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.985866] ^ [ 19.986135] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.986225] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.986481] ================================================================== [ 20.125994] ================================================================== [ 20.126251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 20.126319] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.126370] [ 20.126627] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.127034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.127183] Hardware name: linux,dummy-virt (DT) [ 20.127228] Call trace: [ 20.127253] show_stack+0x20/0x38 (C) [ 20.127747] dump_stack_lvl+0x8c/0xd0 [ 20.127912] print_report+0x118/0x5d0 [ 20.128076] kasan_report+0xdc/0x128 [ 20.128151] __asan_report_load8_noabort+0x20/0x30 [ 20.128827] kasan_atomics_helper+0x3f04/0x4858 [ 20.128948] kasan_atomics+0x198/0x2e0 [ 20.129124] kunit_try_run_case+0x170/0x3f0 [ 20.129241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.129445] kthread+0x328/0x630 [ 20.129504] ret_from_fork+0x10/0x20 [ 20.129873] [ 20.130262] Allocated by task 265: [ 20.130368] kasan_save_stack+0x3c/0x68 [ 20.130475] kasan_save_track+0x20/0x40 [ 20.130607] kasan_save_alloc_info+0x40/0x58 [ 20.130702] __kasan_kmalloc+0xd4/0xd8 [ 20.130743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.130859] kasan_atomics+0xb8/0x2e0 [ 20.130923] kunit_try_run_case+0x170/0x3f0 [ 20.130965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.131011] kthread+0x328/0x630 [ 20.131045] ret_from_fork+0x10/0x20 [ 20.131082] [ 20.131105] The buggy address belongs to the object at fff00000c799a780 [ 20.131105] which belongs to the cache kmalloc-64 of size 64 [ 20.131166] The buggy address is located 0 bytes to the right of [ 20.131166] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.131232] [ 20.131253] The buggy address belongs to the physical page: [ 20.131288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.131354] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.131405] page_type: f5(slab) [ 20.131447] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.131500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.131544] page dumped because: kasan: bad access detected [ 20.131577] [ 20.131598] Memory state around the buggy address: [ 20.131632] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.131677] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.131721] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.131762] ^ [ 20.131797] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.131849] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.131988] ================================================================== [ 20.145145] ================================================================== [ 20.145194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 20.145241] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.145291] [ 20.145375] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.145467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.145822] Hardware name: linux,dummy-virt (DT) [ 20.145966] Call trace: [ 20.145989] show_stack+0x20/0x38 (C) [ 20.146113] dump_stack_lvl+0x8c/0xd0 [ 20.146162] print_report+0x118/0x5d0 [ 20.146210] kasan_report+0xdc/0x128 [ 20.146255] kasan_check_range+0x100/0x1a8 [ 20.146304] __kasan_check_write+0x20/0x30 [ 20.146360] kasan_atomics_helper+0x154c/0x4858 [ 20.146415] kasan_atomics+0x198/0x2e0 [ 20.146461] kunit_try_run_case+0x170/0x3f0 [ 20.146509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.146561] kthread+0x328/0x630 [ 20.146603] ret_from_fork+0x10/0x20 [ 20.146650] [ 20.146671] Allocated by task 265: [ 20.146699] kasan_save_stack+0x3c/0x68 [ 20.146742] kasan_save_track+0x20/0x40 [ 20.146781] kasan_save_alloc_info+0x40/0x58 [ 20.146823] __kasan_kmalloc+0xd4/0xd8 [ 20.146869] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.146911] kasan_atomics+0xb8/0x2e0 [ 20.146988] kunit_try_run_case+0x170/0x3f0 [ 20.147110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.147173] kthread+0x328/0x630 [ 20.147312] ret_from_fork+0x10/0x20 [ 20.147350] [ 20.147371] The buggy address belongs to the object at fff00000c799a780 [ 20.147371] which belongs to the cache kmalloc-64 of size 64 [ 20.147430] The buggy address is located 0 bytes to the right of [ 20.147430] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.147494] [ 20.147516] The buggy address belongs to the physical page: [ 20.147551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.147657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.147902] page_type: f5(slab) [ 20.148019] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.148156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.148207] page dumped because: kasan: bad access detected [ 20.148241] [ 20.148260] Memory state around the buggy address: [ 20.148317] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.148368] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.148412] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.148452] ^ [ 20.148487] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.148528] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.148567] ================================================================== [ 20.175771] ================================================================== [ 20.175833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 20.175903] Read of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.175954] [ 20.175996] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.176078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.176109] Hardware name: linux,dummy-virt (DT) [ 20.176141] Call trace: [ 20.176167] show_stack+0x20/0x38 (C) [ 20.176216] dump_stack_lvl+0x8c/0xd0 [ 20.176269] print_report+0x118/0x5d0 [ 20.176999] kasan_report+0xdc/0x128 [ 20.177109] __asan_report_load8_noabort+0x20/0x30 [ 20.177466] kasan_atomics_helper+0x3df4/0x4858 [ 20.177832] kasan_atomics+0x198/0x2e0 [ 20.178252] kunit_try_run_case+0x170/0x3f0 [ 20.178671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.178733] kthread+0x328/0x630 [ 20.178779] ret_from_fork+0x10/0x20 [ 20.179413] [ 20.179451] Allocated by task 265: [ 20.179761] kasan_save_stack+0x3c/0x68 [ 20.179894] kasan_save_track+0x20/0x40 [ 20.179933] kasan_save_alloc_info+0x40/0x58 [ 20.179976] __kasan_kmalloc+0xd4/0xd8 [ 20.180013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.180247] kasan_atomics+0xb8/0x2e0 [ 20.180297] kunit_try_run_case+0x170/0x3f0 [ 20.180339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.180677] kthread+0x328/0x630 [ 20.180716] ret_from_fork+0x10/0x20 [ 20.181150] [ 20.181176] The buggy address belongs to the object at fff00000c799a780 [ 20.181176] which belongs to the cache kmalloc-64 of size 64 [ 20.181238] The buggy address is located 0 bytes to the right of [ 20.181238] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.181307] [ 20.181611] The buggy address belongs to the physical page: [ 20.181654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.181892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.181950] page_type: f5(slab) [ 20.181995] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.182507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.182559] page dumped because: kasan: bad access detected [ 20.182594] [ 20.182616] Memory state around the buggy address: [ 20.182992] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.183049] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.183142] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.183362] ^ [ 20.183546] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183700] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183788] ================================================================== [ 19.989074] ================================================================== [ 19.989136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.989566] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.989637] [ 19.989855] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.990028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.990068] Hardware name: linux,dummy-virt (DT) [ 19.990102] Call trace: [ 19.990153] show_stack+0x20/0x38 (C) [ 19.990216] dump_stack_lvl+0x8c/0xd0 [ 19.990410] print_report+0x118/0x5d0 [ 19.990652] kasan_report+0xdc/0x128 [ 19.990727] kasan_check_range+0x100/0x1a8 [ 19.990781] __kasan_check_write+0x20/0x30 [ 19.990827] kasan_atomics_helper+0xe44/0x4858 [ 19.990887] kasan_atomics+0x198/0x2e0 [ 19.990932] kunit_try_run_case+0x170/0x3f0 [ 19.991295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.991674] kthread+0x328/0x630 [ 19.991816] ret_from_fork+0x10/0x20 [ 19.992057] [ 19.992257] Allocated by task 265: [ 19.992321] kasan_save_stack+0x3c/0x68 [ 19.992445] kasan_save_track+0x20/0x40 [ 19.992515] kasan_save_alloc_info+0x40/0x58 [ 19.992568] __kasan_kmalloc+0xd4/0xd8 [ 19.992616] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.992658] kasan_atomics+0xb8/0x2e0 [ 19.992697] kunit_try_run_case+0x170/0x3f0 [ 19.992737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.992783] kthread+0x328/0x630 [ 19.992828] ret_from_fork+0x10/0x20 [ 19.992879] [ 19.992912] The buggy address belongs to the object at fff00000c799a780 [ 19.992912] which belongs to the cache kmalloc-64 of size 64 [ 19.992982] The buggy address is located 0 bytes to the right of [ 19.992982] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.993046] [ 19.993070] The buggy address belongs to the physical page: [ 19.993105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.993169] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.993220] page_type: f5(slab) [ 19.993263] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.993315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.993358] page dumped because: kasan: bad access detected [ 19.993407] [ 19.993433] Memory state around the buggy address: [ 19.993467] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.993518] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.993573] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.993620] ^ [ 19.993665] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.993726] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.993782] ================================================================== [ 20.065285] ================================================================== [ 20.065563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.065750] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.065877] [ 20.065921] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.066100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.066149] Hardware name: linux,dummy-virt (DT) [ 20.066185] Call trace: [ 20.066210] show_stack+0x20/0x38 (C) [ 20.066272] dump_stack_lvl+0x8c/0xd0 [ 20.066465] print_report+0x118/0x5d0 [ 20.066717] kasan_report+0xdc/0x128 [ 20.066786] kasan_check_range+0x100/0x1a8 [ 20.066838] __kasan_check_write+0x20/0x30 [ 20.067229] kasan_atomics_helper+0x1128/0x4858 [ 20.067305] kasan_atomics+0x198/0x2e0 [ 20.067354] kunit_try_run_case+0x170/0x3f0 [ 20.067588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.067830] kthread+0x328/0x630 [ 20.067987] ret_from_fork+0x10/0x20 [ 20.068085] [ 20.068472] Allocated by task 265: [ 20.068542] kasan_save_stack+0x3c/0x68 [ 20.068713] kasan_save_track+0x20/0x40 [ 20.068809] kasan_save_alloc_info+0x40/0x58 [ 20.069078] __kasan_kmalloc+0xd4/0xd8 [ 20.069498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.069697] kasan_atomics+0xb8/0x2e0 [ 20.069822] kunit_try_run_case+0x170/0x3f0 [ 20.070015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.070079] kthread+0x328/0x630 [ 20.070120] ret_from_fork+0x10/0x20 [ 20.070352] [ 20.070473] The buggy address belongs to the object at fff00000c799a780 [ 20.070473] which belongs to the cache kmalloc-64 of size 64 [ 20.071000] The buggy address is located 0 bytes to the right of [ 20.071000] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.071222] [ 20.071416] The buggy address belongs to the physical page: [ 20.071472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.071857] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.072375] page_type: f5(slab) [ 20.072473] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.072836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.072917] page dumped because: kasan: bad access detected [ 20.072983] [ 20.073219] Memory state around the buggy address: [ 20.073320] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.073473] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.074101] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.074231] ^ [ 20.074301] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074589] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074678] ================================================================== [ 19.949146] ================================================================== [ 19.949211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.949697] Write of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.949771] [ 19.949822] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.950150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.950366] Hardware name: linux,dummy-virt (DT) [ 19.950431] Call trace: [ 19.950459] show_stack+0x20/0x38 (C) [ 19.950553] dump_stack_lvl+0x8c/0xd0 [ 19.950758] print_report+0x118/0x5d0 [ 19.950812] kasan_report+0xdc/0x128 [ 19.951051] kasan_check_range+0x100/0x1a8 [ 19.951123] __kasan_check_write+0x20/0x30 [ 19.951230] kasan_atomics_helper+0xd3c/0x4858 [ 19.951528] kasan_atomics+0x198/0x2e0 [ 19.951683] kunit_try_run_case+0x170/0x3f0 [ 19.951886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.951999] kthread+0x328/0x630 [ 19.952183] ret_from_fork+0x10/0x20 [ 19.952250] [ 19.952271] Allocated by task 265: [ 19.952304] kasan_save_stack+0x3c/0x68 [ 19.952803] kasan_save_track+0x20/0x40 [ 19.952888] kasan_save_alloc_info+0x40/0x58 [ 19.953050] __kasan_kmalloc+0xd4/0xd8 [ 19.953101] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.953144] kasan_atomics+0xb8/0x2e0 [ 19.953223] kunit_try_run_case+0x170/0x3f0 [ 19.953267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.953324] kthread+0x328/0x630 [ 19.953362] ret_from_fork+0x10/0x20 [ 19.953400] [ 19.953430] The buggy address belongs to the object at fff00000c799a780 [ 19.953430] which belongs to the cache kmalloc-64 of size 64 [ 19.953499] The buggy address is located 0 bytes to the right of [ 19.953499] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.953564] [ 19.953605] The buggy address belongs to the physical page: [ 19.953642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.953700] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.953758] page_type: f5(slab) [ 19.953806] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.953882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.953925] page dumped because: kasan: bad access detected [ 19.953969] [ 19.953998] Memory state around the buggy address: [ 19.954043] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.954088] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.954139] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.954176] ^ [ 19.954212] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.954256] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.954312] ================================================================== [ 20.098170] ================================================================== [ 20.098240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 20.098303] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.098358] [ 20.098814] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.099087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.099123] Hardware name: linux,dummy-virt (DT) [ 20.099373] Call trace: [ 20.099787] show_stack+0x20/0x38 (C) [ 20.100012] dump_stack_lvl+0x8c/0xd0 [ 20.100156] print_report+0x118/0x5d0 [ 20.100272] kasan_report+0xdc/0x128 [ 20.100323] kasan_check_range+0x100/0x1a8 [ 20.100393] __kasan_check_write+0x20/0x30 [ 20.100439] kasan_atomics_helper+0x126c/0x4858 [ 20.101081] kasan_atomics+0x198/0x2e0 [ 20.101368] kunit_try_run_case+0x170/0x3f0 [ 20.101454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.101559] kthread+0x328/0x630 [ 20.101872] ret_from_fork+0x10/0x20 [ 20.102213] [ 20.102241] Allocated by task 265: [ 20.102423] kasan_save_stack+0x3c/0x68 [ 20.102573] kasan_save_track+0x20/0x40 [ 20.102656] kasan_save_alloc_info+0x40/0x58 [ 20.102705] __kasan_kmalloc+0xd4/0xd8 [ 20.102745] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.102795] kasan_atomics+0xb8/0x2e0 [ 20.102835] kunit_try_run_case+0x170/0x3f0 [ 20.102895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.102955] kthread+0x328/0x630 [ 20.102993] ret_from_fork+0x10/0x20 [ 20.103031] [ 20.103055] The buggy address belongs to the object at fff00000c799a780 [ 20.103055] which belongs to the cache kmalloc-64 of size 64 [ 20.103137] The buggy address is located 0 bytes to the right of [ 20.103137] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.103204] [ 20.103228] The buggy address belongs to the physical page: [ 20.103264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.103870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.103959] page_type: f5(slab) [ 20.104130] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.104195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.104241] page dumped because: kasan: bad access detected [ 20.104276] [ 20.104298] Memory state around the buggy address: [ 20.105221] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.105573] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.105645] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.105718] ^ [ 20.105791] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.105881] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.106093] ================================================================== [ 20.017465] ================================================================== [ 20.017541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 20.017603] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.017654] [ 20.017694] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.017779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.017806] Hardware name: linux,dummy-virt (DT) [ 20.017853] Call trace: [ 20.017878] show_stack+0x20/0x38 (C) [ 20.017956] dump_stack_lvl+0x8c/0xd0 [ 20.018007] print_report+0x118/0x5d0 [ 20.018056] kasan_report+0xdc/0x128 [ 20.018101] kasan_check_range+0x100/0x1a8 [ 20.018152] __kasan_check_write+0x20/0x30 [ 20.018200] kasan_atomics_helper+0xf20/0x4858 [ 20.018249] kasan_atomics+0x198/0x2e0 [ 20.018305] kunit_try_run_case+0x170/0x3f0 [ 20.018356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018424] kthread+0x328/0x630 [ 20.018475] ret_from_fork+0x10/0x20 [ 20.018526] [ 20.018547] Allocated by task 265: [ 20.018579] kasan_save_stack+0x3c/0x68 [ 20.018633] kasan_save_track+0x20/0x40 [ 20.018690] kasan_save_alloc_info+0x40/0x58 [ 20.018734] __kasan_kmalloc+0xd4/0xd8 [ 20.018772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.018815] kasan_atomics+0xb8/0x2e0 [ 20.018863] kunit_try_run_case+0x170/0x3f0 [ 20.018902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.018947] kthread+0x328/0x630 [ 20.018984] ret_from_fork+0x10/0x20 [ 20.019023] [ 20.019046] The buggy address belongs to the object at fff00000c799a780 [ 20.019046] which belongs to the cache kmalloc-64 of size 64 [ 20.019117] The buggy address is located 0 bytes to the right of [ 20.019117] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.019182] [ 20.019207] The buggy address belongs to the physical page: [ 20.019249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.020260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.020362] page_type: f5(slab) [ 20.020439] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.020527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.020573] page dumped because: kasan: bad access detected [ 20.020829] [ 20.020938] Memory state around the buggy address: [ 20.021238] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.021292] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.021614] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.021834] ^ [ 20.022051] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.022178] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.022235] ================================================================== [ 20.044354] ================================================================== [ 20.044422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 20.044481] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.044531] [ 20.044573] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.044672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.045110] Hardware name: linux,dummy-virt (DT) [ 20.045678] Call trace: [ 20.045837] show_stack+0x20/0x38 (C) [ 20.046408] dump_stack_lvl+0x8c/0xd0 [ 20.046674] print_report+0x118/0x5d0 [ 20.046746] kasan_report+0xdc/0x128 [ 20.046915] kasan_check_range+0x100/0x1a8 [ 20.046978] __kasan_check_write+0x20/0x30 [ 20.047026] kasan_atomics_helper+0x1058/0x4858 [ 20.047127] kasan_atomics+0x198/0x2e0 [ 20.047178] kunit_try_run_case+0x170/0x3f0 [ 20.047228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.047562] kthread+0x328/0x630 [ 20.047932] ret_from_fork+0x10/0x20 [ 20.048138] [ 20.048199] Allocated by task 265: [ 20.048294] kasan_save_stack+0x3c/0x68 [ 20.048371] kasan_save_track+0x20/0x40 [ 20.048412] kasan_save_alloc_info+0x40/0x58 [ 20.048463] __kasan_kmalloc+0xd4/0xd8 [ 20.048806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.049156] kasan_atomics+0xb8/0x2e0 [ 20.049358] kunit_try_run_case+0x170/0x3f0 [ 20.049526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.049674] kthread+0x328/0x630 [ 20.049761] ret_from_fork+0x10/0x20 [ 20.049878] [ 20.050098] The buggy address belongs to the object at fff00000c799a780 [ 20.050098] which belongs to the cache kmalloc-64 of size 64 [ 20.050477] The buggy address is located 0 bytes to the right of [ 20.050477] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.050913] [ 20.051175] The buggy address belongs to the physical page: [ 20.051245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.051307] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.051704] page_type: f5(slab) [ 20.051840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.052039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.052091] page dumped because: kasan: bad access detected [ 20.052126] [ 20.052147] Memory state around the buggy address: [ 20.052517] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.052581] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.052925] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.053001] ^ [ 20.053041] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.053693] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.053938] ================================================================== [ 20.075091] ================================================================== [ 20.075148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.075204] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.075273] [ 20.075874] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.076166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.076354] Hardware name: linux,dummy-virt (DT) [ 20.076695] Call trace: [ 20.076794] show_stack+0x20/0x38 (C) [ 20.077225] dump_stack_lvl+0x8c/0xd0 [ 20.077408] print_report+0x118/0x5d0 [ 20.077563] kasan_report+0xdc/0x128 [ 20.077661] kasan_check_range+0x100/0x1a8 [ 20.077914] __kasan_check_write+0x20/0x30 [ 20.078126] kasan_atomics_helper+0x1190/0x4858 [ 20.078455] kasan_atomics+0x198/0x2e0 [ 20.078680] kunit_try_run_case+0x170/0x3f0 [ 20.078853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.079114] kthread+0x328/0x630 [ 20.079320] ret_from_fork+0x10/0x20 [ 20.079755] [ 20.079822] Allocated by task 265: [ 20.079906] kasan_save_stack+0x3c/0x68 [ 20.080005] kasan_save_track+0x20/0x40 [ 20.080141] kasan_save_alloc_info+0x40/0x58 [ 20.080187] __kasan_kmalloc+0xd4/0xd8 [ 20.080383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.080910] kasan_atomics+0xb8/0x2e0 [ 20.081070] kunit_try_run_case+0x170/0x3f0 [ 20.081244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.081692] kthread+0x328/0x630 [ 20.081973] ret_from_fork+0x10/0x20 [ 20.082075] [ 20.082130] The buggy address belongs to the object at fff00000c799a780 [ 20.082130] which belongs to the cache kmalloc-64 of size 64 [ 20.082369] The buggy address is located 0 bytes to the right of [ 20.082369] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.082789] [ 20.082995] The buggy address belongs to the physical page: [ 20.083121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.083218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.083463] page_type: f5(slab) [ 20.083679] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.084044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.084275] page dumped because: kasan: bad access detected [ 20.084405] [ 20.084574] Memory state around the buggy address: [ 20.084642] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.084922] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.085346] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.085849] ^ [ 20.086070] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.086132] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.086173] ================================================================== [ 19.822098] ================================================================== [ 19.822286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.822422] Read of size 4 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 19.822763] [ 19.822823] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.822993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.823053] Hardware name: linux,dummy-virt (DT) [ 19.823109] Call trace: [ 19.823135] show_stack+0x20/0x38 (C) [ 19.823245] dump_stack_lvl+0x8c/0xd0 [ 19.823298] print_report+0x118/0x5d0 [ 19.823651] kasan_report+0xdc/0x128 [ 19.823883] __asan_report_load4_noabort+0x20/0x30 [ 19.824197] kasan_atomics_helper+0x42d8/0x4858 [ 19.824674] [ 19.825350] [ 19.825380] The buggy address belongs to the physical page: [ 19.825424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.825487] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.825538] page_type: f5(slab) [ 19.829939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.829976] Hardware name: linux,dummy-virt (DT) [ 19.830010] Call trace: [ 19.830085] show_stack+0x20/0x38 (C) [ 19.830160] dump_stack_lvl+0x8c/0xd0 [ 19.830228] print_report+0x118/0x5d0 [ 19.830663] kasan_report+0xdc/0x128 [ 19.830740] kasan_check_range+0x100/0x1a8 [ 19.830794] __kasan_check_write+0x20/0x30 [ 19.830904] kasan_atomics_helper+0x934/0x4858 [ 19.830957] kasan_atomics+0x198/0x2e0 [ 19.831004] kunit_try_run_case+0x170/0x3f0 [ 19.831284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831537] kthread+0x328/0x630 [ 19.831654] ret_from_fork+0x10/0x20 [ 19.831872] [ 19.831944] Allocated by task 265: [ 19.832207] kasan_save_stack+0x3c/0x68 [ 19.832377] kasan_save_track+0x20/0x40 [ 19.832448] kasan_save_alloc_info+0x40/0x58 [ 19.832907] __kasan_kmalloc+0xd4/0xd8 [ 19.833221] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.833294] kasan_atomics+0xb8/0x2e0 [ 19.833362] kunit_try_run_case+0x170/0x3f0 [ 19.833435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.833833] kthread+0x328/0x630 [ 19.834051] ret_from_fork+0x10/0x20 [ 19.834409] [ 19.834545] The buggy address belongs to the object at fff00000c799a780 [ 19.834545] which belongs to the cache kmalloc-64 of size 64 [ 19.834730] The buggy address is located 0 bytes to the right of [ 19.834730] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 19.834832] [ 19.834972] The buggy address belongs to the physical page: [ 19.835006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 19.835325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.835569] page_type: f5(slab) [ 19.835660] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.835751] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.835894] page dumped because: kasan: bad access detected [ 19.835966] [ 19.836032] Memory state around the buggy address: [ 19.836141] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.836237] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.836339] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.836408] ^ [ 19.836482] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.836687] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.836875] ================================================================== [ 20.118656] ================================================================== [ 20.119009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 20.119110] Write of size 8 at addr fff00000c799a7b0 by task kunit_try_catch/265 [ 20.119164] [ 20.119254] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.119415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.119445] Hardware name: linux,dummy-virt (DT) [ 20.119897] Call trace: [ 20.119941] show_stack+0x20/0x38 (C) [ 20.120283] dump_stack_lvl+0x8c/0xd0 [ 20.120497] print_report+0x118/0x5d0 [ 20.120603] kasan_report+0xdc/0x128 [ 20.120655] kasan_check_range+0x100/0x1a8 [ 20.120925] __kasan_check_write+0x20/0x30 [ 20.121101] kasan_atomics_helper+0x1384/0x4858 [ 20.121578] kasan_atomics+0x198/0x2e0 [ 20.121753] kunit_try_run_case+0x170/0x3f0 [ 20.121810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.121878] kthread+0x328/0x630 [ 20.121938] ret_from_fork+0x10/0x20 [ 20.122006] [ 20.122049] Allocated by task 265: [ 20.122087] kasan_save_stack+0x3c/0x68 [ 20.122147] kasan_save_track+0x20/0x40 [ 20.122189] kasan_save_alloc_info+0x40/0x58 [ 20.122242] __kasan_kmalloc+0xd4/0xd8 [ 20.122297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.122346] kasan_atomics+0xb8/0x2e0 [ 20.122392] kunit_try_run_case+0x170/0x3f0 [ 20.122432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.122479] kthread+0x328/0x630 [ 20.122522] ret_from_fork+0x10/0x20 [ 20.122562] [ 20.122585] The buggy address belongs to the object at fff00000c799a780 [ 20.122585] which belongs to the cache kmalloc-64 of size 64 [ 20.122669] The buggy address is located 0 bytes to the right of [ 20.122669] allocated 48-byte region [fff00000c799a780, fff00000c799a7b0) [ 20.122735] [ 20.122781] The buggy address belongs to the physical page: [ 20.122817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799a [ 20.123566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.123656] page_type: f5(slab) [ 20.123725] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.123796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.124021] page dumped because: kasan: bad access detected [ 20.124066] [ 20.124087] Memory state around the buggy address: [ 20.124153] fff00000c799a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.124208] fff00000c799a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.124368] >fff00000c799a780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.124866] ^ [ 20.124967] fff00000c799a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.125169] fff00000c799a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.125223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.488322] ================================================================== [ 19.488656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 19.488740] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.488793] [ 19.488833] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.488934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.488964] Hardware name: linux,dummy-virt (DT) [ 19.488998] Call trace: [ 19.489024] show_stack+0x20/0x38 (C) [ 19.489077] dump_stack_lvl+0x8c/0xd0 [ 19.489155] print_report+0x118/0x5d0 [ 19.489206] kasan_report+0xdc/0x128 [ 19.489258] kasan_check_range+0x100/0x1a8 [ 19.489309] __kasan_check_write+0x20/0x30 [ 19.489356] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 19.489413] kasan_bitops_generic+0x11c/0x1c8 [ 19.489461] kunit_try_run_case+0x170/0x3f0 [ 19.489518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.489571] kthread+0x328/0x630 [ 19.489617] ret_from_fork+0x10/0x20 [ 19.489667] [ 19.489688] Allocated by task 261: [ 19.489719] kasan_save_stack+0x3c/0x68 [ 19.489762] kasan_save_track+0x20/0x40 [ 19.489802] kasan_save_alloc_info+0x40/0x58 [ 19.490210] __kasan_kmalloc+0xd4/0xd8 [ 19.490264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.490307] kasan_bitops_generic+0xa0/0x1c8 [ 19.490349] kunit_try_run_case+0x170/0x3f0 [ 19.490776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.490859] kthread+0x328/0x630 [ 19.491162] ret_from_fork+0x10/0x20 [ 19.491331] [ 19.491481] The buggy address belongs to the object at fff00000c3eb9280 [ 19.491481] which belongs to the cache kmalloc-16 of size 16 [ 19.491865] The buggy address is located 8 bytes inside of [ 19.491865] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.492081] [ 19.493174] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.493288] page_type: f5(slab) [ 19.493383] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.493753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.494817] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.497712] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 19.498297] Call trace: [ 19.500825] kthread+0x328/0x630 [ 19.503801] [ 19.504923] page_type: f5(slab) [ 19.505226] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.506146] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.506662] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.506873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.447375] ================================================================== [ 19.447546] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.447638] Read of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.447755] [ 19.447927] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.448237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.448323] Hardware name: linux,dummy-virt (DT) [ 19.448358] Call trace: [ 19.448617] show_stack+0x20/0x38 (C) [ 19.448813] dump_stack_lvl+0x8c/0xd0 [ 19.449084] print_report+0x118/0x5d0 [ 19.449281] kasan_report+0xdc/0x128 [ 19.449693] __asan_report_load8_noabort+0x20/0x30 [ 19.449770] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.450171] kasan_bitops_generic+0x110/0x1c8 [ 19.450264] kunit_try_run_case+0x170/0x3f0 [ 19.450382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.451064] kthread+0x328/0x630 [ 19.451280] ret_from_fork+0x10/0x20 [ 19.451357] [ 19.451378] Allocated by task 261: [ 19.451411] kasan_save_stack+0x3c/0x68 [ 19.451466] kasan_save_track+0x20/0x40 [ 19.451505] kasan_save_alloc_info+0x40/0x58 [ 19.451768] __kasan_kmalloc+0xd4/0xd8 [ 19.451963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.452172] kasan_bitops_generic+0xa0/0x1c8 [ 19.452518] kunit_try_run_case+0x170/0x3f0 [ 19.452853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.453070] kthread+0x328/0x630 [ 19.453214] ret_from_fork+0x10/0x20 [ 19.453257] [ 19.453328] The buggy address belongs to the object at fff00000c3eb9280 [ 19.453328] which belongs to the cache kmalloc-16 of size 16 [ 19.453534] The buggy address is located 8 bytes inside of [ 19.453534] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.453813] [ 19.453864] The buggy address belongs to the physical page: [ 19.453923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.453988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.454055] page_type: f5(slab) [ 19.454111] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.454176] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.454221] page dumped because: kasan: bad access detected [ 19.454264] [ 19.454285] Memory state around the buggy address: [ 19.454329] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.454375] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.454422] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.454463] ^ [ 19.454496] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.454556] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.454626] ================================================================== [ 19.477319] ================================================================== [ 19.477410] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 19.477805] Read of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.477948] [ 19.478044] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.478205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.478285] Hardware name: linux,dummy-virt (DT) [ 19.478321] Call trace: [ 19.478346] show_stack+0x20/0x38 (C) [ 19.478455] dump_stack_lvl+0x8c/0xd0 [ 19.478508] print_report+0x118/0x5d0 [ 19.478800] kasan_report+0xdc/0x128 [ 19.479040] __asan_report_load8_noabort+0x20/0x30 [ 19.479143] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 19.479284] kasan_bitops_generic+0x110/0x1c8 [ 19.479439] kunit_try_run_case+0x170/0x3f0 [ 19.479515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.479578] kthread+0x328/0x630 [ 19.479902] ret_from_fork+0x10/0x20 [ 19.480154] [ 19.480271] Allocated by task 261: [ 19.480357] kasan_save_stack+0x3c/0x68 [ 19.480471] kasan_save_track+0x20/0x40 [ 19.480570] kasan_save_alloc_info+0x40/0x58 [ 19.480988] __kasan_kmalloc+0xd4/0xd8 [ 19.481059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.481224] kasan_bitops_generic+0xa0/0x1c8 [ 19.481376] kunit_try_run_case+0x170/0x3f0 [ 19.481514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.481639] kthread+0x328/0x630 [ 19.481687] ret_from_fork+0x10/0x20 [ 19.481725] [ 19.481902] The buggy address belongs to the object at fff00000c3eb9280 [ 19.481902] which belongs to the cache kmalloc-16 of size 16 [ 19.482181] The buggy address is located 8 bytes inside of [ 19.482181] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.482272] [ 19.482408] The buggy address belongs to the physical page: [ 19.482473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.482947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.483148] page_type: f5(slab) [ 19.483226] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.483627] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.483958] page dumped because: kasan: bad access detected [ 19.484032] [ 19.484101] Memory state around the buggy address: [ 19.484233] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.484344] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.484479] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.484521] ^ [ 19.484737] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.484812] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.485267] ================================================================== [ 19.400165] ================================================================== [ 19.400237] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.400477] Read of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.400646] [ 19.400693] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.401101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.401150] Hardware name: linux,dummy-virt (DT) [ 19.401185] Call trace: [ 19.401239] show_stack+0x20/0x38 (C) [ 19.401300] dump_stack_lvl+0x8c/0xd0 [ 19.401354] print_report+0x118/0x5d0 [ 19.401868] kasan_report+0xdc/0x128 [ 19.401943] __asan_report_load8_noabort+0x20/0x30 [ 19.401997] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.402124] kasan_bitops_generic+0x110/0x1c8 [ 19.402180] kunit_try_run_case+0x170/0x3f0 [ 19.402231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.402908] kthread+0x328/0x630 [ 19.402979] ret_from_fork+0x10/0x20 [ 19.403034] [ 19.403169] Allocated by task 261: [ 19.403213] kasan_save_stack+0x3c/0x68 [ 19.403289] kasan_save_track+0x20/0x40 [ 19.403494] kasan_save_alloc_info+0x40/0x58 [ 19.403692] __kasan_kmalloc+0xd4/0xd8 [ 19.403740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.403835] kasan_bitops_generic+0xa0/0x1c8 [ 19.403954] kunit_try_run_case+0x170/0x3f0 [ 19.404019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404442] kthread+0x328/0x630 [ 19.404697] ret_from_fork+0x10/0x20 [ 19.404862] [ 19.405004] The buggy address belongs to the object at fff00000c3eb9280 [ 19.405004] which belongs to the cache kmalloc-16 of size 16 [ 19.405144] The buggy address is located 8 bytes inside of [ 19.405144] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.405375] [ 19.405460] The buggy address belongs to the physical page: [ 19.405675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.405818] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.406019] page_type: f5(slab) [ 19.406296] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.406392] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.406447] page dumped because: kasan: bad access detected [ 19.406490] [ 19.406552] Memory state around the buggy address: [ 19.406589] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.406635] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.406707] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406757] ^ [ 19.406802] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406861] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406911] ================================================================== [ 19.429108] ================================================================== [ 19.429177] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.429234] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.429285] [ 19.429361] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.429449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.429487] Hardware name: linux,dummy-virt (DT) [ 19.429519] Call trace: [ 19.429556] show_stack+0x20/0x38 (C) [ 19.429607] dump_stack_lvl+0x8c/0xd0 [ 19.429658] print_report+0x118/0x5d0 [ 19.429726] kasan_report+0xdc/0x128 [ 19.429783] kasan_check_range+0x100/0x1a8 [ 19.429832] __kasan_check_write+0x20/0x30 [ 19.429886] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.429940] kasan_bitops_generic+0x110/0x1c8 [ 19.430000] kunit_try_run_case+0x170/0x3f0 [ 19.430051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.430113] kthread+0x328/0x630 [ 19.430167] ret_from_fork+0x10/0x20 [ 19.430218] [ 19.430248] Allocated by task 261: [ 19.430280] kasan_save_stack+0x3c/0x68 [ 19.430323] kasan_save_track+0x20/0x40 [ 19.430371] kasan_save_alloc_info+0x40/0x58 [ 19.430413] __kasan_kmalloc+0xd4/0xd8 [ 19.430452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.430494] kasan_bitops_generic+0xa0/0x1c8 [ 19.430535] kunit_try_run_case+0x170/0x3f0 [ 19.430575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.430621] kthread+0x328/0x630 [ 19.430654] ret_from_fork+0x10/0x20 [ 19.430701] [ 19.430724] The buggy address belongs to the object at fff00000c3eb9280 [ 19.430724] which belongs to the cache kmalloc-16 of size 16 [ 19.430791] The buggy address is located 8 bytes inside of [ 19.430791] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.431189] [ 19.431225] The buggy address belongs to the physical page: [ 19.431262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.431865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.431944] page_type: f5(slab) [ 19.432399] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.432628] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.432676] page dumped because: kasan: bad access detected [ 19.433080] [ 19.433167] Memory state around the buggy address: [ 19.433288] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.433394] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.433541] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.433584] ^ [ 19.434020] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.434161] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.434348] ================================================================== [ 19.417125] ================================================================== [ 19.417222] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.417286] Read of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.417338] [ 19.418337] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.418473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.418506] Hardware name: linux,dummy-virt (DT) [ 19.418613] Call trace: [ 19.418640] show_stack+0x20/0x38 (C) [ 19.418700] dump_stack_lvl+0x8c/0xd0 [ 19.418755] print_report+0x118/0x5d0 [ 19.419108] kasan_report+0xdc/0x128 [ 19.419257] __asan_report_load8_noabort+0x20/0x30 [ 19.419509] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.419877] kasan_bitops_generic+0x110/0x1c8 [ 19.419953] kunit_try_run_case+0x170/0x3f0 [ 19.420004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.420061] kthread+0x328/0x630 [ 19.420756] ret_from_fork+0x10/0x20 [ 19.420935] [ 19.420960] Allocated by task 261: [ 19.421189] kasan_save_stack+0x3c/0x68 [ 19.421410] kasan_save_track+0x20/0x40 [ 19.421511] kasan_save_alloc_info+0x40/0x58 [ 19.421743] __kasan_kmalloc+0xd4/0xd8 [ 19.421901] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.422120] kasan_bitops_generic+0xa0/0x1c8 [ 19.422278] kunit_try_run_case+0x170/0x3f0 [ 19.422648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.422919] kthread+0x328/0x630 [ 19.423155] ret_from_fork+0x10/0x20 [ 19.423467] [ 19.423590] The buggy address belongs to the object at fff00000c3eb9280 [ 19.423590] which belongs to the cache kmalloc-16 of size 16 [ 19.423976] The buggy address is located 8 bytes inside of [ 19.423976] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.424157] [ 19.424219] The buggy address belongs to the physical page: [ 19.424434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.424530] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.424867] page_type: f5(slab) [ 19.425040] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.425124] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.425507] page dumped because: kasan: bad access detected [ 19.425799] [ 19.425992] Memory state around the buggy address: [ 19.426036] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.426246] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.426624] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.427070] ^ [ 19.427127] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.427188] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.427384] ================================================================== [ 19.435130] ================================================================== [ 19.435241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.435326] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.435378] [ 19.435561] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.435825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.436062] Hardware name: linux,dummy-virt (DT) [ 19.436141] Call trace: [ 19.436301] show_stack+0x20/0x38 (C) [ 19.436550] dump_stack_lvl+0x8c/0xd0 [ 19.436730] print_report+0x118/0x5d0 [ 19.436884] kasan_report+0xdc/0x128 [ 19.436970] kasan_check_range+0x100/0x1a8 [ 19.437111] __kasan_check_write+0x20/0x30 [ 19.437223] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.437605] kasan_bitops_generic+0x110/0x1c8 [ 19.437832] kunit_try_run_case+0x170/0x3f0 [ 19.438043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438151] kthread+0x328/0x630 [ 19.438342] ret_from_fork+0x10/0x20 [ 19.438615] [ 19.438663] Allocated by task 261: [ 19.438861] kasan_save_stack+0x3c/0x68 [ 19.438995] kasan_save_track+0x20/0x40 [ 19.439036] kasan_save_alloc_info+0x40/0x58 [ 19.439320] __kasan_kmalloc+0xd4/0xd8 [ 19.439541] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.440065] kasan_bitops_generic+0xa0/0x1c8 [ 19.440400] kunit_try_run_case+0x170/0x3f0 [ 19.440528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.440612] kthread+0x328/0x630 [ 19.440790] ret_from_fork+0x10/0x20 [ 19.440890] [ 19.440941] The buggy address belongs to the object at fff00000c3eb9280 [ 19.440941] which belongs to the cache kmalloc-16 of size 16 [ 19.441584] The buggy address is located 8 bytes inside of [ 19.441584] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.441681] [ 19.441793] The buggy address belongs to the physical page: [ 19.442268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.442606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.442706] page_type: f5(slab) [ 19.443046] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.443191] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.443300] page dumped because: kasan: bad access detected [ 19.443338] [ 19.443365] Memory state around the buggy address: [ 19.443403] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.443806] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.443986] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444589] ^ [ 19.444709] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444909] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445062] ================================================================== [ 19.408997] ================================================================== [ 19.409112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.409189] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.409241] [ 19.409482] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.409600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.409679] Hardware name: linux,dummy-virt (DT) [ 19.409713] Call trace: [ 19.409740] show_stack+0x20/0x38 (C) [ 19.410123] dump_stack_lvl+0x8c/0xd0 [ 19.410186] print_report+0x118/0x5d0 [ 19.410325] kasan_report+0xdc/0x128 [ 19.410432] kasan_check_range+0x100/0x1a8 [ 19.410558] __kasan_check_write+0x20/0x30 [ 19.410607] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.411043] kasan_bitops_generic+0x110/0x1c8 [ 19.411122] kunit_try_run_case+0x170/0x3f0 [ 19.411247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.411320] kthread+0x328/0x630 [ 19.411415] ret_from_fork+0x10/0x20 [ 19.411500] [ 19.411524] Allocated by task 261: [ 19.411558] kasan_save_stack+0x3c/0x68 [ 19.411604] kasan_save_track+0x20/0x40 [ 19.411983] kasan_save_alloc_info+0x40/0x58 [ 19.412125] __kasan_kmalloc+0xd4/0xd8 [ 19.412300] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.412385] kasan_bitops_generic+0xa0/0x1c8 [ 19.412445] kunit_try_run_case+0x170/0x3f0 [ 19.412914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.413033] kthread+0x328/0x630 [ 19.413131] ret_from_fork+0x10/0x20 [ 19.413291] [ 19.413319] The buggy address belongs to the object at fff00000c3eb9280 [ 19.413319] which belongs to the cache kmalloc-16 of size 16 [ 19.413393] The buggy address is located 8 bytes inside of [ 19.413393] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.413457] [ 19.413619] The buggy address belongs to the physical page: [ 19.413796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.413864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.413975] page_type: f5(slab) [ 19.414034] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.414093] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.414135] page dumped because: kasan: bad access detected [ 19.414179] [ 19.414207] Memory state around the buggy address: [ 19.414257] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.414317] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.414371] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.414412] ^ [ 19.414456] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.414510] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.414550] ================================================================== [ 19.387461] ================================================================== [ 19.387549] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.387637] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.387692] [ 19.387742] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.387830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.388254] Hardware name: linux,dummy-virt (DT) [ 19.388802] Call trace: [ 19.389096] show_stack+0x20/0x38 (C) [ 19.389189] dump_stack_lvl+0x8c/0xd0 [ 19.389400] print_report+0x118/0x5d0 [ 19.389506] kasan_report+0xdc/0x128 [ 19.389777] kasan_check_range+0x100/0x1a8 [ 19.389869] __kasan_check_write+0x20/0x30 [ 19.390701] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.390838] kasan_bitops_generic+0x110/0x1c8 [ 19.391225] kunit_try_run_case+0x170/0x3f0 [ 19.391364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.391449] kthread+0x328/0x630 [ 19.391536] ret_from_fork+0x10/0x20 [ 19.391643] [ 19.391808] Allocated by task 261: [ 19.392217] kasan_save_stack+0x3c/0x68 [ 19.392280] kasan_save_track+0x20/0x40 [ 19.392357] kasan_save_alloc_info+0x40/0x58 [ 19.392684] __kasan_kmalloc+0xd4/0xd8 [ 19.392830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.393115] kasan_bitops_generic+0xa0/0x1c8 [ 19.393252] kunit_try_run_case+0x170/0x3f0 [ 19.393315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393812] kthread+0x328/0x630 [ 19.394064] ret_from_fork+0x10/0x20 [ 19.394149] [ 19.394300] The buggy address belongs to the object at fff00000c3eb9280 [ 19.394300] which belongs to the cache kmalloc-16 of size 16 [ 19.394511] The buggy address is located 8 bytes inside of [ 19.394511] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.394737] [ 19.394764] The buggy address belongs to the physical page: [ 19.395003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.395376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.395444] page_type: f5(slab) [ 19.395492] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.395897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.396030] page dumped because: kasan: bad access detected [ 19.396086] [ 19.396355] Memory state around the buggy address: [ 19.396402] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.396768] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.396870] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.396961] ^ [ 19.397174] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.397220] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.397262] ================================================================== [ 19.457405] ================================================================== [ 19.457482] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 19.457542] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.457597] [ 19.457978] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.458087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.458193] Hardware name: linux,dummy-virt (DT) [ 19.458232] Call trace: [ 19.458276] show_stack+0x20/0x38 (C) [ 19.458626] dump_stack_lvl+0x8c/0xd0 [ 19.459000] print_report+0x118/0x5d0 [ 19.459104] kasan_report+0xdc/0x128 [ 19.459413] kasan_check_range+0x100/0x1a8 [ 19.459925] __kasan_check_write+0x20/0x30 [ 19.460017] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 19.460100] kasan_bitops_generic+0x110/0x1c8 [ 19.460260] kunit_try_run_case+0x170/0x3f0 [ 19.460568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.460925] kthread+0x328/0x630 [ 19.460991] ret_from_fork+0x10/0x20 [ 19.461646] [ 19.461702] Allocated by task 261: [ 19.461859] kasan_save_stack+0x3c/0x68 [ 19.462088] kasan_save_track+0x20/0x40 [ 19.462335] kasan_save_alloc_info+0x40/0x58 [ 19.462407] __kasan_kmalloc+0xd4/0xd8 [ 19.462565] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.462722] kasan_bitops_generic+0xa0/0x1c8 [ 19.462768] kunit_try_run_case+0x170/0x3f0 [ 19.462991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.463106] kthread+0x328/0x630 [ 19.463264] ret_from_fork+0x10/0x20 [ 19.463495] [ 19.463595] The buggy address belongs to the object at fff00000c3eb9280 [ 19.463595] which belongs to the cache kmalloc-16 of size 16 [ 19.463923] The buggy address is located 8 bytes inside of [ 19.463923] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.464064] [ 19.464270] The buggy address belongs to the physical page: [ 19.464368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.464550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.464706] page_type: f5(slab) [ 19.464821] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.465149] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.465216] page dumped because: kasan: bad access detected [ 19.465396] [ 19.465489] Memory state around the buggy address: [ 19.465654] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.465733] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.465934] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466150] ^ [ 19.466220] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466546] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466916] ================================================================== [ 19.468432] ================================================================== [ 19.468495] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.468557] Write of size 8 at addr fff00000c3eb9288 by task kunit_try_catch/261 [ 19.469084] [ 19.469426] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.469537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.469568] Hardware name: linux,dummy-virt (DT) [ 19.469602] Call trace: [ 19.469630] show_stack+0x20/0x38 (C) [ 19.469686] dump_stack_lvl+0x8c/0xd0 [ 19.469741] print_report+0x118/0x5d0 [ 19.469792] kasan_report+0xdc/0x128 [ 19.469840] kasan_check_range+0x100/0x1a8 [ 19.469902] __kasan_check_write+0x20/0x30 [ 19.470074] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.470138] kasan_bitops_generic+0x110/0x1c8 [ 19.470186] kunit_try_run_case+0x170/0x3f0 [ 19.470236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.470309] kthread+0x328/0x630 [ 19.470354] ret_from_fork+0x10/0x20 [ 19.470407] [ 19.470428] Allocated by task 261: [ 19.470460] kasan_save_stack+0x3c/0x68 [ 19.470503] kasan_save_track+0x20/0x40 [ 19.470565] kasan_save_alloc_info+0x40/0x58 [ 19.470607] __kasan_kmalloc+0xd4/0xd8 [ 19.470645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.470698] kasan_bitops_generic+0xa0/0x1c8 [ 19.470746] kunit_try_run_case+0x170/0x3f0 [ 19.470794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.471128] kthread+0x328/0x630 [ 19.471212] ret_from_fork+0x10/0x20 [ 19.471256] [ 19.471504] The buggy address belongs to the object at fff00000c3eb9280 [ 19.471504] which belongs to the cache kmalloc-16 of size 16 [ 19.472215] The buggy address is located 8 bytes inside of [ 19.472215] allocated 9-byte region [fff00000c3eb9280, fff00000c3eb9289) [ 19.472457] [ 19.472551] The buggy address belongs to the physical page: [ 19.472753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eb9 [ 19.472821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.473181] page_type: f5(slab) [ 19.473352] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.473449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.473672] page dumped because: kasan: bad access detected [ 19.473750] [ 19.473932] Memory state around the buggy address: [ 19.474111] fff00000c3eb9180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.474343] fff00000c3eb9200: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.474461] >fff00000c3eb9280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.474536] ^ [ 19.474627] fff00000c3eb9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.475039] fff00000c3eb9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.475154] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.365281] ================================================================== [ 19.365345] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.365471] Read of size 1 at addr fff00000c799d550 by task kunit_try_catch/259 [ 19.365540] [ 19.365582] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.365933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.365976] Hardware name: linux,dummy-virt (DT) [ 19.366011] Call trace: [ 19.366037] show_stack+0x20/0x38 (C) [ 19.366099] dump_stack_lvl+0x8c/0xd0 [ 19.366542] print_report+0x118/0x5d0 [ 19.366621] kasan_report+0xdc/0x128 [ 19.366672] __asan_report_load1_noabort+0x20/0x30 [ 19.366875] strnlen+0x80/0x88 [ 19.366920] kasan_strings+0x478/0xb00 [ 19.366973] kunit_try_run_case+0x170/0x3f0 [ 19.367274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.367538] kthread+0x328/0x630 [ 19.367593] ret_from_fork+0x10/0x20 [ 19.367949] [ 19.368056] Allocated by task 259: [ 19.368094] kasan_save_stack+0x3c/0x68 [ 19.368546] kasan_save_track+0x20/0x40 [ 19.368764] kasan_save_alloc_info+0x40/0x58 [ 19.368997] __kasan_kmalloc+0xd4/0xd8 [ 19.369047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.369427] kasan_strings+0xc8/0xb00 [ 19.369675] kunit_try_run_case+0x170/0x3f0 [ 19.369874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.370126] kthread+0x328/0x630 [ 19.370198] ret_from_fork+0x10/0x20 [ 19.370429] [ 19.370562] Freed by task 259: [ 19.370745] kasan_save_stack+0x3c/0x68 [ 19.370818] kasan_save_track+0x20/0x40 [ 19.371078] kasan_save_free_info+0x4c/0x78 [ 19.371373] __kasan_slab_free+0x6c/0x98 [ 19.371554] kfree+0x214/0x3c8 [ 19.371790] kasan_strings+0x24c/0xb00 [ 19.371901] kunit_try_run_case+0x170/0x3f0 [ 19.371954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.372011] kthread+0x328/0x630 [ 19.372047] ret_from_fork+0x10/0x20 [ 19.372095] [ 19.372126] The buggy address belongs to the object at fff00000c799d540 [ 19.372126] which belongs to the cache kmalloc-32 of size 32 [ 19.372189] The buggy address is located 16 bytes inside of [ 19.372189] freed 32-byte region [fff00000c799d540, fff00000c799d560) [ 19.372252] [ 19.372299] The buggy address belongs to the physical page: [ 19.372344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799d [ 19.372409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.372477] page_type: f5(slab) [ 19.372519] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.372574] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.372616] page dumped because: kasan: bad access detected [ 19.372659] [ 19.372695] Memory state around the buggy address: [ 19.372732] fff00000c799d400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.372776] fff00000c799d480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.372820] >fff00000c799d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.372870] ^ [ 19.372918] fff00000c799d580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.372972] fff00000c799d600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.373013] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.353687] ================================================================== [ 19.353960] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.354079] Read of size 1 at addr fff00000c799d550 by task kunit_try_catch/259 [ 19.354167] [ 19.354211] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.354294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.354322] Hardware name: linux,dummy-virt (DT) [ 19.354357] Call trace: [ 19.354636] show_stack+0x20/0x38 (C) [ 19.354873] dump_stack_lvl+0x8c/0xd0 [ 19.355331] print_report+0x118/0x5d0 [ 19.355511] kasan_report+0xdc/0x128 [ 19.355743] __asan_report_load1_noabort+0x20/0x30 [ 19.355864] strlen+0xa8/0xb0 [ 19.356082] kasan_strings+0x418/0xb00 [ 19.356255] kunit_try_run_case+0x170/0x3f0 [ 19.356539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.356624] kthread+0x328/0x630 [ 19.356758] ret_from_fork+0x10/0x20 [ 19.356813] [ 19.356835] Allocated by task 259: [ 19.357037] kasan_save_stack+0x3c/0x68 [ 19.357236] kasan_save_track+0x20/0x40 [ 19.357469] kasan_save_alloc_info+0x40/0x58 [ 19.357617] __kasan_kmalloc+0xd4/0xd8 [ 19.357822] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.358031] kasan_strings+0xc8/0xb00 [ 19.358073] kunit_try_run_case+0x170/0x3f0 [ 19.358245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.358537] kthread+0x328/0x630 [ 19.358591] ret_from_fork+0x10/0x20 [ 19.358655] [ 19.358677] Freed by task 259: [ 19.358720] kasan_save_stack+0x3c/0x68 [ 19.358767] kasan_save_track+0x20/0x40 [ 19.358807] kasan_save_free_info+0x4c/0x78 [ 19.358862] __kasan_slab_free+0x6c/0x98 [ 19.358904] kfree+0x214/0x3c8 [ 19.358952] kasan_strings+0x24c/0xb00 [ 19.358990] kunit_try_run_case+0x170/0x3f0 [ 19.359029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.359074] kthread+0x328/0x630 [ 19.359112] ret_from_fork+0x10/0x20 [ 19.359150] [ 19.359181] The buggy address belongs to the object at fff00000c799d540 [ 19.359181] which belongs to the cache kmalloc-32 of size 32 [ 19.359251] The buggy address is located 16 bytes inside of [ 19.359251] freed 32-byte region [fff00000c799d540, fff00000c799d560) [ 19.359316] [ 19.359349] The buggy address belongs to the physical page: [ 19.359695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799d [ 19.360054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.361151] page_type: f5(slab) [ 19.361307] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.361604] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.361873] page dumped because: kasan: bad access detected [ 19.362085] [ 19.362219] Memory state around the buggy address: [ 19.362260] fff00000c799d400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.362576] fff00000c799d480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.362780] >fff00000c799d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.363058] ^ [ 19.363267] fff00000c799d580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.363655] fff00000c799d600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.363872] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.338586] ================================================================== [ 19.338860] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.339593] Read of size 1 at addr fff00000c799d550 by task kunit_try_catch/259 [ 19.339674] [ 19.339872] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.339969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.339996] Hardware name: linux,dummy-virt (DT) [ 19.340030] Call trace: [ 19.340711] show_stack+0x20/0x38 (C) [ 19.341034] dump_stack_lvl+0x8c/0xd0 [ 19.341297] print_report+0x118/0x5d0 [ 19.341574] kasan_report+0xdc/0x128 [ 19.341784] __asan_report_load1_noabort+0x20/0x30 [ 19.342390] kasan_strings+0x95c/0xb00 [ 19.342704] kunit_try_run_case+0x170/0x3f0 [ 19.342854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.342916] kthread+0x328/0x630 [ 19.343138] ret_from_fork+0x10/0x20 [ 19.343481] [ 19.343520] Allocated by task 259: [ 19.343552] kasan_save_stack+0x3c/0x68 [ 19.343608] kasan_save_track+0x20/0x40 [ 19.343814] kasan_save_alloc_info+0x40/0x58 [ 19.344064] __kasan_kmalloc+0xd4/0xd8 [ 19.344697] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.344918] kasan_strings+0xc8/0xb00 [ 19.344993] kunit_try_run_case+0x170/0x3f0 [ 19.345314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.345666] kthread+0x328/0x630 [ 19.345826] ret_from_fork+0x10/0x20 [ 19.345888] [ 19.345913] Freed by task 259: [ 19.346121] kasan_save_stack+0x3c/0x68 [ 19.346432] kasan_save_track+0x20/0x40 [ 19.346724] kasan_save_free_info+0x4c/0x78 [ 19.346976] __kasan_slab_free+0x6c/0x98 [ 19.347240] kfree+0x214/0x3c8 [ 19.347810] kasan_strings+0x24c/0xb00 [ 19.348049] kunit_try_run_case+0x170/0x3f0 [ 19.348162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.348372] kthread+0x328/0x630 [ 19.348505] ret_from_fork+0x10/0x20 [ 19.348551] [ 19.348574] The buggy address belongs to the object at fff00000c799d540 [ 19.348574] which belongs to the cache kmalloc-32 of size 32 [ 19.348858] The buggy address is located 16 bytes inside of [ 19.348858] freed 32-byte region [fff00000c799d540, fff00000c799d560) [ 19.349044] [ 19.349134] The buggy address belongs to the physical page: [ 19.349316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799d [ 19.349399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.349736] page_type: f5(slab) [ 19.349957] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.350095] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.350168] page dumped because: kasan: bad access detected [ 19.350312] [ 19.350337] Memory state around the buggy address: [ 19.350440] fff00000c799d400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.350661] fff00000c799d480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.350918] >fff00000c799d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.351156] ^ [ 19.351511] fff00000c799d580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.351778] fff00000c799d600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.351951] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.330504] ================================================================== [ 19.330926] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.331191] Read of size 1 at addr fff00000c799d550 by task kunit_try_catch/259 [ 19.331243] [ 19.331288] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.331752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.331813] Hardware name: linux,dummy-virt (DT) [ 19.331916] Call trace: [ 19.332036] show_stack+0x20/0x38 (C) [ 19.332229] dump_stack_lvl+0x8c/0xd0 [ 19.332333] print_report+0x118/0x5d0 [ 19.332494] kasan_report+0xdc/0x128 [ 19.332550] __asan_report_load1_noabort+0x20/0x30 [ 19.332899] strcmp+0xc0/0xc8 [ 19.332971] kasan_strings+0x340/0xb00 [ 19.333287] kunit_try_run_case+0x170/0x3f0 [ 19.333482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.333726] kthread+0x328/0x630 [ 19.333854] ret_from_fork+0x10/0x20 [ 19.334079] [ 19.334188] Allocated by task 259: [ 19.334443] kasan_save_stack+0x3c/0x68 [ 19.334597] kasan_save_track+0x20/0x40 [ 19.334641] kasan_save_alloc_info+0x40/0x58 [ 19.334684] __kasan_kmalloc+0xd4/0xd8 [ 19.334732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.334786] kasan_strings+0xc8/0xb00 [ 19.334831] kunit_try_run_case+0x170/0x3f0 [ 19.334884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334931] kthread+0x328/0x630 [ 19.334976] ret_from_fork+0x10/0x20 [ 19.335013] [ 19.335044] Freed by task 259: [ 19.335085] kasan_save_stack+0x3c/0x68 [ 19.335124] kasan_save_track+0x20/0x40 [ 19.335174] kasan_save_free_info+0x4c/0x78 [ 19.335214] __kasan_slab_free+0x6c/0x98 [ 19.335256] kfree+0x214/0x3c8 [ 19.335291] kasan_strings+0x24c/0xb00 [ 19.335337] kunit_try_run_case+0x170/0x3f0 [ 19.335386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.335431] kthread+0x328/0x630 [ 19.335466] ret_from_fork+0x10/0x20 [ 19.335520] [ 19.335558] The buggy address belongs to the object at fff00000c799d540 [ 19.335558] which belongs to the cache kmalloc-32 of size 32 [ 19.335623] The buggy address is located 16 bytes inside of [ 19.335623] freed 32-byte region [fff00000c799d540, fff00000c799d560) [ 19.335689] [ 19.335723] The buggy address belongs to the physical page: [ 19.335784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799d [ 19.335864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.335921] page_type: f5(slab) [ 19.335967] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.336030] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.336073] page dumped because: kasan: bad access detected [ 19.336117] [ 19.336146] Memory state around the buggy address: [ 19.336183] fff00000c799d400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.336231] fff00000c799d480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.336286] >fff00000c799d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.336333] ^ [ 19.336380] fff00000c799d580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.336424] fff00000c799d600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.336470] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.298919] ================================================================== [ 19.299289] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.299395] Read of size 1 at addr fff00000c799d358 by task kunit_try_catch/257 [ 19.299579] [ 19.299665] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.300086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.300172] Hardware name: linux,dummy-virt (DT) [ 19.300426] Call trace: [ 19.300474] show_stack+0x20/0x38 (C) [ 19.300686] dump_stack_lvl+0x8c/0xd0 [ 19.300912] print_report+0x118/0x5d0 [ 19.301183] kasan_report+0xdc/0x128 [ 19.301399] __asan_report_load1_noabort+0x20/0x30 [ 19.301673] memcmp+0x198/0x1d8 [ 19.301875] kasan_memcmp+0x16c/0x300 [ 19.302099] kunit_try_run_case+0x170/0x3f0 [ 19.302285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302475] kthread+0x328/0x630 [ 19.302794] ret_from_fork+0x10/0x20 [ 19.303012] [ 19.303254] Allocated by task 257: [ 19.303336] kasan_save_stack+0x3c/0x68 [ 19.303542] kasan_save_track+0x20/0x40 [ 19.303592] kasan_save_alloc_info+0x40/0x58 [ 19.303817] __kasan_kmalloc+0xd4/0xd8 [ 19.303999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.304057] kasan_memcmp+0xbc/0x300 [ 19.304163] kunit_try_run_case+0x170/0x3f0 [ 19.304435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304733] kthread+0x328/0x630 [ 19.304917] ret_from_fork+0x10/0x20 [ 19.305024] [ 19.305069] The buggy address belongs to the object at fff00000c799d340 [ 19.305069] which belongs to the cache kmalloc-32 of size 32 [ 19.305286] The buggy address is located 0 bytes to the right of [ 19.305286] allocated 24-byte region [fff00000c799d340, fff00000c799d358) [ 19.305361] [ 19.305494] The buggy address belongs to the physical page: [ 19.305536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799d [ 19.305681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.305756] page_type: f5(slab) [ 19.305802] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.305881] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.305924] page dumped because: kasan: bad access detected [ 19.305957] [ 19.305989] Memory state around the buggy address: [ 19.306026] fff00000c799d200: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.306080] fff00000c799d280: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.306127] >fff00000c799d300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.306177] ^ [ 19.306218] fff00000c799d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306263] fff00000c799d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306305] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.266769] ================================================================== [ 19.266883] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.267053] Read of size 1 at addr ffff800080b37b4a by task kunit_try_catch/253 [ 19.267343] [ 19.267428] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.267637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.267780] Hardware name: linux,dummy-virt (DT) [ 19.267856] Call trace: [ 19.267987] show_stack+0x20/0x38 (C) [ 19.268193] dump_stack_lvl+0x8c/0xd0 [ 19.268255] print_report+0x310/0x5d0 [ 19.268307] kasan_report+0xdc/0x128 [ 19.268505] __asan_report_load1_noabort+0x20/0x30 [ 19.268856] kasan_alloca_oob_right+0x2dc/0x340 [ 19.269101] kunit_try_run_case+0x170/0x3f0 [ 19.269176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.269595] kthread+0x328/0x630 [ 19.269685] ret_from_fork+0x10/0x20 [ 19.269790] [ 19.269826] The buggy address belongs to stack of task kunit_try_catch/253 [ 19.270009] [ 19.270088] The buggy address ffff800080b37b4a belongs to a vmalloc virtual mapping [ 19.270212] The buggy address belongs to the physical page: [ 19.270250] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d9 [ 19.270578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.270807] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.271172] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.271232] page dumped because: kasan: bad access detected [ 19.271268] [ 19.271443] Memory state around the buggy address: [ 19.271600] ffff800080b37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.272230] ffff800080b37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.272384] >ffff800080b37b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.272433] ^ [ 19.272476] ffff800080b37b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.272674] ffff800080b37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.272749] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.250962] ================================================================== [ 19.251276] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.251457] Read of size 1 at addr ffff800080b37b5f by task kunit_try_catch/251 [ 19.251639] [ 19.252125] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.252277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.252464] Hardware name: linux,dummy-virt (DT) [ 19.252584] Call trace: [ 19.252729] show_stack+0x20/0x38 (C) [ 19.252802] dump_stack_lvl+0x8c/0xd0 [ 19.253040] print_report+0x310/0x5d0 [ 19.253148] kasan_report+0xdc/0x128 [ 19.253343] __asan_report_load1_noabort+0x20/0x30 [ 19.253646] kasan_alloca_oob_left+0x2b8/0x310 [ 19.253810] kunit_try_run_case+0x170/0x3f0 [ 19.253984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.254111] kthread+0x328/0x630 [ 19.254161] ret_from_fork+0x10/0x20 [ 19.254488] [ 19.254623] The buggy address belongs to stack of task kunit_try_catch/251 [ 19.254987] [ 19.255210] The buggy address ffff800080b37b5f belongs to a vmalloc virtual mapping [ 19.255262] The buggy address belongs to the physical page: [ 19.255457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d9 [ 19.255530] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.255650] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.255913] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.256030] page dumped because: kasan: bad access detected [ 19.256161] [ 19.256241] Memory state around the buggy address: [ 19.256362] ffff800080b37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.256476] ffff800080b37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.256529] >ffff800080b37b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.256719] ^ [ 19.256921] ffff800080b37b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.257048] ffff800080b37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.257156] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.230957] ================================================================== [ 19.231293] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.231641] Read of size 1 at addr ffff800080b37c2a by task kunit_try_catch/249 [ 19.231698] [ 19.231931] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.232247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.232379] Hardware name: linux,dummy-virt (DT) [ 19.232535] Call trace: [ 19.232606] show_stack+0x20/0x38 (C) [ 19.232777] dump_stack_lvl+0x8c/0xd0 [ 19.232972] print_report+0x310/0x5d0 [ 19.233067] kasan_report+0xdc/0x128 [ 19.233141] __asan_report_load1_noabort+0x20/0x30 [ 19.233408] kasan_stack_oob+0x238/0x270 [ 19.233638] kunit_try_run_case+0x170/0x3f0 [ 19.233794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233872] kthread+0x328/0x630 [ 19.234229] ret_from_fork+0x10/0x20 [ 19.234458] [ 19.234618] The buggy address belongs to stack of task kunit_try_catch/249 [ 19.235215] and is located at offset 138 in frame: [ 19.235398] kasan_stack_oob+0x0/0x270 [ 19.235922] [ 19.235963] This frame has 4 objects: [ 19.236754] [48, 49) '__assertion' [ 19.236831] [64, 72) 'array' [ 19.236880] [96, 112) '__assertion' [ 19.237043] [128, 138) 'stack_array' [ 19.237095] [ 19.237146] The buggy address ffff800080b37c2a belongs to a vmalloc virtual mapping [ 19.237461] The buggy address belongs to the physical page: [ 19.237634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d9 [ 19.237877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.238063] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.238229] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.238371] page dumped because: kasan: bad access detected [ 19.238544] [ 19.238565] Memory state around the buggy address: [ 19.238618] ffff800080b37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.238890] ffff800080b37b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.239071] >ffff800080b37c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.239150] ^ [ 19.239336] ffff800080b37c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.239406] ffff800080b37d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.239494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.195805] ================================================================== [ 19.195917] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.195989] Read of size 1 at addr ffff971ff894f58d by task kunit_try_catch/245 [ 19.196040] [ 19.196086] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.196174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.196202] Hardware name: linux,dummy-virt (DT) [ 19.196236] Call trace: [ 19.196260] show_stack+0x20/0x38 (C) [ 19.197864] dump_stack_lvl+0x8c/0xd0 [ 19.199016] print_report+0x310/0x5d0 [ 19.199067] kasan_report+0xdc/0x128 [ 19.199142] __asan_report_load1_noabort+0x20/0x30 [ 19.199206] kasan_global_oob_right+0x230/0x270 [ 19.199256] kunit_try_run_case+0x170/0x3f0 [ 19.199318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.199370] kthread+0x328/0x630 [ 19.199417] ret_from_fork+0x10/0x20 [ 19.199485] [ 19.199543] The buggy address belongs to the variable: [ 19.199575] global_array+0xd/0x40 [ 19.199625] [ 19.199682] The buggy address ffff971ff894f58d belongs to a vmalloc virtual mapping [ 19.199766] The buggy address belongs to the physical page: [ 19.199802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 19.199921] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.200021] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 19.200072] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.200308] page dumped because: kasan: bad access detected [ 19.200343] [ 19.200390] Memory state around the buggy address: [ 19.200427] ffff971ff894f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.200532] ffff971ff894f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 19.200730] >ffff971ff894f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 19.200866] ^ [ 19.201000] ffff971ff894f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 19.201091] ffff971ff894f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.201225] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.155089] ================================================================== [ 19.155166] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.155232] Free of addr fff00000c78e9801 by task kunit_try_catch/241 [ 19.155286] [ 19.155394] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.155511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.155558] Hardware name: linux,dummy-virt (DT) [ 19.155591] Call trace: [ 19.155615] show_stack+0x20/0x38 (C) [ 19.155686] dump_stack_lvl+0x8c/0xd0 [ 19.155736] print_report+0x118/0x5d0 [ 19.155786] kasan_report_invalid_free+0xc0/0xe8 [ 19.156042] check_slab_allocation+0xfc/0x108 [ 19.156155] __kasan_mempool_poison_object+0x78/0x150 [ 19.156360] mempool_free+0x28c/0x328 [ 19.156447] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.156586] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.156721] kunit_try_run_case+0x170/0x3f0 [ 19.156792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.157120] kthread+0x328/0x630 [ 19.157178] ret_from_fork+0x10/0x20 [ 19.157499] [ 19.157642] Allocated by task 241: [ 19.157773] kasan_save_stack+0x3c/0x68 [ 19.157823] kasan_save_track+0x20/0x40 [ 19.157871] kasan_save_alloc_info+0x40/0x58 [ 19.157913] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.157965] remove_element+0x130/0x1f8 [ 19.158002] mempool_alloc_preallocated+0x58/0xc0 [ 19.158039] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.158081] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.158121] kunit_try_run_case+0x170/0x3f0 [ 19.158159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.158211] kthread+0x328/0x630 [ 19.158264] ret_from_fork+0x10/0x20 [ 19.158306] [ 19.158351] The buggy address belongs to the object at fff00000c78e9800 [ 19.158351] which belongs to the cache kmalloc-128 of size 128 [ 19.158416] The buggy address is located 1 bytes inside of [ 19.158416] 128-byte region [fff00000c78e9800, fff00000c78e9880) [ 19.158487] [ 19.158508] The buggy address belongs to the physical page: [ 19.158541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 19.158614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.158669] page_type: f5(slab) [ 19.158723] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.158797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.158855] page dumped because: kasan: bad access detected [ 19.158889] [ 19.158907] Memory state around the buggy address: [ 19.158939] fff00000c78e9700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.158984] fff00000c78e9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.159028] >fff00000c78e9800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.159067] ^ [ 19.159095] fff00000c78e9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.159464] fff00000c78e9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.159649] ================================================================== [ 19.170319] ================================================================== [ 19.170422] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.170496] Free of addr fff00000c7a04001 by task kunit_try_catch/243 [ 19.170551] [ 19.170593] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.170676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.170704] Hardware name: linux,dummy-virt (DT) [ 19.170737] Call trace: [ 19.170760] show_stack+0x20/0x38 (C) [ 19.170811] dump_stack_lvl+0x8c/0xd0 [ 19.170876] print_report+0x118/0x5d0 [ 19.170924] kasan_report_invalid_free+0xc0/0xe8 [ 19.170974] __kasan_mempool_poison_object+0xfc/0x150 [ 19.171199] mempool_free+0x28c/0x328 [ 19.171262] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.171358] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.171410] kunit_try_run_case+0x170/0x3f0 [ 19.171585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.171733] kthread+0x328/0x630 [ 19.171888] ret_from_fork+0x10/0x20 [ 19.172020] [ 19.172051] The buggy address belongs to the physical page: [ 19.172088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a04 [ 19.172145] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.172193] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.172319] page_type: f8(unknown) [ 19.172365] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.172416] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.172741] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.172952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.173070] head: 0bfffe0000000002 ffffc1ffc31e8101 00000000ffffffff 00000000ffffffff [ 19.173208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.173250] page dumped because: kasan: bad access detected [ 19.173482] [ 19.173685] Memory state around the buggy address: [ 19.173723] fff00000c7a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.174030] fff00000c7a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.174120] >fff00000c7a04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.174235] ^ [ 19.174296] fff00000c7a04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.174589] fff00000c7a04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.174665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.144506] ================================================================== [ 19.144587] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.144648] Free of addr fff00000c7a04000 by task kunit_try_catch/239 [ 19.144691] [ 19.144729] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.144811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.144838] Hardware name: linux,dummy-virt (DT) [ 19.144887] Call trace: [ 19.144909] show_stack+0x20/0x38 (C) [ 19.145083] dump_stack_lvl+0x8c/0xd0 [ 19.145200] print_report+0x118/0x5d0 [ 19.145252] kasan_report_invalid_free+0xc0/0xe8 [ 19.145395] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.145448] mempool_free+0x24c/0x328 [ 19.145500] mempool_double_free_helper+0x150/0x2e8 [ 19.145568] mempool_page_alloc_double_free+0xbc/0x118 [ 19.145776] kunit_try_run_case+0x170/0x3f0 [ 19.145854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.146012] kthread+0x328/0x630 [ 19.146136] ret_from_fork+0x10/0x20 [ 19.146228] [ 19.146250] The buggy address belongs to the physical page: [ 19.146284] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a04 [ 19.146340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.146597] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.146659] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.146827] page dumped because: kasan: bad access detected [ 19.146872] [ 19.146891] Memory state around the buggy address: [ 19.146924] fff00000c7a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.146968] fff00000c7a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.147202] >fff00000c7a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.147263] ^ [ 19.147389] fff00000c7a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.147549] fff00000c7a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.147711] ================================================================== [ 19.103960] ================================================================== [ 19.104115] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.104360] Free of addr fff00000c78e9400 by task kunit_try_catch/235 [ 19.104555] [ 19.104652] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.104829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.105284] Hardware name: linux,dummy-virt (DT) [ 19.105358] Call trace: [ 19.105419] show_stack+0x20/0x38 (C) [ 19.105690] dump_stack_lvl+0x8c/0xd0 [ 19.105945] print_report+0x118/0x5d0 [ 19.106043] kasan_report_invalid_free+0xc0/0xe8 [ 19.106241] check_slab_allocation+0xd4/0x108 [ 19.106306] __kasan_mempool_poison_object+0x78/0x150 [ 19.106381] mempool_free+0x28c/0x328 [ 19.106433] mempool_double_free_helper+0x150/0x2e8 [ 19.106516] mempool_kmalloc_double_free+0xc0/0x118 [ 19.106568] kunit_try_run_case+0x170/0x3f0 [ 19.106618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.106686] kthread+0x328/0x630 [ 19.106731] ret_from_fork+0x10/0x20 [ 19.106797] [ 19.106831] Allocated by task 235: [ 19.106880] kasan_save_stack+0x3c/0x68 [ 19.106938] kasan_save_track+0x20/0x40 [ 19.106977] kasan_save_alloc_info+0x40/0x58 [ 19.107025] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.107070] remove_element+0x130/0x1f8 [ 19.107123] mempool_alloc_preallocated+0x58/0xc0 [ 19.107162] mempool_double_free_helper+0x94/0x2e8 [ 19.107210] mempool_kmalloc_double_free+0xc0/0x118 [ 19.107258] kunit_try_run_case+0x170/0x3f0 [ 19.107467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.107542] kthread+0x328/0x630 [ 19.107577] ret_from_fork+0x10/0x20 [ 19.107900] [ 19.108104] Freed by task 235: [ 19.108140] kasan_save_stack+0x3c/0x68 [ 19.108553] kasan_save_track+0x20/0x40 [ 19.108643] kasan_save_free_info+0x4c/0x78 [ 19.108687] __kasan_mempool_poison_object+0xc0/0x150 [ 19.108799] mempool_free+0x28c/0x328 [ 19.109260] mempool_double_free_helper+0x100/0x2e8 [ 19.109443] mempool_kmalloc_double_free+0xc0/0x118 [ 19.109530] kunit_try_run_case+0x170/0x3f0 [ 19.109907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.109964] kthread+0x328/0x630 [ 19.110407] ret_from_fork+0x10/0x20 [ 19.110506] [ 19.110528] The buggy address belongs to the object at fff00000c78e9400 [ 19.110528] which belongs to the cache kmalloc-128 of size 128 [ 19.111066] The buggy address is located 0 bytes inside of [ 19.111066] 128-byte region [fff00000c78e9400, fff00000c78e9480) [ 19.111155] [ 19.111189] The buggy address belongs to the physical page: [ 19.111225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 19.111480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.111672] page_type: f5(slab) [ 19.111946] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.112004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.112235] page dumped because: kasan: bad access detected [ 19.112347] [ 19.112463] Memory state around the buggy address: [ 19.112529] fff00000c78e9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.113084] fff00000c78e9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.113145] >fff00000c78e9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.113327] ^ [ 19.113548] fff00000c78e9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.113760] fff00000c78e9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.114002] ================================================================== [ 19.130180] ================================================================== [ 19.130456] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.130542] Free of addr fff00000c7a04000 by task kunit_try_catch/237 [ 19.130609] [ 19.130652] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.130740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.130767] Hardware name: linux,dummy-virt (DT) [ 19.131265] Call trace: [ 19.131502] show_stack+0x20/0x38 (C) [ 19.131568] dump_stack_lvl+0x8c/0xd0 [ 19.131788] print_report+0x118/0x5d0 [ 19.131961] kasan_report_invalid_free+0xc0/0xe8 [ 19.132112] __kasan_mempool_poison_object+0x14c/0x150 [ 19.132331] mempool_free+0x28c/0x328 [ 19.132462] mempool_double_free_helper+0x150/0x2e8 [ 19.132526] mempool_kmalloc_large_double_free+0xc0/0x118 [ 19.132882] kunit_try_run_case+0x170/0x3f0 [ 19.133173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.133371] kthread+0x328/0x630 [ 19.133456] ret_from_fork+0x10/0x20 [ 19.133876] [ 19.133922] The buggy address belongs to the physical page: [ 19.134033] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a04 [ 19.134141] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.134361] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.134440] page_type: f8(unknown) [ 19.134563] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.134616] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.134695] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.134752] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.134817] head: 0bfffe0000000002 ffffc1ffc31e8101 00000000ffffffff 00000000ffffffff [ 19.134878] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.134927] page dumped because: kasan: bad access detected [ 19.134959] [ 19.134984] Memory state around the buggy address: [ 19.135027] fff00000c7a03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.135086] fff00000c7a03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.135144] >fff00000c7a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.135183] ^ [ 19.135214] fff00000c7a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.135280] fff00000c7a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.135354] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.030628] ================================================================== [ 19.030736] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.031081] Read of size 1 at addr fff00000c7a00000 by task kunit_try_catch/229 [ 19.031131] [ 19.031173] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.031257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.031688] Hardware name: linux,dummy-virt (DT) [ 19.032199] Call trace: [ 19.032228] show_stack+0x20/0x38 (C) [ 19.032792] dump_stack_lvl+0x8c/0xd0 [ 19.032867] print_report+0x118/0x5d0 [ 19.033340] kasan_report+0xdc/0x128 [ 19.033418] __asan_report_load1_noabort+0x20/0x30 [ 19.033779] mempool_uaf_helper+0x314/0x340 [ 19.034300] mempool_kmalloc_large_uaf+0xc4/0x120 [ 19.034360] kunit_try_run_case+0x170/0x3f0 [ 19.034581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.035083] kthread+0x328/0x630 [ 19.035156] ret_from_fork+0x10/0x20 [ 19.035216] [ 19.035239] The buggy address belongs to the physical page: [ 19.035618] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a00 [ 19.035955] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.036177] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.036529] page_type: f8(unknown) [ 19.036604] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.036655] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.036704] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.037458] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.037751] head: 0bfffe0000000002 ffffc1ffc31e8001 00000000ffffffff 00000000ffffffff [ 19.037808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.038285] page dumped because: kasan: bad access detected [ 19.038337] [ 19.038378] Memory state around the buggy address: [ 19.038417] fff00000c79fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.038461] fff00000c79fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.039067] >fff00000c7a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.039177] ^ [ 19.039211] fff00000c7a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.039540] fff00000c7a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.039587] ================================================================== [ 19.081349] ================================================================== [ 19.081439] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.081809] Read of size 1 at addr fff00000c7a00000 by task kunit_try_catch/233 [ 19.081894] [ 19.082100] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.082233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.082264] Hardware name: linux,dummy-virt (DT) [ 19.082347] Call trace: [ 19.082375] show_stack+0x20/0x38 (C) [ 19.082534] dump_stack_lvl+0x8c/0xd0 [ 19.082603] print_report+0x118/0x5d0 [ 19.082729] kasan_report+0xdc/0x128 [ 19.082779] __asan_report_load1_noabort+0x20/0x30 [ 19.082829] mempool_uaf_helper+0x314/0x340 [ 19.083045] mempool_page_alloc_uaf+0xc0/0x118 [ 19.083095] kunit_try_run_case+0x170/0x3f0 [ 19.083148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.083202] kthread+0x328/0x630 [ 19.083244] ret_from_fork+0x10/0x20 [ 19.083549] [ 19.083756] The buggy address belongs to the physical page: [ 19.083920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a00 [ 19.083992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.084390] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.084557] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.084741] page dumped because: kasan: bad access detected [ 19.084811] [ 19.084988] Memory state around the buggy address: [ 19.085066] fff00000c79fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.085234] fff00000c79fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.085562] >fff00000c7a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.085727] ^ [ 19.085807] fff00000c7a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.085949] fff00000c7a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.086000] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.010875] ================================================================== [ 19.010973] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.011113] Read of size 1 at addr fff00000c78e9000 by task kunit_try_catch/227 [ 19.011202] [ 19.011619] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.011793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.011932] Hardware name: linux,dummy-virt (DT) [ 19.012033] Call trace: [ 19.012063] show_stack+0x20/0x38 (C) [ 19.012120] dump_stack_lvl+0x8c/0xd0 [ 19.012558] print_report+0x118/0x5d0 [ 19.012720] kasan_report+0xdc/0x128 [ 19.012791] __asan_report_load1_noabort+0x20/0x30 [ 19.012856] mempool_uaf_helper+0x314/0x340 [ 19.013348] mempool_kmalloc_uaf+0xc4/0x120 [ 19.013431] kunit_try_run_case+0x170/0x3f0 [ 19.013495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.013547] kthread+0x328/0x630 [ 19.013592] ret_from_fork+0x10/0x20 [ 19.013652] [ 19.013671] Allocated by task 227: [ 19.013715] kasan_save_stack+0x3c/0x68 [ 19.013769] kasan_save_track+0x20/0x40 [ 19.013807] kasan_save_alloc_info+0x40/0x58 [ 19.013868] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.014227] remove_element+0x130/0x1f8 [ 19.014323] mempool_alloc_preallocated+0x58/0xc0 [ 19.014413] mempool_uaf_helper+0xa4/0x340 [ 19.014494] mempool_kmalloc_uaf+0xc4/0x120 [ 19.014920] kunit_try_run_case+0x170/0x3f0 [ 19.015174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.015246] kthread+0x328/0x630 [ 19.015348] ret_from_fork+0x10/0x20 [ 19.015529] [ 19.015607] Freed by task 227: [ 19.016172] kasan_save_stack+0x3c/0x68 [ 19.016525] kasan_save_track+0x20/0x40 [ 19.016596] kasan_save_free_info+0x4c/0x78 [ 19.016678] __kasan_mempool_poison_object+0xc0/0x150 [ 19.016740] mempool_free+0x28c/0x328 [ 19.016885] mempool_uaf_helper+0x104/0x340 [ 19.017034] mempool_kmalloc_uaf+0xc4/0x120 [ 19.017085] kunit_try_run_case+0x170/0x3f0 [ 19.017169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.017384] kthread+0x328/0x630 [ 19.017577] ret_from_fork+0x10/0x20 [ 19.017714] [ 19.017738] The buggy address belongs to the object at fff00000c78e9000 [ 19.017738] which belongs to the cache kmalloc-128 of size 128 [ 19.018004] The buggy address is located 0 bytes inside of [ 19.018004] freed 128-byte region [fff00000c78e9000, fff00000c78e9080) [ 19.018178] [ 19.018233] The buggy address belongs to the physical page: [ 19.018281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 19.018610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.018687] page_type: f5(slab) [ 19.018902] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.019141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.019373] page dumped because: kasan: bad access detected [ 19.019459] [ 19.019610] Memory state around the buggy address: [ 19.019711] fff00000c78e8f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.019766] fff00000c78e8f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.019809] >fff00000c78e9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.020169] ^ [ 19.020250] fff00000c78e9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.020352] fff00000c78e9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.020431] ================================================================== [ 19.050771] ================================================================== [ 19.051035] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.051106] Read of size 1 at addr fff00000c78e5240 by task kunit_try_catch/231 [ 19.051521] [ 19.051607] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.051869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.051944] Hardware name: linux,dummy-virt (DT) [ 19.052084] Call trace: [ 19.052118] show_stack+0x20/0x38 (C) [ 19.052185] dump_stack_lvl+0x8c/0xd0 [ 19.052301] print_report+0x118/0x5d0 [ 19.052352] kasan_report+0xdc/0x128 [ 19.052397] __asan_report_load1_noabort+0x20/0x30 [ 19.052766] mempool_uaf_helper+0x314/0x340 [ 19.052830] mempool_slab_uaf+0xc0/0x118 [ 19.052918] kunit_try_run_case+0x170/0x3f0 [ 19.053000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.053071] kthread+0x328/0x630 [ 19.053145] ret_from_fork+0x10/0x20 [ 19.053255] [ 19.053542] Allocated by task 231: [ 19.053605] kasan_save_stack+0x3c/0x68 [ 19.053692] kasan_save_track+0x20/0x40 [ 19.053758] kasan_save_alloc_info+0x40/0x58 [ 19.053824] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.054115] remove_element+0x16c/0x1f8 [ 19.054253] mempool_alloc_preallocated+0x58/0xc0 [ 19.054330] mempool_uaf_helper+0xa4/0x340 [ 19.054396] mempool_slab_uaf+0xc0/0x118 [ 19.054519] kunit_try_run_case+0x170/0x3f0 [ 19.054680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.054807] kthread+0x328/0x630 [ 19.054915] ret_from_fork+0x10/0x20 [ 19.055259] [ 19.055339] Freed by task 231: [ 19.055392] kasan_save_stack+0x3c/0x68 [ 19.055458] kasan_save_track+0x20/0x40 [ 19.055630] kasan_save_free_info+0x4c/0x78 [ 19.055820] __kasan_mempool_poison_object+0xc0/0x150 [ 19.055901] mempool_free+0x28c/0x328 [ 19.055998] mempool_uaf_helper+0x104/0x340 [ 19.056039] mempool_slab_uaf+0xc0/0x118 [ 19.056723] kunit_try_run_case+0x170/0x3f0 [ 19.056818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.056879] kthread+0x328/0x630 [ 19.056912] ret_from_fork+0x10/0x20 [ 19.056950] [ 19.056993] The buggy address belongs to the object at fff00000c78e5240 [ 19.056993] which belongs to the cache test_cache of size 123 [ 19.057222] The buggy address is located 0 bytes inside of [ 19.057222] freed 123-byte region [fff00000c78e5240, fff00000c78e52bb) [ 19.057598] [ 19.057687] The buggy address belongs to the physical page: [ 19.057856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e5 [ 19.058009] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.058112] page_type: f5(slab) [ 19.058163] raw: 0bfffe0000000000 fff00000c78af3c0 dead000000000122 0000000000000000 [ 19.058368] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.058533] page dumped because: kasan: bad access detected [ 19.058625] [ 19.058929] Memory state around the buggy address: [ 19.059027] fff00000c78e5100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.059079] fff00000c78e5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.059125] >fff00000c78e5200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.059202] ^ [ 19.059249] fff00000c78e5280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.059473] fff00000c78e5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.059517] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.906478] ================================================================== [ 18.906571] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.906652] Read of size 1 at addr fff00000c3ea7c73 by task kunit_try_catch/221 [ 18.906702] [ 18.906747] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.906834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.906877] Hardware name: linux,dummy-virt (DT) [ 18.906911] Call trace: [ 18.906936] show_stack+0x20/0x38 (C) [ 18.906991] dump_stack_lvl+0x8c/0xd0 [ 18.907044] print_report+0x118/0x5d0 [ 18.907094] kasan_report+0xdc/0x128 [ 18.907140] __asan_report_load1_noabort+0x20/0x30 [ 18.907189] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.907237] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.907284] kunit_try_run_case+0x170/0x3f0 [ 18.907356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.907410] kthread+0x328/0x630 [ 18.907452] ret_from_fork+0x10/0x20 [ 18.907502] [ 18.907523] Allocated by task 221: [ 18.907552] kasan_save_stack+0x3c/0x68 [ 18.907596] kasan_save_track+0x20/0x40 [ 18.907634] kasan_save_alloc_info+0x40/0x58 [ 18.907674] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.907717] remove_element+0x130/0x1f8 [ 18.907756] mempool_alloc_preallocated+0x58/0xc0 [ 18.907795] mempool_oob_right_helper+0x98/0x2f0 [ 18.907835] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.907885] kunit_try_run_case+0x170/0x3f0 [ 18.907923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.907967] kthread+0x328/0x630 [ 18.907999] ret_from_fork+0x10/0x20 [ 18.908035] [ 18.908056] The buggy address belongs to the object at fff00000c3ea7c00 [ 18.908056] which belongs to the cache kmalloc-128 of size 128 [ 18.908116] The buggy address is located 0 bytes to the right of [ 18.908116] allocated 115-byte region [fff00000c3ea7c00, fff00000c3ea7c73) [ 18.908179] [ 18.908203] The buggy address belongs to the physical page: [ 18.908235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ea7 [ 18.908288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.908339] page_type: f5(slab) [ 18.908383] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.908434] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.908475] page dumped because: kasan: bad access detected [ 18.908505] [ 18.908525] Memory state around the buggy address: [ 18.908557] fff00000c3ea7b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.908601] fff00000c3ea7b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.908643] >fff00000c3ea7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.908681] ^ [ 18.908720] fff00000c3ea7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.908759] fff00000c3ea7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.908797] ================================================================== [ 18.971204] ================================================================== [ 18.971348] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.971894] Read of size 1 at addr fff00000c78e92bb by task kunit_try_catch/225 [ 18.972074] [ 18.972120] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.972205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.972232] Hardware name: linux,dummy-virt (DT) [ 18.972551] Call trace: [ 18.972861] show_stack+0x20/0x38 (C) [ 18.973173] dump_stack_lvl+0x8c/0xd0 [ 18.973481] print_report+0x118/0x5d0 [ 18.973647] kasan_report+0xdc/0x128 [ 18.973700] __asan_report_load1_noabort+0x20/0x30 [ 18.974030] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.974281] mempool_slab_oob_right+0xc0/0x118 [ 18.974335] kunit_try_run_case+0x170/0x3f0 [ 18.974389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.975042] kthread+0x328/0x630 [ 18.975103] ret_from_fork+0x10/0x20 [ 18.975489] [ 18.975513] Allocated by task 225: [ 18.975572] kasan_save_stack+0x3c/0x68 [ 18.975680] kasan_save_track+0x20/0x40 [ 18.975823] kasan_save_alloc_info+0x40/0x58 [ 18.975916] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.975960] remove_element+0x16c/0x1f8 [ 18.975997] mempool_alloc_preallocated+0x58/0xc0 [ 18.976319] mempool_oob_right_helper+0x98/0x2f0 [ 18.976369] mempool_slab_oob_right+0xc0/0x118 [ 18.976438] kunit_try_run_case+0x170/0x3f0 [ 18.976489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.976675] kthread+0x328/0x630 [ 18.976892] ret_from_fork+0x10/0x20 [ 18.976933] [ 18.977320] The buggy address belongs to the object at fff00000c78e9240 [ 18.977320] which belongs to the cache test_cache of size 123 [ 18.977425] The buggy address is located 0 bytes to the right of [ 18.977425] allocated 123-byte region [fff00000c78e9240, fff00000c78e92bb) [ 18.977840] [ 18.977935] The buggy address belongs to the physical page: [ 18.977982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e9 [ 18.978060] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.978414] page_type: f5(slab) [ 18.978479] raw: 0bfffe0000000000 fff00000c78af280 dead000000000122 0000000000000000 [ 18.978553] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.978873] page dumped because: kasan: bad access detected [ 18.978935] [ 18.979032] Memory state around the buggy address: [ 18.979100] fff00000c78e9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.979465] fff00000c78e9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.979549] >fff00000c78e9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.979839] ^ [ 18.980031] fff00000c78e9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.980180] fff00000c78e9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.980244] ================================================================== [ 18.937723] ================================================================== [ 18.937829] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.937940] Read of size 1 at addr fff00000c616e001 by task kunit_try_catch/223 [ 18.937991] [ 18.938033] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.938139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.938164] Hardware name: linux,dummy-virt (DT) [ 18.938197] Call trace: [ 18.938221] show_stack+0x20/0x38 (C) [ 18.938273] dump_stack_lvl+0x8c/0xd0 [ 18.938323] print_report+0x118/0x5d0 [ 18.938372] kasan_report+0xdc/0x128 [ 18.938416] __asan_report_load1_noabort+0x20/0x30 [ 18.938469] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.938515] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.938567] kunit_try_run_case+0x170/0x3f0 [ 18.938615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.938668] kthread+0x328/0x630 [ 18.938712] ret_from_fork+0x10/0x20 [ 18.938762] [ 18.938784] The buggy address belongs to the physical page: [ 18.938820] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10616c [ 18.938888] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.938937] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.938996] page_type: f8(unknown) [ 18.939041] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.939092] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.939142] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.939191] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.939243] head: 0bfffe0000000002 ffffc1ffc3185b01 00000000ffffffff 00000000ffffffff [ 18.939301] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.939346] page dumped because: kasan: bad access detected [ 18.939379] [ 18.939397] Memory state around the buggy address: [ 18.939433] fff00000c616df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.939479] fff00000c616df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.939524] >fff00000c616e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.939563] ^ [ 18.939591] fff00000c616e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.939632] fff00000c616e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.939671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.342554] ================================================================== [ 18.342669] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.342750] Read of size 1 at addr fff00000c19fbdc0 by task kunit_try_catch/215 [ 18.342801] [ 18.342859] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.342944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.342972] Hardware name: linux,dummy-virt (DT) [ 18.343005] Call trace: [ 18.343029] show_stack+0x20/0x38 (C) [ 18.343081] dump_stack_lvl+0x8c/0xd0 [ 18.343131] print_report+0x118/0x5d0 [ 18.343179] kasan_report+0xdc/0x128 [ 18.343223] __kasan_check_byte+0x54/0x70 [ 18.343270] kmem_cache_destroy+0x34/0x218 [ 18.343362] kmem_cache_double_destroy+0x174/0x300 [ 18.343409] kunit_try_run_case+0x170/0x3f0 [ 18.343458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.343510] kthread+0x328/0x630 [ 18.343552] ret_from_fork+0x10/0x20 [ 18.343601] [ 18.343621] Allocated by task 215: [ 18.343650] kasan_save_stack+0x3c/0x68 [ 18.343692] kasan_save_track+0x20/0x40 [ 18.343731] kasan_save_alloc_info+0x40/0x58 [ 18.343771] __kasan_slab_alloc+0xa8/0xb0 [ 18.343809] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.343860] __kmem_cache_create_args+0x178/0x280 [ 18.343901] kmem_cache_double_destroy+0xc0/0x300 [ 18.343940] kunit_try_run_case+0x170/0x3f0 [ 18.343978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.344021] kthread+0x328/0x630 [ 18.344052] ret_from_fork+0x10/0x20 [ 18.344089] [ 18.344108] Freed by task 215: [ 18.344135] kasan_save_stack+0x3c/0x68 [ 18.344172] kasan_save_track+0x20/0x40 [ 18.344209] kasan_save_free_info+0x4c/0x78 [ 18.344249] __kasan_slab_free+0x6c/0x98 [ 18.344287] kmem_cache_free+0x260/0x468 [ 18.344324] slab_kmem_cache_release+0x38/0x50 [ 18.344363] kmem_cache_release+0x1c/0x30 [ 18.344399] kobject_put+0x17c/0x420 [ 18.344436] sysfs_slab_release+0x1c/0x30 [ 18.344474] kmem_cache_destroy+0x118/0x218 [ 18.344512] kmem_cache_double_destroy+0x128/0x300 [ 18.344551] kunit_try_run_case+0x170/0x3f0 [ 18.344588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.344631] kthread+0x328/0x630 [ 18.344663] ret_from_fork+0x10/0x20 [ 18.344699] [ 18.344718] The buggy address belongs to the object at fff00000c19fbdc0 [ 18.344718] which belongs to the cache kmem_cache of size 208 [ 18.344775] The buggy address is located 0 bytes inside of [ 18.344775] freed 208-byte region [fff00000c19fbdc0, fff00000c19fbe90) [ 18.344834] [ 18.344864] The buggy address belongs to the physical page: [ 18.344899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1019fb [ 18.344954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.345005] page_type: f5(slab) [ 18.345046] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.345095] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.345136] page dumped because: kasan: bad access detected [ 18.345168] [ 18.345186] Memory state around the buggy address: [ 18.345219] fff00000c19fbc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.345261] fff00000c19fbd00: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 18.345303] >fff00000c19fbd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.345340] ^ [ 18.345374] fff00000c19fbe00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.345415] fff00000c19fbe80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.345454] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.259889] ================================================================== [ 18.260004] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.260087] Read of size 1 at addr fff00000c7993000 by task kunit_try_catch/213 [ 18.260141] [ 18.260185] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.260270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.260299] Hardware name: linux,dummy-virt (DT) [ 18.260331] Call trace: [ 18.260357] show_stack+0x20/0x38 (C) [ 18.260412] dump_stack_lvl+0x8c/0xd0 [ 18.260463] print_report+0x118/0x5d0 [ 18.260512] kasan_report+0xdc/0x128 [ 18.260559] __asan_report_load1_noabort+0x20/0x30 [ 18.260612] kmem_cache_rcu_uaf+0x388/0x468 [ 18.260659] kunit_try_run_case+0x170/0x3f0 [ 18.260709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.260762] kthread+0x328/0x630 [ 18.260806] ret_from_fork+0x10/0x20 [ 18.260869] [ 18.260888] Allocated by task 213: [ 18.260919] kasan_save_stack+0x3c/0x68 [ 18.260963] kasan_save_track+0x20/0x40 [ 18.261000] kasan_save_alloc_info+0x40/0x58 [ 18.261041] __kasan_slab_alloc+0xa8/0xb0 [ 18.261078] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.261120] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.261156] kunit_try_run_case+0x170/0x3f0 [ 18.261194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.261235] kthread+0x328/0x630 [ 18.261268] ret_from_fork+0x10/0x20 [ 18.261303] [ 18.261321] Freed by task 0: [ 18.261349] kasan_save_stack+0x3c/0x68 [ 18.261385] kasan_save_track+0x20/0x40 [ 18.261425] kasan_save_free_info+0x4c/0x78 [ 18.261464] __kasan_slab_free+0x6c/0x98 [ 18.261514] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.261555] rcu_core+0x9f4/0x1e20 [ 18.261593] rcu_core_si+0x18/0x30 [ 18.261626] handle_softirqs+0x374/0xb28 [ 18.261665] __do_softirq+0x1c/0x28 [ 18.261698] [ 18.261719] Last potentially related work creation: [ 18.261744] kasan_save_stack+0x3c/0x68 [ 18.261783] kasan_record_aux_stack+0xb4/0xc8 [ 18.261823] kmem_cache_free+0x120/0x468 [ 18.261868] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.261906] kunit_try_run_case+0x170/0x3f0 [ 18.261944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.261985] kthread+0x328/0x630 [ 18.262018] ret_from_fork+0x10/0x20 [ 18.262054] [ 18.262072] The buggy address belongs to the object at fff00000c7993000 [ 18.262072] which belongs to the cache test_cache of size 200 [ 18.262129] The buggy address is located 0 bytes inside of [ 18.262129] freed 200-byte region [fff00000c7993000, fff00000c79930c8) [ 18.262190] [ 18.262212] The buggy address belongs to the physical page: [ 18.262245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107993 [ 18.262300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.262354] page_type: f5(slab) [ 18.262398] raw: 0bfffe0000000000 fff00000c7990000 dead000000000122 0000000000000000 [ 18.262449] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.262491] page dumped because: kasan: bad access detected [ 18.262522] [ 18.262540] Memory state around the buggy address: [ 18.262573] fff00000c7992f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.262616] fff00000c7992f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.262659] >fff00000c7993000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.262699] ^ [ 18.262726] fff00000c7993080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.262768] fff00000c7993100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.262808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.924699] ================================================================== [ 17.924779] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.924863] Free of addr fff00000c78fa001 by task kunit_try_catch/211 [ 17.924906] [ 17.924943] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.925024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.925051] Hardware name: linux,dummy-virt (DT) [ 17.925081] Call trace: [ 17.925105] show_stack+0x20/0x38 (C) [ 17.925170] dump_stack_lvl+0x8c/0xd0 [ 17.925233] print_report+0x118/0x5d0 [ 17.925293] kasan_report_invalid_free+0xc0/0xe8 [ 17.925416] check_slab_allocation+0xfc/0x108 [ 17.925465] __kasan_slab_pre_free+0x2c/0x48 [ 17.925518] kmem_cache_free+0xf0/0x468 [ 17.925566] kmem_cache_invalid_free+0x184/0x3c8 [ 17.925622] kunit_try_run_case+0x170/0x3f0 [ 17.925669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.925734] kthread+0x328/0x630 [ 17.925812] ret_from_fork+0x10/0x20 [ 17.925874] [ 17.925892] Allocated by task 211: [ 17.925923] kasan_save_stack+0x3c/0x68 [ 17.925964] kasan_save_track+0x20/0x40 [ 17.926003] kasan_save_alloc_info+0x40/0x58 [ 17.926043] __kasan_slab_alloc+0xa8/0xb0 [ 17.926081] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.926130] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.926169] kunit_try_run_case+0x170/0x3f0 [ 17.926204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.926259] kthread+0x328/0x630 [ 17.926292] ret_from_fork+0x10/0x20 [ 17.926339] [ 17.926405] The buggy address belongs to the object at fff00000c78fa000 [ 17.926405] which belongs to the cache test_cache of size 200 [ 17.926470] The buggy address is located 1 bytes inside of [ 17.926470] 200-byte region [fff00000c78fa000, fff00000c78fa0c8) [ 17.926723] [ 17.926751] The buggy address belongs to the physical page: [ 17.926880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078fa [ 17.926936] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.926991] page_type: f5(slab) [ 17.927042] raw: 0bfffe0000000000 fff00000c4557dc0 dead000000000122 0000000000000000 [ 17.927273] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.927344] page dumped because: kasan: bad access detected [ 17.927376] [ 17.927395] Memory state around the buggy address: [ 17.927428] fff00000c78f9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927471] fff00000c78f9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927523] >fff00000c78fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.927561] ^ [ 17.927588] fff00000c78fa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.927642] fff00000c78fa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927695] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.626410] ================================================================== [ 17.626508] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.626580] Read of size 1 at addr fff00000c78840c8 by task kunit_try_catch/207 [ 17.626632] [ 17.626676] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.626760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.626788] Hardware name: linux,dummy-virt (DT) [ 17.626821] Call trace: [ 17.626861] show_stack+0x20/0x38 (C) [ 17.627101] dump_stack_lvl+0x8c/0xd0 [ 17.627152] print_report+0x118/0x5d0 [ 17.627557] kasan_report+0xdc/0x128 [ 17.627893] __asan_report_load1_noabort+0x20/0x30 [ 17.628161] kmem_cache_oob+0x344/0x430 [ 17.628878] kunit_try_run_case+0x170/0x3f0 [ 17.628965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.629043] kthread+0x328/0x630 [ 17.629255] ret_from_fork+0x10/0x20 [ 17.629537] [ 17.629583] Allocated by task 207: [ 17.629663] kasan_save_stack+0x3c/0x68 [ 17.630143] kasan_save_track+0x20/0x40 [ 17.630245] kasan_save_alloc_info+0x40/0x58 [ 17.630317] __kasan_slab_alloc+0xa8/0xb0 [ 17.630354] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.630642] kmem_cache_oob+0x12c/0x430 [ 17.630779] kunit_try_run_case+0x170/0x3f0 [ 17.630908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.631044] kthread+0x328/0x630 [ 17.631357] ret_from_fork+0x10/0x20 [ 17.631498] [ 17.631588] The buggy address belongs to the object at fff00000c7884000 [ 17.631588] which belongs to the cache test_cache of size 200 [ 17.631673] The buggy address is located 0 bytes to the right of [ 17.631673] allocated 200-byte region [fff00000c7884000, fff00000c78840c8) [ 17.631857] [ 17.632003] The buggy address belongs to the physical page: [ 17.632040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107884 [ 17.632106] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.632433] page_type: f5(slab) [ 17.632508] raw: 0bfffe0000000000 fff00000c4557b40 dead000000000122 0000000000000000 [ 17.632584] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.632656] page dumped because: kasan: bad access detected [ 17.633009] [ 17.633083] Memory state around the buggy address: [ 17.633181] fff00000c7883f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.633408] fff00000c7884000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.633467] >fff00000c7884080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.633657] ^ [ 17.633783] fff00000c7884100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.633963] fff00000c7884180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.634038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.586283] ================================================================== [ 17.586391] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.586646] Read of size 8 at addr fff00000c788db40 by task kunit_try_catch/200 [ 17.586704] [ 17.586765] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.586865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.586891] Hardware name: linux,dummy-virt (DT) [ 17.586923] Call trace: [ 17.586946] show_stack+0x20/0x38 (C) [ 17.586998] dump_stack_lvl+0x8c/0xd0 [ 17.587048] print_report+0x118/0x5d0 [ 17.587096] kasan_report+0xdc/0x128 [ 17.587141] __asan_report_load8_noabort+0x20/0x30 [ 17.587193] workqueue_uaf+0x480/0x4a8 [ 17.587238] kunit_try_run_case+0x170/0x3f0 [ 17.587287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.587806] kthread+0x328/0x630 [ 17.587870] ret_from_fork+0x10/0x20 [ 17.587921] [ 17.587939] Allocated by task 200: [ 17.587969] kasan_save_stack+0x3c/0x68 [ 17.588012] kasan_save_track+0x20/0x40 [ 17.588052] kasan_save_alloc_info+0x40/0x58 [ 17.588092] __kasan_kmalloc+0xd4/0xd8 [ 17.588129] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.588328] workqueue_uaf+0x13c/0x4a8 [ 17.588542] kunit_try_run_case+0x170/0x3f0 [ 17.588618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.588682] kthread+0x328/0x630 [ 17.588716] ret_from_fork+0x10/0x20 [ 17.589142] [ 17.589220] Freed by task 47: [ 17.589261] kasan_save_stack+0x3c/0x68 [ 17.589489] kasan_save_track+0x20/0x40 [ 17.589647] kasan_save_free_info+0x4c/0x78 [ 17.589807] __kasan_slab_free+0x6c/0x98 [ 17.589872] kfree+0x214/0x3c8 [ 17.590176] workqueue_uaf_work+0x18/0x30 [ 17.590333] process_one_work+0x530/0xf98 [ 17.590421] worker_thread+0x618/0xf38 [ 17.590458] kthread+0x328/0x630 [ 17.590637] ret_from_fork+0x10/0x20 [ 17.590817] [ 17.590911] Last potentially related work creation: [ 17.590969] kasan_save_stack+0x3c/0x68 [ 17.591045] kasan_record_aux_stack+0xb4/0xc8 [ 17.591425] __queue_work+0x65c/0x1008 [ 17.591565] queue_work_on+0xbc/0xf8 [ 17.591623] workqueue_uaf+0x210/0x4a8 [ 17.591805] kunit_try_run_case+0x170/0x3f0 [ 17.591866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.591908] kthread+0x328/0x630 [ 17.591949] ret_from_fork+0x10/0x20 [ 17.591984] [ 17.592005] The buggy address belongs to the object at fff00000c788db40 [ 17.592005] which belongs to the cache kmalloc-32 of size 32 [ 17.592066] The buggy address is located 0 bytes inside of [ 17.592066] freed 32-byte region [fff00000c788db40, fff00000c788db60) [ 17.592127] [ 17.592148] The buggy address belongs to the physical page: [ 17.592405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788d [ 17.592497] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.592620] page_type: f5(slab) [ 17.592720] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.592773] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.593118] page dumped because: kasan: bad access detected [ 17.593174] [ 17.593210] Memory state around the buggy address: [ 17.593263] fff00000c788da00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.593400] fff00000c788da80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.593483] >fff00000c788db00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.593775] ^ [ 17.593864] fff00000c788db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.593975] fff00000c788dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.594016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.562193] ================================================================== [ 17.562349] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.562420] Read of size 4 at addr fff00000c788d940 by task swapper/1/0 [ 17.562467] [ 17.562513] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.562597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.562624] Hardware name: linux,dummy-virt (DT) [ 17.562656] Call trace: [ 17.562680] show_stack+0x20/0x38 (C) [ 17.562730] dump_stack_lvl+0x8c/0xd0 [ 17.562781] print_report+0x118/0x5d0 [ 17.562827] kasan_report+0xdc/0x128 [ 17.562983] __asan_report_load4_noabort+0x20/0x30 [ 17.563069] rcu_uaf_reclaim+0x64/0x70 [ 17.563170] rcu_core+0x9f4/0x1e20 [ 17.563222] rcu_core_si+0x18/0x30 [ 17.563268] handle_softirqs+0x374/0xb28 [ 17.563331] __do_softirq+0x1c/0x28 [ 17.563453] ____do_softirq+0x18/0x30 [ 17.563550] call_on_irq_stack+0x24/0x30 [ 17.563871] do_softirq_own_stack+0x24/0x38 [ 17.564052] __irq_exit_rcu+0x1fc/0x318 [ 17.564104] irq_exit_rcu+0x1c/0x80 [ 17.564196] el1_interrupt+0x38/0x58 [ 17.564402] el1h_64_irq_handler+0x18/0x28 [ 17.564531] el1h_64_irq+0x6c/0x70 [ 17.564758] arch_local_irq_enable+0x4/0x8 (P) [ 17.564826] do_idle+0x384/0x4e8 [ 17.564889] cpu_startup_entry+0x64/0x80 [ 17.565161] secondary_start_kernel+0x288/0x340 [ 17.565338] __secondary_switched+0xc0/0xc8 [ 17.565436] [ 17.565574] Allocated by task 198: [ 17.565653] kasan_save_stack+0x3c/0x68 [ 17.565954] kasan_save_track+0x20/0x40 [ 17.566130] kasan_save_alloc_info+0x40/0x58 [ 17.566174] __kasan_kmalloc+0xd4/0xd8 [ 17.566465] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.566631] rcu_uaf+0xb0/0x2d8 [ 17.566680] kunit_try_run_case+0x170/0x3f0 [ 17.566779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.566828] kthread+0x328/0x630 [ 17.566898] ret_from_fork+0x10/0x20 [ 17.566936] [ 17.566966] Freed by task 0: [ 17.566995] kasan_save_stack+0x3c/0x68 [ 17.567035] kasan_save_track+0x20/0x40 [ 17.567083] kasan_save_free_info+0x4c/0x78 [ 17.567123] __kasan_slab_free+0x6c/0x98 [ 17.567162] kfree+0x214/0x3c8 [ 17.567194] rcu_uaf_reclaim+0x28/0x70 [ 17.567230] rcu_core+0x9f4/0x1e20 [ 17.567273] rcu_core_si+0x18/0x30 [ 17.567307] handle_softirqs+0x374/0xb28 [ 17.567585] __do_softirq+0x1c/0x28 [ 17.567762] [ 17.567858] Last potentially related work creation: [ 17.568018] kasan_save_stack+0x3c/0x68 [ 17.568163] kasan_record_aux_stack+0xb4/0xc8 [ 17.568274] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.568355] call_rcu+0x18/0x30 [ 17.568563] rcu_uaf+0x14c/0x2d8 [ 17.568598] kunit_try_run_case+0x170/0x3f0 [ 17.568748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.569002] kthread+0x328/0x630 [ 17.569117] ret_from_fork+0x10/0x20 [ 17.569296] [ 17.569364] The buggy address belongs to the object at fff00000c788d940 [ 17.569364] which belongs to the cache kmalloc-32 of size 32 [ 17.569555] The buggy address is located 0 bytes inside of [ 17.569555] freed 32-byte region [fff00000c788d940, fff00000c788d960) [ 17.569679] [ 17.569708] The buggy address belongs to the physical page: [ 17.569958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788d [ 17.570154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.570250] page_type: f5(slab) [ 17.570414] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.570574] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.570661] page dumped because: kasan: bad access detected [ 17.570735] [ 17.570754] Memory state around the buggy address: [ 17.570986] fff00000c788d800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.571121] fff00000c788d880: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.571291] >fff00000c788d900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.571483] ^ [ 17.571540] fff00000c788d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.571617] fff00000c788da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.571753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.293708] ================================================================== [ 17.294147] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.294238] Read of size 1 at addr fff00000c7892500 by task kunit_try_catch/196 [ 17.294470] [ 17.294523] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.294643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.294780] Hardware name: linux,dummy-virt (DT) [ 17.294889] Call trace: [ 17.294917] show_stack+0x20/0x38 (C) [ 17.295021] dump_stack_lvl+0x8c/0xd0 [ 17.295082] print_report+0x118/0x5d0 [ 17.295447] kasan_report+0xdc/0x128 [ 17.295647] __asan_report_load1_noabort+0x20/0x30 [ 17.295834] ksize_uaf+0x598/0x5f8 [ 17.295910] kunit_try_run_case+0x170/0x3f0 [ 17.296038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.296210] kthread+0x328/0x630 [ 17.296285] ret_from_fork+0x10/0x20 [ 17.296336] [ 17.296354] Allocated by task 196: [ 17.296593] kasan_save_stack+0x3c/0x68 [ 17.296927] kasan_save_track+0x20/0x40 [ 17.297123] kasan_save_alloc_info+0x40/0x58 [ 17.297180] __kasan_kmalloc+0xd4/0xd8 [ 17.297430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.297596] ksize_uaf+0xb8/0x5f8 [ 17.298110] kunit_try_run_case+0x170/0x3f0 [ 17.298168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.298867] kthread+0x328/0x630 [ 17.298983] ret_from_fork+0x10/0x20 [ 17.299111] [ 17.299132] Freed by task 196: [ 17.299408] kasan_save_stack+0x3c/0x68 [ 17.299487] kasan_save_track+0x20/0x40 [ 17.299806] kasan_save_free_info+0x4c/0x78 [ 17.299951] __kasan_slab_free+0x6c/0x98 [ 17.300073] kfree+0x214/0x3c8 [ 17.300247] ksize_uaf+0x11c/0x5f8 [ 17.300503] kunit_try_run_case+0x170/0x3f0 [ 17.300674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.300794] kthread+0x328/0x630 [ 17.300957] ret_from_fork+0x10/0x20 [ 17.301116] [ 17.301187] The buggy address belongs to the object at fff00000c7892500 [ 17.301187] which belongs to the cache kmalloc-128 of size 128 [ 17.301629] The buggy address is located 0 bytes inside of [ 17.301629] freed 128-byte region [fff00000c7892500, fff00000c7892580) [ 17.301738] [ 17.301916] The buggy address belongs to the physical page: [ 17.302404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.302563] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.302680] page_type: f5(slab) [ 17.302757] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.302925] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.302967] page dumped because: kasan: bad access detected [ 17.303194] [ 17.303234] Memory state around the buggy address: [ 17.303371] fff00000c7892400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.303615] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.303828] >fff00000c7892500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.303892] ^ [ 17.303929] fff00000c7892580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.303972] fff00000c7892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.304199] ================================================================== [ 17.286061] ================================================================== [ 17.286169] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.286578] Read of size 1 at addr fff00000c7892500 by task kunit_try_catch/196 [ 17.286631] [ 17.286697] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.286787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.286832] Hardware name: linux,dummy-virt (DT) [ 17.287184] Call trace: [ 17.287217] show_stack+0x20/0x38 (C) [ 17.287453] dump_stack_lvl+0x8c/0xd0 [ 17.287688] print_report+0x118/0x5d0 [ 17.288103] kasan_report+0xdc/0x128 [ 17.288700] __kasan_check_byte+0x54/0x70 [ 17.288786] ksize+0x30/0x88 [ 17.288853] ksize_uaf+0x168/0x5f8 [ 17.288897] kunit_try_run_case+0x170/0x3f0 [ 17.288990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.289045] kthread+0x328/0x630 [ 17.289091] ret_from_fork+0x10/0x20 [ 17.289162] [ 17.289181] Allocated by task 196: [ 17.289230] kasan_save_stack+0x3c/0x68 [ 17.289290] kasan_save_track+0x20/0x40 [ 17.289338] kasan_save_alloc_info+0x40/0x58 [ 17.289378] __kasan_kmalloc+0xd4/0xd8 [ 17.289422] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.289463] ksize_uaf+0xb8/0x5f8 [ 17.289528] kunit_try_run_case+0x170/0x3f0 [ 17.289580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.289633] kthread+0x328/0x630 [ 17.289665] ret_from_fork+0x10/0x20 [ 17.289702] [ 17.289736] Freed by task 196: [ 17.289771] kasan_save_stack+0x3c/0x68 [ 17.289809] kasan_save_track+0x20/0x40 [ 17.289874] kasan_save_free_info+0x4c/0x78 [ 17.289915] __kasan_slab_free+0x6c/0x98 [ 17.289951] kfree+0x214/0x3c8 [ 17.289995] ksize_uaf+0x11c/0x5f8 [ 17.290029] kunit_try_run_case+0x170/0x3f0 [ 17.290077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.290122] kthread+0x328/0x630 [ 17.290154] ret_from_fork+0x10/0x20 [ 17.290192] [ 17.290213] The buggy address belongs to the object at fff00000c7892500 [ 17.290213] which belongs to the cache kmalloc-128 of size 128 [ 17.290271] The buggy address is located 0 bytes inside of [ 17.290271] freed 128-byte region [fff00000c7892500, fff00000c7892580) [ 17.290343] [ 17.290365] The buggy address belongs to the physical page: [ 17.290408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.290472] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.290530] page_type: f5(slab) [ 17.290594] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.290645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.290688] page dumped because: kasan: bad access detected [ 17.290731] [ 17.290748] Memory state around the buggy address: [ 17.290790] fff00000c7892400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.291070] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.291877] >fff00000c7892500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.291997] ^ [ 17.292221] fff00000c7892580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.292271] fff00000c7892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.292310] ================================================================== [ 17.306608] ================================================================== [ 17.306687] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.306768] Read of size 1 at addr fff00000c7892578 by task kunit_try_catch/196 [ 17.306820] [ 17.306993] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.307123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.307169] Hardware name: linux,dummy-virt (DT) [ 17.307534] Call trace: [ 17.307803] show_stack+0x20/0x38 (C) [ 17.307906] dump_stack_lvl+0x8c/0xd0 [ 17.307967] print_report+0x118/0x5d0 [ 17.308018] kasan_report+0xdc/0x128 [ 17.308380] __asan_report_load1_noabort+0x20/0x30 [ 17.308892] ksize_uaf+0x544/0x5f8 [ 17.309032] kunit_try_run_case+0x170/0x3f0 [ 17.309129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.309263] kthread+0x328/0x630 [ 17.309400] ret_from_fork+0x10/0x20 [ 17.309513] [ 17.309535] Allocated by task 196: [ 17.309749] kasan_save_stack+0x3c/0x68 [ 17.310165] kasan_save_track+0x20/0x40 [ 17.310431] kasan_save_alloc_info+0x40/0x58 [ 17.310761] __kasan_kmalloc+0xd4/0xd8 [ 17.310815] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.311206] ksize_uaf+0xb8/0x5f8 [ 17.311750] kunit_try_run_case+0x170/0x3f0 [ 17.311806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.311861] kthread+0x328/0x630 [ 17.311897] ret_from_fork+0x10/0x20 [ 17.312199] [ 17.312327] Freed by task 196: [ 17.312368] kasan_save_stack+0x3c/0x68 [ 17.312595] kasan_save_track+0x20/0x40 [ 17.312828] kasan_save_free_info+0x4c/0x78 [ 17.312894] __kasan_slab_free+0x6c/0x98 [ 17.312931] kfree+0x214/0x3c8 [ 17.312967] ksize_uaf+0x11c/0x5f8 [ 17.313029] kunit_try_run_case+0x170/0x3f0 [ 17.313068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.313112] kthread+0x328/0x630 [ 17.313168] ret_from_fork+0x10/0x20 [ 17.313220] [ 17.313243] The buggy address belongs to the object at fff00000c7892500 [ 17.313243] which belongs to the cache kmalloc-128 of size 128 [ 17.313313] The buggy address is located 120 bytes inside of [ 17.313313] freed 128-byte region [fff00000c7892500, fff00000c7892580) [ 17.313384] [ 17.313407] The buggy address belongs to the physical page: [ 17.313440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.313513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.313566] page_type: f5(slab) [ 17.313617] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.313669] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.313711] page dumped because: kasan: bad access detected [ 17.313744] [ 17.313764] Memory state around the buggy address: [ 17.313816] fff00000c7892400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.313871] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.313925] >fff00000c7892500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.313961] ^ [ 17.314009] fff00000c7892580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.314050] fff00000c7892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.314098] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.263162] ================================================================== [ 17.263392] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.264002] Read of size 1 at addr fff00000c789247f by task kunit_try_catch/194 [ 17.264117] [ 17.264275] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.264429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.264507] Hardware name: linux,dummy-virt (DT) [ 17.264583] Call trace: [ 17.264606] show_stack+0x20/0x38 (C) [ 17.264860] dump_stack_lvl+0x8c/0xd0 [ 17.265320] print_report+0x118/0x5d0 [ 17.265454] kasan_report+0xdc/0x128 [ 17.265598] __asan_report_load1_noabort+0x20/0x30 [ 17.265654] ksize_unpoisons_memory+0x690/0x740 [ 17.265715] kunit_try_run_case+0x170/0x3f0 [ 17.266129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.266211] kthread+0x328/0x630 [ 17.266329] ret_from_fork+0x10/0x20 [ 17.266407] [ 17.266426] Allocated by task 194: [ 17.266497] kasan_save_stack+0x3c/0x68 [ 17.266540] kasan_save_track+0x20/0x40 [ 17.266577] kasan_save_alloc_info+0x40/0x58 [ 17.266618] __kasan_kmalloc+0xd4/0xd8 [ 17.266656] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.266703] ksize_unpoisons_memory+0xc0/0x740 [ 17.266760] kunit_try_run_case+0x170/0x3f0 [ 17.266807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.266876] kthread+0x328/0x630 [ 17.266909] ret_from_fork+0x10/0x20 [ 17.266953] [ 17.266973] The buggy address belongs to the object at fff00000c7892400 [ 17.266973] which belongs to the cache kmalloc-128 of size 128 [ 17.267031] The buggy address is located 12 bytes to the right of [ 17.267031] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.267106] [ 17.267130] The buggy address belongs to the physical page: [ 17.267188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.267262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.267344] page_type: f5(slab) [ 17.267588] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.267647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.267688] page dumped because: kasan: bad access detected [ 17.267720] [ 17.267738] Memory state around the buggy address: [ 17.268161] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.268711] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.268781] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.268988] ^ [ 17.269076] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269291] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269391] ================================================================== [ 17.252968] ================================================================== [ 17.253562] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.253746] Read of size 1 at addr fff00000c7892478 by task kunit_try_catch/194 [ 17.253818] [ 17.254024] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.254271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.254352] Hardware name: linux,dummy-virt (DT) [ 17.254388] Call trace: [ 17.254410] show_stack+0x20/0x38 (C) [ 17.254463] dump_stack_lvl+0x8c/0xd0 [ 17.254814] print_report+0x118/0x5d0 [ 17.254893] kasan_report+0xdc/0x128 [ 17.255134] __asan_report_load1_noabort+0x20/0x30 [ 17.255232] ksize_unpoisons_memory+0x618/0x740 [ 17.255731] kunit_try_run_case+0x170/0x3f0 [ 17.255891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.256007] kthread+0x328/0x630 [ 17.256119] ret_from_fork+0x10/0x20 [ 17.256216] [ 17.256234] Allocated by task 194: [ 17.256591] kasan_save_stack+0x3c/0x68 [ 17.257016] kasan_save_track+0x20/0x40 [ 17.257111] kasan_save_alloc_info+0x40/0x58 [ 17.257156] __kasan_kmalloc+0xd4/0xd8 [ 17.257398] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.257669] ksize_unpoisons_memory+0xc0/0x740 [ 17.257830] kunit_try_run_case+0x170/0x3f0 [ 17.258012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.258312] kthread+0x328/0x630 [ 17.258561] ret_from_fork+0x10/0x20 [ 17.258688] [ 17.258778] The buggy address belongs to the object at fff00000c7892400 [ 17.258778] which belongs to the cache kmalloc-128 of size 128 [ 17.258978] The buggy address is located 5 bytes to the right of [ 17.258978] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.259335] [ 17.259444] The buggy address belongs to the physical page: [ 17.259571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.259710] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.259826] page_type: f5(slab) [ 17.260038] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.260098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.260321] page dumped because: kasan: bad access detected [ 17.260621] [ 17.260711] Memory state around the buggy address: [ 17.260813] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.260943] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261062] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.261128] ^ [ 17.261172] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261548] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261609] ================================================================== [ 17.244514] ================================================================== [ 17.244915] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.245101] Read of size 1 at addr fff00000c7892473 by task kunit_try_catch/194 [ 17.245168] [ 17.245397] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.245617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.245755] Hardware name: linux,dummy-virt (DT) [ 17.245873] Call trace: [ 17.245933] show_stack+0x20/0x38 (C) [ 17.246052] dump_stack_lvl+0x8c/0xd0 [ 17.246538] print_report+0x118/0x5d0 [ 17.246725] kasan_report+0xdc/0x128 [ 17.246822] __asan_report_load1_noabort+0x20/0x30 [ 17.246969] ksize_unpoisons_memory+0x628/0x740 [ 17.247242] kunit_try_run_case+0x170/0x3f0 [ 17.247932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248357] kthread+0x328/0x630 [ 17.248425] ret_from_fork+0x10/0x20 [ 17.248477] [ 17.248497] Allocated by task 194: [ 17.248536] kasan_save_stack+0x3c/0x68 [ 17.248591] kasan_save_track+0x20/0x40 [ 17.248656] kasan_save_alloc_info+0x40/0x58 [ 17.248706] __kasan_kmalloc+0xd4/0xd8 [ 17.248752] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.248794] ksize_unpoisons_memory+0xc0/0x740 [ 17.248832] kunit_try_run_case+0x170/0x3f0 [ 17.248880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248924] kthread+0x328/0x630 [ 17.248955] ret_from_fork+0x10/0x20 [ 17.248992] [ 17.249011] The buggy address belongs to the object at fff00000c7892400 [ 17.249011] which belongs to the cache kmalloc-128 of size 128 [ 17.249110] The buggy address is located 0 bytes to the right of [ 17.249110] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.249176] [ 17.249205] The buggy address belongs to the physical page: [ 17.249238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.249312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.249380] page_type: f5(slab) [ 17.249422] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.249490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.249540] page dumped because: kasan: bad access detected [ 17.249571] [ 17.249589] Memory state around the buggy address: [ 17.249626] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.249686] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.249729] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.249767] ^ [ 17.249816] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250321] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250568] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.214390] ================================================================== [ 17.214501] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.214820] Free of addr fff00000c5acc120 by task kunit_try_catch/192 [ 17.214937] [ 17.214984] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.215069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.215098] Hardware name: linux,dummy-virt (DT) [ 17.215129] Call trace: [ 17.215153] show_stack+0x20/0x38 (C) [ 17.215231] dump_stack_lvl+0x8c/0xd0 [ 17.215287] print_report+0x118/0x5d0 [ 17.215567] kasan_report_invalid_free+0xc0/0xe8 [ 17.215646] check_slab_allocation+0xd4/0x108 [ 17.215994] __kasan_slab_pre_free+0x2c/0x48 [ 17.216183] kfree+0xe8/0x3c8 [ 17.216303] kfree_sensitive+0x3c/0xb0 [ 17.216518] kmalloc_double_kzfree+0x168/0x308 [ 17.217016] kunit_try_run_case+0x170/0x3f0 [ 17.217108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.217233] kthread+0x328/0x630 [ 17.217411] ret_from_fork+0x10/0x20 [ 17.217522] [ 17.218056] Allocated by task 192: [ 17.218151] kasan_save_stack+0x3c/0x68 [ 17.218334] kasan_save_track+0x20/0x40 [ 17.218375] kasan_save_alloc_info+0x40/0x58 [ 17.218818] __kasan_kmalloc+0xd4/0xd8 [ 17.219059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.219582] kmalloc_double_kzfree+0xb8/0x308 [ 17.219715] kunit_try_run_case+0x170/0x3f0 [ 17.219898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.219944] kthread+0x328/0x630 [ 17.219979] ret_from_fork+0x10/0x20 [ 17.220208] [ 17.220493] Freed by task 192: [ 17.220606] kasan_save_stack+0x3c/0x68 [ 17.220735] kasan_save_track+0x20/0x40 [ 17.221392] kasan_save_free_info+0x4c/0x78 [ 17.221460] __kasan_slab_free+0x6c/0x98 [ 17.221577] kfree+0x214/0x3c8 [ 17.221766] kfree_sensitive+0x80/0xb0 [ 17.221906] kmalloc_double_kzfree+0x11c/0x308 [ 17.222030] kunit_try_run_case+0x170/0x3f0 [ 17.222343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.222570] kthread+0x328/0x630 [ 17.222646] ret_from_fork+0x10/0x20 [ 17.222838] [ 17.222958] The buggy address belongs to the object at fff00000c5acc120 [ 17.222958] which belongs to the cache kmalloc-16 of size 16 [ 17.223102] The buggy address is located 0 bytes inside of [ 17.223102] 16-byte region [fff00000c5acc120, fff00000c5acc130) [ 17.223213] [ 17.223258] The buggy address belongs to the physical page: [ 17.223291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 17.223796] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.224153] page_type: f5(slab) [ 17.224373] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.224471] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.224633] page dumped because: kasan: bad access detected [ 17.224667] [ 17.224725] Memory state around the buggy address: [ 17.224768] fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 17.224811] fff00000c5acc080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.225114] >fff00000c5acc100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.225168] ^ [ 17.225250] fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.225331] fff00000c5acc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.225382] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.202987] ================================================================== [ 17.203202] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.203298] Read of size 1 at addr fff00000c5acc120 by task kunit_try_catch/192 [ 17.203350] [ 17.203393] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.203480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.203524] Hardware name: linux,dummy-virt (DT) [ 17.203557] Call trace: [ 17.203581] show_stack+0x20/0x38 (C) [ 17.203633] dump_stack_lvl+0x8c/0xd0 [ 17.203685] print_report+0x118/0x5d0 [ 17.203732] kasan_report+0xdc/0x128 [ 17.203779] __kasan_check_byte+0x54/0x70 [ 17.203827] kfree_sensitive+0x30/0xb0 [ 17.204185] kmalloc_double_kzfree+0x168/0x308 [ 17.204415] kunit_try_run_case+0x170/0x3f0 [ 17.204513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.204802] kthread+0x328/0x630 [ 17.204989] ret_from_fork+0x10/0x20 [ 17.205405] [ 17.205489] Allocated by task 192: [ 17.205589] kasan_save_stack+0x3c/0x68 [ 17.205705] kasan_save_track+0x20/0x40 [ 17.205932] kasan_save_alloc_info+0x40/0x58 [ 17.206371] __kasan_kmalloc+0xd4/0xd8 [ 17.206590] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.206712] kmalloc_double_kzfree+0xb8/0x308 [ 17.206899] kunit_try_run_case+0x170/0x3f0 [ 17.207167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.207261] kthread+0x328/0x630 [ 17.207565] ret_from_fork+0x10/0x20 [ 17.207706] [ 17.207763] Freed by task 192: [ 17.207915] kasan_save_stack+0x3c/0x68 [ 17.207960] kasan_save_track+0x20/0x40 [ 17.208013] kasan_save_free_info+0x4c/0x78 [ 17.208342] __kasan_slab_free+0x6c/0x98 [ 17.208474] kfree+0x214/0x3c8 [ 17.208582] kfree_sensitive+0x80/0xb0 [ 17.208765] kmalloc_double_kzfree+0x11c/0x308 [ 17.208938] kunit_try_run_case+0x170/0x3f0 [ 17.209033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.209135] kthread+0x328/0x630 [ 17.209534] ret_from_fork+0x10/0x20 [ 17.209618] [ 17.209717] The buggy address belongs to the object at fff00000c5acc120 [ 17.209717] which belongs to the cache kmalloc-16 of size 16 [ 17.209830] The buggy address is located 0 bytes inside of [ 17.209830] freed 16-byte region [fff00000c5acc120, fff00000c5acc130) [ 17.209979] [ 17.210003] The buggy address belongs to the physical page: [ 17.210198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 17.210532] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.210630] page_type: f5(slab) [ 17.210751] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.210916] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.210958] page dumped because: kasan: bad access detected [ 17.211252] [ 17.211363] Memory state around the buggy address: [ 17.211502] fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 17.211661] fff00000c5acc080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.211732] >fff00000c5acc100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.211949] ^ [ 17.212196] fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212508] fff00000c5acc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.173692] ================================================================== [ 17.173786] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.174112] Read of size 1 at addr fff00000c7894fa8 by task kunit_try_catch/188 [ 17.174185] [ 17.174231] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.174484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.174607] Hardware name: linux,dummy-virt (DT) [ 17.174663] Call trace: [ 17.174745] show_stack+0x20/0x38 (C) [ 17.174806] dump_stack_lvl+0x8c/0xd0 [ 17.175101] print_report+0x118/0x5d0 [ 17.175173] kasan_report+0xdc/0x128 [ 17.175265] __asan_report_load1_noabort+0x20/0x30 [ 17.175367] kmalloc_uaf2+0x3f4/0x468 [ 17.175536] kunit_try_run_case+0x170/0x3f0 [ 17.175602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.175659] kthread+0x328/0x630 [ 17.175939] ret_from_fork+0x10/0x20 [ 17.176167] [ 17.176249] Allocated by task 188: [ 17.176309] kasan_save_stack+0x3c/0x68 [ 17.176407] kasan_save_track+0x20/0x40 [ 17.176525] kasan_save_alloc_info+0x40/0x58 [ 17.176631] __kasan_kmalloc+0xd4/0xd8 [ 17.176734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.176973] kmalloc_uaf2+0xc4/0x468 [ 17.177160] kunit_try_run_case+0x170/0x3f0 [ 17.177291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.177388] kthread+0x328/0x630 [ 17.177514] ret_from_fork+0x10/0x20 [ 17.177593] [ 17.177658] Freed by task 188: [ 17.177747] kasan_save_stack+0x3c/0x68 [ 17.177789] kasan_save_track+0x20/0x40 [ 17.178076] kasan_save_free_info+0x4c/0x78 [ 17.178244] __kasan_slab_free+0x6c/0x98 [ 17.178466] kfree+0x214/0x3c8 [ 17.178590] kmalloc_uaf2+0x134/0x468 [ 17.178678] kunit_try_run_case+0x170/0x3f0 [ 17.178770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.179012] kthread+0x328/0x630 [ 17.179170] ret_from_fork+0x10/0x20 [ 17.179289] [ 17.179358] The buggy address belongs to the object at fff00000c7894f80 [ 17.179358] which belongs to the cache kmalloc-64 of size 64 [ 17.179434] The buggy address is located 40 bytes inside of [ 17.179434] freed 64-byte region [fff00000c7894f80, fff00000c7894fc0) [ 17.179652] [ 17.179693] The buggy address belongs to the physical page: [ 17.179916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 17.180124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.180188] page_type: f5(slab) [ 17.180334] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.180524] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 17.180600] page dumped because: kasan: bad access detected [ 17.180632] [ 17.180651] Memory state around the buggy address: [ 17.180683] fff00000c7894e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.180747] fff00000c7894f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.180800] >fff00000c7894f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.180862] ^ [ 17.180896] fff00000c7895000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180938] fff00000c7895080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180987] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.150837] ================================================================== [ 17.151906] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.152097] Write of size 33 at addr fff00000c7894e80 by task kunit_try_catch/186 [ 17.152219] [ 17.152362] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.152474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.152502] Hardware name: linux,dummy-virt (DT) [ 17.152535] Call trace: [ 17.152558] show_stack+0x20/0x38 (C) [ 17.152878] dump_stack_lvl+0x8c/0xd0 [ 17.152993] print_report+0x118/0x5d0 [ 17.153151] kasan_report+0xdc/0x128 [ 17.153260] kasan_check_range+0x100/0x1a8 [ 17.153432] __asan_memset+0x34/0x78 [ 17.153634] kmalloc_uaf_memset+0x170/0x310 [ 17.153706] kunit_try_run_case+0x170/0x3f0 [ 17.154019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.154192] kthread+0x328/0x630 [ 17.154371] ret_from_fork+0x10/0x20 [ 17.154530] [ 17.154673] Allocated by task 186: [ 17.154709] kasan_save_stack+0x3c/0x68 [ 17.155018] kasan_save_track+0x20/0x40 [ 17.155189] kasan_save_alloc_info+0x40/0x58 [ 17.155277] __kasan_kmalloc+0xd4/0xd8 [ 17.155442] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.155528] kmalloc_uaf_memset+0xb8/0x310 [ 17.155703] kunit_try_run_case+0x170/0x3f0 [ 17.155741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.155785] kthread+0x328/0x630 [ 17.156230] ret_from_fork+0x10/0x20 [ 17.156319] [ 17.156367] Freed by task 186: [ 17.156688] kasan_save_stack+0x3c/0x68 [ 17.156746] kasan_save_track+0x20/0x40 [ 17.157147] kasan_save_free_info+0x4c/0x78 [ 17.157456] __kasan_slab_free+0x6c/0x98 [ 17.157639] kfree+0x214/0x3c8 [ 17.157899] kmalloc_uaf_memset+0x11c/0x310 [ 17.158011] kunit_try_run_case+0x170/0x3f0 [ 17.158519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.158658] kthread+0x328/0x630 [ 17.158730] ret_from_fork+0x10/0x20 [ 17.158918] [ 17.159007] The buggy address belongs to the object at fff00000c7894e80 [ 17.159007] which belongs to the cache kmalloc-64 of size 64 [ 17.159107] The buggy address is located 0 bytes inside of [ 17.159107] freed 64-byte region [fff00000c7894e80, fff00000c7894ec0) [ 17.159487] [ 17.159613] The buggy address belongs to the physical page: [ 17.159753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 17.159896] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.160010] page_type: f5(slab) [ 17.160098] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.160150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.160192] page dumped because: kasan: bad access detected [ 17.160382] [ 17.160660] Memory state around the buggy address: [ 17.160706] fff00000c7894d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.160914] fff00000c7894e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.161013] >fff00000c7894e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.161263] ^ [ 17.161387] fff00000c7894f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161519] fff00000c7894f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.137127] ================================================================== [ 17.137241] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.137360] Read of size 1 at addr fff00000c5acc108 by task kunit_try_catch/184 [ 17.137409] [ 17.137449] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.137544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.137570] Hardware name: linux,dummy-virt (DT) [ 17.137603] Call trace: [ 17.137626] show_stack+0x20/0x38 (C) [ 17.137677] dump_stack_lvl+0x8c/0xd0 [ 17.138034] print_report+0x118/0x5d0 [ 17.138144] kasan_report+0xdc/0x128 [ 17.138272] __asan_report_load1_noabort+0x20/0x30 [ 17.138326] kmalloc_uaf+0x300/0x338 [ 17.138534] kunit_try_run_case+0x170/0x3f0 [ 17.138642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.138753] kthread+0x328/0x630 [ 17.138806] ret_from_fork+0x10/0x20 [ 17.138862] [ 17.138882] Allocated by task 184: [ 17.138955] kasan_save_stack+0x3c/0x68 [ 17.139001] kasan_save_track+0x20/0x40 [ 17.139058] kasan_save_alloc_info+0x40/0x58 [ 17.139190] __kasan_kmalloc+0xd4/0xd8 [ 17.139258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.139328] kmalloc_uaf+0xb8/0x338 [ 17.139468] kunit_try_run_case+0x170/0x3f0 [ 17.139506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.139744] kthread+0x328/0x630 [ 17.139934] ret_from_fork+0x10/0x20 [ 17.140148] [ 17.140322] Freed by task 184: [ 17.140419] kasan_save_stack+0x3c/0x68 [ 17.140563] kasan_save_track+0x20/0x40 [ 17.140717] kasan_save_free_info+0x4c/0x78 [ 17.140779] __kasan_slab_free+0x6c/0x98 [ 17.140837] kfree+0x214/0x3c8 [ 17.141043] kmalloc_uaf+0x11c/0x338 [ 17.141278] kunit_try_run_case+0x170/0x3f0 [ 17.141441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.141617] kthread+0x328/0x630 [ 17.141688] ret_from_fork+0x10/0x20 [ 17.141734] [ 17.141761] The buggy address belongs to the object at fff00000c5acc100 [ 17.141761] which belongs to the cache kmalloc-16 of size 16 [ 17.142111] The buggy address is located 8 bytes inside of [ 17.142111] freed 16-byte region [fff00000c5acc100, fff00000c5acc110) [ 17.142214] [ 17.142513] The buggy address belongs to the physical page: [ 17.142604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 17.142715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.142825] page_type: f5(slab) [ 17.142981] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.143075] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.143227] page dumped because: kasan: bad access detected [ 17.143272] [ 17.143291] Memory state around the buggy address: [ 17.143332] fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 17.143552] fff00000c5acc080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.143901] >fff00000c5acc100: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144061] ^ [ 17.144131] fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144250] fff00000c5acc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.122371] ================================================================== [ 17.122484] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.122567] Read of size 64 at addr fff00000c6c74604 by task kunit_try_catch/182 [ 17.122618] [ 17.122665] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.122752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.122779] Hardware name: linux,dummy-virt (DT) [ 17.122812] Call trace: [ 17.122838] show_stack+0x20/0x38 (C) [ 17.122909] dump_stack_lvl+0x8c/0xd0 [ 17.122961] print_report+0x118/0x5d0 [ 17.123008] kasan_report+0xdc/0x128 [ 17.123052] kasan_check_range+0x100/0x1a8 [ 17.123099] __asan_memmove+0x3c/0x98 [ 17.123142] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.123189] kunit_try_run_case+0x170/0x3f0 [ 17.123237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.123289] kthread+0x328/0x630 [ 17.123354] ret_from_fork+0x10/0x20 [ 17.123406] [ 17.123424] Allocated by task 182: [ 17.123484] kasan_save_stack+0x3c/0x68 [ 17.123529] kasan_save_track+0x20/0x40 [ 17.123566] kasan_save_alloc_info+0x40/0x58 [ 17.123606] __kasan_kmalloc+0xd4/0xd8 [ 17.123641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.123682] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 17.123723] kunit_try_run_case+0x170/0x3f0 [ 17.123761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.123804] kthread+0x328/0x630 [ 17.123835] ret_from_fork+0x10/0x20 [ 17.123882] [ 17.123902] The buggy address belongs to the object at fff00000c6c74600 [ 17.123902] which belongs to the cache kmalloc-64 of size 64 [ 17.123961] The buggy address is located 4 bytes inside of [ 17.123961] allocated 64-byte region [fff00000c6c74600, fff00000c6c74640) [ 17.124021] [ 17.124044] The buggy address belongs to the physical page: [ 17.124079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106c74 [ 17.124135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.124188] page_type: f5(slab) [ 17.124232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.124283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.124325] page dumped because: kasan: bad access detected [ 17.124357] [ 17.124375] Memory state around the buggy address: [ 17.124409] fff00000c6c74500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.124452] fff00000c6c74580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.124494] >fff00000c6c74600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.124532] ^ [ 17.124564] fff00000c6c74680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.124605] fff00000c6c74700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.124643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.092438] ================================================================== [ 17.092714] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.093109] Read of size 18446744073709551614 at addr fff00000c7894a04 by task kunit_try_catch/180 [ 17.093500] [ 17.093716] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.094414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.094607] Hardware name: linux,dummy-virt (DT) [ 17.094803] Call trace: [ 17.094831] show_stack+0x20/0x38 (C) [ 17.094902] dump_stack_lvl+0x8c/0xd0 [ 17.094953] print_report+0x118/0x5d0 [ 17.095202] kasan_report+0xdc/0x128 [ 17.095281] kasan_check_range+0x100/0x1a8 [ 17.095860] __asan_memmove+0x3c/0x98 [ 17.095976] kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.096338] kunit_try_run_case+0x170/0x3f0 [ 17.096391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.097018] kthread+0x328/0x630 [ 17.097078] ret_from_fork+0x10/0x20 [ 17.097272] [ 17.097292] Allocated by task 180: [ 17.097323] kasan_save_stack+0x3c/0x68 [ 17.097368] kasan_save_track+0x20/0x40 [ 17.097405] kasan_save_alloc_info+0x40/0x58 [ 17.097918] __kasan_kmalloc+0xd4/0xd8 [ 17.098147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.099140] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 17.099829] kunit_try_run_case+0x170/0x3f0 [ 17.100175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.100542] kthread+0x328/0x630 [ 17.100586] ret_from_fork+0x10/0x20 [ 17.100672] [ 17.100697] The buggy address belongs to the object at fff00000c7894a00 [ 17.100697] which belongs to the cache kmalloc-64 of size 64 [ 17.100786] The buggy address is located 4 bytes inside of [ 17.100786] 64-byte region [fff00000c7894a00, fff00000c7894a40) [ 17.100857] [ 17.101399] The buggy address belongs to the physical page: [ 17.101486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 17.101739] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.102072] page_type: f5(slab) [ 17.102441] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.102627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.102670] page dumped because: kasan: bad access detected [ 17.102737] [ 17.103024] Memory state around the buggy address: [ 17.103229] fff00000c7894900: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.103427] fff00000c7894980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.103477] >fff00000c7894a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.103515] ^ [ 17.103775] fff00000c7894a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.103862] fff00000c7894b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.103903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.060368] ================================================================== [ 17.060457] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 17.060525] Write of size 16 at addr fff00000c7892369 by task kunit_try_catch/178 [ 17.060576] [ 17.060619] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.060702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.060728] Hardware name: linux,dummy-virt (DT) [ 17.060760] Call trace: [ 17.060783] show_stack+0x20/0x38 (C) [ 17.061688] dump_stack_lvl+0x8c/0xd0 [ 17.062082] print_report+0x118/0x5d0 [ 17.062659] kasan_report+0xdc/0x128 [ 17.062852] kasan_check_range+0x100/0x1a8 [ 17.062901] __asan_memset+0x34/0x78 [ 17.062943] kmalloc_oob_memset_16+0x150/0x2f8 [ 17.062988] kunit_try_run_case+0x170/0x3f0 [ 17.063459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.063582] kthread+0x328/0x630 [ 17.063626] ret_from_fork+0x10/0x20 [ 17.063818] [ 17.063869] Allocated by task 178: [ 17.063903] kasan_save_stack+0x3c/0x68 [ 17.064208] kasan_save_track+0x20/0x40 [ 17.064269] kasan_save_alloc_info+0x40/0x58 [ 17.064849] __kasan_kmalloc+0xd4/0xd8 [ 17.064974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.065135] kmalloc_oob_memset_16+0xb0/0x2f8 [ 17.065449] kunit_try_run_case+0x170/0x3f0 [ 17.065521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.065565] kthread+0x328/0x630 [ 17.066149] ret_from_fork+0x10/0x20 [ 17.066431] [ 17.066523] The buggy address belongs to the object at fff00000c7892300 [ 17.066523] which belongs to the cache kmalloc-128 of size 128 [ 17.066583] The buggy address is located 105 bytes inside of [ 17.066583] allocated 120-byte region [fff00000c7892300, fff00000c7892378) [ 17.067022] [ 17.067049] The buggy address belongs to the physical page: [ 17.067367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.067430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.067482] page_type: f5(slab) [ 17.067862] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.067939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.067978] page dumped because: kasan: bad access detected [ 17.068009] [ 17.068028] Memory state around the buggy address: [ 17.068062] fff00000c7892200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.068103] fff00000c7892280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.068144] >fff00000c7892300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.068181] ^ [ 17.068220] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.068261] fff00000c7892400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.068960] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.037289] ================================================================== [ 17.037370] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 17.037444] Write of size 8 at addr fff00000c7892271 by task kunit_try_catch/176 [ 17.037500] [ 17.037866] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.038072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.038149] Hardware name: linux,dummy-virt (DT) [ 17.038183] Call trace: [ 17.038298] show_stack+0x20/0x38 (C) [ 17.038362] dump_stack_lvl+0x8c/0xd0 [ 17.038413] print_report+0x118/0x5d0 [ 17.038822] kasan_report+0xdc/0x128 [ 17.038907] kasan_check_range+0x100/0x1a8 [ 17.038980] __asan_memset+0x34/0x78 [ 17.039026] kmalloc_oob_memset_8+0x150/0x2f8 [ 17.039072] kunit_try_run_case+0x170/0x3f0 [ 17.039452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.039664] kthread+0x328/0x630 [ 17.039743] ret_from_fork+0x10/0x20 [ 17.039954] [ 17.040016] Allocated by task 176: [ 17.040144] kasan_save_stack+0x3c/0x68 [ 17.040258] kasan_save_track+0x20/0x40 [ 17.040395] kasan_save_alloc_info+0x40/0x58 [ 17.040455] __kasan_kmalloc+0xd4/0xd8 [ 17.040499] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.040828] kmalloc_oob_memset_8+0xb0/0x2f8 [ 17.040971] kunit_try_run_case+0x170/0x3f0 [ 17.041100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.041275] kthread+0x328/0x630 [ 17.041457] ret_from_fork+0x10/0x20 [ 17.041515] [ 17.041536] The buggy address belongs to the object at fff00000c7892200 [ 17.041536] which belongs to the cache kmalloc-128 of size 128 [ 17.041623] The buggy address is located 113 bytes inside of [ 17.041623] allocated 120-byte region [fff00000c7892200, fff00000c7892278) [ 17.042021] [ 17.042066] The buggy address belongs to the physical page: [ 17.042151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.042227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.042304] page_type: f5(slab) [ 17.042349] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.042460] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.042515] page dumped because: kasan: bad access detected [ 17.042560] [ 17.042578] Memory state around the buggy address: [ 17.042611] fff00000c7892100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.042653] fff00000c7892180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042694] >fff00000c7892200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.042740] ^ [ 17.042787] fff00000c7892280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042830] fff00000c7892300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042876] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.013232] ================================================================== [ 17.013344] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 17.013416] Write of size 4 at addr fff00000c7892175 by task kunit_try_catch/174 [ 17.013632] [ 17.013931] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.014029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.014055] Hardware name: linux,dummy-virt (DT) [ 17.014202] Call trace: [ 17.014236] show_stack+0x20/0x38 (C) [ 17.014295] dump_stack_lvl+0x8c/0xd0 [ 17.014717] print_report+0x118/0x5d0 [ 17.014818] kasan_report+0xdc/0x128 [ 17.015117] kasan_check_range+0x100/0x1a8 [ 17.015189] __asan_memset+0x34/0x78 [ 17.015234] kmalloc_oob_memset_4+0x150/0x300 [ 17.015280] kunit_try_run_case+0x170/0x3f0 [ 17.015477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.015586] kthread+0x328/0x630 [ 17.016046] ret_from_fork+0x10/0x20 [ 17.016207] [ 17.016268] Allocated by task 174: [ 17.016338] kasan_save_stack+0x3c/0x68 [ 17.016670] kasan_save_track+0x20/0x40 [ 17.016922] kasan_save_alloc_info+0x40/0x58 [ 17.017118] __kasan_kmalloc+0xd4/0xd8 [ 17.017341] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.017455] kmalloc_oob_memset_4+0xb0/0x300 [ 17.017560] kunit_try_run_case+0x170/0x3f0 [ 17.017641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.018044] kthread+0x328/0x630 [ 17.018131] ret_from_fork+0x10/0x20 [ 17.018172] [ 17.018238] The buggy address belongs to the object at fff00000c7892100 [ 17.018238] which belongs to the cache kmalloc-128 of size 128 [ 17.018723] The buggy address is located 117 bytes inside of [ 17.018723] allocated 120-byte region [fff00000c7892100, fff00000c7892178) [ 17.018980] [ 17.019025] The buggy address belongs to the physical page: [ 17.019065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.019268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.019402] page_type: f5(slab) [ 17.019588] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.019981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.020027] page dumped because: kasan: bad access detected [ 17.020060] [ 17.020078] Memory state around the buggy address: [ 17.020112] fff00000c7892000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.020153] fff00000c7892080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.020194] >fff00000c7892100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.020554] ^ [ 17.020605] fff00000c7892180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.020647] fff00000c7892200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.020684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.990109] ================================================================== [ 16.990188] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.990254] Write of size 2 at addr fff00000c7892077 by task kunit_try_catch/172 [ 16.990304] [ 16.990346] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.990430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.990456] Hardware name: linux,dummy-virt (DT) [ 16.990487] Call trace: [ 16.990511] show_stack+0x20/0x38 (C) [ 16.990562] dump_stack_lvl+0x8c/0xd0 [ 16.990611] print_report+0x118/0x5d0 [ 16.990660] kasan_report+0xdc/0x128 [ 16.990707] kasan_check_range+0x100/0x1a8 [ 16.990757] __asan_memset+0x34/0x78 [ 16.990800] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.991183] kunit_try_run_case+0x170/0x3f0 [ 16.991277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.991596] kthread+0x328/0x630 [ 16.991894] ret_from_fork+0x10/0x20 [ 16.992240] [ 16.992260] Allocated by task 172: [ 16.992292] kasan_save_stack+0x3c/0x68 [ 16.992388] kasan_save_track+0x20/0x40 [ 16.992428] kasan_save_alloc_info+0x40/0x58 [ 16.992970] __kasan_kmalloc+0xd4/0xd8 [ 16.993099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.993169] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.993282] kunit_try_run_case+0x170/0x3f0 [ 16.993324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.993378] kthread+0x328/0x630 [ 16.993440] ret_from_fork+0x10/0x20 [ 16.993752] [ 16.993816] The buggy address belongs to the object at fff00000c7892000 [ 16.993816] which belongs to the cache kmalloc-128 of size 128 [ 16.994006] The buggy address is located 119 bytes inside of [ 16.994006] allocated 120-byte region [fff00000c7892000, fff00000c7892078) [ 16.994249] [ 16.994444] The buggy address belongs to the physical page: [ 16.994591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 16.994714] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.994935] page_type: f5(slab) [ 16.995311] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.995509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.995585] page dumped because: kasan: bad access detected [ 16.995706] [ 16.995744] Memory state around the buggy address: [ 16.995778] fff00000c7891f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.995827] fff00000c7891f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.996421] >fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.996557] ^ [ 16.996645] fff00000c7892080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996809] fff00000c7892100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.970098] ================================================================== [ 16.970176] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.970415] Write of size 128 at addr fff00000c595ef00 by task kunit_try_catch/170 [ 16.970490] [ 16.970532] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.970623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.970658] Hardware name: linux,dummy-virt (DT) [ 16.970697] Call trace: [ 16.970721] show_stack+0x20/0x38 (C) [ 16.970773] dump_stack_lvl+0x8c/0xd0 [ 16.970831] print_report+0x118/0x5d0 [ 16.970892] kasan_report+0xdc/0x128 [ 16.970948] kasan_check_range+0x100/0x1a8 [ 16.970998] __asan_memset+0x34/0x78 [ 16.971052] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.971100] kunit_try_run_case+0x170/0x3f0 [ 16.971157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.971209] kthread+0x328/0x630 [ 16.971253] ret_from_fork+0x10/0x20 [ 16.971563] [ 16.971588] Allocated by task 170: [ 16.971644] kasan_save_stack+0x3c/0x68 [ 16.971692] kasan_save_track+0x20/0x40 [ 16.971730] kasan_save_alloc_info+0x40/0x58 [ 16.971795] __kasan_kmalloc+0xd4/0xd8 [ 16.971873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.971922] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.971959] kunit_try_run_case+0x170/0x3f0 [ 16.972008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.972052] kthread+0x328/0x630 [ 16.972085] ret_from_fork+0x10/0x20 [ 16.973149] [ 16.973239] The buggy address belongs to the object at fff00000c595ef00 [ 16.973239] which belongs to the cache kmalloc-128 of size 128 [ 16.974798] The buggy address is located 0 bytes inside of [ 16.974798] allocated 120-byte region [fff00000c595ef00, fff00000c595ef78) [ 16.975238] [ 16.975276] The buggy address belongs to the physical page: [ 16.975364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.975810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.975905] page_type: f5(slab) [ 16.976067] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.976422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.976487] page dumped because: kasan: bad access detected [ 16.976540] [ 16.977263] Memory state around the buggy address: [ 16.977327] fff00000c595ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.977384] fff00000c595ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.977446] >fff00000c595ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.977512] ^ [ 16.977563] fff00000c595ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.977904] fff00000c595f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.978441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.951137] ================================================================== [ 16.951242] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.951563] Read of size 16 at addr fff00000c5acc0e0 by task kunit_try_catch/168 [ 16.951859] [ 16.952075] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.952349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.952542] Hardware name: linux,dummy-virt (DT) [ 16.952679] Call trace: [ 16.952779] show_stack+0x20/0x38 (C) [ 16.952860] dump_stack_lvl+0x8c/0xd0 [ 16.952962] print_report+0x118/0x5d0 [ 16.953157] kasan_report+0xdc/0x128 [ 16.953255] __asan_report_load16_noabort+0x20/0x30 [ 16.953325] kmalloc_uaf_16+0x3bc/0x438 [ 16.953710] kunit_try_run_case+0x170/0x3f0 [ 16.953890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.953970] kthread+0x328/0x630 [ 16.954016] ret_from_fork+0x10/0x20 [ 16.954067] [ 16.954086] Allocated by task 168: [ 16.954121] kasan_save_stack+0x3c/0x68 [ 16.954192] kasan_save_track+0x20/0x40 [ 16.954246] kasan_save_alloc_info+0x40/0x58 [ 16.954286] __kasan_kmalloc+0xd4/0xd8 [ 16.954331] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.954369] kmalloc_uaf_16+0x140/0x438 [ 16.954413] kunit_try_run_case+0x170/0x3f0 [ 16.954450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.954504] kthread+0x328/0x630 [ 16.954534] ret_from_fork+0x10/0x20 [ 16.954568] [ 16.954586] Freed by task 168: [ 16.954623] kasan_save_stack+0x3c/0x68 [ 16.954659] kasan_save_track+0x20/0x40 [ 16.954703] kasan_save_free_info+0x4c/0x78 [ 16.954741] __kasan_slab_free+0x6c/0x98 [ 16.954776] kfree+0x214/0x3c8 [ 16.954817] kmalloc_uaf_16+0x190/0x438 [ 16.954877] kunit_try_run_case+0x170/0x3f0 [ 16.954920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.954993] kthread+0x328/0x630 [ 16.955033] ret_from_fork+0x10/0x20 [ 16.955068] [ 16.955096] The buggy address belongs to the object at fff00000c5acc0e0 [ 16.955096] which belongs to the cache kmalloc-16 of size 16 [ 16.955161] The buggy address is located 0 bytes inside of [ 16.955161] freed 16-byte region [fff00000c5acc0e0, fff00000c5acc0f0) [ 16.955229] [ 16.955251] The buggy address belongs to the physical page: [ 16.955283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 16.955616] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.956046] page_type: f5(slab) [ 16.956272] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.956332] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.956373] page dumped because: kasan: bad access detected [ 16.956405] [ 16.956423] Memory state around the buggy address: [ 16.956457] fff00000c5acbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.956719] fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.957060] >fff00000c5acc080: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.957128] ^ [ 16.957248] fff00000c5acc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.957374] fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.957432] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.926025] ================================================================== [ 16.926152] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.926433] Write of size 16 at addr fff00000c5acc080 by task kunit_try_catch/166 [ 16.926486] [ 16.926552] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.926726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.926753] Hardware name: linux,dummy-virt (DT) [ 16.926954] Call trace: [ 16.926990] show_stack+0x20/0x38 (C) [ 16.927117] dump_stack_lvl+0x8c/0xd0 [ 16.927235] print_report+0x118/0x5d0 [ 16.927490] kasan_report+0xdc/0x128 [ 16.927614] __asan_report_store16_noabort+0x20/0x30 [ 16.928037] kmalloc_oob_16+0x3a0/0x3f8 [ 16.928168] kunit_try_run_case+0x170/0x3f0 [ 16.928224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.928278] kthread+0x328/0x630 [ 16.928560] ret_from_fork+0x10/0x20 [ 16.928676] [ 16.928735] Allocated by task 166: [ 16.928773] kasan_save_stack+0x3c/0x68 [ 16.928884] kasan_save_track+0x20/0x40 [ 16.928994] kasan_save_alloc_info+0x40/0x58 [ 16.929290] __kasan_kmalloc+0xd4/0xd8 [ 16.929356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.929464] kmalloc_oob_16+0xb4/0x3f8 [ 16.929755] kunit_try_run_case+0x170/0x3f0 [ 16.929910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.930020] kthread+0x328/0x630 [ 16.930135] ret_from_fork+0x10/0x20 [ 16.930237] [ 16.930286] The buggy address belongs to the object at fff00000c5acc080 [ 16.930286] which belongs to the cache kmalloc-16 of size 16 [ 16.930352] The buggy address is located 0 bytes inside of [ 16.930352] allocated 13-byte region [fff00000c5acc080, fff00000c5acc08d) [ 16.930525] [ 16.930575] The buggy address belongs to the physical page: [ 16.930606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 16.930783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.931007] page_type: f5(slab) [ 16.931125] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.931318] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.931412] page dumped because: kasan: bad access detected [ 16.931499] [ 16.931581] Memory state around the buggy address: [ 16.931684] fff00000c5acbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.931773] fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.931930] >fff00000c5acc080: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.932041] ^ [ 16.932111] fff00000c5acc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.932173] fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.932555] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.909021] ================================================================== [ 16.909075] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.909190] Read of size 1 at addr fff00000c1bc4800 by task kunit_try_catch/164 [ 16.909290] [ 16.909325] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.909885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.910007] Hardware name: linux,dummy-virt (DT) [ 16.910042] Call trace: [ 16.910081] show_stack+0x20/0x38 (C) [ 16.910149] dump_stack_lvl+0x8c/0xd0 [ 16.910201] print_report+0x118/0x5d0 [ 16.910247] kasan_report+0xdc/0x128 [ 16.910337] __asan_report_load1_noabort+0x20/0x30 [ 16.910392] krealloc_uaf+0x4c8/0x520 [ 16.910435] kunit_try_run_case+0x170/0x3f0 [ 16.910480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.910645] kthread+0x328/0x630 [ 16.910921] ret_from_fork+0x10/0x20 [ 16.911041] [ 16.911103] Allocated by task 164: [ 16.911173] kasan_save_stack+0x3c/0x68 [ 16.911287] kasan_save_track+0x20/0x40 [ 16.911509] kasan_save_alloc_info+0x40/0x58 [ 16.911583] __kasan_kmalloc+0xd4/0xd8 [ 16.911627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.911664] krealloc_uaf+0xc8/0x520 [ 16.911698] kunit_try_run_case+0x170/0x3f0 [ 16.911958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.912006] kthread+0x328/0x630 [ 16.912087] ret_from_fork+0x10/0x20 [ 16.912213] [ 16.912282] Freed by task 164: [ 16.912321] kasan_save_stack+0x3c/0x68 [ 16.912366] kasan_save_track+0x20/0x40 [ 16.912641] kasan_save_free_info+0x4c/0x78 [ 16.912839] __kasan_slab_free+0x6c/0x98 [ 16.912965] kfree+0x214/0x3c8 [ 16.913095] krealloc_uaf+0x12c/0x520 [ 16.913224] kunit_try_run_case+0x170/0x3f0 [ 16.913302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.913366] kthread+0x328/0x630 [ 16.913404] ret_from_fork+0x10/0x20 [ 16.913762] [ 16.913877] The buggy address belongs to the object at fff00000c1bc4800 [ 16.913877] which belongs to the cache kmalloc-256 of size 256 [ 16.913983] The buggy address is located 0 bytes inside of [ 16.913983] freed 256-byte region [fff00000c1bc4800, fff00000c1bc4900) [ 16.914151] [ 16.914240] The buggy address belongs to the physical page: [ 16.914347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.914443] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.914514] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.914906] page_type: f5(slab) [ 16.914961] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.915047] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.915180] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.915325] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.915478] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.915565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.915610] page dumped because: kasan: bad access detected [ 16.915946] [ 16.916083] Memory state around the buggy address: [ 16.916218] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916284] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916450] >fff00000c1bc4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.916528] ^ [ 16.916616] fff00000c1bc4880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.916747] fff00000c1bc4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916784] ================================================================== [ 16.899755] ================================================================== [ 16.900125] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.900323] Read of size 1 at addr fff00000c1bc4800 by task kunit_try_catch/164 [ 16.900507] [ 16.900576] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.900774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.900828] Hardware name: linux,dummy-virt (DT) [ 16.901240] Call trace: [ 16.901330] show_stack+0x20/0x38 (C) [ 16.901458] dump_stack_lvl+0x8c/0xd0 [ 16.901528] print_report+0x118/0x5d0 [ 16.901741] kasan_report+0xdc/0x128 [ 16.901811] __kasan_check_byte+0x54/0x70 [ 16.901929] krealloc_noprof+0x44/0x360 [ 16.902035] krealloc_uaf+0x180/0x520 [ 16.902192] kunit_try_run_case+0x170/0x3f0 [ 16.902247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.902483] kthread+0x328/0x630 [ 16.902550] ret_from_fork+0x10/0x20 [ 16.902686] [ 16.902783] Allocated by task 164: [ 16.902990] kasan_save_stack+0x3c/0x68 [ 16.903051] kasan_save_track+0x20/0x40 [ 16.903141] kasan_save_alloc_info+0x40/0x58 [ 16.903208] __kasan_kmalloc+0xd4/0xd8 [ 16.903245] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.903290] krealloc_uaf+0xc8/0x520 [ 16.903387] kunit_try_run_case+0x170/0x3f0 [ 16.903437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.903479] kthread+0x328/0x630 [ 16.903533] ret_from_fork+0x10/0x20 [ 16.903569] [ 16.903853] Freed by task 164: [ 16.904029] kasan_save_stack+0x3c/0x68 [ 16.904351] kasan_save_track+0x20/0x40 [ 16.904472] kasan_save_free_info+0x4c/0x78 [ 16.904606] __kasan_slab_free+0x6c/0x98 [ 16.904825] kfree+0x214/0x3c8 [ 16.904913] krealloc_uaf+0x12c/0x520 [ 16.905050] kunit_try_run_case+0x170/0x3f0 [ 16.905090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.905383] kthread+0x328/0x630 [ 16.905559] ret_from_fork+0x10/0x20 [ 16.905704] [ 16.905805] The buggy address belongs to the object at fff00000c1bc4800 [ 16.905805] which belongs to the cache kmalloc-256 of size 256 [ 16.905958] The buggy address is located 0 bytes inside of [ 16.905958] freed 256-byte region [fff00000c1bc4800, fff00000c1bc4900) [ 16.906043] [ 16.906065] The buggy address belongs to the physical page: [ 16.906099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.906154] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.906226] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.906281] page_type: f5(slab) [ 16.906324] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.906372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.906419] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.906475] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.906522] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.906576] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.906615] page dumped because: kasan: bad access detected [ 16.906656] [ 16.906675] Memory state around the buggy address: [ 16.906708] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.906757] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.906812] >fff00000c1bc4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.906877] ^ [ 16.906905] fff00000c1bc4880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.906953] fff00000c1bc4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.906998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.851258] ================================================================== [ 16.851993] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.852094] Write of size 1 at addr fff00000c79020da by task kunit_try_catch/162 [ 16.852156] [ 16.852196] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.852431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.852472] Hardware name: linux,dummy-virt (DT) [ 16.852508] Call trace: [ 16.852530] show_stack+0x20/0x38 (C) [ 16.852581] dump_stack_lvl+0x8c/0xd0 [ 16.852631] print_report+0x118/0x5d0 [ 16.852677] kasan_report+0xdc/0x128 [ 16.852722] __asan_report_store1_noabort+0x20/0x30 [ 16.852772] krealloc_less_oob_helper+0xa80/0xc50 [ 16.852821] krealloc_large_less_oob+0x20/0x38 [ 16.852877] kunit_try_run_case+0x170/0x3f0 [ 16.852924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853665] kthread+0x328/0x630 [ 16.853721] ret_from_fork+0x10/0x20 [ 16.854231] [ 16.854393] The buggy address belongs to the physical page: [ 16.854800] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.854871] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.855250] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.855318] page_type: f8(unknown) [ 16.855722] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.855788] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.855871] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.855918] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.855966] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.856389] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.856702] page dumped because: kasan: bad access detected [ 16.856819] [ 16.856947] Memory state around the buggy address: [ 16.856987] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.857029] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.857482] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.857651] ^ [ 16.857771] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.858025] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.858292] ================================================================== [ 16.860076] ================================================================== [ 16.860135] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.860201] Write of size 1 at addr fff00000c79020ea by task kunit_try_catch/162 [ 16.860249] [ 16.860282] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.860789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.861021] Hardware name: linux,dummy-virt (DT) [ 16.861250] Call trace: [ 16.861274] show_stack+0x20/0x38 (C) [ 16.861325] dump_stack_lvl+0x8c/0xd0 [ 16.861373] print_report+0x118/0x5d0 [ 16.861419] kasan_report+0xdc/0x128 [ 16.861954] __asan_report_store1_noabort+0x20/0x30 [ 16.862039] krealloc_less_oob_helper+0xae4/0xc50 [ 16.862088] krealloc_large_less_oob+0x20/0x38 [ 16.862294] kunit_try_run_case+0x170/0x3f0 [ 16.862345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.862396] kthread+0x328/0x630 [ 16.862437] ret_from_fork+0x10/0x20 [ 16.862484] [ 16.862503] The buggy address belongs to the physical page: [ 16.862534] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.862584] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.862982] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.863062] page_type: f8(unknown) [ 16.863101] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.863828] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.863903] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.863979] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.864027] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.864277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.864318] page dumped because: kasan: bad access detected [ 16.864623] [ 16.864645] Memory state around the buggy address: [ 16.864677] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.864720] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.864761] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.864798] ^ [ 16.864835] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.865029] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.865069] ================================================================== [ 16.737961] ================================================================== [ 16.738120] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.738693] Write of size 1 at addr fff00000c1bc46ea by task kunit_try_catch/158 [ 16.738752] [ 16.738928] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.739038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.739065] Hardware name: linux,dummy-virt (DT) [ 16.739095] Call trace: [ 16.739118] show_stack+0x20/0x38 (C) [ 16.739173] dump_stack_lvl+0x8c/0xd0 [ 16.739222] print_report+0x118/0x5d0 [ 16.740111] kasan_report+0xdc/0x128 [ 16.740203] __asan_report_store1_noabort+0x20/0x30 [ 16.740521] krealloc_less_oob_helper+0xae4/0xc50 [ 16.740721] krealloc_less_oob+0x20/0x38 [ 16.740839] kunit_try_run_case+0x170/0x3f0 [ 16.741268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.741353] kthread+0x328/0x630 [ 16.741401] ret_from_fork+0x10/0x20 [ 16.741922] [ 16.741950] Allocated by task 158: [ 16.742040] kasan_save_stack+0x3c/0x68 [ 16.742087] kasan_save_track+0x20/0x40 [ 16.742124] kasan_save_alloc_info+0x40/0x58 [ 16.742164] __kasan_krealloc+0x118/0x178 [ 16.742201] krealloc_noprof+0x128/0x360 [ 16.742237] krealloc_less_oob_helper+0x168/0xc50 [ 16.742275] krealloc_less_oob+0x20/0x38 [ 16.742312] kunit_try_run_case+0x170/0x3f0 [ 16.742349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.742392] kthread+0x328/0x630 [ 16.742424] ret_from_fork+0x10/0x20 [ 16.742459] [ 16.742478] The buggy address belongs to the object at fff00000c1bc4600 [ 16.742478] which belongs to the cache kmalloc-256 of size 256 [ 16.744057] The buggy address is located 33 bytes to the right of [ 16.744057] allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9) [ 16.744248] [ 16.744448] The buggy address belongs to the physical page: [ 16.744483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.744707] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.744759] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.744825] page_type: f5(slab) [ 16.744883] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.744933] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.745456] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.745608] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.745868] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.746159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.746201] page dumped because: kasan: bad access detected [ 16.746289] [ 16.746811] Memory state around the buggy address: [ 16.746934] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746978] fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.747021] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.747058] ^ [ 16.747612] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.747768] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.747853] ================================================================== [ 16.721659] ================================================================== [ 16.721731] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.721798] Write of size 1 at addr fff00000c1bc46da by task kunit_try_catch/158 [ 16.721865] [ 16.723730] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.723839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.723938] Hardware name: linux,dummy-virt (DT) [ 16.723970] Call trace: [ 16.723998] show_stack+0x20/0x38 (C) [ 16.724158] dump_stack_lvl+0x8c/0xd0 [ 16.724500] print_report+0x118/0x5d0 [ 16.724552] kasan_report+0xdc/0x128 [ 16.724597] __asan_report_store1_noabort+0x20/0x30 [ 16.724860] krealloc_less_oob_helper+0xa80/0xc50 [ 16.724917] krealloc_less_oob+0x20/0x38 [ 16.724962] kunit_try_run_case+0x170/0x3f0 [ 16.725370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.725764] kthread+0x328/0x630 [ 16.725833] ret_from_fork+0x10/0x20 [ 16.726327] [ 16.726359] Allocated by task 158: [ 16.726633] kasan_save_stack+0x3c/0x68 [ 16.726683] kasan_save_track+0x20/0x40 [ 16.726720] kasan_save_alloc_info+0x40/0x58 [ 16.726910] __kasan_krealloc+0x118/0x178 [ 16.727287] krealloc_noprof+0x128/0x360 [ 16.727628] krealloc_less_oob_helper+0x168/0xc50 [ 16.727744] krealloc_less_oob+0x20/0x38 [ 16.727783] kunit_try_run_case+0x170/0x3f0 [ 16.728017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.728073] kthread+0x328/0x630 [ 16.728106] ret_from_fork+0x10/0x20 [ 16.728141] [ 16.728161] The buggy address belongs to the object at fff00000c1bc4600 [ 16.728161] which belongs to the cache kmalloc-256 of size 256 [ 16.728404] The buggy address is located 17 bytes to the right of [ 16.728404] allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9) [ 16.728486] [ 16.728886] The buggy address belongs to the physical page: [ 16.728955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.729062] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.729286] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.729369] page_type: f5(slab) [ 16.729807] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.729878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.730455] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.730707] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.730797] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.730927] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.731128] page dumped because: kasan: bad access detected [ 16.731239] [ 16.731257] Memory state around the buggy address: [ 16.731325] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731693] fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.731924] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.731963] ^ [ 16.732001] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.732149] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.732188] ================================================================== [ 16.867260] ================================================================== [ 16.867383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.867434] Write of size 1 at addr fff00000c79020eb by task kunit_try_catch/162 [ 16.867482] [ 16.867513] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.867589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.867615] Hardware name: linux,dummy-virt (DT) [ 16.867644] Call trace: [ 16.868165] show_stack+0x20/0x38 (C) [ 16.868247] dump_stack_lvl+0x8c/0xd0 [ 16.868298] print_report+0x118/0x5d0 [ 16.868862] kasan_report+0xdc/0x128 [ 16.868924] __asan_report_store1_noabort+0x20/0x30 [ 16.869122] krealloc_less_oob_helper+0xa58/0xc50 [ 16.869400] krealloc_large_less_oob+0x20/0x38 [ 16.869449] kunit_try_run_case+0x170/0x3f0 [ 16.869504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.869556] kthread+0x328/0x630 [ 16.869598] ret_from_fork+0x10/0x20 [ 16.869862] [ 16.869886] The buggy address belongs to the physical page: [ 16.869944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.870544] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.870626] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.871105] page_type: f8(unknown) [ 16.871428] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.871481] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.871725] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.871921] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.872157] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.872474] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.872756] page dumped because: kasan: bad access detected [ 16.872880] [ 16.873003] Memory state around the buggy address: [ 16.873251] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.873533] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.873899] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.874537] ^ [ 16.875473] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.875814] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.875870] ================================================================== [ 16.842985] ================================================================== [ 16.843050] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.843115] Write of size 1 at addr fff00000c79020d0 by task kunit_try_catch/162 [ 16.843164] [ 16.843575] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.843700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.843734] Hardware name: linux,dummy-virt (DT) [ 16.843766] Call trace: [ 16.843788] show_stack+0x20/0x38 (C) [ 16.843916] dump_stack_lvl+0x8c/0xd0 [ 16.844052] print_report+0x118/0x5d0 [ 16.844217] kasan_report+0xdc/0x128 [ 16.844407] __asan_report_store1_noabort+0x20/0x30 [ 16.844725] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.844774] krealloc_large_less_oob+0x20/0x38 [ 16.845006] kunit_try_run_case+0x170/0x3f0 [ 16.845087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845237] kthread+0x328/0x630 [ 16.845446] ret_from_fork+0x10/0x20 [ 16.845504] [ 16.845929] The buggy address belongs to the physical page: [ 16.846110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.846410] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.846500] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.846714] page_type: f8(unknown) [ 16.847001] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.847351] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.847406] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.847686] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.847908] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.847958] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.847997] page dumped because: kasan: bad access detected [ 16.848028] [ 16.848045] Memory state around the buggy address: [ 16.848078] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.848543] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.848603] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.848641] ^ [ 16.848970] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.849016] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.849055] ================================================================== [ 16.751029] ================================================================== [ 16.751383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.751447] Write of size 1 at addr fff00000c1bc46eb by task kunit_try_catch/158 [ 16.751685] [ 16.751769] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.752250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.752278] Hardware name: linux,dummy-virt (DT) [ 16.752544] Call trace: [ 16.752795] show_stack+0x20/0x38 (C) [ 16.752943] dump_stack_lvl+0x8c/0xd0 [ 16.753214] print_report+0x118/0x5d0 [ 16.753294] kasan_report+0xdc/0x128 [ 16.753347] __asan_report_store1_noabort+0x20/0x30 [ 16.753397] krealloc_less_oob_helper+0xa58/0xc50 [ 16.754013] krealloc_less_oob+0x20/0x38 [ 16.754072] kunit_try_run_case+0x170/0x3f0 [ 16.754128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.754180] kthread+0x328/0x630 [ 16.754223] ret_from_fork+0x10/0x20 [ 16.754272] [ 16.754291] Allocated by task 158: [ 16.755253] kasan_save_stack+0x3c/0x68 [ 16.755394] kasan_save_track+0x20/0x40 [ 16.755432] kasan_save_alloc_info+0x40/0x58 [ 16.755471] __kasan_krealloc+0x118/0x178 [ 16.755508] krealloc_noprof+0x128/0x360 [ 16.755820] krealloc_less_oob_helper+0x168/0xc50 [ 16.755880] krealloc_less_oob+0x20/0x38 [ 16.756106] kunit_try_run_case+0x170/0x3f0 [ 16.756500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.756667] kthread+0x328/0x630 [ 16.756803] ret_from_fork+0x10/0x20 [ 16.756839] [ 16.756870] The buggy address belongs to the object at fff00000c1bc4600 [ 16.756870] which belongs to the cache kmalloc-256 of size 256 [ 16.757470] The buggy address is located 34 bytes to the right of [ 16.757470] allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9) [ 16.757548] [ 16.757570] The buggy address belongs to the physical page: [ 16.757603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.757657] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.757705] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.757759] page_type: f5(slab) [ 16.758832] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.759395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.759639] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.759690] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.759738] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.759785] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.759824] page dumped because: kasan: bad access detected [ 16.759865] [ 16.759883] Memory state around the buggy address: [ 16.759916] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.761084] fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.761136] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.761595] ^ [ 16.761918] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762172] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762249] ================================================================== [ 16.708926] ================================================================== [ 16.708991] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.709053] Write of size 1 at addr fff00000c1bc46d0 by task kunit_try_catch/158 [ 16.709102] [ 16.709140] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.709220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.710405] Hardware name: linux,dummy-virt (DT) [ 16.710457] Call trace: [ 16.710481] show_stack+0x20/0x38 (C) [ 16.710543] dump_stack_lvl+0x8c/0xd0 [ 16.710690] print_report+0x118/0x5d0 [ 16.710915] kasan_report+0xdc/0x128 [ 16.711056] __asan_report_store1_noabort+0x20/0x30 [ 16.711161] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.711210] krealloc_less_oob+0x20/0x38 [ 16.711255] kunit_try_run_case+0x170/0x3f0 [ 16.712020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.712299] kthread+0x328/0x630 [ 16.712355] ret_from_fork+0x10/0x20 [ 16.712409] [ 16.712465] Allocated by task 158: [ 16.712500] kasan_save_stack+0x3c/0x68 [ 16.712544] kasan_save_track+0x20/0x40 [ 16.712770] kasan_save_alloc_info+0x40/0x58 [ 16.712814] __kasan_krealloc+0x118/0x178 [ 16.712862] krealloc_noprof+0x128/0x360 [ 16.712899] krealloc_less_oob_helper+0x168/0xc50 [ 16.713678] krealloc_less_oob+0x20/0x38 [ 16.713739] kunit_try_run_case+0x170/0x3f0 [ 16.714050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.714274] kthread+0x328/0x630 [ 16.714367] ret_from_fork+0x10/0x20 [ 16.714411] [ 16.714612] The buggy address belongs to the object at fff00000c1bc4600 [ 16.714612] which belongs to the cache kmalloc-256 of size 256 [ 16.714770] The buggy address is located 7 bytes to the right of [ 16.714770] allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9) [ 16.714832] [ 16.715186] The buggy address belongs to the physical page: [ 16.715224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.715633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.715688] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.715787] page_type: f5(slab) [ 16.715829] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.716240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.716550] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.716876] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.716935] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.716984] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.717025] page dumped because: kasan: bad access detected [ 16.717701] [ 16.717725] Memory state around the buggy address: [ 16.718163] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718363] fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.718490] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.718528] ^ [ 16.718565] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718606] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718644] ================================================================== [ 16.831428] ================================================================== [ 16.832019] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.832172] Write of size 1 at addr fff00000c79020c9 by task kunit_try_catch/162 [ 16.832227] [ 16.832272] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.832774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.832982] Hardware name: linux,dummy-virt (DT) [ 16.833542] Call trace: [ 16.833572] show_stack+0x20/0x38 (C) [ 16.833788] dump_stack_lvl+0x8c/0xd0 [ 16.833851] print_report+0x118/0x5d0 [ 16.833900] kasan_report+0xdc/0x128 [ 16.833945] __asan_report_store1_noabort+0x20/0x30 [ 16.833995] krealloc_less_oob_helper+0xa48/0xc50 [ 16.834043] krealloc_large_less_oob+0x20/0x38 [ 16.835382] kunit_try_run_case+0x170/0x3f0 [ 16.835572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.835625] kthread+0x328/0x630 [ 16.835937] ret_from_fork+0x10/0x20 [ 16.836370] [ 16.836726] The buggy address belongs to the physical page: [ 16.836962] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.837451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.837728] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.837793] page_type: f8(unknown) [ 16.837839] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.838066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.838377] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.838430] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.838624] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.838674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.839112] page dumped because: kasan: bad access detected [ 16.839152] [ 16.839227] Memory state around the buggy address: [ 16.839483] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.839708] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.839755] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.839791] ^ [ 16.839828] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.839878] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.840075] ================================================================== [ 16.696250] ================================================================== [ 16.696315] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.696380] Write of size 1 at addr fff00000c1bc46c9 by task kunit_try_catch/158 [ 16.696430] [ 16.696467] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.696682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.696774] Hardware name: linux,dummy-virt (DT) [ 16.696810] Call trace: [ 16.697118] show_stack+0x20/0x38 (C) [ 16.697255] dump_stack_lvl+0x8c/0xd0 [ 16.697712] print_report+0x118/0x5d0 [ 16.697773] kasan_report+0xdc/0x128 [ 16.697819] __asan_report_store1_noabort+0x20/0x30 [ 16.697886] krealloc_less_oob_helper+0xa48/0xc50 [ 16.698387] krealloc_less_oob+0x20/0x38 [ 16.698518] kunit_try_run_case+0x170/0x3f0 [ 16.698755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.699116] kthread+0x328/0x630 [ 16.699162] ret_from_fork+0x10/0x20 [ 16.699497] [ 16.699516] Allocated by task 158: [ 16.699629] kasan_save_stack+0x3c/0x68 [ 16.699674] kasan_save_track+0x20/0x40 [ 16.699919] kasan_save_alloc_info+0x40/0x58 [ 16.700194] __kasan_krealloc+0x118/0x178 [ 16.700234] krealloc_noprof+0x128/0x360 [ 16.700271] krealloc_less_oob_helper+0x168/0xc50 [ 16.700310] krealloc_less_oob+0x20/0x38 [ 16.700805] kunit_try_run_case+0x170/0x3f0 [ 16.700867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.700909] kthread+0x328/0x630 [ 16.701091] ret_from_fork+0x10/0x20 [ 16.701128] [ 16.701147] The buggy address belongs to the object at fff00000c1bc4600 [ 16.701147] which belongs to the cache kmalloc-256 of size 256 [ 16.701203] The buggy address is located 0 bytes to the right of [ 16.701203] allocated 201-byte region [fff00000c1bc4600, fff00000c1bc46c9) [ 16.701263] [ 16.701613] The buggy address belongs to the physical page: [ 16.701894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.701954] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.701999] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.702054] page_type: f5(slab) [ 16.703146] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.703556] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.703697] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.703744] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.703792] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.703839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.704333] page dumped because: kasan: bad access detected [ 16.704438] [ 16.704487] Memory state around the buggy address: [ 16.704523] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.704615] fff00000c1bc4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.704865] >fff00000c1bc4680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.705107] ^ [ 16.705147] fff00000c1bc4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.705189] fff00000c1bc4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.705226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.789718] ================================================================== [ 16.789944] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.790319] Write of size 1 at addr fff00000c79020eb by task kunit_try_catch/160 [ 16.790396] [ 16.790763] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.791022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.791049] Hardware name: linux,dummy-virt (DT) [ 16.791081] Call trace: [ 16.791473] show_stack+0x20/0x38 (C) [ 16.791547] dump_stack_lvl+0x8c/0xd0 [ 16.791598] print_report+0x118/0x5d0 [ 16.791901] kasan_report+0xdc/0x128 [ 16.792138] __asan_report_store1_noabort+0x20/0x30 [ 16.792193] krealloc_more_oob_helper+0x60c/0x678 [ 16.792484] krealloc_large_more_oob+0x20/0x38 [ 16.793038] kunit_try_run_case+0x170/0x3f0 [ 16.793114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.793487] kthread+0x328/0x630 [ 16.793540] ret_from_fork+0x10/0x20 [ 16.794140] [ 16.794574] The buggy address belongs to the physical page: [ 16.794612] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.794874] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.795124] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.795287] page_type: f8(unknown) [ 16.795819] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.796107] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.796157] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.796230] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.796499] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.796946] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.797108] page dumped because: kasan: bad access detected [ 16.797146] [ 16.797235] Memory state around the buggy address: [ 16.797621] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.797828] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.798197] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.798239] ^ [ 16.798282] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.798501] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.798768] ================================================================== [ 16.678508] ================================================================== [ 16.678594] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.678687] Write of size 1 at addr fff00000c1bc44eb by task kunit_try_catch/156 [ 16.678769] [ 16.678823] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.679044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.679074] Hardware name: linux,dummy-virt (DT) [ 16.679245] Call trace: [ 16.679358] show_stack+0x20/0x38 (C) [ 16.679452] dump_stack_lvl+0x8c/0xd0 [ 16.679569] print_report+0x118/0x5d0 [ 16.679618] kasan_report+0xdc/0x128 [ 16.679663] __asan_report_store1_noabort+0x20/0x30 [ 16.679714] krealloc_more_oob_helper+0x60c/0x678 [ 16.679761] krealloc_more_oob+0x20/0x38 [ 16.680046] kunit_try_run_case+0x170/0x3f0 [ 16.680198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.680251] kthread+0x328/0x630 [ 16.680304] ret_from_fork+0x10/0x20 [ 16.680364] [ 16.680382] Allocated by task 156: [ 16.680412] kasan_save_stack+0x3c/0x68 [ 16.680455] kasan_save_track+0x20/0x40 [ 16.680492] kasan_save_alloc_info+0x40/0x58 [ 16.680531] __kasan_krealloc+0x118/0x178 [ 16.680568] krealloc_noprof+0x128/0x360 [ 16.680604] krealloc_more_oob_helper+0x168/0x678 [ 16.680642] krealloc_more_oob+0x20/0x38 [ 16.680676] kunit_try_run_case+0x170/0x3f0 [ 16.680729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.680778] kthread+0x328/0x630 [ 16.680873] ret_from_fork+0x10/0x20 [ 16.680960] [ 16.681022] The buggy address belongs to the object at fff00000c1bc4400 [ 16.681022] which belongs to the cache kmalloc-256 of size 256 [ 16.681095] The buggy address is located 0 bytes to the right of [ 16.681095] allocated 235-byte region [fff00000c1bc4400, fff00000c1bc44eb) [ 16.681178] [ 16.681199] The buggy address belongs to the physical page: [ 16.681232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.681325] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.681539] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.681594] page_type: f5(slab) [ 16.681675] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.681774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.681822] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.681878] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.681925] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.682106] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.682151] page dumped because: kasan: bad access detected [ 16.682181] [ 16.682199] Memory state around the buggy address: [ 16.682466] fff00000c1bc4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.682655] fff00000c1bc4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.682697] >fff00000c1bc4480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.682733] ^ [ 16.682771] fff00000c1bc4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.683181] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.683443] ================================================================== [ 16.803205] ================================================================== [ 16.803261] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.803834] Write of size 1 at addr fff00000c79020f0 by task kunit_try_catch/160 [ 16.803896] [ 16.803935] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.804590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.804687] Hardware name: linux,dummy-virt (DT) [ 16.804893] Call trace: [ 16.804924] show_stack+0x20/0x38 (C) [ 16.805228] dump_stack_lvl+0x8c/0xd0 [ 16.805603] print_report+0x118/0x5d0 [ 16.805811] kasan_report+0xdc/0x128 [ 16.805871] __asan_report_store1_noabort+0x20/0x30 [ 16.805923] krealloc_more_oob_helper+0x5c0/0x678 [ 16.805971] krealloc_large_more_oob+0x20/0x38 [ 16.806017] kunit_try_run_case+0x170/0x3f0 [ 16.806818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.806927] kthread+0x328/0x630 [ 16.807411] ret_from_fork+0x10/0x20 [ 16.807638] [ 16.807832] The buggy address belongs to the physical page: [ 16.807985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.808117] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.808607] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.808665] page_type: f8(unknown) [ 16.809228] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.809560] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.809975] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.810066] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.810114] head: 0bfffe0000000002 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.810161] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.810199] page dumped because: kasan: bad access detected [ 16.810999] [ 16.811027] Memory state around the buggy address: [ 16.811097] fff00000c7901f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.811185] fff00000c7902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.811481] >fff00000c7902080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.811523] ^ [ 16.811565] fff00000c7902100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.811608] fff00000c7902180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.811796] ================================================================== [ 16.684364] ================================================================== [ 16.684623] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.684683] Write of size 1 at addr fff00000c1bc44f0 by task kunit_try_catch/156 [ 16.684731] [ 16.684829] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.685201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.685328] Hardware name: linux,dummy-virt (DT) [ 16.685364] Call trace: [ 16.685436] show_stack+0x20/0x38 (C) [ 16.685514] dump_stack_lvl+0x8c/0xd0 [ 16.685609] print_report+0x118/0x5d0 [ 16.685656] kasan_report+0xdc/0x128 [ 16.685707] __asan_report_store1_noabort+0x20/0x30 [ 16.685839] krealloc_more_oob_helper+0x5c0/0x678 [ 16.685897] krealloc_more_oob+0x20/0x38 [ 16.685941] kunit_try_run_case+0x170/0x3f0 [ 16.686294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.686393] kthread+0x328/0x630 [ 16.686437] ret_from_fork+0x10/0x20 [ 16.686653] [ 16.686711] Allocated by task 156: [ 16.686748] kasan_save_stack+0x3c/0x68 [ 16.686920] kasan_save_track+0x20/0x40 [ 16.686959] kasan_save_alloc_info+0x40/0x58 [ 16.686997] __kasan_krealloc+0x118/0x178 [ 16.687034] krealloc_noprof+0x128/0x360 [ 16.687070] krealloc_more_oob_helper+0x168/0x678 [ 16.687108] krealloc_more_oob+0x20/0x38 [ 16.687143] kunit_try_run_case+0x170/0x3f0 [ 16.687179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.687229] kthread+0x328/0x630 [ 16.687260] ret_from_fork+0x10/0x20 [ 16.687385] [ 16.687433] The buggy address belongs to the object at fff00000c1bc4400 [ 16.687433] which belongs to the cache kmalloc-256 of size 256 [ 16.687515] The buggy address is located 5 bytes to the right of [ 16.687515] allocated 235-byte region [fff00000c1bc4400, fff00000c1bc44eb) [ 16.687702] [ 16.687729] The buggy address belongs to the physical page: [ 16.687816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc4 [ 16.687879] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.687924] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.687976] page_type: f5(slab) [ 16.688049] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.688100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.688148] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.688194] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.688241] head: 0bfffe0000000001 ffffc1ffc306f101 00000000ffffffff 00000000ffffffff [ 16.688465] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.688574] page dumped because: kasan: bad access detected [ 16.688618] [ 16.688638] Memory state around the buggy address: [ 16.688750] fff00000c1bc4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688831] fff00000c1bc4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.688898] >fff00000c1bc4480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.688974] ^ [ 16.689012] fff00000c1bc4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689139] fff00000c1bc4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689180] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.667934] ================================================================== [ 16.667999] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.668065] Read of size 1 at addr fff00000c7900000 by task kunit_try_catch/154 [ 16.668114] [ 16.668154] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.668236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.668263] Hardware name: linux,dummy-virt (DT) [ 16.668294] Call trace: [ 16.668317] show_stack+0x20/0x38 (C) [ 16.668570] dump_stack_lvl+0x8c/0xd0 [ 16.668658] print_report+0x118/0x5d0 [ 16.668720] kasan_report+0xdc/0x128 [ 16.668816] __asan_report_load1_noabort+0x20/0x30 [ 16.668929] page_alloc_uaf+0x328/0x350 [ 16.668974] kunit_try_run_case+0x170/0x3f0 [ 16.669271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669390] kthread+0x328/0x630 [ 16.669472] ret_from_fork+0x10/0x20 [ 16.669620] [ 16.669662] The buggy address belongs to the physical page: [ 16.669693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.669748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.669799] page_type: f0(buddy) [ 16.670014] raw: 0bfffe0000000000 fff00000ff616240 fff00000ff616240 0000000000000000 [ 16.670106] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 16.670204] page dumped because: kasan: bad access detected [ 16.670317] [ 16.670355] Memory state around the buggy address: [ 16.670389] fff00000c78fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670432] fff00000c78fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670472] >fff00000c7900000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670508] ^ [ 16.670705] fff00000c7900080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670788] fff00000c7900100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670859] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.650182] ================================================================== [ 16.650276] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.650344] Free of addr fff00000c65b0001 by task kunit_try_catch/150 [ 16.650389] [ 16.650426] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.650628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.650665] Hardware name: linux,dummy-virt (DT) [ 16.650713] Call trace: [ 16.650737] show_stack+0x20/0x38 (C) [ 16.650813] dump_stack_lvl+0x8c/0xd0 [ 16.650906] print_report+0x118/0x5d0 [ 16.650997] kasan_report_invalid_free+0xc0/0xe8 [ 16.651053] __kasan_kfree_large+0x5c/0xa8 [ 16.651100] free_large_kmalloc+0x64/0x190 [ 16.651167] kfree+0x270/0x3c8 [ 16.651437] kmalloc_large_invalid_free+0x108/0x270 [ 16.651548] kunit_try_run_case+0x170/0x3f0 [ 16.651697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.651795] kthread+0x328/0x630 [ 16.651976] ret_from_fork+0x10/0x20 [ 16.652107] [ 16.652222] The buggy address belongs to the physical page: [ 16.652289] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b0 [ 16.652347] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.652391] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.652464] page_type: f8(unknown) [ 16.652506] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.652589] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.652637] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.652684] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.652731] head: 0bfffe0000000002 ffffc1ffc3196c01 00000000ffffffff 00000000ffffffff [ 16.652778] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.652983] page dumped because: kasan: bad access detected [ 16.653041] [ 16.653150] Memory state around the buggy address: [ 16.653228] fff00000c65aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653313] fff00000c65aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653422] >fff00000c65b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.653471] ^ [ 16.653601] fff00000c65b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.653709] fff00000c65b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.653839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.640204] ================================================================== [ 16.640273] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.640363] Read of size 1 at addr fff00000c65b0000 by task kunit_try_catch/148 [ 16.640439] [ 16.640479] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.640560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.640585] Hardware name: linux,dummy-virt (DT) [ 16.640615] Call trace: [ 16.640639] show_stack+0x20/0x38 (C) [ 16.640689] dump_stack_lvl+0x8c/0xd0 [ 16.640974] print_report+0x118/0x5d0 [ 16.641123] kasan_report+0xdc/0x128 [ 16.641332] __asan_report_load1_noabort+0x20/0x30 [ 16.641440] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.641534] kunit_try_run_case+0x170/0x3f0 [ 16.641630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.641783] kthread+0x328/0x630 [ 16.642015] ret_from_fork+0x10/0x20 [ 16.642254] [ 16.642337] The buggy address belongs to the physical page: [ 16.642446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b0 [ 16.642588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.642727] raw: 0bfffe0000000000 fff00000da478c40 fff00000da478c40 0000000000000000 [ 16.642823] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.642940] page dumped because: kasan: bad access detected [ 16.642970] [ 16.642989] Memory state around the buggy address: [ 16.643363] fff00000c65aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643510] fff00000c65aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643554] >fff00000c65b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.643590] ^ [ 16.643620] fff00000c65b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.643661] fff00000c65b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.643698] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.629316] ================================================================== [ 16.629653] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.629757] Write of size 1 at addr fff00000c65b200a by task kunit_try_catch/146 [ 16.629816] [ 16.629880] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.630001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.630028] Hardware name: linux,dummy-virt (DT) [ 16.630068] Call trace: [ 16.630092] show_stack+0x20/0x38 (C) [ 16.630393] dump_stack_lvl+0x8c/0xd0 [ 16.630461] print_report+0x118/0x5d0 [ 16.630558] kasan_report+0xdc/0x128 [ 16.630624] __asan_report_store1_noabort+0x20/0x30 [ 16.630676] kmalloc_large_oob_right+0x278/0x2b8 [ 16.630721] kunit_try_run_case+0x170/0x3f0 [ 16.630769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.630819] kthread+0x328/0x630 [ 16.630882] ret_from_fork+0x10/0x20 [ 16.631202] [ 16.631294] The buggy address belongs to the physical page: [ 16.631330] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b0 [ 16.631429] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.631496] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.631620] page_type: f8(unknown) [ 16.631695] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.631743] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.631800] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.631860] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.631908] head: 0bfffe0000000002 ffffc1ffc3196c01 00000000ffffffff 00000000ffffffff [ 16.631955] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.632368] page dumped because: kasan: bad access detected [ 16.632450] [ 16.632502] Memory state around the buggy address: [ 16.632620] fff00000c65b1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632713] fff00000c65b1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632755] >fff00000c65b2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.632791] ^ [ 16.632822] fff00000c65b2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.632873] fff00000c65b2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.633046] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.617652] ================================================================== [ 16.617761] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.617834] Write of size 1 at addr fff00000c78c1f00 by task kunit_try_catch/144 [ 16.617898] [ 16.617957] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.618041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.618067] Hardware name: linux,dummy-virt (DT) [ 16.618116] Call trace: [ 16.618157] show_stack+0x20/0x38 (C) [ 16.618215] dump_stack_lvl+0x8c/0xd0 [ 16.618301] print_report+0x118/0x5d0 [ 16.618356] kasan_report+0xdc/0x128 [ 16.618418] __asan_report_store1_noabort+0x20/0x30 [ 16.618470] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.618516] kunit_try_run_case+0x170/0x3f0 [ 16.618597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618648] kthread+0x328/0x630 [ 16.618949] ret_from_fork+0x10/0x20 [ 16.619014] [ 16.619033] Allocated by task 144: [ 16.619106] kasan_save_stack+0x3c/0x68 [ 16.619180] kasan_save_track+0x20/0x40 [ 16.619236] kasan_save_alloc_info+0x40/0x58 [ 16.619282] __kasan_kmalloc+0xd4/0xd8 [ 16.619336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.619424] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.619673] kunit_try_run_case+0x170/0x3f0 [ 16.619725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.619767] kthread+0x328/0x630 [ 16.619799] ret_from_fork+0x10/0x20 [ 16.619902] [ 16.619965] The buggy address belongs to the object at fff00000c78c0000 [ 16.619965] which belongs to the cache kmalloc-8k of size 8192 [ 16.620107] The buggy address is located 0 bytes to the right of [ 16.620107] allocated 7936-byte region [fff00000c78c0000, fff00000c78c1f00) [ 16.620214] [ 16.620307] The buggy address belongs to the physical page: [ 16.620420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0 [ 16.620505] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.620551] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.620876] page_type: f5(slab) [ 16.621006] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.621105] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.621153] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.621561] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.621640] head: 0bfffe0000000003 ffffc1ffc31e3001 00000000ffffffff 00000000ffffffff [ 16.621754] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.621836] page dumped because: kasan: bad access detected [ 16.621879] [ 16.621897] Memory state around the buggy address: [ 16.621974] fff00000c78c1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.622307] fff00000c78c1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.622405] >fff00000c78c1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.622486] ^ [ 16.622540] fff00000c78c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.622579] fff00000c78c2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.622786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.606276] ================================================================== [ 16.606358] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.606433] Write of size 1 at addr fff00000c595ee78 by task kunit_try_catch/142 [ 16.606488] [ 16.606541] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.606645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606674] Hardware name: linux,dummy-virt (DT) [ 16.606705] Call trace: [ 16.606728] show_stack+0x20/0x38 (C) [ 16.606804] dump_stack_lvl+0x8c/0xd0 [ 16.606867] print_report+0x118/0x5d0 [ 16.606915] kasan_report+0xdc/0x128 [ 16.606960] __asan_report_store1_noabort+0x20/0x30 [ 16.607047] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.607382] kunit_try_run_case+0x170/0x3f0 [ 16.607495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.607589] kthread+0x328/0x630 [ 16.607642] ret_from_fork+0x10/0x20 [ 16.607690] [ 16.607709] Allocated by task 142: [ 16.607737] kasan_save_stack+0x3c/0x68 [ 16.607779] kasan_save_track+0x20/0x40 [ 16.607815] kasan_save_alloc_info+0x40/0x58 [ 16.607865] __kasan_kmalloc+0xd4/0xd8 [ 16.607900] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.607943] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.607982] kunit_try_run_case+0x170/0x3f0 [ 16.608018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.608058] kthread+0x328/0x630 [ 16.608239] ret_from_fork+0x10/0x20 [ 16.608328] [ 16.608386] The buggy address belongs to the object at fff00000c595ee00 [ 16.608386] which belongs to the cache kmalloc-128 of size 128 [ 16.608453] The buggy address is located 0 bytes to the right of [ 16.608453] allocated 120-byte region [fff00000c595ee00, fff00000c595ee78) [ 16.608554] [ 16.608622] The buggy address belongs to the physical page: [ 16.608654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.608752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.608829] page_type: f5(slab) [ 16.608881] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.608945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.608984] page dumped because: kasan: bad access detected [ 16.609013] [ 16.609030] Memory state around the buggy address: [ 16.609061] fff00000c595ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.609101] fff00000c595ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609142] >fff00000c595ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.609177] ^ [ 16.609215] fff00000c595ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609417] fff00000c595ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609512] ================================================================== [ 16.601124] ================================================================== [ 16.601214] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.601298] Write of size 1 at addr fff00000c595ed78 by task kunit_try_catch/142 [ 16.601349] [ 16.601389] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.601623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.601655] Hardware name: linux,dummy-virt (DT) [ 16.601687] Call trace: [ 16.601710] show_stack+0x20/0x38 (C) [ 16.601764] dump_stack_lvl+0x8c/0xd0 [ 16.602056] print_report+0x118/0x5d0 [ 16.602121] kasan_report+0xdc/0x128 [ 16.602334] __asan_report_store1_noabort+0x20/0x30 [ 16.602392] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.602445] kunit_try_run_case+0x170/0x3f0 [ 16.602632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.602739] kthread+0x328/0x630 [ 16.602893] ret_from_fork+0x10/0x20 [ 16.602971] [ 16.602990] Allocated by task 142: [ 16.603019] kasan_save_stack+0x3c/0x68 [ 16.603062] kasan_save_track+0x20/0x40 [ 16.603099] kasan_save_alloc_info+0x40/0x58 [ 16.603137] __kasan_kmalloc+0xd4/0xd8 [ 16.603374] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.603468] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.603520] kunit_try_run_case+0x170/0x3f0 [ 16.603569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.603678] kthread+0x328/0x630 [ 16.603853] ret_from_fork+0x10/0x20 [ 16.603919] [ 16.603998] The buggy address belongs to the object at fff00000c595ed00 [ 16.603998] which belongs to the cache kmalloc-128 of size 128 [ 16.604058] The buggy address is located 0 bytes to the right of [ 16.604058] allocated 120-byte region [fff00000c595ed00, fff00000c595ed78) [ 16.604165] [ 16.604187] The buggy address belongs to the physical page: [ 16.604272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.604328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.604380] page_type: f5(slab) [ 16.604423] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.604472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.604511] page dumped because: kasan: bad access detected [ 16.604541] [ 16.604558] Memory state around the buggy address: [ 16.604815] fff00000c595ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.604933] fff00000c595ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605007] >fff00000c595ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.605044] ^ [ 16.605090] fff00000c595ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605158] fff00000c595ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605200] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.555255] ================================================================== [ 16.555441] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.555511] Read of size 1 at addr fff00000c655f000 by task kunit_try_catch/140 [ 16.555560] [ 16.555600] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.556240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.556270] Hardware name: linux,dummy-virt (DT) [ 16.556302] Call trace: [ 16.556326] show_stack+0x20/0x38 (C) [ 16.556386] dump_stack_lvl+0x8c/0xd0 [ 16.556436] print_report+0x118/0x5d0 [ 16.556777] kasan_report+0xdc/0x128 [ 16.556949] __asan_report_load1_noabort+0x20/0x30 [ 16.557040] kmalloc_node_oob_right+0x2f4/0x330 [ 16.557088] kunit_try_run_case+0x170/0x3f0 [ 16.557137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.557189] kthread+0x328/0x630 [ 16.557234] ret_from_fork+0x10/0x20 [ 16.557293] [ 16.557312] Allocated by task 140: [ 16.557341] kasan_save_stack+0x3c/0x68 [ 16.557383] kasan_save_track+0x20/0x40 [ 16.557919] kasan_save_alloc_info+0x40/0x58 [ 16.558045] __kasan_kmalloc+0xd4/0xd8 [ 16.558105] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.558146] kmalloc_node_oob_right+0xbc/0x330 [ 16.558184] kunit_try_run_case+0x170/0x3f0 [ 16.558226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.558491] kthread+0x328/0x630 [ 16.558525] ret_from_fork+0x10/0x20 [ 16.558596] [ 16.558617] The buggy address belongs to the object at fff00000c655e000 [ 16.558617] which belongs to the cache kmalloc-4k of size 4096 [ 16.558675] The buggy address is located 0 bytes to the right of [ 16.558675] allocated 4096-byte region [fff00000c655e000, fff00000c655f000) [ 16.558736] [ 16.558757] The buggy address belongs to the physical page: [ 16.559720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106558 [ 16.560238] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.560301] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.560986] page_type: f5(slab) [ 16.561299] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.561974] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.562258] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.563204] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.563548] head: 0bfffe0000000003 ffffc1ffc3195601 00000000ffffffff 00000000ffffffff [ 16.563632] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.563682] page dumped because: kasan: bad access detected [ 16.563735] [ 16.563753] Memory state around the buggy address: [ 16.564414] fff00000c655ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.565104] fff00000c655ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.565606] >fff00000c655f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565863] ^ [ 16.565958] fff00000c655f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566056] fff00000c655f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.541272] ================================================================== [ 16.541378] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.541442] Read of size 1 at addr fff00000c5acc05f by task kunit_try_catch/138 [ 16.541502] [ 16.541542] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.541622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.541650] Hardware name: linux,dummy-virt (DT) [ 16.541684] Call trace: [ 16.541706] show_stack+0x20/0x38 (C) [ 16.541959] dump_stack_lvl+0x8c/0xd0 [ 16.542045] print_report+0x118/0x5d0 [ 16.542094] kasan_report+0xdc/0x128 [ 16.542359] __asan_report_load1_noabort+0x20/0x30 [ 16.542414] kmalloc_oob_left+0x2ec/0x320 [ 16.542460] kunit_try_run_case+0x170/0x3f0 [ 16.542508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.542559] kthread+0x328/0x630 [ 16.542811] ret_from_fork+0x10/0x20 [ 16.542903] [ 16.543009] Allocated by task 24: [ 16.543188] kasan_save_stack+0x3c/0x68 [ 16.543333] kasan_save_track+0x20/0x40 [ 16.543500] kasan_save_alloc_info+0x40/0x58 [ 16.543561] __kasan_kmalloc+0xd4/0xd8 [ 16.543597] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.543656] kvasprintf+0xe0/0x180 [ 16.543692] __kthread_create_on_node+0x16c/0x350 [ 16.543995] kthread_create_on_node+0xe4/0x130 [ 16.544206] create_worker+0x380/0x6b8 [ 16.544380] worker_thread+0x808/0xf38 [ 16.544462] kthread+0x328/0x630 [ 16.544531] ret_from_fork+0x10/0x20 [ 16.544627] [ 16.544728] The buggy address belongs to the object at fff00000c5acc040 [ 16.544728] which belongs to the cache kmalloc-16 of size 16 [ 16.544890] The buggy address is located 19 bytes to the right of [ 16.544890] allocated 12-byte region [fff00000c5acc040, fff00000c5acc04c) [ 16.544975] [ 16.545026] The buggy address belongs to the physical page: [ 16.545058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc [ 16.545473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.545622] page_type: f5(slab) [ 16.545737] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.545880] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.546012] page dumped because: kasan: bad access detected [ 16.546110] [ 16.546128] Memory state around the buggy address: [ 16.546160] fff00000c5acbf00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 16.546344] fff00000c5acbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.546741] >fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 16.546806] ^ [ 16.547175] fff00000c5acc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547262] fff00000c5acc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.524380] ================================================================== [ 16.524421] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.524475] Write of size 1 at addr fff00000c595ec78 by task kunit_try_catch/136 [ 16.524523] [ 16.524559] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.524638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.524707] Hardware name: linux,dummy-virt (DT) [ 16.524753] Call trace: [ 16.524794] show_stack+0x20/0x38 (C) [ 16.524878] dump_stack_lvl+0x8c/0xd0 [ 16.524955] print_report+0x118/0x5d0 [ 16.525011] kasan_report+0xdc/0x128 [ 16.525057] __asan_report_store1_noabort+0x20/0x30 [ 16.525133] kmalloc_oob_right+0x538/0x660 [ 16.525223] kunit_try_run_case+0x170/0x3f0 [ 16.525278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.525330] kthread+0x328/0x630 [ 16.525372] ret_from_fork+0x10/0x20 [ 16.525419] [ 16.525437] Allocated by task 136: [ 16.525464] kasan_save_stack+0x3c/0x68 [ 16.525692] kasan_save_track+0x20/0x40 [ 16.525753] kasan_save_alloc_info+0x40/0x58 [ 16.525820] __kasan_kmalloc+0xd4/0xd8 [ 16.525885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.525951] kmalloc_oob_right+0xb0/0x660 [ 16.525987] kunit_try_run_case+0x170/0x3f0 [ 16.526042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.526101] kthread+0x328/0x630 [ 16.526135] ret_from_fork+0x10/0x20 [ 16.526176] [ 16.526196] The buggy address belongs to the object at fff00000c595ec00 [ 16.526196] which belongs to the cache kmalloc-128 of size 128 [ 16.526252] The buggy address is located 5 bytes to the right of [ 16.526252] allocated 115-byte region [fff00000c595ec00, fff00000c595ec73) [ 16.526504] [ 16.526530] The buggy address belongs to the physical page: [ 16.526579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.526671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.526736] page_type: f5(slab) [ 16.527036] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.527119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.527218] page dumped because: kasan: bad access detected [ 16.527333] [ 16.527413] Memory state around the buggy address: [ 16.527461] fff00000c595eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.527519] fff00000c595eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.527598] >fff00000c595ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.527683] ^ [ 16.527770] fff00000c595ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.527821] fff00000c595ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.527867] ================================================================== [ 16.528645] ================================================================== [ 16.528699] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.528746] Read of size 1 at addr fff00000c595ec80 by task kunit_try_catch/136 [ 16.528998] [ 16.529041] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.529152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.529241] Hardware name: linux,dummy-virt (DT) [ 16.529278] Call trace: [ 16.529335] show_stack+0x20/0x38 (C) [ 16.529387] dump_stack_lvl+0x8c/0xd0 [ 16.529533] print_report+0x118/0x5d0 [ 16.529583] kasan_report+0xdc/0x128 [ 16.529738] __asan_report_load1_noabort+0x20/0x30 [ 16.529947] kmalloc_oob_right+0x5d0/0x660 [ 16.529999] kunit_try_run_case+0x170/0x3f0 [ 16.530158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.530229] kthread+0x328/0x630 [ 16.530282] ret_from_fork+0x10/0x20 [ 16.530329] [ 16.530359] Allocated by task 136: [ 16.530386] kasan_save_stack+0x3c/0x68 [ 16.530676] kasan_save_track+0x20/0x40 [ 16.530753] kasan_save_alloc_info+0x40/0x58 [ 16.530807] __kasan_kmalloc+0xd4/0xd8 [ 16.530855] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.530950] kmalloc_oob_right+0xb0/0x660 [ 16.530986] kunit_try_run_case+0x170/0x3f0 [ 16.531022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.531197] kthread+0x328/0x630 [ 16.531254] ret_from_fork+0x10/0x20 [ 16.531290] [ 16.531422] The buggy address belongs to the object at fff00000c595ec00 [ 16.531422] which belongs to the cache kmalloc-128 of size 128 [ 16.531530] The buggy address is located 13 bytes to the right of [ 16.531530] allocated 115-byte region [fff00000c595ec00, fff00000c595ec73) [ 16.531734] [ 16.531756] The buggy address belongs to the physical page: [ 16.531785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.532024] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.532158] page_type: f5(slab) [ 16.532198] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.532246] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.532370] page dumped because: kasan: bad access detected [ 16.532451] [ 16.532468] Memory state around the buggy address: [ 16.532542] fff00000c595eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.532634] fff00000c595ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.532698] >fff00000c595ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.532756] ^ [ 16.532811] fff00000c595ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.532880] fff00000c595ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.532916] ================================================================== [ 16.509556] ================================================================== [ 16.509977] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.510810] Write of size 1 at addr fff00000c595ec73 by task kunit_try_catch/136 [ 16.510933] [ 16.512084] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.512265] Tainted: [N]=TEST [ 16.512297] Hardware name: linux,dummy-virt (DT) [ 16.512528] Call trace: [ 16.512708] show_stack+0x20/0x38 (C) [ 16.512922] dump_stack_lvl+0x8c/0xd0 [ 16.512989] print_report+0x118/0x5d0 [ 16.513038] kasan_report+0xdc/0x128 [ 16.513083] __asan_report_store1_noabort+0x20/0x30 [ 16.513275] kmalloc_oob_right+0x5a4/0x660 [ 16.513495] kunit_try_run_case+0x170/0x3f0 [ 16.513590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.513722] kthread+0x328/0x630 [ 16.513766] ret_from_fork+0x10/0x20 [ 16.514858] [ 16.515088] Allocated by task 136: [ 16.515588] kasan_save_stack+0x3c/0x68 [ 16.515666] kasan_save_track+0x20/0x40 [ 16.515981] kasan_save_alloc_info+0x40/0x58 [ 16.516034] __kasan_kmalloc+0xd4/0xd8 [ 16.516194] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.516324] kmalloc_oob_right+0xb0/0x660 [ 16.516461] kunit_try_run_case+0x170/0x3f0 [ 16.516564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.516776] kthread+0x328/0x630 [ 16.516869] ret_from_fork+0x10/0x20 [ 16.517519] [ 16.517677] The buggy address belongs to the object at fff00000c595ec00 [ 16.517677] which belongs to the cache kmalloc-128 of size 128 [ 16.518130] The buggy address is located 0 bytes to the right of [ 16.518130] allocated 115-byte region [fff00000c595ec00, fff00000c595ec73) [ 16.518454] [ 16.518675] The buggy address belongs to the physical page: [ 16.519630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.520464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.521266] page_type: f5(slab) [ 16.521722] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.521825] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.521998] page dumped because: kasan: bad access detected [ 16.522053] [ 16.522088] Memory state around the buggy address: [ 16.522360] fff00000c595eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.522445] fff00000c595eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522511] >fff00000c595ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.522580] ^ [ 16.522705] fff00000c595ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522765] fff00000c595ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522864] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.100908] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.102577] Modules linked in: [ 97.103309] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 97.104103] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.104448] Hardware name: linux,dummy-virt (DT) [ 97.104747] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.105210] pc : intlog10+0x38/0x48 [ 97.105618] lr : intlog10_test+0xe4/0x200 [ 97.105890] sp : ffff8000822b7c10 [ 97.106108] x29: ffff8000822b7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.106611] x26: 1ffe0000195e2481 x25: 0000000000000000 x24: ffff8000822b7ce0 [ 97.107116] x23: ffff8000822b7d00 x22: 0000000000000000 x21: 1ffff00010456f82 [ 97.107667] x20: ffff971ff4a89d80 x19: ffff800080087990 x18: 00000000848bf43f [ 97.108205] x17: 000000008f0cb01f x16: fff00000c0975c3c x15: fff00000ff616b08 [ 97.108800] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff72e3ff123379 [ 97.109259] x11: 1ffff2e3ff123378 x10: ffff72e3ff123378 x9 : ffff971ff2034e9c [ 97.109705] x8 : ffff971ff8919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.110103] x5 : ffff700010456f82 x4 : 1ffff00010010f3a x3 : 1ffff2e3fe9513b0 [ 97.110510] x2 : 1ffff2e3fe9513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.110934] Call trace: [ 97.111113] intlog10+0x38/0x48 (P) [ 97.111367] kunit_try_run_case+0x170/0x3f0 [ 97.111746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.112007] kthread+0x328/0x630 [ 97.112370] ret_from_fork+0x10/0x20 [ 97.112631] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.053150] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.053881] Modules linked in: [ 97.054117] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 97.054510] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.054715] Hardware name: linux,dummy-virt (DT) [ 97.055032] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.056263] pc : intlog2+0xd8/0xf8 [ 97.056730] lr : intlog2_test+0xe4/0x200 [ 97.057298] sp : ffff800082287c10 [ 97.057740] x29: ffff800082287c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.058641] x26: 1ffe0000196b47c1 x25: 0000000000000000 x24: ffff800082287ce0 [ 97.059448] x23: ffff800082287d00 x22: 0000000000000000 x21: 1ffff00010450f82 [ 97.060455] x20: ffff971ff4a89c80 x19: ffff800080087990 x18: 00000000c8e4d047 [ 97.061404] x17: 00000000cc7fda26 x16: 00000000b40b848f x15: 0000000037560d64 [ 97.062297] x14: 0000000087b31594 x13: 1ffe00001b48e989 x12: ffff72e3ff123379 [ 97.063138] x11: 1ffff2e3ff123378 x10: ffff72e3ff123378 x9 : ffff971ff203509c [ 97.064026] x8 : ffff971ff8919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.064865] x5 : ffff700010450f82 x4 : 1ffff00010010f3a x3 : 1ffff2e3fe951390 [ 97.065616] x2 : 1ffff2e3fe951390 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.066487] Call trace: [ 97.066938] intlog2+0xd8/0xf8 (P) [ 97.067219] kunit_try_run_case+0x170/0x3f0 [ 97.067435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.067669] kthread+0x328/0x630 [ 97.067855] ret_from_fork+0x10/0x20 [ 97.068137] ---[ end trace 0000000000000000 ]---