Date
July 18, 2025, 2:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.970232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 18.996240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 19.021682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 18.927166] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 18.921000] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 93.322973] Internal error: Oops: 0000000096000005 [#1] SMP [ 93.328253] Modules linked in: [ 93.328959] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 93.330105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 93.330625] Hardware name: linux,dummy-virt (DT) [ 93.331200] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.331643] pc : kunit_test_null_dereference+0x70/0x170 [ 93.331937] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.332190] sp : ffff800081fa7d30 [ 93.332375] x29: ffff800081fa7d90 x28: 0000000000000000 x27: 0000000000000000 [ 93.333018] x26: 1ffe000018ad6081 x25: 0000000000000000 x24: 0000000000000004 [ 93.333813] x23: fff00000c56b040c x22: ffffb057b5422478 x21: fff00000c120b408 [ 93.334593] x20: 1ffff000103f4fa6 x19: ffff800080087990 x18: 00000000543f6bdf [ 93.335362] x17: 0000000035954e60 x16: 0000000000000100 x15: 00000000744ce37c [ 93.336135] x14: 0000000078b2ec6a x13: 1ffe00001b48a789 x12: fffd8000196703a4 [ 93.336923] x11: 1ffe0000196703a3 x10: fffd8000196703a3 x9 : ffffb057b54198e0 [ 93.337759] x8 : ffff800081fa7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 93.338531] x5 : ffff7000103f4fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 93.339308] x2 : dfff800000000000 x1 : fff00000cb381440 x0 : ffff800080087990 [ 93.340129] Call trace: [ 93.340486] kunit_test_null_dereference+0x70/0x170 (P) [ 93.341072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.341580] kthread+0x328/0x630 [ 93.341903] ret_from_fork+0x10/0x20 [ 93.342564] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 93.343496] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.451964] ================================================================== [ 49.452055] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.452055] [ 49.452155] Use-after-free read at 0x000000003c613734 (in kfence-#145): [ 49.452210] test_krealloc+0x51c/0x830 [ 49.452255] kunit_try_run_case+0x170/0x3f0 [ 49.452301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.452344] kthread+0x328/0x630 [ 49.452384] ret_from_fork+0x10/0x20 [ 49.452424] [ 49.452450] kfence-#145: 0x000000003c613734-0x00000000bc89ed3d, size=32, cache=kmalloc-32 [ 49.452450] [ 49.452503] allocated by task 338 on cpu 0 at 49.451267s (0.001232s ago): [ 49.452571] test_alloc+0x29c/0x628 [ 49.452611] test_krealloc+0xc0/0x830 [ 49.452651] kunit_try_run_case+0x170/0x3f0 [ 49.452691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.452746] kthread+0x328/0x630 [ 49.452783] ret_from_fork+0x10/0x20 [ 49.452822] [ 49.452845] freed by task 338 on cpu 0 at 49.451546s (0.001295s ago): [ 49.452906] krealloc_noprof+0x148/0x360 [ 49.452946] test_krealloc+0x1dc/0x830 [ 49.452986] kunit_try_run_case+0x170/0x3f0 [ 49.453026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.453069] kthread+0x328/0x630 [ 49.453104] ret_from_fork+0x10/0x20 [ 49.453144] [ 49.453192] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.453270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.453310] Hardware name: linux,dummy-virt (DT) [ 49.453347] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.372128] ================================================================== [ 49.372241] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.372241] [ 49.372344] Use-after-free read at 0x00000000cf4c714f (in kfence-#144): [ 49.372401] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.372453] kunit_try_run_case+0x170/0x3f0 [ 49.372499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.372544] kthread+0x328/0x630 [ 49.372584] ret_from_fork+0x10/0x20 [ 49.372625] [ 49.372650] kfence-#144: 0x00000000cf4c714f-0x00000000ab3cb8aa, size=32, cache=test [ 49.372650] [ 49.372703] allocated by task 336 on cpu 1 at 49.345111s (0.027587s ago): [ 49.372790] test_alloc+0x230/0x628 [ 49.372832] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.372875] kunit_try_run_case+0x170/0x3f0 [ 49.372916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.372958] kthread+0x328/0x630 [ 49.372992] ret_from_fork+0x10/0x20 [ 49.373032] [ 49.373056] freed by task 336 on cpu 1 at 49.345222s (0.027830s ago): [ 49.373110] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.373154] kunit_try_run_case+0x170/0x3f0 [ 49.373194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.373235] kthread+0x328/0x630 [ 49.373272] ret_from_fork+0x10/0x20 [ 49.373326] [ 49.373375] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.373454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.373485] Hardware name: linux,dummy-virt (DT) [ 49.373520] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.167277] ================================================================== [ 26.167422] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.167422] [ 26.167552] Invalid read at 0x0000000071f162bf: [ 26.167881] test_invalid_access+0xdc/0x1f0 [ 26.167947] kunit_try_run_case+0x170/0x3f0 [ 26.168044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.168097] kthread+0x328/0x630 [ 26.168177] ret_from_fork+0x10/0x20 [ 26.168235] [ 26.168287] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.168944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.169055] Hardware name: linux,dummy-virt (DT) [ 26.169101] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.939565] ================================================================== [ 25.939659] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.939659] [ 25.939741] Corrupted memory at 0x00000000f33d3f24 [ ! . . . . . . . . . . . . . . . ] (in kfence-#137): [ 25.940053] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.940104] kunit_try_run_case+0x170/0x3f0 [ 25.940147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.940190] kthread+0x328/0x630 [ 25.940227] ret_from_fork+0x10/0x20 [ 25.940266] [ 25.940290] kfence-#137: 0x000000002b37c7e5-0x0000000078f6f3c7, size=73, cache=kmalloc-96 [ 25.940290] [ 25.940345] allocated by task 325 on cpu 0 at 25.939324s (0.001017s ago): [ 25.940407] test_alloc+0x29c/0x628 [ 25.940446] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.940489] kunit_try_run_case+0x170/0x3f0 [ 25.940530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.940574] kthread+0x328/0x630 [ 25.940609] ret_from_fork+0x10/0x20 [ 25.940647] [ 25.940671] freed by task 325 on cpu 0 at 25.939473s (0.001194s ago): [ 25.940742] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.940784] kunit_try_run_case+0x170/0x3f0 [ 25.940823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.940866] kthread+0x328/0x630 [ 25.940901] ret_from_fork+0x10/0x20 [ 25.940940] [ 25.940982] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.941058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.941087] Hardware name: linux,dummy-virt (DT) [ 25.941121] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.835516] ================================================================== [ 25.835612] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.835612] [ 25.835734] Out-of-bounds read at 0x000000000ad24d1d (105B right of kfence-#136): [ 25.835795] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.835845] kunit_try_run_case+0x170/0x3f0 [ 25.835890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.835936] kthread+0x328/0x630 [ 25.835974] ret_from_fork+0x10/0x20 [ 25.836015] [ 25.836042] kfence-#136: 0x00000000c9f550b0-0x0000000080a28601, size=73, cache=kmalloc-96 [ 25.836042] [ 25.836096] allocated by task 323 on cpu 0 at 25.835264s (0.000828s ago): [ 25.836166] test_alloc+0x29c/0x628 [ 25.836208] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.836253] kunit_try_run_case+0x170/0x3f0 [ 25.836293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.836336] kthread+0x328/0x630 [ 25.836373] ret_from_fork+0x10/0x20 [ 25.836413] [ 25.836463] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.836543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.836572] Hardware name: linux,dummy-virt (DT) [ 25.836608] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.091516] ================================================================== [ 22.091617] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.091617] [ 22.091680] Corrupted memory at 0x00000000a74a2000 [ ! ] (in kfence-#100): [ 22.091833] test_corruption+0x1d8/0x378 [ 22.091882] kunit_try_run_case+0x170/0x3f0 [ 22.091925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.091970] kthread+0x328/0x630 [ 22.092007] ret_from_fork+0x10/0x20 [ 22.092048] [ 22.092072] kfence-#100: 0x0000000064f008a2-0x0000000075cbb4b4, size=32, cache=test [ 22.092072] [ 22.092127] allocated by task 313 on cpu 1 at 22.091372s (0.000751s ago): [ 22.092188] test_alloc+0x230/0x628 [ 22.092229] test_corruption+0x198/0x378 [ 22.092268] kunit_try_run_case+0x170/0x3f0 [ 22.092308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.092351] kthread+0x328/0x630 [ 22.092386] ret_from_fork+0x10/0x20 [ 22.092425] [ 22.092449] freed by task 313 on cpu 1 at 22.091428s (0.001017s ago): [ 22.092509] test_corruption+0x1d8/0x378 [ 22.092548] kunit_try_run_case+0x170/0x3f0 [ 22.092592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.092639] kthread+0x328/0x630 [ 22.092675] ret_from_fork+0x10/0x20 [ 22.092728] [ 22.092773] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.092849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.092880] Hardware name: linux,dummy-virt (DT) [ 22.092915] ================================================================== [ 21.779655] ================================================================== [ 21.779771] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.779771] [ 21.779838] Corrupted memory at 0x00000000ab776d43 [ ! ] (in kfence-#97): [ 21.779971] test_corruption+0x284/0x378 [ 21.780018] kunit_try_run_case+0x170/0x3f0 [ 21.780062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.780106] kthread+0x328/0x630 [ 21.780145] ret_from_fork+0x10/0x20 [ 21.780187] [ 21.780211] kfence-#97: 0x000000005da68efb-0x000000008a59c6a6, size=32, cache=kmalloc-32 [ 21.780211] [ 21.780267] allocated by task 311 on cpu 1 at 21.779373s (0.000890s ago): [ 21.780329] test_alloc+0x29c/0x628 [ 21.780370] test_corruption+0x198/0x378 [ 21.780411] kunit_try_run_case+0x170/0x3f0 [ 21.780449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.780493] kthread+0x328/0x630 [ 21.780528] ret_from_fork+0x10/0x20 [ 21.780567] [ 21.780591] freed by task 311 on cpu 1 at 21.779481s (0.001105s ago): [ 21.780651] test_corruption+0x284/0x378 [ 21.780692] kunit_try_run_case+0x170/0x3f0 [ 21.780742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.780785] kthread+0x328/0x630 [ 21.780821] ret_from_fork+0x10/0x20 [ 21.780860] [ 21.780905] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.780981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.781010] Hardware name: linux,dummy-virt (DT) [ 21.781044] ================================================================== [ 21.571590] ================================================================== [ 21.571703] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.571703] [ 21.571792] Corrupted memory at 0x00000000fc0178f5 [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 21.572890] test_corruption+0x278/0x378 [ 21.572945] kunit_try_run_case+0x170/0x3f0 [ 21.572993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.573037] kthread+0x328/0x630 [ 21.573077] ret_from_fork+0x10/0x20 [ 21.573119] [ 21.573144] kfence-#95: 0x0000000084ecd9f5-0x00000000e2a992f2, size=32, cache=kmalloc-32 [ 21.573144] [ 21.573203] allocated by task 311 on cpu 1 at 21.571301s (0.001898s ago): [ 21.573264] test_alloc+0x29c/0x628 [ 21.573310] test_corruption+0xdc/0x378 [ 21.573350] kunit_try_run_case+0x170/0x3f0 [ 21.573392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.573435] kthread+0x328/0x630 [ 21.573471] ret_from_fork+0x10/0x20 [ 21.573511] [ 21.573535] freed by task 311 on cpu 1 at 21.571407s (0.002123s ago): [ 21.573595] test_corruption+0x278/0x378 [ 21.573634] kunit_try_run_case+0x170/0x3f0 [ 21.573675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.573729] kthread+0x328/0x630 [ 21.573764] ret_from_fork+0x10/0x20 [ 21.573805] [ 21.573855] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.573933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.573962] Hardware name: linux,dummy-virt (DT) [ 21.573998] ================================================================== [ 21.883452] ================================================================== [ 21.883550] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.883550] [ 21.883615] Corrupted memory at 0x000000002ac2fb01 [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 21.883951] test_corruption+0x120/0x378 [ 21.884001] kunit_try_run_case+0x170/0x3f0 [ 21.884047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.884093] kthread+0x328/0x630 [ 21.884132] ret_from_fork+0x10/0x20 [ 21.884173] [ 21.884198] kfence-#98: 0x000000008da1a44d-0x000000008a04201a, size=32, cache=test [ 21.884198] [ 21.884253] allocated by task 313 on cpu 1 at 21.883299s (0.000950s ago): [ 21.884314] test_alloc+0x230/0x628 [ 21.884355] test_corruption+0xdc/0x378 [ 21.884397] kunit_try_run_case+0x170/0x3f0 [ 21.884438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.884483] kthread+0x328/0x630 [ 21.884522] ret_from_fork+0x10/0x20 [ 21.884563] [ 21.884586] freed by task 313 on cpu 1 at 21.883360s (0.001222s ago): [ 21.884648] test_corruption+0x120/0x378 [ 21.884689] kunit_try_run_case+0x170/0x3f0 [ 21.884742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.884786] kthread+0x328/0x630 [ 21.884822] ret_from_fork+0x10/0x20 [ 21.884861] [ 21.884907] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.884985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.885015] Hardware name: linux,dummy-virt (DT) [ 21.885048] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.467376] ================================================================== [ 21.467467] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.467467] [ 21.467528] Invalid free of 0x000000009ce1ee21 (in kfence-#94): [ 21.467582] test_invalid_addr_free+0xec/0x238 [ 21.467629] kunit_try_run_case+0x170/0x3f0 [ 21.467671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.467732] kthread+0x328/0x630 [ 21.467771] ret_from_fork+0x10/0x20 [ 21.467810] [ 21.467835] kfence-#94: 0x000000001954958f-0x0000000096b8644c, size=32, cache=test [ 21.467835] [ 21.467889] allocated by task 309 on cpu 0 at 21.467251s (0.000634s ago): [ 21.467951] test_alloc+0x230/0x628 [ 21.467991] test_invalid_addr_free+0xd4/0x238 [ 21.468033] kunit_try_run_case+0x170/0x3f0 [ 21.468073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.468116] kthread+0x328/0x630 [ 21.468151] ret_from_fork+0x10/0x20 [ 21.468192] [ 21.468233] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.468309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.468341] Hardware name: linux,dummy-virt (DT) [ 21.468375] ================================================================== [ 21.363433] ================================================================== [ 21.363520] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.363520] [ 21.363584] Invalid free of 0x00000000cc5e974c (in kfence-#93): [ 21.363640] test_invalid_addr_free+0x1ac/0x238 [ 21.363688] kunit_try_run_case+0x170/0x3f0 [ 21.363750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.363795] kthread+0x328/0x630 [ 21.363835] ret_from_fork+0x10/0x20 [ 21.363876] [ 21.363900] kfence-#93: 0x00000000e3362741-0x0000000007eab642, size=32, cache=kmalloc-32 [ 21.363900] [ 21.363954] allocated by task 307 on cpu 0 at 21.363280s (0.000670s ago): [ 21.364017] test_alloc+0x29c/0x628 [ 21.364059] test_invalid_addr_free+0xd4/0x238 [ 21.364100] kunit_try_run_case+0x170/0x3f0 [ 21.364140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.364185] kthread+0x328/0x630 [ 21.364221] ret_from_fork+0x10/0x20 [ 21.364261] [ 21.364307] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.364390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.364420] Hardware name: linux,dummy-virt (DT) [ 21.364455] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.157131] ================================================================== [ 21.157420] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.157420] [ 21.157587] Invalid free of 0x00000000e907583d (in kfence-#91): [ 21.157848] test_double_free+0x1bc/0x238 [ 21.158029] kunit_try_run_case+0x170/0x3f0 [ 21.158073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.158351] kthread+0x328/0x630 [ 21.158428] ret_from_fork+0x10/0x20 [ 21.158631] [ 21.158674] kfence-#91: 0x00000000e907583d-0x0000000096563bb7, size=32, cache=kmalloc-32 [ 21.158674] [ 21.158739] allocated by task 303 on cpu 1 at 21.156215s (0.002520s ago): [ 21.158801] test_alloc+0x29c/0x628 [ 21.158968] test_double_free+0xd4/0x238 [ 21.159099] kunit_try_run_case+0x170/0x3f0 [ 21.159145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.159230] kthread+0x328/0x630 [ 21.159284] ret_from_fork+0x10/0x20 [ 21.159341] [ 21.159417] freed by task 303 on cpu 1 at 21.156622s (0.002790s ago): [ 21.159494] test_double_free+0x1ac/0x238 [ 21.159537] kunit_try_run_case+0x170/0x3f0 [ 21.159577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.159620] kthread+0x328/0x630 [ 21.159745] ret_from_fork+0x10/0x20 [ 21.160033] [ 21.160088] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.160313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.160478] Hardware name: linux,dummy-virt (DT) [ 21.160649] ================================================================== [ 21.259391] ================================================================== [ 21.259482] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.259482] [ 21.259544] Invalid free of 0x0000000080559076 (in kfence-#92): [ 21.259596] test_double_free+0x100/0x238 [ 21.259642] kunit_try_run_case+0x170/0x3f0 [ 21.259686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.259746] kthread+0x328/0x630 [ 21.259785] ret_from_fork+0x10/0x20 [ 21.259825] [ 21.259850] kfence-#92: 0x0000000080559076-0x000000005ab8e30f, size=32, cache=test [ 21.259850] [ 21.259902] allocated by task 305 on cpu 1 at 21.259196s (0.000702s ago): [ 21.259963] test_alloc+0x230/0x628 [ 21.260004] test_double_free+0xd4/0x238 [ 21.260046] kunit_try_run_case+0x170/0x3f0 [ 21.260086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.260131] kthread+0x328/0x630 [ 21.260166] ret_from_fork+0x10/0x20 [ 21.260206] [ 21.260230] freed by task 305 on cpu 1 at 21.259255s (0.000971s ago): [ 21.260294] test_double_free+0xf0/0x238 [ 21.260333] kunit_try_run_case+0x170/0x3f0 [ 21.260373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.260416] kthread+0x328/0x630 [ 21.260453] ret_from_fork+0x10/0x20 [ 21.260493] [ 21.260538] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.260617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.260646] Hardware name: linux,dummy-virt (DT) [ 21.260678] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.842197] ================================================================== [ 20.842534] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.842534] [ 20.842763] Use-after-free read at 0x00000000cb867e08 (in kfence-#88): [ 20.842826] test_use_after_free_read+0x114/0x248 [ 20.843193] kunit_try_run_case+0x170/0x3f0 [ 20.843296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.843342] kthread+0x328/0x630 [ 20.843383] ret_from_fork+0x10/0x20 [ 20.843424] [ 20.844022] kfence-#88: 0x00000000cb867e08-0x000000007cd1d3e3, size=32, cache=test [ 20.844022] [ 20.844150] allocated by task 297 on cpu 1 at 20.841981s (0.002163s ago): [ 20.844263] test_alloc+0x230/0x628 [ 20.844609] test_use_after_free_read+0xd0/0x248 [ 20.844692] kunit_try_run_case+0x170/0x3f0 [ 20.845123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.845563] kthread+0x328/0x630 [ 20.845764] ret_from_fork+0x10/0x20 [ 20.845866] [ 20.845973] freed by task 297 on cpu 1 at 20.842066s (0.003878s ago): [ 20.846780] test_use_after_free_read+0xf0/0x248 [ 20.846895] kunit_try_run_case+0x170/0x3f0 [ 20.847066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.847304] kthread+0x328/0x630 [ 20.847433] ret_from_fork+0x10/0x20 [ 20.847586] [ 20.847651] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.848010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.848072] Hardware name: linux,dummy-virt (DT) [ 20.848486] ================================================================== [ 20.737190] ================================================================== [ 20.737606] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.737606] [ 20.737774] Use-after-free read at 0x00000000ef0997c5 (in kfence-#87): [ 20.738187] test_use_after_free_read+0x114/0x248 [ 20.738262] kunit_try_run_case+0x170/0x3f0 [ 20.738318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.738678] kthread+0x328/0x630 [ 20.738760] ret_from_fork+0x10/0x20 [ 20.739063] [ 20.739251] kfence-#87: 0x00000000ef0997c5-0x00000000d78feb9e, size=32, cache=kmalloc-32 [ 20.739251] [ 20.739348] allocated by task 295 on cpu 1 at 20.736151s (0.003194s ago): [ 20.739671] test_alloc+0x29c/0x628 [ 20.739797] test_use_after_free_read+0xd0/0x248 [ 20.739903] kunit_try_run_case+0x170/0x3f0 [ 20.740178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.740330] kthread+0x328/0x630 [ 20.740389] ret_from_fork+0x10/0x20 [ 20.740497] [ 20.741451] freed by task 295 on cpu 1 at 20.736224s (0.004798s ago): [ 20.742011] test_use_after_free_read+0x1c0/0x248 [ 20.742104] kunit_try_run_case+0x170/0x3f0 [ 20.742255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.742324] kthread+0x328/0x630 [ 20.742695] ret_from_fork+0x10/0x20 [ 20.742844] [ 20.742915] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.743404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.743584] Hardware name: linux,dummy-virt (DT) [ 20.743640] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.209415] ================================================================== [ 20.209934] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.209934] [ 20.210035] Out-of-bounds write at 0x000000009f039f77 (1B left of kfence-#82): [ 20.210105] test_out_of_bounds_write+0x100/0x240 [ 20.210497] kunit_try_run_case+0x170/0x3f0 [ 20.210568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.210637] kthread+0x328/0x630 [ 20.210696] ret_from_fork+0x10/0x20 [ 20.210976] [ 20.211222] kfence-#82: 0x00000000eedb94f6-0x000000004e4047c9, size=32, cache=kmalloc-32 [ 20.211222] [ 20.211286] allocated by task 291 on cpu 1 at 20.209099s (0.002183s ago): [ 20.211497] test_alloc+0x29c/0x628 [ 20.211667] test_out_of_bounds_write+0xc8/0x240 [ 20.211841] kunit_try_run_case+0x170/0x3f0 [ 20.211920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.212232] kthread+0x328/0x630 [ 20.212307] ret_from_fork+0x10/0x20 [ 20.212392] [ 20.212536] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.212736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.212834] Hardware name: linux,dummy-virt (DT) [ 20.213241] ================================================================== [ 20.636314] ================================================================== [ 20.636677] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.636677] [ 20.636803] Out-of-bounds write at 0x0000000063ef1f65 (1B left of kfence-#86): [ 20.636932] test_out_of_bounds_write+0x100/0x240 [ 20.636986] kunit_try_run_case+0x170/0x3f0 [ 20.637030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.637141] kthread+0x328/0x630 [ 20.637185] ret_from_fork+0x10/0x20 [ 20.637477] [ 20.637522] kfence-#86: 0x0000000094ab22ab-0x00000000fd96a067, size=32, cache=test [ 20.637522] [ 20.637598] allocated by task 293 on cpu 1 at 20.635980s (0.001602s ago): [ 20.637682] test_alloc+0x230/0x628 [ 20.637747] test_out_of_bounds_write+0xc8/0x240 [ 20.637792] kunit_try_run_case+0x170/0x3f0 [ 20.637839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.637884] kthread+0x328/0x630 [ 20.637919] ret_from_fork+0x10/0x20 [ 20.637967] [ 20.638024] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.638103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.638133] Hardware name: linux,dummy-virt (DT) [ 20.638207] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.684817] ================================================================== [ 19.684930] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.684930] [ 19.685291] Out-of-bounds read at 0x00000000c7cd868c (1B left of kfence-#77): [ 19.685650] test_out_of_bounds_read+0x114/0x3e0 [ 19.685763] kunit_try_run_case+0x170/0x3f0 [ 19.685812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.685857] kthread+0x328/0x630 [ 19.685913] ret_from_fork+0x10/0x20 [ 19.685959] [ 19.686150] kfence-#77: 0x000000003a90412f-0x00000000b6890914, size=32, cache=kmalloc-32 [ 19.686150] [ 19.686318] allocated by task 287 on cpu 1 at 19.683959s (0.002304s ago): [ 19.686907] test_alloc+0x29c/0x628 [ 19.687002] test_out_of_bounds_read+0xdc/0x3e0 [ 19.687046] kunit_try_run_case+0x170/0x3f0 [ 19.687213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.687258] kthread+0x328/0x630 [ 19.687548] ret_from_fork+0x10/0x20 [ 19.687742] [ 19.687910] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.687995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.688189] Hardware name: linux,dummy-virt (DT) [ 19.688512] ================================================================== [ 19.791977] ================================================================== [ 19.792070] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.792070] [ 19.792223] Out-of-bounds read at 0x000000006f11722f (32B right of kfence-#78): [ 19.792312] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.792378] kunit_try_run_case+0x170/0x3f0 [ 19.792423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.792467] kthread+0x328/0x630 [ 19.792505] ret_from_fork+0x10/0x20 [ 19.792545] [ 19.792730] kfence-#78: 0x00000000b7eee95b-0x000000008893c126, size=32, cache=kmalloc-32 [ 19.792730] [ 19.792979] allocated by task 287 on cpu 1 at 19.791521s (0.001427s ago): [ 19.793097] test_alloc+0x29c/0x628 [ 19.793228] test_out_of_bounds_read+0x198/0x3e0 [ 19.793433] kunit_try_run_case+0x170/0x3f0 [ 19.793509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.793620] kthread+0x328/0x630 [ 19.793658] ret_from_fork+0x10/0x20 [ 19.793704] [ 19.793761] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.793839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.793883] Hardware name: linux,dummy-virt (DT) [ 19.793919] ================================================================== [ 19.997584] ================================================================== [ 19.997828] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.997828] [ 19.998132] Out-of-bounds read at 0x0000000080252f98 (32B right of kfence-#80): [ 19.998201] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.998264] kunit_try_run_case+0x170/0x3f0 [ 19.998352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.998490] kthread+0x328/0x630 [ 19.998652] ret_from_fork+0x10/0x20 [ 19.998788] [ 19.998907] kfence-#80: 0x00000000acf52b59-0x00000000cf27bf54, size=32, cache=test [ 19.998907] [ 19.998989] allocated by task 289 on cpu 1 at 19.997153s (0.001832s ago): [ 19.999170] test_alloc+0x230/0x628 [ 19.999244] test_out_of_bounds_read+0x198/0x3e0 [ 19.999385] kunit_try_run_case+0x170/0x3f0 [ 19.999620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.999912] kthread+0x328/0x630 [ 20.000138] ret_from_fork+0x10/0x20 [ 20.000198] [ 20.000362] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.000728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.000824] Hardware name: linux,dummy-virt (DT) [ 20.001009] ================================================================== [ 19.892469] ================================================================== [ 19.892544] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.892544] [ 19.892628] Out-of-bounds read at 0x00000000e18e7525 (1B left of kfence-#79): [ 19.892685] test_out_of_bounds_read+0x114/0x3e0 [ 19.892747] kunit_try_run_case+0x170/0x3f0 [ 19.892800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.893030] kthread+0x328/0x630 [ 19.893216] ret_from_fork+0x10/0x20 [ 19.893257] [ 19.893382] kfence-#79: 0x000000001d0241a7-0x0000000040a5d107, size=32, cache=test [ 19.893382] [ 19.893667] allocated by task 289 on cpu 1 at 19.892387s (0.001262s ago): [ 19.894034] test_alloc+0x230/0x628 [ 19.894325] test_out_of_bounds_read+0xdc/0x3e0 [ 19.894729] kunit_try_run_case+0x170/0x3f0 [ 19.894901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.895027] kthread+0x328/0x630 [ 19.895063] ret_from_fork+0x10/0x20 [ 19.895104] [ 19.895151] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.895577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.895640] Hardware name: linux,dummy-virt (DT) [ 19.895735] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.534225] ================================================================== [ 19.534294] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.534354] Write of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.534409] [ 19.534441] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.534524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.534554] Hardware name: linux,dummy-virt (DT) [ 19.534586] Call trace: [ 19.534618] show_stack+0x20/0x38 (C) [ 19.534669] dump_stack_lvl+0x8c/0xd0 [ 19.534728] print_report+0x118/0x5d0 [ 19.534775] kasan_report+0xdc/0x128 [ 19.534824] kasan_check_range+0x100/0x1a8 [ 19.534874] __kasan_check_write+0x20/0x30 [ 19.534921] strncpy_from_user+0x3c/0x2a0 [ 19.534969] copy_user_test_oob+0x5c0/0xec8 [ 19.535018] kunit_try_run_case+0x170/0x3f0 [ 19.535068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535125] kthread+0x328/0x630 [ 19.535180] ret_from_fork+0x10/0x20 [ 19.535231] [ 19.535259] Allocated by task 285: [ 19.535298] kasan_save_stack+0x3c/0x68 [ 19.535340] kasan_save_track+0x20/0x40 [ 19.535381] kasan_save_alloc_info+0x40/0x58 [ 19.535422] __kasan_kmalloc+0xd4/0xd8 [ 19.535461] __kmalloc_noprof+0x198/0x4c8 [ 19.535500] kunit_kmalloc_array+0x34/0x88 [ 19.535545] copy_user_test_oob+0xac/0xec8 [ 19.535583] kunit_try_run_case+0x170/0x3f0 [ 19.535628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535678] kthread+0x328/0x630 [ 19.535722] ret_from_fork+0x10/0x20 [ 19.535760] [ 19.535781] The buggy address belongs to the object at fff00000c7716c00 [ 19.535781] which belongs to the cache kmalloc-128 of size 128 [ 19.536682] The buggy address is located 0 bytes inside of [ 19.536682] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.536786] [ 19.536895] The buggy address belongs to the physical page: [ 19.536940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.537021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.537088] page_type: f5(slab) [ 19.537571] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.537763] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.537932] page dumped because: kasan: bad access detected [ 19.538009] [ 19.538129] Memory state around the buggy address: [ 19.538168] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.538214] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.538550] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.538800] ^ [ 19.538853] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.538937] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.539033] ================================================================== [ 19.539919] ================================================================== [ 19.539973] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.540025] Write of size 1 at addr fff00000c7716c78 by task kunit_try_catch/285 [ 19.540078] [ 19.540389] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.541585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.541840] Hardware name: linux,dummy-virt (DT) [ 19.541944] Call trace: [ 19.541981] show_stack+0x20/0x38 (C) [ 19.542045] dump_stack_lvl+0x8c/0xd0 [ 19.542111] print_report+0x118/0x5d0 [ 19.542182] kasan_report+0xdc/0x128 [ 19.542239] __asan_report_store1_noabort+0x20/0x30 [ 19.542306] strncpy_from_user+0x270/0x2a0 [ 19.542365] copy_user_test_oob+0x5c0/0xec8 [ 19.542416] kunit_try_run_case+0x170/0x3f0 [ 19.542464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.542518] kthread+0x328/0x630 [ 19.542816] ret_from_fork+0x10/0x20 [ 19.543101] [ 19.543241] Allocated by task 285: [ 19.543377] kasan_save_stack+0x3c/0x68 [ 19.543465] kasan_save_track+0x20/0x40 [ 19.543542] kasan_save_alloc_info+0x40/0x58 [ 19.543678] __kasan_kmalloc+0xd4/0xd8 [ 19.543731] __kmalloc_noprof+0x198/0x4c8 [ 19.543769] kunit_kmalloc_array+0x34/0x88 [ 19.543809] copy_user_test_oob+0xac/0xec8 [ 19.543847] kunit_try_run_case+0x170/0x3f0 [ 19.543890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.543937] kthread+0x328/0x630 [ 19.544136] ret_from_fork+0x10/0x20 [ 19.544210] [ 19.544346] The buggy address belongs to the object at fff00000c7716c00 [ 19.544346] which belongs to the cache kmalloc-128 of size 128 [ 19.544418] The buggy address is located 0 bytes to the right of [ 19.544418] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.544738] [ 19.544778] The buggy address belongs to the physical page: [ 19.544920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.545019] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.545115] page_type: f5(slab) [ 19.545269] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.545330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.545610] page dumped because: kasan: bad access detected [ 19.545749] [ 19.545795] Memory state around the buggy address: [ 19.545858] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.545916] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546183] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.546268] ^ [ 19.546341] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546631] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546704] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.490329] ================================================================== [ 19.490412] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.490467] Read of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.490880] [ 19.490922] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.491038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.491085] Hardware name: linux,dummy-virt (DT) [ 19.491119] Call trace: [ 19.491146] show_stack+0x20/0x38 (C) [ 19.491198] dump_stack_lvl+0x8c/0xd0 [ 19.491248] print_report+0x118/0x5d0 [ 19.491297] kasan_report+0xdc/0x128 [ 19.491528] kasan_check_range+0x100/0x1a8 [ 19.491600] __kasan_check_read+0x20/0x30 [ 19.491645] copy_user_test_oob+0x728/0xec8 [ 19.491692] kunit_try_run_case+0x170/0x3f0 [ 19.491754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.491818] kthread+0x328/0x630 [ 19.491861] ret_from_fork+0x10/0x20 [ 19.491909] [ 19.492165] Allocated by task 285: [ 19.492272] kasan_save_stack+0x3c/0x68 [ 19.492321] kasan_save_track+0x20/0x40 [ 19.492362] kasan_save_alloc_info+0x40/0x58 [ 19.492404] __kasan_kmalloc+0xd4/0xd8 [ 19.492447] __kmalloc_noprof+0x198/0x4c8 [ 19.492488] kunit_kmalloc_array+0x34/0x88 [ 19.492528] copy_user_test_oob+0xac/0xec8 [ 19.492568] kunit_try_run_case+0x170/0x3f0 [ 19.492610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.492655] kthread+0x328/0x630 [ 19.492700] ret_from_fork+0x10/0x20 [ 19.492749] [ 19.492770] The buggy address belongs to the object at fff00000c7716c00 [ 19.492770] which belongs to the cache kmalloc-128 of size 128 [ 19.492926] The buggy address is located 0 bytes inside of [ 19.492926] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.493327] [ 19.493411] The buggy address belongs to the physical page: [ 19.493449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.493513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.493632] page_type: f5(slab) [ 19.493674] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.493737] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.493779] page dumped because: kasan: bad access detected [ 19.494024] [ 19.494076] Memory state around the buggy address: [ 19.494124] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.494310] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.494401] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.494504] ^ [ 19.494546] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.494591] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.494678] ================================================================== [ 19.505162] ================================================================== [ 19.505244] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.505305] Write of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.505365] [ 19.505402] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.505489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.505854] Hardware name: linux,dummy-virt (DT) [ 19.505922] Call trace: [ 19.505950] show_stack+0x20/0x38 (C) [ 19.506094] dump_stack_lvl+0x8c/0xd0 [ 19.506179] print_report+0x118/0x5d0 [ 19.506252] kasan_report+0xdc/0x128 [ 19.506299] kasan_check_range+0x100/0x1a8 [ 19.506521] __kasan_check_write+0x20/0x30 [ 19.506668] copy_user_test_oob+0x35c/0xec8 [ 19.506742] kunit_try_run_case+0x170/0x3f0 [ 19.506858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.506962] kthread+0x328/0x630 [ 19.507045] ret_from_fork+0x10/0x20 [ 19.507216] [ 19.507278] Allocated by task 285: [ 19.507410] kasan_save_stack+0x3c/0x68 [ 19.507460] kasan_save_track+0x20/0x40 [ 19.507511] kasan_save_alloc_info+0x40/0x58 [ 19.507560] __kasan_kmalloc+0xd4/0xd8 [ 19.507862] __kmalloc_noprof+0x198/0x4c8 [ 19.508023] kunit_kmalloc_array+0x34/0x88 [ 19.508103] copy_user_test_oob+0xac/0xec8 [ 19.508177] kunit_try_run_case+0x170/0x3f0 [ 19.508491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.508641] kthread+0x328/0x630 [ 19.508766] ret_from_fork+0x10/0x20 [ 19.508809] [ 19.508831] The buggy address belongs to the object at fff00000c7716c00 [ 19.508831] which belongs to the cache kmalloc-128 of size 128 [ 19.509052] The buggy address is located 0 bytes inside of [ 19.509052] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.509191] [ 19.509252] The buggy address belongs to the physical page: [ 19.509538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.509623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.509775] page_type: f5(slab) [ 19.509855] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.509940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.510110] page dumped because: kasan: bad access detected [ 19.510177] [ 19.510484] Memory state around the buggy address: [ 19.510540] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.510660] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510749] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.511052] ^ [ 19.511182] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511241] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511282] ================================================================== [ 19.512231] ================================================================== [ 19.512307] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.512360] Read of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.512679] [ 19.512760] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.512853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512882] Hardware name: linux,dummy-virt (DT) [ 19.512917] Call trace: [ 19.513014] show_stack+0x20/0x38 (C) [ 19.513071] dump_stack_lvl+0x8c/0xd0 [ 19.513118] print_report+0x118/0x5d0 [ 19.513166] kasan_report+0xdc/0x128 [ 19.513213] kasan_check_range+0x100/0x1a8 [ 19.513261] __kasan_check_read+0x20/0x30 [ 19.513320] copy_user_test_oob+0x3c8/0xec8 [ 19.513372] kunit_try_run_case+0x170/0x3f0 [ 19.513423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513478] kthread+0x328/0x630 [ 19.513531] ret_from_fork+0x10/0x20 [ 19.513581] [ 19.513609] Allocated by task 285: [ 19.513641] kasan_save_stack+0x3c/0x68 [ 19.513682] kasan_save_track+0x20/0x40 [ 19.514113] kasan_save_alloc_info+0x40/0x58 [ 19.514173] __kasan_kmalloc+0xd4/0xd8 [ 19.514460] __kmalloc_noprof+0x198/0x4c8 [ 19.514590] kunit_kmalloc_array+0x34/0x88 [ 19.514686] copy_user_test_oob+0xac/0xec8 [ 19.514761] kunit_try_run_case+0x170/0x3f0 [ 19.515092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.515298] kthread+0x328/0x630 [ 19.515378] ret_from_fork+0x10/0x20 [ 19.515522] [ 19.515545] The buggy address belongs to the object at fff00000c7716c00 [ 19.515545] which belongs to the cache kmalloc-128 of size 128 [ 19.515607] The buggy address is located 0 bytes inside of [ 19.515607] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.516011] [ 19.516110] The buggy address belongs to the physical page: [ 19.516179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.516242] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.516596] page_type: f5(slab) [ 19.516752] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.516834] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.516916] page dumped because: kasan: bad access detected [ 19.517013] [ 19.517074] Memory state around the buggy address: [ 19.517110] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.517156] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517490] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.517782] ^ [ 19.518008] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.518081] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.518123] ================================================================== [ 19.519167] ================================================================== [ 19.519222] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.519275] Write of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.519329] [ 19.519363] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.519496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.519593] Hardware name: linux,dummy-virt (DT) [ 19.519740] Call trace: [ 19.519817] show_stack+0x20/0x38 (C) [ 19.519895] dump_stack_lvl+0x8c/0xd0 [ 19.520223] print_report+0x118/0x5d0 [ 19.520386] kasan_report+0xdc/0x128 [ 19.520439] kasan_check_range+0x100/0x1a8 [ 19.520735] __kasan_check_write+0x20/0x30 [ 19.521064] copy_user_test_oob+0x434/0xec8 [ 19.521186] kunit_try_run_case+0x170/0x3f0 [ 19.521485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.521631] kthread+0x328/0x630 [ 19.521698] ret_from_fork+0x10/0x20 [ 19.521769] [ 19.521808] Allocated by task 285: [ 19.521862] kasan_save_stack+0x3c/0x68 [ 19.521917] kasan_save_track+0x20/0x40 [ 19.521957] kasan_save_alloc_info+0x40/0x58 [ 19.521999] __kasan_kmalloc+0xd4/0xd8 [ 19.522041] __kmalloc_noprof+0x198/0x4c8 [ 19.522083] kunit_kmalloc_array+0x34/0x88 [ 19.522132] copy_user_test_oob+0xac/0xec8 [ 19.522172] kunit_try_run_case+0x170/0x3f0 [ 19.522212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.522259] kthread+0x328/0x630 [ 19.522304] ret_from_fork+0x10/0x20 [ 19.522342] [ 19.522379] The buggy address belongs to the object at fff00000c7716c00 [ 19.522379] which belongs to the cache kmalloc-128 of size 128 [ 19.522447] The buggy address is located 0 bytes inside of [ 19.522447] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.522518] [ 19.522550] The buggy address belongs to the physical page: [ 19.522600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.522653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.522848] page_type: f5(slab) [ 19.522903] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.523049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.523232] page dumped because: kasan: bad access detected [ 19.523283] [ 19.523705] Memory state around the buggy address: [ 19.523860] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.523933] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.524035] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.524329] ^ [ 19.524384] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.524693] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.525056] ================================================================== [ 19.526260] ================================================================== [ 19.526337] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.526389] Read of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.526450] [ 19.526756] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.526862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.526958] Hardware name: linux,dummy-virt (DT) [ 19.527028] Call trace: [ 19.527075] show_stack+0x20/0x38 (C) [ 19.527406] dump_stack_lvl+0x8c/0xd0 [ 19.527618] print_report+0x118/0x5d0 [ 19.527678] kasan_report+0xdc/0x128 [ 19.527766] kasan_check_range+0x100/0x1a8 [ 19.527819] __kasan_check_read+0x20/0x30 [ 19.527971] copy_user_test_oob+0x4a0/0xec8 [ 19.528046] kunit_try_run_case+0x170/0x3f0 [ 19.528361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.528436] kthread+0x328/0x630 [ 19.528769] ret_from_fork+0x10/0x20 [ 19.529151] [ 19.529240] Allocated by task 285: [ 19.529311] kasan_save_stack+0x3c/0x68 [ 19.529369] kasan_save_track+0x20/0x40 [ 19.529516] kasan_save_alloc_info+0x40/0x58 [ 19.529614] __kasan_kmalloc+0xd4/0xd8 [ 19.529683] __kmalloc_noprof+0x198/0x4c8 [ 19.529835] kunit_kmalloc_array+0x34/0x88 [ 19.529879] copy_user_test_oob+0xac/0xec8 [ 19.529919] kunit_try_run_case+0x170/0x3f0 [ 19.529982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.530229] kthread+0x328/0x630 [ 19.530274] ret_from_fork+0x10/0x20 [ 19.530577] [ 19.530642] The buggy address belongs to the object at fff00000c7716c00 [ 19.530642] which belongs to the cache kmalloc-128 of size 128 [ 19.530858] The buggy address is located 0 bytes inside of [ 19.530858] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.530960] [ 19.531010] The buggy address belongs to the physical page: [ 19.531118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.531221] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.531323] page_type: f5(slab) [ 19.531660] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.531835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.531910] page dumped because: kasan: bad access detected [ 19.531975] [ 19.532147] Memory state around the buggy address: [ 19.532346] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.532433] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.532506] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.532547] ^ [ 19.532598] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.532858] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.533044] ================================================================== [ 19.477622] ================================================================== [ 19.477749] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.477840] Write of size 121 at addr fff00000c7716c00 by task kunit_try_catch/285 [ 19.477896] [ 19.477945] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.478037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.478068] Hardware name: linux,dummy-virt (DT) [ 19.478105] Call trace: [ 19.478131] show_stack+0x20/0x38 (C) [ 19.478187] dump_stack_lvl+0x8c/0xd0 [ 19.478265] print_report+0x118/0x5d0 [ 19.478409] kasan_report+0xdc/0x128 [ 19.478591] kasan_check_range+0x100/0x1a8 [ 19.478759] __kasan_check_write+0x20/0x30 [ 19.478874] copy_user_test_oob+0x234/0xec8 [ 19.478923] kunit_try_run_case+0x170/0x3f0 [ 19.478979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.479035] kthread+0x328/0x630 [ 19.479080] ret_from_fork+0x10/0x20 [ 19.479133] [ 19.479231] Allocated by task 285: [ 19.479267] kasan_save_stack+0x3c/0x68 [ 19.479628] kasan_save_track+0x20/0x40 [ 19.479677] kasan_save_alloc_info+0x40/0x58 [ 19.479909] __kasan_kmalloc+0xd4/0xd8 [ 19.480176] __kmalloc_noprof+0x198/0x4c8 [ 19.480283] kunit_kmalloc_array+0x34/0x88 [ 19.480322] copy_user_test_oob+0xac/0xec8 [ 19.480364] kunit_try_run_case+0x170/0x3f0 [ 19.480406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.480451] kthread+0x328/0x630 [ 19.480486] ret_from_fork+0x10/0x20 [ 19.480524] [ 19.480550] The buggy address belongs to the object at fff00000c7716c00 [ 19.480550] which belongs to the cache kmalloc-128 of size 128 [ 19.480612] The buggy address is located 0 bytes inside of [ 19.480612] allocated 120-byte region [fff00000c7716c00, fff00000c7716c78) [ 19.480675] [ 19.480699] The buggy address belongs to the physical page: [ 19.480745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.480809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.480862] page_type: f5(slab) [ 19.480906] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.480959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.481001] page dumped because: kasan: bad access detected [ 19.481035] [ 19.481055] Memory state around the buggy address: [ 19.481090] fff00000c7716b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.481135] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.481180] >fff00000c7716c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.481221] ^ [ 19.481264] fff00000c7716c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.481973] fff00000c7716d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.482102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.440863] ================================================================== [ 19.440916] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.440966] Write of size 8 at addr fff00000c7716b78 by task kunit_try_catch/281 [ 19.441017] [ 19.441049] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.441132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.441163] Hardware name: linux,dummy-virt (DT) [ 19.441196] Call trace: [ 19.441422] show_stack+0x20/0x38 (C) [ 19.441656] dump_stack_lvl+0x8c/0xd0 [ 19.441706] print_report+0x118/0x5d0 [ 19.441884] kasan_report+0xdc/0x128 [ 19.442148] kasan_check_range+0x100/0x1a8 [ 19.442202] __kasan_check_write+0x20/0x30 [ 19.442251] copy_to_kernel_nofault+0x8c/0x250 [ 19.442302] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.442352] kunit_try_run_case+0x170/0x3f0 [ 19.442401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.442453] kthread+0x328/0x630 [ 19.442503] ret_from_fork+0x10/0x20 [ 19.442783] [ 19.442953] Allocated by task 281: [ 19.442988] kasan_save_stack+0x3c/0x68 [ 19.443034] kasan_save_track+0x20/0x40 [ 19.443073] kasan_save_alloc_info+0x40/0x58 [ 19.443115] __kasan_kmalloc+0xd4/0xd8 [ 19.443154] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.443195] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.444083] kunit_try_run_case+0x170/0x3f0 [ 19.444210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.444264] kthread+0x328/0x630 [ 19.444300] ret_from_fork+0x10/0x20 [ 19.444338] [ 19.444361] The buggy address belongs to the object at fff00000c7716b00 [ 19.444361] which belongs to the cache kmalloc-128 of size 128 [ 19.444420] The buggy address is located 0 bytes to the right of [ 19.444420] allocated 120-byte region [fff00000c7716b00, fff00000c7716b78) [ 19.444486] [ 19.444508] The buggy address belongs to the physical page: [ 19.444541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.444621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.444672] page_type: f5(slab) [ 19.444723] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.444775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.444818] page dumped because: kasan: bad access detected [ 19.444851] [ 19.444871] Memory state around the buggy address: [ 19.444904] fff00000c7716a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.444948] fff00000c7716a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444992] >fff00000c7716b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.445033] ^ [ 19.445075] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445120] fff00000c7716c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445160] ================================================================== [ 19.436812] ================================================================== [ 19.436887] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.436951] Read of size 8 at addr fff00000c7716b78 by task kunit_try_catch/281 [ 19.437004] [ 19.437054] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.437142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.437174] Hardware name: linux,dummy-virt (DT) [ 19.437217] Call trace: [ 19.437248] show_stack+0x20/0x38 (C) [ 19.437300] dump_stack_lvl+0x8c/0xd0 [ 19.437357] print_report+0x118/0x5d0 [ 19.437406] kasan_report+0xdc/0x128 [ 19.437453] __asan_report_load8_noabort+0x20/0x30 [ 19.437514] copy_to_kernel_nofault+0x204/0x250 [ 19.437566] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.437615] kunit_try_run_case+0x170/0x3f0 [ 19.437679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437745] kthread+0x328/0x630 [ 19.437788] ret_from_fork+0x10/0x20 [ 19.437836] [ 19.437856] Allocated by task 281: [ 19.437889] kasan_save_stack+0x3c/0x68 [ 19.437930] kasan_save_track+0x20/0x40 [ 19.437970] kasan_save_alloc_info+0x40/0x58 [ 19.438010] __kasan_kmalloc+0xd4/0xd8 [ 19.438049] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.438091] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.438132] kunit_try_run_case+0x170/0x3f0 [ 19.438170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438216] kthread+0x328/0x630 [ 19.438249] ret_from_fork+0x10/0x20 [ 19.438287] [ 19.438604] The buggy address belongs to the object at fff00000c7716b00 [ 19.438604] which belongs to the cache kmalloc-128 of size 128 [ 19.438774] The buggy address is located 0 bytes to the right of [ 19.438774] allocated 120-byte region [fff00000c7716b00, fff00000c7716b78) [ 19.438865] [ 19.439129] The buggy address belongs to the physical page: [ 19.439322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 19.439432] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.439574] page_type: f5(slab) [ 19.439616] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.439668] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.439710] page dumped because: kasan: bad access detected [ 19.439755] [ 19.439851] Memory state around the buggy address: [ 19.439911] fff00000c7716a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.439957] fff00000c7716a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440001] >fff00000c7716b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.440042] ^ [ 19.440086] fff00000c7716b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440131] fff00000c7716c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.406664] ================================================================== [ 19.406732] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.406780] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.406860] [ 19.406891] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.406975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.407004] Hardware name: linux,dummy-virt (DT) [ 19.407038] Call trace: [ 19.407060] show_stack+0x20/0x38 (C) [ 19.407108] dump_stack_lvl+0x8c/0xd0 [ 19.407154] print_report+0x310/0x5d0 [ 19.407202] kasan_report+0xdc/0x128 [ 19.407247] __asan_report_load1_noabort+0x20/0x30 [ 19.407298] vmalloc_oob+0x51c/0x5d0 [ 19.407356] kunit_try_run_case+0x170/0x3f0 [ 19.407405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407457] kthread+0x328/0x630 [ 19.407500] ret_from_fork+0x10/0x20 [ 19.407547] [ 19.407569] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 19.407611] The buggy address belongs to the physical page: [ 19.407644] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a6 [ 19.407696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.407766] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.407817] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.407858] page dumped because: kasan: bad access detected [ 19.407891] [ 19.407978] Memory state around the buggy address: [ 19.408043] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.408095] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.408140] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.408180] ^ [ 19.408224] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.408270] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.408310] ================================================================== [ 19.402836] ================================================================== [ 19.403215] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.403431] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.403600] [ 19.403687] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.403836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.403866] Hardware name: linux,dummy-virt (DT) [ 19.403900] Call trace: [ 19.403926] show_stack+0x20/0x38 (C) [ 19.403979] dump_stack_lvl+0x8c/0xd0 [ 19.404028] print_report+0x310/0x5d0 [ 19.404075] kasan_report+0xdc/0x128 [ 19.404123] __asan_report_load1_noabort+0x20/0x30 [ 19.404173] vmalloc_oob+0x578/0x5d0 [ 19.404273] kunit_try_run_case+0x170/0x3f0 [ 19.404380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404527] kthread+0x328/0x630 [ 19.404614] ret_from_fork+0x10/0x20 [ 19.404843] [ 19.404951] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 19.405102] The buggy address belongs to the physical page: [ 19.405167] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a6 [ 19.405230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.405294] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.405353] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.405404] page dumped because: kasan: bad access detected [ 19.405448] [ 19.405479] Memory state around the buggy address: [ 19.405532] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.405578] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.405630] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.405671] ^ [ 19.405733] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.405776] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.405816] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.223040] ================================================================== [ 19.223096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.223149] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.223200] [ 19.223231] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.223313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.223342] Hardware name: linux,dummy-virt (DT) [ 19.223375] Call trace: [ 19.223398] show_stack+0x20/0x38 (C) [ 19.223448] dump_stack_lvl+0x8c/0xd0 [ 19.223494] print_report+0x118/0x5d0 [ 19.223543] kasan_report+0xdc/0x128 [ 19.223588] kasan_check_range+0x100/0x1a8 [ 19.223638] __kasan_check_write+0x20/0x30 [ 19.223685] kasan_atomics_helper+0xf20/0x4858 [ 19.223749] kasan_atomics+0x198/0x2e0 [ 19.223797] kunit_try_run_case+0x170/0x3f0 [ 19.223843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.223897] kthread+0x328/0x630 [ 19.223940] ret_from_fork+0x10/0x20 [ 19.223987] [ 19.224007] Allocated by task 265: [ 19.224038] kasan_save_stack+0x3c/0x68 [ 19.224079] kasan_save_track+0x20/0x40 [ 19.224119] kasan_save_alloc_info+0x40/0x58 [ 19.224160] __kasan_kmalloc+0xd4/0xd8 [ 19.224199] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.224240] kasan_atomics+0xb8/0x2e0 [ 19.224277] kunit_try_run_case+0x170/0x3f0 [ 19.224316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.224388] kthread+0x328/0x630 [ 19.224427] ret_from_fork+0x10/0x20 [ 19.224465] [ 19.224487] The buggy address belongs to the object at fff00000c63aa000 [ 19.224487] which belongs to the cache kmalloc-64 of size 64 [ 19.224546] The buggy address is located 0 bytes to the right of [ 19.224546] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.224855] [ 19.224883] The buggy address belongs to the physical page: [ 19.224918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.224996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.225046] page_type: f5(slab) [ 19.225131] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.225339] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.225386] page dumped because: kasan: bad access detected [ 19.226885] [ 19.226914] Memory state around the buggy address: [ 19.226954] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.227210] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.227265] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.227307] ^ [ 19.227342] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.227387] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.227428] ================================================================== [ 19.329064] ================================================================== [ 19.329146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.329266] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.329343] [ 19.329440] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.329797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.329859] Hardware name: linux,dummy-virt (DT) [ 19.329895] Call trace: [ 19.329919] show_stack+0x20/0x38 (C) [ 19.329973] dump_stack_lvl+0x8c/0xd0 [ 19.330384] print_report+0x118/0x5d0 [ 19.330485] kasan_report+0xdc/0x128 [ 19.330673] __asan_report_load8_noabort+0x20/0x30 [ 19.330886] kasan_atomics_helper+0x3db0/0x4858 [ 19.330955] kasan_atomics+0x198/0x2e0 [ 19.331388] kunit_try_run_case+0x170/0x3f0 [ 19.331479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.331632] kthread+0x328/0x630 [ 19.331838] ret_from_fork+0x10/0x20 [ 19.331905] [ 19.331926] Allocated by task 265: [ 19.332319] kasan_save_stack+0x3c/0x68 [ 19.332418] kasan_save_track+0x20/0x40 [ 19.332915] kasan_save_alloc_info+0x40/0x58 [ 19.333059] __kasan_kmalloc+0xd4/0xd8 [ 19.333148] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.333299] kasan_atomics+0xb8/0x2e0 [ 19.333400] kunit_try_run_case+0x170/0x3f0 [ 19.333494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.333554] kthread+0x328/0x630 [ 19.333588] ret_from_fork+0x10/0x20 [ 19.333633] [ 19.333657] The buggy address belongs to the object at fff00000c63aa000 [ 19.333657] which belongs to the cache kmalloc-64 of size 64 [ 19.333738] The buggy address is located 0 bytes to the right of [ 19.333738] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.333805] [ 19.333829] The buggy address belongs to the physical page: [ 19.333864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.333927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.333978] page_type: f5(slab) [ 19.334019] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.334083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.334135] page dumped because: kasan: bad access detected [ 19.334177] [ 19.334199] Memory state around the buggy address: [ 19.334247] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.334304] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.334351] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.334391] ^ [ 19.334439] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.334484] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.334526] ================================================================== [ 19.240145] ================================================================== [ 19.240290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.240465] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.240539] [ 19.240598] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.240680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.240753] Hardware name: linux,dummy-virt (DT) [ 19.240789] Call trace: [ 19.240816] show_stack+0x20/0x38 (C) [ 19.240868] dump_stack_lvl+0x8c/0xd0 [ 19.240968] print_report+0x118/0x5d0 [ 19.241023] kasan_report+0xdc/0x128 [ 19.241125] kasan_check_range+0x100/0x1a8 [ 19.241175] __kasan_check_write+0x20/0x30 [ 19.241221] kasan_atomics_helper+0x10c0/0x4858 [ 19.241276] kasan_atomics+0x198/0x2e0 [ 19.241344] kunit_try_run_case+0x170/0x3f0 [ 19.241394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241447] kthread+0x328/0x630 [ 19.241489] ret_from_fork+0x10/0x20 [ 19.241557] [ 19.241779] Allocated by task 265: [ 19.241819] kasan_save_stack+0x3c/0x68 [ 19.241865] kasan_save_track+0x20/0x40 [ 19.241974] kasan_save_alloc_info+0x40/0x58 [ 19.242048] __kasan_kmalloc+0xd4/0xd8 [ 19.242093] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.242136] kasan_atomics+0xb8/0x2e0 [ 19.242342] kunit_try_run_case+0x170/0x3f0 [ 19.242427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.242492] kthread+0x328/0x630 [ 19.242544] ret_from_fork+0x10/0x20 [ 19.242601] [ 19.242682] The buggy address belongs to the object at fff00000c63aa000 [ 19.242682] which belongs to the cache kmalloc-64 of size 64 [ 19.242857] The buggy address is located 0 bytes to the right of [ 19.242857] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.243005] [ 19.243105] The buggy address belongs to the physical page: [ 19.243188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.243245] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.243306] page_type: f5(slab) [ 19.243346] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.243400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.243691] page dumped because: kasan: bad access detected [ 19.243743] [ 19.243766] Memory state around the buggy address: [ 19.243801] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.243847] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.243891] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.243931] ^ [ 19.243967] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.244010] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.244050] ================================================================== [ 19.335612] ================================================================== [ 19.336004] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.336079] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.336133] [ 19.336167] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.336640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.336923] Hardware name: linux,dummy-virt (DT) [ 19.336967] Call trace: [ 19.336994] show_stack+0x20/0x38 (C) [ 19.337442] dump_stack_lvl+0x8c/0xd0 [ 19.337579] print_report+0x118/0x5d0 [ 19.337632] kasan_report+0xdc/0x128 [ 19.337688] kasan_check_range+0x100/0x1a8 [ 19.338033] __kasan_check_write+0x20/0x30 [ 19.338104] kasan_atomics_helper+0x1644/0x4858 [ 19.338156] kasan_atomics+0x198/0x2e0 [ 19.338201] kunit_try_run_case+0x170/0x3f0 [ 19.338596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.338789] kthread+0x328/0x630 [ 19.338847] ret_from_fork+0x10/0x20 [ 19.339032] [ 19.339097] Allocated by task 265: [ 19.339134] kasan_save_stack+0x3c/0x68 [ 19.339387] kasan_save_track+0x20/0x40 [ 19.339583] kasan_save_alloc_info+0x40/0x58 [ 19.339633] __kasan_kmalloc+0xd4/0xd8 [ 19.339674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.339733] kasan_atomics+0xb8/0x2e0 [ 19.339937] kunit_try_run_case+0x170/0x3f0 [ 19.340024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.340073] kthread+0x328/0x630 [ 19.340107] ret_from_fork+0x10/0x20 [ 19.340144] [ 19.340179] The buggy address belongs to the object at fff00000c63aa000 [ 19.340179] which belongs to the cache kmalloc-64 of size 64 [ 19.340254] The buggy address is located 0 bytes to the right of [ 19.340254] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.340320] [ 19.340344] The buggy address belongs to the physical page: [ 19.340386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.340449] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.340507] page_type: f5(slab) [ 19.340559] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.340611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.340664] page dumped because: kasan: bad access detected [ 19.340707] [ 19.340758] Memory state around the buggy address: [ 19.340793] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.340846] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.340892] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.340932] ^ [ 19.340968] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341021] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341062] ================================================================== [ 19.232646] ================================================================== [ 19.232700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.232765] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.232816] [ 19.232867] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.232950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.232977] Hardware name: linux,dummy-virt (DT) [ 19.233146] Call trace: [ 19.233204] show_stack+0x20/0x38 (C) [ 19.233277] dump_stack_lvl+0x8c/0xd0 [ 19.233359] print_report+0x118/0x5d0 [ 19.233414] kasan_report+0xdc/0x128 [ 19.233468] kasan_check_range+0x100/0x1a8 [ 19.233525] __kasan_check_write+0x20/0x30 [ 19.233608] kasan_atomics_helper+0xff0/0x4858 [ 19.233662] kasan_atomics+0x198/0x2e0 [ 19.233709] kunit_try_run_case+0x170/0x3f0 [ 19.233770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233824] kthread+0x328/0x630 [ 19.233875] ret_from_fork+0x10/0x20 [ 19.233923] [ 19.233945] Allocated by task 265: [ 19.233983] kasan_save_stack+0x3c/0x68 [ 19.234028] kasan_save_track+0x20/0x40 [ 19.234066] kasan_save_alloc_info+0x40/0x58 [ 19.234107] __kasan_kmalloc+0xd4/0xd8 [ 19.234149] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.234201] kasan_atomics+0xb8/0x2e0 [ 19.234240] kunit_try_run_case+0x170/0x3f0 [ 19.234287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.234333] kthread+0x328/0x630 [ 19.234369] ret_from_fork+0x10/0x20 [ 19.234406] [ 19.234428] The buggy address belongs to the object at fff00000c63aa000 [ 19.234428] which belongs to the cache kmalloc-64 of size 64 [ 19.234488] The buggy address is located 0 bytes to the right of [ 19.234488] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.234554] [ 19.234587] The buggy address belongs to the physical page: [ 19.234619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.234671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.234729] page_type: f5(slab) [ 19.234769] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.234865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.234926] page dumped because: kasan: bad access detected [ 19.234974] [ 19.235008] Memory state around the buggy address: [ 19.235044] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.235336] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.235385] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.235449] ^ [ 19.235485] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.235530] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.235590] ================================================================== [ 19.368958] ================================================================== [ 19.369023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.369078] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.369320] [ 19.369375] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.369791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.369875] Hardware name: linux,dummy-virt (DT) [ 19.370101] Call trace: [ 19.370245] show_stack+0x20/0x38 (C) [ 19.370307] dump_stack_lvl+0x8c/0xd0 [ 19.370539] print_report+0x118/0x5d0 [ 19.370601] kasan_report+0xdc/0x128 [ 19.370668] kasan_check_range+0x100/0x1a8 [ 19.370802] __kasan_check_write+0x20/0x30 [ 19.370877] kasan_atomics_helper+0x175c/0x4858 [ 19.371052] kasan_atomics+0x198/0x2e0 [ 19.371589] kunit_try_run_case+0x170/0x3f0 [ 19.371704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371938] kthread+0x328/0x630 [ 19.372037] ret_from_fork+0x10/0x20 [ 19.372160] [ 19.372182] Allocated by task 265: [ 19.372237] kasan_save_stack+0x3c/0x68 [ 19.372312] kasan_save_track+0x20/0x40 [ 19.372583] kasan_save_alloc_info+0x40/0x58 [ 19.372793] __kasan_kmalloc+0xd4/0xd8 [ 19.373226] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.373402] kasan_atomics+0xb8/0x2e0 [ 19.373517] kunit_try_run_case+0x170/0x3f0 [ 19.373559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373742] kthread+0x328/0x630 [ 19.374105] ret_from_fork+0x10/0x20 [ 19.374250] [ 19.374421] The buggy address belongs to the object at fff00000c63aa000 [ 19.374421] which belongs to the cache kmalloc-64 of size 64 [ 19.374515] The buggy address is located 0 bytes to the right of [ 19.374515] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.374734] [ 19.374779] The buggy address belongs to the physical page: [ 19.375068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.375198] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.375569] page_type: f5(slab) [ 19.375751] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.375809] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.375860] page dumped because: kasan: bad access detected [ 19.375896] [ 19.375918] Memory state around the buggy address: [ 19.376558] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.376753] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.376804] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.377025] ^ [ 19.377086] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.377140] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.377191] ================================================================== [ 19.387735] ================================================================== [ 19.387799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.387853] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.387904] [ 19.387936] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.388017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.388047] Hardware name: linux,dummy-virt (DT) [ 19.388079] Call trace: [ 19.388103] show_stack+0x20/0x38 (C) [ 19.388152] dump_stack_lvl+0x8c/0xd0 [ 19.388200] print_report+0x118/0x5d0 [ 19.388248] kasan_report+0xdc/0x128 [ 19.388293] kasan_check_range+0x100/0x1a8 [ 19.388343] __kasan_check_write+0x20/0x30 [ 19.388390] kasan_atomics_helper+0x17ec/0x4858 [ 19.388438] kasan_atomics+0x198/0x2e0 [ 19.388484] kunit_try_run_case+0x170/0x3f0 [ 19.388531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388584] kthread+0x328/0x630 [ 19.388627] ret_from_fork+0x10/0x20 [ 19.388674] [ 19.388696] Allocated by task 265: [ 19.388736] kasan_save_stack+0x3c/0x68 [ 19.389176] kasan_save_track+0x20/0x40 [ 19.389438] kasan_save_alloc_info+0x40/0x58 [ 19.389508] __kasan_kmalloc+0xd4/0xd8 [ 19.389573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.390167] kasan_atomics+0xb8/0x2e0 [ 19.390216] kunit_try_run_case+0x170/0x3f0 [ 19.390257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.390303] kthread+0x328/0x630 [ 19.390338] ret_from_fork+0x10/0x20 [ 19.390377] [ 19.390556] The buggy address belongs to the object at fff00000c63aa000 [ 19.390556] which belongs to the cache kmalloc-64 of size 64 [ 19.390639] The buggy address is located 0 bytes to the right of [ 19.390639] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.390780] [ 19.391126] The buggy address belongs to the physical page: [ 19.391270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.391476] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.391548] page_type: f5(slab) [ 19.391679] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.391744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.391810] page dumped because: kasan: bad access detected [ 19.391845] [ 19.391867] Memory state around the buggy address: [ 19.391918] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.391964] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.392009] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.392086] ^ [ 19.392135] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.392183] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.392225] ================================================================== [ 19.202470] ================================================================== [ 19.202524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.202574] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.202626] [ 19.202659] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.202752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.202782] Hardware name: linux,dummy-virt (DT) [ 19.202813] Call trace: [ 19.203529] show_stack+0x20/0x38 (C) [ 19.203588] dump_stack_lvl+0x8c/0xd0 [ 19.203636] print_report+0x118/0x5d0 [ 19.203683] kasan_report+0xdc/0x128 [ 19.203743] __asan_report_load8_noabort+0x20/0x30 [ 19.203796] kasan_atomics_helper+0x3f58/0x4858 [ 19.203845] kasan_atomics+0x198/0x2e0 [ 19.203894] kunit_try_run_case+0x170/0x3f0 [ 19.203941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.203995] kthread+0x328/0x630 [ 19.204037] ret_from_fork+0x10/0x20 [ 19.204087] [ 19.204107] Allocated by task 265: [ 19.204137] kasan_save_stack+0x3c/0x68 [ 19.204180] kasan_save_track+0x20/0x40 [ 19.204218] kasan_save_alloc_info+0x40/0x58 [ 19.204259] __kasan_kmalloc+0xd4/0xd8 [ 19.204298] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.204339] kasan_atomics+0xb8/0x2e0 [ 19.204376] kunit_try_run_case+0x170/0x3f0 [ 19.204417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.204462] kthread+0x328/0x630 [ 19.204497] ret_from_fork+0x10/0x20 [ 19.204534] [ 19.204554] The buggy address belongs to the object at fff00000c63aa000 [ 19.204554] which belongs to the cache kmalloc-64 of size 64 [ 19.204613] The buggy address is located 0 bytes to the right of [ 19.204613] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.204680] [ 19.204702] The buggy address belongs to the physical page: [ 19.204784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.204862] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.204911] page_type: f5(slab) [ 19.204958] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.205028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.205073] page dumped because: kasan: bad access detected [ 19.205106] [ 19.205126] Memory state around the buggy address: [ 19.205163] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.205220] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.205268] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.205318] ^ [ 19.205373] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.205426] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.205467] ================================================================== [ 19.292845] ================================================================== [ 19.292894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.292942] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.292993] [ 19.293025] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.293105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.293132] Hardware name: linux,dummy-virt (DT) [ 19.293167] Call trace: [ 19.293190] show_stack+0x20/0x38 (C) [ 19.293239] dump_stack_lvl+0x8c/0xd0 [ 19.293286] print_report+0x118/0x5d0 [ 19.293339] kasan_report+0xdc/0x128 [ 19.293387] kasan_check_range+0x100/0x1a8 [ 19.294708] __kasan_check_write+0x20/0x30 [ 19.294815] kasan_atomics_helper+0x147c/0x4858 [ 19.295012] kasan_atomics+0x198/0x2e0 [ 19.295204] kunit_try_run_case+0x170/0x3f0 [ 19.295317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.295422] kthread+0x328/0x630 [ 19.295820] ret_from_fork+0x10/0x20 [ 19.296335] [ 19.296452] Allocated by task 265: [ 19.296541] kasan_save_stack+0x3c/0x68 [ 19.296751] kasan_save_track+0x20/0x40 [ 19.296872] kasan_save_alloc_info+0x40/0x58 [ 19.296918] __kasan_kmalloc+0xd4/0xd8 [ 19.297241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.297420] kasan_atomics+0xb8/0x2e0 [ 19.297614] kunit_try_run_case+0x170/0x3f0 [ 19.297802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.297954] kthread+0x328/0x630 [ 19.298055] ret_from_fork+0x10/0x20 [ 19.298143] [ 19.298167] The buggy address belongs to the object at fff00000c63aa000 [ 19.298167] which belongs to the cache kmalloc-64 of size 64 [ 19.298664] The buggy address is located 0 bytes to the right of [ 19.298664] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.298967] [ 19.299005] The buggy address belongs to the physical page: [ 19.299197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.299321] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.299424] page_type: f5(slab) [ 19.299810] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.299885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.299930] page dumped because: kasan: bad access detected [ 19.300238] [ 19.300289] Memory state around the buggy address: [ 19.300337] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.300392] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.300437] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.300479] ^ [ 19.300516] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300559] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300656] ================================================================== [ 19.318875] ================================================================== [ 19.318974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.319084] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.319332] [ 19.319380] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.319646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.319754] Hardware name: linux,dummy-virt (DT) [ 19.319975] Call trace: [ 19.320336] show_stack+0x20/0x38 (C) [ 19.320418] dump_stack_lvl+0x8c/0xd0 [ 19.320514] print_report+0x118/0x5d0 [ 19.320596] kasan_report+0xdc/0x128 [ 19.320645] kasan_check_range+0x100/0x1a8 [ 19.320883] __kasan_check_write+0x20/0x30 [ 19.321075] kasan_atomics_helper+0x15b4/0x4858 [ 19.321428] kasan_atomics+0x198/0x2e0 [ 19.321571] kunit_try_run_case+0x170/0x3f0 [ 19.321797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.321855] kthread+0x328/0x630 [ 19.322085] ret_from_fork+0x10/0x20 [ 19.322582] [ 19.322634] Allocated by task 265: [ 19.322793] kasan_save_stack+0x3c/0x68 [ 19.322875] kasan_save_track+0x20/0x40 [ 19.323013] kasan_save_alloc_info+0x40/0x58 [ 19.323089] __kasan_kmalloc+0xd4/0xd8 [ 19.323128] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.323344] kasan_atomics+0xb8/0x2e0 [ 19.323577] kunit_try_run_case+0x170/0x3f0 [ 19.323646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.323699] kthread+0x328/0x630 [ 19.323745] ret_from_fork+0x10/0x20 [ 19.323784] [ 19.323808] The buggy address belongs to the object at fff00000c63aa000 [ 19.323808] which belongs to the cache kmalloc-64 of size 64 [ 19.324463] The buggy address is located 0 bytes to the right of [ 19.324463] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.324686] [ 19.325244] The buggy address belongs to the physical page: [ 19.325313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.325404] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.325477] page_type: f5(slab) [ 19.325942] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.326330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.326438] page dumped because: kasan: bad access detected [ 19.326475] [ 19.326800] Memory state around the buggy address: [ 19.326882] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.326948] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.327392] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.327443] ^ [ 19.327491] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.327546] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.327828] ================================================================== [ 19.217303] ================================================================== [ 19.217355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.217403] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.217453] [ 19.217483] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.217564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.217593] Hardware name: linux,dummy-virt (DT) [ 19.217625] Call trace: [ 19.217648] show_stack+0x20/0x38 (C) [ 19.217698] dump_stack_lvl+0x8c/0xd0 [ 19.217757] print_report+0x118/0x5d0 [ 19.217805] kasan_report+0xdc/0x128 [ 19.217851] kasan_check_range+0x100/0x1a8 [ 19.217901] __kasan_check_write+0x20/0x30 [ 19.218077] kasan_atomics_helper+0xeb8/0x4858 [ 19.218267] kasan_atomics+0x198/0x2e0 [ 19.218498] kunit_try_run_case+0x170/0x3f0 [ 19.218574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.218655] kthread+0x328/0x630 [ 19.218853] ret_from_fork+0x10/0x20 [ 19.219054] [ 19.219136] Allocated by task 265: [ 19.219257] kasan_save_stack+0x3c/0x68 [ 19.219361] kasan_save_track+0x20/0x40 [ 19.219621] kasan_save_alloc_info+0x40/0x58 [ 19.219724] __kasan_kmalloc+0xd4/0xd8 [ 19.219788] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.219837] kasan_atomics+0xb8/0x2e0 [ 19.219875] kunit_try_run_case+0x170/0x3f0 [ 19.219915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.219982] kthread+0x328/0x630 [ 19.220034] ret_from_fork+0x10/0x20 [ 19.220079] [ 19.220103] The buggy address belongs to the object at fff00000c63aa000 [ 19.220103] which belongs to the cache kmalloc-64 of size 64 [ 19.220187] The buggy address is located 0 bytes to the right of [ 19.220187] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.220252] [ 19.220294] The buggy address belongs to the physical page: [ 19.220328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.220434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.220742] page_type: f5(slab) [ 19.220827] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.220945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.220989] page dumped because: kasan: bad access detected [ 19.221023] [ 19.221043] Memory state around the buggy address: [ 19.221192] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.221332] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.221395] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.221433] ^ [ 19.221469] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.221512] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.221553] ================================================================== [ 19.358155] ================================================================== [ 19.358212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.358263] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.358322] [ 19.358354] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.358444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.358481] Hardware name: linux,dummy-virt (DT) [ 19.358514] Call trace: [ 19.358537] show_stack+0x20/0x38 (C) [ 19.358586] dump_stack_lvl+0x8c/0xd0 [ 19.358639] print_report+0x118/0x5d0 [ 19.358697] kasan_report+0xdc/0x128 [ 19.358833] __asan_report_load8_noabort+0x20/0x30 [ 19.359012] kasan_atomics_helper+0x3e10/0x4858 [ 19.359080] kasan_atomics+0x198/0x2e0 [ 19.360088] kunit_try_run_case+0x170/0x3f0 [ 19.360179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.360442] kthread+0x328/0x630 [ 19.360614] ret_from_fork+0x10/0x20 [ 19.360907] [ 19.361052] Allocated by task 265: [ 19.361120] kasan_save_stack+0x3c/0x68 [ 19.361354] kasan_save_track+0x20/0x40 [ 19.361596] kasan_save_alloc_info+0x40/0x58 [ 19.361831] __kasan_kmalloc+0xd4/0xd8 [ 19.361971] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.362095] kasan_atomics+0xb8/0x2e0 [ 19.362134] kunit_try_run_case+0x170/0x3f0 [ 19.362215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.362344] kthread+0x328/0x630 [ 19.362457] ret_from_fork+0x10/0x20 [ 19.362558] [ 19.362603] The buggy address belongs to the object at fff00000c63aa000 [ 19.362603] which belongs to the cache kmalloc-64 of size 64 [ 19.362684] The buggy address is located 0 bytes to the right of [ 19.362684] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.363907] [ 19.363963] The buggy address belongs to the physical page: [ 19.364315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.364375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.364579] page_type: f5(slab) [ 19.364647] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.365163] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.365582] page dumped because: kasan: bad access detected [ 19.365765] [ 19.365913] Memory state around the buggy address: [ 19.365986] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.366451] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.366558] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.366659] ^ [ 19.367038] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.367114] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.367165] ================================================================== [ 19.286678] ================================================================== [ 19.287150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.287294] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.287402] [ 19.287489] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.287692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.287934] Hardware name: linux,dummy-virt (DT) [ 19.287973] Call trace: [ 19.288139] show_stack+0x20/0x38 (C) [ 19.288230] dump_stack_lvl+0x8c/0xd0 [ 19.288594] print_report+0x118/0x5d0 [ 19.288731] kasan_report+0xdc/0x128 [ 19.288922] kasan_check_range+0x100/0x1a8 [ 19.289046] __kasan_check_write+0x20/0x30 [ 19.289096] kasan_atomics_helper+0x1414/0x4858 [ 19.289438] kasan_atomics+0x198/0x2e0 [ 19.289535] kunit_try_run_case+0x170/0x3f0 [ 19.289878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.290057] kthread+0x328/0x630 [ 19.290178] ret_from_fork+0x10/0x20 [ 19.290306] [ 19.290352] Allocated by task 265: [ 19.290612] kasan_save_stack+0x3c/0x68 [ 19.291174] kasan_save_track+0x20/0x40 [ 19.291282] kasan_save_alloc_info+0x40/0x58 [ 19.291327] __kasan_kmalloc+0xd4/0xd8 [ 19.291399] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.291440] kasan_atomics+0xb8/0x2e0 [ 19.291488] kunit_try_run_case+0x170/0x3f0 [ 19.291527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.291573] kthread+0x328/0x630 [ 19.291618] ret_from_fork+0x10/0x20 [ 19.291655] [ 19.291696] The buggy address belongs to the object at fff00000c63aa000 [ 19.291696] which belongs to the cache kmalloc-64 of size 64 [ 19.291790] The buggy address is located 0 bytes to the right of [ 19.291790] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.291857] [ 19.291890] The buggy address belongs to the physical page: [ 19.291940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.292013] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.292063] page_type: f5(slab) [ 19.292104] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.292159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.292201] page dumped because: kasan: bad access detected [ 19.292245] [ 19.292266] Memory state around the buggy address: [ 19.292301] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.292346] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.292390] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.292446] ^ [ 19.292494] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292547] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292612] ================================================================== [ 19.377785] ================================================================== [ 19.377957] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.378253] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.378544] [ 19.378589] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.378672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.378703] Hardware name: linux,dummy-virt (DT) [ 19.378890] Call trace: [ 19.378950] show_stack+0x20/0x38 (C) [ 19.379257] dump_stack_lvl+0x8c/0xd0 [ 19.379454] print_report+0x118/0x5d0 [ 19.379745] kasan_report+0xdc/0x128 [ 19.379826] __asan_report_load8_noabort+0x20/0x30 [ 19.379888] kasan_atomics_helper+0x3e20/0x4858 [ 19.379961] kasan_atomics+0x198/0x2e0 [ 19.380367] kunit_try_run_case+0x170/0x3f0 [ 19.380645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.380858] kthread+0x328/0x630 [ 19.381007] ret_from_fork+0x10/0x20 [ 19.381085] [ 19.381123] Allocated by task 265: [ 19.381327] kasan_save_stack+0x3c/0x68 [ 19.381581] kasan_save_track+0x20/0x40 [ 19.381651] kasan_save_alloc_info+0x40/0x58 [ 19.381868] __kasan_kmalloc+0xd4/0xd8 [ 19.382109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.382186] kasan_atomics+0xb8/0x2e0 [ 19.382337] kunit_try_run_case+0x170/0x3f0 [ 19.382396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.382634] kthread+0x328/0x630 [ 19.382734] ret_from_fork+0x10/0x20 [ 19.382898] [ 19.382958] The buggy address belongs to the object at fff00000c63aa000 [ 19.382958] which belongs to the cache kmalloc-64 of size 64 [ 19.383263] The buggy address is located 0 bytes to the right of [ 19.383263] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.383557] [ 19.383596] The buggy address belongs to the physical page: [ 19.383647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.383810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.383909] page_type: f5(slab) [ 19.383977] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.384114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.384158] page dumped because: kasan: bad access detected [ 19.384214] [ 19.384242] Memory state around the buggy address: [ 19.384458] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.384687] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.385077] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.385125] ^ [ 19.385163] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.385540] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386009] ================================================================== [ 19.227696] ================================================================== [ 19.227771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.227823] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.227897] [ 19.227929] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.228113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.228250] Hardware name: linux,dummy-virt (DT) [ 19.228292] Call trace: [ 19.228318] show_stack+0x20/0x38 (C) [ 19.228384] dump_stack_lvl+0x8c/0xd0 [ 19.228438] print_report+0x118/0x5d0 [ 19.228494] kasan_report+0xdc/0x128 [ 19.228542] kasan_check_range+0x100/0x1a8 [ 19.228728] __kasan_check_write+0x20/0x30 [ 19.228875] kasan_atomics_helper+0xf88/0x4858 [ 19.228994] kasan_atomics+0x198/0x2e0 [ 19.229085] kunit_try_run_case+0x170/0x3f0 [ 19.229152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.229226] kthread+0x328/0x630 [ 19.229279] ret_from_fork+0x10/0x20 [ 19.229341] [ 19.229410] Allocated by task 265: [ 19.229484] kasan_save_stack+0x3c/0x68 [ 19.229529] kasan_save_track+0x20/0x40 [ 19.229596] kasan_save_alloc_info+0x40/0x58 [ 19.229645] __kasan_kmalloc+0xd4/0xd8 [ 19.229692] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.229745] kasan_atomics+0xb8/0x2e0 [ 19.229784] kunit_try_run_case+0x170/0x3f0 [ 19.229845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.229971] kthread+0x328/0x630 [ 19.230136] ret_from_fork+0x10/0x20 [ 19.230182] [ 19.230223] The buggy address belongs to the object at fff00000c63aa000 [ 19.230223] which belongs to the cache kmalloc-64 of size 64 [ 19.230324] The buggy address is located 0 bytes to the right of [ 19.230324] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.230396] [ 19.230421] The buggy address belongs to the physical page: [ 19.230475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.230592] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.230731] page_type: f5(slab) [ 19.230784] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.230871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.230949] page dumped because: kasan: bad access detected [ 19.230984] [ 19.231004] Memory state around the buggy address: [ 19.231226] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.231273] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.231318] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.231359] ^ [ 19.231393] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.231705] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.231850] ================================================================== [ 19.181062] ================================================================== [ 19.181116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.181168] Read of size 4 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.181219] [ 19.181252] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.182794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.182889] Hardware name: linux,dummy-virt (DT) [ 19.182972] Call trace: [ 19.182997] show_stack+0x20/0x38 (C) [ 19.183442] dump_stack_lvl+0x8c/0xd0 [ 19.183504] print_report+0x118/0x5d0 [ 19.183555] kasan_report+0xdc/0x128 [ 19.183915] __asan_report_load4_noabort+0x20/0x30 [ 19.184018] kasan_atomics_helper+0x3e04/0x4858 [ 19.184076] kasan_atomics+0x198/0x2e0 [ 19.184615] kunit_try_run_case+0x170/0x3f0 [ 19.184693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.185040] kthread+0x328/0x630 [ 19.185098] ret_from_fork+0x10/0x20 [ 19.185514] [ 19.185546] Allocated by task 265: [ 19.185671] kasan_save_stack+0x3c/0x68 [ 19.185730] kasan_save_track+0x20/0x40 [ 19.186036] kasan_save_alloc_info+0x40/0x58 [ 19.186144] __kasan_kmalloc+0xd4/0xd8 [ 19.186414] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.186916] kasan_atomics+0xb8/0x2e0 [ 19.186973] kunit_try_run_case+0x170/0x3f0 [ 19.187147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187200] kthread+0x328/0x630 [ 19.187235] ret_from_fork+0x10/0x20 [ 19.187274] [ 19.187295] The buggy address belongs to the object at fff00000c63aa000 [ 19.187295] which belongs to the cache kmalloc-64 of size 64 [ 19.187357] The buggy address is located 0 bytes to the right of [ 19.187357] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.187423] [ 19.187947] The buggy address belongs to the physical page: [ 19.187989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.188271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.188414] page_type: f5(slab) [ 19.188500] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.188883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.188952] page dumped because: kasan: bad access detected [ 19.188987] [ 19.189008] Memory state around the buggy address: [ 19.189412] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.189892] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.190332] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.190478] ^ [ 19.190772] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.191229] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.191274] ================================================================== [ 19.192372] ================================================================== [ 19.194228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.194540] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.194809] [ 19.194899] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.194985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.195452] Hardware name: linux,dummy-virt (DT) [ 19.195504] Call trace: [ 19.195530] show_stack+0x20/0x38 (C) [ 19.195593] dump_stack_lvl+0x8c/0xd0 [ 19.195641] print_report+0x118/0x5d0 [ 19.196003] kasan_report+0xdc/0x128 [ 19.196324] kasan_check_range+0x100/0x1a8 [ 19.196491] __kasan_check_read+0x20/0x30 [ 19.196541] kasan_atomics_helper+0xdd4/0x4858 [ 19.196590] kasan_atomics+0x198/0x2e0 [ 19.196638] kunit_try_run_case+0x170/0x3f0 [ 19.196687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.196748] kthread+0x328/0x630 [ 19.196792] ret_from_fork+0x10/0x20 [ 19.196840] [ 19.196861] Allocated by task 265: [ 19.196896] kasan_save_stack+0x3c/0x68 [ 19.196938] kasan_save_track+0x20/0x40 [ 19.196976] kasan_save_alloc_info+0x40/0x58 [ 19.197019] __kasan_kmalloc+0xd4/0xd8 [ 19.197057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.197100] kasan_atomics+0xb8/0x2e0 [ 19.197138] kunit_try_run_case+0x170/0x3f0 [ 19.197178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.197224] kthread+0x328/0x630 [ 19.197258] ret_from_fork+0x10/0x20 [ 19.197295] [ 19.197322] The buggy address belongs to the object at fff00000c63aa000 [ 19.197322] which belongs to the cache kmalloc-64 of size 64 [ 19.197381] The buggy address is located 0 bytes to the right of [ 19.197381] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.197447] [ 19.197469] The buggy address belongs to the physical page: [ 19.197503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.197557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.197607] page_type: f5(slab) [ 19.197646] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.197698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.197748] page dumped because: kasan: bad access detected [ 19.197784] [ 19.197805] Memory state around the buggy address: [ 19.197839] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.197882] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.197926] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.197966] ^ [ 19.198000] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198044] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198084] ================================================================== [ 19.271454] ================================================================== [ 19.271674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.271757] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.271828] [ 19.271866] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.271950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.271979] Hardware name: linux,dummy-virt (DT) [ 19.272010] Call trace: [ 19.272036] show_stack+0x20/0x38 (C) [ 19.272095] dump_stack_lvl+0x8c/0xd0 [ 19.272146] print_report+0x118/0x5d0 [ 19.272194] kasan_report+0xdc/0x128 [ 19.272239] kasan_check_range+0x100/0x1a8 [ 19.272289] __kasan_check_write+0x20/0x30 [ 19.272334] kasan_atomics_helper+0x1384/0x4858 [ 19.272383] kasan_atomics+0x198/0x2e0 [ 19.272429] kunit_try_run_case+0x170/0x3f0 [ 19.272478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.272532] kthread+0x328/0x630 [ 19.272582] ret_from_fork+0x10/0x20 [ 19.272632] [ 19.272652] Allocated by task 265: [ 19.272688] kasan_save_stack+0x3c/0x68 [ 19.273141] kasan_save_track+0x20/0x40 [ 19.273422] kasan_save_alloc_info+0x40/0x58 [ 19.273727] __kasan_kmalloc+0xd4/0xd8 [ 19.273789] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.273832] kasan_atomics+0xb8/0x2e0 [ 19.274230] kunit_try_run_case+0x170/0x3f0 [ 19.274335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.274387] kthread+0x328/0x630 [ 19.274654] ret_from_fork+0x10/0x20 [ 19.274725] [ 19.274751] The buggy address belongs to the object at fff00000c63aa000 [ 19.274751] which belongs to the cache kmalloc-64 of size 64 [ 19.274812] The buggy address is located 0 bytes to the right of [ 19.274812] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.275368] [ 19.276153] The buggy address belongs to the physical page: [ 19.276251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.276355] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.276438] page_type: f5(slab) [ 19.276515] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.276780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.277089] page dumped because: kasan: bad access detected [ 19.277168] [ 19.277342] Memory state around the buggy address: [ 19.277529] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.277627] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.277673] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.277906] ^ [ 19.278086] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278370] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278568] ================================================================== [ 19.263621] ================================================================== [ 19.263666] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.263724] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.263774] [ 19.263805] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.263886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.263915] Hardware name: linux,dummy-virt (DT) [ 19.263946] Call trace: [ 19.263971] show_stack+0x20/0x38 (C) [ 19.264018] dump_stack_lvl+0x8c/0xd0 [ 19.264409] print_report+0x118/0x5d0 [ 19.264483] kasan_report+0xdc/0x128 [ 19.264886] kasan_check_range+0x100/0x1a8 [ 19.265083] __kasan_check_write+0x20/0x30 [ 19.265152] kasan_atomics_helper+0x12d8/0x4858 [ 19.265249] kasan_atomics+0x198/0x2e0 [ 19.265403] kunit_try_run_case+0x170/0x3f0 [ 19.265532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.265596] kthread+0x328/0x630 [ 19.265639] ret_from_fork+0x10/0x20 [ 19.265689] [ 19.265709] Allocated by task 265: [ 19.265751] kasan_save_stack+0x3c/0x68 [ 19.265792] kasan_save_track+0x20/0x40 [ 19.265832] kasan_save_alloc_info+0x40/0x58 [ 19.265991] __kasan_kmalloc+0xd4/0xd8 [ 19.266038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.266079] kasan_atomics+0xb8/0x2e0 [ 19.266117] kunit_try_run_case+0x170/0x3f0 [ 19.266231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.266316] kthread+0x328/0x630 [ 19.266359] ret_from_fork+0x10/0x20 [ 19.266456] [ 19.266580] The buggy address belongs to the object at fff00000c63aa000 [ 19.266580] which belongs to the cache kmalloc-64 of size 64 [ 19.266686] The buggy address is located 0 bytes to the right of [ 19.266686] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.266874] [ 19.266935] The buggy address belongs to the physical page: [ 19.267590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.267652] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.267702] page_type: f5(slab) [ 19.267756] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.267818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.267863] page dumped because: kasan: bad access detected [ 19.267896] [ 19.268214] Memory state around the buggy address: [ 19.268422] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.268792] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.268909] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.268952] ^ [ 19.268992] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.269330] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.269552] ================================================================== [ 19.166174] ================================================================== [ 19.166260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.166410] Read of size 4 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.166497] [ 19.166534] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.166626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.166817] Hardware name: linux,dummy-virt (DT) [ 19.166902] Call trace: [ 19.167109] show_stack+0x20/0x38 (C) [ 19.167355] dump_stack_lvl+0x8c/0xd0 [ 19.167463] print_report+0x118/0x5d0 [ 19.167692] kasan_report+0xdc/0x128 [ 19.167793] __asan_report_load4_noabort+0x20/0x30 [ 19.168019] kasan_atomics_helper+0x3dd8/0x4858 [ 19.168100] kasan_atomics+0x198/0x2e0 [ 19.168259] kunit_try_run_case+0x170/0x3f0 [ 19.168328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.168558] kthread+0x328/0x630 [ 19.168687] ret_from_fork+0x10/0x20 [ 19.168761] [ 19.168781] Allocated by task 265: [ 19.168811] kasan_save_stack+0x3c/0x68 [ 19.168855] kasan_save_track+0x20/0x40 [ 19.168893] kasan_save_alloc_info+0x40/0x58 [ 19.168935] __kasan_kmalloc+0xd4/0xd8 [ 19.168975] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.169016] kasan_atomics+0xb8/0x2e0 [ 19.169053] kunit_try_run_case+0x170/0x3f0 [ 19.169093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.169138] kthread+0x328/0x630 [ 19.169172] ret_from_fork+0x10/0x20 [ 19.169214] [ 19.169236] The buggy address belongs to the object at fff00000c63aa000 [ 19.169236] which belongs to the cache kmalloc-64 of size 64 [ 19.169295] The buggy address is located 0 bytes to the right of [ 19.169295] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.169367] [ 19.169392] The buggy address belongs to the physical page: [ 19.169426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.169480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.169531] page_type: f5(slab) [ 19.169570] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.169736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.169812] page dumped because: kasan: bad access detected [ 19.170122] [ 19.170156] Memory state around the buggy address: [ 19.170191] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.170238] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.170398] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.170465] ^ [ 19.170637] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.170707] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.171046] ================================================================== [ 19.300979] ================================================================== [ 19.301039] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.301091] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.301141] [ 19.301184] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.301266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301294] Hardware name: linux,dummy-virt (DT) [ 19.301333] Call trace: [ 19.301356] show_stack+0x20/0x38 (C) [ 19.301406] dump_stack_lvl+0x8c/0xd0 [ 19.301462] print_report+0x118/0x5d0 [ 19.301510] kasan_report+0xdc/0x128 [ 19.301558] kasan_check_range+0x100/0x1a8 [ 19.301615] __kasan_check_write+0x20/0x30 [ 19.301663] kasan_atomics_helper+0x14e4/0x4858 [ 19.301723] kasan_atomics+0x198/0x2e0 [ 19.301770] kunit_try_run_case+0x170/0x3f0 [ 19.301826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.301881] kthread+0x328/0x630 [ 19.301923] ret_from_fork+0x10/0x20 [ 19.301970] [ 19.301991] Allocated by task 265: [ 19.302020] kasan_save_stack+0x3c/0x68 [ 19.302073] kasan_save_track+0x20/0x40 [ 19.302112] kasan_save_alloc_info+0x40/0x58 [ 19.302154] __kasan_kmalloc+0xd4/0xd8 [ 19.302191] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.302242] kasan_atomics+0xb8/0x2e0 [ 19.302279] kunit_try_run_case+0x170/0x3f0 [ 19.302320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302363] kthread+0x328/0x630 [ 19.302396] ret_from_fork+0x10/0x20 [ 19.302434] [ 19.302456] The buggy address belongs to the object at fff00000c63aa000 [ 19.302456] which belongs to the cache kmalloc-64 of size 64 [ 19.302515] The buggy address is located 0 bytes to the right of [ 19.302515] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.302581] [ 19.302611] The buggy address belongs to the physical page: [ 19.302652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.303352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.303892] page_type: f5(slab) [ 19.303961] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.304040] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.304098] page dumped because: kasan: bad access detected [ 19.304133] [ 19.304443] Memory state around the buggy address: [ 19.304851] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.305037] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.305090] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.305536] ^ [ 19.305785] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305833] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305874] ================================================================== [ 19.352033] ================================================================== [ 19.352108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.352223] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.352487] [ 19.352625] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.352895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.352982] Hardware name: linux,dummy-virt (DT) [ 19.353039] Call trace: [ 19.353121] show_stack+0x20/0x38 (C) [ 19.353176] dump_stack_lvl+0x8c/0xd0 [ 19.353224] print_report+0x118/0x5d0 [ 19.353313] kasan_report+0xdc/0x128 [ 19.353367] kasan_check_range+0x100/0x1a8 [ 19.353417] __kasan_check_write+0x20/0x30 [ 19.353810] kasan_atomics_helper+0x16d0/0x4858 [ 19.354072] kasan_atomics+0x198/0x2e0 [ 19.354217] kunit_try_run_case+0x170/0x3f0 [ 19.354420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.354538] kthread+0x328/0x630 [ 19.354591] ret_from_fork+0x10/0x20 [ 19.354639] [ 19.354662] Allocated by task 265: [ 19.354937] kasan_save_stack+0x3c/0x68 [ 19.355449] kasan_save_track+0x20/0x40 [ 19.355531] kasan_save_alloc_info+0x40/0x58 [ 19.355697] __kasan_kmalloc+0xd4/0xd8 [ 19.355848] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.355895] kasan_atomics+0xb8/0x2e0 [ 19.355934] kunit_try_run_case+0x170/0x3f0 [ 19.355975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.356028] kthread+0x328/0x630 [ 19.356461] ret_from_fork+0x10/0x20 [ 19.356693] [ 19.356829] The buggy address belongs to the object at fff00000c63aa000 [ 19.356829] which belongs to the cache kmalloc-64 of size 64 [ 19.357012] The buggy address is located 0 bytes to the right of [ 19.357012] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.357159] [ 19.357205] The buggy address belongs to the physical page: [ 19.357241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.357303] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.357369] page_type: f5(slab) [ 19.357409] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.357462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.357513] page dumped because: kasan: bad access detected [ 19.357557] [ 19.357579] Memory state around the buggy address: [ 19.357627] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.357681] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.357739] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.357779] ^ [ 19.357815] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357860] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357908] ================================================================== [ 19.235891] ================================================================== [ 19.235970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.236025] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.236078] [ 19.236155] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.236265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.236412] Hardware name: linux,dummy-virt (DT) [ 19.236445] Call trace: [ 19.236549] show_stack+0x20/0x38 (C) [ 19.236635] dump_stack_lvl+0x8c/0xd0 [ 19.236685] print_report+0x118/0x5d0 [ 19.236776] kasan_report+0xdc/0x128 [ 19.236853] kasan_check_range+0x100/0x1a8 [ 19.236908] __kasan_check_write+0x20/0x30 [ 19.236983] kasan_atomics_helper+0x1058/0x4858 [ 19.237040] kasan_atomics+0x198/0x2e0 [ 19.237087] kunit_try_run_case+0x170/0x3f0 [ 19.237153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237217] kthread+0x328/0x630 [ 19.237261] ret_from_fork+0x10/0x20 [ 19.237325] [ 19.237381] Allocated by task 265: [ 19.237412] kasan_save_stack+0x3c/0x68 [ 19.237454] kasan_save_track+0x20/0x40 [ 19.237495] kasan_save_alloc_info+0x40/0x58 [ 19.237537] __kasan_kmalloc+0xd4/0xd8 [ 19.237575] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.237808] kasan_atomics+0xb8/0x2e0 [ 19.237879] kunit_try_run_case+0x170/0x3f0 [ 19.237923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237967] kthread+0x328/0x630 [ 19.238002] ret_from_fork+0x10/0x20 [ 19.238053] [ 19.238077] The buggy address belongs to the object at fff00000c63aa000 [ 19.238077] which belongs to the cache kmalloc-64 of size 64 [ 19.238143] The buggy address is located 0 bytes to the right of [ 19.238143] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.238314] [ 19.238337] The buggy address belongs to the physical page: [ 19.238404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.238518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.238572] page_type: f5(slab) [ 19.238674] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.238799] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.238936] page dumped because: kasan: bad access detected [ 19.239075] [ 19.239165] Memory state around the buggy address: [ 19.239232] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.239285] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.239330] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.239371] ^ [ 19.239407] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.239449] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.239525] ================================================================== [ 19.213273] ================================================================== [ 19.213372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.213425] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.213477] [ 19.213517] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.213864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.213923] Hardware name: linux,dummy-virt (DT) [ 19.214075] Call trace: [ 19.214101] show_stack+0x20/0x38 (C) [ 19.214207] dump_stack_lvl+0x8c/0xd0 [ 19.214293] print_report+0x118/0x5d0 [ 19.214352] kasan_report+0xdc/0x128 [ 19.214419] __asan_report_store8_noabort+0x20/0x30 [ 19.214491] kasan_atomics_helper+0x3e5c/0x4858 [ 19.214548] kasan_atomics+0x198/0x2e0 [ 19.214659] kunit_try_run_case+0x170/0x3f0 [ 19.214709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.214774] kthread+0x328/0x630 [ 19.214989] ret_from_fork+0x10/0x20 [ 19.215072] [ 19.215096] Allocated by task 265: [ 19.215127] kasan_save_stack+0x3c/0x68 [ 19.215183] kasan_save_track+0x20/0x40 [ 19.215391] kasan_save_alloc_info+0x40/0x58 [ 19.215521] __kasan_kmalloc+0xd4/0xd8 [ 19.215914] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.216006] kasan_atomics+0xb8/0x2e0 [ 19.216113] kunit_try_run_case+0x170/0x3f0 [ 19.216154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.216200] kthread+0x328/0x630 [ 19.216236] ret_from_fork+0x10/0x20 [ 19.216274] [ 19.216314] The buggy address belongs to the object at fff00000c63aa000 [ 19.216314] which belongs to the cache kmalloc-64 of size 64 [ 19.216375] The buggy address is located 0 bytes to the right of [ 19.216375] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.216440] [ 19.216462] The buggy address belongs to the physical page: [ 19.216495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.216549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.216598] page_type: f5(slab) [ 19.216638] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.216692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.216770] page dumped because: kasan: bad access detected [ 19.216804] [ 19.216825] Memory state around the buggy address: [ 19.216859] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.216905] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.216950] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.216989] ^ [ 19.217023] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.217064] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.217106] ================================================================== [ 19.279356] ================================================================== [ 19.279417] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.279469] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.279932] [ 19.279986] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.280137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.280208] Hardware name: linux,dummy-virt (DT) [ 19.280243] Call trace: [ 19.280268] show_stack+0x20/0x38 (C) [ 19.280408] dump_stack_lvl+0x8c/0xd0 [ 19.280473] print_report+0x118/0x5d0 [ 19.280540] kasan_report+0xdc/0x128 [ 19.280588] __asan_report_load8_noabort+0x20/0x30 [ 19.280963] kasan_atomics_helper+0x3f04/0x4858 [ 19.281033] kasan_atomics+0x198/0x2e0 [ 19.281115] kunit_try_run_case+0x170/0x3f0 [ 19.281167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.281222] kthread+0x328/0x630 [ 19.281565] ret_from_fork+0x10/0x20 [ 19.281732] [ 19.281803] Allocated by task 265: [ 19.281837] kasan_save_stack+0x3c/0x68 [ 19.282228] kasan_save_track+0x20/0x40 [ 19.282487] kasan_save_alloc_info+0x40/0x58 [ 19.282626] __kasan_kmalloc+0xd4/0xd8 [ 19.282854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.283052] kasan_atomics+0xb8/0x2e0 [ 19.283137] kunit_try_run_case+0x170/0x3f0 [ 19.283177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.283223] kthread+0x328/0x630 [ 19.283257] ret_from_fork+0x10/0x20 [ 19.283293] [ 19.283317] The buggy address belongs to the object at fff00000c63aa000 [ 19.283317] which belongs to the cache kmalloc-64 of size 64 [ 19.283378] The buggy address is located 0 bytes to the right of [ 19.283378] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.283704] [ 19.284230] The buggy address belongs to the physical page: [ 19.284315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.284393] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.284706] page_type: f5(slab) [ 19.284794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.284849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.284913] page dumped because: kasan: bad access detected [ 19.284947] [ 19.284969] Memory state around the buggy address: [ 19.285022] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.285069] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.285114] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.285154] ^ [ 19.285191] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.285246] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.285287] ================================================================== [ 19.306473] ================================================================== [ 19.306527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.307264] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.307408] [ 19.307495] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.307655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.307787] Hardware name: linux,dummy-virt (DT) [ 19.307855] Call trace: [ 19.307880] show_stack+0x20/0x38 (C) [ 19.308271] dump_stack_lvl+0x8c/0xd0 [ 19.308407] print_report+0x118/0x5d0 [ 19.308674] kasan_report+0xdc/0x128 [ 19.309075] kasan_check_range+0x100/0x1a8 [ 19.309446] __kasan_check_write+0x20/0x30 [ 19.309546] kasan_atomics_helper+0x154c/0x4858 [ 19.309742] kasan_atomics+0x198/0x2e0 [ 19.309931] kunit_try_run_case+0x170/0x3f0 [ 19.309985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.310095] kthread+0x328/0x630 [ 19.310760] ret_from_fork+0x10/0x20 [ 19.310941] [ 19.311052] Allocated by task 265: [ 19.311162] kasan_save_stack+0x3c/0x68 [ 19.311389] kasan_save_track+0x20/0x40 [ 19.311577] kasan_save_alloc_info+0x40/0x58 [ 19.311667] __kasan_kmalloc+0xd4/0xd8 [ 19.312029] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.312167] kasan_atomics+0xb8/0x2e0 [ 19.312382] kunit_try_run_case+0x170/0x3f0 [ 19.312609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.313255] kthread+0x328/0x630 [ 19.313345] ret_from_fork+0x10/0x20 [ 19.313414] [ 19.313472] The buggy address belongs to the object at fff00000c63aa000 [ 19.313472] which belongs to the cache kmalloc-64 of size 64 [ 19.313677] The buggy address is located 0 bytes to the right of [ 19.313677] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.313997] [ 19.314213] The buggy address belongs to the physical page: [ 19.314287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.314690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.314764] page_type: f5(slab) [ 19.315031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.315262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.316106] page dumped because: kasan: bad access detected [ 19.316283] [ 19.316414] Memory state around the buggy address: [ 19.316455] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.316769] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.317151] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.317300] ^ [ 19.317358] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.317752] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.317987] ================================================================== [ 19.244252] ================================================================== [ 19.244298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.244346] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.244396] [ 19.244427] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.244509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.244537] Hardware name: linux,dummy-virt (DT) [ 19.244570] Call trace: [ 19.244594] show_stack+0x20/0x38 (C) [ 19.244642] dump_stack_lvl+0x8c/0xd0 [ 19.244690] print_report+0x118/0x5d0 [ 19.244753] kasan_report+0xdc/0x128 [ 19.244814] kasan_check_range+0x100/0x1a8 [ 19.244903] __kasan_check_write+0x20/0x30 [ 19.244954] kasan_atomics_helper+0x1128/0x4858 [ 19.245021] kasan_atomics+0x198/0x2e0 [ 19.245096] kunit_try_run_case+0x170/0x3f0 [ 19.245147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.245312] kthread+0x328/0x630 [ 19.245363] ret_from_fork+0x10/0x20 [ 19.245412] [ 19.245531] Allocated by task 265: [ 19.245612] kasan_save_stack+0x3c/0x68 [ 19.245676] kasan_save_track+0x20/0x40 [ 19.245731] kasan_save_alloc_info+0x40/0x58 [ 19.245772] __kasan_kmalloc+0xd4/0xd8 [ 19.245811] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.246006] kasan_atomics+0xb8/0x2e0 [ 19.246085] kunit_try_run_case+0x170/0x3f0 [ 19.246146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.246231] kthread+0x328/0x630 [ 19.246303] ret_from_fork+0x10/0x20 [ 19.246476] [ 19.246637] The buggy address belongs to the object at fff00000c63aa000 [ 19.246637] which belongs to the cache kmalloc-64 of size 64 [ 19.246782] The buggy address is located 0 bytes to the right of [ 19.246782] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.246853] [ 19.246877] The buggy address belongs to the physical page: [ 19.246909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.246972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.247023] page_type: f5(slab) [ 19.247062] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.247115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.247159] page dumped because: kasan: bad access detected [ 19.247192] [ 19.247214] Memory state around the buggy address: [ 19.247248] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.247293] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.247340] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.247379] ^ [ 19.247415] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.247471] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.247518] ================================================================== [ 19.205656] ================================================================== [ 19.205710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.205774] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.205825] [ 19.205855] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.206266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.206358] Hardware name: linux,dummy-virt (DT) [ 19.206442] Call trace: [ 19.206503] show_stack+0x20/0x38 (C) [ 19.206554] dump_stack_lvl+0x8c/0xd0 [ 19.206638] print_report+0x118/0x5d0 [ 19.206867] kasan_report+0xdc/0x128 [ 19.206922] kasan_check_range+0x100/0x1a8 [ 19.207392] __kasan_check_write+0x20/0x30 [ 19.207455] kasan_atomics_helper+0xe44/0x4858 [ 19.207536] kasan_atomics+0x198/0x2e0 [ 19.207721] kunit_try_run_case+0x170/0x3f0 [ 19.207794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.207849] kthread+0x328/0x630 [ 19.207908] ret_from_fork+0x10/0x20 [ 19.208136] [ 19.208326] Allocated by task 265: [ 19.208475] kasan_save_stack+0x3c/0x68 [ 19.208607] kasan_save_track+0x20/0x40 [ 19.209017] kasan_save_alloc_info+0x40/0x58 [ 19.209192] __kasan_kmalloc+0xd4/0xd8 [ 19.209348] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.209531] kasan_atomics+0xb8/0x2e0 [ 19.209636] kunit_try_run_case+0x170/0x3f0 [ 19.209705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.209762] kthread+0x328/0x630 [ 19.209988] ret_from_fork+0x10/0x20 [ 19.210138] [ 19.210330] The buggy address belongs to the object at fff00000c63aa000 [ 19.210330] which belongs to the cache kmalloc-64 of size 64 [ 19.210455] The buggy address is located 0 bytes to the right of [ 19.210455] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.210731] [ 19.210973] The buggy address belongs to the physical page: [ 19.211030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.211085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.211153] page_type: f5(slab) [ 19.211450] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.211678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.211777] page dumped because: kasan: bad access detected [ 19.211861] [ 19.212147] Memory state around the buggy address: [ 19.212263] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.212320] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.212363] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.212404] ^ [ 19.212440] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.212485] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.212533] ================================================================== [ 19.172009] ================================================================== [ 19.172073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.172126] Write of size 4 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.172177] [ 19.172459] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.172567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.172597] Hardware name: linux,dummy-virt (DT) [ 19.172651] Call trace: [ 19.172679] show_stack+0x20/0x38 (C) [ 19.172742] dump_stack_lvl+0x8c/0xd0 [ 19.173028] print_report+0x118/0x5d0 [ 19.173095] kasan_report+0xdc/0x128 [ 19.173222] kasan_check_range+0x100/0x1a8 [ 19.173276] __kasan_check_write+0x20/0x30 [ 19.173358] kasan_atomics_helper+0xd3c/0x4858 [ 19.173420] kasan_atomics+0x198/0x2e0 [ 19.173466] kunit_try_run_case+0x170/0x3f0 [ 19.173570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.173628] kthread+0x328/0x630 [ 19.173672] ret_from_fork+0x10/0x20 [ 19.173742] [ 19.173764] Allocated by task 265: [ 19.173795] kasan_save_stack+0x3c/0x68 [ 19.173839] kasan_save_track+0x20/0x40 [ 19.173881] kasan_save_alloc_info+0x40/0x58 [ 19.174250] __kasan_kmalloc+0xd4/0xd8 [ 19.174350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.174758] kasan_atomics+0xb8/0x2e0 [ 19.175146] kunit_try_run_case+0x170/0x3f0 [ 19.175239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.175413] kthread+0x328/0x630 [ 19.175495] ret_from_fork+0x10/0x20 [ 19.175882] [ 19.175910] The buggy address belongs to the object at fff00000c63aa000 [ 19.175910] which belongs to the cache kmalloc-64 of size 64 [ 19.176407] The buggy address is located 0 bytes to the right of [ 19.176407] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.176635] [ 19.176958] The buggy address belongs to the physical page: [ 19.177120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.177582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.177692] page_type: f5(slab) [ 19.178255] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.178315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.178366] page dumped because: kasan: bad access detected [ 19.178665] [ 19.178687] Memory state around the buggy address: [ 19.178732] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.179136] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.179187] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.179228] ^ [ 19.179850] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.179901] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.180194] ================================================================== [ 19.247629] ================================================================== [ 19.247672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.247744] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.247797] [ 19.247829] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.247910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.247938] Hardware name: linux,dummy-virt (DT) [ 19.247971] Call trace: [ 19.247995] show_stack+0x20/0x38 (C) [ 19.248043] dump_stack_lvl+0x8c/0xd0 [ 19.248089] print_report+0x118/0x5d0 [ 19.248372] kasan_report+0xdc/0x128 [ 19.248436] kasan_check_range+0x100/0x1a8 [ 19.248489] __kasan_check_write+0x20/0x30 [ 19.248802] kasan_atomics_helper+0x1190/0x4858 [ 19.248928] kasan_atomics+0x198/0x2e0 [ 19.248983] kunit_try_run_case+0x170/0x3f0 [ 19.249031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.249358] kthread+0x328/0x630 [ 19.249409] ret_from_fork+0x10/0x20 [ 19.249536] [ 19.249606] Allocated by task 265: [ 19.249677] kasan_save_stack+0x3c/0x68 [ 19.249783] kasan_save_track+0x20/0x40 [ 19.249874] kasan_save_alloc_info+0x40/0x58 [ 19.250138] __kasan_kmalloc+0xd4/0xd8 [ 19.250298] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.250421] kasan_atomics+0xb8/0x2e0 [ 19.250532] kunit_try_run_case+0x170/0x3f0 [ 19.250653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.250735] kthread+0x328/0x630 [ 19.250806] ret_from_fork+0x10/0x20 [ 19.250959] [ 19.251012] The buggy address belongs to the object at fff00000c63aa000 [ 19.251012] which belongs to the cache kmalloc-64 of size 64 [ 19.251073] The buggy address is located 0 bytes to the right of [ 19.251073] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.251139] [ 19.251164] The buggy address belongs to the physical page: [ 19.251196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.251250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.251299] page_type: f5(slab) [ 19.251339] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.251391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.251434] page dumped because: kasan: bad access detected [ 19.251468] [ 19.251661] Memory state around the buggy address: [ 19.251793] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.251915] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.252239] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.252306] ^ [ 19.252358] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.252434] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.252557] ================================================================== [ 19.260149] ================================================================== [ 19.260210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.260264] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.260315] [ 19.260370] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.260481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.260512] Hardware name: linux,dummy-virt (DT) [ 19.260572] Call trace: [ 19.260599] show_stack+0x20/0x38 (C) [ 19.260647] dump_stack_lvl+0x8c/0xd0 [ 19.260703] print_report+0x118/0x5d0 [ 19.261062] kasan_report+0xdc/0x128 [ 19.261131] kasan_check_range+0x100/0x1a8 [ 19.261183] __kasan_check_write+0x20/0x30 [ 19.261229] kasan_atomics_helper+0x126c/0x4858 [ 19.261278] kasan_atomics+0x198/0x2e0 [ 19.261402] kunit_try_run_case+0x170/0x3f0 [ 19.261455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.261508] kthread+0x328/0x630 [ 19.261550] ret_from_fork+0x10/0x20 [ 19.261724] [ 19.261755] Allocated by task 265: [ 19.261789] kasan_save_stack+0x3c/0x68 [ 19.261988] kasan_save_track+0x20/0x40 [ 19.262035] kasan_save_alloc_info+0x40/0x58 [ 19.262077] __kasan_kmalloc+0xd4/0xd8 [ 19.262300] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.262436] kasan_atomics+0xb8/0x2e0 [ 19.262478] kunit_try_run_case+0x170/0x3f0 [ 19.262527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.262576] kthread+0x328/0x630 [ 19.262611] ret_from_fork+0x10/0x20 [ 19.262648] [ 19.262671] The buggy address belongs to the object at fff00000c63aa000 [ 19.262671] which belongs to the cache kmalloc-64 of size 64 [ 19.262742] The buggy address is located 0 bytes to the right of [ 19.262742] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.262808] [ 19.262831] The buggy address belongs to the physical page: [ 19.262864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.262925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.262976] page_type: f5(slab) [ 19.263017] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.263069] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.263123] page dumped because: kasan: bad access detected [ 19.263165] [ 19.263194] Memory state around the buggy address: [ 19.263231] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.263276] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.263321] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.263360] ^ [ 19.263396] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.263441] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.263487] ================================================================== [ 19.109634] ================================================================== [ 19.109687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.109763] Write of size 4 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.109815] [ 19.109848] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.109931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.109960] Hardware name: linux,dummy-virt (DT) [ 19.109993] Call trace: [ 19.110017] show_stack+0x20/0x38 (C) [ 19.110066] dump_stack_lvl+0x8c/0xd0 [ 19.110114] print_report+0x118/0x5d0 [ 19.110315] kasan_atomics_helper+0xa6c/0x4858 [ 19.110554] ret_from_fork+0x10/0x20 [ 19.110602] [ 19.110627] Allocated by task 265: [ 19.110658] kasan_save_stack+0x3c/0x68 [ 19.110700] kasan_save_track+0x20/0x40 [ 19.110751] kasan_save_alloc_info+0x40/0x58 [ 19.111281] __kasan_kmalloc+0xd4/0xd8 [ 19.111341] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.111385] kasan_atomics+0xb8/0x2e0 [ 19.111434] kunit_try_run_case+0x170/0x3f0 [ 19.111476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.112164] kthread+0x328/0x630 [ 19.112349] ret_from_fork+0x10/0x20 [ 19.112468] [ 19.112809] The buggy address belongs to the object at fff00000c63aa000 [ 19.112809] which belongs to the cache kmalloc-64 of size 64 [ 19.113113] The buggy address is located 0 bytes to the right of [ 19.113113] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.113322] [ 19.113784] The buggy address belongs to the physical page: [ 19.114521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.117829] Write of size 4 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.120876] ret_from_fork+0x10/0x20 [ 19.121020] [ 19.121170] Allocated by task 265: [ 19.121322] kasan_save_stack+0x3c/0x68 [ 19.121402] kasan_save_track+0x20/0x40 [ 19.121562] kasan_save_alloc_info+0x40/0x58 [ 19.121666] __kasan_kmalloc+0xd4/0xd8 [ 19.121809] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.121925] kasan_atomics+0xb8/0x2e0 [ 19.122082] kunit_try_run_case+0x170/0x3f0 [ 19.122300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.122548] kthread+0x328/0x630 [ 19.122739] ret_from_fork+0x10/0x20 [ 19.122918] [ 19.122974] The buggy address belongs to the object at fff00000c63aa000 [ 19.122974] which belongs to the cache kmalloc-64 of size 64 [ 19.123218] The buggy address is located 0 bytes to the right of [ 19.123218] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.123326] [ 19.123350] The buggy address belongs to the physical page: [ 19.123545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.125834] page dumped because: kasan: bad access detected [ 19.127060] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.129087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.130547] kasan_save_stack+0x3c/0x68 [ 19.131487] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.132478] [ 19.132852] page_type: f5(slab) [ 19.133360] page dumped because: kasan: bad access detected [ 19.134622] ================================================================== [ 19.341504] ================================================================== [ 19.341936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.342026] Read of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.342081] [ 19.342115] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.342648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.342828] Hardware name: linux,dummy-virt (DT) [ 19.343196] Call trace: [ 19.343591] show_stack+0x20/0x38 (C) [ 19.343680] dump_stack_lvl+0x8c/0xd0 [ 19.343760] print_report+0x118/0x5d0 [ 19.343835] kasan_report+0xdc/0x128 [ 19.344230] __asan_report_load8_noabort+0x20/0x30 [ 19.344446] kasan_atomics_helper+0x3df4/0x4858 [ 19.344538] kasan_atomics+0x198/0x2e0 [ 19.344707] kunit_try_run_case+0x170/0x3f0 [ 19.345099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.345189] kthread+0x328/0x630 [ 19.345339] ret_from_fork+0x10/0x20 [ 19.345449] [ 19.345548] Allocated by task 265: [ 19.345580] kasan_save_stack+0x3c/0x68 [ 19.345625] kasan_save_track+0x20/0x40 [ 19.345990] kasan_save_alloc_info+0x40/0x58 [ 19.346486] __kasan_kmalloc+0xd4/0xd8 [ 19.346635] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.346803] kasan_atomics+0xb8/0x2e0 [ 19.346845] kunit_try_run_case+0x170/0x3f0 [ 19.346945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346993] kthread+0x328/0x630 [ 19.347028] ret_from_fork+0x10/0x20 [ 19.347064] [ 19.347086] The buggy address belongs to the object at fff00000c63aa000 [ 19.347086] which belongs to the cache kmalloc-64 of size 64 [ 19.347480] The buggy address is located 0 bytes to the right of [ 19.347480] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.347702] [ 19.347913] The buggy address belongs to the physical page: [ 19.348055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.348116] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.348451] page_type: f5(slab) [ 19.348792] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.348867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.349093] page dumped because: kasan: bad access detected [ 19.349606] [ 19.349648] Memory state around the buggy address: [ 19.349722] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.349957] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.350008] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.350050] ^ [ 19.350525] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.350610] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.350650] ================================================================== [ 19.253543] ================================================================== [ 19.253604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.253782] Write of size 8 at addr fff00000c63aa030 by task kunit_try_catch/265 [ 19.253894] [ 19.253952] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.254083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.254130] Hardware name: linux,dummy-virt (DT) [ 19.254163] Call trace: [ 19.254189] show_stack+0x20/0x38 (C) [ 19.254245] dump_stack_lvl+0x8c/0xd0 [ 19.254300] print_report+0x118/0x5d0 [ 19.254374] kasan_report+0xdc/0x128 [ 19.254422] kasan_check_range+0x100/0x1a8 [ 19.254471] __kasan_check_write+0x20/0x30 [ 19.254516] kasan_atomics_helper+0x11f8/0x4858 [ 19.254565] kasan_atomics+0x198/0x2e0 [ 19.255090] kunit_try_run_case+0x170/0x3f0 [ 19.255244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.255391] kthread+0x328/0x630 [ 19.255479] ret_from_fork+0x10/0x20 [ 19.255884] [ 19.256518] Allocated by task 265: [ 19.256554] kasan_save_stack+0x3c/0x68 [ 19.256655] kasan_save_track+0x20/0x40 [ 19.256696] kasan_save_alloc_info+0x40/0x58 [ 19.256748] __kasan_kmalloc+0xd4/0xd8 [ 19.256788] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.256869] kasan_atomics+0xb8/0x2e0 [ 19.256955] kunit_try_run_case+0x170/0x3f0 [ 19.257355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.257416] kthread+0x328/0x630 [ 19.257451] ret_from_fork+0x10/0x20 [ 19.257489] [ 19.257513] The buggy address belongs to the object at fff00000c63aa000 [ 19.257513] which belongs to the cache kmalloc-64 of size 64 [ 19.257574] The buggy address is located 0 bytes to the right of [ 19.257574] allocated 48-byte region [fff00000c63aa000, fff00000c63aa030) [ 19.257640] [ 19.257664] The buggy address belongs to the physical page: [ 19.257697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 19.257763] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.257812] page_type: f5(slab) [ 19.257854] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.257906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.258012] page dumped because: kasan: bad access detected [ 19.258071] [ 19.258181] Memory state around the buggy address: [ 19.258258] fff00000c63a9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.258309] fff00000c63a9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.258360] >fff00000c63aa000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.258399] ^ [ 19.258436] fff00000c63aa080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.258482] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.258523] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.745767] ================================================================== [ 18.746092] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.746211] Read of size 1 at addr ffff800080a87b5f by task kunit_try_catch/251 [ 18.746266] [ 18.746304] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.746404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.746434] Hardware name: linux,dummy-virt (DT) [ 18.747200] __asan_report_load1_noabort+0x20/0x30 [ 18.748096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106402 [ 18.748678] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.757134] __asan_report_load1_noabort+0x20/0x30 [ 18.759093] ^ [ 18.769977] not ok 60 kasan_memchr [ 18.774807] dump_stack_lvl+0x8c/0xd0 [ 18.778810] ret_from_fork+0x10/0x20 [ 18.779478] [ 18.781255] page dumped because: kasan: bad access detected [ 18.781927] >fff00000c770ad00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.795275] # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test_c.c:1610 [ 18.795275] KASAN failure expected in \"kasan_ptr_result = strchr(ptr, '1')\", but none occurred [ 18.804787] kthread+0x328/0x630 [ 18.806462] kasan_save_alloc_info+0x40/0x58 [ 18.809434] kasan_save_track+0x20/0x40 [ 18.811054] kthread+0x328/0x630 [ 18.811822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770a [ 18.813761] page dumped because: kasan: bad access detected [ 18.817615] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.818579] kasan_strings+0x95c/0xb00 [ 18.818624] kunit_try_run_case+0x170/0x3f0 [ 18.818747] kthread+0x328/0x630 [ 18.820023] kasan_save_alloc_info+0x40/0x58 [ 18.820121] __kasan_kmalloc+0xd4/0xd8 [ 18.820164] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.821579] The buggy address belongs to the object at fff00000c770aec0 [ 18.821579] which belongs to the cache kmalloc-32 of size 32 [ 18.822154] page dumped because: kasan: bad access detected [ 18.826323] fff00000c770af80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.829055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.829408] Hardware name: linux,dummy-virt (DT) [ 18.831245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.833441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.835014] kunit_try_run_case+0x170/0x3f0 [ 18.836867] The buggy address is located 16 bytes inside of [ 18.836867] freed 32-byte region [fff00000c770aec0, fff00000c770aee0) [ 18.838375] fff00000c770ae00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.840687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.733116] ================================================================== [ 18.733234] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.733354] Read of size 1 at addr ffff800080a87c2a by task kunit_try_catch/249 [ 18.733405] [ 18.733441] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.733562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.733639] Hardware name: linux,dummy-virt (DT) [ 18.733673] Call trace: [ 18.733764] show_stack+0x20/0x38 (C) [ 18.733816] dump_stack_lvl+0x8c/0xd0 [ 18.733863] print_report+0x310/0x5d0 [ 18.733910] kasan_report+0xdc/0x128 [ 18.733976] __asan_report_load1_noabort+0x20/0x30 [ 18.734029] kasan_stack_oob+0x238/0x270 [ 18.734198] kunit_try_run_case+0x170/0x3f0 [ 18.734251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.734564] kthread+0x328/0x630 [ 18.734633] ret_from_fork+0x10/0x20 [ 18.734690] [ 18.734803] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.735013] and is located at offset 138 in frame: [ 18.735070] kasan_stack_oob+0x0/0x270 [ 18.735612] [ 18.735727] This frame has 4 objects: [ 18.735977] [48, 49) '__assertion' [ 18.736331] [64, 72) 'array' [ 18.736554] [96, 112) '__assertion' [ 18.736610] [128, 138) 'stack_array' [ 18.736885] [ 18.736961] The buggy address ffff800080a87c2a belongs to a vmalloc virtual mapping [ 18.737049] The buggy address belongs to the physical page: [ 18.737125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106402 [ 18.737185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.737508] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.737633] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.737702] page dumped because: kasan: bad access detected [ 18.737791] [ 18.737842] Memory state around the buggy address: [ 18.737878] ffff800080a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.738056] ffff800080a87b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.738202] >ffff800080a87c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.738290] ^ [ 18.738360] ffff800080a87c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.738489] ffff800080a87d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.738531] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.719558] ================================================================== [ 18.719684] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.719753] Read of size 1 at addr ffffb057bbd4f58d by task kunit_try_catch/245 [ 18.719824] [ 18.720177] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.720308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.720373] Hardware name: linux,dummy-virt (DT) [ 18.720408] Call trace: [ 18.720479] show_stack+0x20/0x38 (C) [ 18.720550] dump_stack_lvl+0x8c/0xd0 [ 18.720598] print_report+0x310/0x5d0 [ 18.720644] kasan_report+0xdc/0x128 [ 18.720689] __asan_report_load1_noabort+0x20/0x30 [ 18.720766] kasan_global_oob_right+0x230/0x270 [ 18.720814] kunit_try_run_case+0x170/0x3f0 [ 18.721097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.721173] kthread+0x328/0x630 [ 18.721217] ret_from_fork+0x10/0x20 [ 18.721380] [ 18.721534] The buggy address belongs to the variable: [ 18.721658] global_array+0xd/0x40 [ 18.721730] [ 18.721844] The buggy address ffffb057bbd4f58d belongs to a vmalloc virtual mapping [ 18.721931] The buggy address belongs to the physical page: [ 18.721964] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.722017] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.722084] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.722134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.722195] page dumped because: kasan: bad access detected [ 18.722227] [ 18.722245] Memory state around the buggy address: [ 18.722277] ffffb057bbd4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.722320] ffffb057bbd4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.722363] >ffffb057bbd4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.722400] ^ [ 18.722438] ffffb057bbd4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.722481] ffffb057bbd4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.722527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.709462] ================================================================== [ 18.709803] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.709872] Free of addr fff00000c7804001 by task kunit_try_catch/243 [ 18.709948] [ 18.709983] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.710063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.710090] Hardware name: linux,dummy-virt (DT) [ 18.710123] Call trace: [ 18.710169] show_stack+0x20/0x38 (C) [ 18.710256] dump_stack_lvl+0x8c/0xd0 [ 18.710312] print_report+0x118/0x5d0 [ 18.710371] kasan_report_invalid_free+0xc0/0xe8 [ 18.710447] __kasan_mempool_poison_object+0xfc/0x150 [ 18.710527] mempool_free+0x28c/0x328 [ 18.710587] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.710641] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.710693] kunit_try_run_case+0x170/0x3f0 [ 18.710885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.711226] kthread+0x328/0x630 [ 18.711340] ret_from_fork+0x10/0x20 [ 18.711503] [ 18.711572] The buggy address belongs to the physical page: [ 18.711662] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 18.711756] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.711811] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.711863] page_type: f8(unknown) [ 18.711914] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.711963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.712013] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.712063] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.712483] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff [ 18.712659] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.712793] page dumped because: kasan: bad access detected [ 18.712825] [ 18.712843] Memory state around the buggy address: [ 18.712912] fff00000c7803f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.712954] fff00000c7803f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.712997] >fff00000c7804000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.713226] ^ [ 18.713332] fff00000c7804080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.713494] fff00000c7804100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.713590] ================================================================== [ 18.697692] ================================================================== [ 18.697807] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.697881] Free of addr fff00000c7716701 by task kunit_try_catch/241 [ 18.697939] [ 18.698005] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.698086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.698114] Hardware name: linux,dummy-virt (DT) [ 18.698144] Call trace: [ 18.698167] show_stack+0x20/0x38 (C) [ 18.698225] dump_stack_lvl+0x8c/0xd0 [ 18.698272] print_report+0x118/0x5d0 [ 18.698319] kasan_report_invalid_free+0xc0/0xe8 [ 18.698370] check_slab_allocation+0xfc/0x108 [ 18.698417] __kasan_mempool_poison_object+0x78/0x150 [ 18.698469] mempool_free+0x28c/0x328 [ 18.698522] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.698583] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.698633] kunit_try_run_case+0x170/0x3f0 [ 18.698681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.698947] kthread+0x328/0x630 [ 18.699007] ret_from_fork+0x10/0x20 [ 18.699222] [ 18.699249] Allocated by task 241: [ 18.699281] kasan_save_stack+0x3c/0x68 [ 18.699373] kasan_save_track+0x20/0x40 [ 18.699413] kasan_save_alloc_info+0x40/0x58 [ 18.699452] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.699495] remove_element+0x130/0x1f8 [ 18.699532] mempool_alloc_preallocated+0x58/0xc0 [ 18.699689] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.699801] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.699865] kunit_try_run_case+0x170/0x3f0 [ 18.699947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.700025] kthread+0x328/0x630 [ 18.700099] ret_from_fork+0x10/0x20 [ 18.700135] [ 18.700157] The buggy address belongs to the object at fff00000c7716700 [ 18.700157] which belongs to the cache kmalloc-128 of size 128 [ 18.700240] The buggy address is located 1 bytes inside of [ 18.700240] 128-byte region [fff00000c7716700, fff00000c7716780) [ 18.700299] [ 18.700450] The buggy address belongs to the physical page: [ 18.700531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 18.700638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.700773] page_type: f5(slab) [ 18.700887] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.700938] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.700999] page dumped because: kasan: bad access detected [ 18.701292] [ 18.701375] Memory state around the buggy address: [ 18.701467] fff00000c7716600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.701552] fff00000c7716680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.701605] >fff00000c7716700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.701644] ^ [ 18.701945] fff00000c7716780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.702071] fff00000c7716800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.702178] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.666489] ================================================================== [ 18.666690] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.666783] Free of addr fff00000c7800000 by task kunit_try_catch/237 [ 18.666989] [ 18.667030] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.667111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.667139] Hardware name: linux,dummy-virt (DT) [ 18.667171] Call trace: [ 18.667193] show_stack+0x20/0x38 (C) [ 18.667500] dump_stack_lvl+0x8c/0xd0 [ 18.667568] print_report+0x118/0x5d0 [ 18.667693] kasan_report_invalid_free+0xc0/0xe8 [ 18.667816] __kasan_mempool_poison_object+0x14c/0x150 [ 18.667980] mempool_free+0x28c/0x328 [ 18.668065] mempool_double_free_helper+0x150/0x2e8 [ 18.668114] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.668431] kunit_try_run_case+0x170/0x3f0 [ 18.668576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.668787] kthread+0x328/0x630 [ 18.668920] ret_from_fork+0x10/0x20 [ 18.669041] [ 18.669063] The buggy address belongs to the physical page: [ 18.669243] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 18.669406] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.669565] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.669675] page_type: f8(unknown) [ 18.669749] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.670080] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.670181] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.670303] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.670419] head: 0bfffe0000000002 ffffc1ffc31e0001 00000000ffffffff 00000000ffffffff [ 18.670499] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.670745] page dumped because: kasan: bad access detected [ 18.671089] [ 18.671145] Memory state around the buggy address: [ 18.671218] fff00000c77fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.671396] fff00000c77fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.671557] >fff00000c7800000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.671721] ^ [ 18.671790] fff00000c7800080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.671878] fff00000c7800100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.671995] ================================================================== [ 18.652596] ================================================================== [ 18.652656] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.652853] Free of addr fff00000c7716300 by task kunit_try_catch/235 [ 18.652934] [ 18.653007] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.653088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.653114] Hardware name: linux,dummy-virt (DT) [ 18.653183] Call trace: [ 18.653209] show_stack+0x20/0x38 (C) [ 18.653264] dump_stack_lvl+0x8c/0xd0 [ 18.653326] print_report+0x118/0x5d0 [ 18.653393] kasan_report_invalid_free+0xc0/0xe8 [ 18.653456] check_slab_allocation+0xd4/0x108 [ 18.653506] __kasan_mempool_poison_object+0x78/0x150 [ 18.653662] mempool_free+0x28c/0x328 [ 18.653725] mempool_double_free_helper+0x150/0x2e8 [ 18.653809] mempool_kmalloc_double_free+0xc0/0x118 [ 18.653882] kunit_try_run_case+0x170/0x3f0 [ 18.653948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.654001] kthread+0x328/0x630 [ 18.654096] ret_from_fork+0x10/0x20 [ 18.654183] [ 18.654232] Allocated by task 235: [ 18.654264] kasan_save_stack+0x3c/0x68 [ 18.654304] kasan_save_track+0x20/0x40 [ 18.654351] kasan_save_alloc_info+0x40/0x58 [ 18.654390] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.654460] remove_element+0x130/0x1f8 [ 18.654627] mempool_alloc_preallocated+0x58/0xc0 [ 18.654784] mempool_double_free_helper+0x94/0x2e8 [ 18.654901] mempool_kmalloc_double_free+0xc0/0x118 [ 18.655033] kunit_try_run_case+0x170/0x3f0 [ 18.655170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.655299] kthread+0x328/0x630 [ 18.655397] ret_from_fork+0x10/0x20 [ 18.655437] [ 18.655456] Freed by task 235: [ 18.655484] kasan_save_stack+0x3c/0x68 [ 18.655541] kasan_save_track+0x20/0x40 [ 18.655579] kasan_save_free_info+0x4c/0x78 [ 18.655620] __kasan_mempool_poison_object+0xc0/0x150 [ 18.655661] mempool_free+0x28c/0x328 [ 18.655697] mempool_double_free_helper+0x100/0x2e8 [ 18.655748] mempool_kmalloc_double_free+0xc0/0x118 [ 18.655787] kunit_try_run_case+0x170/0x3f0 [ 18.656009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.656082] kthread+0x328/0x630 [ 18.656162] ret_from_fork+0x10/0x20 [ 18.656273] [ 18.656362] The buggy address belongs to the object at fff00000c7716300 [ 18.656362] which belongs to the cache kmalloc-128 of size 128 [ 18.656475] The buggy address is located 0 bytes inside of [ 18.656475] 128-byte region [fff00000c7716300, fff00000c7716380) [ 18.656542] [ 18.656564] The buggy address belongs to the physical page: [ 18.656593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 18.656916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.657064] page_type: f5(slab) [ 18.657205] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.657301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.657393] page dumped because: kasan: bad access detected [ 18.657423] [ 18.657441] Memory state around the buggy address: [ 18.657782] fff00000c7716200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.657916] fff00000c7716280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.657989] >fff00000c7716300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.658117] ^ [ 18.658177] fff00000c7716380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.658238] fff00000c7716400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.658276] ================================================================== [ 18.687920] ================================================================== [ 18.688407] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.688509] Free of addr fff00000c7804000 by task kunit_try_catch/239 [ 18.688579] [ 18.688652] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.688750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.688776] Hardware name: linux,dummy-virt (DT) [ 18.688810] Call trace: [ 18.688839] show_stack+0x20/0x38 (C) [ 18.688912] dump_stack_lvl+0x8c/0xd0 [ 18.688967] print_report+0x118/0x5d0 [ 18.689032] kasan_report_invalid_free+0xc0/0xe8 [ 18.689082] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.689175] mempool_free+0x24c/0x328 [ 18.689221] mempool_double_free_helper+0x150/0x2e8 [ 18.689342] mempool_page_alloc_double_free+0xbc/0x118 [ 18.689641] kunit_try_run_case+0x170/0x3f0 [ 18.689752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.689875] kthread+0x328/0x630 [ 18.689966] ret_from_fork+0x10/0x20 [ 18.690021] [ 18.690046] The buggy address belongs to the physical page: [ 18.690085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 18.690167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.690260] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.690367] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.690410] page dumped because: kasan: bad access detected [ 18.690439] [ 18.690458] Memory state around the buggy address: [ 18.690726] fff00000c7803f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.690835] fff00000c7803f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.690907] >fff00000c7804000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.690972] ^ [ 18.691033] fff00000c7804080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.691098] fff00000c7804100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.691231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.611957] ================================================================== [ 18.612143] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.612247] Read of size 1 at addr fff00000c7800000 by task kunit_try_catch/229 [ 18.612299] [ 18.612353] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.612464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.612513] Hardware name: linux,dummy-virt (DT) [ 18.612591] Call trace: [ 18.612617] show_stack+0x20/0x38 (C) [ 18.612751] dump_stack_lvl+0x8c/0xd0 [ 18.612837] print_report+0x118/0x5d0 [ 18.612891] kasan_report+0xdc/0x128 [ 18.612936] __asan_report_load1_noabort+0x20/0x30 [ 18.613002] mempool_uaf_helper+0x314/0x340 [ 18.613050] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.613097] kunit_try_run_case+0x170/0x3f0 [ 18.613141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.613278] kthread+0x328/0x630 [ 18.613329] ret_from_fork+0x10/0x20 [ 18.613375] [ 18.613396] The buggy address belongs to the physical page: [ 18.613457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 18.613560] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.613639] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.613693] page_type: f8(unknown) [ 18.613742] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.613820] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.613872] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.613921] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.613994] head: 0bfffe0000000002 ffffc1ffc31e0001 00000000ffffffff 00000000ffffffff [ 18.614049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.614089] page dumped because: kasan: bad access detected [ 18.614216] [ 18.614236] Memory state around the buggy address: [ 18.614269] fff00000c77fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.614328] fff00000c77fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.614370] >fff00000c7800000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.614408] ^ [ 18.614456] fff00000c7800080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.614499] fff00000c7800100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.614537] ================================================================== [ 18.644021] ================================================================== [ 18.644127] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.644233] Read of size 1 at addr fff00000c7800000 by task kunit_try_catch/233 [ 18.644285] [ 18.644342] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.644465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.644639] Hardware name: linux,dummy-virt (DT) [ 18.644732] Call trace: [ 18.644812] show_stack+0x20/0x38 (C) [ 18.644867] dump_stack_lvl+0x8c/0xd0 [ 18.644963] print_report+0x118/0x5d0 [ 18.645020] kasan_report+0xdc/0x128 [ 18.645128] __asan_report_load1_noabort+0x20/0x30 [ 18.645179] mempool_uaf_helper+0x314/0x340 [ 18.645257] mempool_page_alloc_uaf+0xc0/0x118 [ 18.645443] kunit_try_run_case+0x170/0x3f0 [ 18.645531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.645602] kthread+0x328/0x630 [ 18.645686] ret_from_fork+0x10/0x20 [ 18.645743] [ 18.645821] The buggy address belongs to the physical page: [ 18.645897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 18.646001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.646067] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.646118] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.646157] page dumped because: kasan: bad access detected [ 18.646207] [ 18.646226] Memory state around the buggy address: [ 18.646259] fff00000c77fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.646410] fff00000c77fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.646498] >fff00000c7800000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.646568] ^ [ 18.646651] fff00000c7800080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.646694] fff00000c7800100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.646742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.620521] ================================================================== [ 18.620674] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.620760] Read of size 1 at addr fff00000c7711240 by task kunit_try_catch/231 [ 18.620812] [ 18.620847] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.620930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.620955] Hardware name: linux,dummy-virt (DT) [ 18.620987] Call trace: [ 18.621047] show_stack+0x20/0x38 (C) [ 18.621102] dump_stack_lvl+0x8c/0xd0 [ 18.621193] print_report+0x118/0x5d0 [ 18.621240] kasan_report+0xdc/0x128 [ 18.621283] __asan_report_load1_noabort+0x20/0x30 [ 18.621340] mempool_uaf_helper+0x314/0x340 [ 18.621385] mempool_slab_uaf+0xc0/0x118 [ 18.621428] kunit_try_run_case+0x170/0x3f0 [ 18.621474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.621554] kthread+0x328/0x630 [ 18.621595] ret_from_fork+0x10/0x20 [ 18.621697] [ 18.621771] Allocated by task 231: [ 18.621828] kasan_save_stack+0x3c/0x68 [ 18.621869] kasan_save_track+0x20/0x40 [ 18.621914] kasan_save_alloc_info+0x40/0x58 [ 18.621955] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.622110] remove_element+0x16c/0x1f8 [ 18.622199] mempool_alloc_preallocated+0x58/0xc0 [ 18.622278] mempool_uaf_helper+0xa4/0x340 [ 18.622315] mempool_slab_uaf+0xc0/0x118 [ 18.622399] kunit_try_run_case+0x170/0x3f0 [ 18.622486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622530] kthread+0x328/0x630 [ 18.622628] ret_from_fork+0x10/0x20 [ 18.622665] [ 18.622683] Freed by task 231: [ 18.622709] kasan_save_stack+0x3c/0x68 [ 18.622781] kasan_save_track+0x20/0x40 [ 18.622826] kasan_save_free_info+0x4c/0x78 [ 18.623015] __kasan_mempool_poison_object+0xc0/0x150 [ 18.623061] mempool_free+0x28c/0x328 [ 18.623095] mempool_uaf_helper+0x104/0x340 [ 18.623142] mempool_slab_uaf+0xc0/0x118 [ 18.623241] kunit_try_run_case+0x170/0x3f0 [ 18.623333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623474] kthread+0x328/0x630 [ 18.623593] ret_from_fork+0x10/0x20 [ 18.623785] [ 18.623890] The buggy address belongs to the object at fff00000c7711240 [ 18.623890] which belongs to the cache test_cache of size 123 [ 18.624052] The buggy address is located 0 bytes inside of [ 18.624052] freed 123-byte region [fff00000c7711240, fff00000c77112bb) [ 18.624206] [ 18.624229] The buggy address belongs to the physical page: [ 18.624260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711 [ 18.624323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.624373] page_type: f5(slab) [ 18.624573] raw: 0bfffe0000000000 fff00000c1bfc640 dead000000000122 0000000000000000 [ 18.624622] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.624662] page dumped because: kasan: bad access detected [ 18.624800] [ 18.624906] Memory state around the buggy address: [ 18.624990] fff00000c7711100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.625180] fff00000c7711180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.625252] >fff00000c7711200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.625380] ^ [ 18.625475] fff00000c7711280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.625626] fff00000c7711300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625703] ================================================================== [ 18.600680] ================================================================== [ 18.600769] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.600839] Read of size 1 at addr fff00000c472cf00 by task kunit_try_catch/227 [ 18.600889] [ 18.600947] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.601035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.601070] Hardware name: linux,dummy-virt (DT) [ 18.601112] Call trace: [ 18.601136] show_stack+0x20/0x38 (C) [ 18.601189] dump_stack_lvl+0x8c/0xd0 [ 18.601241] print_report+0x118/0x5d0 [ 18.601303] kasan_report+0xdc/0x128 [ 18.601362] __asan_report_load1_noabort+0x20/0x30 [ 18.601413] mempool_uaf_helper+0x314/0x340 [ 18.601459] mempool_kmalloc_uaf+0xc4/0x120 [ 18.601504] kunit_try_run_case+0x170/0x3f0 [ 18.601553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.601615] kthread+0x328/0x630 [ 18.601659] ret_from_fork+0x10/0x20 [ 18.601726] [ 18.601747] Allocated by task 227: [ 18.601778] kasan_save_stack+0x3c/0x68 [ 18.601820] kasan_save_track+0x20/0x40 [ 18.601928] kasan_save_alloc_info+0x40/0x58 [ 18.602018] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.602086] remove_element+0x130/0x1f8 [ 18.602125] mempool_alloc_preallocated+0x58/0xc0 [ 18.602163] mempool_uaf_helper+0xa4/0x340 [ 18.602200] mempool_kmalloc_uaf+0xc4/0x120 [ 18.602237] kunit_try_run_case+0x170/0x3f0 [ 18.602275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.602317] kthread+0x328/0x630 [ 18.602350] ret_from_fork+0x10/0x20 [ 18.602386] [ 18.602430] Freed by task 227: [ 18.602458] kasan_save_stack+0x3c/0x68 [ 18.602494] kasan_save_track+0x20/0x40 [ 18.602529] kasan_save_free_info+0x4c/0x78 [ 18.602569] __kasan_mempool_poison_object+0xc0/0x150 [ 18.602722] mempool_free+0x28c/0x328 [ 18.602760] mempool_uaf_helper+0x104/0x340 [ 18.602798] mempool_kmalloc_uaf+0xc4/0x120 [ 18.602868] kunit_try_run_case+0x170/0x3f0 [ 18.603001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.603137] kthread+0x328/0x630 [ 18.603276] ret_from_fork+0x10/0x20 [ 18.603382] [ 18.603491] The buggy address belongs to the object at fff00000c472cf00 [ 18.603491] which belongs to the cache kmalloc-128 of size 128 [ 18.603553] The buggy address is located 0 bytes inside of [ 18.603553] freed 128-byte region [fff00000c472cf00, fff00000c472cf80) [ 18.603613] [ 18.603633] The buggy address belongs to the physical page: [ 18.603665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10472c [ 18.603768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.603821] page_type: f5(slab) [ 18.603882] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.603932] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 18.603972] page dumped because: kasan: bad access detected [ 18.604005] [ 18.604025] Memory state around the buggy address: [ 18.604056] fff00000c472ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.604130] fff00000c472ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.604206] >fff00000c472cf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.604315] ^ [ 18.604438] fff00000c472cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.604512] fff00000c472d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.604622] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.526292] ================================================================== [ 18.526365] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.526444] Read of size 1 at addr fff00000c472cb73 by task kunit_try_catch/221 [ 18.526495] [ 18.526539] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.526625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.526652] Hardware name: linux,dummy-virt (DT) [ 18.526689] Call trace: [ 18.526727] show_stack+0x20/0x38 (C) [ 18.526781] dump_stack_lvl+0x8c/0xd0 [ 18.526832] print_report+0x118/0x5d0 [ 18.526999] kasan_report+0xdc/0x128 [ 18.527044] __asan_report_load1_noabort+0x20/0x30 [ 18.527095] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.527143] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.527191] kunit_try_run_case+0x170/0x3f0 [ 18.527241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.527293] kthread+0x328/0x630 [ 18.527335] ret_from_fork+0x10/0x20 [ 18.527385] [ 18.527404] Allocated by task 221: [ 18.527436] kasan_save_stack+0x3c/0x68 [ 18.527477] kasan_save_track+0x20/0x40 [ 18.527514] kasan_save_alloc_info+0x40/0x58 [ 18.527554] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.527598] remove_element+0x130/0x1f8 [ 18.527635] mempool_alloc_preallocated+0x58/0xc0 [ 18.527674] mempool_oob_right_helper+0x98/0x2f0 [ 18.527727] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.527769] kunit_try_run_case+0x170/0x3f0 [ 18.527808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.527850] kthread+0x328/0x630 [ 18.527883] ret_from_fork+0x10/0x20 [ 18.527918] [ 18.527939] The buggy address belongs to the object at fff00000c472cb00 [ 18.527939] which belongs to the cache kmalloc-128 of size 128 [ 18.527998] The buggy address is located 0 bytes to the right of [ 18.527998] allocated 115-byte region [fff00000c472cb00, fff00000c472cb73) [ 18.528060] [ 18.528082] The buggy address belongs to the physical page: [ 18.528116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10472c [ 18.528171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.528224] page_type: f5(slab) [ 18.528268] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.528317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.528358] page dumped because: kasan: bad access detected [ 18.528388] [ 18.528406] Memory state around the buggy address: [ 18.528440] fff00000c472ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.528484] fff00000c472ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.528527] >fff00000c472cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.528566] ^ [ 18.528606] fff00000c472cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.528648] fff00000c472cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.528686] ================================================================== [ 18.542302] ================================================================== [ 18.542366] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.543007] Read of size 1 at addr fff00000c646e001 by task kunit_try_catch/223 [ 18.543090] [ 18.543130] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.543736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.543786] Hardware name: linux,dummy-virt (DT) [ 18.543821] Call trace: [ 18.544016] show_stack+0x20/0x38 (C) [ 18.544604] dump_stack_lvl+0x8c/0xd0 [ 18.544676] print_report+0x118/0x5d0 [ 18.544733] kasan_report+0xdc/0x128 [ 18.545191] __asan_report_load1_noabort+0x20/0x30 [ 18.545259] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.545371] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.545425] kunit_try_run_case+0x170/0x3f0 [ 18.545474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.546229] kthread+0x328/0x630 [ 18.546675] ret_from_fork+0x10/0x20 [ 18.546862] [ 18.546884] The buggy address belongs to the physical page: [ 18.546920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10646c [ 18.546978] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.547567] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.547936] page_type: f8(unknown) [ 18.547981] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.548294] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.548415] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.548467] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.548517] head: 0bfffe0000000002 ffffc1ffc3191b01 00000000ffffffff 00000000ffffffff [ 18.548985] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.549047] page dumped because: kasan: bad access detected [ 18.549082] [ 18.549121] Memory state around the buggy address: [ 18.549200] fff00000c646df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.549245] fff00000c646df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.549288] >fff00000c646e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.549814] ^ [ 18.549850] fff00000c646e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.549894] fff00000c646e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.550189] ================================================================== [ 18.565469] ================================================================== [ 18.565763] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.566146] Read of size 1 at addr fff00000c64182bb by task kunit_try_catch/225 [ 18.566227] [ 18.566930] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.567106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.567457] Hardware name: linux,dummy-virt (DT) [ 18.567500] Call trace: [ 18.567524] show_stack+0x20/0x38 (C) [ 18.567844] dump_stack_lvl+0x8c/0xd0 [ 18.568014] print_report+0x118/0x5d0 [ 18.568210] kasan_report+0xdc/0x128 [ 18.568489] __asan_report_load1_noabort+0x20/0x30 [ 18.568962] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.569061] mempool_slab_oob_right+0xc0/0x118 [ 18.569110] kunit_try_run_case+0x170/0x3f0 [ 18.569159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.569682] kthread+0x328/0x630 [ 18.570487] ret_from_fork+0x10/0x20 [ 18.570806] [ 18.570949] Allocated by task 225: [ 18.570990] kasan_save_stack+0x3c/0x68 [ 18.571037] kasan_save_track+0x20/0x40 [ 18.571120] kasan_save_alloc_info+0x40/0x58 [ 18.571171] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.571216] remove_element+0x16c/0x1f8 [ 18.571258] mempool_alloc_preallocated+0x58/0xc0 [ 18.571296] mempool_oob_right_helper+0x98/0x2f0 [ 18.571598] mempool_slab_oob_right+0xc0/0x118 [ 18.571817] kunit_try_run_case+0x170/0x3f0 [ 18.571924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.572125] kthread+0x328/0x630 [ 18.572161] ret_from_fork+0x10/0x20 [ 18.572197] [ 18.572843] The buggy address belongs to the object at fff00000c6418240 [ 18.572843] which belongs to the cache test_cache of size 123 [ 18.573009] The buggy address is located 0 bytes to the right of [ 18.573009] allocated 123-byte region [fff00000c6418240, fff00000c64182bb) [ 18.573159] [ 18.573181] The buggy address belongs to the physical page: [ 18.573751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106418 [ 18.574001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.574460] page_type: f5(slab) [ 18.574671] raw: 0bfffe0000000000 fff00000c1bfc500 dead000000000122 0000000000000000 [ 18.575006] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.575287] page dumped because: kasan: bad access detected [ 18.575367] [ 18.575589] Memory state around the buggy address: [ 18.575632] fff00000c6418180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.575679] fff00000c6418200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.575736] >fff00000c6418280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.575776] ^ [ 18.575813] fff00000c6418300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575855] fff00000c6418380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575895] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.965555] ================================================================== [ 17.965632] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 17.965709] Read of size 1 at addr fff00000c56bda00 by task kunit_try_catch/215 [ 17.966064] [ 17.966939] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.967057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.967138] Hardware name: linux,dummy-virt (DT) [ 17.967379] Call trace: [ 17.967488] show_stack+0x20/0x38 (C) [ 17.967590] dump_stack_lvl+0x8c/0xd0 [ 17.967673] print_report+0x118/0x5d0 [ 17.967730] kasan_report+0xdc/0x128 [ 17.967776] __kasan_check_byte+0x54/0x70 [ 17.967848] kmem_cache_destroy+0x34/0x218 [ 17.967897] kmem_cache_double_destroy+0x174/0x300 [ 17.968144] kunit_try_run_case+0x170/0x3f0 [ 17.968678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.968861] kthread+0x328/0x630 [ 17.968912] ret_from_fork+0x10/0x20 [ 17.969384] [ 17.969411] Allocated by task 215: [ 17.969627] kasan_save_stack+0x3c/0x68 [ 17.969723] kasan_save_track+0x20/0x40 [ 17.969882] kasan_save_alloc_info+0x40/0x58 [ 17.970000] __kasan_slab_alloc+0xa8/0xb0 [ 17.970068] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.970111] __kmem_cache_create_args+0x178/0x280 [ 17.970314] kmem_cache_double_destroy+0xc0/0x300 [ 17.970415] kunit_try_run_case+0x170/0x3f0 [ 17.970589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.970707] kthread+0x328/0x630 [ 17.970775] ret_from_fork+0x10/0x20 [ 17.970995] [ 17.971097] Freed by task 215: [ 17.971208] kasan_save_stack+0x3c/0x68 [ 17.971254] kasan_save_track+0x20/0x40 [ 17.971299] kasan_save_free_info+0x4c/0x78 [ 17.971502] __kasan_slab_free+0x6c/0x98 [ 17.971596] kmem_cache_free+0x260/0x468 [ 17.971661] slab_kmem_cache_release+0x38/0x50 [ 17.971941] kmem_cache_release+0x1c/0x30 [ 17.971992] kobject_put+0x17c/0x420 [ 17.972214] sysfs_slab_release+0x1c/0x30 [ 17.972366] kmem_cache_destroy+0x118/0x218 [ 17.972548] kmem_cache_double_destroy+0x128/0x300 [ 17.972741] kunit_try_run_case+0x170/0x3f0 [ 17.972962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.973042] kthread+0x328/0x630 [ 17.973083] ret_from_fork+0x10/0x20 [ 17.973120] [ 17.973180] The buggy address belongs to the object at fff00000c56bda00 [ 17.973180] which belongs to the cache kmem_cache of size 208 [ 17.973264] The buggy address is located 0 bytes inside of [ 17.973264] freed 208-byte region [fff00000c56bda00, fff00000c56bdad0) [ 17.973329] [ 17.973352] The buggy address belongs to the physical page: [ 17.973386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056bd [ 17.973451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.973504] page_type: f5(slab) [ 17.973547] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 17.973608] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.973650] page dumped because: kasan: bad access detected [ 17.973683] [ 17.973702] Memory state around the buggy address: [ 17.973749] fff00000c56bd900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.973802] fff00000c56bd980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973854] >fff00000c56bda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.973902] ^ [ 17.973930] fff00000c56bda80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.973980] fff00000c56bdb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974024] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.787481] ================================================================== [ 17.787581] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.787659] Read of size 1 at addr fff00000c775f000 by task kunit_try_catch/213 [ 17.787730] [ 17.787874] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.788056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.788084] Hardware name: linux,dummy-virt (DT) [ 17.788118] Call trace: [ 17.788141] show_stack+0x20/0x38 (C) [ 17.788197] dump_stack_lvl+0x8c/0xd0 [ 17.788370] print_report+0x118/0x5d0 [ 17.788546] kasan_report+0xdc/0x128 [ 17.788686] __asan_report_load1_noabort+0x20/0x30 [ 17.788765] kmem_cache_rcu_uaf+0x388/0x468 [ 17.788813] kunit_try_run_case+0x170/0x3f0 [ 17.788862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.788915] kthread+0x328/0x630 [ 17.788958] ret_from_fork+0x10/0x20 [ 17.789006] [ 17.789024] Allocated by task 213: [ 17.789056] kasan_save_stack+0x3c/0x68 [ 17.789100] kasan_save_track+0x20/0x40 [ 17.789144] kasan_save_alloc_info+0x40/0x58 [ 17.789370] __kasan_slab_alloc+0xa8/0xb0 [ 17.789585] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.789645] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.790418] kunit_try_run_case+0x170/0x3f0 [ 17.790515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.790630] kthread+0x328/0x630 [ 17.790737] ret_from_fork+0x10/0x20 [ 17.790860] [ 17.790883] Freed by task 0: [ 17.790911] kasan_save_stack+0x3c/0x68 [ 17.790951] kasan_save_track+0x20/0x40 [ 17.791303] kasan_save_free_info+0x4c/0x78 [ 17.791346] __kasan_slab_free+0x6c/0x98 [ 17.791381] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.791422] rcu_core+0x9f4/0x1e20 [ 17.791459] rcu_core_si+0x18/0x30 [ 17.791525] handle_softirqs+0x374/0xb28 [ 17.791583] __do_softirq+0x1c/0x28 [ 17.791982] [ 17.792002] Last potentially related work creation: [ 17.792031] kasan_save_stack+0x3c/0x68 [ 17.792069] kasan_record_aux_stack+0xb4/0xc8 [ 17.792110] kmem_cache_free+0x120/0x468 [ 17.792147] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.792184] kunit_try_run_case+0x170/0x3f0 [ 17.792221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.792264] kthread+0x328/0x630 [ 17.792294] ret_from_fork+0x10/0x20 [ 17.792329] [ 17.792348] The buggy address belongs to the object at fff00000c775f000 [ 17.792348] which belongs to the cache test_cache of size 200 [ 17.792438] The buggy address is located 0 bytes inside of [ 17.792438] freed 200-byte region [fff00000c775f000, fff00000c775f0c8) [ 17.792512] [ 17.792536] The buggy address belongs to the physical page: [ 17.792596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775f [ 17.792653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.792707] page_type: f5(slab) [ 17.792763] raw: 0bfffe0000000000 fff00000c56bd8c0 dead000000000122 0000000000000000 [ 17.792814] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.792855] page dumped because: kasan: bad access detected [ 17.792886] [ 17.792903] Memory state around the buggy address: [ 17.792937] fff00000c775ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.792982] fff00000c775ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793052] >fff00000c775f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.793250] ^ [ 17.793291] fff00000c775f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.793337] fff00000c775f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.149276] ================================================================== [ 17.149351] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.149419] Free of addr fff00000c775e001 by task kunit_try_catch/211 [ 17.149465] [ 17.149821] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.150044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.150238] Hardware name: linux,dummy-virt (DT) [ 17.150282] Call trace: [ 17.150322] show_stack+0x20/0x38 (C) [ 17.150383] dump_stack_lvl+0x8c/0xd0 [ 17.150436] print_report+0x118/0x5d0 [ 17.150491] kasan_report_invalid_free+0xc0/0xe8 [ 17.150543] check_slab_allocation+0xfc/0x108 [ 17.150590] __kasan_slab_pre_free+0x2c/0x48 [ 17.150695] kmem_cache_free+0xf0/0x468 [ 17.150788] kmem_cache_invalid_free+0x184/0x3c8 [ 17.150974] kunit_try_run_case+0x170/0x3f0 [ 17.151077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.151142] kthread+0x328/0x630 [ 17.151187] ret_from_fork+0x10/0x20 [ 17.151374] [ 17.151424] Allocated by task 211: [ 17.151500] kasan_save_stack+0x3c/0x68 [ 17.151614] kasan_save_track+0x20/0x40 [ 17.151722] kasan_save_alloc_info+0x40/0x58 [ 17.151832] __kasan_slab_alloc+0xa8/0xb0 [ 17.151915] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.151985] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.152025] kunit_try_run_case+0x170/0x3f0 [ 17.152062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.152125] kthread+0x328/0x630 [ 17.152158] ret_from_fork+0x10/0x20 [ 17.152194] [ 17.152213] The buggy address belongs to the object at fff00000c775e000 [ 17.152213] which belongs to the cache test_cache of size 200 [ 17.152273] The buggy address is located 1 bytes inside of [ 17.152273] 200-byte region [fff00000c775e000, fff00000c775e0c8) [ 17.152516] [ 17.152608] The buggy address belongs to the physical page: [ 17.152758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775e [ 17.152872] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.153017] page_type: f5(slab) [ 17.153143] raw: 0bfffe0000000000 fff00000c56bd780 dead000000000122 0000000000000000 [ 17.153512] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.153577] page dumped because: kasan: bad access detected [ 17.153738] [ 17.153794] Memory state around the buggy address: [ 17.153950] fff00000c775df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154040] fff00000c775df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154130] >fff00000c775e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.154226] ^ [ 17.154345] fff00000c775e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.154442] fff00000c775e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154487] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.122397] ================================================================== [ 17.122479] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.122553] Free of addr fff00000c775c000 by task kunit_try_catch/209 [ 17.122613] [ 17.122675] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.122800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.122914] Hardware name: linux,dummy-virt (DT) [ 17.122956] Call trace: [ 17.122980] show_stack+0x20/0x38 (C) [ 17.123168] dump_stack_lvl+0x8c/0xd0 [ 17.123249] print_report+0x118/0x5d0 [ 17.123379] kasan_report_invalid_free+0xc0/0xe8 [ 17.123464] check_slab_allocation+0xd4/0x108 [ 17.123545] __kasan_slab_pre_free+0x2c/0x48 [ 17.123614] kmem_cache_free+0xf0/0x468 [ 17.123661] kmem_cache_double_free+0x190/0x3c8 [ 17.123710] kunit_try_run_case+0x170/0x3f0 [ 17.123797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.123968] kthread+0x328/0x630 [ 17.124096] ret_from_fork+0x10/0x20 [ 17.124210] [ 17.124247] Allocated by task 209: [ 17.124353] kasan_save_stack+0x3c/0x68 [ 17.124482] kasan_save_track+0x20/0x40 [ 17.124550] kasan_save_alloc_info+0x40/0x58 [ 17.124637] __kasan_slab_alloc+0xa8/0xb0 [ 17.124752] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.124851] kmem_cache_double_free+0x12c/0x3c8 [ 17.124945] kunit_try_run_case+0x170/0x3f0 [ 17.125043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.125118] kthread+0x328/0x630 [ 17.125152] ret_from_fork+0x10/0x20 [ 17.125199] [ 17.125347] Freed by task 209: [ 17.125520] kasan_save_stack+0x3c/0x68 [ 17.125615] kasan_save_track+0x20/0x40 [ 17.125746] kasan_save_free_info+0x4c/0x78 [ 17.125849] __kasan_slab_free+0x6c/0x98 [ 17.125915] kmem_cache_free+0x260/0x468 [ 17.125950] kmem_cache_double_free+0x140/0x3c8 [ 17.125988] kunit_try_run_case+0x170/0x3f0 [ 17.126025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.126068] kthread+0x328/0x630 [ 17.126277] ret_from_fork+0x10/0x20 [ 17.126340] [ 17.126370] The buggy address belongs to the object at fff00000c775c000 [ 17.126370] which belongs to the cache test_cache of size 200 [ 17.126483] The buggy address is located 0 bytes inside of [ 17.126483] 200-byte region [fff00000c775c000, fff00000c775c0c8) [ 17.126565] [ 17.126607] The buggy address belongs to the physical page: [ 17.126652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775c [ 17.126709] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.126774] page_type: f5(slab) [ 17.126880] raw: 0bfffe0000000000 fff00000c56bd640 dead000000000122 0000000000000000 [ 17.126959] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.127100] page dumped because: kasan: bad access detected [ 17.127220] [ 17.127239] Memory state around the buggy address: [ 17.127276] fff00000c775bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.127319] fff00000c775bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.127364] >fff00000c775c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.127403] ^ [ 17.127431] fff00000c775c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.127474] fff00000c775c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.127511] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.061941] ================================================================== [ 17.062073] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.062394] Read of size 1 at addr fff00000c775a0c8 by task kunit_try_catch/207 [ 17.062446] [ 17.062488] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.063117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.063150] Hardware name: linux,dummy-virt (DT) [ 17.063185] Call trace: [ 17.063210] show_stack+0x20/0x38 (C) [ 17.063263] dump_stack_lvl+0x8c/0xd0 [ 17.063313] print_report+0x118/0x5d0 [ 17.063361] kasan_report+0xdc/0x128 [ 17.063409] __asan_report_load1_noabort+0x20/0x30 [ 17.064088] kmem_cache_oob+0x344/0x430 [ 17.064145] kunit_try_run_case+0x170/0x3f0 [ 17.064197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.064248] kthread+0x328/0x630 [ 17.064291] ret_from_fork+0x10/0x20 [ 17.064341] [ 17.064360] Allocated by task 207: [ 17.064400] kasan_save_stack+0x3c/0x68 [ 17.064442] kasan_save_track+0x20/0x40 [ 17.064480] kasan_save_alloc_info+0x40/0x58 [ 17.064872] __kasan_slab_alloc+0xa8/0xb0 [ 17.065039] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.065080] kmem_cache_oob+0x12c/0x430 [ 17.065116] kunit_try_run_case+0x170/0x3f0 [ 17.065532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.065644] kthread+0x328/0x630 [ 17.065696] ret_from_fork+0x10/0x20 [ 17.065816] [ 17.065836] The buggy address belongs to the object at fff00000c775a000 [ 17.065836] which belongs to the cache test_cache of size 200 [ 17.065894] The buggy address is located 0 bytes to the right of [ 17.065894] allocated 200-byte region [fff00000c775a000, fff00000c775a0c8) [ 17.065957] [ 17.065979] The buggy address belongs to the physical page: [ 17.066011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 17.066079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.066130] page_type: f5(slab) [ 17.066588] raw: 0bfffe0000000000 fff00000c56bd500 dead000000000122 0000000000000000 [ 17.066644] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.066686] page dumped because: kasan: bad access detected [ 17.066731] [ 17.066759] Memory state around the buggy address: [ 17.066791] fff00000c7759f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.066842] fff00000c775a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.067268] >fff00000c775a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.067374] ^ [ 17.067439] fff00000c775a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.067542] fff00000c775a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.067581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.019142] ================================================================== [ 17.019232] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.019549] Read of size 8 at addr fff00000c7756140 by task kunit_try_catch/200 [ 17.019601] [ 17.019642] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.019740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.019766] Hardware name: linux,dummy-virt (DT) [ 17.019933] Call trace: [ 17.019967] show_stack+0x20/0x38 (C) [ 17.020226] dump_stack_lvl+0x8c/0xd0 [ 17.020278] print_report+0x118/0x5d0 [ 17.020325] kasan_report+0xdc/0x128 [ 17.020370] __asan_report_load8_noabort+0x20/0x30 [ 17.020423] workqueue_uaf+0x480/0x4a8 [ 17.020467] kunit_try_run_case+0x170/0x3f0 [ 17.020516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.021610] kthread+0x328/0x630 [ 17.021693] ret_from_fork+0x10/0x20 [ 17.022237] [ 17.022265] Allocated by task 200: [ 17.022391] kasan_save_stack+0x3c/0x68 [ 17.022441] kasan_save_track+0x20/0x40 [ 17.022845] kasan_save_alloc_info+0x40/0x58 [ 17.022899] __kasan_kmalloc+0xd4/0xd8 [ 17.022945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.023125] workqueue_uaf+0x13c/0x4a8 [ 17.023181] kunit_try_run_case+0x170/0x3f0 [ 17.023222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.023266] kthread+0x328/0x630 [ 17.023298] ret_from_fork+0x10/0x20 [ 17.023335] [ 17.023355] Freed by task 75: [ 17.023383] kasan_save_stack+0x3c/0x68 [ 17.023421] kasan_save_track+0x20/0x40 [ 17.023460] kasan_save_free_info+0x4c/0x78 [ 17.023498] __kasan_slab_free+0x6c/0x98 [ 17.023534] kfree+0x214/0x3c8 [ 17.024343] workqueue_uaf_work+0x18/0x30 [ 17.024422] process_one_work+0x530/0xf98 [ 17.024799] worker_thread+0x618/0xf38 [ 17.024860] kthread+0x328/0x630 [ 17.025189] ret_from_fork+0x10/0x20 [ 17.025242] [ 17.025269] Last potentially related work creation: [ 17.025309] kasan_save_stack+0x3c/0x68 [ 17.025350] kasan_record_aux_stack+0xb4/0xc8 [ 17.025774] __queue_work+0x65c/0x1008 [ 17.025865] queue_work_on+0xbc/0xf8 [ 17.026138] workqueue_uaf+0x210/0x4a8 [ 17.026412] kunit_try_run_case+0x170/0x3f0 [ 17.026462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.026976] kthread+0x328/0x630 [ 17.027192] ret_from_fork+0x10/0x20 [ 17.027239] [ 17.027262] The buggy address belongs to the object at fff00000c7756140 [ 17.027262] which belongs to the cache kmalloc-32 of size 32 [ 17.027324] The buggy address is located 0 bytes inside of [ 17.027324] freed 32-byte region [fff00000c7756140, fff00000c7756160) [ 17.027774] [ 17.027799] The buggy address belongs to the physical page: [ 17.028046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107756 [ 17.028107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.028162] page_type: f5(slab) [ 17.028810] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.029188] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.029484] page dumped because: kasan: bad access detected [ 17.030027] [ 17.030126] Memory state around the buggy address: [ 17.030315] fff00000c7756000: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 17.030382] fff00000c7756080: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.030425] >fff00000c7756100: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.030864] ^ [ 17.030917] fff00000c7756180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031225] fff00000c7756200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031267] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 16.964756] ================================================================== [ 16.964892] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 16.964961] Read of size 4 at addr fff00000c771ff40 by task swapper/0/0 [ 16.965008] [ 16.965049] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.965130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.965157] Hardware name: linux,dummy-virt (DT) [ 16.968369] Call trace: [ 16.968416] show_stack+0x20/0x38 (C) [ 16.968821] dump_stack_lvl+0x8c/0xd0 [ 16.969634] print_report+0x118/0x5d0 [ 16.970371] kasan_report+0xdc/0x128 [ 16.970507] __asan_report_load4_noabort+0x20/0x30 [ 16.970559] rcu_uaf_reclaim+0x64/0x70 [ 16.970605] rcu_core+0x9f4/0x1e20 [ 16.971248] rcu_core_si+0x18/0x30 [ 16.971848] handle_softirqs+0x374/0xb28 [ 16.972414] __do_softirq+0x1c/0x28 [ 16.972756] ____do_softirq+0x18/0x30 [ 16.973291] call_on_irq_stack+0x24/0x30 [ 16.973374] do_softirq_own_stack+0x24/0x38 [ 16.973422] __irq_exit_rcu+0x1fc/0x318 [ 16.974407] irq_exit_rcu+0x1c/0x80 [ 16.974563] el1_interrupt+0x38/0x58 [ 16.974847] el1h_64_irq_handler+0x18/0x28 [ 16.975163] el1h_64_irq+0x6c/0x70 [ 16.975282] arch_local_irq_enable+0x4/0x8 (P) [ 16.975996] do_idle+0x384/0x4e8 [ 16.976585] cpu_startup_entry+0x64/0x80 [ 16.977428] rest_init+0x160/0x188 [ 16.978023] start_kernel+0x30c/0x3d0 [ 16.978670] __primary_switched+0x8c/0xa0 [ 16.978893] [ 16.979194] Allocated by task 198: [ 16.979236] kasan_save_stack+0x3c/0x68 [ 16.979732] kasan_save_track+0x20/0x40 [ 16.979785] kasan_save_alloc_info+0x40/0x58 [ 16.979826] __kasan_kmalloc+0xd4/0xd8 [ 16.979863] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.979902] rcu_uaf+0xb0/0x2d8 [ 16.979934] kunit_try_run_case+0x170/0x3f0 [ 16.980275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.980354] kthread+0x328/0x630 [ 16.980555] ret_from_fork+0x10/0x20 [ 16.980621] [ 16.981505] Freed by task 0: [ 16.981543] kasan_save_stack+0x3c/0x68 [ 16.981597] kasan_save_track+0x20/0x40 [ 16.981635] kasan_save_free_info+0x4c/0x78 [ 16.981676] __kasan_slab_free+0x6c/0x98 [ 16.981724] kfree+0x214/0x3c8 [ 16.981763] rcu_uaf_reclaim+0x28/0x70 [ 16.981799] rcu_core+0x9f4/0x1e20 [ 16.981833] rcu_core_si+0x18/0x30 [ 16.981871] handle_softirqs+0x374/0xb28 [ 16.981910] __do_softirq+0x1c/0x28 [ 16.982878] [ 16.982922] Last potentially related work creation: [ 16.982997] kasan_save_stack+0x3c/0x68 [ 16.983212] kasan_record_aux_stack+0xb4/0xc8 [ 16.983257] __call_rcu_common.constprop.0+0x74/0x8c8 [ 16.983299] call_rcu+0x18/0x30 [ 16.983331] rcu_uaf+0x14c/0x2d8 [ 16.983365] kunit_try_run_case+0x170/0x3f0 [ 16.983644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.983703] kthread+0x328/0x630 [ 16.983961] ret_from_fork+0x10/0x20 [ 16.984243] [ 16.984404] The buggy address belongs to the object at fff00000c771ff40 [ 16.984404] which belongs to the cache kmalloc-32 of size 32 [ 16.984469] The buggy address is located 0 bytes inside of [ 16.984469] freed 32-byte region [fff00000c771ff40, fff00000c771ff60) [ 16.984530] [ 16.985182] The buggy address belongs to the physical page: [ 16.985352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771f [ 16.985412] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.986101] page_type: f5(slab) [ 16.986263] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.986790] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.986853] page dumped because: kasan: bad access detected [ 16.986956] [ 16.987228] Memory state around the buggy address: [ 16.987273] fff00000c771fe00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.987317] fff00000c771fe80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 16.987464] >fff00000c771ff00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 16.987738] ^ [ 16.987965] fff00000c771ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.988009] fff00000c7720000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.988292] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.863650] ================================================================== [ 16.863728] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.863780] Read of size 1 at addr fff00000c771d500 by task kunit_try_catch/196 [ 16.863829] [ 16.863865] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.863947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.863974] Hardware name: linux,dummy-virt (DT) [ 16.864303] Call trace: [ 16.864340] show_stack+0x20/0x38 (C) [ 16.864394] dump_stack_lvl+0x8c/0xd0 [ 16.864442] print_report+0x118/0x5d0 [ 16.864532] kasan_report+0xdc/0x128 [ 16.864579] __kasan_check_byte+0x54/0x70 [ 16.864626] ksize+0x30/0x88 [ 16.864667] ksize_uaf+0x168/0x5f8 [ 16.864878] kunit_try_run_case+0x170/0x3f0 [ 16.864969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.865065] kthread+0x328/0x630 [ 16.865174] ret_from_fork+0x10/0x20 [ 16.865254] [ 16.865274] Allocated by task 196: [ 16.865358] kasan_save_stack+0x3c/0x68 [ 16.865491] kasan_save_track+0x20/0x40 [ 16.865601] kasan_save_alloc_info+0x40/0x58 [ 16.865780] __kasan_kmalloc+0xd4/0xd8 [ 16.865847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.865888] ksize_uaf+0xb8/0x5f8 [ 16.865921] kunit_try_run_case+0x170/0x3f0 [ 16.865959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.866232] kthread+0x328/0x630 [ 16.866321] ret_from_fork+0x10/0x20 [ 16.866358] [ 16.866433] Freed by task 196: [ 16.866569] kasan_save_stack+0x3c/0x68 [ 16.866623] kasan_save_track+0x20/0x40 [ 16.866772] kasan_save_free_info+0x4c/0x78 [ 16.866879] __kasan_slab_free+0x6c/0x98 [ 16.866927] kfree+0x214/0x3c8 [ 16.866961] ksize_uaf+0x11c/0x5f8 [ 16.867006] kunit_try_run_case+0x170/0x3f0 [ 16.867102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.867158] kthread+0x328/0x630 [ 16.867222] ret_from_fork+0x10/0x20 [ 16.867259] [ 16.867280] The buggy address belongs to the object at fff00000c771d500 [ 16.867280] which belongs to the cache kmalloc-128 of size 128 [ 16.867481] The buggy address is located 0 bytes inside of [ 16.867481] freed 128-byte region [fff00000c771d500, fff00000c771d580) [ 16.867542] [ 16.867563] The buggy address belongs to the physical page: [ 16.867594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.867854] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.867951] page_type: f5(slab) [ 16.868059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.868143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.868196] page dumped because: kasan: bad access detected [ 16.868261] [ 16.868348] Memory state around the buggy address: [ 16.868404] fff00000c771d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.868464] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868542] >fff00000c771d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.868580] ^ [ 16.868610] fff00000c771d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868653] fff00000c771d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868819] ================================================================== [ 16.878217] ================================================================== [ 16.878272] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.878319] Read of size 1 at addr fff00000c771d578 by task kunit_try_catch/196 [ 16.878369] [ 16.878400] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.878481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.878508] Hardware name: linux,dummy-virt (DT) [ 16.878538] Call trace: [ 16.878561] show_stack+0x20/0x38 (C) [ 16.878621] dump_stack_lvl+0x8c/0xd0 [ 16.878667] print_report+0x118/0x5d0 [ 16.878728] kasan_report+0xdc/0x128 [ 16.878772] __asan_report_load1_noabort+0x20/0x30 [ 16.878839] ksize_uaf+0x544/0x5f8 [ 16.878889] kunit_try_run_case+0x170/0x3f0 [ 16.878935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.878997] kthread+0x328/0x630 [ 16.879040] ret_from_fork+0x10/0x20 [ 16.879093] [ 16.879112] Allocated by task 196: [ 16.879140] kasan_save_stack+0x3c/0x68 [ 16.879180] kasan_save_track+0x20/0x40 [ 16.879218] kasan_save_alloc_info+0x40/0x58 [ 16.879258] __kasan_kmalloc+0xd4/0xd8 [ 16.879293] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.879331] ksize_uaf+0xb8/0x5f8 [ 16.879364] kunit_try_run_case+0x170/0x3f0 [ 16.879401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.879442] kthread+0x328/0x630 [ 16.879474] ret_from_fork+0x10/0x20 [ 16.879510] [ 16.879527] Freed by task 196: [ 16.879552] kasan_save_stack+0x3c/0x68 [ 16.879597] kasan_save_track+0x20/0x40 [ 16.879634] kasan_save_free_info+0x4c/0x78 [ 16.879673] __kasan_slab_free+0x6c/0x98 [ 16.879709] kfree+0x214/0x3c8 [ 16.880337] ksize_uaf+0x11c/0x5f8 [ 16.880406] kunit_try_run_case+0x170/0x3f0 [ 16.880444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.880488] kthread+0x328/0x630 [ 16.880664] ret_from_fork+0x10/0x20 [ 16.880702] [ 16.880738] The buggy address belongs to the object at fff00000c771d500 [ 16.880738] which belongs to the cache kmalloc-128 of size 128 [ 16.880846] The buggy address is located 120 bytes inside of [ 16.880846] freed 128-byte region [fff00000c771d500, fff00000c771d580) [ 16.881004] [ 16.881093] The buggy address belongs to the physical page: [ 16.881191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.881275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.881327] page_type: f5(slab) [ 16.881365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.881450] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.881581] page dumped because: kasan: bad access detected [ 16.881682] [ 16.881737] Memory state around the buggy address: [ 16.881824] fff00000c771d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.881907] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.882035] >fff00000c771d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.882083] ^ [ 16.882173] fff00000c771d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.882215] fff00000c771d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.882450] ================================================================== [ 16.870006] ================================================================== [ 16.870061] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.870108] Read of size 1 at addr fff00000c771d500 by task kunit_try_catch/196 [ 16.870339] [ 16.870418] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.870506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.870552] Hardware name: linux,dummy-virt (DT) [ 16.870609] Call trace: [ 16.870686] show_stack+0x20/0x38 (C) [ 16.870750] dump_stack_lvl+0x8c/0xd0 [ 16.870882] print_report+0x118/0x5d0 [ 16.871006] kasan_report+0xdc/0x128 [ 16.871073] __asan_report_load1_noabort+0x20/0x30 [ 16.871185] ksize_uaf+0x598/0x5f8 [ 16.871249] kunit_try_run_case+0x170/0x3f0 [ 16.871330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.871381] kthread+0x328/0x630 [ 16.871605] ret_from_fork+0x10/0x20 [ 16.871655] [ 16.871673] Allocated by task 196: [ 16.871702] kasan_save_stack+0x3c/0x68 [ 16.871998] kasan_save_track+0x20/0x40 [ 16.872123] kasan_save_alloc_info+0x40/0x58 [ 16.872166] __kasan_kmalloc+0xd4/0xd8 [ 16.872265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.872336] ksize_uaf+0xb8/0x5f8 [ 16.872371] kunit_try_run_case+0x170/0x3f0 [ 16.872459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.872585] kthread+0x328/0x630 [ 16.872663] ret_from_fork+0x10/0x20 [ 16.872742] [ 16.872762] Freed by task 196: [ 16.872867] kasan_save_stack+0x3c/0x68 [ 16.872906] kasan_save_track+0x20/0x40 [ 16.872944] kasan_save_free_info+0x4c/0x78 [ 16.872983] __kasan_slab_free+0x6c/0x98 [ 16.873021] kfree+0x214/0x3c8 [ 16.873466] ksize_uaf+0x11c/0x5f8 [ 16.873866] kunit_try_run_case+0x170/0x3f0 [ 16.873951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.874074] kthread+0x328/0x630 [ 16.874220] ret_from_fork+0x10/0x20 [ 16.874345] [ 16.874472] The buggy address belongs to the object at fff00000c771d500 [ 16.874472] which belongs to the cache kmalloc-128 of size 128 [ 16.874532] The buggy address is located 0 bytes inside of [ 16.874532] freed 128-byte region [fff00000c771d500, fff00000c771d580) [ 16.874831] [ 16.874859] The buggy address belongs to the physical page: [ 16.874980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.875071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.875506] page_type: f5(slab) [ 16.875634] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.875757] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.875845] page dumped because: kasan: bad access detected [ 16.875919] [ 16.875940] Memory state around the buggy address: [ 16.875973] fff00000c771d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.876031] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876077] >fff00000c771d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.876410] ^ [ 16.876692] fff00000c771d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876965] fff00000c771d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.877071] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.850169] ================================================================== [ 16.850217] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.850573] Read of size 1 at addr fff00000c771d478 by task kunit_try_catch/194 [ 16.850656] [ 16.850742] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.850823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850857] Hardware name: linux,dummy-virt (DT) [ 16.850923] Call trace: [ 16.851000] show_stack+0x20/0x38 (C) [ 16.851162] dump_stack_lvl+0x8c/0xd0 [ 16.851278] print_report+0x118/0x5d0 [ 16.851392] kasan_report+0xdc/0x128 [ 16.851517] __asan_report_load1_noabort+0x20/0x30 [ 16.851584] ksize_unpoisons_memory+0x618/0x740 [ 16.851634] kunit_try_run_case+0x170/0x3f0 [ 16.851682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.851745] kthread+0x328/0x630 [ 16.851919] ret_from_fork+0x10/0x20 [ 16.852037] [ 16.852105] Allocated by task 194: [ 16.852259] kasan_save_stack+0x3c/0x68 [ 16.852390] kasan_save_track+0x20/0x40 [ 16.852534] kasan_save_alloc_info+0x40/0x58 [ 16.852632] __kasan_kmalloc+0xd4/0xd8 [ 16.852688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.852777] ksize_unpoisons_memory+0xc0/0x740 [ 16.852853] kunit_try_run_case+0x170/0x3f0 [ 16.852971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853052] kthread+0x328/0x630 [ 16.853095] ret_from_fork+0x10/0x20 [ 16.853131] [ 16.853151] The buggy address belongs to the object at fff00000c771d400 [ 16.853151] which belongs to the cache kmalloc-128 of size 128 [ 16.853234] The buggy address is located 5 bytes to the right of [ 16.853234] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.853298] [ 16.853323] The buggy address belongs to the physical page: [ 16.853366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.853573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.853772] page_type: f5(slab) [ 16.853860] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.854004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854103] page dumped because: kasan: bad access detected [ 16.854234] [ 16.854298] Memory state around the buggy address: [ 16.854330] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.854573] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.854773] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.854829] ^ [ 16.854955] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855000] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855073] ================================================================== [ 16.855777] ================================================================== [ 16.855830] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.855897] Read of size 1 at addr fff00000c771d47f by task kunit_try_catch/194 [ 16.855948] [ 16.856016] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.856125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.856208] Hardware name: linux,dummy-virt (DT) [ 16.856242] Call trace: [ 16.856282] show_stack+0x20/0x38 (C) [ 16.856342] dump_stack_lvl+0x8c/0xd0 [ 16.856390] print_report+0x118/0x5d0 [ 16.856621] kasan_report+0xdc/0x128 [ 16.856680] __asan_report_load1_noabort+0x20/0x30 [ 16.856916] ksize_unpoisons_memory+0x690/0x740 [ 16.856990] kunit_try_run_case+0x170/0x3f0 [ 16.857039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.857104] kthread+0x328/0x630 [ 16.857148] ret_from_fork+0x10/0x20 [ 16.857213] [ 16.857231] Allocated by task 194: [ 16.857262] kasan_save_stack+0x3c/0x68 [ 16.857353] kasan_save_track+0x20/0x40 [ 16.857419] kasan_save_alloc_info+0x40/0x58 [ 16.857462] __kasan_kmalloc+0xd4/0xd8 [ 16.857528] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.857589] ksize_unpoisons_memory+0xc0/0x740 [ 16.857626] kunit_try_run_case+0x170/0x3f0 [ 16.857663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.857748] kthread+0x328/0x630 [ 16.857977] ret_from_fork+0x10/0x20 [ 16.858027] [ 16.858107] The buggy address belongs to the object at fff00000c771d400 [ 16.858107] which belongs to the cache kmalloc-128 of size 128 [ 16.858242] The buggy address is located 12 bytes to the right of [ 16.858242] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.858335] [ 16.858373] The buggy address belongs to the physical page: [ 16.858404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.858518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.858593] page_type: f5(slab) [ 16.858666] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.858737] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.858778] page dumped because: kasan: bad access detected [ 16.858809] [ 16.858826] Memory state around the buggy address: [ 16.858875] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.858931] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.858977] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.859015] ^ [ 16.859056] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.859139] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.859334] ================================================================== [ 16.844584] ================================================================== [ 16.844777] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.844840] Read of size 1 at addr fff00000c771d473 by task kunit_try_catch/194 [ 16.844890] [ 16.844925] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.845007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.845107] Hardware name: linux,dummy-virt (DT) [ 16.845142] Call trace: [ 16.845165] show_stack+0x20/0x38 (C) [ 16.845222] dump_stack_lvl+0x8c/0xd0 [ 16.845400] print_report+0x118/0x5d0 [ 16.845537] kasan_report+0xdc/0x128 [ 16.845590] __asan_report_load1_noabort+0x20/0x30 [ 16.845642] ksize_unpoisons_memory+0x628/0x740 [ 16.845690] kunit_try_run_case+0x170/0x3f0 [ 16.845755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845808] kthread+0x328/0x630 [ 16.845980] ret_from_fork+0x10/0x20 [ 16.846036] [ 16.846108] Allocated by task 194: [ 16.846137] kasan_save_stack+0x3c/0x68 [ 16.846238] kasan_save_track+0x20/0x40 [ 16.846431] kasan_save_alloc_info+0x40/0x58 [ 16.846475] __kasan_kmalloc+0xd4/0xd8 [ 16.846622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.846674] ksize_unpoisons_memory+0xc0/0x740 [ 16.846724] kunit_try_run_case+0x170/0x3f0 [ 16.846839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.846908] kthread+0x328/0x630 [ 16.846940] ret_from_fork+0x10/0x20 [ 16.847040] [ 16.847229] The buggy address belongs to the object at fff00000c771d400 [ 16.847229] which belongs to the cache kmalloc-128 of size 128 [ 16.847460] The buggy address is located 0 bytes to the right of [ 16.847460] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.847568] [ 16.847595] The buggy address belongs to the physical page: [ 16.847628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.847680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.847739] page_type: f5(slab) [ 16.847776] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.847829] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.847870] page dumped because: kasan: bad access detected [ 16.847902] [ 16.847930] Memory state around the buggy address: [ 16.847970] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.848036] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848089] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.848126] ^ [ 16.848167] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848230] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848277] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.832940] ================================================================== [ 16.833021] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.833072] Free of addr fff00000c5755ea0 by task kunit_try_catch/192 [ 16.833114] [ 16.833350] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.833448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.833476] Hardware name: linux,dummy-virt (DT) [ 16.833523] Call trace: [ 16.833581] show_stack+0x20/0x38 (C) [ 16.833647] dump_stack_lvl+0x8c/0xd0 [ 16.833741] print_report+0x118/0x5d0 [ 16.833816] kasan_report_invalid_free+0xc0/0xe8 [ 16.833870] check_slab_allocation+0xd4/0x108 [ 16.833920] __kasan_slab_pre_free+0x2c/0x48 [ 16.834189] kfree+0xe8/0x3c8 [ 16.834279] kfree_sensitive+0x3c/0xb0 [ 16.834353] kmalloc_double_kzfree+0x168/0x308 [ 16.834408] kunit_try_run_case+0x170/0x3f0 [ 16.834492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.834575] kthread+0x328/0x630 [ 16.834618] ret_from_fork+0x10/0x20 [ 16.834709] [ 16.834766] Allocated by task 192: [ 16.834795] kasan_save_stack+0x3c/0x68 [ 16.834851] kasan_save_track+0x20/0x40 [ 16.834889] kasan_save_alloc_info+0x40/0x58 [ 16.834929] __kasan_kmalloc+0xd4/0xd8 [ 16.835074] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.835244] kmalloc_double_kzfree+0xb8/0x308 [ 16.835317] kunit_try_run_case+0x170/0x3f0 [ 16.835464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.835518] kthread+0x328/0x630 [ 16.835551] ret_from_fork+0x10/0x20 [ 16.835604] [ 16.835623] Freed by task 192: [ 16.835649] kasan_save_stack+0x3c/0x68 [ 16.835687] kasan_save_track+0x20/0x40 [ 16.835768] kasan_save_free_info+0x4c/0x78 [ 16.835890] __kasan_slab_free+0x6c/0x98 [ 16.835973] kfree+0x214/0x3c8 [ 16.836034] kfree_sensitive+0x80/0xb0 [ 16.836200] kmalloc_double_kzfree+0x11c/0x308 [ 16.836299] kunit_try_run_case+0x170/0x3f0 [ 16.836357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.836624] kthread+0x328/0x630 [ 16.836699] ret_from_fork+0x10/0x20 [ 16.836774] [ 16.836795] The buggy address belongs to the object at fff00000c5755ea0 [ 16.836795] which belongs to the cache kmalloc-16 of size 16 [ 16.836854] The buggy address is located 0 bytes inside of [ 16.836854] 16-byte region [fff00000c5755ea0, fff00000c5755eb0) [ 16.836933] [ 16.837043] The buggy address belongs to the physical page: [ 16.837106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.837245] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.837383] page_type: f5(slab) [ 16.837476] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.837552] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.837943] page dumped because: kasan: bad access detected [ 16.838017] [ 16.838109] Memory state around the buggy address: [ 16.838186] fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.838229] fff00000c5755e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.838564] >fff00000c5755e80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.838696] ^ [ 16.838806] fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838936] fff00000c5755f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838974] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.827737] ================================================================== [ 16.827804] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.827862] Read of size 1 at addr fff00000c5755ea0 by task kunit_try_catch/192 [ 16.827938] [ 16.828153] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.828255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.828282] Hardware name: linux,dummy-virt (DT) [ 16.828380] Call trace: [ 16.828407] show_stack+0x20/0x38 (C) [ 16.828460] dump_stack_lvl+0x8c/0xd0 [ 16.828510] print_report+0x118/0x5d0 [ 16.828554] kasan_report+0xdc/0x128 [ 16.828599] __kasan_check_byte+0x54/0x70 [ 16.828646] kfree_sensitive+0x30/0xb0 [ 16.828706] kmalloc_double_kzfree+0x168/0x308 [ 16.828998] kunit_try_run_case+0x170/0x3f0 [ 16.829140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.829196] kthread+0x328/0x630 [ 16.829265] ret_from_fork+0x10/0x20 [ 16.829426] [ 16.829531] Allocated by task 192: [ 16.829596] kasan_save_stack+0x3c/0x68 [ 16.829642] kasan_save_track+0x20/0x40 [ 16.829688] kasan_save_alloc_info+0x40/0x58 [ 16.829738] __kasan_kmalloc+0xd4/0xd8 [ 16.829775] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.829814] kmalloc_double_kzfree+0xb8/0x308 [ 16.829852] kunit_try_run_case+0x170/0x3f0 [ 16.829890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.829941] kthread+0x328/0x630 [ 16.829973] ret_from_fork+0x10/0x20 [ 16.830010] [ 16.830028] Freed by task 192: [ 16.830064] kasan_save_stack+0x3c/0x68 [ 16.830102] kasan_save_track+0x20/0x40 [ 16.830137] kasan_save_free_info+0x4c/0x78 [ 16.830176] __kasan_slab_free+0x6c/0x98 [ 16.830213] kfree+0x214/0x3c8 [ 16.830252] kfree_sensitive+0x80/0xb0 [ 16.830287] kmalloc_double_kzfree+0x11c/0x308 [ 16.830334] kunit_try_run_case+0x170/0x3f0 [ 16.830372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.830416] kthread+0x328/0x630 [ 16.830455] ret_from_fork+0x10/0x20 [ 16.830491] [ 16.830510] The buggy address belongs to the object at fff00000c5755ea0 [ 16.830510] which belongs to the cache kmalloc-16 of size 16 [ 16.830575] The buggy address is located 0 bytes inside of [ 16.830575] freed 16-byte region [fff00000c5755ea0, fff00000c5755eb0) [ 16.830635] [ 16.830655] The buggy address belongs to the physical page: [ 16.830686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.831188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.831261] page_type: f5(slab) [ 16.831303] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.831352] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.831392] page dumped because: kasan: bad access detected [ 16.831422] [ 16.831442] Memory state around the buggy address: [ 16.831474] fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.831516] fff00000c5755e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.831559] >fff00000c5755e80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.831798] ^ [ 16.831857] fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.831971] fff00000c5755f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.832067] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.809878] ================================================================== [ 16.809980] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.810034] Read of size 1 at addr fff00000c7752228 by task kunit_try_catch/188 [ 16.810282] [ 16.810326] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.810526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.810560] Hardware name: linux,dummy-virt (DT) [ 16.810609] Call trace: [ 16.810648] show_stack+0x20/0x38 (C) [ 16.810767] dump_stack_lvl+0x8c/0xd0 [ 16.810854] print_report+0x118/0x5d0 [ 16.810903] kasan_report+0xdc/0x128 [ 16.810978] __asan_report_load1_noabort+0x20/0x30 [ 16.811053] kmalloc_uaf2+0x3f4/0x468 [ 16.811186] kunit_try_run_case+0x170/0x3f0 [ 16.811282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.811365] kthread+0x328/0x630 [ 16.811406] ret_from_fork+0x10/0x20 [ 16.811704] [ 16.811739] Allocated by task 188: [ 16.811769] kasan_save_stack+0x3c/0x68 [ 16.811944] kasan_save_track+0x20/0x40 [ 16.812069] kasan_save_alloc_info+0x40/0x58 [ 16.812189] __kasan_kmalloc+0xd4/0xd8 [ 16.812270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.812310] kmalloc_uaf2+0xc4/0x468 [ 16.812355] kunit_try_run_case+0x170/0x3f0 [ 16.812392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.812435] kthread+0x328/0x630 [ 16.812477] ret_from_fork+0x10/0x20 [ 16.812514] [ 16.812532] Freed by task 188: [ 16.812559] kasan_save_stack+0x3c/0x68 [ 16.812603] kasan_save_track+0x20/0x40 [ 16.812641] kasan_save_free_info+0x4c/0x78 [ 16.812689] __kasan_slab_free+0x6c/0x98 [ 16.812736] kfree+0x214/0x3c8 [ 16.812767] kmalloc_uaf2+0x134/0x468 [ 16.812812] kunit_try_run_case+0x170/0x3f0 [ 16.812848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.812889] kthread+0x328/0x630 [ 16.812921] ret_from_fork+0x10/0x20 [ 16.812966] [ 16.812984] The buggy address belongs to the object at fff00000c7752200 [ 16.812984] which belongs to the cache kmalloc-64 of size 64 [ 16.813047] The buggy address is located 40 bytes inside of [ 16.813047] freed 64-byte region [fff00000c7752200, fff00000c7752240) [ 16.813117] [ 16.813138] The buggy address belongs to the physical page: [ 16.813186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107752 [ 16.813239] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.813296] page_type: f5(slab) [ 16.813344] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.813394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.813447] page dumped because: kasan: bad access detected [ 16.813482] [ 16.813516] Memory state around the buggy address: [ 16.813545] fff00000c7752100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.813597] fff00000c7752180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.813639] >fff00000c7752200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.813687] ^ [ 16.813727] fff00000c7752280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.813768] fff00000c7752300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.813806] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.798972] ================================================================== [ 16.799191] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.799337] Write of size 33 at addr fff00000c7752080 by task kunit_try_catch/186 [ 16.799428] [ 16.799465] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.799566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.799593] Hardware name: linux,dummy-virt (DT) [ 16.799626] Call trace: [ 16.799648] show_stack+0x20/0x38 (C) [ 16.799698] dump_stack_lvl+0x8c/0xd0 [ 16.799901] print_report+0x118/0x5d0 [ 16.799952] kasan_report+0xdc/0x128 [ 16.800000] kasan_check_range+0x100/0x1a8 [ 16.800050] __asan_memset+0x34/0x78 [ 16.800091] kmalloc_uaf_memset+0x170/0x310 [ 16.800329] kunit_try_run_case+0x170/0x3f0 [ 16.800415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.800500] kthread+0x328/0x630 [ 16.800600] ret_from_fork+0x10/0x20 [ 16.800679] [ 16.800786] Allocated by task 186: [ 16.800901] kasan_save_stack+0x3c/0x68 [ 16.800999] kasan_save_track+0x20/0x40 [ 16.801094] kasan_save_alloc_info+0x40/0x58 [ 16.801212] __kasan_kmalloc+0xd4/0xd8 [ 16.801267] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.801311] kmalloc_uaf_memset+0xb8/0x310 [ 16.801624] kunit_try_run_case+0x170/0x3f0 [ 16.801689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.801745] kthread+0x328/0x630 [ 16.801793] ret_from_fork+0x10/0x20 [ 16.801827] [ 16.801851] Freed by task 186: [ 16.801890] kasan_save_stack+0x3c/0x68 [ 16.801937] kasan_save_track+0x20/0x40 [ 16.801984] kasan_save_free_info+0x4c/0x78 [ 16.802023] __kasan_slab_free+0x6c/0x98 [ 16.802058] kfree+0x214/0x3c8 [ 16.802092] kmalloc_uaf_memset+0x11c/0x310 [ 16.802126] kunit_try_run_case+0x170/0x3f0 [ 16.802163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.802206] kthread+0x328/0x630 [ 16.802236] ret_from_fork+0x10/0x20 [ 16.802287] [ 16.802305] The buggy address belongs to the object at fff00000c7752080 [ 16.802305] which belongs to the cache kmalloc-64 of size 64 [ 16.802362] The buggy address is located 0 bytes inside of [ 16.802362] freed 64-byte region [fff00000c7752080, fff00000c77520c0) [ 16.802421] [ 16.802441] The buggy address belongs to the physical page: [ 16.802473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107752 [ 16.802525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.802574] page_type: f5(slab) [ 16.802624] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.802693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.802747] page dumped because: kasan: bad access detected [ 16.802779] [ 16.802797] Memory state around the buggy address: [ 16.802828] fff00000c7751f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.802871] fff00000c7752000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.802914] >fff00000c7752080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.802952] ^ [ 16.802980] fff00000c7752100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803220] fff00000c7752180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803358] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.786773] ================================================================== [ 16.786852] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.786950] Read of size 1 at addr fff00000c5755e88 by task kunit_try_catch/184 [ 16.787029] [ 16.787063] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.787145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.787171] Hardware name: linux,dummy-virt (DT) [ 16.787203] Call trace: [ 16.787225] show_stack+0x20/0x38 (C) [ 16.787313] dump_stack_lvl+0x8c/0xd0 [ 16.787364] print_report+0x118/0x5d0 [ 16.787411] kasan_report+0xdc/0x128 [ 16.787454] __asan_report_load1_noabort+0x20/0x30 [ 16.787639] kmalloc_uaf+0x300/0x338 [ 16.787796] kunit_try_run_case+0x170/0x3f0 [ 16.787991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.788067] kthread+0x328/0x630 [ 16.788129] ret_from_fork+0x10/0x20 [ 16.788466] [ 16.788525] Allocated by task 184: [ 16.788592] kasan_save_stack+0x3c/0x68 [ 16.788697] kasan_save_track+0x20/0x40 [ 16.788786] kasan_save_alloc_info+0x40/0x58 [ 16.788853] __kasan_kmalloc+0xd4/0xd8 [ 16.788888] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.789122] kmalloc_uaf+0xb8/0x338 [ 16.789165] kunit_try_run_case+0x170/0x3f0 [ 16.789331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.789424] kthread+0x328/0x630 [ 16.789555] ret_from_fork+0x10/0x20 [ 16.789614] [ 16.789637] Freed by task 184: [ 16.789972] kasan_save_stack+0x3c/0x68 [ 16.790086] kasan_save_track+0x20/0x40 [ 16.790135] kasan_save_free_info+0x4c/0x78 [ 16.790189] __kasan_slab_free+0x6c/0x98 [ 16.790227] kfree+0x214/0x3c8 [ 16.790260] kmalloc_uaf+0x11c/0x338 [ 16.790296] kunit_try_run_case+0x170/0x3f0 [ 16.790336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.790389] kthread+0x328/0x630 [ 16.790421] ret_from_fork+0x10/0x20 [ 16.790458] [ 16.790478] The buggy address belongs to the object at fff00000c5755e80 [ 16.790478] which belongs to the cache kmalloc-16 of size 16 [ 16.790538] The buggy address is located 8 bytes inside of [ 16.790538] freed 16-byte region [fff00000c5755e80, fff00000c5755e90) [ 16.790597] [ 16.790633] The buggy address belongs to the physical page: [ 16.790669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.790742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.790789] page_type: f5(slab) [ 16.790828] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.790916] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.791172] page dumped because: kasan: bad access detected [ 16.791232] [ 16.791250] Memory state around the buggy address: [ 16.791284] fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.791534] fff00000c5755e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.791682] >fff00000c5755e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.791846] ^ [ 16.791949] fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.792067] fff00000c5755f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.792205] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.777964] ================================================================== [ 16.778025] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.778117] Read of size 64 at addr fff00000c771ad84 by task kunit_try_catch/182 [ 16.778168] [ 16.778217] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.778299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.778326] Hardware name: linux,dummy-virt (DT) [ 16.778374] Call trace: [ 16.778398] show_stack+0x20/0x38 (C) [ 16.778522] dump_stack_lvl+0x8c/0xd0 [ 16.778691] print_report+0x118/0x5d0 [ 16.778799] kasan_report+0xdc/0x128 [ 16.778855] kasan_check_range+0x100/0x1a8 [ 16.778956] __asan_memmove+0x3c/0x98 [ 16.779011] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.779059] kunit_try_run_case+0x170/0x3f0 [ 16.779106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.779158] kthread+0x328/0x630 [ 16.779198] ret_from_fork+0x10/0x20 [ 16.779245] [ 16.779263] Allocated by task 182: [ 16.779291] kasan_save_stack+0x3c/0x68 [ 16.779333] kasan_save_track+0x20/0x40 [ 16.779507] kasan_save_alloc_info+0x40/0x58 [ 16.779554] __kasan_kmalloc+0xd4/0xd8 [ 16.779672] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.779780] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.779844] kunit_try_run_case+0x170/0x3f0 [ 16.779882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.779931] kthread+0x328/0x630 [ 16.779963] ret_from_fork+0x10/0x20 [ 16.780000] [ 16.780019] The buggy address belongs to the object at fff00000c771ad80 [ 16.780019] which belongs to the cache kmalloc-64 of size 64 [ 16.780096] The buggy address is located 4 bytes inside of [ 16.780096] allocated 64-byte region [fff00000c771ad80, fff00000c771adc0) [ 16.780157] [ 16.780184] The buggy address belongs to the physical page: [ 16.780215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771a [ 16.780265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.780312] page_type: f5(slab) [ 16.780350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.780399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.780441] page dumped because: kasan: bad access detected [ 16.780472] [ 16.780489] Memory state around the buggy address: [ 16.780521] fff00000c771ac80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.780564] fff00000c771ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.780627] >fff00000c771ad80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.780664] ^ [ 16.780697] fff00000c771ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780749] fff00000c771ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.765701] ================================================================== [ 16.766065] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.766129] Read of size 18446744073709551614 at addr fff00000c771ab84 by task kunit_try_catch/180 [ 16.766375] [ 16.766453] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.766563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.766589] Hardware name: linux,dummy-virt (DT) [ 16.766655] Call trace: [ 16.766707] show_stack+0x20/0x38 (C) [ 16.766769] dump_stack_lvl+0x8c/0xd0 [ 16.766815] print_report+0x118/0x5d0 [ 16.766872] kasan_report+0xdc/0x128 [ 16.766965] kasan_check_range+0x100/0x1a8 [ 16.767052] __asan_memmove+0x3c/0x98 [ 16.767093] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.767380] kunit_try_run_case+0x170/0x3f0 [ 16.767437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.767488] kthread+0x328/0x630 [ 16.767648] ret_from_fork+0x10/0x20 [ 16.767787] [ 16.767933] Allocated by task 180: [ 16.768036] kasan_save_stack+0x3c/0x68 [ 16.768163] kasan_save_track+0x20/0x40 [ 16.768250] kasan_save_alloc_info+0x40/0x58 [ 16.768380] __kasan_kmalloc+0xd4/0xd8 [ 16.768490] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.769560] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.769671] kunit_try_run_case+0x170/0x3f0 [ 16.769773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.769917] kthread+0x328/0x630 [ 16.769950] ret_from_fork+0x10/0x20 [ 16.770047] [ 16.770251] The buggy address belongs to the object at fff00000c771ab80 [ 16.770251] which belongs to the cache kmalloc-64 of size 64 [ 16.770574] The buggy address is located 4 bytes inside of [ 16.770574] 64-byte region [fff00000c771ab80, fff00000c771abc0) [ 16.770652] [ 16.770691] The buggy address belongs to the physical page: [ 16.770744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771a [ 16.770802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.770857] page_type: f5(slab) [ 16.770906] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.770956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.771007] page dumped because: kasan: bad access detected [ 16.771055] [ 16.771074] Memory state around the buggy address: [ 16.771118] fff00000c771aa80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.771162] fff00000c771ab00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.771210] >fff00000c771ab80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.771258] ^ [ 16.771287] fff00000c771ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771329] fff00000c771ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771368] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.749487] ================================================================== [ 16.749548] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.749602] Write of size 16 at addr fff00000c771d369 by task kunit_try_catch/178 [ 16.749649] [ 16.749685] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.750923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.751330] Hardware name: linux,dummy-virt (DT) [ 16.751369] Call trace: [ 16.751393] show_stack+0x20/0x38 (C) [ 16.751772] dump_stack_lvl+0x8c/0xd0 [ 16.752141] print_report+0x118/0x5d0 [ 16.752310] kasan_report+0xdc/0x128 [ 16.752678] kasan_check_range+0x100/0x1a8 [ 16.752917] __asan_memset+0x34/0x78 [ 16.753189] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.753463] kunit_try_run_case+0x170/0x3f0 [ 16.753598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.753794] kthread+0x328/0x630 [ 16.753891] ret_from_fork+0x10/0x20 [ 16.754176] [ 16.754380] Allocated by task 178: [ 16.754443] kasan_save_stack+0x3c/0x68 [ 16.754620] kasan_save_track+0x20/0x40 [ 16.754801] kasan_save_alloc_info+0x40/0x58 [ 16.754939] __kasan_kmalloc+0xd4/0xd8 [ 16.754986] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.755369] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.755660] kunit_try_run_case+0x170/0x3f0 [ 16.755838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.755997] kthread+0x328/0x630 [ 16.756034] ret_from_fork+0x10/0x20 [ 16.756117] [ 16.756188] The buggy address belongs to the object at fff00000c771d300 [ 16.756188] which belongs to the cache kmalloc-128 of size 128 [ 16.756425] The buggy address is located 105 bytes inside of [ 16.756425] allocated 120-byte region [fff00000c771d300, fff00000c771d378) [ 16.756593] [ 16.756815] The buggy address belongs to the physical page: [ 16.756985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.757446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.757630] page_type: f5(slab) [ 16.757909] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.758396] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.758512] page dumped because: kasan: bad access detected [ 16.758665] [ 16.758816] Memory state around the buggy address: [ 16.758880] fff00000c771d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.759324] fff00000c771d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759366] >fff00000c771d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.759404] ^ [ 16.759445] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759485] fff00000c771d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759522] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.731940] ================================================================== [ 16.732011] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.732072] Write of size 8 at addr fff00000c771d271 by task kunit_try_catch/176 [ 16.732460] [ 16.732577] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.732969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.733027] Hardware name: linux,dummy-virt (DT) [ 16.733062] Call trace: [ 16.733163] show_stack+0x20/0x38 (C) [ 16.733496] dump_stack_lvl+0x8c/0xd0 [ 16.733567] print_report+0x118/0x5d0 [ 16.733738] kasan_report+0xdc/0x128 [ 16.733797] kasan_check_range+0x100/0x1a8 [ 16.733844] __asan_memset+0x34/0x78 [ 16.733895] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.733953] kunit_try_run_case+0x170/0x3f0 [ 16.734012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.734064] kthread+0x328/0x630 [ 16.734105] ret_from_fork+0x10/0x20 [ 16.734167] [ 16.734186] Allocated by task 176: [ 16.734216] kasan_save_stack+0x3c/0x68 [ 16.734257] kasan_save_track+0x20/0x40 [ 16.734293] kasan_save_alloc_info+0x40/0x58 [ 16.734339] __kasan_kmalloc+0xd4/0xd8 [ 16.734376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.734419] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.734455] kunit_try_run_case+0x170/0x3f0 [ 16.734491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.734532] kthread+0x328/0x630 [ 16.734563] ret_from_fork+0x10/0x20 [ 16.734598] [ 16.734617] The buggy address belongs to the object at fff00000c771d200 [ 16.734617] which belongs to the cache kmalloc-128 of size 128 [ 16.734682] The buggy address is located 113 bytes inside of [ 16.734682] allocated 120-byte region [fff00000c771d200, fff00000c771d278) [ 16.734753] [ 16.734859] The buggy address belongs to the physical page: [ 16.735388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.735461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.735531] page_type: f5(slab) [ 16.735881] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.735966] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.736335] page dumped because: kasan: bad access detected [ 16.736662] [ 16.736779] Memory state around the buggy address: [ 16.736948] fff00000c771d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.737002] fff00000c771d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.737408] >fff00000c771d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.737470] ^ [ 16.737612] fff00000c771d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.737662] fff00000c771d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.737864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.703626] ================================================================== [ 16.703842] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.704349] Write of size 4 at addr fff00000c771d175 by task kunit_try_catch/174 [ 16.704407] [ 16.704619] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.704916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.705069] Hardware name: linux,dummy-virt (DT) [ 16.705166] Call trace: [ 16.705346] show_stack+0x20/0x38 (C) [ 16.705792] dump_stack_lvl+0x8c/0xd0 [ 16.706208] print_report+0x118/0x5d0 [ 16.706301] kasan_report+0xdc/0x128 [ 16.706733] kasan_check_range+0x100/0x1a8 [ 16.706959] __asan_memset+0x34/0x78 [ 16.707194] kmalloc_oob_memset_4+0x150/0x300 [ 16.707468] kunit_try_run_case+0x170/0x3f0 [ 16.707548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707735] kthread+0x328/0x630 [ 16.707780] ret_from_fork+0x10/0x20 [ 16.708057] [ 16.708257] Allocated by task 174: [ 16.708301] kasan_save_stack+0x3c/0x68 [ 16.708509] kasan_save_track+0x20/0x40 [ 16.708640] kasan_save_alloc_info+0x40/0x58 [ 16.708865] __kasan_kmalloc+0xd4/0xd8 [ 16.709007] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.709164] kmalloc_oob_memset_4+0xb0/0x300 [ 16.709407] kunit_try_run_case+0x170/0x3f0 [ 16.709706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.709794] kthread+0x328/0x630 [ 16.710105] ret_from_fork+0x10/0x20 [ 16.710327] [ 16.710460] The buggy address belongs to the object at fff00000c771d100 [ 16.710460] which belongs to the cache kmalloc-128 of size 128 [ 16.710699] The buggy address is located 117 bytes inside of [ 16.710699] allocated 120-byte region [fff00000c771d100, fff00000c771d178) [ 16.711000] [ 16.711112] The buggy address belongs to the physical page: [ 16.711214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.711375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.711595] page_type: f5(slab) [ 16.711965] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.712098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.712316] page dumped because: kasan: bad access detected [ 16.712401] [ 16.712503] Memory state around the buggy address: [ 16.712578] fff00000c771d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.712979] fff00000c771d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.713266] >fff00000c771d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.713483] ^ [ 16.713558] fff00000c771d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714002] fff00000c771d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714097] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.678180] ================================================================== [ 16.678241] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.678295] Write of size 2 at addr fff00000c771d077 by task kunit_try_catch/172 [ 16.678667] [ 16.679185] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.679469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.679612] Hardware name: linux,dummy-virt (DT) [ 16.679654] Call trace: [ 16.679679] show_stack+0x20/0x38 (C) [ 16.679742] dump_stack_lvl+0x8c/0xd0 [ 16.680449] print_report+0x118/0x5d0 [ 16.680668] kasan_report+0xdc/0x128 [ 16.680764] kasan_check_range+0x100/0x1a8 [ 16.680835] __asan_memset+0x34/0x78 [ 16.681225] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.681369] kunit_try_run_case+0x170/0x3f0 [ 16.681554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.681731] kthread+0x328/0x630 [ 16.681798] ret_from_fork+0x10/0x20 [ 16.682040] [ 16.682066] Allocated by task 172: [ 16.682099] kasan_save_stack+0x3c/0x68 [ 16.682187] kasan_save_track+0x20/0x40 [ 16.682349] kasan_save_alloc_info+0x40/0x58 [ 16.682396] __kasan_kmalloc+0xd4/0xd8 [ 16.682443] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.682482] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.682518] kunit_try_run_case+0x170/0x3f0 [ 16.682555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.682596] kthread+0x328/0x630 [ 16.682628] ret_from_fork+0x10/0x20 [ 16.682672] [ 16.682692] The buggy address belongs to the object at fff00000c771d000 [ 16.682692] which belongs to the cache kmalloc-128 of size 128 [ 16.682769] The buggy address is located 119 bytes inside of [ 16.682769] allocated 120-byte region [fff00000c771d000, fff00000c771d078) [ 16.683269] [ 16.683494] The buggy address belongs to the physical page: [ 16.683533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.683783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.683966] page_type: f5(slab) [ 16.684160] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.684252] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.684443] page dumped because: kasan: bad access detected [ 16.684477] [ 16.684518] Memory state around the buggy address: [ 16.684852] fff00000c771cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685019] fff00000c771cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685124] >fff00000c771d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.685219] ^ [ 16.685343] fff00000c771d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685459] fff00000c771d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.656698] ================================================================== [ 16.656779] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.657021] Write of size 128 at addr fff00000c576cf00 by task kunit_try_catch/170 [ 16.657514] [ 16.657576] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.657856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.658012] Hardware name: linux,dummy-virt (DT) [ 16.658049] Call trace: [ 16.658212] show_stack+0x20/0x38 (C) [ 16.658538] dump_stack_lvl+0x8c/0xd0 [ 16.658793] print_report+0x118/0x5d0 [ 16.658893] kasan_report+0xdc/0x128 [ 16.658939] kasan_check_range+0x100/0x1a8 [ 16.659224] __asan_memset+0x34/0x78 [ 16.659539] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.659952] kunit_try_run_case+0x170/0x3f0 [ 16.660101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.660365] kthread+0x328/0x630 [ 16.660581] ret_from_fork+0x10/0x20 [ 16.660722] [ 16.660750] Allocated by task 170: [ 16.660780] kasan_save_stack+0x3c/0x68 [ 16.661189] kasan_save_track+0x20/0x40 [ 16.661311] kasan_save_alloc_info+0x40/0x58 [ 16.661559] __kasan_kmalloc+0xd4/0xd8 [ 16.661864] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.662189] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.662287] kunit_try_run_case+0x170/0x3f0 [ 16.662447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.662734] kthread+0x328/0x630 [ 16.662957] ret_from_fork+0x10/0x20 [ 16.663264] [ 16.663387] The buggy address belongs to the object at fff00000c576cf00 [ 16.663387] which belongs to the cache kmalloc-128 of size 128 [ 16.664055] The buggy address is located 0 bytes inside of [ 16.664055] allocated 120-byte region [fff00000c576cf00, fff00000c576cf78) [ 16.664279] [ 16.664332] The buggy address belongs to the physical page: [ 16.664590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.664825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.665304] page_type: f5(slab) [ 16.665368] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.665498] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.665547] page dumped because: kasan: bad access detected [ 16.665601] [ 16.665627] Memory state around the buggy address: [ 16.665660] fff00000c576ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.665702] fff00000c576ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.665769] >fff00000c576cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.665806] ^ [ 16.665846] fff00000c576cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.665888] fff00000c576d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.665924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.633303] ================================================================== [ 16.633379] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.633566] Read of size 16 at addr fff00000c5755e60 by task kunit_try_catch/168 [ 16.633735] [ 16.633782] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.634113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.634223] Hardware name: linux,dummy-virt (DT) [ 16.634261] Call trace: [ 16.634471] show_stack+0x20/0x38 (C) [ 16.634654] dump_stack_lvl+0x8c/0xd0 [ 16.634726] print_report+0x118/0x5d0 [ 16.634773] kasan_report+0xdc/0x128 [ 16.634819] __asan_report_load16_noabort+0x20/0x30 [ 16.635673] kmalloc_uaf_16+0x3bc/0x438 [ 16.635958] kunit_try_run_case+0x170/0x3f0 [ 16.636281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.636707] kthread+0x328/0x630 [ 16.636846] ret_from_fork+0x10/0x20 [ 16.636896] [ 16.636915] Allocated by task 168: [ 16.637246] kasan_save_stack+0x3c/0x68 [ 16.637419] kasan_save_track+0x20/0x40 [ 16.637705] kasan_save_alloc_info+0x40/0x58 [ 16.637859] __kasan_kmalloc+0xd4/0xd8 [ 16.638239] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.638459] kmalloc_uaf_16+0x140/0x438 [ 16.638500] kunit_try_run_case+0x170/0x3f0 [ 16.638538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.638579] kthread+0x328/0x630 [ 16.638610] ret_from_fork+0x10/0x20 [ 16.638667] [ 16.638695] Freed by task 168: [ 16.638733] kasan_save_stack+0x3c/0x68 [ 16.638772] kasan_save_track+0x20/0x40 [ 16.638816] kasan_save_free_info+0x4c/0x78 [ 16.639081] __kasan_slab_free+0x6c/0x98 [ 16.639160] kfree+0x214/0x3c8 [ 16.639203] kmalloc_uaf_16+0x190/0x438 [ 16.639237] kunit_try_run_case+0x170/0x3f0 [ 16.639605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.639889] kthread+0x328/0x630 [ 16.639951] ret_from_fork+0x10/0x20 [ 16.640056] [ 16.640156] The buggy address belongs to the object at fff00000c5755e60 [ 16.640156] which belongs to the cache kmalloc-16 of size 16 [ 16.640575] The buggy address is located 0 bytes inside of [ 16.640575] freed 16-byte region [fff00000c5755e60, fff00000c5755e70) [ 16.640781] [ 16.640871] The buggy address belongs to the physical page: [ 16.641055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.641194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.641493] page_type: f5(slab) [ 16.641841] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.642017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.642059] page dumped because: kasan: bad access detected [ 16.642331] [ 16.642469] Memory state around the buggy address: [ 16.643032] fff00000c5755d00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.643185] fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.643309] >fff00000c5755e00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.643409] ^ [ 16.643486] fff00000c5755e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643529] fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.613632] ================================================================== [ 16.613998] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.614154] Write of size 16 at addr fff00000c5755e00 by task kunit_try_catch/166 [ 16.614248] [ 16.614347] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.614461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.614498] Hardware name: linux,dummy-virt (DT) [ 16.614531] Call trace: [ 16.614580] show_stack+0x20/0x38 (C) [ 16.614992] dump_stack_lvl+0x8c/0xd0 [ 16.615308] print_report+0x118/0x5d0 [ 16.615381] kasan_report+0xdc/0x128 [ 16.615545] __asan_report_store16_noabort+0x20/0x30 [ 16.615676] kmalloc_oob_16+0x3a0/0x3f8 [ 16.615844] kunit_try_run_case+0x170/0x3f0 [ 16.616014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.616092] kthread+0x328/0x630 [ 16.616415] ret_from_fork+0x10/0x20 [ 16.616625] [ 16.616704] Allocated by task 166: [ 16.616878] kasan_save_stack+0x3c/0x68 [ 16.617207] kasan_save_track+0x20/0x40 [ 16.617269] kasan_save_alloc_info+0x40/0x58 [ 16.617387] __kasan_kmalloc+0xd4/0xd8 [ 16.617495] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.617710] kmalloc_oob_16+0xb4/0x3f8 [ 16.617934] kunit_try_run_case+0x170/0x3f0 [ 16.617975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618318] kthread+0x328/0x630 [ 16.618401] ret_from_fork+0x10/0x20 [ 16.618579] [ 16.618760] The buggy address belongs to the object at fff00000c5755e00 [ 16.618760] which belongs to the cache kmalloc-16 of size 16 [ 16.618936] The buggy address is located 0 bytes inside of [ 16.618936] allocated 13-byte region [fff00000c5755e00, fff00000c5755e0d) [ 16.618998] [ 16.619049] The buggy address belongs to the physical page: [ 16.619081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.619442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.619622] page_type: f5(slab) [ 16.619744] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.619913] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.620005] page dumped because: kasan: bad access detected [ 16.620036] [ 16.620252] Memory state around the buggy address: [ 16.620317] fff00000c5755d00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.620584] fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.620681] >fff00000c5755e00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.620773] ^ [ 16.620805] fff00000c5755e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620846] fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620884] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.577666] ================================================================== [ 16.578590] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.578672] Read of size 1 at addr fff00000c17c7a00 by task kunit_try_catch/164 [ 16.579171] [ 16.579320] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.579447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.579481] Hardware name: linux,dummy-virt (DT) [ 16.579513] Call trace: [ 16.579538] show_stack+0x20/0x38 (C) [ 16.579591] dump_stack_lvl+0x8c/0xd0 [ 16.580119] print_report+0x118/0x5d0 [ 16.580651] kasan_report+0xdc/0x128 [ 16.580728] __kasan_check_byte+0x54/0x70 [ 16.581006] krealloc_noprof+0x44/0x360 [ 16.581066] krealloc_uaf+0x180/0x520 [ 16.581123] kunit_try_run_case+0x170/0x3f0 [ 16.581194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.581256] kthread+0x328/0x630 [ 16.581304] ret_from_fork+0x10/0x20 [ 16.581360] [ 16.581379] Allocated by task 164: [ 16.581408] kasan_save_stack+0x3c/0x68 [ 16.581449] kasan_save_track+0x20/0x40 [ 16.581486] kasan_save_alloc_info+0x40/0x58 [ 16.581526] __kasan_kmalloc+0xd4/0xd8 [ 16.581571] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.581609] krealloc_uaf+0xc8/0x520 [ 16.581642] kunit_try_run_case+0x170/0x3f0 [ 16.581694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.581769] kthread+0x328/0x630 [ 16.581801] ret_from_fork+0x10/0x20 [ 16.581845] [ 16.582310] Freed by task 164: [ 16.582618] kasan_save_stack+0x3c/0x68 [ 16.582704] kasan_save_track+0x20/0x40 [ 16.582809] kasan_save_free_info+0x4c/0x78 [ 16.582854] __kasan_slab_free+0x6c/0x98 [ 16.582893] kfree+0x214/0x3c8 [ 16.583244] krealloc_uaf+0x12c/0x520 [ 16.583691] kunit_try_run_case+0x170/0x3f0 [ 16.583856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.583915] kthread+0x328/0x630 [ 16.583948] ret_from_fork+0x10/0x20 [ 16.584388] [ 16.584425] The buggy address belongs to the object at fff00000c17c7a00 [ 16.584425] which belongs to the cache kmalloc-256 of size 256 [ 16.584940] The buggy address is located 0 bytes inside of [ 16.584940] freed 256-byte region [fff00000c17c7a00, fff00000c17c7b00) [ 16.585018] [ 16.585223] The buggy address belongs to the physical page: [ 16.585435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.585510] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.585556] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.586022] page_type: f5(slab) [ 16.586346] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.586677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.586806] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.586855] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.587270] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.587451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.587637] page dumped because: kasan: bad access detected [ 16.587769] [ 16.587848] Memory state around the buggy address: [ 16.588104] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.588188] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.588527] >fff00000c17c7a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.588893] ^ [ 16.588949] fff00000c17c7a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.589207] fff00000c17c7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589413] ================================================================== [ 16.592875] ================================================================== [ 16.593091] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.593235] Read of size 1 at addr fff00000c17c7a00 by task kunit_try_catch/164 [ 16.593336] [ 16.593415] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.593502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.593734] Hardware name: linux,dummy-virt (DT) [ 16.594004] Call trace: [ 16.594178] show_stack+0x20/0x38 (C) [ 16.594433] dump_stack_lvl+0x8c/0xd0 [ 16.594707] print_report+0x118/0x5d0 [ 16.594817] kasan_report+0xdc/0x128 [ 16.594864] __asan_report_load1_noabort+0x20/0x30 [ 16.594977] krealloc_uaf+0x4c8/0x520 [ 16.595065] kunit_try_run_case+0x170/0x3f0 [ 16.595114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.595501] kthread+0x328/0x630 [ 16.595628] ret_from_fork+0x10/0x20 [ 16.595682] [ 16.595701] Allocated by task 164: [ 16.595771] kasan_save_stack+0x3c/0x68 [ 16.595834] kasan_save_track+0x20/0x40 [ 16.595877] kasan_save_alloc_info+0x40/0x58 [ 16.595916] __kasan_kmalloc+0xd4/0xd8 [ 16.595951] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.595988] krealloc_uaf+0xc8/0x520 [ 16.596031] kunit_try_run_case+0x170/0x3f0 [ 16.596067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.596108] kthread+0x328/0x630 [ 16.596149] ret_from_fork+0x10/0x20 [ 16.596193] [ 16.596211] Freed by task 164: [ 16.596237] kasan_save_stack+0x3c/0x68 [ 16.596274] kasan_save_track+0x20/0x40 [ 16.596309] kasan_save_free_info+0x4c/0x78 [ 16.596354] __kasan_slab_free+0x6c/0x98 [ 16.596395] kfree+0x214/0x3c8 [ 16.596427] krealloc_uaf+0x12c/0x520 [ 16.596475] kunit_try_run_case+0x170/0x3f0 [ 16.596512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.596553] kthread+0x328/0x630 [ 16.596584] ret_from_fork+0x10/0x20 [ 16.596617] [ 16.596636] The buggy address belongs to the object at fff00000c17c7a00 [ 16.596636] which belongs to the cache kmalloc-256 of size 256 [ 16.596692] The buggy address is located 0 bytes inside of [ 16.596692] freed 256-byte region [fff00000c17c7a00, fff00000c17c7b00) [ 16.596760] [ 16.596789] The buggy address belongs to the physical page: [ 16.596821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.596882] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.596929] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.596982] page_type: f5(slab) [ 16.597019] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.597066] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.597122] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.597170] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.597226] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.597272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.597316] page dumped because: kasan: bad access detected [ 16.597361] [ 16.597379] Memory state around the buggy address: [ 16.597409] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597450] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597491] >fff00000c17c7a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597526] ^ [ 16.597553] fff00000c17c7a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597602] fff00000c17c7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.480133] ================================================================== [ 16.480185] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.480294] Write of size 1 at addr fff00000c17c78da by task kunit_try_catch/158 [ 16.480347] [ 16.480379] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.480472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.480498] Hardware name: linux,dummy-virt (DT) [ 16.480533] Call trace: [ 16.480616] show_stack+0x20/0x38 (C) [ 16.480671] dump_stack_lvl+0x8c/0xd0 [ 16.480776] print_report+0x118/0x5d0 [ 16.480839] kasan_report+0xdc/0x128 [ 16.480884] __asan_report_store1_noabort+0x20/0x30 [ 16.481134] krealloc_less_oob_helper+0xa80/0xc50 [ 16.481247] krealloc_less_oob+0x20/0x38 [ 16.481330] kunit_try_run_case+0x170/0x3f0 [ 16.481395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.481447] kthread+0x328/0x630 [ 16.481548] ret_from_fork+0x10/0x20 [ 16.481596] [ 16.481641] Allocated by task 158: [ 16.481695] kasan_save_stack+0x3c/0x68 [ 16.481968] kasan_save_track+0x20/0x40 [ 16.482032] kasan_save_alloc_info+0x40/0x58 [ 16.482109] __kasan_krealloc+0x118/0x178 [ 16.482147] krealloc_noprof+0x128/0x360 [ 16.482183] krealloc_less_oob_helper+0x168/0xc50 [ 16.482249] krealloc_less_oob+0x20/0x38 [ 16.482285] kunit_try_run_case+0x170/0x3f0 [ 16.482321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.482465] kthread+0x328/0x630 [ 16.482684] ret_from_fork+0x10/0x20 [ 16.482776] [ 16.482796] The buggy address belongs to the object at fff00000c17c7800 [ 16.482796] which belongs to the cache kmalloc-256 of size 256 [ 16.482863] The buggy address is located 17 bytes to the right of [ 16.482863] allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9) [ 16.482927] [ 16.482946] The buggy address belongs to the physical page: [ 16.483127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.483257] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.483336] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.483465] page_type: f5(slab) [ 16.483512] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.483560] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.483609] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.483655] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.483729] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.483777] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.483975] page dumped because: kasan: bad access detected [ 16.484071] [ 16.484153] Memory state around the buggy address: [ 16.484236] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484278] fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.484330] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.484366] ^ [ 16.484412] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484470] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484530] ================================================================== [ 16.490195] ================================================================== [ 16.490273] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.490357] Write of size 1 at addr fff00000c17c78eb by task kunit_try_catch/158 [ 16.490406] [ 16.490438] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.490514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490539] Hardware name: linux,dummy-virt (DT) [ 16.490569] Call trace: [ 16.490590] show_stack+0x20/0x38 (C) [ 16.490671] dump_stack_lvl+0x8c/0xd0 [ 16.490946] print_report+0x118/0x5d0 [ 16.491037] kasan_report+0xdc/0x128 [ 16.491137] __asan_report_store1_noabort+0x20/0x30 [ 16.491188] krealloc_less_oob_helper+0xa58/0xc50 [ 16.491246] krealloc_less_oob+0x20/0x38 [ 16.491292] kunit_try_run_case+0x170/0x3f0 [ 16.491338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.491547] kthread+0x328/0x630 [ 16.491651] ret_from_fork+0x10/0x20 [ 16.491805] [ 16.491883] Allocated by task 158: [ 16.491955] kasan_save_stack+0x3c/0x68 [ 16.492050] kasan_save_track+0x20/0x40 [ 16.492087] kasan_save_alloc_info+0x40/0x58 [ 16.492125] __kasan_krealloc+0x118/0x178 [ 16.492161] krealloc_noprof+0x128/0x360 [ 16.492378] krealloc_less_oob_helper+0x168/0xc50 [ 16.492497] krealloc_less_oob+0x20/0x38 [ 16.492595] kunit_try_run_case+0x170/0x3f0 [ 16.492750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.492793] kthread+0x328/0x630 [ 16.492841] ret_from_fork+0x10/0x20 [ 16.493192] [ 16.493263] The buggy address belongs to the object at fff00000c17c7800 [ 16.493263] which belongs to the cache kmalloc-256 of size 256 [ 16.493433] The buggy address is located 34 bytes to the right of [ 16.493433] allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9) [ 16.493576] [ 16.493670] The buggy address belongs to the physical page: [ 16.493700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.493978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.494095] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.494203] page_type: f5(slab) [ 16.494332] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.494457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.494553] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.494601] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.494677] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.495099] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.495191] page dumped because: kasan: bad access detected [ 16.495303] [ 16.495352] Memory state around the buggy address: [ 16.495383] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495424] fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.495465] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.495501] ^ [ 16.495808] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495893] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.495965] ================================================================== [ 16.472805] ================================================================== [ 16.472860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.472921] Write of size 1 at addr fff00000c17c78d0 by task kunit_try_catch/158 [ 16.472997] [ 16.473050] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.473153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.473179] Hardware name: linux,dummy-virt (DT) [ 16.473254] Call trace: [ 16.473304] show_stack+0x20/0x38 (C) [ 16.473383] dump_stack_lvl+0x8c/0xd0 [ 16.473430] print_report+0x118/0x5d0 [ 16.473475] kasan_report+0xdc/0x128 [ 16.473637] __asan_report_store1_noabort+0x20/0x30 [ 16.473854] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.473909] krealloc_less_oob+0x20/0x38 [ 16.473953] kunit_try_run_case+0x170/0x3f0 [ 16.474051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.474103] kthread+0x328/0x630 [ 16.474166] ret_from_fork+0x10/0x20 [ 16.474264] [ 16.474313] Allocated by task 158: [ 16.474361] kasan_save_stack+0x3c/0x68 [ 16.474414] kasan_save_track+0x20/0x40 [ 16.474522] kasan_save_alloc_info+0x40/0x58 [ 16.474579] __kasan_krealloc+0x118/0x178 [ 16.474616] krealloc_noprof+0x128/0x360 [ 16.474652] krealloc_less_oob_helper+0x168/0xc50 [ 16.474709] krealloc_less_oob+0x20/0x38 [ 16.474836] kunit_try_run_case+0x170/0x3f0 [ 16.474875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.475136] kthread+0x328/0x630 [ 16.475191] ret_from_fork+0x10/0x20 [ 16.475275] [ 16.475884] The buggy address belongs to the object at fff00000c17c7800 [ 16.475884] which belongs to the cache kmalloc-256 of size 256 [ 16.476050] The buggy address is located 7 bytes to the right of [ 16.476050] allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9) [ 16.476133] [ 16.476153] The buggy address belongs to the physical page: [ 16.476182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.476234] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.476279] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.476697] page_type: f5(slab) [ 16.476849] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.476964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.477432] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.477518] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.477638] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.477696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.477901] page dumped because: kasan: bad access detected [ 16.478085] [ 16.478197] Memory state around the buggy address: [ 16.478285] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478408] fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.478502] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.478613] ^ [ 16.478801] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478861] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.478897] ================================================================== [ 16.530785] ================================================================== [ 16.530848] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.530923] Write of size 1 at addr fff00000c76e20c9 by task kunit_try_catch/162 [ 16.531035] [ 16.531099] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.531336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.531485] Hardware name: linux,dummy-virt (DT) [ 16.531695] Call trace: [ 16.531820] show_stack+0x20/0x38 (C) [ 16.531956] dump_stack_lvl+0x8c/0xd0 [ 16.532325] print_report+0x118/0x5d0 [ 16.532521] kasan_report+0xdc/0x128 [ 16.532594] __asan_report_store1_noabort+0x20/0x30 [ 16.532742] krealloc_less_oob_helper+0xa48/0xc50 [ 16.532828] krealloc_large_less_oob+0x20/0x38 [ 16.533019] kunit_try_run_case+0x170/0x3f0 [ 16.533079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.533613] kthread+0x328/0x630 [ 16.533752] ret_from_fork+0x10/0x20 [ 16.534029] [ 16.534119] The buggy address belongs to the physical page: [ 16.534369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0 [ 16.534453] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.534693] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.535028] page_type: f8(unknown) [ 16.535102] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.535444] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.535552] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.535648] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.535723] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff [ 16.535922] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.536158] page dumped because: kasan: bad access detected [ 16.536293] [ 16.536452] Memory state around the buggy address: [ 16.536537] fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.536652] fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.536695] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.536781] ^ [ 16.536981] fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.537082] fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.537259] ================================================================== [ 16.542572] ================================================================== [ 16.542614] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.542658] Write of size 1 at addr fff00000c76e20da by task kunit_try_catch/162 [ 16.542704] [ 16.542743] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.543239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.543283] Hardware name: linux,dummy-virt (DT) [ 16.543702] Call trace: [ 16.543775] show_stack+0x20/0x38 (C) [ 16.543828] dump_stack_lvl+0x8c/0xd0 [ 16.543877] print_report+0x118/0x5d0 [ 16.544360] kasan_report+0xdc/0x128 [ 16.544597] __asan_report_store1_noabort+0x20/0x30 [ 16.544765] krealloc_less_oob_helper+0xa80/0xc50 [ 16.544845] krealloc_large_less_oob+0x20/0x38 [ 16.545213] kunit_try_run_case+0x170/0x3f0 [ 16.545363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.545530] kthread+0x328/0x630 [ 16.545634] ret_from_fork+0x10/0x20 [ 16.545696] [ 16.545726] The buggy address belongs to the physical page: [ 16.546139] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0 [ 16.546414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.546602] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.546728] page_type: f8(unknown) [ 16.546987] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.547080] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.547129] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.547570] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.547791] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff [ 16.547944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.548232] page dumped because: kasan: bad access detected [ 16.548383] [ 16.548631] Memory state around the buggy address: [ 16.548774] fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.548887] fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.549276] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.549473] ^ [ 16.549603] fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.550251] fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.550566] ================================================================== [ 16.466312] ================================================================== [ 16.467028] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.467102] Write of size 1 at addr fff00000c17c78c9 by task kunit_try_catch/158 [ 16.467151] [ 16.467186] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.467263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467289] Hardware name: linux,dummy-virt (DT) [ 16.467320] Call trace: [ 16.467342] show_stack+0x20/0x38 (C) [ 16.467389] dump_stack_lvl+0x8c/0xd0 [ 16.467434] print_report+0x118/0x5d0 [ 16.467479] kasan_report+0xdc/0x128 [ 16.467523] __asan_report_store1_noabort+0x20/0x30 [ 16.467572] krealloc_less_oob_helper+0xa48/0xc50 [ 16.467619] krealloc_less_oob+0x20/0x38 [ 16.467662] kunit_try_run_case+0x170/0x3f0 [ 16.467708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.467771] kthread+0x328/0x630 [ 16.467917] ret_from_fork+0x10/0x20 [ 16.467965] [ 16.467983] Allocated by task 158: [ 16.468010] kasan_save_stack+0x3c/0x68 [ 16.468050] kasan_save_track+0x20/0x40 [ 16.468086] kasan_save_alloc_info+0x40/0x58 [ 16.468124] __kasan_krealloc+0x118/0x178 [ 16.468161] krealloc_noprof+0x128/0x360 [ 16.468196] krealloc_less_oob_helper+0x168/0xc50 [ 16.468526] krealloc_less_oob+0x20/0x38 [ 16.468589] kunit_try_run_case+0x170/0x3f0 [ 16.468705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.468846] kthread+0x328/0x630 [ 16.468926] ret_from_fork+0x10/0x20 [ 16.469012] [ 16.469119] The buggy address belongs to the object at fff00000c17c7800 [ 16.469119] which belongs to the cache kmalloc-256 of size 256 [ 16.469203] The buggy address is located 0 bytes to the right of [ 16.469203] allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9) [ 16.469341] [ 16.469380] The buggy address belongs to the physical page: [ 16.469422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.469474] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.469519] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.469863] page_type: f5(slab) [ 16.469973] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.470152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.470256] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.470430] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.470561] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.470694] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.470745] page dumped because: kasan: bad access detected [ 16.470837] [ 16.471173] Memory state around the buggy address: [ 16.471254] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.471373] fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.471421] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.471484] ^ [ 16.471612] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.471671] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.471806] ================================================================== [ 16.538840] ================================================================== [ 16.538891] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.539109] Write of size 1 at addr fff00000c76e20d0 by task kunit_try_catch/162 [ 16.539347] [ 16.539484] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.539686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.539809] Hardware name: linux,dummy-virt (DT) [ 16.539927] Call trace: [ 16.539994] show_stack+0x20/0x38 (C) [ 16.540085] dump_stack_lvl+0x8c/0xd0 [ 16.540342] print_report+0x118/0x5d0 [ 16.540897] kasan_report+0xdc/0x128 [ 16.541019] __asan_report_store1_noabort+0x20/0x30 [ 16.541083] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.541132] krealloc_large_less_oob+0x20/0x38 [ 16.541178] kunit_try_run_case+0x170/0x3f0 [ 16.541236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.541298] kthread+0x328/0x630 [ 16.541353] ret_from_fork+0x10/0x20 [ 16.541407] [ 16.541441] The buggy address belongs to the physical page: [ 16.541472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0 [ 16.541536] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.541590] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.541640] page_type: f8(unknown) [ 16.541698] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.541762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.541819] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.541880] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.541942] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff [ 16.541991] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.542038] page dumped because: kasan: bad access detected [ 16.542076] [ 16.542094] Memory state around the buggy address: [ 16.542133] fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.542174] fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.542229] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.542272] ^ [ 16.542311] fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.542354] fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.542391] ================================================================== [ 16.561431] ================================================================== [ 16.561625] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.561679] Write of size 1 at addr fff00000c76e20eb by task kunit_try_catch/162 [ 16.561772] [ 16.561811] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.561890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.561916] Hardware name: linux,dummy-virt (DT) [ 16.562180] Call trace: [ 16.562307] show_stack+0x20/0x38 (C) [ 16.562432] dump_stack_lvl+0x8c/0xd0 [ 16.562483] print_report+0x118/0x5d0 [ 16.562529] kasan_report+0xdc/0x128 [ 16.562573] __asan_report_store1_noabort+0x20/0x30 [ 16.562631] krealloc_less_oob_helper+0xa58/0xc50 [ 16.562679] krealloc_large_less_oob+0x20/0x38 [ 16.562737] kunit_try_run_case+0x170/0x3f0 [ 16.562784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.562994] kthread+0x328/0x630 [ 16.563055] ret_from_fork+0x10/0x20 [ 16.563212] [ 16.563243] The buggy address belongs to the physical page: [ 16.563274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0 [ 16.563697] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.563823] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.563963] page_type: f8(unknown) [ 16.564052] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.564491] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.564641] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.564867] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.564962] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff [ 16.565144] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.565341] page dumped because: kasan: bad access detected [ 16.565472] [ 16.565504] Memory state around the buggy address: [ 16.565564] fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.565623] fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.565887] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.566140] ^ [ 16.566278] fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.566432] fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.566510] ================================================================== [ 16.553154] ================================================================== [ 16.553205] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.553259] Write of size 1 at addr fff00000c76e20ea by task kunit_try_catch/162 [ 16.553316] [ 16.553351] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.553597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.553723] Hardware name: linux,dummy-virt (DT) [ 16.553840] Call trace: [ 16.554215] show_stack+0x20/0x38 (C) [ 16.554278] dump_stack_lvl+0x8c/0xd0 [ 16.554388] print_report+0x118/0x5d0 [ 16.554463] kasan_report+0xdc/0x128 [ 16.554639] __asan_report_store1_noabort+0x20/0x30 [ 16.554692] krealloc_less_oob_helper+0xae4/0xc50 [ 16.554937] krealloc_large_less_oob+0x20/0x38 [ 16.555225] kunit_try_run_case+0x170/0x3f0 [ 16.555425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.555790] kthread+0x328/0x630 [ 16.555857] ret_from_fork+0x10/0x20 [ 16.556307] [ 16.556395] The buggy address belongs to the physical page: [ 16.556429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e0 [ 16.556610] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.556861] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.557074] page_type: f8(unknown) [ 16.557332] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.557678] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.557900] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.558010] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.558223] head: 0bfffe0000000002 ffffc1ffc31db801 00000000ffffffff 00000000ffffffff [ 16.558495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.558601] page dumped because: kasan: bad access detected [ 16.558633] [ 16.558827] Memory state around the buggy address: [ 16.559131] fff00000c76e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.559211] fff00000c76e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.559253] >fff00000c76e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.559296] ^ [ 16.559527] fff00000c76e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.559758] fff00000c76e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.559929] ================================================================== [ 16.485522] ================================================================== [ 16.485615] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.485669] Write of size 1 at addr fff00000c17c78ea by task kunit_try_catch/158 [ 16.485729] [ 16.485789] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.485906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.485932] Hardware name: linux,dummy-virt (DT) [ 16.486000] Call trace: [ 16.486047] show_stack+0x20/0x38 (C) [ 16.486096] dump_stack_lvl+0x8c/0xd0 [ 16.486418] print_report+0x118/0x5d0 [ 16.486522] kasan_report+0xdc/0x128 [ 16.486587] __asan_report_store1_noabort+0x20/0x30 [ 16.486640] krealloc_less_oob_helper+0xae4/0xc50 [ 16.486740] krealloc_less_oob+0x20/0x38 [ 16.486815] kunit_try_run_case+0x170/0x3f0 [ 16.486878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.486963] kthread+0x328/0x630 [ 16.487007] ret_from_fork+0x10/0x20 [ 16.487072] [ 16.487091] Allocated by task 158: [ 16.487120] kasan_save_stack+0x3c/0x68 [ 16.487399] kasan_save_track+0x20/0x40 [ 16.487507] kasan_save_alloc_info+0x40/0x58 [ 16.487642] __kasan_krealloc+0x118/0x178 [ 16.487702] krealloc_noprof+0x128/0x360 [ 16.487748] krealloc_less_oob_helper+0x168/0xc50 [ 16.487785] krealloc_less_oob+0x20/0x38 [ 16.487820] kunit_try_run_case+0x170/0x3f0 [ 16.487856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.487897] kthread+0x328/0x630 [ 16.487938] ret_from_fork+0x10/0x20 [ 16.487982] [ 16.488000] The buggy address belongs to the object at fff00000c17c7800 [ 16.488000] which belongs to the cache kmalloc-256 of size 256 [ 16.488056] The buggy address is located 33 bytes to the right of [ 16.488056] allocated 201-byte region [fff00000c17c7800, fff00000c17c78c9) [ 16.488117] [ 16.488136] The buggy address belongs to the physical page: [ 16.488166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.488218] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.488263] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.488313] page_type: f5(slab) [ 16.488350] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.488398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.488455] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.488514] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.488561] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.488607] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.488646] page dumped because: kasan: bad access detected [ 16.488683] [ 16.488700] Memory state around the buggy address: [ 16.488741] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.488781] fff00000c17c7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.488821] >fff00000c17c7880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.488880] ^ [ 16.488917] fff00000c17c7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.488957] fff00000c17c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.489314] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.441647] ================================================================== [ 16.441725] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.442265] Write of size 1 at addr fff00000c17c76eb by task kunit_try_catch/156 [ 16.442362] [ 16.442478] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.442580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.442661] Hardware name: linux,dummy-virt (DT) [ 16.442695] Call trace: [ 16.442756] show_stack+0x20/0x38 (C) [ 16.442875] dump_stack_lvl+0x8c/0xd0 [ 16.442959] print_report+0x118/0x5d0 [ 16.443181] kasan_report+0xdc/0x128 [ 16.443295] __asan_report_store1_noabort+0x20/0x30 [ 16.443506] krealloc_more_oob_helper+0x60c/0x678 [ 16.443608] krealloc_more_oob+0x20/0x38 [ 16.443950] kunit_try_run_case+0x170/0x3f0 [ 16.444132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.444246] kthread+0x328/0x630 [ 16.444423] ret_from_fork+0x10/0x20 [ 16.444557] [ 16.444840] Allocated by task 156: [ 16.445067] kasan_save_stack+0x3c/0x68 [ 16.445151] kasan_save_track+0x20/0x40 [ 16.445310] kasan_save_alloc_info+0x40/0x58 [ 16.445394] __kasan_krealloc+0x118/0x178 [ 16.445575] krealloc_noprof+0x128/0x360 [ 16.446001] krealloc_more_oob_helper+0x168/0x678 [ 16.446117] krealloc_more_oob+0x20/0x38 [ 16.446170] kunit_try_run_case+0x170/0x3f0 [ 16.446207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.446249] kthread+0x328/0x630 [ 16.446282] ret_from_fork+0x10/0x20 [ 16.446327] [ 16.446347] The buggy address belongs to the object at fff00000c17c7600 [ 16.446347] which belongs to the cache kmalloc-256 of size 256 [ 16.446405] The buggy address is located 0 bytes to the right of [ 16.446405] allocated 235-byte region [fff00000c17c7600, fff00000c17c76eb) [ 16.446495] [ 16.446524] The buggy address belongs to the physical page: [ 16.446563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.446641] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.446695] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.446760] page_type: f5(slab) [ 16.446799] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.447106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.447400] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.447460] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.447509] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.447591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.447801] page dumped because: kasan: bad access detected [ 16.447886] [ 16.448095] Memory state around the buggy address: [ 16.448278] fff00000c17c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.448512] fff00000c17c7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.448612] >fff00000c17c7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.448752] ^ [ 16.448828] fff00000c17c7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449215] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449751] ================================================================== [ 16.512598] ================================================================== [ 16.512702] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.512778] Write of size 1 at addr fff00000c76de0f0 by task kunit_try_catch/160 [ 16.513022] [ 16.513185] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.513274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513300] Hardware name: linux,dummy-virt (DT) [ 16.513532] Call trace: [ 16.513710] show_stack+0x20/0x38 (C) [ 16.513792] dump_stack_lvl+0x8c/0xd0 [ 16.514327] print_report+0x118/0x5d0 [ 16.514703] kasan_report+0xdc/0x128 [ 16.514774] __asan_report_store1_noabort+0x20/0x30 [ 16.514825] krealloc_more_oob_helper+0x5c0/0x678 [ 16.514910] krealloc_large_more_oob+0x20/0x38 [ 16.514998] kunit_try_run_case+0x170/0x3f0 [ 16.515142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.515196] kthread+0x328/0x630 [ 16.515237] ret_from_fork+0x10/0x20 [ 16.515792] [ 16.515863] The buggy address belongs to the physical page: [ 16.515923] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076dc [ 16.516405] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.516756] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.516857] page_type: f8(unknown) [ 16.516913] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.517062] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.517216] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.517337] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.517463] head: 0bfffe0000000002 ffffc1ffc31db701 00000000ffffffff 00000000ffffffff [ 16.517977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.518202] page dumped because: kasan: bad access detected [ 16.518244] [ 16.518453] Memory state around the buggy address: [ 16.518567] fff00000c76ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.518785] fff00000c76de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.518831] >fff00000c76de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.519066] ^ [ 16.519403] fff00000c76de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.519885] fff00000c76de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.519937] ================================================================== [ 16.451798] ================================================================== [ 16.451992] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.452053] Write of size 1 at addr fff00000c17c76f0 by task kunit_try_catch/156 [ 16.452306] [ 16.452339] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.452416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.452441] Hardware name: linux,dummy-virt (DT) [ 16.452472] Call trace: [ 16.452771] show_stack+0x20/0x38 (C) [ 16.452867] dump_stack_lvl+0x8c/0xd0 [ 16.453088] print_report+0x118/0x5d0 [ 16.453249] kasan_report+0xdc/0x128 [ 16.453403] __asan_report_store1_noabort+0x20/0x30 [ 16.453488] krealloc_more_oob_helper+0x5c0/0x678 [ 16.453592] krealloc_more_oob+0x20/0x38 [ 16.453642] kunit_try_run_case+0x170/0x3f0 [ 16.453688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.453754] kthread+0x328/0x630 [ 16.454122] ret_from_fork+0x10/0x20 [ 16.454224] [ 16.454281] Allocated by task 156: [ 16.454313] kasan_save_stack+0x3c/0x68 [ 16.454355] kasan_save_track+0x20/0x40 [ 16.454529] kasan_save_alloc_info+0x40/0x58 [ 16.454750] __kasan_krealloc+0x118/0x178 [ 16.454803] krealloc_noprof+0x128/0x360 [ 16.454840] krealloc_more_oob_helper+0x168/0x678 [ 16.455011] krealloc_more_oob+0x20/0x38 [ 16.455148] kunit_try_run_case+0x170/0x3f0 [ 16.455187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.455229] kthread+0x328/0x630 [ 16.455261] ret_from_fork+0x10/0x20 [ 16.455417] [ 16.455744] The buggy address belongs to the object at fff00000c17c7600 [ 16.455744] which belongs to the cache kmalloc-256 of size 256 [ 16.455865] The buggy address is located 5 bytes to the right of [ 16.455865] allocated 235-byte region [fff00000c17c7600, fff00000c17c76eb) [ 16.456207] [ 16.456387] The buggy address belongs to the physical page: [ 16.456461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017c6 [ 16.456515] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.456747] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.457157] page_type: f5(slab) [ 16.457300] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.457439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.457599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.457706] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.458071] head: 0bfffe0000000001 ffffc1ffc305f181 00000000ffffffff 00000000ffffffff [ 16.458207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.458314] page dumped because: kasan: bad access detected [ 16.458347] [ 16.458365] Memory state around the buggy address: [ 16.458572] fff00000c17c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458629] fff00000c17c7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.458905] >fff00000c17c7680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.459426] ^ [ 16.459476] fff00000c17c7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459521] fff00000c17c7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459597] ================================================================== [ 16.506138] ================================================================== [ 16.506210] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.506314] Write of size 1 at addr fff00000c76de0eb by task kunit_try_catch/160 [ 16.506367] [ 16.506453] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.506625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.506652] Hardware name: linux,dummy-virt (DT) [ 16.507268] Call trace: [ 16.507370] show_stack+0x20/0x38 (C) [ 16.507425] dump_stack_lvl+0x8c/0xd0 [ 16.507472] print_report+0x118/0x5d0 [ 16.507907] kasan_report+0xdc/0x128 [ 16.508140] __asan_report_store1_noabort+0x20/0x30 [ 16.508289] krealloc_more_oob_helper+0x60c/0x678 [ 16.508359] krealloc_large_more_oob+0x20/0x38 [ 16.508445] kunit_try_run_case+0x170/0x3f0 [ 16.508496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.508548] kthread+0x328/0x630 [ 16.508589] ret_from_fork+0x10/0x20 [ 16.508994] [ 16.509058] The buggy address belongs to the physical page: [ 16.509092] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076dc [ 16.509160] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.509215] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.509269] page_type: f8(unknown) [ 16.509324] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.509373] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.509421] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.509477] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.509523] head: 0bfffe0000000002 ffffc1ffc31db701 00000000ffffffff 00000000ffffffff [ 16.509570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.509618] page dumped because: kasan: bad access detected [ 16.509663] [ 16.509681] Memory state around the buggy address: [ 16.510035] fff00000c76ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.510385] fff00000c76de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.510461] >fff00000c76de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.510665] ^ [ 16.510908] fff00000c76de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.511061] fff00000c76de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.511184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.424552] ================================================================== [ 16.424613] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.425095] Read of size 1 at addr fff00000c7740000 by task kunit_try_catch/154 [ 16.425191] [ 16.425400] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.425583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.425757] Hardware name: linux,dummy-virt (DT) [ 16.425837] Call trace: [ 16.425862] show_stack+0x20/0x38 (C) [ 16.425932] dump_stack_lvl+0x8c/0xd0 [ 16.426076] print_report+0x118/0x5d0 [ 16.426154] kasan_report+0xdc/0x128 [ 16.426374] __asan_report_load1_noabort+0x20/0x30 [ 16.426466] page_alloc_uaf+0x328/0x350 [ 16.426614] kunit_try_run_case+0x170/0x3f0 [ 16.426695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.426866] kthread+0x328/0x630 [ 16.426945] ret_from_fork+0x10/0x20 [ 16.427072] [ 16.427174] The buggy address belongs to the physical page: [ 16.427415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107740 [ 16.427815] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.427905] page_type: f0(buddy) [ 16.428061] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 16.428193] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 16.428305] page dumped because: kasan: bad access detected [ 16.428370] [ 16.428388] Memory state around the buggy address: [ 16.428596] fff00000c773ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.428855] fff00000c773ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.428924] >fff00000c7740000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429049] ^ [ 16.429127] fff00000c7740080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429339] fff00000c7740100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429389] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.394515] ================================================================== [ 16.394893] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.395252] Free of addr fff00000c76d8001 by task kunit_try_catch/150 [ 16.395307] [ 16.395357] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.395439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.395752] Hardware name: linux,dummy-virt (DT) [ 16.395821] Call trace: [ 16.395890] show_stack+0x20/0x38 (C) [ 16.396050] dump_stack_lvl+0x8c/0xd0 [ 16.396177] print_report+0x118/0x5d0 [ 16.396290] kasan_report_invalid_free+0xc0/0xe8 [ 16.396609] __kasan_kfree_large+0x5c/0xa8 [ 16.396729] free_large_kmalloc+0x64/0x190 [ 16.397025] kfree+0x270/0x3c8 [ 16.397122] kmalloc_large_invalid_free+0x108/0x270 [ 16.397553] kunit_try_run_case+0x170/0x3f0 [ 16.397638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.397817] kthread+0x328/0x630 [ 16.397893] ret_from_fork+0x10/0x20 [ 16.398107] [ 16.398158] The buggy address belongs to the physical page: [ 16.398192] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d8 [ 16.398543] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.398762] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.398941] page_type: f8(unknown) [ 16.399001] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.399256] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.399328] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.399544] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.399689] head: 0bfffe0000000002 ffffc1ffc31db601 00000000ffffffff 00000000ffffffff [ 16.399924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.400021] page dumped because: kasan: bad access detected [ 16.400159] [ 16.400178] Memory state around the buggy address: [ 16.400218] fff00000c76d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.400452] fff00000c76d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.400669] >fff00000c76d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.400721] ^ [ 16.401619] fff00000c76d8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.401707] fff00000c76d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.401801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.375057] ================================================================== [ 16.375336] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.375645] Read of size 1 at addr fff00000c76d4000 by task kunit_try_catch/148 [ 16.375861] [ 16.375971] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.376334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.376600] Hardware name: linux,dummy-virt (DT) [ 16.376662] Call trace: [ 16.376881] show_stack+0x20/0x38 (C) [ 16.377095] dump_stack_lvl+0x8c/0xd0 [ 16.377154] print_report+0x118/0x5d0 [ 16.377253] kasan_report+0xdc/0x128 [ 16.377582] __asan_report_load1_noabort+0x20/0x30 [ 16.377974] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.378344] kunit_try_run_case+0x170/0x3f0 [ 16.378581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.378880] kthread+0x328/0x630 [ 16.379050] ret_from_fork+0x10/0x20 [ 16.379430] [ 16.379697] The buggy address belongs to the physical page: [ 16.379836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d4 [ 16.380480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.380665] raw: 0bfffe0000000000 ffffc1ffc31db608 fff00000da457c40 0000000000000000 [ 16.380991] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.381148] page dumped because: kasan: bad access detected [ 16.381700] [ 16.381790] Memory state around the buggy address: [ 16.381827] fff00000c76d3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382358] fff00000c76d3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382430] >fff00000c76d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.382635] ^ [ 16.382970] fff00000c76d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.383018] fff00000c76d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.383056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.357384] ================================================================== [ 16.357457] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.357510] Write of size 1 at addr fff00000c76d600a by task kunit_try_catch/146 [ 16.357895] [ 16.358118] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.358226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.358323] Hardware name: linux,dummy-virt (DT) [ 16.358357] Call trace: [ 16.358428] show_stack+0x20/0x38 (C) [ 16.358526] dump_stack_lvl+0x8c/0xd0 [ 16.358736] print_report+0x118/0x5d0 [ 16.358790] kasan_report+0xdc/0x128 [ 16.358882] __asan_report_store1_noabort+0x20/0x30 [ 16.359176] kmalloc_large_oob_right+0x278/0x2b8 [ 16.359229] kunit_try_run_case+0x170/0x3f0 [ 16.359277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.359584] kthread+0x328/0x630 [ 16.359727] ret_from_fork+0x10/0x20 [ 16.360106] [ 16.360292] The buggy address belongs to the physical page: [ 16.360738] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d4 [ 16.360900] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.361040] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.361227] page_type: f8(unknown) [ 16.361457] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.361833] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.361918] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.362049] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.362134] head: 0bfffe0000000002 ffffc1ffc31db501 00000000ffffffff 00000000ffffffff [ 16.362248] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.362295] page dumped because: kasan: bad access detected [ 16.362326] [ 16.362351] Memory state around the buggy address: [ 16.362394] fff00000c76d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.362435] fff00000c76d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.362476] >fff00000c76d6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.362512] ^ [ 16.362563] fff00000c76d6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.362603] fff00000c76d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.362640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.339290] ================================================================== [ 16.339360] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.339422] Write of size 1 at addr fff00000c649df00 by task kunit_try_catch/144 [ 16.339469] [ 16.339508] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.340298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.340330] Hardware name: linux,dummy-virt (DT) [ 16.340765] Call trace: [ 16.340865] show_stack+0x20/0x38 (C) [ 16.341096] dump_stack_lvl+0x8c/0xd0 [ 16.341513] print_report+0x118/0x5d0 [ 16.341624] kasan_report+0xdc/0x128 [ 16.341834] __asan_report_store1_noabort+0x20/0x30 [ 16.342062] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.342158] kunit_try_run_case+0x170/0x3f0 [ 16.342373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.342487] kthread+0x328/0x630 [ 16.342647] ret_from_fork+0x10/0x20 [ 16.342727] [ 16.342746] Allocated by task 144: [ 16.342783] kasan_save_stack+0x3c/0x68 [ 16.343071] kasan_save_track+0x20/0x40 [ 16.343309] kasan_save_alloc_info+0x40/0x58 [ 16.343398] __kasan_kmalloc+0xd4/0xd8 [ 16.343435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.343830] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.343945] kunit_try_run_case+0x170/0x3f0 [ 16.344046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.344229] kthread+0x328/0x630 [ 16.344299] ret_from_fork+0x10/0x20 [ 16.344437] [ 16.344754] The buggy address belongs to the object at fff00000c649c000 [ 16.344754] which belongs to the cache kmalloc-8k of size 8192 [ 16.345055] The buggy address is located 0 bytes to the right of [ 16.345055] allocated 7936-byte region [fff00000c649c000, fff00000c649df00) [ 16.345287] [ 16.345317] The buggy address belongs to the physical page: [ 16.345399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106498 [ 16.345651] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.346066] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.346352] page_type: f5(slab) [ 16.346410] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.346655] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.346848] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.346970] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.347027] head: 0bfffe0000000003 ffffc1ffc3192601 00000000ffffffff 00000000ffffffff [ 16.347075] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.347115] page dumped because: kasan: bad access detected [ 16.347322] [ 16.347407] Memory state around the buggy address: [ 16.347535] fff00000c649de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.347586] fff00000c649de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.347627] >fff00000c649df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.347665] ^ [ 16.347708] fff00000c649df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.347771] fff00000c649e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.347824] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.316606] ================================================================== [ 16.316659] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.316710] Write of size 1 at addr fff00000c576ce78 by task kunit_try_catch/142 [ 16.316772] [ 16.317396] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.317495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.317593] Hardware name: linux,dummy-virt (DT) [ 16.317653] Call trace: [ 16.317677] show_stack+0x20/0x38 (C) [ 16.317741] dump_stack_lvl+0x8c/0xd0 [ 16.317790] print_report+0x118/0x5d0 [ 16.317836] kasan_report+0xdc/0x128 [ 16.317880] __asan_report_store1_noabort+0x20/0x30 [ 16.317941] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.317999] kunit_try_run_case+0x170/0x3f0 [ 16.318046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.318097] kthread+0x328/0x630 [ 16.318138] ret_from_fork+0x10/0x20 [ 16.318184] [ 16.318203] Allocated by task 142: [ 16.318230] kasan_save_stack+0x3c/0x68 [ 16.318285] kasan_save_track+0x20/0x40 [ 16.318322] kasan_save_alloc_info+0x40/0x58 [ 16.318360] __kasan_kmalloc+0xd4/0xd8 [ 16.318395] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.318446] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.318502] kunit_try_run_case+0x170/0x3f0 [ 16.318538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.318587] kthread+0x328/0x630 [ 16.318626] ret_from_fork+0x10/0x20 [ 16.318660] [ 16.318678] The buggy address belongs to the object at fff00000c576ce00 [ 16.318678] which belongs to the cache kmalloc-128 of size 128 [ 16.319252] The buggy address is located 0 bytes to the right of [ 16.319252] allocated 120-byte region [fff00000c576ce00, fff00000c576ce78) [ 16.319589] [ 16.319986] The buggy address belongs to the physical page: [ 16.320041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.320112] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.320409] page_type: f5(slab) [ 16.320793] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.320964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.321087] page dumped because: kasan: bad access detected [ 16.321192] [ 16.321327] Memory state around the buggy address: [ 16.321427] fff00000c576cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.321520] fff00000c576cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.321570] >fff00000c576ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.321833] ^ [ 16.322040] fff00000c576ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322154] fff00000c576cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322254] ================================================================== [ 16.306634] ================================================================== [ 16.307039] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.307275] Write of size 1 at addr fff00000c576cd78 by task kunit_try_catch/142 [ 16.307477] [ 16.307626] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.308006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.308100] Hardware name: linux,dummy-virt (DT) [ 16.308175] Call trace: [ 16.308200] show_stack+0x20/0x38 (C) [ 16.308283] dump_stack_lvl+0x8c/0xd0 [ 16.308484] print_report+0x118/0x5d0 [ 16.308819] kasan_report+0xdc/0x128 [ 16.309077] __asan_report_store1_noabort+0x20/0x30 [ 16.309147] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.309198] kunit_try_run_case+0x170/0x3f0 [ 16.309299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.309368] kthread+0x328/0x630 [ 16.309421] ret_from_fork+0x10/0x20 [ 16.309476] [ 16.309494] Allocated by task 142: [ 16.309531] kasan_save_stack+0x3c/0x68 [ 16.309578] kasan_save_track+0x20/0x40 [ 16.309615] kasan_save_alloc_info+0x40/0x58 [ 16.309659] __kasan_kmalloc+0xd4/0xd8 [ 16.309695] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.310310] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.310693] kunit_try_run_case+0x170/0x3f0 [ 16.311021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.311077] kthread+0x328/0x630 [ 16.311506] ret_from_fork+0x10/0x20 [ 16.311588] [ 16.311908] The buggy address belongs to the object at fff00000c576cd00 [ 16.311908] which belongs to the cache kmalloc-128 of size 128 [ 16.312275] The buggy address is located 0 bytes to the right of [ 16.312275] allocated 120-byte region [fff00000c576cd00, fff00000c576cd78) [ 16.312754] [ 16.312814] The buggy address belongs to the physical page: [ 16.313012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.313083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.313317] page_type: f5(slab) [ 16.313679] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.313836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.313895] page dumped because: kasan: bad access detected [ 16.313926] [ 16.313978] Memory state around the buggy address: [ 16.314214] fff00000c576cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.314400] fff00000c576cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314626] >fff00000c576cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.314693] ^ [ 16.314910] fff00000c576cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314980] fff00000c576ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.315018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.287175] ================================================================== [ 16.287243] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.287300] Read of size 1 at addr fff00000c6253000 by task kunit_try_catch/140 [ 16.287348] [ 16.287384] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.287462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.287488] Hardware name: linux,dummy-virt (DT) [ 16.287518] Call trace: [ 16.287541] show_stack+0x20/0x38 (C) [ 16.287590] dump_stack_lvl+0x8c/0xd0 [ 16.287638] print_report+0x118/0x5d0 [ 16.287683] kasan_report+0xdc/0x128 [ 16.287744] __asan_report_load1_noabort+0x20/0x30 [ 16.287794] kmalloc_node_oob_right+0x2f4/0x330 [ 16.287840] kunit_try_run_case+0x170/0x3f0 [ 16.287888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.287939] kthread+0x328/0x630 [ 16.287980] ret_from_fork+0x10/0x20 [ 16.288026] [ 16.288044] Allocated by task 140: [ 16.288071] kasan_save_stack+0x3c/0x68 [ 16.288110] kasan_save_track+0x20/0x40 [ 16.288146] kasan_save_alloc_info+0x40/0x58 [ 16.288184] __kasan_kmalloc+0xd4/0xd8 [ 16.288218] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.288257] kmalloc_node_oob_right+0xbc/0x330 [ 16.288293] kunit_try_run_case+0x170/0x3f0 [ 16.288329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.288369] kthread+0x328/0x630 [ 16.288400] ret_from_fork+0x10/0x20 [ 16.288433] [ 16.288451] The buggy address belongs to the object at fff00000c6252000 [ 16.288451] which belongs to the cache kmalloc-4k of size 4096 [ 16.288508] The buggy address is located 0 bytes to the right of [ 16.288508] allocated 4096-byte region [fff00000c6252000, fff00000c6253000) [ 16.288596] [ 16.288616] The buggy address belongs to the physical page: [ 16.288684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106250 [ 16.289198] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.289402] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.289472] page_type: f5(slab) [ 16.289511] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.289561] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.289905] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.290009] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.290196] head: 0bfffe0000000003 ffffc1ffc3189401 00000000ffffffff 00000000ffffffff [ 16.290335] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.290444] page dumped because: kasan: bad access detected [ 16.290607] [ 16.290692] Memory state around the buggy address: [ 16.290808] fff00000c6252f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.290886] fff00000c6252f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.290928] >fff00000c6253000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.290978] ^ [ 16.291007] fff00000c6253080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.291212] fff00000c6253100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.291454] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.275011] ================================================================== [ 16.275069] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.275150] Read of size 1 at addr fff00000c5755ddf by task kunit_try_catch/138 [ 16.275199] [ 16.275245] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.275324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.275349] Hardware name: linux,dummy-virt (DT) [ 16.275380] Call trace: [ 16.275402] show_stack+0x20/0x38 (C) [ 16.275554] dump_stack_lvl+0x8c/0xd0 [ 16.275608] print_report+0x118/0x5d0 [ 16.275653] kasan_report+0xdc/0x128 [ 16.275697] __asan_report_load1_noabort+0x20/0x30 [ 16.275757] kmalloc_oob_left+0x2ec/0x320 [ 16.275801] kunit_try_run_case+0x170/0x3f0 [ 16.275849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.275900] kthread+0x328/0x630 [ 16.275951] ret_from_fork+0x10/0x20 [ 16.275997] [ 16.276014] Allocated by task 10: [ 16.276042] kasan_save_stack+0x3c/0x68 [ 16.276081] kasan_save_track+0x20/0x40 [ 16.276127] kasan_save_alloc_info+0x40/0x58 [ 16.276176] __kasan_kmalloc+0xd4/0xd8 [ 16.276297] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.276489] kvasprintf+0xe0/0x180 [ 16.276596] __kthread_create_on_node+0x16c/0x350 [ 16.276639] kthread_create_on_node+0xe4/0x130 [ 16.276675] create_worker+0x380/0x6b8 [ 16.277036] worker_thread+0x808/0xf38 [ 16.277299] kthread+0x328/0x630 [ 16.277349] ret_from_fork+0x10/0x20 [ 16.277401] [ 16.277421] The buggy address belongs to the object at fff00000c5755dc0 [ 16.277421] which belongs to the cache kmalloc-16 of size 16 [ 16.277479] The buggy address is located 19 bytes to the right of [ 16.277479] allocated 12-byte region [fff00000c5755dc0, fff00000c5755dcc) [ 16.277879] [ 16.277903] The buggy address belongs to the physical page: [ 16.277932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755 [ 16.277985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.278181] page_type: f5(slab) [ 16.278290] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.278339] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.278429] page dumped because: kasan: bad access detected [ 16.278477] [ 16.278494] Memory state around the buggy address: [ 16.278637] fff00000c5755c80: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 16.278751] fff00000c5755d00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.278822] >fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 16.278858] ^ [ 16.278896] fff00000c5755e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.278937] fff00000c5755e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.278973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.263865] ================================================================== [ 16.263958] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.264005] Read of size 1 at addr fff00000c576cc80 by task kunit_try_catch/136 [ 16.264051] [ 16.264079] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.264155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.264191] Hardware name: linux,dummy-virt (DT) [ 16.264219] Call trace: [ 16.264240] show_stack+0x20/0x38 (C) [ 16.264298] dump_stack_lvl+0x8c/0xd0 [ 16.264343] print_report+0x118/0x5d0 [ 16.264388] kasan_report+0xdc/0x128 [ 16.264432] __asan_report_load1_noabort+0x20/0x30 [ 16.264482] kmalloc_oob_right+0x5d0/0x660 [ 16.264526] kunit_try_run_case+0x170/0x3f0 [ 16.264572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.264622] kthread+0x328/0x630 [ 16.264662] ret_from_fork+0x10/0x20 [ 16.264707] [ 16.264735] Allocated by task 136: [ 16.264761] kasan_save_stack+0x3c/0x68 [ 16.264799] kasan_save_track+0x20/0x40 [ 16.264835] kasan_save_alloc_info+0x40/0x58 [ 16.264873] __kasan_kmalloc+0xd4/0xd8 [ 16.264907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.264944] kmalloc_oob_right+0xb0/0x660 [ 16.264994] kunit_try_run_case+0x170/0x3f0 [ 16.265048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.265089] kthread+0x328/0x630 [ 16.265119] ret_from_fork+0x10/0x20 [ 16.265153] [ 16.265170] The buggy address belongs to the object at fff00000c576cc00 [ 16.265170] which belongs to the cache kmalloc-128 of size 128 [ 16.265224] The buggy address is located 13 bytes to the right of [ 16.265224] allocated 115-byte region [fff00000c576cc00, fff00000c576cc73) [ 16.265284] [ 16.265302] The buggy address belongs to the physical page: [ 16.265344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.265576] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.265790] page_type: f5(slab) [ 16.265937] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.266020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.266196] page dumped because: kasan: bad access detected [ 16.266253] [ 16.266270] Memory state around the buggy address: [ 16.266390] fff00000c576cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.266486] fff00000c576cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.266532] >fff00000c576cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.266644] ^ [ 16.266670] fff00000c576cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.267335] fff00000c576cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.267419] ================================================================== [ 16.260709] ================================================================== [ 16.260764] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.260812] Write of size 1 at addr fff00000c576cc78 by task kunit_try_catch/136 [ 16.260859] [ 16.260890] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.260979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.261005] Hardware name: linux,dummy-virt (DT) [ 16.261048] Call trace: [ 16.261069] show_stack+0x20/0x38 (C) [ 16.261127] dump_stack_lvl+0x8c/0xd0 [ 16.261173] print_report+0x118/0x5d0 [ 16.261270] kasan_report+0xdc/0x128 [ 16.261338] __asan_report_store1_noabort+0x20/0x30 [ 16.261454] kmalloc_oob_right+0x538/0x660 [ 16.261583] kunit_try_run_case+0x170/0x3f0 [ 16.261631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.261681] kthread+0x328/0x630 [ 16.261731] ret_from_fork+0x10/0x20 [ 16.261777] [ 16.261794] Allocated by task 136: [ 16.261834] kasan_save_stack+0x3c/0x68 [ 16.261874] kasan_save_track+0x20/0x40 [ 16.261922] kasan_save_alloc_info+0x40/0x58 [ 16.261960] __kasan_kmalloc+0xd4/0xd8 [ 16.262005] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.262051] kmalloc_oob_right+0xb0/0x660 [ 16.262085] kunit_try_run_case+0x170/0x3f0 [ 16.262146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.262358] kthread+0x328/0x630 [ 16.262390] ret_from_fork+0x10/0x20 [ 16.262424] [ 16.262442] The buggy address belongs to the object at fff00000c576cc00 [ 16.262442] which belongs to the cache kmalloc-128 of size 128 [ 16.262496] The buggy address is located 5 bytes to the right of [ 16.262496] allocated 115-byte region [fff00000c576cc00, fff00000c576cc73) [ 16.262557] [ 16.262575] The buggy address belongs to the physical page: [ 16.262605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.262654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.262699] page_type: f5(slab) [ 16.262745] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.262792] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.263195] page dumped because: kasan: bad access detected [ 16.263236] [ 16.263254] Memory state around the buggy address: [ 16.263284] fff00000c576cb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.263325] fff00000c576cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.263366] >fff00000c576cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.263402] ^ [ 16.263440] fff00000c576cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.263479] fff00000c576cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.263515] ================================================================== [ 16.253551] ================================================================== [ 16.253896] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.254751] Write of size 1 at addr fff00000c576cc73 by task kunit_try_catch/136 [ 16.254903] [ 16.255740] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.255885] Tainted: [N]=TEST [ 16.255917] Hardware name: linux,dummy-virt (DT) [ 16.256140] Call trace: [ 16.256309] show_stack+0x20/0x38 (C) [ 16.256439] dump_stack_lvl+0x8c/0xd0 [ 16.256499] print_report+0x118/0x5d0 [ 16.256546] kasan_report+0xdc/0x128 [ 16.256591] __asan_report_store1_noabort+0x20/0x30 [ 16.256642] kmalloc_oob_right+0x5a4/0x660 [ 16.256686] kunit_try_run_case+0x170/0x3f0 [ 16.256753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.256805] kthread+0x328/0x630 [ 16.256848] ret_from_fork+0x10/0x20 [ 16.257011] [ 16.257047] Allocated by task 136: [ 16.257178] kasan_save_stack+0x3c/0x68 [ 16.257245] kasan_save_track+0x20/0x40 [ 16.257282] kasan_save_alloc_info+0x40/0x58 [ 16.257327] __kasan_kmalloc+0xd4/0xd8 [ 16.257362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.257401] kmalloc_oob_right+0xb0/0x660 [ 16.257436] kunit_try_run_case+0x170/0x3f0 [ 16.257472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.257514] kthread+0x328/0x630 [ 16.257545] ret_from_fork+0x10/0x20 [ 16.257598] [ 16.257656] The buggy address belongs to the object at fff00000c576cc00 [ 16.257656] which belongs to the cache kmalloc-128 of size 128 [ 16.257759] The buggy address is located 0 bytes to the right of [ 16.257759] allocated 115-byte region [fff00000c576cc00, fff00000c576cc73) [ 16.257824] [ 16.257901] The buggy address belongs to the physical page: [ 16.258088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.258349] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.258633] page_type: f5(slab) [ 16.258951] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.259015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.259119] page dumped because: kasan: bad access detected [ 16.259157] [ 16.259186] Memory state around the buggy address: [ 16.259411] fff00000c576cb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.259475] fff00000c576cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.259529] >fff00000c576cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.259581] ^ [ 16.259664] fff00000c576cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.259705] fff00000c576cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.259780] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 94.241854] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 94.244025] Modules linked in: [ 94.244652] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 94.245414] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 94.245653] Hardware name: linux,dummy-virt (DT) [ 94.246376] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.247432] pc : intlog10+0x38/0x48 [ 94.248016] lr : intlog10_test+0xe4/0x200 [ 94.248602] sp : ffff800082307c10 [ 94.249112] x29: ffff800082307c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.249940] x26: 1ffe0000196926e1 x25: 0000000000000000 x24: ffff800082307ce0 [ 94.250308] x23: ffff800082307d00 x22: 0000000000000000 x21: 1ffff00010460f82 [ 94.250654] x20: ffffb057b7e89d80 x19: ffff800080087990 x18: 00000000060cb17b [ 94.251956] x17: 0000000042039d95 x16: fff00000c097543c x15: fff00000ff616b08 [ 94.252537] x14: 0000000000018fff x13: 1ffe00001b48ebcd x12: ffff760af77a3379 [ 94.253214] x11: 1ffff60af77a3378 x10: ffff760af77a3378 x9 : ffffb057b5434e9c [ 94.253646] x8 : ffffb057bbd19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.254338] x5 : ffff700010460f82 x4 : 1ffff00010010f3a x3 : 1ffff60af6fd13b0 [ 94.255156] x2 : 1ffff60af6fd13b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.255747] Call trace: [ 94.255926] intlog10+0x38/0x48 (P) [ 94.256129] kunit_try_run_case+0x170/0x3f0 [ 94.256390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.256675] kthread+0x328/0x630 [ 94.256901] ret_from_fork+0x10/0x20 [ 94.257109] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 94.191782] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 94.194109] Modules linked in: [ 94.194349] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 94.194761] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 94.195317] Hardware name: linux,dummy-virt (DT) [ 94.195874] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.196587] pc : intlog2+0xd8/0xf8 [ 94.197041] lr : intlog2_test+0xe4/0x200 [ 94.197531] sp : ffff800082237c10 [ 94.197904] x29: ffff800082237c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.198658] x26: 1ffe000019660501 x25: 0000000000000000 x24: ffff800082237ce0 [ 94.199644] x23: ffff800082237d00 x22: 0000000000000000 x21: 1ffff00010446f82 [ 94.200566] x20: ffffb057b7e89c80 x19: ffff800080087990 x18: 0000000097d69d3e [ 94.201402] x17: 000000002e938917 x16: fff00000c097543c x15: 00000000d0098130 [ 94.201908] x14: 00000000f1f1f1f1 x13: 1ffe00001b48ebcd x12: ffff760af77a3379 [ 94.202252] x11: 1ffff60af77a3378 x10: ffff760af77a3378 x9 : ffffb057b543509c [ 94.202958] x8 : ffffb057bbd19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.203848] x5 : ffff700010446f82 x4 : 1ffff00010010f3a x3 : 1ffff60af6fd1390 [ 94.204705] x2 : 1ffff60af6fd1390 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.205489] Call trace: [ 94.205806] intlog2+0xd8/0xf8 (P) [ 94.206212] kunit_try_run_case+0x170/0x3f0 [ 94.206662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.207325] kthread+0x328/0x630 [ 94.207794] ret_from_fork+0x10/0x20 [ 94.208282] ---[ end trace 0000000000000000 ]---