Date
July 20, 2025, 8:11 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.643702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 17.752528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 17.688936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 17.680136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 17.662405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.611766] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 17.599855] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.538072] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 92.314331] Internal error: Oops: 0000000096000005 [#1] SMP [ 92.316662] Modules linked in: [ 92.317236] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 92.318150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 92.318464] Hardware name: linux,dummy-virt (DT) [ 92.318742] pstate: 11400009 (nzcV daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 92.319059] pc : kunit_test_null_dereference+0x70/0x170 [ 92.319379] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.319702] sp : ffff800080f87d30 [ 92.319940] x29: ffff800080f87d90 x28: 0000000000000000 x27: 0000000000000000 [ 92.320434] x26: 1ffe000018c0c221 x25: 0000000000000000 x24: 0000000000000004 [ 92.320848] x23: fff00000c606110c x22: ffff9b2f72c23f78 x21: fff00000c1bc5b08 [ 92.321314] x20: 1ffff000101f0fa6 x19: ffff800080087990 x18: 00000000ae31a02b [ 92.321762] x17: 0000000000000001 x16: fff00000da474d28 x15: fff00000ff616b08 [ 92.322164] x14: 0000000000018fff x13: 0000000000000005 x12: fffd800018ae911c [ 92.322593] x11: 1ffe000018ae911b x10: fffd800018ae911b x9 : ffff9b2f72c1b3e0 [ 92.323042] x8 : ffff800080f87c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 92.323462] x5 : ffff7000101f0fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 92.323877] x2 : dfff800000000000 x1 : fff00000c5748000 x0 : ffff800080087990 [ 92.324284] Call trace: [ 92.324490] kunit_test_null_dereference+0x70/0x170 (P) [ 92.324792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.325264] kthread+0x328/0x630 [ 92.325507] ret_from_fork+0x10/0x20 [ 92.325984] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 92.326605] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.812470] ================================================================== [ 48.812530] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 48.812530] [ 48.812612] Use-after-free read at 0x00000000ba05f26a (in kfence-#147): [ 48.812665] test_krealloc+0x51c/0x830 [ 48.812711] kunit_try_run_case+0x170/0x3f0 [ 48.812755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.812800] kthread+0x328/0x630 [ 48.812838] ret_from_fork+0x10/0x20 [ 48.812883] [ 48.812908] kfence-#147: 0x00000000ba05f26a-0x000000005169bf67, size=32, cache=kmalloc-32 [ 48.812908] [ 48.812961] allocated by task 338 on cpu 0 at 48.811862s (0.001095s ago): [ 48.813028] test_alloc+0x29c/0x628 [ 48.813078] test_krealloc+0xc0/0x830 [ 48.813117] kunit_try_run_case+0x170/0x3f0 [ 48.813157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.813212] kthread+0x328/0x630 [ 48.813249] ret_from_fork+0x10/0x20 [ 48.813288] [ 48.813310] freed by task 338 on cpu 0 at 48.812068s (0.001238s ago): [ 48.813372] krealloc_noprof+0x148/0x360 [ 48.813410] test_krealloc+0x1dc/0x830 [ 48.813449] kunit_try_run_case+0x170/0x3f0 [ 48.813488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.813532] kthread+0x328/0x630 [ 48.813569] ret_from_fork+0x10/0x20 [ 48.813608] [ 48.813652] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.813730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.813760] Hardware name: linux,dummy-virt (DT) [ 48.813796] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.721611] ================================================================== [ 48.721707] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.721707] [ 48.721808] Use-after-free read at 0x00000000f65e556c (in kfence-#146): [ 48.721864] test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.721915] kunit_try_run_case+0x170/0x3f0 [ 48.721962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.722007] kthread+0x328/0x630 [ 48.722048] ret_from_fork+0x10/0x20 [ 48.722089] [ 48.722115] kfence-#146: 0x00000000f65e556c-0x00000000949557e7, size=32, cache=test [ 48.722115] [ 48.722166] allocated by task 336 on cpu 1 at 48.705552s (0.016610s ago): [ 48.722252] test_alloc+0x230/0x628 [ 48.722292] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 48.722336] kunit_try_run_case+0x170/0x3f0 [ 48.722376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.722420] kthread+0x328/0x630 [ 48.722455] ret_from_fork+0x10/0x20 [ 48.722494] [ 48.722518] freed by task 336 on cpu 1 at 48.705665s (0.016849s ago): [ 48.722574] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 48.722620] kunit_try_run_case+0x170/0x3f0 [ 48.722663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.722705] kthread+0x328/0x630 [ 48.722742] ret_from_fork+0x10/0x20 [ 48.722780] [ 48.722829] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.722907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.722937] Hardware name: linux,dummy-virt (DT) [ 48.722973] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.536821] ================================================================== [ 25.537441] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 25.537441] [ 25.537548] Invalid read at 0x000000000bafe0c5: [ 25.537701] test_invalid_access+0xdc/0x1f0 [ 25.537778] kunit_try_run_case+0x170/0x3f0 [ 25.537854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.537963] kthread+0x328/0x630 [ 25.538008] ret_from_fork+0x10/0x20 [ 25.538079] [ 25.538161] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.538262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.538328] Hardware name: linux,dummy-virt (DT) [ 25.538371] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.305547] ================================================================== [ 25.305630] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.305630] [ 25.305691] Corrupted memory at 0x00000000b16235c0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#141): [ 25.306012] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.306061] kunit_try_run_case+0x170/0x3f0 [ 25.306106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.306151] kthread+0x328/0x630 [ 25.306204] ret_from_fork+0x10/0x20 [ 25.306244] [ 25.306269] kfence-#141: 0x000000008d2c0288-0x0000000013422e46, size=73, cache=kmalloc-96 [ 25.306269] [ 25.306324] allocated by task 326 on cpu 1 at 25.305317s (0.001003s ago): [ 25.306386] test_alloc+0x29c/0x628 [ 25.306428] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.306472] kunit_try_run_case+0x170/0x3f0 [ 25.306511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.306555] kthread+0x328/0x630 [ 25.306590] ret_from_fork+0x10/0x20 [ 25.306630] [ 25.306653] freed by task 326 on cpu 1 at 25.305455s (0.001195s ago): [ 25.306715] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.306758] kunit_try_run_case+0x170/0x3f0 [ 25.306799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.306842] kthread+0x328/0x630 [ 25.306878] ret_from_fork+0x10/0x20 [ 25.306918] [ 25.306964] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.307042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.307071] Hardware name: linux,dummy-virt (DT) [ 25.307107] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.201728] ================================================================== [ 25.201802] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.201802] [ 25.201890] Out-of-bounds read at 0x00000000120affc8 (105B right of kfence-#140): [ 25.201951] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.202002] kunit_try_run_case+0x170/0x3f0 [ 25.202047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.202092] kthread+0x328/0x630 [ 25.202133] ret_from_fork+0x10/0x20 [ 25.202175] [ 25.202217] kfence-#140: 0x00000000b3b60e1e-0x00000000d1145dbc, size=73, cache=kmalloc-96 [ 25.202217] [ 25.202271] allocated by task 324 on cpu 0 at 25.201520s (0.000747s ago): [ 25.202341] test_alloc+0x29c/0x628 [ 25.202382] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.202426] kunit_try_run_case+0x170/0x3f0 [ 25.202466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.202511] kthread+0x328/0x630 [ 25.202549] ret_from_fork+0x10/0x20 [ 25.202590] [ 25.202636] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.202716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.202746] Hardware name: linux,dummy-virt (DT) [ 25.202782] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.833604] ================================================================== [ 20.833711] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.833711] [ 20.833777] Corrupted memory at 0x000000009b2c0981 [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 20.834897] test_corruption+0x278/0x378 [ 20.834951] kunit_try_run_case+0x170/0x3f0 [ 20.834997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.835040] kthread+0x328/0x630 [ 20.835081] ret_from_fork+0x10/0x20 [ 20.835120] [ 20.835145] kfence-#98: 0x000000005269fa3b-0x000000005a9573f6, size=32, cache=kmalloc-32 [ 20.835145] [ 20.835217] allocated by task 312 on cpu 0 at 20.833321s (0.001893s ago): [ 20.835280] test_alloc+0x29c/0x628 [ 20.835321] test_corruption+0xdc/0x378 [ 20.835361] kunit_try_run_case+0x170/0x3f0 [ 20.835401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.835446] kthread+0x328/0x630 [ 20.835481] ret_from_fork+0x10/0x20 [ 20.835521] [ 20.835546] freed by task 312 on cpu 0 at 20.833428s (0.002114s ago): [ 20.835605] test_corruption+0x278/0x378 [ 20.835645] kunit_try_run_case+0x170/0x3f0 [ 20.835685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.835728] kthread+0x328/0x630 [ 20.835765] ret_from_fork+0x10/0x20 [ 20.835804] [ 20.835850] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.835928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.835959] Hardware name: linux,dummy-virt (DT) [ 20.835994] ================================================================== [ 21.353465] ================================================================== [ 21.353552] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.353552] [ 21.353613] Corrupted memory at 0x0000000056a1fd89 [ ! ] (in kfence-#103): [ 21.353730] test_corruption+0x1d8/0x378 [ 21.353775] kunit_try_run_case+0x170/0x3f0 [ 21.353819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.353863] kthread+0x328/0x630 [ 21.353902] ret_from_fork+0x10/0x20 [ 21.353941] [ 21.353965] kfence-#103: 0x00000000d6644cf3-0x0000000000835c24, size=32, cache=test [ 21.353965] [ 21.354021] allocated by task 314 on cpu 0 at 21.353328s (0.000689s ago): [ 21.354081] test_alloc+0x230/0x628 [ 21.354121] test_corruption+0x198/0x378 [ 21.354161] kunit_try_run_case+0x170/0x3f0 [ 21.354212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.354256] kthread+0x328/0x630 [ 21.354292] ret_from_fork+0x10/0x20 [ 21.354330] [ 21.354354] freed by task 314 on cpu 0 at 21.353384s (0.000966s ago): [ 21.354414] test_corruption+0x1d8/0x378 [ 21.354454] kunit_try_run_case+0x170/0x3f0 [ 21.354495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.354538] kthread+0x328/0x630 [ 21.354573] ret_from_fork+0x10/0x20 [ 21.354612] [ 21.354652] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.354726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.354757] Hardware name: linux,dummy-virt (DT) [ 21.354789] ================================================================== [ 20.937639] ================================================================== [ 20.937728] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.937728] [ 20.937792] Corrupted memory at 0x0000000032414d8c [ ! ] (in kfence-#99): [ 20.937918] test_corruption+0x284/0x378 [ 20.937965] kunit_try_run_case+0x170/0x3f0 [ 20.938008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.938051] kthread+0x328/0x630 [ 20.938090] ret_from_fork+0x10/0x20 [ 20.938129] [ 20.938154] kfence-#99: 0x00000000e295dfde-0x00000000ba125eaf, size=32, cache=kmalloc-32 [ 20.938154] [ 20.938223] allocated by task 312 on cpu 0 at 20.937362s (0.000857s ago): [ 20.938285] test_alloc+0x29c/0x628 [ 20.938327] test_corruption+0x198/0x378 [ 20.938367] kunit_try_run_case+0x170/0x3f0 [ 20.938409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.938451] kthread+0x328/0x630 [ 20.938487] ret_from_fork+0x10/0x20 [ 20.938525] [ 20.938547] freed by task 312 on cpu 0 at 20.937462s (0.001082s ago): [ 20.938608] test_corruption+0x284/0x378 [ 20.938648] kunit_try_run_case+0x170/0x3f0 [ 20.938688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.938730] kthread+0x328/0x630 [ 20.938766] ret_from_fork+0x10/0x20 [ 20.938804] [ 20.938845] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.938921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.938951] Hardware name: linux,dummy-virt (DT) [ 20.938983] ================================================================== [ 21.249488] ================================================================== [ 21.249587] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.249587] [ 21.249648] Corrupted memory at 0x00000000a4c32034 [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 21.249971] test_corruption+0x120/0x378 [ 21.250021] kunit_try_run_case+0x170/0x3f0 [ 21.250067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.250112] kthread+0x328/0x630 [ 21.250151] ret_from_fork+0x10/0x20 [ 21.250205] [ 21.250231] kfence-#102: 0x0000000054e27bcb-0x00000000f98816d1, size=32, cache=test [ 21.250231] [ 21.250286] allocated by task 314 on cpu 0 at 21.249345s (0.000937s ago): [ 21.250349] test_alloc+0x230/0x628 [ 21.250390] test_corruption+0xdc/0x378 [ 21.250429] kunit_try_run_case+0x170/0x3f0 [ 21.250470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.250515] kthread+0x328/0x630 [ 21.250550] ret_from_fork+0x10/0x20 [ 21.250590] [ 21.250615] freed by task 314 on cpu 0 at 21.249401s (0.001210s ago): [ 21.250675] test_corruption+0x120/0x378 [ 21.250716] kunit_try_run_case+0x170/0x3f0 [ 21.250756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.250800] kthread+0x328/0x630 [ 21.250835] ret_from_fork+0x10/0x20 [ 21.250875] [ 21.250916] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.250995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.251023] Hardware name: linux,dummy-virt (DT) [ 21.251057] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.625457] ================================================================== [ 20.625542] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.625542] [ 20.625603] Invalid free of 0x000000007f143fae (in kfence-#96): [ 20.625658] test_invalid_addr_free+0x1ac/0x238 [ 20.625705] kunit_try_run_case+0x170/0x3f0 [ 20.625767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.625810] kthread+0x328/0x630 [ 20.625851] ret_from_fork+0x10/0x20 [ 20.625890] [ 20.625915] kfence-#96: 0x000000000f305c06-0x00000000c1a82395, size=32, cache=kmalloc-32 [ 20.625915] [ 20.625969] allocated by task 308 on cpu 1 at 20.625305s (0.000660s ago): [ 20.626032] test_alloc+0x29c/0x628 [ 20.626073] test_invalid_addr_free+0xd4/0x238 [ 20.626116] kunit_try_run_case+0x170/0x3f0 [ 20.626157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.626215] kthread+0x328/0x630 [ 20.626253] ret_from_fork+0x10/0x20 [ 20.626294] [ 20.626341] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.626422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.626452] Hardware name: linux,dummy-virt (DT) [ 20.626488] ================================================================== [ 20.729440] ================================================================== [ 20.729525] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.729525] [ 20.729586] Invalid free of 0x000000004f447cb1 (in kfence-#97): [ 20.729640] test_invalid_addr_free+0xec/0x238 [ 20.729688] kunit_try_run_case+0x170/0x3f0 [ 20.729730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.729776] kthread+0x328/0x630 [ 20.729813] ret_from_fork+0x10/0x20 [ 20.729852] [ 20.729876] kfence-#97: 0x000000000f836b44-0x000000008a57362b, size=32, cache=test [ 20.729876] [ 20.729929] allocated by task 310 on cpu 1 at 20.729327s (0.000599s ago): [ 20.729992] test_alloc+0x230/0x628 [ 20.730033] test_invalid_addr_free+0xd4/0x238 [ 20.730074] kunit_try_run_case+0x170/0x3f0 [ 20.730115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.730158] kthread+0x328/0x630 [ 20.730207] ret_from_fork+0x10/0x20 [ 20.730246] [ 20.730287] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.730365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.730393] Hardware name: linux,dummy-virt (DT) [ 20.730427] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.521481] ================================================================== [ 20.521571] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.521571] [ 20.521634] Invalid free of 0x00000000918cf1ce (in kfence-#95): [ 20.521688] test_double_free+0x100/0x238 [ 20.521735] kunit_try_run_case+0x170/0x3f0 [ 20.521780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.521824] kthread+0x328/0x630 [ 20.521866] ret_from_fork+0x10/0x20 [ 20.521906] [ 20.521931] kfence-#95: 0x00000000918cf1ce-0x000000009920fb8a, size=32, cache=test [ 20.521931] [ 20.521983] allocated by task 306 on cpu 0 at 20.521268s (0.000712s ago): [ 20.522045] test_alloc+0x230/0x628 [ 20.522086] test_double_free+0xd4/0x238 [ 20.522127] kunit_try_run_case+0x170/0x3f0 [ 20.522168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.522224] kthread+0x328/0x630 [ 20.522261] ret_from_fork+0x10/0x20 [ 20.522300] [ 20.522325] freed by task 306 on cpu 0 at 20.521324s (0.000997s ago): [ 20.522387] test_double_free+0xf0/0x238 [ 20.522426] kunit_try_run_case+0x170/0x3f0 [ 20.522466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.522510] kthread+0x328/0x630 [ 20.522545] ret_from_fork+0x10/0x20 [ 20.522585] [ 20.522626] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.522703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.522733] Hardware name: linux,dummy-virt (DT) [ 20.522768] ================================================================== [ 20.417609] ================================================================== [ 20.417725] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.417725] [ 20.417793] Invalid free of 0x000000007cdbd928 (in kfence-#94): [ 20.417860] test_double_free+0x1bc/0x238 [ 20.417906] kunit_try_run_case+0x170/0x3f0 [ 20.417951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.417995] kthread+0x328/0x630 [ 20.418034] ret_from_fork+0x10/0x20 [ 20.418075] [ 20.418101] kfence-#94: 0x000000007cdbd928-0x000000007afc5feb, size=32, cache=kmalloc-32 [ 20.418101] [ 20.418156] allocated by task 304 on cpu 0 at 20.417315s (0.000837s ago): [ 20.418237] test_alloc+0x29c/0x628 [ 20.418277] test_double_free+0xd4/0x238 [ 20.418318] kunit_try_run_case+0x170/0x3f0 [ 20.418357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.418401] kthread+0x328/0x630 [ 20.418436] ret_from_fork+0x10/0x20 [ 20.418478] [ 20.418501] freed by task 304 on cpu 0 at 20.417385s (0.001112s ago): [ 20.418561] test_double_free+0x1ac/0x238 [ 20.418602] kunit_try_run_case+0x170/0x3f0 [ 20.418642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.418687] kthread+0x328/0x630 [ 20.418724] ret_from_fork+0x10/0x20 [ 20.418763] [ 20.418808] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.418887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.418917] Hardware name: linux,dummy-virt (DT) [ 20.418951] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.107012] ================================================================== [ 20.107384] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.107384] [ 20.107490] Use-after-free read at 0x00000000289c42ac (in kfence-#91): [ 20.107543] test_use_after_free_read+0x114/0x248 [ 20.107647] kunit_try_run_case+0x170/0x3f0 [ 20.107732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.108073] kthread+0x328/0x630 [ 20.108149] ret_from_fork+0x10/0x20 [ 20.108450] [ 20.108750] kfence-#91: 0x00000000289c42ac-0x000000005666c8c8, size=32, cache=test [ 20.108750] [ 20.109128] allocated by task 298 on cpu 0 at 20.106773s (0.002047s ago): [ 20.109235] test_alloc+0x230/0x628 [ 20.109279] test_use_after_free_read+0xd0/0x248 [ 20.109356] kunit_try_run_case+0x170/0x3f0 [ 20.109466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.109798] kthread+0x328/0x630 [ 20.110137] ret_from_fork+0x10/0x20 [ 20.110322] [ 20.110443] freed by task 298 on cpu 0 at 20.106834s (0.003554s ago): [ 20.110885] test_use_after_free_read+0xf0/0x248 [ 20.111069] kunit_try_run_case+0x170/0x3f0 [ 20.111145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.111616] kthread+0x328/0x630 [ 20.111725] ret_from_fork+0x10/0x20 [ 20.112090] [ 20.112180] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.112686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.112767] Hardware name: linux,dummy-virt (DT) [ 20.112814] ================================================================== [ 20.002420] ================================================================== [ 20.002495] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.002495] [ 20.002952] Use-after-free read at 0x00000000d283dde0 (in kfence-#90): [ 20.003031] test_use_after_free_read+0x114/0x248 [ 20.003092] kunit_try_run_case+0x170/0x3f0 [ 20.003138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.003182] kthread+0x328/0x630 [ 20.003231] ret_from_fork+0x10/0x20 [ 20.003640] [ 20.003686] kfence-#90: 0x00000000d283dde0-0x00000000fc6129ec, size=32, cache=kmalloc-32 [ 20.003686] [ 20.003884] allocated by task 296 on cpu 0 at 20.001967s (0.001773s ago): [ 20.003969] test_alloc+0x29c/0x628 [ 20.004204] test_use_after_free_read+0xd0/0x248 [ 20.004267] kunit_try_run_case+0x170/0x3f0 [ 20.004320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.004365] kthread+0x328/0x630 [ 20.004400] ret_from_fork+0x10/0x20 [ 20.004525] [ 20.004611] freed by task 296 on cpu 0 at 20.002182s (0.002401s ago): [ 20.004683] test_use_after_free_read+0x1c0/0x248 [ 20.004726] kunit_try_run_case+0x170/0x3f0 [ 20.004773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.004816] kthread+0x328/0x630 [ 20.004852] ret_from_fork+0x10/0x20 [ 20.005149] [ 20.005370] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.005559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.005635] Hardware name: linux,dummy-virt (DT) [ 20.005726] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.898580] ================================================================== [ 19.898714] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.898714] [ 19.898822] Out-of-bounds write at 0x000000009b3a4672 (1B left of kfence-#89): [ 19.898907] test_out_of_bounds_write+0x100/0x240 [ 19.898973] kunit_try_run_case+0x170/0x3f0 [ 19.899038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.899117] kthread+0x328/0x630 [ 19.899156] ret_from_fork+0x10/0x20 [ 19.899206] [ 19.899234] kfence-#89: 0x000000002ab549be-0x00000000d5e1a176, size=32, cache=test [ 19.899234] [ 19.899285] allocated by task 294 on cpu 0 at 19.898489s (0.000791s ago): [ 19.899498] test_alloc+0x230/0x628 [ 19.899548] test_out_of_bounds_write+0xc8/0x240 [ 19.899609] kunit_try_run_case+0x170/0x3f0 [ 19.899765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.899910] kthread+0x328/0x630 [ 19.900054] ret_from_fork+0x10/0x20 [ 19.900168] [ 19.900225] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.900343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.900395] Hardware name: linux,dummy-virt (DT) [ 19.900442] ================================================================== [ 19.482237] ================================================================== [ 19.482317] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.482317] [ 19.482666] Out-of-bounds write at 0x00000000f80cfefc (1B left of kfence-#85): [ 19.482779] test_out_of_bounds_write+0x100/0x240 [ 19.482838] kunit_try_run_case+0x170/0x3f0 [ 19.483127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.483276] kthread+0x328/0x630 [ 19.483322] ret_from_fork+0x10/0x20 [ 19.483389] [ 19.483437] kfence-#85: 0x00000000deaf6e89-0x000000003b4cbfd3, size=32, cache=kmalloc-32 [ 19.483437] [ 19.483524] allocated by task 292 on cpu 0 at 19.481886s (0.001616s ago): [ 19.483595] test_alloc+0x29c/0x628 [ 19.483669] test_out_of_bounds_write+0xc8/0x240 [ 19.483731] kunit_try_run_case+0x170/0x3f0 [ 19.483788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.483831] kthread+0x328/0x630 [ 19.483881] ret_from_fork+0x10/0x20 [ 19.483936] [ 19.483984] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.484318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.484364] Hardware name: linux,dummy-virt (DT) [ 19.484657] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.171451] ================================================================== [ 19.171526] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.171526] [ 19.171939] Out-of-bounds read at 0x00000000b1c3d3a0 (1B left of kfence-#82): [ 19.172019] test_out_of_bounds_read+0x114/0x3e0 [ 19.172141] kunit_try_run_case+0x170/0x3f0 [ 19.172208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.172258] kthread+0x328/0x630 [ 19.172320] ret_from_fork+0x10/0x20 [ 19.172363] [ 19.172396] kfence-#82: 0x000000001bba937b-0x000000008d2099e6, size=32, cache=test [ 19.172396] [ 19.172465] allocated by task 290 on cpu 0 at 19.171315s (0.001138s ago): [ 19.172598] test_alloc+0x230/0x628 [ 19.172780] test_out_of_bounds_read+0xdc/0x3e0 [ 19.172842] kunit_try_run_case+0x170/0x3f0 [ 19.173089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.173550] kthread+0x328/0x630 [ 19.173716] ret_from_fork+0x10/0x20 [ 19.173798] [ 19.173984] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.174171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.174420] Hardware name: linux,dummy-virt (DT) [ 19.174997] ================================================================== [ 19.274667] ================================================================== [ 19.274771] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.274771] [ 19.275510] Out-of-bounds read at 0x00000000b6589f57 (32B right of kfence-#83): [ 19.275604] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.275723] kunit_try_run_case+0x170/0x3f0 [ 19.275772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.276052] kthread+0x328/0x630 [ 19.276146] ret_from_fork+0x10/0x20 [ 19.276221] [ 19.276269] kfence-#83: 0x00000000e74aa7db-0x0000000070cec330, size=32, cache=test [ 19.276269] [ 19.276956] allocated by task 290 on cpu 0 at 19.274509s (0.002320s ago): [ 19.277110] test_alloc+0x230/0x628 [ 19.277155] test_out_of_bounds_read+0x198/0x3e0 [ 19.277254] kunit_try_run_case+0x170/0x3f0 [ 19.277308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.277524] kthread+0x328/0x630 [ 19.277738] ret_from_fork+0x10/0x20 [ 19.277828] [ 19.277945] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.278147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.278256] Hardware name: linux,dummy-virt (DT) [ 19.278308] ================================================================== [ 18.650377] ================================================================== [ 18.650497] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.650497] [ 18.650742] Out-of-bounds read at 0x00000000f3ba3857 (1B left of kfence-#77): [ 18.650861] test_out_of_bounds_read+0x114/0x3e0 [ 18.651060] kunit_try_run_case+0x170/0x3f0 [ 18.651161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.651353] kthread+0x328/0x630 [ 18.651396] ret_from_fork+0x10/0x20 [ 18.651444] [ 18.651572] kfence-#77: 0x00000000556af49d-0x0000000032290b36, size=32, cache=kmalloc-32 [ 18.651572] [ 18.651645] allocated by task 288 on cpu 0 at 18.649795s (0.001845s ago): [ 18.651840] test_alloc+0x29c/0x628 [ 18.651891] test_out_of_bounds_read+0xdc/0x3e0 [ 18.651960] kunit_try_run_case+0x170/0x3f0 [ 18.652034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.652086] kthread+0x328/0x630 [ 18.652123] ret_from_fork+0x10/0x20 [ 18.652184] [ 18.652249] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.652333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.652374] Hardware name: linux,dummy-virt (DT) [ 18.652411] ================================================================== [ 19.067094] ================================================================== [ 19.067470] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.067470] [ 19.067610] Out-of-bounds read at 0x00000000aebef5f9 (32B right of kfence-#81): [ 19.067670] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.067754] kunit_try_run_case+0x170/0x3f0 [ 19.067803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.067848] kthread+0x328/0x630 [ 19.067885] ret_from_fork+0x10/0x20 [ 19.067925] [ 19.067952] kfence-#81: 0x000000008736899f-0x00000000febcca31, size=32, cache=kmalloc-32 [ 19.067952] [ 19.068026] allocated by task 288 on cpu 0 at 19.066450s (0.001570s ago): [ 19.068109] test_alloc+0x29c/0x628 [ 19.068151] test_out_of_bounds_read+0x198/0x3e0 [ 19.068205] kunit_try_run_case+0x170/0x3f0 [ 19.068245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.068288] kthread+0x328/0x630 [ 19.068325] ret_from_fork+0x10/0x20 [ 19.068366] [ 19.068410] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.068490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.068523] Hardware name: linux,dummy-virt (DT) [ 19.068558] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-workqueue_uaf
[ 15.593289] ================================================================== [ 15.593585] BUG: KFENCE: use-after-free read in workqueue_uaf+0x270/0x4a8 [ 15.593585] [ 15.593786] Use-after-free read at 0x00000000b0101e7f (in kfence-#56): [ 15.594118] workqueue_uaf+0x270/0x4a8 [ 15.594200] kunit_try_run_case+0x170/0x3f0 [ 15.594249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.594295] kthread+0x328/0x630 [ 15.594351] ret_from_fork+0x10/0x20 [ 15.594394] [ 15.595174] kfence-#56: 0x00000000b0101e7f-0x000000000d206ab9, size=32, cache=kmalloc-32 [ 15.595174] [ 15.595725] allocated by task 201 on cpu 1 at 15.590363s (0.005221s ago): [ 15.596684] workqueue_uaf+0x13c/0x4a8 [ 15.597050] kunit_try_run_case+0x170/0x3f0 [ 15.597194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.597289] kthread+0x328/0x630 [ 15.597405] ret_from_fork+0x10/0x20 [ 15.597504] [ 15.597618] freed by task 24 on cpu 1 at 15.590629s (0.006916s ago): [ 15.597760] workqueue_uaf_work+0x18/0x30 [ 15.597802] process_one_work+0x530/0xf98 [ 15.598049] worker_thread+0x618/0xf38 [ 15.598139] kthread+0x328/0x630 [ 15.598268] ret_from_fork+0x10/0x20 [ 15.598423] [ 15.598543] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.598693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.598772] Hardware name: linux,dummy-virt (DT) [ 15.598811] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.401112] ================================================================== [ 18.401671] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.401750] Write of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.401824] [ 18.402173] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.402653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.402763] Hardware name: linux,dummy-virt (DT) [ 18.402845] Call trace: [ 18.402873] show_stack+0x20/0x38 (C) [ 18.403343] dump_stack_lvl+0x8c/0xd0 [ 18.403419] print_report+0x118/0x5d0 [ 18.403807] kasan_report+0xdc/0x128 [ 18.404067] kasan_check_range+0x100/0x1a8 [ 18.404156] __kasan_check_write+0x20/0x30 [ 18.404490] strncpy_from_user+0x3c/0x2a0 [ 18.404719] copy_user_test_oob+0x5c0/0xec8 [ 18.404792] kunit_try_run_case+0x170/0x3f0 [ 18.405112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405338] kthread+0x328/0x630 [ 18.405661] ret_from_fork+0x10/0x20 [ 18.405919] [ 18.405974] Allocated by task 286: [ 18.406293] kasan_save_stack+0x3c/0x68 [ 18.406435] kasan_save_track+0x20/0x40 [ 18.406523] kasan_save_alloc_info+0x40/0x58 [ 18.406586] __kasan_kmalloc+0xd4/0xd8 [ 18.406913] __kmalloc_noprof+0x198/0x4c8 [ 18.407272] kunit_kmalloc_array+0x34/0x88 [ 18.407450] copy_user_test_oob+0xac/0xec8 [ 18.407588] kunit_try_run_case+0x170/0x3f0 [ 18.407713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.407787] kthread+0x328/0x630 [ 18.408207] ret_from_fork+0x10/0x20 [ 18.408486] [ 18.408555] The buggy address belongs to the object at fff00000c64df100 [ 18.408555] which belongs to the cache kmalloc-128 of size 128 [ 18.408716] The buggy address is located 0 bytes inside of [ 18.408716] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.408964] [ 18.409081] The buggy address belongs to the physical page: [ 18.409178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.409247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.409296] page_type: f5(slab) [ 18.409738] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.410421] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.410678] page dumped because: kasan: bad access detected [ 18.410896] [ 18.410922] Memory state around the buggy address: [ 18.410959] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.411009] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411196] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.411677] ^ [ 18.411767] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411847] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411889] ================================================================== [ 18.414432] ================================================================== [ 18.414495] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.414548] Write of size 1 at addr fff00000c64df178 by task kunit_try_catch/286 [ 18.414601] [ 18.414992] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.415110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.415529] Hardware name: linux,dummy-virt (DT) [ 18.415808] Call trace: [ 18.415862] show_stack+0x20/0x38 (C) [ 18.416018] dump_stack_lvl+0x8c/0xd0 [ 18.416264] print_report+0x118/0x5d0 [ 18.416331] kasan_report+0xdc/0x128 [ 18.416514] __asan_report_store1_noabort+0x20/0x30 [ 18.416594] strncpy_from_user+0x270/0x2a0 [ 18.416647] copy_user_test_oob+0x5c0/0xec8 [ 18.416696] kunit_try_run_case+0x170/0x3f0 [ 18.416744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.416798] kthread+0x328/0x630 [ 18.416840] ret_from_fork+0x10/0x20 [ 18.417450] [ 18.417488] Allocated by task 286: [ 18.417524] kasan_save_stack+0x3c/0x68 [ 18.417598] kasan_save_track+0x20/0x40 [ 18.417837] kasan_save_alloc_info+0x40/0x58 [ 18.417969] __kasan_kmalloc+0xd4/0xd8 [ 18.418342] __kmalloc_noprof+0x198/0x4c8 [ 18.418479] kunit_kmalloc_array+0x34/0x88 [ 18.418698] copy_user_test_oob+0xac/0xec8 [ 18.418769] kunit_try_run_case+0x170/0x3f0 [ 18.418810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.418866] kthread+0x328/0x630 [ 18.418902] ret_from_fork+0x10/0x20 [ 18.418945] [ 18.418988] The buggy address belongs to the object at fff00000c64df100 [ 18.418988] which belongs to the cache kmalloc-128 of size 128 [ 18.419058] The buggy address is located 0 bytes to the right of [ 18.419058] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.419125] [ 18.419156] The buggy address belongs to the physical page: [ 18.419219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.419284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.419334] page_type: f5(slab) [ 18.419383] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.419436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.419479] page dumped because: kasan: bad access detected [ 18.419515] [ 18.419545] Memory state around the buggy address: [ 18.419597] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.419645] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419690] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.419732] ^ [ 18.419775] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419827] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.394148] ================================================================== [ 18.394219] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.394271] Read of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.394325] [ 18.394357] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.394443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.394471] Hardware name: linux,dummy-virt (DT) [ 18.394502] Call trace: [ 18.394528] show_stack+0x20/0x38 (C) [ 18.394578] dump_stack_lvl+0x8c/0xd0 [ 18.394912] print_report+0x118/0x5d0 [ 18.394986] kasan_report+0xdc/0x128 [ 18.395035] kasan_check_range+0x100/0x1a8 [ 18.395085] __kasan_check_read+0x20/0x30 [ 18.395131] copy_user_test_oob+0x4a0/0xec8 [ 18.395181] kunit_try_run_case+0x170/0x3f0 [ 18.395244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.395301] kthread+0x328/0x630 [ 18.395345] ret_from_fork+0x10/0x20 [ 18.395412] [ 18.395434] Allocated by task 286: [ 18.395470] kasan_save_stack+0x3c/0x68 [ 18.395515] kasan_save_track+0x20/0x40 [ 18.395563] kasan_save_alloc_info+0x40/0x58 [ 18.395615] __kasan_kmalloc+0xd4/0xd8 [ 18.395664] __kmalloc_noprof+0x198/0x4c8 [ 18.395703] kunit_kmalloc_array+0x34/0x88 [ 18.395745] copy_user_test_oob+0xac/0xec8 [ 18.395784] kunit_try_run_case+0x170/0x3f0 [ 18.395824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.395870] kthread+0x328/0x630 [ 18.395905] ret_from_fork+0x10/0x20 [ 18.395942] [ 18.395966] The buggy address belongs to the object at fff00000c64df100 [ 18.395966] which belongs to the cache kmalloc-128 of size 128 [ 18.396033] The buggy address is located 0 bytes inside of [ 18.396033] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.396097] [ 18.396119] The buggy address belongs to the physical page: [ 18.396164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.397330] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.397735] page_type: f5(slab) [ 18.397793] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.397865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.398161] page dumped because: kasan: bad access detected [ 18.398357] [ 18.398524] Memory state around the buggy address: [ 18.398673] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.398726] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.399019] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.399181] ^ [ 18.399272] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.399526] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.399855] ================================================================== [ 18.382500] ================================================================== [ 18.382556] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.382827] Write of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.383254] [ 18.383455] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.383735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.383801] Hardware name: linux,dummy-virt (DT) [ 18.383836] Call trace: [ 18.384169] show_stack+0x20/0x38 (C) [ 18.384429] dump_stack_lvl+0x8c/0xd0 [ 18.384499] print_report+0x118/0x5d0 [ 18.384731] kasan_report+0xdc/0x128 [ 18.384885] kasan_check_range+0x100/0x1a8 [ 18.385274] __kasan_check_write+0x20/0x30 [ 18.385445] copy_user_test_oob+0x434/0xec8 [ 18.385586] kunit_try_run_case+0x170/0x3f0 [ 18.385680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.385837] kthread+0x328/0x630 [ 18.385886] ret_from_fork+0x10/0x20 [ 18.386514] [ 18.386751] Allocated by task 286: [ 18.386812] kasan_save_stack+0x3c/0x68 [ 18.386954] kasan_save_track+0x20/0x40 [ 18.387051] kasan_save_alloc_info+0x40/0x58 [ 18.387245] __kasan_kmalloc+0xd4/0xd8 [ 18.387290] __kmalloc_noprof+0x198/0x4c8 [ 18.387531] kunit_kmalloc_array+0x34/0x88 [ 18.387695] copy_user_test_oob+0xac/0xec8 [ 18.387918] kunit_try_run_case+0x170/0x3f0 [ 18.388170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.388330] kthread+0x328/0x630 [ 18.388421] ret_from_fork+0x10/0x20 [ 18.388697] [ 18.388809] The buggy address belongs to the object at fff00000c64df100 [ 18.388809] which belongs to the cache kmalloc-128 of size 128 [ 18.389309] The buggy address is located 0 bytes inside of [ 18.389309] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.389491] [ 18.389524] The buggy address belongs to the physical page: [ 18.389920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.390326] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.390489] page_type: f5(slab) [ 18.390583] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.390675] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.391033] page dumped because: kasan: bad access detected [ 18.391315] [ 18.391461] Memory state around the buggy address: [ 18.391502] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.392008] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.392278] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.392402] ^ [ 18.392607] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.392906] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.393096] ================================================================== [ 18.372662] ================================================================== [ 18.372948] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.373288] Read of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.373451] [ 18.373489] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.373777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373817] Hardware name: linux,dummy-virt (DT) [ 18.373976] Call trace: [ 18.374027] show_stack+0x20/0x38 (C) [ 18.374082] dump_stack_lvl+0x8c/0xd0 [ 18.374143] print_report+0x118/0x5d0 [ 18.374223] kasan_report+0xdc/0x128 [ 18.374271] kasan_check_range+0x100/0x1a8 [ 18.374323] __kasan_check_read+0x20/0x30 [ 18.374370] copy_user_test_oob+0x3c8/0xec8 [ 18.374419] kunit_try_run_case+0x170/0x3f0 [ 18.374466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.374529] kthread+0x328/0x630 [ 18.374583] ret_from_fork+0x10/0x20 [ 18.374642] [ 18.374673] Allocated by task 286: [ 18.374719] kasan_save_stack+0x3c/0x68 [ 18.374764] kasan_save_track+0x20/0x40 [ 18.374812] kasan_save_alloc_info+0x40/0x58 [ 18.374866] __kasan_kmalloc+0xd4/0xd8 [ 18.374913] __kmalloc_noprof+0x198/0x4c8 [ 18.374955] kunit_kmalloc_array+0x34/0x88 [ 18.374995] copy_user_test_oob+0xac/0xec8 [ 18.375033] kunit_try_run_case+0x170/0x3f0 [ 18.375073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.375139] kthread+0x328/0x630 [ 18.375183] ret_from_fork+0x10/0x20 [ 18.376045] [ 18.376110] The buggy address belongs to the object at fff00000c64df100 [ 18.376110] which belongs to the cache kmalloc-128 of size 128 [ 18.376195] The buggy address is located 0 bytes inside of [ 18.376195] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.376276] [ 18.376468] The buggy address belongs to the physical page: [ 18.376674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.376820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.376937] page_type: f5(slab) [ 18.377094] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.377588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.377667] page dumped because: kasan: bad access detected [ 18.377704] [ 18.378055] Memory state around the buggy address: [ 18.378492] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.378585] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378642] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.379163] ^ [ 18.379423] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.379556] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.379767] ================================================================== [ 18.362020] ================================================================== [ 18.362092] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.362409] Write of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.362565] [ 18.362607] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.362719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.362831] Hardware name: linux,dummy-virt (DT) [ 18.362869] Call trace: [ 18.362914] show_stack+0x20/0x38 (C) [ 18.363287] dump_stack_lvl+0x8c/0xd0 [ 18.363465] print_report+0x118/0x5d0 [ 18.363563] kasan_report+0xdc/0x128 [ 18.363708] kasan_check_range+0x100/0x1a8 [ 18.363762] __kasan_check_write+0x20/0x30 [ 18.363809] copy_user_test_oob+0x35c/0xec8 [ 18.363860] kunit_try_run_case+0x170/0x3f0 [ 18.364232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364312] kthread+0x328/0x630 [ 18.365307] ret_from_fork+0x10/0x20 [ 18.365395] [ 18.365417] Allocated by task 286: [ 18.365607] kasan_save_stack+0x3c/0x68 [ 18.365851] kasan_save_track+0x20/0x40 [ 18.365929] kasan_save_alloc_info+0x40/0x58 [ 18.366095] __kasan_kmalloc+0xd4/0xd8 [ 18.366184] __kmalloc_noprof+0x198/0x4c8 [ 18.366306] kunit_kmalloc_array+0x34/0x88 [ 18.366364] copy_user_test_oob+0xac/0xec8 [ 18.366434] kunit_try_run_case+0x170/0x3f0 [ 18.366691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.366802] kthread+0x328/0x630 [ 18.366864] ret_from_fork+0x10/0x20 [ 18.367132] [ 18.367202] The buggy address belongs to the object at fff00000c64df100 [ 18.367202] which belongs to the cache kmalloc-128 of size 128 [ 18.367292] The buggy address is located 0 bytes inside of [ 18.367292] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.367984] [ 18.368045] The buggy address belongs to the physical page: [ 18.368098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.368308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.368453] page_type: f5(slab) [ 18.368516] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.368569] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.369247] page dumped because: kasan: bad access detected [ 18.369425] [ 18.369549] Memory state around the buggy address: [ 18.369699] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.369799] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.369952] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.370041] ^ [ 18.370104] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.370148] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.370379] ================================================================== [ 18.339830] ================================================================== [ 18.339888] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.339942] Read of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.340447] [ 18.340529] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.340917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.340960] Hardware name: linux,dummy-virt (DT) [ 18.341015] Call trace: [ 18.341041] show_stack+0x20/0x38 (C) [ 18.341226] dump_stack_lvl+0x8c/0xd0 [ 18.341310] print_report+0x118/0x5d0 [ 18.341392] kasan_report+0xdc/0x128 [ 18.341481] kasan_check_range+0x100/0x1a8 [ 18.341778] __kasan_check_read+0x20/0x30 [ 18.342327] copy_user_test_oob+0x728/0xec8 [ 18.342404] kunit_try_run_case+0x170/0x3f0 [ 18.342587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342862] kthread+0x328/0x630 [ 18.343042] ret_from_fork+0x10/0x20 [ 18.343436] [ 18.343533] Allocated by task 286: [ 18.343656] kasan_save_stack+0x3c/0x68 [ 18.343753] kasan_save_track+0x20/0x40 [ 18.344006] kasan_save_alloc_info+0x40/0x58 [ 18.344251] __kasan_kmalloc+0xd4/0xd8 [ 18.344427] __kmalloc_noprof+0x198/0x4c8 [ 18.344703] kunit_kmalloc_array+0x34/0x88 [ 18.344981] copy_user_test_oob+0xac/0xec8 [ 18.345158] kunit_try_run_case+0x170/0x3f0 [ 18.345215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.345282] kthread+0x328/0x630 [ 18.345562] ret_from_fork+0x10/0x20 [ 18.345925] [ 18.346076] The buggy address belongs to the object at fff00000c64df100 [ 18.346076] which belongs to the cache kmalloc-128 of size 128 [ 18.346313] The buggy address is located 0 bytes inside of [ 18.346313] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.346576] [ 18.346672] The buggy address belongs to the physical page: [ 18.346824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.346915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.347168] page_type: f5(slab) [ 18.347237] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.347487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.347646] page dumped because: kasan: bad access detected [ 18.347729] [ 18.347793] Memory state around the buggy address: [ 18.347830] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.348373] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348996] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.349256] ^ [ 18.349876] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.350103] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.350346] ================================================================== [ 18.328061] ================================================================== [ 18.328181] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.328286] Write of size 121 at addr fff00000c64df100 by task kunit_try_catch/286 [ 18.328361] [ 18.328405] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.328514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.328551] Hardware name: linux,dummy-virt (DT) [ 18.328588] Call trace: [ 18.328633] show_stack+0x20/0x38 (C) [ 18.328698] dump_stack_lvl+0x8c/0xd0 [ 18.328806] print_report+0x118/0x5d0 [ 18.328872] kasan_report+0xdc/0x128 [ 18.328949] kasan_check_range+0x100/0x1a8 [ 18.329000] __kasan_check_write+0x20/0x30 [ 18.329050] copy_user_test_oob+0x234/0xec8 [ 18.329348] kunit_try_run_case+0x170/0x3f0 [ 18.329434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.329557] kthread+0x328/0x630 [ 18.329652] ret_from_fork+0x10/0x20 [ 18.329802] [ 18.329871] Allocated by task 286: [ 18.329958] kasan_save_stack+0x3c/0x68 [ 18.330089] kasan_save_track+0x20/0x40 [ 18.330183] kasan_save_alloc_info+0x40/0x58 [ 18.330288] __kasan_kmalloc+0xd4/0xd8 [ 18.330327] __kmalloc_noprof+0x198/0x4c8 [ 18.330379] kunit_kmalloc_array+0x34/0x88 [ 18.330660] copy_user_test_oob+0xac/0xec8 [ 18.330788] kunit_try_run_case+0x170/0x3f0 [ 18.330992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.331205] kthread+0x328/0x630 [ 18.331243] ret_from_fork+0x10/0x20 [ 18.331322] [ 18.331375] The buggy address belongs to the object at fff00000c64df100 [ 18.331375] which belongs to the cache kmalloc-128 of size 128 [ 18.331662] The buggy address is located 0 bytes inside of [ 18.331662] allocated 120-byte region [fff00000c64df100, fff00000c64df178) [ 18.331796] [ 18.331879] The buggy address belongs to the physical page: [ 18.331960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.332073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.332205] page_type: f5(slab) [ 18.332287] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.332386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.332430] page dumped because: kasan: bad access detected [ 18.332462] [ 18.332522] Memory state around the buggy address: [ 18.332806] fff00000c64df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.332943] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333247] >fff00000c64df100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.333488] ^ [ 18.333592] fff00000c64df180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333703] fff00000c64df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333745] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.299511] ================================================================== [ 18.299583] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.299635] Write of size 8 at addr fff00000c64df078 by task kunit_try_catch/282 [ 18.299688] [ 18.299718] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.299924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.300009] Hardware name: linux,dummy-virt (DT) [ 18.300046] Call trace: [ 18.300072] show_stack+0x20/0x38 (C) [ 18.300125] dump_stack_lvl+0x8c/0xd0 [ 18.300219] print_report+0x118/0x5d0 [ 18.300271] kasan_report+0xdc/0x128 [ 18.300410] kasan_check_range+0x100/0x1a8 [ 18.300464] __kasan_check_write+0x20/0x30 [ 18.300679] copy_to_kernel_nofault+0x8c/0x250 [ 18.300748] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.300801] kunit_try_run_case+0x170/0x3f0 [ 18.300856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.301232] kthread+0x328/0x630 [ 18.301292] ret_from_fork+0x10/0x20 [ 18.301342] [ 18.301364] Allocated by task 282: [ 18.301683] kasan_save_stack+0x3c/0x68 [ 18.301806] kasan_save_track+0x20/0x40 [ 18.301882] kasan_save_alloc_info+0x40/0x58 [ 18.301954] __kasan_kmalloc+0xd4/0xd8 [ 18.302327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.302419] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.302531] kunit_try_run_case+0x170/0x3f0 [ 18.302617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.302718] kthread+0x328/0x630 [ 18.302807] ret_from_fork+0x10/0x20 [ 18.302919] [ 18.302984] The buggy address belongs to the object at fff00000c64df000 [ 18.302984] which belongs to the cache kmalloc-128 of size 128 [ 18.303045] The buggy address is located 0 bytes to the right of [ 18.303045] allocated 120-byte region [fff00000c64df000, fff00000c64df078) [ 18.303356] [ 18.303427] The buggy address belongs to the physical page: [ 18.303527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.303621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.303873] page_type: f5(slab) [ 18.304076] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.304179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.304292] page dumped because: kasan: bad access detected [ 18.304372] [ 18.304465] Memory state around the buggy address: [ 18.304532] fff00000c64def00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.304593] fff00000c64def80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.304638] >fff00000c64df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.305120] ^ [ 18.305426] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.305505] fff00000c64df100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.305603] ================================================================== [ 18.295090] ================================================================== [ 18.295292] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.295375] Read of size 8 at addr fff00000c64df078 by task kunit_try_catch/282 [ 18.295458] [ 18.295754] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.295865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.295896] Hardware name: linux,dummy-virt (DT) [ 18.295931] Call trace: [ 18.295966] show_stack+0x20/0x38 (C) [ 18.296032] dump_stack_lvl+0x8c/0xd0 [ 18.296084] print_report+0x118/0x5d0 [ 18.296133] kasan_report+0xdc/0x128 [ 18.296198] __asan_report_load8_noabort+0x20/0x30 [ 18.296254] copy_to_kernel_nofault+0x204/0x250 [ 18.296306] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.296355] kunit_try_run_case+0x170/0x3f0 [ 18.296413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.296475] kthread+0x328/0x630 [ 18.296529] ret_from_fork+0x10/0x20 [ 18.296581] [ 18.296605] Allocated by task 282: [ 18.296636] kasan_save_stack+0x3c/0x68 [ 18.296679] kasan_save_track+0x20/0x40 [ 18.296725] kasan_save_alloc_info+0x40/0x58 [ 18.296769] __kasan_kmalloc+0xd4/0xd8 [ 18.296806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.296858] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.296929] kunit_try_run_case+0x170/0x3f0 [ 18.296969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.297014] kthread+0x328/0x630 [ 18.297054] ret_from_fork+0x10/0x20 [ 18.297093] [ 18.297117] The buggy address belongs to the object at fff00000c64df000 [ 18.297117] which belongs to the cache kmalloc-128 of size 128 [ 18.297599] The buggy address is located 0 bytes to the right of [ 18.297599] allocated 120-byte region [fff00000c64df000, fff00000c64df078) [ 18.297732] [ 18.297791] The buggy address belongs to the physical page: [ 18.297863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064df [ 18.297959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.298058] page_type: f5(slab) [ 18.298130] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.298219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.298282] page dumped because: kasan: bad access detected [ 18.298318] [ 18.298477] Memory state around the buggy address: [ 18.298623] fff00000c64def00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.298750] fff00000c64def80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.298815] >fff00000c64df000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.298883] ^ [ 18.298962] fff00000c64df080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.299060] fff00000c64df100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.299113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.256725] ================================================================== [ 18.256803] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.256855] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 18.256914] [ 18.256953] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.257038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.257077] Hardware name: linux,dummy-virt (DT) [ 18.257110] Call trace: [ 18.257143] show_stack+0x20/0x38 (C) [ 18.257204] dump_stack_lvl+0x8c/0xd0 [ 18.257253] print_report+0x310/0x5d0 [ 18.257309] kasan_report+0xdc/0x128 [ 18.257361] __asan_report_load1_noabort+0x20/0x30 [ 18.257416] vmalloc_oob+0x51c/0x5d0 [ 18.257461] kunit_try_run_case+0x170/0x3f0 [ 18.257510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.257565] kthread+0x328/0x630 [ 18.257608] ret_from_fork+0x10/0x20 [ 18.257657] [ 18.257682] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.257734] The buggy address belongs to the physical page: [ 18.257765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107675 [ 18.257818] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.257878] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.257929] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.257980] page dumped because: kasan: bad access detected [ 18.258035] [ 18.258077] Memory state around the buggy address: [ 18.258111] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.258156] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.258210] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.258250] ^ [ 18.258291] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.258335] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.258376] ================================================================== [ 18.252436] ================================================================== [ 18.252508] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.252568] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 18.252622] [ 18.252655] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.252737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.252767] Hardware name: linux,dummy-virt (DT) [ 18.252803] Call trace: [ 18.252827] show_stack+0x20/0x38 (C) [ 18.253011] dump_stack_lvl+0x8c/0xd0 [ 18.253075] print_report+0x310/0x5d0 [ 18.253415] kasan_report+0xdc/0x128 [ 18.253504] __asan_report_load1_noabort+0x20/0x30 [ 18.253631] vmalloc_oob+0x578/0x5d0 [ 18.253725] kunit_try_run_case+0x170/0x3f0 [ 18.253843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.253927] kthread+0x328/0x630 [ 18.253970] ret_from_fork+0x10/0x20 [ 18.254156] [ 18.254180] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.254355] The buggy address belongs to the physical page: [ 18.254447] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107675 [ 18.254551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.254763] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.254970] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.255125] page dumped because: kasan: bad access detected [ 18.255204] [ 18.255300] Memory state around the buggy address: [ 18.255382] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.255446] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.255546] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.255634] ^ [ 18.255724] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.255771] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.255812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.713081] ================================================================== [ 17.713778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 17.713902] [ 17.714043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.715205] __kasan_check_write+0x20/0x30 [ 17.716248] kasan_save_stack+0x3c/0x68 [ 17.717499] kthread+0x328/0x630 [ 17.718372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.718943] page_type: f5(slab) [ 17.719755] [ 17.719817] Memory state around the buggy address: [ 17.720041] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.720228] ^ [ 17.722405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 17.722529] [ 17.723382] Hardware name: linux,dummy-virt (DT) [ 17.724377] kasan_atomics+0x198/0x2e0 [ 17.725130] ret_from_fork+0x10/0x20 [ 17.725645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.725985] The buggy address is located 0 bytes to the right of [ 17.725985] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.726415] page dumped because: kasan: bad access detected [ 17.726505] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.726693] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.727992] ================================================================== [ 17.648754] ================================================================== [ 17.649680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 17.649953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.650210] print_report+0x118/0x5d0 [ 17.650952] kasan_save_stack+0x3c/0x68 [ 17.651267] kasan_atomics+0xb8/0x2e0 [ 17.652153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.652416] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.652515] page_type: f5(slab) [ 17.652561] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.652621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.652700] [ 17.652858] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.653348] ================================================================== [ 17.884417] ================================================================== [ 17.884470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 17.884521] Read of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.884778] [ 17.884822] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.885440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.885536] Hardware name: linux,dummy-virt (DT) [ 17.885605] Call trace: [ 17.885718] show_stack+0x20/0x38 (C) [ 17.885776] dump_stack_lvl+0x8c/0xd0 [ 17.885853] print_report+0x118/0x5d0 [ 17.885901] kasan_report+0xdc/0x128 [ 17.886102] __asan_report_load4_noabort+0x20/0x30 [ 17.886271] kasan_atomics_helper+0x3dd8/0x4858 [ 17.886569] kasan_atomics+0x198/0x2e0 [ 17.886754] kunit_try_run_case+0x170/0x3f0 [ 17.886850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.887015] kthread+0x328/0x630 [ 17.887168] ret_from_fork+0x10/0x20 [ 17.887245] [ 17.887266] Allocated by task 266: [ 17.887611] kasan_save_stack+0x3c/0x68 [ 17.887686] kasan_save_track+0x20/0x40 [ 17.887773] kasan_save_alloc_info+0x40/0x58 [ 17.888069] __kasan_kmalloc+0xd4/0xd8 [ 17.888145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.888212] kasan_atomics+0xb8/0x2e0 [ 17.888250] kunit_try_run_case+0x170/0x3f0 [ 17.888529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.888756] kthread+0x328/0x630 [ 17.888961] ret_from_fork+0x10/0x20 [ 17.889059] [ 17.889159] The buggy address belongs to the object at fff00000c767ae00 [ 17.889159] which belongs to the cache kmalloc-64 of size 64 [ 17.889237] The buggy address is located 0 bytes to the right of [ 17.889237] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.889496] [ 17.889526] The buggy address belongs to the physical page: [ 17.889562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.889627] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.889678] page_type: f5(slab) [ 17.889718] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.889808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.889855] page dumped because: kasan: bad access detected [ 17.889889] [ 17.889910] Memory state around the buggy address: [ 17.889956] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.890012] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.890068] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.890124] ^ [ 17.890160] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.890231] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.890272] ================================================================== [ 18.170388] ================================================================== [ 18.170509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.170916] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.170984] [ 18.171015] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.171098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.171128] Hardware name: linux,dummy-virt (DT) [ 18.171161] Call trace: [ 18.171198] show_stack+0x20/0x38 (C) [ 18.171250] dump_stack_lvl+0x8c/0xd0 [ 18.171298] print_report+0x118/0x5d0 [ 18.171348] kasan_report+0xdc/0x128 [ 18.172523] __asan_report_load8_noabort+0x20/0x30 [ 18.173071] kasan_atomics_helper+0x3db0/0x4858 [ 18.173130] kasan_atomics+0x198/0x2e0 [ 18.173219] kunit_try_run_case+0x170/0x3f0 [ 18.173521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.173581] kthread+0x328/0x630 [ 18.173932] ret_from_fork+0x10/0x20 [ 18.174411] [ 18.174722] Allocated by task 266: [ 18.175022] kasan_save_stack+0x3c/0x68 [ 18.175567] kasan_save_track+0x20/0x40 [ 18.175626] kasan_save_alloc_info+0x40/0x58 [ 18.175754] __kasan_kmalloc+0xd4/0xd8 [ 18.175979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.176217] kasan_atomics+0xb8/0x2e0 [ 18.176273] kunit_try_run_case+0x170/0x3f0 [ 18.176916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.176972] kthread+0x328/0x630 [ 18.177412] ret_from_fork+0x10/0x20 [ 18.177455] [ 18.177478] The buggy address belongs to the object at fff00000c767ae00 [ 18.177478] which belongs to the cache kmalloc-64 of size 64 [ 18.177754] The buggy address is located 0 bytes to the right of [ 18.177754] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.177960] [ 18.177987] The buggy address belongs to the physical page: [ 18.178455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.178520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.178570] page_type: f5(slab) [ 18.178611] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.178666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.178709] page dumped because: kasan: bad access detected [ 18.178744] [ 18.178891] Memory state around the buggy address: [ 18.178931] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.179491] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.179639] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.179685] ^ [ 18.179925] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.180090] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.180285] ================================================================== [ 18.049897] ================================================================== [ 18.050147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.050422] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.050808] [ 18.051153] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.051391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.051421] Hardware name: linux,dummy-virt (DT) [ 18.051454] Call trace: [ 18.051480] show_stack+0x20/0x38 (C) [ 18.052638] dump_stack_lvl+0x8c/0xd0 [ 18.052725] print_report+0x118/0x5d0 [ 18.052777] kasan_report+0xdc/0x128 [ 18.053209] kasan_check_range+0x100/0x1a8 [ 18.053563] __kasan_check_write+0x20/0x30 [ 18.053625] kasan_atomics_helper+0x1190/0x4858 [ 18.053796] kasan_atomics+0x198/0x2e0 [ 18.054077] kunit_try_run_case+0x170/0x3f0 [ 18.054159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054549] kthread+0x328/0x630 [ 18.054927] ret_from_fork+0x10/0x20 [ 18.054982] [ 18.055448] Allocated by task 266: [ 18.055647] kasan_save_stack+0x3c/0x68 [ 18.055696] kasan_save_track+0x20/0x40 [ 18.056165] kasan_save_alloc_info+0x40/0x58 [ 18.056573] __kasan_kmalloc+0xd4/0xd8 [ 18.056723] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.056963] kasan_atomics+0xb8/0x2e0 [ 18.057008] kunit_try_run_case+0x170/0x3f0 [ 18.057064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.057585] kthread+0x328/0x630 [ 18.057642] ret_from_fork+0x10/0x20 [ 18.057681] [ 18.057706] The buggy address belongs to the object at fff00000c767ae00 [ 18.057706] which belongs to the cache kmalloc-64 of size 64 [ 18.057768] The buggy address is located 0 bytes to the right of [ 18.057768] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.057987] [ 18.058116] The buggy address belongs to the physical page: [ 18.058287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.058435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.059182] page_type: f5(slab) [ 18.059401] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.059457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.059500] page dumped because: kasan: bad access detected [ 18.059990] [ 18.060018] Memory state around the buggy address: [ 18.060089] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.060279] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.060327] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.060499] ^ [ 18.060649] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060900] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060997] ================================================================== [ 18.236039] ================================================================== [ 18.236148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.236213] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.236264] [ 18.236294] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.236424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.236455] Hardware name: linux,dummy-virt (DT) [ 18.236489] Call trace: [ 18.236513] show_stack+0x20/0x38 (C) [ 18.236562] dump_stack_lvl+0x8c/0xd0 [ 18.236794] print_report+0x118/0x5d0 [ 18.236858] kasan_report+0xdc/0x128 [ 18.236950] kasan_check_range+0x100/0x1a8 [ 18.237042] __kasan_check_write+0x20/0x30 [ 18.237321] kasan_atomics_helper+0x17ec/0x4858 [ 18.237585] kasan_atomics+0x198/0x2e0 [ 18.237666] kunit_try_run_case+0x170/0x3f0 [ 18.237754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.237850] kthread+0x328/0x630 [ 18.237940] ret_from_fork+0x10/0x20 [ 18.238011] [ 18.238042] Allocated by task 266: [ 18.238074] kasan_save_stack+0x3c/0x68 [ 18.238116] kasan_save_track+0x20/0x40 [ 18.238157] kasan_save_alloc_info+0x40/0x58 [ 18.238452] __kasan_kmalloc+0xd4/0xd8 [ 18.238575] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.238656] kasan_atomics+0xb8/0x2e0 [ 18.238743] kunit_try_run_case+0x170/0x3f0 [ 18.238788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.238834] kthread+0x328/0x630 [ 18.238869] ret_from_fork+0x10/0x20 [ 18.238909] [ 18.238950] The buggy address belongs to the object at fff00000c767ae00 [ 18.238950] which belongs to the cache kmalloc-64 of size 64 [ 18.239018] The buggy address is located 0 bytes to the right of [ 18.239018] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.239094] [ 18.239123] The buggy address belongs to the physical page: [ 18.239166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.239229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.239289] page_type: f5(slab) [ 18.239333] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.239392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.239444] page dumped because: kasan: bad access detected [ 18.239480] [ 18.239503] Memory state around the buggy address: [ 18.239551] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.239597] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.239651] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.239692] ^ [ 18.239727] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239779] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239828] ================================================================== [ 18.228989] ================================================================== [ 18.229058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.229222] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.229322] [ 18.229445] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.229693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.229762] Hardware name: linux,dummy-virt (DT) [ 18.229863] Call trace: [ 18.229913] show_stack+0x20/0x38 (C) [ 18.230035] dump_stack_lvl+0x8c/0xd0 [ 18.230130] print_report+0x118/0x5d0 [ 18.230514] kasan_report+0xdc/0x128 [ 18.230633] __asan_report_load8_noabort+0x20/0x30 [ 18.230758] kasan_atomics_helper+0x3e20/0x4858 [ 18.230854] kasan_atomics+0x198/0x2e0 [ 18.230963] kunit_try_run_case+0x170/0x3f0 [ 18.231067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.231165] kthread+0x328/0x630 [ 18.231239] ret_from_fork+0x10/0x20 [ 18.231552] [ 18.231659] Allocated by task 266: [ 18.231737] kasan_save_stack+0x3c/0x68 [ 18.232070] kasan_save_track+0x20/0x40 [ 18.232211] kasan_save_alloc_info+0x40/0x58 [ 18.232288] __kasan_kmalloc+0xd4/0xd8 [ 18.232415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.232503] kasan_atomics+0xb8/0x2e0 [ 18.232602] kunit_try_run_case+0x170/0x3f0 [ 18.232698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.232806] kthread+0x328/0x630 [ 18.232854] ret_from_fork+0x10/0x20 [ 18.232902] [ 18.232927] The buggy address belongs to the object at fff00000c767ae00 [ 18.232927] which belongs to the cache kmalloc-64 of size 64 [ 18.232988] The buggy address is located 0 bytes to the right of [ 18.232988] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.233199] [ 18.233274] The buggy address belongs to the physical page: [ 18.233344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.233476] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.233887] page_type: f5(slab) [ 18.233973] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.234055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.234148] page dumped because: kasan: bad access detected [ 18.234183] [ 18.234238] Memory state around the buggy address: [ 18.234271] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.234318] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.234365] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.234407] ^ [ 18.234442] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.234644] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.234800] ================================================================== [ 18.190783] ================================================================== [ 18.190833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.191175] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.191404] [ 18.191440] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.191521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.191550] Hardware name: linux,dummy-virt (DT) [ 18.192212] Call trace: [ 18.192255] show_stack+0x20/0x38 (C) [ 18.192313] dump_stack_lvl+0x8c/0xd0 [ 18.192364] print_report+0x118/0x5d0 [ 18.192413] kasan_report+0xdc/0x128 [ 18.192682] __asan_report_load8_noabort+0x20/0x30 [ 18.192737] kasan_atomics_helper+0x3df4/0x4858 [ 18.192788] kasan_atomics+0x198/0x2e0 [ 18.193308] kunit_try_run_case+0x170/0x3f0 [ 18.193382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.193494] kthread+0x328/0x630 [ 18.193552] ret_from_fork+0x10/0x20 [ 18.193624] [ 18.194010] Allocated by task 266: [ 18.194298] kasan_save_stack+0x3c/0x68 [ 18.194347] kasan_save_track+0x20/0x40 [ 18.194388] kasan_save_alloc_info+0x40/0x58 [ 18.194430] __kasan_kmalloc+0xd4/0xd8 [ 18.194471] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.195222] kasan_atomics+0xb8/0x2e0 [ 18.195272] kunit_try_run_case+0x170/0x3f0 [ 18.195313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.195360] kthread+0x328/0x630 [ 18.195397] ret_from_fork+0x10/0x20 [ 18.195436] [ 18.195550] The buggy address belongs to the object at fff00000c767ae00 [ 18.195550] which belongs to the cache kmalloc-64 of size 64 [ 18.195663] The buggy address is located 0 bytes to the right of [ 18.195663] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.196159] [ 18.196198] The buggy address belongs to the physical page: [ 18.196233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.196290] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.196340] page_type: f5(slab) [ 18.196381] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.196434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.197144] page dumped because: kasan: bad access detected [ 18.197180] [ 18.197432] Memory state around the buggy address: [ 18.197781] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.197953] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.198070] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.198112] ^ [ 18.198372] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.198425] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.198467] ================================================================== [ 18.073582] ================================================================== [ 18.073635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.073686] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.074199] [ 18.074249] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.074733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.074763] Hardware name: linux,dummy-virt (DT) [ 18.074997] Call trace: [ 18.075099] show_stack+0x20/0x38 (C) [ 18.075378] dump_stack_lvl+0x8c/0xd0 [ 18.075472] print_report+0x118/0x5d0 [ 18.075787] kasan_report+0xdc/0x128 [ 18.075844] kasan_check_range+0x100/0x1a8 [ 18.075892] __kasan_check_write+0x20/0x30 [ 18.075939] kasan_atomics_helper+0x126c/0x4858 [ 18.075989] kasan_atomics+0x198/0x2e0 [ 18.076036] kunit_try_run_case+0x170/0x3f0 [ 18.076085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.077223] kthread+0x328/0x630 [ 18.077305] ret_from_fork+0x10/0x20 [ 18.077356] [ 18.077387] Allocated by task 266: [ 18.077417] kasan_save_stack+0x3c/0x68 [ 18.077489] kasan_save_track+0x20/0x40 [ 18.077639] kasan_save_alloc_info+0x40/0x58 [ 18.077790] __kasan_kmalloc+0xd4/0xd8 [ 18.078030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.078170] kasan_atomics+0xb8/0x2e0 [ 18.078235] kunit_try_run_case+0x170/0x3f0 [ 18.078278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.078554] kthread+0x328/0x630 [ 18.078636] ret_from_fork+0x10/0x20 [ 18.078890] [ 18.079060] The buggy address belongs to the object at fff00000c767ae00 [ 18.079060] which belongs to the cache kmalloc-64 of size 64 [ 18.079425] The buggy address is located 0 bytes to the right of [ 18.079425] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.079599] [ 18.079663] The buggy address belongs to the physical page: [ 18.079726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.079781] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.079830] page_type: f5(slab) [ 18.080142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.080220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.080742] page dumped because: kasan: bad access detected [ 18.080829] [ 18.080852] Memory state around the buggy address: [ 18.081169] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.081662] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.081715] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.081759] ^ [ 18.081797] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.082480] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.082686] ================================================================== [ 17.796725] ================================================================== [ 17.796826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 17.797233] Write of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.797336] [ 17.797509] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.797936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.799966] kunit_try_run_case+0x170/0x3f0 [ 17.802222] [ 17.802858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.804344] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.807340] Call trace: [ 17.807871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.807927] kthread+0x328/0x630 [ 17.807980] ret_from_fork+0x10/0x20 [ 17.808030] [ 17.808051] Allocated by task 266: [ 17.808082] kasan_save_stack+0x3c/0x68 [ 17.808125] kasan_save_track+0x20/0x40 [ 17.808166] kasan_save_alloc_info+0x40/0x58 [ 17.808712] __kasan_kmalloc+0xd4/0xd8 [ 17.808947] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.809078] kasan_atomics+0xb8/0x2e0 [ 17.809137] kunit_try_run_case+0x170/0x3f0 [ 17.809177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.809238] kthread+0x328/0x630 [ 17.809281] ret_from_fork+0x10/0x20 [ 17.809631] [ 17.809748] The buggy address belongs to the object at fff00000c767ae00 [ 17.809748] which belongs to the cache kmalloc-64 of size 64 [ 17.809862] The buggy address is located 0 bytes to the right of [ 17.809862] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.809957] [ 17.810348] The buggy address belongs to the physical page: [ 17.810408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.810770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.810890] page_type: f5(slab) [ 17.810989] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.811061] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.811422] page dumped because: kasan: bad access detected [ 17.811497] [ 17.811541] Memory state around the buggy address: [ 17.811647] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.811714] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.811779] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.811905] ^ [ 17.811945] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.814538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.816328] [ 17.816352] Allocated by task 266: [ 17.816383] kasan_save_stack+0x3c/0x68 [ 17.816753] kasan_save_track+0x20/0x40 [ 17.816909] kasan_save_alloc_info+0x40/0x58 [ 17.817025] __kasan_kmalloc+0xd4/0xd8 [ 17.817184] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.817267] kasan_atomics+0xb8/0x2e0 [ 17.817325] kunit_try_run_case+0x170/0x3f0 [ 17.817366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.817759] kthread+0x328/0x630 [ 17.818456] ret_from_fork+0x10/0x20 [ 17.819029] [ 17.819206] The buggy address belongs to the object at fff00000c767ae00 [ 17.819206] which belongs to the cache kmalloc-64 of size 64 [ 17.819438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.819657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.819856] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.820102] ================================================================== [ 17.912051] ================================================================== [ 17.912106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 17.912158] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.912407] [ 17.912473] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.912568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.912607] Hardware name: linux,dummy-virt (DT) [ 17.912639] Call trace: [ 17.912674] show_stack+0x20/0x38 (C) [ 17.912729] dump_stack_lvl+0x8c/0xd0 [ 17.912777] print_report+0x118/0x5d0 [ 17.912847] kasan_report+0xdc/0x128 [ 17.913516] kasan_check_range+0x100/0x1a8 [ 17.913667] __kasan_check_read+0x20/0x30 [ 17.914062] kasan_atomics_helper+0xdd4/0x4858 [ 17.914172] kasan_atomics+0x198/0x2e0 [ 17.914303] kunit_try_run_case+0x170/0x3f0 [ 17.914463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.914551] kthread+0x328/0x630 [ 17.914594] ret_from_fork+0x10/0x20 [ 17.914813] [ 17.914876] Allocated by task 266: [ 17.914961] kasan_save_stack+0x3c/0x68 [ 17.915622] kasan_save_track+0x20/0x40 [ 17.916026] kasan_save_alloc_info+0x40/0x58 [ 17.916162] __kasan_kmalloc+0xd4/0xd8 [ 17.916228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.916271] kasan_atomics+0xb8/0x2e0 [ 17.916539] kunit_try_run_case+0x170/0x3f0 [ 17.916758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.917146] kthread+0x328/0x630 [ 17.917302] ret_from_fork+0x10/0x20 [ 17.917768] [ 17.917824] The buggy address belongs to the object at fff00000c767ae00 [ 17.917824] which belongs to the cache kmalloc-64 of size 64 [ 17.918001] The buggy address is located 0 bytes to the right of [ 17.918001] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.918136] [ 17.918202] The buggy address belongs to the physical page: [ 17.918325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.918385] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.918828] page_type: f5(slab) [ 17.919229] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.919326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.919389] page dumped because: kasan: bad access detected [ 17.919993] [ 17.920024] Memory state around the buggy address: [ 17.920318] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.920486] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.920733] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.920934] ^ [ 17.920996] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.921129] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.921183] ================================================================== [ 17.892568] ================================================================== [ 17.892723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 17.892799] Write of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.892853] [ 17.892994] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.893148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.893244] Hardware name: linux,dummy-virt (DT) [ 17.893302] Call trace: [ 17.893328] show_stack+0x20/0x38 (C) [ 17.893637] dump_stack_lvl+0x8c/0xd0 [ 17.893785] print_report+0x118/0x5d0 [ 17.894213] kasan_report+0xdc/0x128 [ 17.894308] kasan_check_range+0x100/0x1a8 [ 17.894432] __kasan_check_write+0x20/0x30 [ 17.894549] kasan_atomics_helper+0xd3c/0x4858 [ 17.894692] kasan_atomics+0x198/0x2e0 [ 17.894742] kunit_try_run_case+0x170/0x3f0 [ 17.895076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.895332] kthread+0x328/0x630 [ 17.895673] ret_from_fork+0x10/0x20 [ 17.895842] [ 17.895913] Allocated by task 266: [ 17.895980] kasan_save_stack+0x3c/0x68 [ 17.896205] kasan_save_track+0x20/0x40 [ 17.896402] kasan_save_alloc_info+0x40/0x58 [ 17.896664] __kasan_kmalloc+0xd4/0xd8 [ 17.896787] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.896843] kasan_atomics+0xb8/0x2e0 [ 17.897040] kunit_try_run_case+0x170/0x3f0 [ 17.897572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.897660] kthread+0x328/0x630 [ 17.897709] ret_from_fork+0x10/0x20 [ 17.897750] [ 17.897773] The buggy address belongs to the object at fff00000c767ae00 [ 17.897773] which belongs to the cache kmalloc-64 of size 64 [ 17.897835] The buggy address is located 0 bytes to the right of [ 17.897835] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.898207] [ 17.898716] The buggy address belongs to the physical page: [ 17.899010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.899149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.899228] page_type: f5(slab) [ 17.899289] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.899351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.899396] page dumped because: kasan: bad access detected [ 17.899431] [ 17.899462] Memory state around the buggy address: [ 17.899510] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.899572] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.899618] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.899680] ^ [ 17.899716] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.899781] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.899831] ================================================================== [ 18.218148] ================================================================== [ 18.218290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.218513] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.218572] [ 18.218605] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.218688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.218718] Hardware name: linux,dummy-virt (DT) [ 18.218751] Call trace: [ 18.218776] show_stack+0x20/0x38 (C) [ 18.218826] dump_stack_lvl+0x8c/0xd0 [ 18.219609] print_report+0x118/0x5d0 [ 18.220021] kasan_report+0xdc/0x128 [ 18.220081] __asan_report_load8_noabort+0x20/0x30 [ 18.220137] kasan_atomics_helper+0x3e10/0x4858 [ 18.220199] kasan_atomics+0x198/0x2e0 [ 18.220738] kunit_try_run_case+0x170/0x3f0 [ 18.220816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.221313] kthread+0x328/0x630 [ 18.221394] ret_from_fork+0x10/0x20 [ 18.222304] [ 18.222329] Allocated by task 266: [ 18.222370] kasan_save_stack+0x3c/0x68 [ 18.222414] kasan_save_track+0x20/0x40 [ 18.222464] kasan_save_alloc_info+0x40/0x58 [ 18.222507] __kasan_kmalloc+0xd4/0xd8 [ 18.222545] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.222587] kasan_atomics+0xb8/0x2e0 [ 18.222624] kunit_try_run_case+0x170/0x3f0 [ 18.222664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.222710] kthread+0x328/0x630 [ 18.222746] ret_from_fork+0x10/0x20 [ 18.222783] [ 18.222804] The buggy address belongs to the object at fff00000c767ae00 [ 18.222804] which belongs to the cache kmalloc-64 of size 64 [ 18.222864] The buggy address is located 0 bytes to the right of [ 18.222864] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.222931] [ 18.222954] The buggy address belongs to the physical page: [ 18.222988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.223042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.223092] page_type: f5(slab) [ 18.223131] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.223184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.223238] page dumped because: kasan: bad access detected [ 18.223272] [ 18.223293] Memory state around the buggy address: [ 18.223327] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.223373] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.223418] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.223458] ^ [ 18.223495] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.223540] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.223578] ================================================================== [ 18.127704] ================================================================== [ 18.127760] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.128290] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.128373] [ 18.128407] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.128686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.128717] Hardware name: linux,dummy-virt (DT) [ 18.129239] Call trace: [ 18.129326] show_stack+0x20/0x38 (C) [ 18.129382] dump_stack_lvl+0x8c/0xd0 [ 18.129596] print_report+0x118/0x5d0 [ 18.129674] kasan_report+0xdc/0x128 [ 18.129768] kasan_check_range+0x100/0x1a8 [ 18.130199] __kasan_check_write+0x20/0x30 [ 18.130262] kasan_atomics_helper+0x147c/0x4858 [ 18.130564] kasan_atomics+0x198/0x2e0 [ 18.130795] kunit_try_run_case+0x170/0x3f0 [ 18.131078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.131320] kthread+0x328/0x630 [ 18.131388] ret_from_fork+0x10/0x20 [ 18.131442] [ 18.131464] Allocated by task 266: [ 18.131495] kasan_save_stack+0x3c/0x68 [ 18.131538] kasan_save_track+0x20/0x40 [ 18.131578] kasan_save_alloc_info+0x40/0x58 [ 18.131619] __kasan_kmalloc+0xd4/0xd8 [ 18.132327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.132802] kasan_atomics+0xb8/0x2e0 [ 18.132914] kunit_try_run_case+0x170/0x3f0 [ 18.133148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.133471] kthread+0x328/0x630 [ 18.133678] ret_from_fork+0x10/0x20 [ 18.133846] [ 18.134039] The buggy address belongs to the object at fff00000c767ae00 [ 18.134039] which belongs to the cache kmalloc-64 of size 64 [ 18.134103] The buggy address is located 0 bytes to the right of [ 18.134103] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.134171] [ 18.134204] The buggy address belongs to the physical page: [ 18.134757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.134841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.134924] page_type: f5(slab) [ 18.135031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.135086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.135410] page dumped because: kasan: bad access detected [ 18.135721] [ 18.135746] Memory state around the buggy address: [ 18.135804] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.136135] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.136329] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.136559] ^ [ 18.136639] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.136828] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.136943] ================================================================== [ 18.115608] ================================================================== [ 18.115803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.115887] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.116148] [ 18.116360] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.116790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.117217] Hardware name: linux,dummy-virt (DT) [ 18.117257] Call trace: [ 18.117431] show_stack+0x20/0x38 (C) [ 18.117781] dump_stack_lvl+0x8c/0xd0 [ 18.117942] print_report+0x118/0x5d0 [ 18.117994] kasan_report+0xdc/0x128 [ 18.118539] kasan_check_range+0x100/0x1a8 [ 18.118752] __kasan_check_write+0x20/0x30 [ 18.119144] kasan_atomics_helper+0x1414/0x4858 [ 18.119800] kasan_atomics+0x198/0x2e0 [ 18.119890] kunit_try_run_case+0x170/0x3f0 [ 18.120230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.120598] kthread+0x328/0x630 [ 18.120977] ret_from_fork+0x10/0x20 [ 18.121049] [ 18.121074] Allocated by task 266: [ 18.121104] kasan_save_stack+0x3c/0x68 [ 18.121155] kasan_save_track+0x20/0x40 [ 18.121352] kasan_save_alloc_info+0x40/0x58 [ 18.121417] __kasan_kmalloc+0xd4/0xd8 [ 18.121464] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.121850] kasan_atomics+0xb8/0x2e0 [ 18.121907] kunit_try_run_case+0x170/0x3f0 [ 18.122217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.122520] kthread+0x328/0x630 [ 18.122564] ret_from_fork+0x10/0x20 [ 18.122660] [ 18.122900] The buggy address belongs to the object at fff00000c767ae00 [ 18.122900] which belongs to the cache kmalloc-64 of size 64 [ 18.123403] The buggy address is located 0 bytes to the right of [ 18.123403] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.123531] [ 18.123696] The buggy address belongs to the physical page: [ 18.123889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.124115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.124430] page_type: f5(slab) [ 18.124499] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.124955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.125006] page dumped because: kasan: bad access detected [ 18.125041] [ 18.125070] Memory state around the buggy address: [ 18.125107] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.125153] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.125208] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.125727] ^ [ 18.125999] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.126046] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.126118] ================================================================== [ 18.138184] ================================================================== [ 18.138254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.138305] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.138943] [ 18.139008] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.139094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.139125] Hardware name: linux,dummy-virt (DT) [ 18.139159] Call trace: [ 18.139903] show_stack+0x20/0x38 (C) [ 18.140284] dump_stack_lvl+0x8c/0xd0 [ 18.140356] print_report+0x118/0x5d0 [ 18.140419] kasan_report+0xdc/0x128 [ 18.140474] kasan_check_range+0x100/0x1a8 [ 18.140864] __kasan_check_write+0x20/0x30 [ 18.141200] kasan_atomics_helper+0x14e4/0x4858 [ 18.141256] kasan_atomics+0x198/0x2e0 [ 18.141598] kunit_try_run_case+0x170/0x3f0 [ 18.141665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.141763] kthread+0x328/0x630 [ 18.141808] ret_from_fork+0x10/0x20 [ 18.142339] [ 18.142368] Allocated by task 266: [ 18.142404] kasan_save_stack+0x3c/0x68 [ 18.142451] kasan_save_track+0x20/0x40 [ 18.142916] kasan_save_alloc_info+0x40/0x58 [ 18.143082] __kasan_kmalloc+0xd4/0xd8 [ 18.143204] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.143883] kasan_atomics+0xb8/0x2e0 [ 18.143930] kunit_try_run_case+0x170/0x3f0 [ 18.143969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.144307] kthread+0x328/0x630 [ 18.144635] ret_from_fork+0x10/0x20 [ 18.144779] [ 18.144802] The buggy address belongs to the object at fff00000c767ae00 [ 18.144802] which belongs to the cache kmalloc-64 of size 64 [ 18.145277] The buggy address is located 0 bytes to the right of [ 18.145277] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.145385] [ 18.145408] The buggy address belongs to the physical page: [ 18.145442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.145496] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.145546] page_type: f5(slab) [ 18.146026] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.146239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.146291] page dumped because: kasan: bad access detected [ 18.146615] [ 18.146642] Memory state around the buggy address: [ 18.146833] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.147061] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.147110] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.147480] ^ [ 18.147772] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.148093] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.148624] ================================================================== [ 18.083596] ================================================================== [ 18.083985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.084278] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.084492] [ 18.084644] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.084738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.085007] Hardware name: linux,dummy-virt (DT) [ 18.085371] Call trace: [ 18.085507] show_stack+0x20/0x38 (C) [ 18.085566] dump_stack_lvl+0x8c/0xd0 [ 18.085616] print_report+0x118/0x5d0 [ 18.085808] kasan_report+0xdc/0x128 [ 18.086158] kasan_check_range+0x100/0x1a8 [ 18.086238] __kasan_check_write+0x20/0x30 [ 18.086475] kasan_atomics_helper+0x12d8/0x4858 [ 18.086932] kasan_atomics+0x198/0x2e0 [ 18.087239] kunit_try_run_case+0x170/0x3f0 [ 18.087296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.087352] kthread+0x328/0x630 [ 18.087395] ret_from_fork+0x10/0x20 [ 18.088152] [ 18.088181] Allocated by task 266: [ 18.088224] kasan_save_stack+0x3c/0x68 [ 18.088741] kasan_save_track+0x20/0x40 [ 18.088970] kasan_save_alloc_info+0x40/0x58 [ 18.089040] __kasan_kmalloc+0xd4/0xd8 [ 18.089084] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.089132] kasan_atomics+0xb8/0x2e0 [ 18.089169] kunit_try_run_case+0x170/0x3f0 [ 18.089513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.089741] kthread+0x328/0x630 [ 18.089777] ret_from_fork+0x10/0x20 [ 18.090071] [ 18.090199] The buggy address belongs to the object at fff00000c767ae00 [ 18.090199] which belongs to the cache kmalloc-64 of size 64 [ 18.090782] The buggy address is located 0 bytes to the right of [ 18.090782] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.090867] [ 18.091260] The buggy address belongs to the physical page: [ 18.091305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.091537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.091589] page_type: f5(slab) [ 18.091997] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.092180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.092330] page dumped because: kasan: bad access detected [ 18.092372] [ 18.092521] Memory state around the buggy address: [ 18.092560] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.092835] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.092889] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.092930] ^ [ 18.092968] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.093599] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.093697] ================================================================== [ 17.736420] ================================================================== [ 17.736476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 17.736564] Write of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.736626] [ 17.737028] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.737392] Hardware name: linux,dummy-virt (DT) [ 17.737874] dump_stack_lvl+0x8c/0xd0 [ 17.738060] print_report+0x118/0x5d0 [ 17.738463] kasan_atomics_helper+0x684/0x4858 [ 17.739056] kunit_try_run_case+0x170/0x3f0 [ 17.739221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.739321] kthread+0x328/0x630 [ 17.739373] ret_from_fork+0x10/0x20 [ 17.740017] kasan_save_track+0x20/0x40 [ 17.740104] kasan_save_alloc_info+0x40/0x58 [ 17.740165] __kasan_kmalloc+0xd4/0xd8 [ 17.740390] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.740975] kthread+0x328/0x630 [ 17.741069] ret_from_fork+0x10/0x20 [ 17.741111] [ 17.741134] The buggy address belongs to the object at fff00000c767ae00 [ 17.741134] which belongs to the cache kmalloc-64 of size 64 [ 17.741808] [ 17.741847] The buggy address belongs to the physical page: [ 17.741971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.742876] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.743208] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.743301] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.743816] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.744126] ================================================================== [ 17.972969] ================================================================== [ 17.973035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 17.973095] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.973598] [ 17.973639] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.973763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.973933] Hardware name: linux,dummy-virt (DT) [ 17.974132] Call trace: [ 17.974165] show_stack+0x20/0x38 (C) [ 17.974460] dump_stack_lvl+0x8c/0xd0 [ 17.974850] print_report+0x118/0x5d0 [ 17.975022] kasan_report+0xdc/0x128 [ 17.975219] kasan_check_range+0x100/0x1a8 [ 17.975467] __kasan_check_write+0x20/0x30 [ 17.975815] kasan_atomics_helper+0xf20/0x4858 [ 17.976019] kasan_atomics+0x198/0x2e0 [ 17.976354] kunit_try_run_case+0x170/0x3f0 [ 17.976558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.976616] kthread+0x328/0x630 [ 17.977007] ret_from_fork+0x10/0x20 [ 17.977077] [ 17.977098] Allocated by task 266: [ 17.977128] kasan_save_stack+0x3c/0x68 [ 17.977296] kasan_save_track+0x20/0x40 [ 17.977654] kasan_save_alloc_info+0x40/0x58 [ 17.977928] __kasan_kmalloc+0xd4/0xd8 [ 17.978132] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.978308] kasan_atomics+0xb8/0x2e0 [ 17.978357] kunit_try_run_case+0x170/0x3f0 [ 17.978435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.978695] kthread+0x328/0x630 [ 17.978747] ret_from_fork+0x10/0x20 [ 17.978940] [ 17.979011] The buggy address belongs to the object at fff00000c767ae00 [ 17.979011] which belongs to the cache kmalloc-64 of size 64 [ 17.979507] The buggy address is located 0 bytes to the right of [ 17.979507] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.979994] [ 17.980934] The buggy address belongs to the physical page: [ 17.980973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.981215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.981601] page_type: f5(slab) [ 17.981690] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.981746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.982050] page dumped because: kasan: bad access detected [ 17.982240] [ 17.982263] Memory state around the buggy address: [ 17.982587] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983027] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983306] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.983478] ^ [ 17.983522] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.983566] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.983731] ================================================================== [ 18.105335] ================================================================== [ 18.105634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.105692] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.105997] [ 18.106074] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.106336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.106372] Hardware name: linux,dummy-virt (DT) [ 18.106406] Call trace: [ 18.106594] show_stack+0x20/0x38 (C) [ 18.106978] dump_stack_lvl+0x8c/0xd0 [ 18.107047] print_report+0x118/0x5d0 [ 18.107105] kasan_report+0xdc/0x128 [ 18.107153] __asan_report_load8_noabort+0x20/0x30 [ 18.107217] kasan_atomics_helper+0x3f04/0x4858 [ 18.107267] kasan_atomics+0x198/0x2e0 [ 18.107316] kunit_try_run_case+0x170/0x3f0 [ 18.107367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.107424] kthread+0x328/0x630 [ 18.107468] ret_from_fork+0x10/0x20 [ 18.107799] [ 18.107883] Allocated by task 266: [ 18.107923] kasan_save_stack+0x3c/0x68 [ 18.108387] kasan_save_track+0x20/0x40 [ 18.108429] kasan_save_alloc_info+0x40/0x58 [ 18.108471] __kasan_kmalloc+0xd4/0xd8 [ 18.108998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.109078] kasan_atomics+0xb8/0x2e0 [ 18.109117] kunit_try_run_case+0x170/0x3f0 [ 18.109166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.109731] kthread+0x328/0x630 [ 18.109773] ret_from_fork+0x10/0x20 [ 18.109813] [ 18.109838] The buggy address belongs to the object at fff00000c767ae00 [ 18.109838] which belongs to the cache kmalloc-64 of size 64 [ 18.109901] The buggy address is located 0 bytes to the right of [ 18.109901] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.110252] [ 18.110509] The buggy address belongs to the physical page: [ 18.110552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.110811] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.110864] page_type: f5(slab) [ 18.111470] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.111822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.112123] page dumped because: kasan: bad access detected [ 18.112488] [ 18.112514] Memory state around the buggy address: [ 18.113208] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.113373] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.113450] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.113492] ^ [ 18.113910] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113987] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.114351] ================================================================== [ 18.224093] ================================================================== [ 18.224144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.224225] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.224279] [ 18.224311] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.224394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.224422] Hardware name: linux,dummy-virt (DT) [ 18.224456] Call trace: [ 18.224480] show_stack+0x20/0x38 (C) [ 18.224533] dump_stack_lvl+0x8c/0xd0 [ 18.224588] print_report+0x118/0x5d0 [ 18.225466] kasan_report+0xdc/0x128 [ 18.225546] kasan_check_range+0x100/0x1a8 [ 18.225596] __kasan_check_write+0x20/0x30 [ 18.225645] kasan_atomics_helper+0x175c/0x4858 [ 18.226004] kasan_atomics+0x198/0x2e0 [ 18.226199] kunit_try_run_case+0x170/0x3f0 [ 18.226333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.226407] kthread+0x328/0x630 [ 18.226597] ret_from_fork+0x10/0x20 [ 18.226870] [ 18.226990] Allocated by task 266: [ 18.227074] kasan_save_stack+0x3c/0x68 [ 18.227130] kasan_save_track+0x20/0x40 [ 18.227169] kasan_save_alloc_info+0x40/0x58 [ 18.227224] __kasan_kmalloc+0xd4/0xd8 [ 18.227262] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.227313] kasan_atomics+0xb8/0x2e0 [ 18.227349] kunit_try_run_case+0x170/0x3f0 [ 18.227390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.227435] kthread+0x328/0x630 [ 18.227471] ret_from_fork+0x10/0x20 [ 18.227522] [ 18.227566] The buggy address belongs to the object at fff00000c767ae00 [ 18.227566] which belongs to the cache kmalloc-64 of size 64 [ 18.227641] The buggy address is located 0 bytes to the right of [ 18.227641] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.227720] [ 18.227765] The buggy address belongs to the physical page: [ 18.227818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.227881] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.227931] page_type: f5(slab) [ 18.227971] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.228030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.228075] page dumped because: kasan: bad access detected [ 18.228127] [ 18.228170] Memory state around the buggy address: [ 18.228214] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.228259] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.228304] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.228344] ^ [ 18.228379] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.228424] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.228499] ================================================================== [ 17.901137] ================================================================== [ 17.901201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 17.901253] Read of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.901305] [ 17.901773] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.902170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.902410] Hardware name: linux,dummy-virt (DT) [ 17.902460] Call trace: [ 17.902522] show_stack+0x20/0x38 (C) [ 17.903019] dump_stack_lvl+0x8c/0xd0 [ 17.903088] print_report+0x118/0x5d0 [ 17.903474] kasan_report+0xdc/0x128 [ 17.903746] __asan_report_load4_noabort+0x20/0x30 [ 17.904072] kasan_atomics_helper+0x3e04/0x4858 [ 17.904261] kasan_atomics+0x198/0x2e0 [ 17.904353] kunit_try_run_case+0x170/0x3f0 [ 17.904412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.904802] kthread+0x328/0x630 [ 17.905216] ret_from_fork+0x10/0x20 [ 17.905467] [ 17.905537] Allocated by task 266: [ 17.905689] kasan_save_stack+0x3c/0x68 [ 17.905752] kasan_save_track+0x20/0x40 [ 17.905823] kasan_save_alloc_info+0x40/0x58 [ 17.905869] __kasan_kmalloc+0xd4/0xd8 [ 17.906266] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.906598] kasan_atomics+0xb8/0x2e0 [ 17.906659] kunit_try_run_case+0x170/0x3f0 [ 17.907096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.907316] kthread+0x328/0x630 [ 17.907516] ret_from_fork+0x10/0x20 [ 17.907594] [ 17.907637] The buggy address belongs to the object at fff00000c767ae00 [ 17.907637] which belongs to the cache kmalloc-64 of size 64 [ 17.908146] The buggy address is located 0 bytes to the right of [ 17.908146] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.908358] [ 17.908467] The buggy address belongs to the physical page: [ 17.908595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.908654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.908718] page_type: f5(slab) [ 17.908766] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.909283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.909373] page dumped because: kasan: bad access detected [ 17.909412] [ 17.909904] Memory state around the buggy address: [ 17.910122] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.910181] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.910343] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.910428] ^ [ 17.910485] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.910624] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.910702] ================================================================== [ 18.062576] ================================================================== [ 18.062772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.062825] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.062877] [ 18.062911] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.062994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.063021] Hardware name: linux,dummy-virt (DT) [ 18.063055] Call trace: [ 18.063079] show_stack+0x20/0x38 (C) [ 18.063130] dump_stack_lvl+0x8c/0xd0 [ 18.063179] print_report+0x118/0x5d0 [ 18.063730] kasan_report+0xdc/0x128 [ 18.064950] kasan_check_range+0x100/0x1a8 [ 18.065025] __kasan_check_write+0x20/0x30 [ 18.065137] kasan_atomics_helper+0x11f8/0x4858 [ 18.065198] kasan_atomics+0x198/0x2e0 [ 18.065432] kunit_try_run_case+0x170/0x3f0 [ 18.065506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.065688] kthread+0x328/0x630 [ 18.066085] ret_from_fork+0x10/0x20 [ 18.066153] [ 18.066309] Allocated by task 266: [ 18.066543] kasan_save_stack+0x3c/0x68 [ 18.066590] kasan_save_track+0x20/0x40 [ 18.066629] kasan_save_alloc_info+0x40/0x58 [ 18.066671] __kasan_kmalloc+0xd4/0xd8 [ 18.067105] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.067174] kasan_atomics+0xb8/0x2e0 [ 18.067786] kunit_try_run_case+0x170/0x3f0 [ 18.067845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.068242] kthread+0x328/0x630 [ 18.068607] ret_from_fork+0x10/0x20 [ 18.068664] [ 18.068691] The buggy address belongs to the object at fff00000c767ae00 [ 18.068691] which belongs to the cache kmalloc-64 of size 64 [ 18.068753] The buggy address is located 0 bytes to the right of [ 18.068753] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.069379] [ 18.069411] The buggy address belongs to the physical page: [ 18.069493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.069557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.069628] page_type: f5(slab) [ 18.069670] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.069724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.069954] page dumped because: kasan: bad access detected [ 18.070217] [ 18.070300] Memory state around the buggy address: [ 18.070337] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.070686] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.070741] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.070783] ^ [ 18.070821] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.070864] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.070905] ================================================================== [ 17.958862] ================================================================== [ 17.959438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 17.959588] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.959642] [ 17.959676] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.959760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.959791] Hardware name: linux,dummy-virt (DT) [ 17.959824] Call trace: [ 17.959849] show_stack+0x20/0x38 (C) [ 17.960324] dump_stack_lvl+0x8c/0xd0 [ 17.960813] print_report+0x118/0x5d0 [ 17.961168] kasan_report+0xdc/0x128 [ 17.961362] kasan_check_range+0x100/0x1a8 [ 17.961439] __kasan_check_write+0x20/0x30 [ 17.961501] kasan_atomics_helper+0xeb8/0x4858 [ 17.961708] kasan_atomics+0x198/0x2e0 [ 17.961990] kunit_try_run_case+0x170/0x3f0 [ 17.962412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.962479] kthread+0x328/0x630 [ 17.962901] ret_from_fork+0x10/0x20 [ 17.963161] [ 17.963494] Allocated by task 266: [ 17.963943] kasan_save_stack+0x3c/0x68 [ 17.963999] kasan_save_track+0x20/0x40 [ 17.964259] kasan_save_alloc_info+0x40/0x58 [ 17.964506] __kasan_kmalloc+0xd4/0xd8 [ 17.964547] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.964908] kasan_atomics+0xb8/0x2e0 [ 17.965283] kunit_try_run_case+0x170/0x3f0 [ 17.965404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.965741] kthread+0x328/0x630 [ 17.965783] ret_from_fork+0x10/0x20 [ 17.966148] [ 17.966381] The buggy address belongs to the object at fff00000c767ae00 [ 17.966381] which belongs to the cache kmalloc-64 of size 64 [ 17.966679] The buggy address is located 0 bytes to the right of [ 17.966679] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.967043] [ 17.967077] The buggy address belongs to the physical page: [ 17.967512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.967956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.968046] page_type: f5(slab) [ 17.968267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.968328] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.968372] page dumped because: kasan: bad access detected [ 17.968406] [ 17.968710] Memory state around the buggy address: [ 17.969205] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.969258] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.969353] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.969723] ^ [ 17.969768] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970038] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970104] ================================================================== [ 18.149310] ================================================================== [ 18.149779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.150180] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.150251] [ 18.150285] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.150368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.150397] Hardware name: linux,dummy-virt (DT) [ 18.151048] Call trace: [ 18.151368] show_stack+0x20/0x38 (C) [ 18.151821] dump_stack_lvl+0x8c/0xd0 [ 18.151886] print_report+0x118/0x5d0 [ 18.152202] kasan_report+0xdc/0x128 [ 18.152304] kasan_check_range+0x100/0x1a8 [ 18.152364] __kasan_check_write+0x20/0x30 [ 18.152835] kasan_atomics_helper+0x154c/0x4858 [ 18.152987] kasan_atomics+0x198/0x2e0 [ 18.153177] kunit_try_run_case+0x170/0x3f0 [ 18.153338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.153416] kthread+0x328/0x630 [ 18.153695] ret_from_fork+0x10/0x20 [ 18.154039] [ 18.154062] Allocated by task 266: [ 18.154093] kasan_save_stack+0x3c/0x68 [ 18.154136] kasan_save_track+0x20/0x40 [ 18.154177] kasan_save_alloc_info+0x40/0x58 [ 18.154229] __kasan_kmalloc+0xd4/0xd8 [ 18.154270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.154311] kasan_atomics+0xb8/0x2e0 [ 18.154839] kunit_try_run_case+0x170/0x3f0 [ 18.155451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.155536] kthread+0x328/0x630 [ 18.155571] ret_from_fork+0x10/0x20 [ 18.155940] [ 18.155967] The buggy address belongs to the object at fff00000c767ae00 [ 18.155967] which belongs to the cache kmalloc-64 of size 64 [ 18.156060] The buggy address is located 0 bytes to the right of [ 18.156060] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.156259] [ 18.156371] The buggy address belongs to the physical page: [ 18.156556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.156644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.156696] page_type: f5(slab) [ 18.157166] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.157312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.157357] page dumped because: kasan: bad access detected [ 18.157812] [ 18.157846] Memory state around the buggy address: [ 18.157890] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.158162] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.158221] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.158567] ^ [ 18.158617] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.158958] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.159002] ================================================================== [ 17.946644] ================================================================== [ 17.946698] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 17.946750] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.946804] [ 17.946839] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.946921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.948802] Hardware name: linux,dummy-virt (DT) [ 17.949027] Call trace: [ 17.949135] show_stack+0x20/0x38 (C) [ 17.949445] dump_stack_lvl+0x8c/0xd0 [ 17.949602] print_report+0x118/0x5d0 [ 17.949674] kasan_report+0xdc/0x128 [ 17.949723] __asan_report_store8_noabort+0x20/0x30 [ 17.949901] kasan_atomics_helper+0x3e5c/0x4858 [ 17.949955] kasan_atomics+0x198/0x2e0 [ 17.950025] kunit_try_run_case+0x170/0x3f0 [ 17.950078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.950132] kthread+0x328/0x630 [ 17.950497] ret_from_fork+0x10/0x20 [ 17.951345] [ 17.951498] Allocated by task 266: [ 17.951731] kasan_save_stack+0x3c/0x68 [ 17.952119] kasan_save_track+0x20/0x40 [ 17.952218] kasan_save_alloc_info+0x40/0x58 [ 17.952260] __kasan_kmalloc+0xd4/0xd8 [ 17.952299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.952786] kasan_atomics+0xb8/0x2e0 [ 17.953205] kunit_try_run_case+0x170/0x3f0 [ 17.953251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.953305] kthread+0x328/0x630 [ 17.953690] ret_from_fork+0x10/0x20 [ 17.953733] [ 17.953755] The buggy address belongs to the object at fff00000c767ae00 [ 17.953755] which belongs to the cache kmalloc-64 of size 64 [ 17.953817] The buggy address is located 0 bytes to the right of [ 17.953817] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.953885] [ 17.954418] The buggy address belongs to the physical page: [ 17.954460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.954537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.954622] page_type: f5(slab) [ 17.954945] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.955014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.955166] page dumped because: kasan: bad access detected [ 17.955211] [ 17.955545] Memory state around the buggy address: [ 17.955901] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.956294] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.956417] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.956724] ^ [ 17.956773] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.957167] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.957327] ================================================================== [ 18.160168] ================================================================== [ 18.160252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.160687] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.160747] [ 18.161325] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.161677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.161849] Hardware name: linux,dummy-virt (DT) [ 18.161889] Call trace: [ 18.161915] show_stack+0x20/0x38 (C) [ 18.162002] dump_stack_lvl+0x8c/0xd0 [ 18.162306] print_report+0x118/0x5d0 [ 18.162725] kasan_report+0xdc/0x128 [ 18.163047] kasan_check_range+0x100/0x1a8 [ 18.163422] __kasan_check_write+0x20/0x30 [ 18.163653] kasan_atomics_helper+0x15b4/0x4858 [ 18.163707] kasan_atomics+0x198/0x2e0 [ 18.164255] kunit_try_run_case+0x170/0x3f0 [ 18.164614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.164678] kthread+0x328/0x630 [ 18.164942] ret_from_fork+0x10/0x20 [ 18.164999] [ 18.165029] Allocated by task 266: [ 18.165066] kasan_save_stack+0x3c/0x68 [ 18.165294] kasan_save_track+0x20/0x40 [ 18.165335] kasan_save_alloc_info+0x40/0x58 [ 18.165376] __kasan_kmalloc+0xd4/0xd8 [ 18.165416] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.165968] kasan_atomics+0xb8/0x2e0 [ 18.166034] kunit_try_run_case+0x170/0x3f0 [ 18.166100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.166154] kthread+0x328/0x630 [ 18.166282] ret_from_fork+0x10/0x20 [ 18.166569] [ 18.166593] The buggy address belongs to the object at fff00000c767ae00 [ 18.166593] which belongs to the cache kmalloc-64 of size 64 [ 18.166657] The buggy address is located 0 bytes to the right of [ 18.166657] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.166724] [ 18.166880] The buggy address belongs to the physical page: [ 18.166920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.167455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.167704] page_type: f5(slab) [ 18.167769] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.167884] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.168004] page dumped because: kasan: bad access detected [ 18.168232] [ 18.168256] Memory state around the buggy address: [ 18.168381] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168429] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168920] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.168972] ^ [ 18.169108] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169166] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169327] ================================================================== [ 17.932389] ================================================================== [ 17.932449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 17.932500] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.932552] [ 17.932661] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.932750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.932780] Hardware name: linux,dummy-virt (DT) [ 17.932816] Call trace: [ 17.932846] show_stack+0x20/0x38 (C) [ 17.932929] dump_stack_lvl+0x8c/0xd0 [ 17.933317] print_report+0x118/0x5d0 [ 17.933675] kasan_report+0xdc/0x128 [ 17.934064] kasan_check_range+0x100/0x1a8 [ 17.934458] __kasan_check_write+0x20/0x30 [ 17.934646] kasan_atomics_helper+0xe44/0x4858 [ 17.934757] kasan_atomics+0x198/0x2e0 [ 17.934951] kunit_try_run_case+0x170/0x3f0 [ 17.935055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.935959] kthread+0x328/0x630 [ 17.939632] ret_from_fork+0x10/0x20 [ 17.939773] [ 17.939798] Allocated by task 266: [ 17.939881] kasan_save_stack+0x3c/0x68 [ 17.940484] kasan_save_track+0x20/0x40 [ 17.940530] kasan_save_alloc_info+0x40/0x58 [ 17.940592] __kasan_kmalloc+0xd4/0xd8 [ 17.940648] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.940798] kasan_atomics+0xb8/0x2e0 [ 17.940930] kunit_try_run_case+0x170/0x3f0 [ 17.941104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.941151] kthread+0x328/0x630 [ 17.941210] ret_from_fork+0x10/0x20 [ 17.941250] [ 17.941273] The buggy address belongs to the object at fff00000c767ae00 [ 17.941273] which belongs to the cache kmalloc-64 of size 64 [ 17.941333] The buggy address is located 0 bytes to the right of [ 17.941333] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.941398] [ 17.941422] The buggy address belongs to the physical page: [ 17.941456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.941737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.941846] page_type: f5(slab) [ 17.942222] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.942279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.942376] page dumped because: kasan: bad access detected [ 17.942509] [ 17.942536] Memory state around the buggy address: [ 17.942640] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.942725] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.943231] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.943346] ^ [ 17.943842] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.944110] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.944644] ================================================================== [ 18.017079] ================================================================== [ 18.017133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.017184] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.017250] [ 18.017282] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.017366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.017396] Hardware name: linux,dummy-virt (DT) [ 18.017430] Call trace: [ 18.019024] show_stack+0x20/0x38 (C) [ 18.019365] dump_stack_lvl+0x8c/0xd0 [ 18.019430] print_report+0x118/0x5d0 [ 18.019883] kasan_report+0xdc/0x128 [ 18.019995] kasan_check_range+0x100/0x1a8 [ 18.020457] __kasan_check_write+0x20/0x30 [ 18.020575] kasan_atomics_helper+0x10c0/0x4858 [ 18.020627] kasan_atomics+0x198/0x2e0 [ 18.021072] kunit_try_run_case+0x170/0x3f0 [ 18.021151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.021492] kthread+0x328/0x630 [ 18.021731] ret_from_fork+0x10/0x20 [ 18.021861] [ 18.021883] Allocated by task 266: [ 18.022337] kasan_save_stack+0x3c/0x68 [ 18.022636] kasan_save_track+0x20/0x40 [ 18.022878] kasan_save_alloc_info+0x40/0x58 [ 18.022925] __kasan_kmalloc+0xd4/0xd8 [ 18.023215] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.023265] kasan_atomics+0xb8/0x2e0 [ 18.023747] kunit_try_run_case+0x170/0x3f0 [ 18.023802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.023905] kthread+0x328/0x630 [ 18.023941] ret_from_fork+0x10/0x20 [ 18.024076] [ 18.024394] The buggy address belongs to the object at fff00000c767ae00 [ 18.024394] which belongs to the cache kmalloc-64 of size 64 [ 18.024964] The buggy address is located 0 bytes to the right of [ 18.024964] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.025467] [ 18.025651] The buggy address belongs to the physical page: [ 18.025856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.026117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.026259] page_type: f5(slab) [ 18.026304] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.026609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.027064] page dumped because: kasan: bad access detected [ 18.027105] [ 18.027530] Memory state around the buggy address: [ 18.028199] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.028847] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.029181] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.029597] ^ [ 18.030549] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.031086] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.031368] ================================================================== [ 17.985147] ================================================================== [ 17.986141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 17.986395] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.986820] [ 17.986988] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.987234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.987270] Hardware name: linux,dummy-virt (DT) [ 17.987792] Call trace: [ 17.988139] show_stack+0x20/0x38 (C) [ 17.988461] dump_stack_lvl+0x8c/0xd0 [ 17.988664] print_report+0x118/0x5d0 [ 17.988969] kasan_report+0xdc/0x128 [ 17.989174] kasan_check_range+0x100/0x1a8 [ 17.989562] __kasan_check_write+0x20/0x30 [ 17.989762] kasan_atomics_helper+0xf88/0x4858 [ 17.990175] kasan_atomics+0x198/0x2e0 [ 17.990650] kunit_try_run_case+0x170/0x3f0 [ 17.990776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.991131] kthread+0x328/0x630 [ 17.991386] ret_from_fork+0x10/0x20 [ 17.991874] [ 17.992026] Allocated by task 266: [ 17.992061] kasan_save_stack+0x3c/0x68 [ 17.992235] kasan_save_track+0x20/0x40 [ 17.992274] kasan_save_alloc_info+0x40/0x58 [ 17.992319] __kasan_kmalloc+0xd4/0xd8 [ 17.993572] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.993638] kasan_atomics+0xb8/0x2e0 [ 17.993676] kunit_try_run_case+0x170/0x3f0 [ 17.993718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.993764] kthread+0x328/0x630 [ 17.993800] ret_from_fork+0x10/0x20 [ 17.993839] [ 17.993985] The buggy address belongs to the object at fff00000c767ae00 [ 17.993985] which belongs to the cache kmalloc-64 of size 64 [ 17.994051] The buggy address is located 0 bytes to the right of [ 17.994051] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.994118] [ 17.994141] The buggy address belongs to the physical page: [ 17.994222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.994277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.994326] page_type: f5(slab) [ 17.994579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.994860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.994929] page dumped because: kasan: bad access detected [ 17.995031] [ 17.995052] Memory state around the buggy address: [ 17.995086] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.995181] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.995238] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.995310] ^ [ 17.995437] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.995547] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.995716] ================================================================== [ 18.094594] ================================================================== [ 18.094647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.094698] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.094749] [ 18.094782] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.094864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.094892] Hardware name: linux,dummy-virt (DT) [ 18.095503] Call trace: [ 18.095544] show_stack+0x20/0x38 (C) [ 18.095870] dump_stack_lvl+0x8c/0xd0 [ 18.095929] print_report+0x118/0x5d0 [ 18.096406] kasan_report+0xdc/0x128 [ 18.096492] kasan_check_range+0x100/0x1a8 [ 18.096549] __kasan_check_write+0x20/0x30 [ 18.096814] kasan_atomics_helper+0x1384/0x4858 [ 18.097024] kasan_atomics+0x198/0x2e0 [ 18.097313] kunit_try_run_case+0x170/0x3f0 [ 18.097560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.097793] kthread+0x328/0x630 [ 18.098033] ret_from_fork+0x10/0x20 [ 18.098089] [ 18.098113] Allocated by task 266: [ 18.098355] kasan_save_stack+0x3c/0x68 [ 18.098664] kasan_save_track+0x20/0x40 [ 18.098907] kasan_save_alloc_info+0x40/0x58 [ 18.099262] __kasan_kmalloc+0xd4/0xd8 [ 18.099476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.099627] kasan_atomics+0xb8/0x2e0 [ 18.099671] kunit_try_run_case+0x170/0x3f0 [ 18.099713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.099758] kthread+0x328/0x630 [ 18.099791] ret_from_fork+0x10/0x20 [ 18.099830] [ 18.099854] The buggy address belongs to the object at fff00000c767ae00 [ 18.099854] which belongs to the cache kmalloc-64 of size 64 [ 18.100480] The buggy address is located 0 bytes to the right of [ 18.100480] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.101051] [ 18.101080] The buggy address belongs to the physical page: [ 18.101227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.101433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.101498] page_type: f5(slab) [ 18.101539] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.101752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.102054] page dumped because: kasan: bad access detected [ 18.102092] [ 18.102235] Memory state around the buggy address: [ 18.102438] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.103114] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.103469] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.103519] ^ [ 18.103708] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.103959] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.104433] ================================================================== [ 17.996222] ================================================================== [ 17.996274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 17.996325] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.996376] [ 17.996407] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.996488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.996562] Hardware name: linux,dummy-virt (DT) [ 17.996596] Call trace: [ 17.996632] show_stack+0x20/0x38 (C) [ 17.996681] dump_stack_lvl+0x8c/0xd0 [ 17.996730] print_report+0x118/0x5d0 [ 17.996777] kasan_report+0xdc/0x128 [ 17.996825] kasan_check_range+0x100/0x1a8 [ 17.997021] __kasan_check_write+0x20/0x30 [ 17.997135] kasan_atomics_helper+0xff0/0x4858 [ 17.997196] kasan_atomics+0x198/0x2e0 [ 17.997244] kunit_try_run_case+0x170/0x3f0 [ 17.997292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.997374] kthread+0x328/0x630 [ 17.997428] ret_from_fork+0x10/0x20 [ 17.997532] [ 17.997554] Allocated by task 266: [ 17.997585] kasan_save_stack+0x3c/0x68 [ 17.997627] kasan_save_track+0x20/0x40 [ 17.997742] kasan_save_alloc_info+0x40/0x58 [ 17.997818] __kasan_kmalloc+0xd4/0xd8 [ 17.997881] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.997929] kasan_atomics+0xb8/0x2e0 [ 17.997967] kunit_try_run_case+0x170/0x3f0 [ 17.998146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.998212] kthread+0x328/0x630 [ 17.998279] ret_from_fork+0x10/0x20 [ 17.998319] [ 17.998342] The buggy address belongs to the object at fff00000c767ae00 [ 17.998342] which belongs to the cache kmalloc-64 of size 64 [ 17.998402] The buggy address is located 0 bytes to the right of [ 17.998402] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.998537] [ 17.998633] The buggy address belongs to the physical page: [ 17.998734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.998816] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.998864] page_type: f5(slab) [ 17.998902] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.998955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.999061] page dumped because: kasan: bad access detected [ 17.999097] [ 17.999141] Memory state around the buggy address: [ 17.999176] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.999242] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.999405] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.999689] ^ [ 17.999739] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.999783] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.999849] ================================================================== [ 18.000938] ================================================================== [ 18.001063] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.001249] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.001494] [ 18.001588] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.001701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.001729] Hardware name: linux,dummy-virt (DT) [ 18.001763] Call trace: [ 18.001955] show_stack+0x20/0x38 (C) [ 18.002300] dump_stack_lvl+0x8c/0xd0 [ 18.002440] print_report+0x118/0x5d0 [ 18.003039] kasan_report+0xdc/0x128 [ 18.003208] kasan_check_range+0x100/0x1a8 [ 18.003262] __kasan_check_write+0x20/0x30 [ 18.004222] kasan_atomics_helper+0x1058/0x4858 [ 18.004784] kasan_atomics+0x198/0x2e0 [ 18.004849] kunit_try_run_case+0x170/0x3f0 [ 18.005723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.005793] kthread+0x328/0x630 [ 18.006485] ret_from_fork+0x10/0x20 [ 18.006927] [ 18.006958] Allocated by task 266: [ 18.007733] kasan_save_stack+0x3c/0x68 [ 18.007908] kasan_save_track+0x20/0x40 [ 18.007964] kasan_save_alloc_info+0x40/0x58 [ 18.008611] __kasan_kmalloc+0xd4/0xd8 [ 18.009070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.009260] kasan_atomics+0xb8/0x2e0 [ 18.009529] kunit_try_run_case+0x170/0x3f0 [ 18.009574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.009620] kthread+0x328/0x630 [ 18.009655] ret_from_fork+0x10/0x20 [ 18.010610] [ 18.011089] The buggy address belongs to the object at fff00000c767ae00 [ 18.011089] which belongs to the cache kmalloc-64 of size 64 [ 18.011662] The buggy address is located 0 bytes to the right of [ 18.011662] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.012023] [ 18.012455] The buggy address belongs to the physical page: [ 18.012580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.013228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.013300] page_type: f5(slab) [ 18.013342] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.013477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.013784] page dumped because: kasan: bad access detected [ 18.013836] [ 18.013857] Memory state around the buggy address: [ 18.014258] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.014449] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.014694] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.015065] ^ [ 18.015110] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015156] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015204] ================================================================== [ 17.658851] ================================================================== [ 17.658905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 17.659164] Hardware name: linux,dummy-virt (DT) [ 17.659580] __kasan_check_read+0x20/0x30 [ 17.659840] kthread+0x328/0x630 [ 17.660232] __kasan_kmalloc+0xd4/0xd8 [ 17.660992] The buggy address is located 0 bytes to the right of [ 17.660992] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.661423] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.661635] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.661763] ^ [ 17.661924] ================================================================== [ 18.199344] ================================================================== [ 18.199399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.199450] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.199502] [ 18.199534] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.199616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.200511] Hardware name: linux,dummy-virt (DT) [ 18.201003] Call trace: [ 18.201874] show_stack+0x20/0x38 (C) [ 18.202080] dump_stack_lvl+0x8c/0xd0 [ 18.202134] print_report+0x118/0x5d0 [ 18.202195] kasan_report+0xdc/0x128 [ 18.202952] kasan_check_range+0x100/0x1a8 [ 18.203025] __kasan_check_write+0x20/0x30 [ 18.203432] kasan_atomics_helper+0x16d0/0x4858 [ 18.203597] kasan_atomics+0x198/0x2e0 [ 18.203688] kunit_try_run_case+0x170/0x3f0 [ 18.204521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.205259] kthread+0x328/0x630 [ 18.205314] ret_from_fork+0x10/0x20 [ 18.205822] [ 18.205860] Allocated by task 266: [ 18.206077] kasan_save_stack+0x3c/0x68 [ 18.206578] kasan_save_track+0x20/0x40 [ 18.207112] kasan_save_alloc_info+0x40/0x58 [ 18.207705] __kasan_kmalloc+0xd4/0xd8 [ 18.208054] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.208101] kasan_atomics+0xb8/0x2e0 [ 18.208141] kunit_try_run_case+0x170/0x3f0 [ 18.208181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.208240] kthread+0x328/0x630 [ 18.208969] ret_from_fork+0x10/0x20 [ 18.209037] [ 18.209071] The buggy address belongs to the object at fff00000c767ae00 [ 18.209071] which belongs to the cache kmalloc-64 of size 64 [ 18.210250] The buggy address is located 0 bytes to the right of [ 18.210250] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.210536] [ 18.210649] The buggy address belongs to the physical page: [ 18.210685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.211710] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.212291] page_type: f5(slab) [ 18.212775] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.213241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.213311] page dumped because: kasan: bad access detected [ 18.213794] [ 18.214576] Memory state around the buggy address: [ 18.214752] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.214851] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.215536] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.215960] ^ [ 18.216065] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.216760] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.216838] ================================================================== [ 18.181367] ================================================================== [ 18.181420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.181469] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.181521] [ 18.181554] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.182111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.182154] Hardware name: linux,dummy-virt (DT) [ 18.182244] Call trace: [ 18.182405] show_stack+0x20/0x38 (C) [ 18.183156] dump_stack_lvl+0x8c/0xd0 [ 18.183243] print_report+0x118/0x5d0 [ 18.183292] kasan_report+0xdc/0x128 [ 18.183342] kasan_check_range+0x100/0x1a8 [ 18.184051] __kasan_check_write+0x20/0x30 [ 18.184200] kasan_atomics_helper+0x1644/0x4858 [ 18.184251] kasan_atomics+0x198/0x2e0 [ 18.184300] kunit_try_run_case+0x170/0x3f0 [ 18.184350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.184406] kthread+0x328/0x630 [ 18.184449] ret_from_fork+0x10/0x20 [ 18.184943] [ 18.184982] Allocated by task 266: [ 18.185013] kasan_save_stack+0x3c/0x68 [ 18.185067] kasan_save_track+0x20/0x40 [ 18.185410] kasan_save_alloc_info+0x40/0x58 [ 18.185892] __kasan_kmalloc+0xd4/0xd8 [ 18.185984] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.186181] kasan_atomics+0xb8/0x2e0 [ 18.186295] kunit_try_run_case+0x170/0x3f0 [ 18.186353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.186553] kthread+0x328/0x630 [ 18.186590] ret_from_fork+0x10/0x20 [ 18.186813] [ 18.186843] The buggy address belongs to the object at fff00000c767ae00 [ 18.186843] which belongs to the cache kmalloc-64 of size 64 [ 18.187392] The buggy address is located 0 bytes to the right of [ 18.187392] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.187512] [ 18.187566] The buggy address belongs to the physical page: [ 18.187601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.188134] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.188251] page_type: f5(slab) [ 18.188328] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.188694] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.188745] page dumped because: kasan: bad access detected [ 18.189080] [ 18.189108] Memory state around the buggy address: [ 18.189294] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.189363] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.189416] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.189459] ^ [ 18.189530] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.189964] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.190344] ================================================================== [ 17.922805] ================================================================== [ 17.922860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 17.922913] Read of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.923722] [ 17.923774] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.923878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.923967] Hardware name: linux,dummy-virt (DT) [ 17.924003] Call trace: [ 17.924044] show_stack+0x20/0x38 (C) [ 17.924443] dump_stack_lvl+0x8c/0xd0 [ 17.924673] print_report+0x118/0x5d0 [ 17.924739] kasan_report+0xdc/0x128 [ 17.924787] __asan_report_load8_noabort+0x20/0x30 [ 17.924842] kasan_atomics_helper+0x3f58/0x4858 [ 17.924946] kasan_atomics+0x198/0x2e0 [ 17.925027] kunit_try_run_case+0x170/0x3f0 [ 17.925261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.925585] kthread+0x328/0x630 [ 17.925965] ret_from_fork+0x10/0x20 [ 17.926212] [ 17.926271] Allocated by task 266: [ 17.926432] kasan_save_stack+0x3c/0x68 [ 17.926499] kasan_save_track+0x20/0x40 [ 17.926566] kasan_save_alloc_info+0x40/0x58 [ 17.926609] __kasan_kmalloc+0xd4/0xd8 [ 17.927291] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.927475] kasan_atomics+0xb8/0x2e0 [ 17.927542] kunit_try_run_case+0x170/0x3f0 [ 17.927596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.927953] kthread+0x328/0x630 [ 17.928011] ret_from_fork+0x10/0x20 [ 17.928068] [ 17.928100] The buggy address belongs to the object at fff00000c767ae00 [ 17.928100] which belongs to the cache kmalloc-64 of size 64 [ 17.928160] The buggy address is located 0 bytes to the right of [ 17.928160] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.928239] [ 17.928262] The buggy address belongs to the physical page: [ 17.928355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.928443] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.928494] page_type: f5(slab) [ 17.928545] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.928607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.928660] page dumped because: kasan: bad access detected [ 17.928694] [ 17.928716] Memory state around the buggy address: [ 17.928776] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.928835] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.929235] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.929911] ^ [ 17.929970] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930293] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930888] ================================================================== [ 18.032795] ================================================================== [ 18.033439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.033742] Write of size 8 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 18.034110] [ 18.034614] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.034988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.035021] Hardware name: linux,dummy-virt (DT) [ 18.035384] Call trace: [ 18.035560] show_stack+0x20/0x38 (C) [ 18.035873] dump_stack_lvl+0x8c/0xd0 [ 18.036248] print_report+0x118/0x5d0 [ 18.036387] kasan_report+0xdc/0x128 [ 18.036440] kasan_check_range+0x100/0x1a8 [ 18.036944] __kasan_check_write+0x20/0x30 [ 18.037263] kasan_atomics_helper+0x1128/0x4858 [ 18.037504] kasan_atomics+0x198/0x2e0 [ 18.037678] kunit_try_run_case+0x170/0x3f0 [ 18.038303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.038688] kthread+0x328/0x630 [ 18.038739] ret_from_fork+0x10/0x20 [ 18.039010] [ 18.039172] Allocated by task 266: [ 18.039453] kasan_save_stack+0x3c/0x68 [ 18.039521] kasan_save_track+0x20/0x40 [ 18.039653] kasan_save_alloc_info+0x40/0x58 [ 18.039698] __kasan_kmalloc+0xd4/0xd8 [ 18.039799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.040117] kasan_atomics+0xb8/0x2e0 [ 18.040156] kunit_try_run_case+0x170/0x3f0 [ 18.040207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.041238] kthread+0x328/0x630 [ 18.041435] ret_from_fork+0x10/0x20 [ 18.041774] [ 18.041802] The buggy address belongs to the object at fff00000c767ae00 [ 18.041802] which belongs to the cache kmalloc-64 of size 64 [ 18.042034] The buggy address is located 0 bytes to the right of [ 18.042034] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 18.042354] [ 18.042587] The buggy address belongs to the physical page: [ 18.042803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 18.042871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.042924] page_type: f5(slab) [ 18.043198] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.043691] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.043988] page dumped because: kasan: bad access detected [ 18.044377] [ 18.044672] Memory state around the buggy address: [ 18.045073] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.045176] fff00000c767ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.045649] >fff00000c767ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.046016] ^ [ 18.046064] fff00000c767ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.046899] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.046956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.606688] ================================================================== [ 17.606858] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.607128] Call trace: [ 17.607552] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.607750] kunit_try_run_case+0x170/0x3f0 [ 17.607808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.608405] ret_from_fork+0x10/0x20 [ 17.609178] kasan_bitops_generic+0xa0/0x1c8 [ 17.609419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.609843] [ 17.610061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.610208] page_type: f5(slab) [ 17.610305] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.610359] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.610403] page dumped because: kasan: bad access detected [ 17.610520] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.610750] >fff00000c43b3c80: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.610940] fff00000c43b3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.611112] ================================================================== [ 17.621326] ================================================================== [ 17.621381] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 17.621715] Read of size 8 at addr fff00000c43b3ca8 by task kunit_try_catch/262 [ 17.621776] [ 17.621808] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.621913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.621950] Hardware name: linux,dummy-virt (DT) [ 17.621985] Call trace: [ 17.622009] show_stack+0x20/0x38 (C) [ 17.622059] dump_stack_lvl+0x8c/0xd0 [ 17.622128] print_report+0x118/0x5d0 [ 17.622180] kasan_report+0xdc/0x128 [ 17.622263] __asan_report_load8_noabort+0x20/0x30 [ 17.622326] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 17.622385] kasan_bitops_generic+0x11c/0x1c8 [ 17.622436] kunit_try_run_case+0x170/0x3f0 [ 17.622540] kthread+0x328/0x630 [ 17.623038] kasan_bitops_generic+0xa0/0x1c8 [ 17.623255] [ 17.623347] The buggy address is located 8 bytes inside of [ 17.623347] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.623487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.623772] [ 17.623834] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.623890] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.623976] >fff00000c43b3c80: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.624070] fff00000c43b3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.624324] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 17.624426] [ 17.624782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.624868] Call trace: [ 17.625269] kasan_bitops_generic+0x11c/0x1c8 [ 17.625422] kthread+0x328/0x630 [ 17.625608] kasan_save_track+0x20/0x40 [ 17.625931] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.626111] kunit_try_run_case+0x170/0x3f0 [ 17.626213] kthread+0x328/0x630 [ 17.626388] The buggy address is located 8 bytes inside of [ 17.626388] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.626462] [ 17.626550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.626639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.626728] page_type: f5(slab) [ 17.626774] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.626830] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.627390] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.627458] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.627614] ^ [ 17.627784] fff00000c43b3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.632583] ok 63 kasan_bitops_generic [ 17.635171] ok 64 kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 17.636528] Read of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.636615] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.636982] __asan_report_load4_noabort+0x20/0x30 [ 17.638142] kthread+0x328/0x630 [ 17.638418] [ 17.638648] kasan_save_alloc_info+0x40/0x58 [ 17.639305] kthread+0x328/0x630 [ 17.639352] ret_from_fork+0x10/0x20 [ 17.639800] The buggy address is located 0 bytes to the right of [ 17.639800] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.639977] [ 17.640037] The buggy address belongs to the physical page: [ 17.640106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.640293] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.640502] page_type: f5(slab) [ 17.640624] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.640748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.640973] [ 17.641125] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.641392] ^ [ 17.641708] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.643482] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.508488] ================================================================== [ 17.508552] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.508607] Write of size 8 at addr fff00000c43b3ca8 by task kunit_try_catch/262 [ 17.508679] [ 17.508714] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.508800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.508850] Hardware name: linux,dummy-virt (DT) [ 17.509269] Call trace: [ 17.509304] show_stack+0x20/0x38 (C) [ 17.509672] dump_stack_lvl+0x8c/0xd0 [ 17.509773] print_report+0x118/0x5d0 [ 17.509834] kasan_report+0xdc/0x128 [ 17.510183] kasan_check_range+0x100/0x1a8 [ 17.510317] __kasan_check_write+0x20/0x30 [ 17.510385] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.510450] kasan_bitops_generic+0x110/0x1c8 [ 17.510502] kunit_try_run_case+0x170/0x3f0 [ 17.510552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.510606] kthread+0x328/0x630 [ 17.510651] ret_from_fork+0x10/0x20 [ 17.510713] [ 17.510744] Allocated by task 262: [ 17.510784] kasan_save_stack+0x3c/0x68 [ 17.510847] kasan_save_track+0x20/0x40 [ 17.510894] kasan_save_alloc_info+0x40/0x58 [ 17.510947] __kasan_kmalloc+0xd4/0xd8 [ 17.510988] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.511040] kasan_bitops_generic+0xa0/0x1c8 [ 17.511088] kunit_try_run_case+0x170/0x3f0 [ 17.511144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.511200] kthread+0x328/0x630 [ 17.511244] ret_from_fork+0x10/0x20 [ 17.511283] [ 17.511307] The buggy address belongs to the object at fff00000c43b3ca0 [ 17.511307] which belongs to the cache kmalloc-16 of size 16 [ 17.511377] The buggy address is located 8 bytes inside of [ 17.511377] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.511441] [ 17.511466] The buggy address belongs to the physical page: [ 17.511508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.511572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.511622] page_type: f5(slab) [ 17.511663] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.511724] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.511768] page dumped because: kasan: bad access detected [ 17.511804] [ 17.511841] Memory state around the buggy address: [ 17.511884] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.511930] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.511981] >fff00000c43b3c80: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.512028] ^ [ 17.512072] fff00000c43b3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.512113] fff00000c43b3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.512154] ================================================================== [ 17.516131] ================================================================== [ 17.516229] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.516554] Read of size 8 at addr fff00000c43b3ca8 by task kunit_try_catch/262 [ 17.516655] [ 17.516689] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.516773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.517060] Hardware name: linux,dummy-virt (DT) [ 17.517141] Call trace: [ 17.517271] show_stack+0x20/0x38 (C) [ 17.517348] dump_stack_lvl+0x8c/0xd0 [ 17.517661] print_report+0x118/0x5d0 [ 17.517755] kasan_report+0xdc/0x128 [ 17.517880] __asan_report_load8_noabort+0x20/0x30 [ 17.517978] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.518328] kasan_bitops_generic+0x110/0x1c8 [ 17.518452] kunit_try_run_case+0x170/0x3f0 [ 17.518543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.518703] kthread+0x328/0x630 [ 17.518749] ret_from_fork+0x10/0x20 [ 17.519064] [ 17.519156] Allocated by task 262: [ 17.519465] kasan_save_stack+0x3c/0x68 [ 17.519547] kasan_save_track+0x20/0x40 [ 17.519610] kasan_save_alloc_info+0x40/0x58 [ 17.519762] __kasan_kmalloc+0xd4/0xd8 [ 17.519805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.520043] kasan_bitops_generic+0xa0/0x1c8 [ 17.520218] kunit_try_run_case+0x170/0x3f0 [ 17.520466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.520623] kthread+0x328/0x630 [ 17.520730] ret_from_fork+0x10/0x20 [ 17.520808] [ 17.520946] The buggy address belongs to the object at fff00000c43b3ca0 [ 17.520946] which belongs to the cache kmalloc-16 of size 16 [ 17.521013] The buggy address is located 8 bytes inside of [ 17.521013] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.521305] [ 17.521369] The buggy address belongs to the physical page: [ 17.521736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.521846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.521958] page_type: f5(slab) [ 17.522097] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.522209] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.522316] page dumped because: kasan: bad access detected [ 17.522366] [ 17.522395] Memory state around the buggy address: [ 17.522756] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.524580] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.490657] ================================================================== [ 17.490767] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.490820] Read of size 1 at addr fff00000c767da50 by task kunit_try_catch/260 [ 17.491005] [ 17.491163] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.491286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.491315] Hardware name: linux,dummy-virt (DT) [ 17.491349] Call trace: [ 17.491588] show_stack+0x20/0x38 (C) [ 17.491685] dump_stack_lvl+0x8c/0xd0 [ 17.491743] print_report+0x118/0x5d0 [ 17.491992] kasan_report+0xdc/0x128 [ 17.492180] __asan_report_load1_noabort+0x20/0x30 [ 17.492276] strnlen+0x80/0x88 [ 17.492322] kasan_strings+0x478/0xb00 [ 17.492410] kunit_try_run_case+0x170/0x3f0 [ 17.492463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.492535] kthread+0x328/0x630 [ 17.492589] ret_from_fork+0x10/0x20 [ 17.492867] [ 17.492965] Allocated by task 260: [ 17.493115] kasan_save_stack+0x3c/0x68 [ 17.493163] kasan_save_track+0x20/0x40 [ 17.493558] kasan_save_alloc_info+0x40/0x58 [ 17.493679] __kasan_kmalloc+0xd4/0xd8 [ 17.493760] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.493801] kasan_strings+0xc8/0xb00 [ 17.494062] kunit_try_run_case+0x170/0x3f0 [ 17.494225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.494595] kthread+0x328/0x630 [ 17.494669] ret_from_fork+0x10/0x20 [ 17.494936] [ 17.495044] Freed by task 260: [ 17.495371] kasan_save_stack+0x3c/0x68 [ 17.495483] kasan_save_track+0x20/0x40 [ 17.495558] kasan_save_free_info+0x4c/0x78 [ 17.495604] __kasan_slab_free+0x6c/0x98 [ 17.495997] kfree+0x214/0x3c8 [ 17.496077] kasan_strings+0x24c/0xb00 [ 17.496118] kunit_try_run_case+0x170/0x3f0 [ 17.496456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.496590] kthread+0x328/0x630 [ 17.496649] ret_from_fork+0x10/0x20 [ 17.496731] [ 17.497230] The buggy address belongs to the object at fff00000c767da40 [ 17.497230] which belongs to the cache kmalloc-32 of size 32 [ 17.497382] The buggy address is located 16 bytes inside of [ 17.497382] freed 32-byte region [fff00000c767da40, fff00000c767da60) [ 17.497485] [ 17.497559] The buggy address belongs to the physical page: [ 17.497638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767d [ 17.497722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.497872] page_type: f5(slab) [ 17.497935] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.498321] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.498428] page dumped because: kasan: bad access detected [ 17.498508] [ 17.498624] Memory state around the buggy address: [ 17.498711] fff00000c767d900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.498794] fff00000c767d980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.499120] >fff00000c767da00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.499211] ^ [ 17.499267] fff00000c767da80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.499393] fff00000c767db00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.499483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.480611] ================================================================== [ 17.480782] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.480857] Read of size 1 at addr fff00000c767da50 by task kunit_try_catch/260 [ 17.481167] [ 17.481220] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.481597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.481665] Hardware name: linux,dummy-virt (DT) [ 17.481724] Call trace: [ 17.482011] show_stack+0x20/0x38 (C) [ 17.482518] dump_stack_lvl+0x8c/0xd0 [ 17.482607] print_report+0x118/0x5d0 [ 17.483219] kasan_report+0xdc/0x128 [ 17.483305] __asan_report_load1_noabort+0x20/0x30 [ 17.483397] strlen+0xa8/0xb0 [ 17.483589] kasan_strings+0x418/0xb00 [ 17.483978] kunit_try_run_case+0x170/0x3f0 [ 17.484144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.484299] kthread+0x328/0x630 [ 17.484387] ret_from_fork+0x10/0x20 [ 17.484479] [ 17.484579] Allocated by task 260: [ 17.484657] kasan_save_stack+0x3c/0x68 [ 17.484864] kasan_save_track+0x20/0x40 [ 17.485076] kasan_save_alloc_info+0x40/0x58 [ 17.485171] __kasan_kmalloc+0xd4/0xd8 [ 17.485289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.485348] kasan_strings+0xc8/0xb00 [ 17.485682] kunit_try_run_case+0x170/0x3f0 [ 17.485831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.485976] kthread+0x328/0x630 [ 17.486065] ret_from_fork+0x10/0x20 [ 17.486123] [ 17.486404] Freed by task 260: [ 17.486471] kasan_save_stack+0x3c/0x68 [ 17.486518] kasan_save_track+0x20/0x40 [ 17.486857] kasan_save_free_info+0x4c/0x78 [ 17.486931] __kasan_slab_free+0x6c/0x98 [ 17.487035] kfree+0x214/0x3c8 [ 17.487074] kasan_strings+0x24c/0xb00 [ 17.487157] kunit_try_run_case+0x170/0x3f0 [ 17.487482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.487758] kthread+0x328/0x630 [ 17.487829] ret_from_fork+0x10/0x20 [ 17.487941] [ 17.487993] The buggy address belongs to the object at fff00000c767da40 [ 17.487993] which belongs to the cache kmalloc-32 of size 32 [ 17.488065] The buggy address is located 16 bytes inside of [ 17.488065] freed 32-byte region [fff00000c767da40, fff00000c767da60) [ 17.488140] [ 17.488196] The buggy address belongs to the physical page: [ 17.488231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767d [ 17.488292] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.488344] page_type: f5(slab) [ 17.488383] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.488454] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.488507] page dumped because: kasan: bad access detected [ 17.488551] [ 17.488572] Memory state around the buggy address: [ 17.488614] fff00000c767d900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.488669] fff00000c767d980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.488716] >fff00000c767da00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.488766] ^ [ 17.488821] fff00000c767da80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.488906] fff00000c767db00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.489497] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.470292] ================================================================== [ 17.470390] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.470740] Read of size 1 at addr fff00000c767da50 by task kunit_try_catch/260 [ 17.470870] [ 17.470999] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.471129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.471166] Hardware name: linux,dummy-virt (DT) [ 17.471229] Call trace: [ 17.471497] show_stack+0x20/0x38 (C) [ 17.471571] dump_stack_lvl+0x8c/0xd0 [ 17.471631] print_report+0x118/0x5d0 [ 17.471891] kasan_report+0xdc/0x128 [ 17.472083] __asan_report_load1_noabort+0x20/0x30 [ 17.472154] kasan_strings+0x95c/0xb00 [ 17.472218] kunit_try_run_case+0x170/0x3f0 [ 17.472403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.472575] kthread+0x328/0x630 [ 17.472628] ret_from_fork+0x10/0x20 [ 17.472742] [ 17.472768] Allocated by task 260: [ 17.472865] kasan_save_stack+0x3c/0x68 [ 17.472960] kasan_save_track+0x20/0x40 [ 17.473104] kasan_save_alloc_info+0x40/0x58 [ 17.473434] __kasan_kmalloc+0xd4/0xd8 [ 17.473606] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.473705] kasan_strings+0xc8/0xb00 [ 17.473871] kunit_try_run_case+0x170/0x3f0 [ 17.473956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.474073] kthread+0x328/0x630 [ 17.474108] ret_from_fork+0x10/0x20 [ 17.474304] [ 17.474423] Freed by task 260: [ 17.474488] kasan_save_stack+0x3c/0x68 [ 17.474572] kasan_save_track+0x20/0x40 [ 17.474670] kasan_save_free_info+0x4c/0x78 [ 17.474760] __kasan_slab_free+0x6c/0x98 [ 17.474882] kfree+0x214/0x3c8 [ 17.475004] kasan_strings+0x24c/0xb00 [ 17.475067] kunit_try_run_case+0x170/0x3f0 [ 17.475494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.475559] kthread+0x328/0x630 [ 17.475895] ret_from_fork+0x10/0x20 [ 17.475981] [ 17.476076] The buggy address belongs to the object at fff00000c767da40 [ 17.476076] which belongs to the cache kmalloc-32 of size 32 [ 17.476161] The buggy address is located 16 bytes inside of [ 17.476161] freed 32-byte region [fff00000c767da40, fff00000c767da60) [ 17.476284] [ 17.476355] The buggy address belongs to the physical page: [ 17.476669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767d [ 17.476750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.476829] page_type: f5(slab) [ 17.476926] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.477042] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.477117] page dumped because: kasan: bad access detected [ 17.477261] [ 17.477332] Memory state around the buggy address: [ 17.477569] fff00000c767d900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.477631] fff00000c767d980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.477817] >fff00000c767da00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.477918] ^ [ 17.477981] fff00000c767da80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.478109] fff00000c767db00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.478256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.463392] ================================================================== [ 17.463455] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.463788] Read of size 1 at addr fff00000c767da50 by task kunit_try_catch/260 [ 17.463968] [ 17.464007] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.464340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.464408] Hardware name: linux,dummy-virt (DT) [ 17.464446] Call trace: [ 17.464472] show_stack+0x20/0x38 (C) [ 17.464782] dump_stack_lvl+0x8c/0xd0 [ 17.464835] print_report+0x118/0x5d0 [ 17.465050] kasan_report+0xdc/0x128 [ 17.465568] __asan_report_load1_noabort+0x20/0x30 [ 17.465652] strcmp+0xc0/0xc8 [ 17.465814] kasan_strings+0x340/0xb00 [ 17.465897] kunit_try_run_case+0x170/0x3f0 [ 17.466125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.466305] kthread+0x328/0x630 [ 17.466357] ret_from_fork+0x10/0x20 [ 17.466412] [ 17.466459] Allocated by task 260: [ 17.466512] kasan_save_stack+0x3c/0x68 [ 17.466568] kasan_save_track+0x20/0x40 [ 17.466608] kasan_save_alloc_info+0x40/0x58 [ 17.466661] __kasan_kmalloc+0xd4/0xd8 [ 17.466703] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.466755] kasan_strings+0xc8/0xb00 [ 17.466803] kunit_try_run_case+0x170/0x3f0 [ 17.466845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.466889] kthread+0x328/0x630 [ 17.466924] ret_from_fork+0x10/0x20 [ 17.466962] [ 17.466985] Freed by task 260: [ 17.467026] kasan_save_stack+0x3c/0x68 [ 17.467090] kasan_save_track+0x20/0x40 [ 17.467131] kasan_save_free_info+0x4c/0x78 [ 17.467183] __kasan_slab_free+0x6c/0x98 [ 17.467243] kfree+0x214/0x3c8 [ 17.467289] kasan_strings+0x24c/0xb00 [ 17.467326] kunit_try_run_case+0x170/0x3f0 [ 17.467366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.467412] kthread+0x328/0x630 [ 17.467455] ret_from_fork+0x10/0x20 [ 17.467492] [ 17.467525] The buggy address belongs to the object at fff00000c767da40 [ 17.467525] which belongs to the cache kmalloc-32 of size 32 [ 17.467595] The buggy address is located 16 bytes inside of [ 17.467595] freed 32-byte region [fff00000c767da40, fff00000c767da60) [ 17.467659] [ 17.467694] The buggy address belongs to the physical page: [ 17.467744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767d [ 17.467799] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.467852] page_type: f5(slab) [ 17.467901] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.467969] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.468025] page dumped because: kasan: bad access detected [ 17.468060] [ 17.468088] Memory state around the buggy address: [ 17.468124] fff00000c767d900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.468171] fff00000c767d980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.469003] >fff00000c767da00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.469090] ^ [ 17.469146] fff00000c767da80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.469224] fff00000c767db00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.469349] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.441435] ================================================================== [ 17.441759] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.442078] Read of size 1 at addr fff00000c767d8d8 by task kunit_try_catch/258 [ 17.442147] [ 17.442206] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.442342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.442374] Hardware name: linux,dummy-virt (DT) [ 17.442425] Call trace: [ 17.442470] show_stack+0x20/0x38 (C) [ 17.442536] dump_stack_lvl+0x8c/0xd0 [ 17.442597] print_report+0x118/0x5d0 [ 17.442659] kasan_report+0xdc/0x128 [ 17.442708] __asan_report_load1_noabort+0x20/0x30 [ 17.442763] memcmp+0x198/0x1d8 [ 17.442826] kasan_memcmp+0x16c/0x300 [ 17.442874] kunit_try_run_case+0x170/0x3f0 [ 17.442924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.442990] kthread+0x328/0x630 [ 17.443042] ret_from_fork+0x10/0x20 [ 17.443092] [ 17.443115] Allocated by task 258: [ 17.443147] kasan_save_stack+0x3c/0x68 [ 17.443572] kasan_save_track+0x20/0x40 [ 17.443647] kasan_save_alloc_info+0x40/0x58 [ 17.443836] __kasan_kmalloc+0xd4/0xd8 [ 17.443926] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.444093] kasan_memcmp+0xbc/0x300 [ 17.444156] kunit_try_run_case+0x170/0x3f0 [ 17.444267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.444326] kthread+0x328/0x630 [ 17.444405] ret_from_fork+0x10/0x20 [ 17.444793] [ 17.444870] The buggy address belongs to the object at fff00000c767d8c0 [ 17.444870] which belongs to the cache kmalloc-32 of size 32 [ 17.444988] The buggy address is located 0 bytes to the right of [ 17.444988] allocated 24-byte region [fff00000c767d8c0, fff00000c767d8d8) [ 17.445165] [ 17.445271] The buggy address belongs to the physical page: [ 17.445398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767d [ 17.445492] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.445662] page_type: f5(slab) [ 17.445886] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.446063] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.446137] page dumped because: kasan: bad access detected [ 17.446298] [ 17.446369] Memory state around the buggy address: [ 17.446441] fff00000c767d780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.446730] fff00000c767d800: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.446793] >fff00000c767d880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.447158] ^ [ 17.447362] fff00000c767d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.447432] fff00000c767d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.447819] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.412128] ================================================================== [ 17.412202] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.412255] Read of size 1 at addr ffff800080a17b4a by task kunit_try_catch/254 [ 17.412306] [ 17.412339] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.412423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.412451] Hardware name: linux,dummy-virt (DT) [ 17.412484] Call trace: [ 17.412587] show_stack+0x20/0x38 (C) [ 17.412660] dump_stack_lvl+0x8c/0xd0 [ 17.412709] print_report+0x310/0x5d0 [ 17.412769] kasan_report+0xdc/0x128 [ 17.412827] __asan_report_load1_noabort+0x20/0x30 [ 17.413527] kasan_alloca_oob_right+0x2dc/0x340 [ 17.413661] kunit_try_run_case+0x170/0x3f0 [ 17.413975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.414077] kthread+0x328/0x630 [ 17.414139] ret_from_fork+0x10/0x20 [ 17.414285] [ 17.414356] The buggy address belongs to stack of task kunit_try_catch/254 [ 17.414508] [ 17.414532] The buggy address ffff800080a17b4a belongs to a vmalloc virtual mapping [ 17.414585] The buggy address belongs to the physical page: [ 17.414943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ff [ 17.415010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.415402] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.415557] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.415621] page dumped because: kasan: bad access detected [ 17.415696] [ 17.415839] Memory state around the buggy address: [ 17.415905] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.416011] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.416424] >ffff800080a17b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.416521] ^ [ 17.416601] ffff800080a17b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.416743] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.416840] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.396127] ================================================================== [ 17.396247] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.396445] Read of size 1 at addr ffff800080a17b5f by task kunit_try_catch/252 [ 17.396546] [ 17.396583] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.397016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.397137] Hardware name: linux,dummy-virt (DT) [ 17.397172] Call trace: [ 17.397207] show_stack+0x20/0x38 (C) [ 17.397657] dump_stack_lvl+0x8c/0xd0 [ 17.397760] print_report+0x310/0x5d0 [ 17.398380] kasan_report+0xdc/0x128 [ 17.398520] __asan_report_load1_noabort+0x20/0x30 [ 17.398642] kasan_alloca_oob_left+0x2b8/0x310 [ 17.398704] kunit_try_run_case+0x170/0x3f0 [ 17.398756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.398830] kthread+0x328/0x630 [ 17.398877] ret_from_fork+0x10/0x20 [ 17.398930] [ 17.398964] The buggy address belongs to stack of task kunit_try_catch/252 [ 17.399042] [ 17.399066] The buggy address ffff800080a17b5f belongs to a vmalloc virtual mapping [ 17.399122] The buggy address belongs to the physical page: [ 17.399167] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ff [ 17.399237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.399312] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.399368] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.399433] page dumped because: kasan: bad access detected [ 17.399469] [ 17.399491] Memory state around the buggy address: [ 17.399525] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.399571] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.399616] >ffff800080a17b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.399664] ^ [ 17.399714] ffff800080a17b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.399759] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.399798] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.378758] ================================================================== [ 17.378839] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.378893] Read of size 1 at addr ffff800080a17c2a by task kunit_try_catch/250 [ 17.378944] [ 17.379267] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.379417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.379508] Hardware name: linux,dummy-virt (DT) [ 17.379545] Call trace: [ 17.379576] show_stack+0x20/0x38 (C) [ 17.379641] dump_stack_lvl+0x8c/0xd0 [ 17.379854] print_report+0x310/0x5d0 [ 17.380065] kasan_report+0xdc/0x128 [ 17.380131] __asan_report_load1_noabort+0x20/0x30 [ 17.380202] kasan_stack_oob+0x238/0x270 [ 17.380283] kunit_try_run_case+0x170/0x3f0 [ 17.380342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.380426] kthread+0x328/0x630 [ 17.380514] ret_from_fork+0x10/0x20 [ 17.380565] [ 17.380774] The buggy address belongs to stack of task kunit_try_catch/250 [ 17.381080] and is located at offset 138 in frame: [ 17.381263] kasan_stack_oob+0x0/0x270 [ 17.382102] [ 17.382163] This frame has 4 objects: [ 17.382513] [48, 49) '__assertion' [ 17.382822] [64, 72) 'array' [ 17.382979] [96, 112) '__assertion' [ 17.383059] [128, 138) 'stack_array' [ 17.383164] [ 17.383231] The buggy address ffff800080a17c2a belongs to a vmalloc virtual mapping [ 17.383279] The buggy address belongs to the physical page: [ 17.383314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ff [ 17.383367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.383438] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.383488] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.383538] page dumped because: kasan: bad access detected [ 17.383581] [ 17.383599] Memory state around the buggy address: [ 17.383649] ffff800080a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.383692] ffff800080a17b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.383743] >ffff800080a17c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.383781] ^ [ 17.383814] ffff800080a17c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.383856] ffff800080a17d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.383904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.355722] ================================================================== [ 17.355784] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.355836] Read of size 1 at addr ffff9b2f7954f58d by task kunit_try_catch/246 [ 17.355900] [ 17.355940] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.356021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.356049] Hardware name: linux,dummy-virt (DT) [ 17.356096] Call trace: [ 17.356133] show_stack+0x20/0x38 (C) [ 17.356198] dump_stack_lvl+0x8c/0xd0 [ 17.356993] print_report+0x310/0x5d0 [ 17.357042] kasan_report+0xdc/0x128 [ 17.357094] __asan_report_load1_noabort+0x20/0x30 [ 17.357146] kasan_global_oob_right+0x230/0x270 [ 17.357204] kunit_try_run_case+0x170/0x3f0 [ 17.357251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.357307] kthread+0x328/0x630 [ 17.357348] ret_from_fork+0x10/0x20 [ 17.357409] [ 17.357465] The buggy address belongs to the variable: [ 17.357498] global_array+0xd/0x40 [ 17.357548] [ 17.357603] The buggy address ffff9b2f7954f58d belongs to a vmalloc virtual mapping [ 17.357686] The buggy address belongs to the physical page: [ 17.357721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.357774] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.357837] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.357886] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.357927] page dumped because: kasan: bad access detected [ 17.357958] [ 17.357978] Memory state around the buggy address: [ 17.358010] ffff9b2f7954f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.358053] ffff9b2f7954f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.358096] >ffff9b2f7954f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.358134] ^ [ 17.358164] ffff9b2f7954f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.358217] ffff9b2f7954f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.358255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.318806] ================================================================== [ 17.319181] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.319268] Free of addr fff00000c64d8c01 by task kunit_try_catch/242 [ 17.319497] [ 17.319554] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.319648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.319677] Hardware name: linux,dummy-virt (DT) [ 17.319718] Call trace: [ 17.319744] show_stack+0x20/0x38 (C) [ 17.320092] dump_stack_lvl+0x8c/0xd0 [ 17.320258] print_report+0x118/0x5d0 [ 17.320319] kasan_report_invalid_free+0xc0/0xe8 [ 17.320580] check_slab_allocation+0xfc/0x108 [ 17.320733] __kasan_mempool_poison_object+0x78/0x150 [ 17.320884] mempool_free+0x28c/0x328 [ 17.321123] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.321205] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.321259] kunit_try_run_case+0x170/0x3f0 [ 17.321309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.321363] kthread+0x328/0x630 [ 17.321754] ret_from_fork+0x10/0x20 [ 17.321918] [ 17.321941] Allocated by task 242: [ 17.322135] kasan_save_stack+0x3c/0x68 [ 17.322246] kasan_save_track+0x20/0x40 [ 17.322344] kasan_save_alloc_info+0x40/0x58 [ 17.322417] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.322501] remove_element+0x130/0x1f8 [ 17.322571] mempool_alloc_preallocated+0x58/0xc0 [ 17.322732] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.323257] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.323369] kunit_try_run_case+0x170/0x3f0 [ 17.323468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.323560] kthread+0x328/0x630 [ 17.324080] ret_from_fork+0x10/0x20 [ 17.324230] [ 17.324300] The buggy address belongs to the object at fff00000c64d8c00 [ 17.324300] which belongs to the cache kmalloc-128 of size 128 [ 17.324452] The buggy address is located 1 bytes inside of [ 17.324452] 128-byte region [fff00000c64d8c00, fff00000c64d8c80) [ 17.324520] [ 17.324542] The buggy address belongs to the physical page: [ 17.324575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8 [ 17.324631] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.324681] page_type: f5(slab) [ 17.324721] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.324800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.324842] page dumped because: kasan: bad access detected [ 17.324878] [ 17.324898] Memory state around the buggy address: [ 17.324929] fff00000c64d8b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.324987] fff00000c64d8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.325050] >fff00000c64d8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.325586] ^ [ 17.325651] fff00000c64d8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.325719] fff00000c64d8d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.325760] ================================================================== [ 17.336146] ================================================================== [ 17.336226] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.336277] Free of addr fff00000c77e0001 by task kunit_try_catch/244 [ 17.336321] [ 17.336375] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.336459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.336486] Hardware name: linux,dummy-virt (DT) [ 17.336518] Call trace: [ 17.336546] show_stack+0x20/0x38 (C) [ 17.336606] dump_stack_lvl+0x8c/0xd0 [ 17.336654] print_report+0x118/0x5d0 [ 17.336707] kasan_report_invalid_free+0xc0/0xe8 [ 17.336758] __kasan_mempool_poison_object+0xfc/0x150 [ 17.336811] mempool_free+0x28c/0x328 [ 17.336862] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.337718] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.337791] kunit_try_run_case+0x170/0x3f0 [ 17.338065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.338517] kthread+0x328/0x630 [ 17.338688] ret_from_fork+0x10/0x20 [ 17.338783] [ 17.338828] The buggy address belongs to the physical page: [ 17.339022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 17.339285] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.339510] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.339650] page_type: f8(unknown) [ 17.339887] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.340096] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.340337] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.340431] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.340778] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 17.340986] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.341247] page dumped because: kasan: bad access detected [ 17.341325] [ 17.341709] Memory state around the buggy address: [ 17.341863] fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.341941] fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.342231] >fff00000c77e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.342411] ^ [ 17.342510] fff00000c77e0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.342638] fff00000c77e0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.342691] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.243906] ================================================================== [ 17.243964] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.244014] Free of addr fff00000c77e0000 by task kunit_try_catch/238 [ 17.244057] [ 17.244088] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.244170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.244213] Hardware name: linux,dummy-virt (DT) [ 17.244245] Call trace: [ 17.244268] show_stack+0x20/0x38 (C) [ 17.244318] dump_stack_lvl+0x8c/0xd0 [ 17.244365] print_report+0x118/0x5d0 [ 17.244479] kasan_report_invalid_free+0xc0/0xe8 [ 17.244858] __kasan_mempool_poison_object+0x14c/0x150 [ 17.245258] mempool_free+0x28c/0x328 [ 17.245456] mempool_double_free_helper+0x150/0x2e8 [ 17.245533] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.245586] kunit_try_run_case+0x170/0x3f0 [ 17.246285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.247129] kthread+0x328/0x630 [ 17.247281] ret_from_fork+0x10/0x20 [ 17.247587] [ 17.247884] The buggy address belongs to the physical page: [ 17.248090] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 17.249370] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.249535] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.249839] page_type: f8(unknown) [ 17.250582] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.250861] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.250975] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.251044] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.251253] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 17.252049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.252749] page dumped because: kasan: bad access detected [ 17.252878] [ 17.252933] Memory state around the buggy address: [ 17.253010] fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.253060] fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.253296] >fff00000c77e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.254316] ^ [ 17.254371] fff00000c77e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.254620] fff00000c77e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.255294] ================================================================== [ 17.291492] ================================================================== [ 17.292091] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.292359] Free of addr fff00000c77e0000 by task kunit_try_catch/240 [ 17.292403] [ 17.292437] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.292521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.293415] Hardware name: linux,dummy-virt (DT) [ 17.293518] Call trace: [ 17.293541] show_stack+0x20/0x38 (C) [ 17.293620] dump_stack_lvl+0x8c/0xd0 [ 17.293670] print_report+0x118/0x5d0 [ 17.293796] kasan_report_invalid_free+0xc0/0xe8 [ 17.293851] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.293903] mempool_free+0x24c/0x328 [ 17.294069] mempool_double_free_helper+0x150/0x2e8 [ 17.294156] mempool_page_alloc_double_free+0xbc/0x118 [ 17.294221] kunit_try_run_case+0x170/0x3f0 [ 17.294331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.294514] kthread+0x328/0x630 [ 17.294557] ret_from_fork+0x10/0x20 [ 17.294627] [ 17.294649] The buggy address belongs to the physical page: [ 17.294681] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 17.294737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.294925] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.295146] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.295310] page dumped because: kasan: bad access detected [ 17.295343] [ 17.295361] Memory state around the buggy address: [ 17.295425] fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.295537] fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.295675] >fff00000c77e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.295714] ^ [ 17.295767] fff00000c77e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.295919] fff00000c77e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.295991] ================================================================== [ 17.230404] ================================================================== [ 17.230463] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.230514] Free of addr fff00000c64d8800 by task kunit_try_catch/236 [ 17.230555] [ 17.230614] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.230704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.230731] Hardware name: linux,dummy-virt (DT) [ 17.230763] Call trace: [ 17.230784] show_stack+0x20/0x38 (C) [ 17.230834] dump_stack_lvl+0x8c/0xd0 [ 17.230889] print_report+0x118/0x5d0 [ 17.230943] kasan_report_invalid_free+0xc0/0xe8 [ 17.230992] check_slab_allocation+0xd4/0x108 [ 17.231049] __kasan_mempool_poison_object+0x78/0x150 [ 17.231102] mempool_free+0x28c/0x328 [ 17.231147] mempool_double_free_helper+0x150/0x2e8 [ 17.231207] mempool_kmalloc_double_free+0xc0/0x118 [ 17.231254] kunit_try_run_case+0x170/0x3f0 [ 17.231303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.231354] kthread+0x328/0x630 [ 17.231397] ret_from_fork+0x10/0x20 [ 17.231444] [ 17.231782] Allocated by task 236: [ 17.231830] kasan_save_stack+0x3c/0x68 [ 17.231873] kasan_save_track+0x20/0x40 [ 17.231976] kasan_save_alloc_info+0x40/0x58 [ 17.232020] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.232090] remove_element+0x130/0x1f8 [ 17.232125] mempool_alloc_preallocated+0x58/0xc0 [ 17.232220] mempool_double_free_helper+0x94/0x2e8 [ 17.232288] mempool_kmalloc_double_free+0xc0/0x118 [ 17.232337] kunit_try_run_case+0x170/0x3f0 [ 17.232381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.232425] kthread+0x328/0x630 [ 17.232467] ret_from_fork+0x10/0x20 [ 17.232771] [ 17.232803] Freed by task 236: [ 17.232833] kasan_save_stack+0x3c/0x68 [ 17.232876] kasan_save_track+0x20/0x40 [ 17.233075] kasan_save_free_info+0x4c/0x78 [ 17.233130] __kasan_mempool_poison_object+0xc0/0x150 [ 17.233174] mempool_free+0x28c/0x328 [ 17.233285] mempool_double_free_helper+0x100/0x2e8 [ 17.233361] mempool_kmalloc_double_free+0xc0/0x118 [ 17.233412] kunit_try_run_case+0x170/0x3f0 [ 17.233470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.233545] kthread+0x328/0x630 [ 17.233652] ret_from_fork+0x10/0x20 [ 17.233730] [ 17.233818] The buggy address belongs to the object at fff00000c64d8800 [ 17.233818] which belongs to the cache kmalloc-128 of size 128 [ 17.233906] The buggy address is located 0 bytes inside of [ 17.233906] 128-byte region [fff00000c64d8800, fff00000c64d8880) [ 17.233966] [ 17.233986] The buggy address belongs to the physical page: [ 17.234016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8 [ 17.234277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.234365] page_type: f5(slab) [ 17.234488] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.234565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.234688] page dumped because: kasan: bad access detected [ 17.234803] [ 17.234853] Memory state around the buggy address: [ 17.234912] fff00000c64d8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.234993] fff00000c64d8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235058] >fff00000c64d8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.235111] ^ [ 17.235139] fff00000c64d8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235181] fff00000c64d8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.235229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.220312] ================================================================== [ 17.220392] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.220719] Read of size 1 at addr fff00000c77ac000 by task kunit_try_catch/234 [ 17.220790] [ 17.220828] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.220992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.221135] Hardware name: linux,dummy-virt (DT) [ 17.221218] Call trace: [ 17.221396] show_stack+0x20/0x38 (C) [ 17.221529] dump_stack_lvl+0x8c/0xd0 [ 17.221668] print_report+0x118/0x5d0 [ 17.221792] kasan_report+0xdc/0x128 [ 17.221841] __asan_report_load1_noabort+0x20/0x30 [ 17.221901] mempool_uaf_helper+0x314/0x340 [ 17.221949] mempool_page_alloc_uaf+0xc0/0x118 [ 17.221997] kunit_try_run_case+0x170/0x3f0 [ 17.222280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.222440] kthread+0x328/0x630 [ 17.222510] ret_from_fork+0x10/0x20 [ 17.222582] [ 17.222610] The buggy address belongs to the physical page: [ 17.222666] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ac [ 17.222721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.222791] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.222842] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.222889] page dumped because: kasan: bad access detected [ 17.222933] [ 17.222951] Memory state around the buggy address: [ 17.223002] fff00000c77abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.223052] fff00000c77abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.223109] >fff00000c77ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.223147] ^ [ 17.223178] fff00000c77ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.223232] fff00000c77ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.223271] ================================================================== [ 17.171454] ================================================================== [ 17.171516] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.171566] Read of size 1 at addr fff00000c77ac000 by task kunit_try_catch/230 [ 17.171619] [ 17.172347] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.172859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.173029] Hardware name: linux,dummy-virt (DT) [ 17.173068] Call trace: [ 17.173093] show_stack+0x20/0x38 (C) [ 17.173149] dump_stack_lvl+0x8c/0xd0 [ 17.173206] print_report+0x118/0x5d0 [ 17.173503] kasan_report+0xdc/0x128 [ 17.173556] __asan_report_load1_noabort+0x20/0x30 [ 17.173957] mempool_uaf_helper+0x314/0x340 [ 17.174012] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.174362] kunit_try_run_case+0x170/0x3f0 [ 17.174539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.174602] kthread+0x328/0x630 [ 17.174971] ret_from_fork+0x10/0x20 [ 17.175024] [ 17.175231] The buggy address belongs to the physical page: [ 17.175267] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ac [ 17.175672] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.175957] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.176252] page_type: f8(unknown) [ 17.176299] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.176594] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.176749] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.176829] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.177292] head: 0bfffe0000000002 ffffc1ffc31deb01 00000000ffffffff 00000000ffffffff [ 17.177457] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.177815] page dumped because: kasan: bad access detected [ 17.177856] [ 17.177875] Memory state around the buggy address: [ 17.178018] fff00000c77abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178088] fff00000c77abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178132] >fff00000c77ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178497] ^ [ 17.178778] fff00000c77ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178903] fff00000c77ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.146569] ================================================================== [ 17.147279] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.147828] Read of size 1 at addr fff00000c64d8400 by task kunit_try_catch/228 [ 17.148341] [ 17.148580] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.148849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.148927] Hardware name: linux,dummy-virt (DT) [ 17.149050] Call trace: [ 17.149135] show_stack+0x20/0x38 (C) [ 17.149349] dump_stack_lvl+0x8c/0xd0 [ 17.149414] print_report+0x118/0x5d0 [ 17.149463] kasan_report+0xdc/0x128 [ 17.149672] __asan_report_load1_noabort+0x20/0x30 [ 17.149907] mempool_uaf_helper+0x314/0x340 [ 17.150098] mempool_kmalloc_uaf+0xc4/0x120 [ 17.150303] kunit_try_run_case+0x170/0x3f0 [ 17.150480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.150544] kthread+0x328/0x630 [ 17.150587] ret_from_fork+0x10/0x20 [ 17.150637] [ 17.151038] Allocated by task 228: [ 17.151198] kasan_save_stack+0x3c/0x68 [ 17.151245] kasan_save_track+0x20/0x40 [ 17.151813] kasan_save_alloc_info+0x40/0x58 [ 17.152474] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.152698] remove_element+0x130/0x1f8 [ 17.152788] mempool_alloc_preallocated+0x58/0xc0 [ 17.152931] mempool_uaf_helper+0xa4/0x340 [ 17.152980] mempool_kmalloc_uaf+0xc4/0x120 [ 17.153363] kunit_try_run_case+0x170/0x3f0 [ 17.153415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.153458] kthread+0x328/0x630 [ 17.153492] ret_from_fork+0x10/0x20 [ 17.153536] [ 17.153556] Freed by task 228: [ 17.153588] kasan_save_stack+0x3c/0x68 [ 17.153812] kasan_save_track+0x20/0x40 [ 17.153994] kasan_save_free_info+0x4c/0x78 [ 17.154034] __kasan_mempool_poison_object+0xc0/0x150 [ 17.154183] mempool_free+0x28c/0x328 [ 17.154229] mempool_uaf_helper+0x104/0x340 [ 17.154742] mempool_kmalloc_uaf+0xc4/0x120 [ 17.154784] kunit_try_run_case+0x170/0x3f0 [ 17.154821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.154865] kthread+0x328/0x630 [ 17.154897] ret_from_fork+0x10/0x20 [ 17.155331] [ 17.155355] The buggy address belongs to the object at fff00000c64d8400 [ 17.155355] which belongs to the cache kmalloc-128 of size 128 [ 17.155421] The buggy address is located 0 bytes inside of [ 17.155421] freed 128-byte region [fff00000c64d8400, fff00000c64d8480) [ 17.155943] [ 17.155973] The buggy address belongs to the physical page: [ 17.156284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8 [ 17.156936] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.157019] page_type: f5(slab) [ 17.157329] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.157612] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.157662] page dumped because: kasan: bad access detected [ 17.157697] [ 17.157716] Memory state around the buggy address: [ 17.157751] fff00000c64d8300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.158074] fff00000c64d8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158359] >fff00000c64d8400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.158403] ^ [ 17.158434] fff00000c64d8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158477] fff00000c64d8500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.159060] ================================================================== [ 17.196474] ================================================================== [ 17.196539] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.196593] Read of size 1 at addr fff00000c6422240 by task kunit_try_catch/232 [ 17.196644] [ 17.196678] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.196761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.196806] Hardware name: linux,dummy-virt (DT) [ 17.196840] Call trace: [ 17.196863] show_stack+0x20/0x38 (C) [ 17.196913] dump_stack_lvl+0x8c/0xd0 [ 17.196988] print_report+0x118/0x5d0 [ 17.197071] kasan_report+0xdc/0x128 [ 17.197269] __asan_report_load1_noabort+0x20/0x30 [ 17.197341] mempool_uaf_helper+0x314/0x340 [ 17.197637] mempool_slab_uaf+0xc0/0x118 [ 17.197774] kunit_try_run_case+0x170/0x3f0 [ 17.197848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.197923] kthread+0x328/0x630 [ 17.197966] ret_from_fork+0x10/0x20 [ 17.198144] [ 17.198183] Allocated by task 232: [ 17.198228] kasan_save_stack+0x3c/0x68 [ 17.198311] kasan_save_track+0x20/0x40 [ 17.198388] kasan_save_alloc_info+0x40/0x58 [ 17.198511] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.198591] remove_element+0x16c/0x1f8 [ 17.198709] mempool_alloc_preallocated+0x58/0xc0 [ 17.198806] mempool_uaf_helper+0xa4/0x340 [ 17.198915] mempool_slab_uaf+0xc0/0x118 [ 17.199011] kunit_try_run_case+0x170/0x3f0 [ 17.199061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.199149] kthread+0x328/0x630 [ 17.199201] ret_from_fork+0x10/0x20 [ 17.199238] [ 17.199281] Freed by task 232: [ 17.199330] kasan_save_stack+0x3c/0x68 [ 17.199379] kasan_save_track+0x20/0x40 [ 17.199415] kasan_save_free_info+0x4c/0x78 [ 17.199455] __kasan_mempool_poison_object+0xc0/0x150 [ 17.199496] mempool_free+0x28c/0x328 [ 17.199688] mempool_uaf_helper+0x104/0x340 [ 17.199730] mempool_slab_uaf+0xc0/0x118 [ 17.199797] kunit_try_run_case+0x170/0x3f0 [ 17.199866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.199966] kthread+0x328/0x630 [ 17.200042] ret_from_fork+0x10/0x20 [ 17.200103] [ 17.200123] The buggy address belongs to the object at fff00000c6422240 [ 17.200123] which belongs to the cache test_cache of size 123 [ 17.200244] The buggy address is located 0 bytes inside of [ 17.200244] freed 123-byte region [fff00000c6422240, fff00000c64222bb) [ 17.200317] [ 17.200360] The buggy address belongs to the physical page: [ 17.200408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106422 [ 17.200462] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.200510] page_type: f5(slab) [ 17.200548] raw: 0bfffe0000000000 fff00000c1af18c0 dead000000000122 0000000000000000 [ 17.200598] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.200654] page dumped because: kasan: bad access detected [ 17.200705] [ 17.200734] Memory state around the buggy address: [ 17.200767] fff00000c6422100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.200811] fff00000c6422180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.200853] >fff00000c6422200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.201342] ^ [ 17.201480] fff00000c6422280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.201574] fff00000c6422300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.201613] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.106081] ================================================================== [ 17.106415] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.106547] Read of size 1 at addr fff00000c64ef2bb by task kunit_try_catch/226 [ 17.106597] [ 17.106652] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.107633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.107902] Hardware name: linux,dummy-virt (DT) [ 17.107939] Call trace: [ 17.108266] show_stack+0x20/0x38 (C) [ 17.108621] dump_stack_lvl+0x8c/0xd0 [ 17.108692] print_report+0x118/0x5d0 [ 17.109225] kasan_report+0xdc/0x128 [ 17.109425] __asan_report_load1_noabort+0x20/0x30 [ 17.109737] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.110148] mempool_slab_oob_right+0xc0/0x118 [ 17.110228] kunit_try_run_case+0x170/0x3f0 [ 17.110415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.110618] kthread+0x328/0x630 [ 17.111153] ret_from_fork+0x10/0x20 [ 17.111499] [ 17.111526] Allocated by task 226: [ 17.111616] kasan_save_stack+0x3c/0x68 [ 17.111997] kasan_save_track+0x20/0x40 [ 17.112168] kasan_save_alloc_info+0x40/0x58 [ 17.112497] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.112553] remove_element+0x16c/0x1f8 [ 17.112588] mempool_alloc_preallocated+0x58/0xc0 [ 17.113089] mempool_oob_right_helper+0x98/0x2f0 [ 17.113203] mempool_slab_oob_right+0xc0/0x118 [ 17.113409] kunit_try_run_case+0x170/0x3f0 [ 17.113473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.113518] kthread+0x328/0x630 [ 17.113982] ret_from_fork+0x10/0x20 [ 17.114048] [ 17.114249] The buggy address belongs to the object at fff00000c64ef240 [ 17.114249] which belongs to the cache test_cache of size 123 [ 17.114469] The buggy address is located 0 bytes to the right of [ 17.114469] allocated 123-byte region [fff00000c64ef240, fff00000c64ef2bb) [ 17.114759] [ 17.114874] The buggy address belongs to the physical page: [ 17.114907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064ef [ 17.115348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.115619] page_type: f5(slab) [ 17.115736] raw: 0bfffe0000000000 fff00000c1af1780 dead000000000122 0000000000000000 [ 17.115966] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.116197] page dumped because: kasan: bad access detected [ 17.116560] [ 17.116871] Memory state around the buggy address: [ 17.116998] fff00000c64ef180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.117099] fff00000c64ef200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.117159] >fff00000c64ef280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.117382] ^ [ 17.117421] fff00000c64ef300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.117788] fff00000c64ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.117839] ================================================================== [ 17.087166] ================================================================== [ 17.087238] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.087290] Read of size 1 at addr fff00000c6486001 by task kunit_try_catch/224 [ 17.087340] [ 17.087369] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.087449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.087477] Hardware name: linux,dummy-virt (DT) [ 17.087507] Call trace: [ 17.087532] show_stack+0x20/0x38 (C) [ 17.088975] dump_stack_lvl+0x8c/0xd0 [ 17.089059] print_report+0x118/0x5d0 [ 17.089107] kasan_report+0xdc/0x128 [ 17.089154] __asan_report_load1_noabort+0x20/0x30 [ 17.089214] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.089264] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.089316] kunit_try_run_case+0x170/0x3f0 [ 17.089363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.089413] kthread+0x328/0x630 [ 17.089459] ret_from_fork+0x10/0x20 [ 17.089509] [ 17.089530] The buggy address belongs to the physical page: [ 17.089563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106484 [ 17.089641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.089736] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.089941] page_type: f8(unknown) [ 17.089988] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.090038] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.090096] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.090256] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.090315] head: 0bfffe0000000002 ffffc1ffc3192101 00000000ffffffff 00000000ffffffff [ 17.090366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.090407] page dumped because: kasan: bad access detected [ 17.090441] [ 17.090460] Memory state around the buggy address: [ 17.090494] fff00000c6485f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.090537] fff00000c6485f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.090580] >fff00000c6486000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.090618] ^ [ 17.090647] fff00000c6486080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.090691] fff00000c6486100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.090730] ================================================================== [ 17.070647] ================================================================== [ 17.070715] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.070791] Read of size 1 at addr fff00000c64d8073 by task kunit_try_catch/222 [ 17.070842] [ 17.070887] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.070975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.071003] Hardware name: linux,dummy-virt (DT) [ 17.071039] Call trace: [ 17.071066] show_stack+0x20/0x38 (C) [ 17.071118] dump_stack_lvl+0x8c/0xd0 [ 17.071170] print_report+0x118/0x5d0 [ 17.071231] kasan_report+0xdc/0x128 [ 17.071277] __asan_report_load1_noabort+0x20/0x30 [ 17.071326] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.071375] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.071423] kunit_try_run_case+0x170/0x3f0 [ 17.071473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.071526] kthread+0x328/0x630 [ 17.071570] ret_from_fork+0x10/0x20 [ 17.071620] [ 17.071640] Allocated by task 222: [ 17.071672] kasan_save_stack+0x3c/0x68 [ 17.071712] kasan_save_track+0x20/0x40 [ 17.071751] kasan_save_alloc_info+0x40/0x58 [ 17.071790] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.071834] remove_element+0x130/0x1f8 [ 17.071873] mempool_alloc_preallocated+0x58/0xc0 [ 17.071913] mempool_oob_right_helper+0x98/0x2f0 [ 17.071951] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.071990] kunit_try_run_case+0x170/0x3f0 [ 17.072029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.072074] kthread+0x328/0x630 [ 17.072106] ret_from_fork+0x10/0x20 [ 17.072143] [ 17.072164] The buggy address belongs to the object at fff00000c64d8000 [ 17.072164] which belongs to the cache kmalloc-128 of size 128 [ 17.072232] The buggy address is located 0 bytes to the right of [ 17.072232] allocated 115-byte region [fff00000c64d8000, fff00000c64d8073) [ 17.072296] [ 17.072320] The buggy address belongs to the physical page: [ 17.072353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8 [ 17.072410] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.072463] page_type: f5(slab) [ 17.072506] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.072557] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.072600] page dumped because: kasan: bad access detected [ 17.072633] [ 17.072651] Memory state around the buggy address: [ 17.072687] fff00000c64d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072731] fff00000c64d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072775] >fff00000c64d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.072814] ^ [ 17.072852] fff00000c64d8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072910] fff00000c64d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.072951] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.512972] ================================================================== [ 16.513118] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.513206] Read of size 1 at addr fff00000c5bc08c0 by task kunit_try_catch/216 [ 16.513259] [ 16.513450] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.513540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513625] Hardware name: linux,dummy-virt (DT) [ 16.513662] Call trace: [ 16.513687] show_stack+0x20/0x38 (C) [ 16.513744] dump_stack_lvl+0x8c/0xd0 [ 16.513795] print_report+0x118/0x5d0 [ 16.513840] kasan_report+0xdc/0x128 [ 16.513886] __kasan_check_byte+0x54/0x70 [ 16.513931] kmem_cache_destroy+0x34/0x218 [ 16.513980] kmem_cache_double_destroy+0x174/0x300 [ 16.514029] kunit_try_run_case+0x170/0x3f0 [ 16.514076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.514128] kthread+0x328/0x630 [ 16.514214] ret_from_fork+0x10/0x20 [ 16.514263] [ 16.514312] Allocated by task 216: [ 16.514347] kasan_save_stack+0x3c/0x68 [ 16.514457] kasan_save_track+0x20/0x40 [ 16.514638] kasan_save_alloc_info+0x40/0x58 [ 16.514728] __kasan_slab_alloc+0xa8/0xb0 [ 16.514875] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.514953] __kmem_cache_create_args+0x178/0x280 [ 16.515098] kmem_cache_double_destroy+0xc0/0x300 [ 16.515209] kunit_try_run_case+0x170/0x3f0 [ 16.515274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.515572] kthread+0x328/0x630 [ 16.515650] ret_from_fork+0x10/0x20 [ 16.515704] [ 16.515752] Freed by task 216: [ 16.515805] kasan_save_stack+0x3c/0x68 [ 16.515874] kasan_save_track+0x20/0x40 [ 16.516022] kasan_save_free_info+0x4c/0x78 [ 16.516168] __kasan_slab_free+0x6c/0x98 [ 16.516267] kmem_cache_free+0x260/0x468 [ 16.516577] slab_kmem_cache_release+0x38/0x50 [ 16.516769] kmem_cache_release+0x1c/0x30 [ 16.516809] kobject_put+0x17c/0x420 [ 16.516851] sysfs_slab_release+0x1c/0x30 [ 16.517155] kmem_cache_destroy+0x118/0x218 [ 16.517333] kmem_cache_double_destroy+0x128/0x300 [ 16.517428] kunit_try_run_case+0x170/0x3f0 [ 16.517563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.517652] kthread+0x328/0x630 [ 16.517776] ret_from_fork+0x10/0x20 [ 16.517818] [ 16.517863] The buggy address belongs to the object at fff00000c5bc08c0 [ 16.517863] which belongs to the cache kmem_cache of size 208 [ 16.517928] The buggy address is located 0 bytes inside of [ 16.517928] freed 208-byte region [fff00000c5bc08c0, fff00000c5bc0990) [ 16.517991] [ 16.518025] The buggy address belongs to the physical page: [ 16.518068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105bc0 [ 16.518144] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.518336] page_type: f5(slab) [ 16.518384] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.518435] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.518478] page dumped because: kasan: bad access detected [ 16.518536] [ 16.518554] Memory state around the buggy address: [ 16.518589] fff00000c5bc0780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.518630] fff00000c5bc0800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.518687] >fff00000c5bc0880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.518733] ^ [ 16.518768] fff00000c5bc0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.518810] fff00000c5bc0980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.518863] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.343114] ================================================================== [ 16.343547] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.343817] Read of size 1 at addr fff00000c7706000 by task kunit_try_catch/214 [ 16.344171] [ 16.344246] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.344664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344726] Hardware name: linux,dummy-virt (DT) [ 16.344763] Call trace: [ 16.344789] show_stack+0x20/0x38 (C) [ 16.344846] dump_stack_lvl+0x8c/0xd0 [ 16.344955] print_report+0x118/0x5d0 [ 16.345159] kasan_report+0xdc/0x128 [ 16.345375] __asan_report_load1_noabort+0x20/0x30 [ 16.345661] kmem_cache_rcu_uaf+0x388/0x468 [ 16.346037] kunit_try_run_case+0x170/0x3f0 [ 16.346143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.346458] kthread+0x328/0x630 [ 16.346521] ret_from_fork+0x10/0x20 [ 16.347039] [ 16.347069] Allocated by task 214: [ 16.347116] kasan_save_stack+0x3c/0x68 [ 16.347617] kasan_save_track+0x20/0x40 [ 16.347745] kasan_save_alloc_info+0x40/0x58 [ 16.347821] __kasan_slab_alloc+0xa8/0xb0 [ 16.347886] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.348122] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.348507] kunit_try_run_case+0x170/0x3f0 [ 16.348704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.348963] kthread+0x328/0x630 [ 16.349006] ret_from_fork+0x10/0x20 [ 16.349059] [ 16.349079] Freed by task 0: [ 16.349563] kasan_save_stack+0x3c/0x68 [ 16.349839] kasan_save_track+0x20/0x40 [ 16.349908] kasan_save_free_info+0x4c/0x78 [ 16.349954] __kasan_slab_free+0x6c/0x98 [ 16.351477] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.351912] rcu_core+0x9f4/0x1e20 [ 16.352305] rcu_core_si+0x18/0x30 [ 16.352380] handle_softirqs+0x374/0xb28 [ 16.352445] __do_softirq+0x1c/0x28 [ 16.352504] [ 16.352817] Last potentially related work creation: [ 16.353093] kasan_save_stack+0x3c/0x68 [ 16.353149] kasan_record_aux_stack+0xb4/0xc8 [ 16.353553] kmem_cache_free+0x120/0x468 [ 16.353732] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.353797] kunit_try_run_case+0x170/0x3f0 [ 16.353843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.354043] kthread+0x328/0x630 [ 16.354294] ret_from_fork+0x10/0x20 [ 16.354558] [ 16.354631] The buggy address belongs to the object at fff00000c7706000 [ 16.354631] which belongs to the cache test_cache of size 200 [ 16.354843] The buggy address is located 0 bytes inside of [ 16.354843] freed 200-byte region [fff00000c7706000, fff00000c77060c8) [ 16.355115] [ 16.355179] The buggy address belongs to the physical page: [ 16.355494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706 [ 16.355596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.355837] page_type: f5(slab) [ 16.356033] raw: 0bfffe0000000000 fff00000c5bc0780 dead000000000122 0000000000000000 [ 16.356299] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.356571] page dumped because: kasan: bad access detected [ 16.356638] [ 16.356691] Memory state around the buggy address: [ 16.356818] fff00000c7705f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 16.356888] fff00000c7705f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357029] >fff00000c7706000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.357097] ^ [ 16.357135] fff00000c7706080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.358061] fff00000c7706100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358238] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 15.923736] ================================================================== [ 15.923802] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 15.923867] Free of addr fff00000c76f5001 by task kunit_try_catch/212 [ 15.925032] [ 15.925125] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.925248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.925293] Hardware name: linux,dummy-virt (DT) [ 15.925394] Call trace: [ 15.925445] show_stack+0x20/0x38 (C) [ 15.925531] dump_stack_lvl+0x8c/0xd0 [ 15.925859] print_report+0x118/0x5d0 [ 15.925964] kasan_report_invalid_free+0xc0/0xe8 [ 15.926094] check_slab_allocation+0xfc/0x108 [ 15.926244] __kasan_slab_pre_free+0x2c/0x48 [ 15.926379] kmem_cache_free+0xf0/0x468 [ 15.926473] kmem_cache_invalid_free+0x184/0x3c8 [ 15.926861] kunit_try_run_case+0x170/0x3f0 [ 15.927040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.927251] kthread+0x328/0x630 [ 15.927319] ret_from_fork+0x10/0x20 [ 15.927621] [ 15.927998] Allocated by task 212: [ 15.928102] kasan_save_stack+0x3c/0x68 [ 15.928242] kasan_save_track+0x20/0x40 [ 15.928336] kasan_save_alloc_info+0x40/0x58 [ 15.928379] __kasan_slab_alloc+0xa8/0xb0 [ 15.928689] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.928770] kmem_cache_invalid_free+0x12c/0x3c8 [ 15.928868] kunit_try_run_case+0x170/0x3f0 [ 15.928985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.929144] kthread+0x328/0x630 [ 15.929240] ret_from_fork+0x10/0x20 [ 15.929352] [ 15.929399] The buggy address belongs to the object at fff00000c76f5000 [ 15.929399] which belongs to the cache test_cache of size 200 [ 15.929459] The buggy address is located 1 bytes inside of [ 15.929459] 200-byte region [fff00000c76f5000, fff00000c76f50c8) [ 15.929526] [ 15.929942] The buggy address belongs to the physical page: [ 15.930065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076f5 [ 15.930240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.930379] page_type: f5(slab) [ 15.930443] raw: 0bfffe0000000000 fff00000c5bc0640 dead000000000122 0000000000000000 [ 15.930528] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.930844] page dumped because: kasan: bad access detected [ 15.931152] [ 15.931271] Memory state around the buggy address: [ 15.931368] fff00000c76f4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.931445] fff00000c76f4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.931581] >fff00000c76f5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.931658] ^ [ 15.931792] fff00000c76f5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.931838] fff00000c76f5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.931903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 15.892453] ================================================================== [ 15.892543] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 15.892945] Free of addr fff00000c7700000 by task kunit_try_catch/210 [ 15.893016] [ 15.893143] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.893329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.893627] Hardware name: linux,dummy-virt (DT) [ 15.893675] Call trace: [ 15.893791] show_stack+0x20/0x38 (C) [ 15.894074] dump_stack_lvl+0x8c/0xd0 [ 15.894210] print_report+0x118/0x5d0 [ 15.894308] kasan_report_invalid_free+0xc0/0xe8 [ 15.894398] check_slab_allocation+0xd4/0x108 [ 15.894528] __kasan_slab_pre_free+0x2c/0x48 [ 15.894602] kmem_cache_free+0xf0/0x468 [ 15.894897] kmem_cache_double_free+0x190/0x3c8 [ 15.895008] kunit_try_run_case+0x170/0x3f0 [ 15.895145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.895299] kthread+0x328/0x630 [ 15.895382] ret_from_fork+0x10/0x20 [ 15.895531] [ 15.895552] Allocated by task 210: [ 15.895606] kasan_save_stack+0x3c/0x68 [ 15.895949] kasan_save_track+0x20/0x40 [ 15.896024] kasan_save_alloc_info+0x40/0x58 [ 15.896170] __kasan_slab_alloc+0xa8/0xb0 [ 15.896268] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.896407] kmem_cache_double_free+0x12c/0x3c8 [ 15.896448] kunit_try_run_case+0x170/0x3f0 [ 15.896786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.896855] kthread+0x328/0x630 [ 15.896896] ret_from_fork+0x10/0x20 [ 15.897429] [ 15.897480] Freed by task 210: [ 15.897537] kasan_save_stack+0x3c/0x68 [ 15.897653] kasan_save_track+0x20/0x40 [ 15.897714] kasan_save_free_info+0x4c/0x78 [ 15.897870] __kasan_slab_free+0x6c/0x98 [ 15.897929] kmem_cache_free+0x260/0x468 [ 15.897991] kmem_cache_double_free+0x140/0x3c8 [ 15.898033] kunit_try_run_case+0x170/0x3f0 [ 15.898369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.898537] kthread+0x328/0x630 [ 15.898609] ret_from_fork+0x10/0x20 [ 15.898748] [ 15.898827] The buggy address belongs to the object at fff00000c7700000 [ 15.898827] which belongs to the cache test_cache of size 200 [ 15.898968] The buggy address is located 0 bytes inside of [ 15.898968] 200-byte region [fff00000c7700000, fff00000c77000c8) [ 15.899028] [ 15.899053] The buggy address belongs to the physical page: [ 15.899282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107700 [ 15.899380] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.899476] page_type: f5(slab) [ 15.899520] raw: 0bfffe0000000000 fff00000c5bc0500 dead000000000122 0000000000000000 [ 15.899572] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.899659] page dumped because: kasan: bad access detected [ 15.899694] [ 15.899728] Memory state around the buggy address: [ 15.899771] fff00000c76fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.899824] fff00000c76fff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.899876] >fff00000c7700000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.899936] ^ [ 15.899974] fff00000c7700080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 15.900016] fff00000c7700100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.900064] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.625623] ================================================================== [ 15.625740] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.625801] Read of size 1 at addr fff00000c77040c8 by task kunit_try_catch/208 [ 15.625853] [ 15.625889] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.625991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.626038] Hardware name: linux,dummy-virt (DT) [ 15.626099] Call trace: [ 15.626124] show_stack+0x20/0x38 (C) [ 15.626223] dump_stack_lvl+0x8c/0xd0 [ 15.626284] print_report+0x118/0x5d0 [ 15.626349] kasan_report+0xdc/0x128 [ 15.626402] __asan_report_load1_noabort+0x20/0x30 [ 15.626456] kmem_cache_oob+0x344/0x430 [ 15.626501] kunit_try_run_case+0x170/0x3f0 [ 15.626548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.626739] kthread+0x328/0x630 [ 15.626854] ret_from_fork+0x10/0x20 [ 15.626936] [ 15.626975] Allocated by task 208: [ 15.627022] kasan_save_stack+0x3c/0x68 [ 15.627065] kasan_save_track+0x20/0x40 [ 15.627101] kasan_save_alloc_info+0x40/0x58 [ 15.627167] __kasan_slab_alloc+0xa8/0xb0 [ 15.627235] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.627291] kmem_cache_oob+0x12c/0x430 [ 15.627334] kunit_try_run_case+0x170/0x3f0 [ 15.627371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.627414] kthread+0x328/0x630 [ 15.627464] ret_from_fork+0x10/0x20 [ 15.627527] [ 15.627593] The buggy address belongs to the object at fff00000c7704000 [ 15.627593] which belongs to the cache test_cache of size 200 [ 15.627660] The buggy address is located 0 bytes to the right of [ 15.627660] allocated 200-byte region [fff00000c7704000, fff00000c77040c8) [ 15.627735] [ 15.627772] The buggy address belongs to the physical page: [ 15.628043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107704 [ 15.628123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.628237] page_type: f5(slab) [ 15.628306] raw: 0bfffe0000000000 fff00000c5bc03c0 dead000000000122 0000000000000000 [ 15.628359] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.628432] page dumped because: kasan: bad access detected [ 15.628473] [ 15.628512] Memory state around the buggy address: [ 15.628546] fff00000c7703f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.628589] fff00000c7704000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.628633] >fff00000c7704080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.628692] ^ [ 15.628739] fff00000c7704100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628784] fff00000c7704180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.574430] ================================================================== [ 15.574811] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.574914] Read of size 4 at addr fff00000c770e340 by task ksoftirqd/1/23 [ 15.574967] [ 15.575225] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.575328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.575468] Hardware name: linux,dummy-virt (DT) [ 15.575609] Call trace: [ 15.575640] show_stack+0x20/0x38 (C) [ 15.575712] dump_stack_lvl+0x8c/0xd0 [ 15.575764] print_report+0x118/0x5d0 [ 15.575810] kasan_report+0xdc/0x128 [ 15.575913] __asan_report_load4_noabort+0x20/0x30 [ 15.575966] rcu_uaf_reclaim+0x64/0x70 [ 15.576030] rcu_core+0x9f4/0x1e20 [ 15.576170] rcu_core_si+0x18/0x30 [ 15.576363] handle_softirqs+0x374/0xb28 [ 15.576508] run_ksoftirqd+0x80/0xb0 [ 15.576582] smpboot_thread_fn+0x2e8/0x760 [ 15.576633] kthread+0x328/0x630 [ 15.576781] ret_from_fork+0x10/0x20 [ 15.576966] [ 15.577081] Allocated by task 199: [ 15.577141] kasan_save_stack+0x3c/0x68 [ 15.577326] kasan_save_track+0x20/0x40 [ 15.577366] kasan_save_alloc_info+0x40/0x58 [ 15.577407] __kasan_kmalloc+0xd4/0xd8 [ 15.577655] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.577761] rcu_uaf+0xb0/0x2d8 [ 15.577892] kunit_try_run_case+0x170/0x3f0 [ 15.578006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.578161] kthread+0x328/0x630 [ 15.578207] ret_from_fork+0x10/0x20 [ 15.578484] [ 15.578574] Freed by task 23: [ 15.578671] kasan_save_stack+0x3c/0x68 [ 15.578770] kasan_save_track+0x20/0x40 [ 15.578908] kasan_save_free_info+0x4c/0x78 [ 15.578967] __kasan_slab_free+0x6c/0x98 [ 15.579003] kfree+0x214/0x3c8 [ 15.579334] rcu_uaf_reclaim+0x28/0x70 [ 15.579416] rcu_core+0x9f4/0x1e20 [ 15.579484] rcu_core_si+0x18/0x30 [ 15.579577] handle_softirqs+0x374/0xb28 [ 15.579697] run_ksoftirqd+0x80/0xb0 [ 15.579745] smpboot_thread_fn+0x2e8/0x760 [ 15.579784] kthread+0x328/0x630 [ 15.579973] ret_from_fork+0x10/0x20 [ 15.580168] [ 15.580253] Last potentially related work creation: [ 15.580326] kasan_save_stack+0x3c/0x68 [ 15.580406] kasan_record_aux_stack+0xb4/0xc8 [ 15.580480] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.580523] call_rcu+0x18/0x30 [ 15.580844] rcu_uaf+0x14c/0x2d8 [ 15.581012] kunit_try_run_case+0x170/0x3f0 [ 15.581120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.581181] kthread+0x328/0x630 [ 15.581230] ret_from_fork+0x10/0x20 [ 15.581279] [ 15.581335] The buggy address belongs to the object at fff00000c770e340 [ 15.581335] which belongs to the cache kmalloc-32 of size 32 [ 15.581397] The buggy address is located 0 bytes inside of [ 15.581397] freed 32-byte region [fff00000c770e340, fff00000c770e360) [ 15.581591] [ 15.581662] The buggy address belongs to the physical page: [ 15.581758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770e [ 15.581840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.581932] page_type: f5(slab) [ 15.581985] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.582034] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.582082] page dumped because: kasan: bad access detected [ 15.582115] [ 15.582133] Memory state around the buggy address: [ 15.582168] fff00000c770e200: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.582369] fff00000c770e280: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 15.582482] >fff00000c770e300: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.582614] ^ [ 15.582652] fff00000c770e380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582733] fff00000c770e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582960] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.441403] ================================================================== [ 15.441618] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.441682] Read of size 1 at addr fff00000c7771078 by task kunit_try_catch/197 [ 15.441986] [ 15.442040] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.442320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.442413] Hardware name: linux,dummy-virt (DT) [ 15.442547] Call trace: [ 15.442634] show_stack+0x20/0x38 (C) [ 15.442708] dump_stack_lvl+0x8c/0xd0 [ 15.442774] print_report+0x118/0x5d0 [ 15.442841] kasan_report+0xdc/0x128 [ 15.443088] __asan_report_load1_noabort+0x20/0x30 [ 15.443159] ksize_uaf+0x544/0x5f8 [ 15.443214] kunit_try_run_case+0x170/0x3f0 [ 15.443684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.443847] kthread+0x328/0x630 [ 15.443924] ret_from_fork+0x10/0x20 [ 15.443990] [ 15.444017] Allocated by task 197: [ 15.444140] kasan_save_stack+0x3c/0x68 [ 15.444214] kasan_save_track+0x20/0x40 [ 15.444420] kasan_save_alloc_info+0x40/0x58 [ 15.444475] __kasan_kmalloc+0xd4/0xd8 [ 15.444518] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.444828] ksize_uaf+0xb8/0x5f8 [ 15.444897] kunit_try_run_case+0x170/0x3f0 [ 15.444980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.445053] kthread+0x328/0x630 [ 15.445165] ret_from_fork+0x10/0x20 [ 15.445532] [ 15.445569] Freed by task 197: [ 15.445630] kasan_save_stack+0x3c/0x68 [ 15.445738] kasan_save_track+0x20/0x40 [ 15.445858] kasan_save_free_info+0x4c/0x78 [ 15.445929] __kasan_slab_free+0x6c/0x98 [ 15.446061] kfree+0x214/0x3c8 [ 15.446150] ksize_uaf+0x11c/0x5f8 [ 15.446238] kunit_try_run_case+0x170/0x3f0 [ 15.446286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.446330] kthread+0x328/0x630 [ 15.446377] ret_from_fork+0x10/0x20 [ 15.446424] [ 15.446460] The buggy address belongs to the object at fff00000c7771000 [ 15.446460] which belongs to the cache kmalloc-128 of size 128 [ 15.446529] The buggy address is located 120 bytes inside of [ 15.446529] freed 128-byte region [fff00000c7771000, fff00000c7771080) [ 15.446605] [ 15.446649] The buggy address belongs to the physical page: [ 15.446689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107771 [ 15.446758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.446813] page_type: f5(slab) [ 15.446852] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.446911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.446952] page dumped because: kasan: bad access detected [ 15.446985] [ 15.447020] Memory state around the buggy address: [ 15.447072] fff00000c7770f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447125] fff00000c7770f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447168] >fff00000c7771000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.447427] ^ [ 15.447675] fff00000c7771080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447864] fff00000c7771100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.448104] ================================================================== [ 15.431074] ================================================================== [ 15.431135] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.431368] Read of size 1 at addr fff00000c7771000 by task kunit_try_catch/197 [ 15.431492] [ 15.431764] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.432079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.432123] Hardware name: linux,dummy-virt (DT) [ 15.432173] Call trace: [ 15.432252] show_stack+0x20/0x38 (C) [ 15.432309] dump_stack_lvl+0x8c/0xd0 [ 15.432355] print_report+0x118/0x5d0 [ 15.432588] kasan_report+0xdc/0x128 [ 15.432776] __asan_report_load1_noabort+0x20/0x30 [ 15.432831] ksize_uaf+0x598/0x5f8 [ 15.433067] kunit_try_run_case+0x170/0x3f0 [ 15.433249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.433417] kthread+0x328/0x630 [ 15.433470] ret_from_fork+0x10/0x20 [ 15.433517] [ 15.433700] Allocated by task 197: [ 15.433956] kasan_save_stack+0x3c/0x68 [ 15.434061] kasan_save_track+0x20/0x40 [ 15.434131] kasan_save_alloc_info+0x40/0x58 [ 15.434268] __kasan_kmalloc+0xd4/0xd8 [ 15.434307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.434549] ksize_uaf+0xb8/0x5f8 [ 15.434732] kunit_try_run_case+0x170/0x3f0 [ 15.434913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.435043] kthread+0x328/0x630 [ 15.435227] ret_from_fork+0x10/0x20 [ 15.435679] [ 15.435795] Freed by task 197: [ 15.435943] kasan_save_stack+0x3c/0x68 [ 15.436044] kasan_save_track+0x20/0x40 [ 15.436208] kasan_save_free_info+0x4c/0x78 [ 15.436467] __kasan_slab_free+0x6c/0x98 [ 15.436623] kfree+0x214/0x3c8 [ 15.436871] ksize_uaf+0x11c/0x5f8 [ 15.436948] kunit_try_run_case+0x170/0x3f0 [ 15.437063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.437315] kthread+0x328/0x630 [ 15.437530] ret_from_fork+0x10/0x20 [ 15.437686] [ 15.437746] The buggy address belongs to the object at fff00000c7771000 [ 15.437746] which belongs to the cache kmalloc-128 of size 128 [ 15.437900] The buggy address is located 0 bytes inside of [ 15.437900] freed 128-byte region [fff00000c7771000, fff00000c7771080) [ 15.437987] [ 15.438406] The buggy address belongs to the physical page: [ 15.438456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107771 [ 15.438582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.438768] page_type: f5(slab) [ 15.438891] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.438951] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.439166] page dumped because: kasan: bad access detected [ 15.439619] [ 15.439767] Memory state around the buggy address: [ 15.439874] fff00000c7770f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439940] fff00000c7770f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440256] >fff00000c7771000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.440395] ^ [ 15.440562] fff00000c7771080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440664] fff00000c7771100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440780] ================================================================== [ 15.423374] ================================================================== [ 15.423604] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.423667] Read of size 1 at addr fff00000c7771000 by task kunit_try_catch/197 [ 15.423719] [ 15.423851] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.423946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.424299] Hardware name: linux,dummy-virt (DT) [ 15.424404] Call trace: [ 15.424433] show_stack+0x20/0x38 (C) [ 15.424487] dump_stack_lvl+0x8c/0xd0 [ 15.424533] print_report+0x118/0x5d0 [ 15.424965] kasan_report+0xdc/0x128 [ 15.425271] __kasan_check_byte+0x54/0x70 [ 15.425495] ksize+0x30/0x88 [ 15.425550] ksize_uaf+0x168/0x5f8 [ 15.425619] kunit_try_run_case+0x170/0x3f0 [ 15.425669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.425723] kthread+0x328/0x630 [ 15.425776] ret_from_fork+0x10/0x20 [ 15.425831] [ 15.425850] Allocated by task 197: [ 15.425879] kasan_save_stack+0x3c/0x68 [ 15.425920] kasan_save_track+0x20/0x40 [ 15.425968] kasan_save_alloc_info+0x40/0x58 [ 15.426009] __kasan_kmalloc+0xd4/0xd8 [ 15.426056] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.426097] ksize_uaf+0xb8/0x5f8 [ 15.426138] kunit_try_run_case+0x170/0x3f0 [ 15.426177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.426232] kthread+0x328/0x630 [ 15.426264] ret_from_fork+0x10/0x20 [ 15.426308] [ 15.426337] Freed by task 197: [ 15.426371] kasan_save_stack+0x3c/0x68 [ 15.426412] kasan_save_track+0x20/0x40 [ 15.426448] kasan_save_free_info+0x4c/0x78 [ 15.426510] __kasan_slab_free+0x6c/0x98 [ 15.426547] kfree+0x214/0x3c8 [ 15.426582] ksize_uaf+0x11c/0x5f8 [ 15.426615] kunit_try_run_case+0x170/0x3f0 [ 15.426666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.426709] kthread+0x328/0x630 [ 15.426750] ret_from_fork+0x10/0x20 [ 15.426793] [ 15.426812] The buggy address belongs to the object at fff00000c7771000 [ 15.426812] which belongs to the cache kmalloc-128 of size 128 [ 15.426878] The buggy address is located 0 bytes inside of [ 15.426878] freed 128-byte region [fff00000c7771000, fff00000c7771080) [ 15.426948] [ 15.426976] The buggy address belongs to the physical page: [ 15.427024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107771 [ 15.427078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.427142] page_type: f5(slab) [ 15.428063] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.428141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.428202] page dumped because: kasan: bad access detected [ 15.428271] [ 15.428315] Memory state around the buggy address: [ 15.428389] fff00000c7770f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.428604] fff00000c7770f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.428701] >fff00000c7771000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.428951] ^ [ 15.429204] fff00000c7771080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429387] fff00000c7771100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429564] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.407262] ================================================================== [ 15.407341] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.407396] Read of size 1 at addr fff00000c6094f7f by task kunit_try_catch/195 [ 15.407631] [ 15.407684] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.407882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.408058] Hardware name: linux,dummy-virt (DT) [ 15.408135] Call trace: [ 15.408161] show_stack+0x20/0x38 (C) [ 15.408225] dump_stack_lvl+0x8c/0xd0 [ 15.408449] print_report+0x118/0x5d0 [ 15.408691] kasan_report+0xdc/0x128 [ 15.408811] __asan_report_load1_noabort+0x20/0x30 [ 15.408905] ksize_unpoisons_memory+0x690/0x740 [ 15.409055] kunit_try_run_case+0x170/0x3f0 [ 15.409143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.409368] kthread+0x328/0x630 [ 15.409596] ret_from_fork+0x10/0x20 [ 15.409763] [ 15.409832] Allocated by task 195: [ 15.409988] kasan_save_stack+0x3c/0x68 [ 15.410093] kasan_save_track+0x20/0x40 [ 15.410231] kasan_save_alloc_info+0x40/0x58 [ 15.410659] __kasan_kmalloc+0xd4/0xd8 [ 15.410729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.410812] ksize_unpoisons_memory+0xc0/0x740 [ 15.410861] kunit_try_run_case+0x170/0x3f0 [ 15.410899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.410951] kthread+0x328/0x630 [ 15.410983] ret_from_fork+0x10/0x20 [ 15.411018] [ 15.411039] The buggy address belongs to the object at fff00000c6094f00 [ 15.411039] which belongs to the cache kmalloc-128 of size 128 [ 15.411096] The buggy address is located 12 bytes to the right of [ 15.411096] allocated 115-byte region [fff00000c6094f00, fff00000c6094f73) [ 15.411161] [ 15.411180] The buggy address belongs to the physical page: [ 15.411223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.411285] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.411331] page_type: f5(slab) [ 15.411372] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.411424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.411485] page dumped because: kasan: bad access detected [ 15.411516] [ 15.411536] Memory state around the buggy address: [ 15.411575] fff00000c6094e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.411628] fff00000c6094e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411680] >fff00000c6094f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.411729] ^ [ 15.411771] fff00000c6094f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411813] fff00000c6095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.411862] ================================================================== [ 15.391029] ================================================================== [ 15.391816] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.391937] Read of size 1 at addr fff00000c6094f73 by task kunit_try_catch/195 [ 15.392032] [ 15.392069] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.392429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.392553] Hardware name: linux,dummy-virt (DT) [ 15.392909] Call trace: [ 15.392950] show_stack+0x20/0x38 (C) [ 15.393059] dump_stack_lvl+0x8c/0xd0 [ 15.393133] print_report+0x118/0x5d0 [ 15.393322] kasan_report+0xdc/0x128 [ 15.393381] __asan_report_load1_noabort+0x20/0x30 [ 15.393545] ksize_unpoisons_memory+0x628/0x740 [ 15.393782] kunit_try_run_case+0x170/0x3f0 [ 15.393935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.394002] kthread+0x328/0x630 [ 15.394201] ret_from_fork+0x10/0x20 [ 15.394426] [ 15.394468] Allocated by task 195: [ 15.394542] kasan_save_stack+0x3c/0x68 [ 15.394747] kasan_save_track+0x20/0x40 [ 15.394928] kasan_save_alloc_info+0x40/0x58 [ 15.395020] __kasan_kmalloc+0xd4/0xd8 [ 15.395068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.395109] ksize_unpoisons_memory+0xc0/0x740 [ 15.395148] kunit_try_run_case+0x170/0x3f0 [ 15.395218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.395277] kthread+0x328/0x630 [ 15.395328] ret_from_fork+0x10/0x20 [ 15.395366] [ 15.395388] The buggy address belongs to the object at fff00000c6094f00 [ 15.395388] which belongs to the cache kmalloc-128 of size 128 [ 15.395451] The buggy address is located 0 bytes to the right of [ 15.395451] allocated 115-byte region [fff00000c6094f00, fff00000c6094f73) [ 15.395515] [ 15.395536] The buggy address belongs to the physical page: [ 15.395585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.395648] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.395696] page_type: f5(slab) [ 15.395735] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.395786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.395834] page dumped because: kasan: bad access detected [ 15.395879] [ 15.395897] Memory state around the buggy address: [ 15.395930] fff00000c6094e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.395981] fff00000c6094e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.396022] >fff00000c6094f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.396078] ^ [ 15.396116] fff00000c6094f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.396173] fff00000c6095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.396221] ================================================================== [ 15.399296] ================================================================== [ 15.399391] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.399515] Read of size 1 at addr fff00000c6094f78 by task kunit_try_catch/195 [ 15.399569] [ 15.399628] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.400051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.400216] Hardware name: linux,dummy-virt (DT) [ 15.400262] Call trace: [ 15.400318] show_stack+0x20/0x38 (C) [ 15.400391] dump_stack_lvl+0x8c/0xd0 [ 15.400437] print_report+0x118/0x5d0 [ 15.400726] kasan_report+0xdc/0x128 [ 15.400797] __asan_report_load1_noabort+0x20/0x30 [ 15.400851] ksize_unpoisons_memory+0x618/0x740 [ 15.401157] kunit_try_run_case+0x170/0x3f0 [ 15.401276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.401378] kthread+0x328/0x630 [ 15.401477] ret_from_fork+0x10/0x20 [ 15.401629] [ 15.401649] Allocated by task 195: [ 15.401677] kasan_save_stack+0x3c/0x68 [ 15.401719] kasan_save_track+0x20/0x40 [ 15.401764] kasan_save_alloc_info+0x40/0x58 [ 15.402106] __kasan_kmalloc+0xd4/0xd8 [ 15.402213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.402308] ksize_unpoisons_memory+0xc0/0x740 [ 15.402396] kunit_try_run_case+0x170/0x3f0 [ 15.402482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.402615] kthread+0x328/0x630 [ 15.402690] ret_from_fork+0x10/0x20 [ 15.402735] [ 15.402894] The buggy address belongs to the object at fff00000c6094f00 [ 15.402894] which belongs to the cache kmalloc-128 of size 128 [ 15.403129] The buggy address is located 5 bytes to the right of [ 15.403129] allocated 115-byte region [fff00000c6094f00, fff00000c6094f73) [ 15.403329] [ 15.403405] The buggy address belongs to the physical page: [ 15.403551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.403649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.403994] page_type: f5(slab) [ 15.404298] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.404573] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.404628] page dumped because: kasan: bad access detected [ 15.404764] [ 15.404854] Memory state around the buggy address: [ 15.405027] fff00000c6094e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.405112] fff00000c6094e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405157] >fff00000c6094f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.405398] ^ [ 15.405645] fff00000c6094f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405811] fff00000c6095000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.405919] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.371979] ================================================================== [ 15.372051] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.372265] Free of addr fff00000c6086780 by task kunit_try_catch/193 [ 15.372356] [ 15.372392] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.372585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.372808] Hardware name: linux,dummy-virt (DT) [ 15.373003] Call trace: [ 15.373080] show_stack+0x20/0x38 (C) [ 15.373261] dump_stack_lvl+0x8c/0xd0 [ 15.373343] print_report+0x118/0x5d0 [ 15.373490] kasan_report_invalid_free+0xc0/0xe8 [ 15.373725] check_slab_allocation+0xd4/0x108 [ 15.373903] __kasan_slab_pre_free+0x2c/0x48 [ 15.374084] kfree+0xe8/0x3c8 [ 15.374173] kfree_sensitive+0x3c/0xb0 [ 15.374265] kmalloc_double_kzfree+0x168/0x308 [ 15.374402] kunit_try_run_case+0x170/0x3f0 [ 15.374499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.374622] kthread+0x328/0x630 [ 15.374698] ret_from_fork+0x10/0x20 [ 15.374929] [ 15.374981] Allocated by task 193: [ 15.375222] kasan_save_stack+0x3c/0x68 [ 15.375347] kasan_save_track+0x20/0x40 [ 15.375388] kasan_save_alloc_info+0x40/0x58 [ 15.375470] __kasan_kmalloc+0xd4/0xd8 [ 15.375675] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.375874] kmalloc_double_kzfree+0xb8/0x308 [ 15.375959] kunit_try_run_case+0x170/0x3f0 [ 15.376139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.376287] kthread+0x328/0x630 [ 15.376322] ret_from_fork+0x10/0x20 [ 15.376559] [ 15.376687] Freed by task 193: [ 15.376748] kasan_save_stack+0x3c/0x68 [ 15.376924] kasan_save_track+0x20/0x40 [ 15.377020] kasan_save_free_info+0x4c/0x78 [ 15.377253] __kasan_slab_free+0x6c/0x98 [ 15.377294] kfree+0x214/0x3c8 [ 15.377335] kfree_sensitive+0x80/0xb0 [ 15.377370] kmalloc_double_kzfree+0x11c/0x308 [ 15.377734] kunit_try_run_case+0x170/0x3f0 [ 15.377914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.378050] kthread+0x328/0x630 [ 15.378169] ret_from_fork+0x10/0x20 [ 15.378302] [ 15.378326] The buggy address belongs to the object at fff00000c6086780 [ 15.378326] which belongs to the cache kmalloc-16 of size 16 [ 15.378420] The buggy address is located 0 bytes inside of [ 15.378420] 16-byte region [fff00000c6086780, fff00000c6086790) [ 15.379211] [ 15.379271] The buggy address belongs to the physical page: [ 15.379306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 15.379585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.379670] page_type: f5(slab) [ 15.379738] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.380444] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.380693] page dumped because: kasan: bad access detected [ 15.380742] [ 15.380846] Memory state around the buggy address: [ 15.380894] fff00000c6086680: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.380980] fff00000c6086700: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.381102] >fff00000c6086780: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381213] ^ [ 15.381244] fff00000c6086800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381308] fff00000c6086880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381491] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.363699] ================================================================== [ 15.363910] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.364126] Read of size 1 at addr fff00000c6086780 by task kunit_try_catch/193 [ 15.364204] [ 15.364316] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.364440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.364476] Hardware name: linux,dummy-virt (DT) [ 15.364508] Call trace: [ 15.364536] show_stack+0x20/0x38 (C) [ 15.364896] dump_stack_lvl+0x8c/0xd0 [ 15.365201] print_report+0x118/0x5d0 [ 15.365290] kasan_report+0xdc/0x128 [ 15.365485] __kasan_check_byte+0x54/0x70 [ 15.365640] kfree_sensitive+0x30/0xb0 [ 15.365723] kmalloc_double_kzfree+0x168/0x308 [ 15.365849] kunit_try_run_case+0x170/0x3f0 [ 15.365946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.366230] kthread+0x328/0x630 [ 15.366454] ret_from_fork+0x10/0x20 [ 15.366656] [ 15.366724] Allocated by task 193: [ 15.366835] kasan_save_stack+0x3c/0x68 [ 15.366924] kasan_save_track+0x20/0x40 [ 15.366995] kasan_save_alloc_info+0x40/0x58 [ 15.367096] __kasan_kmalloc+0xd4/0xd8 [ 15.367135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.367382] kmalloc_double_kzfree+0xb8/0x308 [ 15.367523] kunit_try_run_case+0x170/0x3f0 [ 15.367624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.367710] kthread+0x328/0x630 [ 15.367988] ret_from_fork+0x10/0x20 [ 15.368061] [ 15.368439] Freed by task 193: [ 15.368531] kasan_save_stack+0x3c/0x68 [ 15.368639] kasan_save_track+0x20/0x40 [ 15.368722] kasan_save_free_info+0x4c/0x78 [ 15.368847] __kasan_slab_free+0x6c/0x98 [ 15.368985] kfree+0x214/0x3c8 [ 15.369114] kfree_sensitive+0x80/0xb0 [ 15.369173] kmalloc_double_kzfree+0x11c/0x308 [ 15.369399] kunit_try_run_case+0x170/0x3f0 [ 15.369553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.369780] kthread+0x328/0x630 [ 15.369838] ret_from_fork+0x10/0x20 [ 15.369988] [ 15.370030] The buggy address belongs to the object at fff00000c6086780 [ 15.370030] which belongs to the cache kmalloc-16 of size 16 [ 15.370109] The buggy address is located 0 bytes inside of [ 15.370109] freed 16-byte region [fff00000c6086780, fff00000c6086790) [ 15.370176] [ 15.370258] The buggy address belongs to the physical page: [ 15.370302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 15.370364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.370422] page_type: f5(slab) [ 15.370464] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.370514] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.370563] page dumped because: kasan: bad access detected [ 15.370595] [ 15.370613] Memory state around the buggy address: [ 15.370647] fff00000c6086680: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.370690] fff00000c6086700: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.370733] >fff00000c6086780: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370786] ^ [ 15.370813] fff00000c6086800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370855] fff00000c6086880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370893] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.339382] ================================================================== [ 15.339537] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.339591] Read of size 1 at addr fff00000c770c6a8 by task kunit_try_catch/189 [ 15.339665] [ 15.339757] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.339862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.340080] Hardware name: linux,dummy-virt (DT) [ 15.340257] Call trace: [ 15.340312] show_stack+0x20/0x38 (C) [ 15.340417] dump_stack_lvl+0x8c/0xd0 [ 15.340504] print_report+0x118/0x5d0 [ 15.340553] kasan_report+0xdc/0x128 [ 15.340766] __asan_report_load1_noabort+0x20/0x30 [ 15.340820] kmalloc_uaf2+0x3f4/0x468 [ 15.340980] kunit_try_run_case+0x170/0x3f0 [ 15.341234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.341338] kthread+0x328/0x630 [ 15.341644] ret_from_fork+0x10/0x20 [ 15.341825] [ 15.341853] Allocated by task 189: [ 15.341886] kasan_save_stack+0x3c/0x68 [ 15.341931] kasan_save_track+0x20/0x40 [ 15.341978] kasan_save_alloc_info+0x40/0x58 [ 15.342028] __kasan_kmalloc+0xd4/0xd8 [ 15.342065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.342127] kmalloc_uaf2+0xc4/0x468 [ 15.342163] kunit_try_run_case+0x170/0x3f0 [ 15.342213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.342254] kthread+0x328/0x630 [ 15.342296] ret_from_fork+0x10/0x20 [ 15.342332] [ 15.342351] Freed by task 189: [ 15.342386] kasan_save_stack+0x3c/0x68 [ 15.342423] kasan_save_track+0x20/0x40 [ 15.342459] kasan_save_free_info+0x4c/0x78 [ 15.342500] __kasan_slab_free+0x6c/0x98 [ 15.342535] kfree+0x214/0x3c8 [ 15.342568] kmalloc_uaf2+0x134/0x468 [ 15.342603] kunit_try_run_case+0x170/0x3f0 [ 15.342648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.342702] kthread+0x328/0x630 [ 15.342734] ret_from_fork+0x10/0x20 [ 15.342770] [ 15.342790] The buggy address belongs to the object at fff00000c770c680 [ 15.342790] which belongs to the cache kmalloc-64 of size 64 [ 15.342862] The buggy address is located 40 bytes inside of [ 15.342862] freed 64-byte region [fff00000c770c680, fff00000c770c6c0) [ 15.342943] [ 15.342972] The buggy address belongs to the physical page: [ 15.343004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 15.343059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.343107] page_type: f5(slab) [ 15.343154] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.343717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.343783] page dumped because: kasan: bad access detected [ 15.343863] [ 15.343932] Memory state around the buggy address: [ 15.343965] fff00000c770c580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344562] fff00000c770c600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344795] >fff00000c770c680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344868] ^ [ 15.344905] fff00000c770c700: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.344950] fff00000c770c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345235] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.318610] ================================================================== [ 15.318670] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.318722] Write of size 33 at addr fff00000c770c500 by task kunit_try_catch/187 [ 15.318773] [ 15.318809] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.318915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.318943] Hardware name: linux,dummy-virt (DT) [ 15.318976] Call trace: [ 15.318998] show_stack+0x20/0x38 (C) [ 15.319050] dump_stack_lvl+0x8c/0xd0 [ 15.319099] print_report+0x118/0x5d0 [ 15.319146] kasan_report+0xdc/0x128 [ 15.319481] kasan_check_range+0x100/0x1a8 [ 15.319579] __asan_memset+0x34/0x78 [ 15.319820] kmalloc_uaf_memset+0x170/0x310 [ 15.319891] kunit_try_run_case+0x170/0x3f0 [ 15.320601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.320695] kthread+0x328/0x630 [ 15.320753] ret_from_fork+0x10/0x20 [ 15.320813] [ 15.321000] Allocated by task 187: [ 15.321050] kasan_save_stack+0x3c/0x68 [ 15.321469] kasan_save_track+0x20/0x40 [ 15.321702] kasan_save_alloc_info+0x40/0x58 [ 15.321908] __kasan_kmalloc+0xd4/0xd8 [ 15.322000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.322042] kmalloc_uaf_memset+0xb8/0x310 [ 15.322084] kunit_try_run_case+0x170/0x3f0 [ 15.322122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.322334] kthread+0x328/0x630 [ 15.322424] ret_from_fork+0x10/0x20 [ 15.322770] [ 15.323159] Freed by task 187: [ 15.323259] kasan_save_stack+0x3c/0x68 [ 15.323580] kasan_save_track+0x20/0x40 [ 15.323824] kasan_save_free_info+0x4c/0x78 [ 15.323921] __kasan_slab_free+0x6c/0x98 [ 15.324054] kfree+0x214/0x3c8 [ 15.324114] kmalloc_uaf_memset+0x11c/0x310 [ 15.324246] kunit_try_run_case+0x170/0x3f0 [ 15.324289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.324535] kthread+0x328/0x630 [ 15.324594] ret_from_fork+0x10/0x20 [ 15.324740] [ 15.324861] The buggy address belongs to the object at fff00000c770c500 [ 15.324861] which belongs to the cache kmalloc-64 of size 64 [ 15.325156] The buggy address is located 0 bytes inside of [ 15.325156] freed 64-byte region [fff00000c770c500, fff00000c770c540) [ 15.325407] [ 15.325658] The buggy address belongs to the physical page: [ 15.325706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 15.325906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.326061] page_type: f5(slab) [ 15.326150] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.326291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.326334] page dumped because: kasan: bad access detected [ 15.326586] [ 15.326668] Memory state around the buggy address: [ 15.326715] fff00000c770c400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.326763] fff00000c770c480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.326938] >fff00000c770c500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.327007] ^ [ 15.327045] fff00000c770c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327098] fff00000c770c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327137] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.300064] ================================================================== [ 15.300148] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.300278] Read of size 1 at addr fff00000c6086768 by task kunit_try_catch/185 [ 15.300357] [ 15.300414] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.300562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.300589] Hardware name: linux,dummy-virt (DT) [ 15.300879] Call trace: [ 15.300959] show_stack+0x20/0x38 (C) [ 15.301055] dump_stack_lvl+0x8c/0xd0 [ 15.301731] print_report+0x118/0x5d0 [ 15.301792] kasan_report+0xdc/0x128 [ 15.301839] __asan_report_load1_noabort+0x20/0x30 [ 15.301919] kmalloc_uaf+0x300/0x338 [ 15.301982] kunit_try_run_case+0x170/0x3f0 [ 15.302304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.302779] kthread+0x328/0x630 [ 15.302946] ret_from_fork+0x10/0x20 [ 15.303252] [ 15.303304] Allocated by task 185: [ 15.303345] kasan_save_stack+0x3c/0x68 [ 15.303916] kasan_save_track+0x20/0x40 [ 15.304024] kasan_save_alloc_info+0x40/0x58 [ 15.304069] __kasan_kmalloc+0xd4/0xd8 [ 15.304133] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.304536] kmalloc_uaf+0xb8/0x338 [ 15.304656] kunit_try_run_case+0x170/0x3f0 [ 15.304816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.304928] kthread+0x328/0x630 [ 15.305006] ret_from_fork+0x10/0x20 [ 15.305114] [ 15.305196] Freed by task 185: [ 15.305310] kasan_save_stack+0x3c/0x68 [ 15.305389] kasan_save_track+0x20/0x40 [ 15.305490] kasan_save_free_info+0x4c/0x78 [ 15.305533] __kasan_slab_free+0x6c/0x98 [ 15.305571] kfree+0x214/0x3c8 [ 15.305609] kmalloc_uaf+0x11c/0x338 [ 15.305645] kunit_try_run_case+0x170/0x3f0 [ 15.305951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.306111] kthread+0x328/0x630 [ 15.306179] ret_from_fork+0x10/0x20 [ 15.306264] [ 15.306301] The buggy address belongs to the object at fff00000c6086760 [ 15.306301] which belongs to the cache kmalloc-16 of size 16 [ 15.306375] The buggy address is located 8 bytes inside of [ 15.306375] freed 16-byte region [fff00000c6086760, fff00000c6086770) [ 15.306447] [ 15.306476] The buggy address belongs to the physical page: [ 15.306509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 15.306561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.306609] page_type: f5(slab) [ 15.306649] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.306707] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.306748] page dumped because: kasan: bad access detected [ 15.306780] [ 15.306804] Memory state around the buggy address: [ 15.306836] fff00000c6086600: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 15.306889] fff00000c6086680: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.306954] >fff00000c6086700: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.306993] ^ [ 15.307044] fff00000c6086780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.307101] fff00000c6086800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.307139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.282996] ================================================================== [ 15.283057] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.283111] Read of size 64 at addr fff00000c770c204 by task kunit_try_catch/183 [ 15.283225] [ 15.283263] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.283347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.283374] Hardware name: linux,dummy-virt (DT) [ 15.283407] Call trace: [ 15.283429] show_stack+0x20/0x38 (C) [ 15.283478] dump_stack_lvl+0x8c/0xd0 [ 15.283540] print_report+0x118/0x5d0 [ 15.283603] kasan_report+0xdc/0x128 [ 15.283658] kasan_check_range+0x100/0x1a8 [ 15.283707] __asan_memmove+0x3c/0x98 [ 15.283749] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.283813] kunit_try_run_case+0x170/0x3f0 [ 15.283862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.283913] kthread+0x328/0x630 [ 15.283956] ret_from_fork+0x10/0x20 [ 15.284004] [ 15.284022] Allocated by task 183: [ 15.284049] kasan_save_stack+0x3c/0x68 [ 15.284091] kasan_save_track+0x20/0x40 [ 15.284128] kasan_save_alloc_info+0x40/0x58 [ 15.284173] __kasan_kmalloc+0xd4/0xd8 [ 15.284630] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.285164] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.285332] kunit_try_run_case+0x170/0x3f0 [ 15.285428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.285564] kthread+0x328/0x630 [ 15.285642] ret_from_fork+0x10/0x20 [ 15.285712] [ 15.285734] The buggy address belongs to the object at fff00000c770c200 [ 15.285734] which belongs to the cache kmalloc-64 of size 64 [ 15.285939] The buggy address is located 4 bytes inside of [ 15.285939] allocated 64-byte region [fff00000c770c200, fff00000c770c240) [ 15.286252] [ 15.286341] The buggy address belongs to the physical page: [ 15.286404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 15.286842] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.287055] page_type: f5(slab) [ 15.287144] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.287242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.287389] page dumped because: kasan: bad access detected [ 15.287435] [ 15.287454] Memory state around the buggy address: [ 15.287678] fff00000c770c100: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.287901] fff00000c770c180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.287963] >fff00000c770c200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.288114] ^ [ 15.288243] fff00000c770c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288319] fff00000c770c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288416] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.265673] ================================================================== [ 15.265741] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.265841] Read of size 18446744073709551614 at addr fff00000c770c004 by task kunit_try_catch/181 [ 15.265939] [ 15.265973] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.266052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.266079] Hardware name: linux,dummy-virt (DT) [ 15.266109] Call trace: [ 15.266131] show_stack+0x20/0x38 (C) [ 15.266181] dump_stack_lvl+0x8c/0xd0 [ 15.266240] print_report+0x118/0x5d0 [ 15.266285] kasan_report+0xdc/0x128 [ 15.266329] kasan_check_range+0x100/0x1a8 [ 15.266376] __asan_memmove+0x3c/0x98 [ 15.266417] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.266466] kunit_try_run_case+0x170/0x3f0 [ 15.266512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.266563] kthread+0x328/0x630 [ 15.266786] ret_from_fork+0x10/0x20 [ 15.266835] [ 15.266857] Allocated by task 181: [ 15.266884] kasan_save_stack+0x3c/0x68 [ 15.266923] kasan_save_track+0x20/0x40 [ 15.266960] kasan_save_alloc_info+0x40/0x58 [ 15.267001] __kasan_kmalloc+0xd4/0xd8 [ 15.267038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.267088] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.267132] kunit_try_run_case+0x170/0x3f0 [ 15.267171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.267807] kthread+0x328/0x630 [ 15.267863] ret_from_fork+0x10/0x20 [ 15.267899] [ 15.268251] The buggy address belongs to the object at fff00000c770c000 [ 15.268251] which belongs to the cache kmalloc-64 of size 64 [ 15.268854] The buggy address is located 4 bytes inside of [ 15.268854] 64-byte region [fff00000c770c000, fff00000c770c040) [ 15.269028] [ 15.269142] The buggy address belongs to the physical page: [ 15.269216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 15.269647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.269753] page_type: f5(slab) [ 15.269864] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.269932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.270181] page dumped because: kasan: bad access detected [ 15.270325] [ 15.270430] Memory state around the buggy address: [ 15.270698] fff00000c770bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.270868] fff00000c770bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.270946] >fff00000c770c000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.271095] ^ [ 15.271163] fff00000c770c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.271573] fff00000c770c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.271657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.250000] ================================================================== [ 15.250215] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.250268] Write of size 16 at addr fff00000c6094e69 by task kunit_try_catch/179 [ 15.250357] [ 15.250406] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.250645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.250789] Hardware name: linux,dummy-virt (DT) [ 15.250838] Call trace: [ 15.250967] show_stack+0x20/0x38 (C) [ 15.251042] dump_stack_lvl+0x8c/0xd0 [ 15.251095] print_report+0x118/0x5d0 [ 15.251180] kasan_report+0xdc/0x128 [ 15.251239] kasan_check_range+0x100/0x1a8 [ 15.251286] __asan_memset+0x34/0x78 [ 15.251358] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.251404] kunit_try_run_case+0x170/0x3f0 [ 15.251449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.251499] kthread+0x328/0x630 [ 15.251540] ret_from_fork+0x10/0x20 [ 15.251602] [ 15.251631] Allocated by task 179: [ 15.251659] kasan_save_stack+0x3c/0x68 [ 15.251707] kasan_save_track+0x20/0x40 [ 15.251745] kasan_save_alloc_info+0x40/0x58 [ 15.251784] __kasan_kmalloc+0xd4/0xd8 [ 15.251819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.251858] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.251894] kunit_try_run_case+0x170/0x3f0 [ 15.251930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.251972] kthread+0x328/0x630 [ 15.252003] ret_from_fork+0x10/0x20 [ 15.252044] [ 15.252072] The buggy address belongs to the object at fff00000c6094e00 [ 15.252072] which belongs to the cache kmalloc-128 of size 128 [ 15.252132] The buggy address is located 105 bytes inside of [ 15.252132] allocated 120-byte region [fff00000c6094e00, fff00000c6094e78) [ 15.252320] [ 15.252373] The buggy address belongs to the physical page: [ 15.252485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.252544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.252589] page_type: f5(slab) [ 15.252625] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.252999] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.253281] page dumped because: kasan: bad access detected [ 15.253340] [ 15.253405] Memory state around the buggy address: [ 15.253526] fff00000c6094d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.253583] fff00000c6094d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253625] >fff00000c6094e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.253942] ^ [ 15.254005] fff00000c6094e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254226] fff00000c6094f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.232606] ================================================================== [ 15.232789] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.233063] Write of size 8 at addr fff00000c6094d71 by task kunit_try_catch/177 [ 15.233295] [ 15.233367] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.233528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.233591] Hardware name: linux,dummy-virt (DT) [ 15.233637] Call trace: [ 15.233734] show_stack+0x20/0x38 (C) [ 15.233793] dump_stack_lvl+0x8c/0xd0 [ 15.234234] print_report+0x118/0x5d0 [ 15.234331] kasan_report+0xdc/0x128 [ 15.234478] kasan_check_range+0x100/0x1a8 [ 15.234564] __asan_memset+0x34/0x78 [ 15.234711] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.234798] kunit_try_run_case+0x170/0x3f0 [ 15.234938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.235178] kthread+0x328/0x630 [ 15.235255] ret_from_fork+0x10/0x20 [ 15.235488] [ 15.235559] Allocated by task 177: [ 15.235674] kasan_save_stack+0x3c/0x68 [ 15.235762] kasan_save_track+0x20/0x40 [ 15.236489] kasan_save_alloc_info+0x40/0x58 [ 15.236819] __kasan_kmalloc+0xd4/0xd8 [ 15.236895] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.236954] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.237032] kunit_try_run_case+0x170/0x3f0 [ 15.237175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.237434] kthread+0x328/0x630 [ 15.237663] ret_from_fork+0x10/0x20 [ 15.237889] [ 15.237931] The buggy address belongs to the object at fff00000c6094d00 [ 15.237931] which belongs to the cache kmalloc-128 of size 128 [ 15.238058] The buggy address is located 113 bytes inside of [ 15.238058] allocated 120-byte region [fff00000c6094d00, fff00000c6094d78) [ 15.238152] [ 15.238221] The buggy address belongs to the physical page: [ 15.238253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.238307] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.238354] page_type: f5(slab) [ 15.238423] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.238477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.238525] page dumped because: kasan: bad access detected [ 15.238556] [ 15.238574] Memory state around the buggy address: [ 15.238618] fff00000c6094c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.238671] fff00000c6094c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238719] >fff00000c6094d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.238757] ^ [ 15.238808] fff00000c6094d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238847] fff00000c6094e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238884] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.218357] ================================================================== [ 15.218635] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.218696] Write of size 4 at addr fff00000c6094c75 by task kunit_try_catch/175 [ 15.218827] [ 15.218863] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.219219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.219262] Hardware name: linux,dummy-virt (DT) [ 15.219328] Call trace: [ 15.219353] show_stack+0x20/0x38 (C) [ 15.219408] dump_stack_lvl+0x8c/0xd0 [ 15.219454] print_report+0x118/0x5d0 [ 15.219543] kasan_report+0xdc/0x128 [ 15.219588] kasan_check_range+0x100/0x1a8 [ 15.219697] __asan_memset+0x34/0x78 [ 15.219743] kmalloc_oob_memset_4+0x150/0x300 [ 15.219788] kunit_try_run_case+0x170/0x3f0 [ 15.219977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.220049] kthread+0x328/0x630 [ 15.220337] ret_from_fork+0x10/0x20 [ 15.220431] [ 15.220470] Allocated by task 175: [ 15.220517] kasan_save_stack+0x3c/0x68 [ 15.220646] kasan_save_track+0x20/0x40 [ 15.220688] kasan_save_alloc_info+0x40/0x58 [ 15.220727] __kasan_kmalloc+0xd4/0xd8 [ 15.220762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.221114] kmalloc_oob_memset_4+0xb0/0x300 [ 15.221200] kunit_try_run_case+0x170/0x3f0 [ 15.221239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.221312] kthread+0x328/0x630 [ 15.221344] ret_from_fork+0x10/0x20 [ 15.221627] [ 15.221695] The buggy address belongs to the object at fff00000c6094c00 [ 15.221695] which belongs to the cache kmalloc-128 of size 128 [ 15.221864] The buggy address is located 117 bytes inside of [ 15.221864] allocated 120-byte region [fff00000c6094c00, fff00000c6094c78) [ 15.221949] [ 15.222047] The buggy address belongs to the physical page: [ 15.222119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.222254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.222342] page_type: f5(slab) [ 15.222395] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.222906] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.222990] page dumped because: kasan: bad access detected [ 15.223131] [ 15.223213] Memory state around the buggy address: [ 15.223318] fff00000c6094b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.223393] fff00000c6094b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.223440] >fff00000c6094c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.223618] ^ [ 15.223857] fff00000c6094c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.224011] fff00000c6094d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.224089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.206107] ================================================================== [ 15.206166] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.206330] Write of size 2 at addr fff00000c6094b77 by task kunit_try_catch/173 [ 15.206415] [ 15.206451] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.206700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.206747] Hardware name: linux,dummy-virt (DT) [ 15.206847] Call trace: [ 15.206897] show_stack+0x20/0x38 (C) [ 15.206949] dump_stack_lvl+0x8c/0xd0 [ 15.207374] print_report+0x118/0x5d0 [ 15.207481] kasan_report+0xdc/0x128 [ 15.208055] kasan_check_range+0x100/0x1a8 [ 15.208234] __asan_memset+0x34/0x78 [ 15.208376] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.208464] kunit_try_run_case+0x170/0x3f0 [ 15.208576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.208632] kthread+0x328/0x630 [ 15.208682] ret_from_fork+0x10/0x20 [ 15.208758] [ 15.208797] Allocated by task 173: [ 15.209061] kasan_save_stack+0x3c/0x68 [ 15.209265] kasan_save_track+0x20/0x40 [ 15.209455] kasan_save_alloc_info+0x40/0x58 [ 15.209595] __kasan_kmalloc+0xd4/0xd8 [ 15.209681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.209813] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.209894] kunit_try_run_case+0x170/0x3f0 [ 15.210004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.210084] kthread+0x328/0x630 [ 15.210270] ret_from_fork+0x10/0x20 [ 15.210400] [ 15.210530] The buggy address belongs to the object at fff00000c6094b00 [ 15.210530] which belongs to the cache kmalloc-128 of size 128 [ 15.210627] The buggy address is located 119 bytes inside of [ 15.210627] allocated 120-byte region [fff00000c6094b00, fff00000c6094b78) [ 15.210768] [ 15.210841] The buggy address belongs to the physical page: [ 15.210873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.211276] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.211360] page_type: f5(slab) [ 15.211417] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.211512] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.211551] page dumped because: kasan: bad access detected [ 15.211617] [ 15.211962] Memory state around the buggy address: [ 15.212369] fff00000c6094a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.212465] fff00000c6094a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212509] >fff00000c6094b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.212811] ^ [ 15.212937] fff00000c6094b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212983] fff00000c6094c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.213023] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.193472] ================================================================== [ 15.193734] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.193918] Write of size 128 at addr fff00000c6094a00 by task kunit_try_catch/171 [ 15.193980] [ 15.194037] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.194140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.194167] Hardware name: linux,dummy-virt (DT) [ 15.194344] Call trace: [ 15.194371] show_stack+0x20/0x38 (C) [ 15.194620] dump_stack_lvl+0x8c/0xd0 [ 15.194688] print_report+0x118/0x5d0 [ 15.194835] kasan_report+0xdc/0x128 [ 15.194892] kasan_check_range+0x100/0x1a8 [ 15.195226] __asan_memset+0x34/0x78 [ 15.195292] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.195366] kunit_try_run_case+0x170/0x3f0 [ 15.195443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.195497] kthread+0x328/0x630 [ 15.195634] ret_from_fork+0x10/0x20 [ 15.195686] [ 15.195705] Allocated by task 171: [ 15.195733] kasan_save_stack+0x3c/0x68 [ 15.195780] kasan_save_track+0x20/0x40 [ 15.195816] kasan_save_alloc_info+0x40/0x58 [ 15.195915] __kasan_kmalloc+0xd4/0xd8 [ 15.195954] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.196009] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.196214] kunit_try_run_case+0x170/0x3f0 [ 15.196419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.196535] kthread+0x328/0x630 [ 15.196570] ret_from_fork+0x10/0x20 [ 15.196605] [ 15.196653] The buggy address belongs to the object at fff00000c6094a00 [ 15.196653] which belongs to the cache kmalloc-128 of size 128 [ 15.196724] The buggy address is located 0 bytes inside of [ 15.196724] allocated 120-byte region [fff00000c6094a00, fff00000c6094a78) [ 15.196792] [ 15.196813] The buggy address belongs to the physical page: [ 15.196851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 15.197238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.197408] page_type: f5(slab) [ 15.197457] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.197847] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.197915] page dumped because: kasan: bad access detected [ 15.198020] [ 15.198109] Memory state around the buggy address: [ 15.198236] fff00000c6094900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.198311] fff00000c6094980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198374] >fff00000c6094a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.198463] ^ [ 15.198531] fff00000c6094a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198583] fff00000c6094b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.175587] ================================================================== [ 15.175651] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.175891] Read of size 16 at addr fff00000c6086740 by task kunit_try_catch/169 [ 15.175957] [ 15.176074] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.176321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.176365] Hardware name: linux,dummy-virt (DT) [ 15.176534] Call trace: [ 15.176565] show_stack+0x20/0x38 (C) [ 15.176661] dump_stack_lvl+0x8c/0xd0 [ 15.176861] print_report+0x118/0x5d0 [ 15.176917] kasan_report+0xdc/0x128 [ 15.176962] __asan_report_load16_noabort+0x20/0x30 [ 15.177175] kmalloc_uaf_16+0x3bc/0x438 [ 15.177331] kunit_try_run_case+0x170/0x3f0 [ 15.177428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.177778] kthread+0x328/0x630 [ 15.177935] ret_from_fork+0x10/0x20 [ 15.178043] [ 15.178154] Allocated by task 169: [ 15.178240] kasan_save_stack+0x3c/0x68 [ 15.178372] kasan_save_track+0x20/0x40 [ 15.178500] kasan_save_alloc_info+0x40/0x58 [ 15.178571] __kasan_kmalloc+0xd4/0xd8 [ 15.178772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.178842] kmalloc_uaf_16+0x140/0x438 [ 15.178918] kunit_try_run_case+0x170/0x3f0 [ 15.178959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.179011] kthread+0x328/0x630 [ 15.179043] ret_from_fork+0x10/0x20 [ 15.179077] [ 15.179097] Freed by task 169: [ 15.179140] kasan_save_stack+0x3c/0x68 [ 15.179177] kasan_save_track+0x20/0x40 [ 15.179226] kasan_save_free_info+0x4c/0x78 [ 15.179274] __kasan_slab_free+0x6c/0x98 [ 15.179310] kfree+0x214/0x3c8 [ 15.179342] kmalloc_uaf_16+0x190/0x438 [ 15.179376] kunit_try_run_case+0x170/0x3f0 [ 15.179420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.179461] kthread+0x328/0x630 [ 15.179492] ret_from_fork+0x10/0x20 [ 15.179535] [ 15.179554] The buggy address belongs to the object at fff00000c6086740 [ 15.179554] which belongs to the cache kmalloc-16 of size 16 [ 15.179618] The buggy address is located 0 bytes inside of [ 15.179618] freed 16-byte region [fff00000c6086740, fff00000c6086750) [ 15.179677] [ 15.179697] The buggy address belongs to the physical page: [ 15.179738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 15.179791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.179838] page_type: f5(slab) [ 15.179876] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.179936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.179993] page dumped because: kasan: bad access detected [ 15.180024] [ 15.180042] Memory state around the buggy address: [ 15.180090] fff00000c6086600: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 15.180131] fff00000c6086680: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.180173] >fff00000c6086700: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 15.180504] ^ [ 15.180852] fff00000c6086780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181223] fff00000c6086800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.155998] ================================================================== [ 15.156069] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.156170] Write of size 16 at addr fff00000c60866e0 by task kunit_try_catch/167 [ 15.156233] [ 15.156265] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.156517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.156547] Hardware name: linux,dummy-virt (DT) [ 15.156580] Call trace: [ 15.156950] show_stack+0x20/0x38 (C) [ 15.157108] dump_stack_lvl+0x8c/0xd0 [ 15.157254] print_report+0x118/0x5d0 [ 15.157342] kasan_report+0xdc/0x128 [ 15.157466] __asan_report_store16_noabort+0x20/0x30 [ 15.157625] kmalloc_oob_16+0x3a0/0x3f8 [ 15.157713] kunit_try_run_case+0x170/0x3f0 [ 15.157896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.158249] kthread+0x328/0x630 [ 15.158335] ret_from_fork+0x10/0x20 [ 15.158442] [ 15.158538] Allocated by task 167: [ 15.158568] kasan_save_stack+0x3c/0x68 [ 15.158757] kasan_save_track+0x20/0x40 [ 15.158839] kasan_save_alloc_info+0x40/0x58 [ 15.159125] __kasan_kmalloc+0xd4/0xd8 [ 15.159171] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.159578] kmalloc_oob_16+0xb4/0x3f8 [ 15.159657] kunit_try_run_case+0x170/0x3f0 [ 15.159936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.160240] kthread+0x328/0x630 [ 15.160376] ret_from_fork+0x10/0x20 [ 15.160463] [ 15.160561] The buggy address belongs to the object at fff00000c60866e0 [ 15.160561] which belongs to the cache kmalloc-16 of size 16 [ 15.160619] The buggy address is located 0 bytes inside of [ 15.160619] allocated 13-byte region [fff00000c60866e0, fff00000c60866ed) [ 15.160813] [ 15.161153] The buggy address belongs to the physical page: [ 15.161283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 15.161577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.161696] page_type: f5(slab) [ 15.161785] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.161976] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.162178] page dumped because: kasan: bad access detected [ 15.162249] [ 15.162299] Memory state around the buggy address: [ 15.162389] fff00000c6086580: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.162469] fff00000c6086600: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 15.162726] >fff00000c6086680: 00 00 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.162839] ^ [ 15.162936] fff00000c6086700: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163066] fff00000c6086780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163120] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.128867] ================================================================== [ 15.129061] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.129452] Read of size 1 at addr fff00000c5f4b800 by task kunit_try_catch/165 [ 15.129533] [ 15.129939] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.130078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.130112] Hardware name: linux,dummy-virt (DT) [ 15.130145] Call trace: [ 15.130427] show_stack+0x20/0x38 (C) [ 15.130517] dump_stack_lvl+0x8c/0xd0 [ 15.130849] print_report+0x118/0x5d0 [ 15.131056] kasan_report+0xdc/0x128 [ 15.131219] __kasan_check_byte+0x54/0x70 [ 15.131314] krealloc_noprof+0x44/0x360 [ 15.131742] krealloc_uaf+0x180/0x520 [ 15.131892] kunit_try_run_case+0x170/0x3f0 [ 15.131995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.132086] kthread+0x328/0x630 [ 15.132491] ret_from_fork+0x10/0x20 [ 15.132620] [ 15.132688] Allocated by task 165: [ 15.132813] kasan_save_stack+0x3c/0x68 [ 15.133210] kasan_save_track+0x20/0x40 [ 15.133349] kasan_save_alloc_info+0x40/0x58 [ 15.133447] __kasan_kmalloc+0xd4/0xd8 [ 15.133590] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.133676] krealloc_uaf+0xc8/0x520 [ 15.133833] kunit_try_run_case+0x170/0x3f0 [ 15.134094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.134532] kthread+0x328/0x630 [ 15.134610] ret_from_fork+0x10/0x20 [ 15.134703] [ 15.134820] Freed by task 165: [ 15.134860] kasan_save_stack+0x3c/0x68 [ 15.135050] kasan_save_track+0x20/0x40 [ 15.135278] kasan_save_free_info+0x4c/0x78 [ 15.135349] __kasan_slab_free+0x6c/0x98 [ 15.135436] kfree+0x214/0x3c8 [ 15.135546] krealloc_uaf+0x12c/0x520 [ 15.135636] kunit_try_run_case+0x170/0x3f0 [ 15.135769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.135858] kthread+0x328/0x630 [ 15.135914] ret_from_fork+0x10/0x20 [ 15.136226] [ 15.136324] The buggy address belongs to the object at fff00000c5f4b800 [ 15.136324] which belongs to the cache kmalloc-256 of size 256 [ 15.136524] The buggy address is located 0 bytes inside of [ 15.136524] freed 256-byte region [fff00000c5f4b800, fff00000c5f4b900) [ 15.136696] [ 15.136826] The buggy address belongs to the physical page: [ 15.136916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.136973] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.137471] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.137576] page_type: f5(slab) [ 15.137642] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.137772] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.137874] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.138246] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.138436] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.138515] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.138713] page dumped because: kasan: bad access detected [ 15.138912] [ 15.138954] Memory state around the buggy address: [ 15.139050] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139147] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139304] >fff00000c5f4b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.139413] ^ [ 15.139443] fff00000c5f4b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.139500] fff00000c5f4b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139829] ================================================================== [ 15.142452] ================================================================== [ 15.142858] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.142933] Read of size 1 at addr fff00000c5f4b800 by task kunit_try_catch/165 [ 15.142991] [ 15.143097] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.143317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143367] Hardware name: linux,dummy-virt (DT) [ 15.143414] Call trace: [ 15.143450] show_stack+0x20/0x38 (C) [ 15.143505] dump_stack_lvl+0x8c/0xd0 [ 15.143551] print_report+0x118/0x5d0 [ 15.143597] kasan_report+0xdc/0x128 [ 15.143788] __asan_report_load1_noabort+0x20/0x30 [ 15.144080] krealloc_uaf+0x4c8/0x520 [ 15.144202] kunit_try_run_case+0x170/0x3f0 [ 15.144254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.144316] kthread+0x328/0x630 [ 15.144358] ret_from_fork+0x10/0x20 [ 15.144412] [ 15.144431] Allocated by task 165: [ 15.144458] kasan_save_stack+0x3c/0x68 [ 15.144498] kasan_save_track+0x20/0x40 [ 15.144543] kasan_save_alloc_info+0x40/0x58 [ 15.144591] __kasan_kmalloc+0xd4/0xd8 [ 15.144634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.144672] krealloc_uaf+0xc8/0x520 [ 15.144705] kunit_try_run_case+0x170/0x3f0 [ 15.144741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.144787] kthread+0x328/0x630 [ 15.144826] ret_from_fork+0x10/0x20 [ 15.144861] [ 15.144908] Freed by task 165: [ 15.145095] kasan_save_stack+0x3c/0x68 [ 15.145392] kasan_save_track+0x20/0x40 [ 15.145469] kasan_save_free_info+0x4c/0x78 [ 15.145510] __kasan_slab_free+0x6c/0x98 [ 15.145865] kfree+0x214/0x3c8 [ 15.145909] krealloc_uaf+0x12c/0x520 [ 15.145944] kunit_try_run_case+0x170/0x3f0 [ 15.145981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.146023] kthread+0x328/0x630 [ 15.146054] ret_from_fork+0x10/0x20 [ 15.146089] [ 15.146108] The buggy address belongs to the object at fff00000c5f4b800 [ 15.146108] which belongs to the cache kmalloc-256 of size 256 [ 15.146164] The buggy address is located 0 bytes inside of [ 15.146164] freed 256-byte region [fff00000c5f4b800, fff00000c5f4b900) [ 15.146234] [ 15.146253] The buggy address belongs to the physical page: [ 15.146282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.146332] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.146376] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.146425] page_type: f5(slab) [ 15.146461] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.146509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.146558] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.146604] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.146651] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.146697] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.146736] page dumped because: kasan: bad access detected [ 15.146766] [ 15.146784] Memory state around the buggy address: [ 15.146814] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146857] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146897] >fff00000c5f4b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.146933] ^ [ 15.146960] fff00000c5f4b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.147000] fff00000c5f4b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.033655] ================================================================== [ 15.033703] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.033752] Write of size 1 at addr fff00000c5f4b6d0 by task kunit_try_catch/159 [ 15.033801] [ 15.033829] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.033907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.034108] Hardware name: linux,dummy-virt (DT) [ 15.034356] Call trace: [ 15.034382] show_stack+0x20/0x38 (C) [ 15.034461] dump_stack_lvl+0x8c/0xd0 [ 15.034676] print_report+0x118/0x5d0 [ 15.034861] kasan_report+0xdc/0x128 [ 15.034945] __asan_report_store1_noabort+0x20/0x30 [ 15.034999] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.035116] krealloc_less_oob+0x20/0x38 [ 15.035181] kunit_try_run_case+0x170/0x3f0 [ 15.035327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.035489] kthread+0x328/0x630 [ 15.035544] ret_from_fork+0x10/0x20 [ 15.035591] [ 15.035609] Allocated by task 159: [ 15.035637] kasan_save_stack+0x3c/0x68 [ 15.035698] kasan_save_track+0x20/0x40 [ 15.035738] kasan_save_alloc_info+0x40/0x58 [ 15.035790] __kasan_krealloc+0x118/0x178 [ 15.035827] krealloc_noprof+0x128/0x360 [ 15.035863] krealloc_less_oob_helper+0x168/0xc50 [ 15.035900] krealloc_less_oob+0x20/0x38 [ 15.035935] kunit_try_run_case+0x170/0x3f0 [ 15.035971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.036012] kthread+0x328/0x630 [ 15.036043] ret_from_fork+0x10/0x20 [ 15.036077] [ 15.036096] The buggy address belongs to the object at fff00000c5f4b600 [ 15.036096] which belongs to the cache kmalloc-256 of size 256 [ 15.036150] The buggy address is located 7 bytes to the right of [ 15.036150] allocated 201-byte region [fff00000c5f4b600, fff00000c5f4b6c9) [ 15.036524] [ 15.036549] The buggy address belongs to the physical page: [ 15.036580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.036860] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.037239] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.037359] page_type: f5(slab) [ 15.037406] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.037536] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.037588] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.037635] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.037859] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.038047] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.038138] page dumped because: kasan: bad access detected [ 15.038242] [ 15.038304] Memory state around the buggy address: [ 15.038374] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038738] fff00000c5f4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.038804] >fff00000c5f4b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.038857] ^ [ 15.038910] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039120] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039307] ================================================================== [ 15.116132] ================================================================== [ 15.116177] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.116248] Write of size 1 at addr fff00000c769e0eb by task kunit_try_catch/163 [ 15.116307] [ 15.116359] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.116446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.116473] Hardware name: linux,dummy-virt (DT) [ 15.116512] Call trace: [ 15.116543] show_stack+0x20/0x38 (C) [ 15.116700] dump_stack_lvl+0x8c/0xd0 [ 15.116990] print_report+0x118/0x5d0 [ 15.117123] kasan_report+0xdc/0x128 [ 15.117286] __asan_report_store1_noabort+0x20/0x30 [ 15.117484] krealloc_less_oob_helper+0xa58/0xc50 [ 15.117565] krealloc_large_less_oob+0x20/0x38 [ 15.117652] kunit_try_run_case+0x170/0x3f0 [ 15.117712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.117784] kthread+0x328/0x630 [ 15.118177] ret_from_fork+0x10/0x20 [ 15.118351] [ 15.118413] The buggy address belongs to the physical page: [ 15.118451] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.118881] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.118974] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.119084] page_type: f8(unknown) [ 15.119141] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.119398] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.119687] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.119967] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.120020] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.120512] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.120595] page dumped because: kasan: bad access detected [ 15.120951] [ 15.121015] Memory state around the buggy address: [ 15.121109] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.121488] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.121566] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.121663] ^ [ 15.121742] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.121791] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.122086] ================================================================== [ 15.050481] ================================================================== [ 15.050526] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.050572] Write of size 1 at addr fff00000c5f4b6ea by task kunit_try_catch/159 [ 15.050761] [ 15.050803] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.050882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.050909] Hardware name: linux,dummy-virt (DT) [ 15.050962] Call trace: [ 15.050985] show_stack+0x20/0x38 (C) [ 15.051035] dump_stack_lvl+0x8c/0xd0 [ 15.051082] print_report+0x118/0x5d0 [ 15.051127] kasan_report+0xdc/0x128 [ 15.051176] __asan_report_store1_noabort+0x20/0x30 [ 15.051241] krealloc_less_oob_helper+0xae4/0xc50 [ 15.051288] krealloc_less_oob+0x20/0x38 [ 15.051333] kunit_try_run_case+0x170/0x3f0 [ 15.051379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.051430] kthread+0x328/0x630 [ 15.051471] ret_from_fork+0x10/0x20 [ 15.051517] [ 15.051536] Allocated by task 159: [ 15.051563] kasan_save_stack+0x3c/0x68 [ 15.051602] kasan_save_track+0x20/0x40 [ 15.051639] kasan_save_alloc_info+0x40/0x58 [ 15.051677] __kasan_krealloc+0x118/0x178 [ 15.051713] krealloc_noprof+0x128/0x360 [ 15.051749] krealloc_less_oob_helper+0x168/0xc50 [ 15.051787] krealloc_less_oob+0x20/0x38 [ 15.051822] kunit_try_run_case+0x170/0x3f0 [ 15.051859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.051900] kthread+0x328/0x630 [ 15.051942] ret_from_fork+0x10/0x20 [ 15.051978] [ 15.051996] The buggy address belongs to the object at fff00000c5f4b600 [ 15.051996] which belongs to the cache kmalloc-256 of size 256 [ 15.052059] The buggy address is located 33 bytes to the right of [ 15.052059] allocated 201-byte region [fff00000c5f4b600, fff00000c5f4b6c9) [ 15.052123] [ 15.052143] The buggy address belongs to the physical page: [ 15.052171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.053089] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.053199] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.053271] page_type: f5(slab) [ 15.053493] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.053667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.053739] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.054103] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.054164] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.054297] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.054392] page dumped because: kasan: bad access detected [ 15.054424] [ 15.054727] Memory state around the buggy address: [ 15.054789] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.054858] fff00000c5f4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.054924] >fff00000c5f4b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.055023] ^ [ 15.055147] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.055200] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.055260] ================================================================== [ 15.104653] ================================================================== [ 15.104757] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.104856] Write of size 1 at addr fff00000c769e0da by task kunit_try_catch/163 [ 15.105065] [ 15.105124] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.105320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.105542] Hardware name: linux,dummy-virt (DT) [ 15.105720] Call trace: [ 15.105792] show_stack+0x20/0x38 (C) [ 15.105899] dump_stack_lvl+0x8c/0xd0 [ 15.106054] print_report+0x118/0x5d0 [ 15.106101] kasan_report+0xdc/0x128 [ 15.106433] __asan_report_store1_noabort+0x20/0x30 [ 15.106627] krealloc_less_oob_helper+0xa80/0xc50 [ 15.106809] krealloc_large_less_oob+0x20/0x38 [ 15.106894] kunit_try_run_case+0x170/0x3f0 [ 15.107002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.107381] kthread+0x328/0x630 [ 15.107480] ret_from_fork+0x10/0x20 [ 15.107598] [ 15.107688] The buggy address belongs to the physical page: [ 15.107736] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.107924] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.107990] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.108091] page_type: f8(unknown) [ 15.108447] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.108681] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.108762] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.108907] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.109225] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.109294] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.109542] page dumped because: kasan: bad access detected [ 15.109609] [ 15.109685] Memory state around the buggy address: [ 15.109797] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.109869] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.109918] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.109955] ^ [ 15.110291] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.110442] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.110529] ================================================================== [ 15.091950] ================================================================== [ 15.092004] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.092056] Write of size 1 at addr fff00000c769e0c9 by task kunit_try_catch/163 [ 15.092248] [ 15.092293] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.092635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092911] Hardware name: linux,dummy-virt (DT) [ 15.093051] Call trace: [ 15.093133] show_stack+0x20/0x38 (C) [ 15.093200] dump_stack_lvl+0x8c/0xd0 [ 15.093274] print_report+0x118/0x5d0 [ 15.093321] kasan_report+0xdc/0x128 [ 15.093637] __asan_report_store1_noabort+0x20/0x30 [ 15.093862] krealloc_less_oob_helper+0xa48/0xc50 [ 15.093997] krealloc_large_less_oob+0x20/0x38 [ 15.094081] kunit_try_run_case+0x170/0x3f0 [ 15.094290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.094556] kthread+0x328/0x630 [ 15.094627] ret_from_fork+0x10/0x20 [ 15.094777] [ 15.094800] The buggy address belongs to the physical page: [ 15.094831] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.095207] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.095284] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.095689] page_type: f8(unknown) [ 15.095748] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.095835] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.095953] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.096119] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.096200] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.096841] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.096947] page dumped because: kasan: bad access detected [ 15.097086] [ 15.097125] Memory state around the buggy address: [ 15.097159] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.097527] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.097925] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.097995] ^ [ 15.098086] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.098223] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.098333] ================================================================== [ 15.100119] ================================================================== [ 15.100165] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.100382] Write of size 1 at addr fff00000c769e0d0 by task kunit_try_catch/163 [ 15.100560] [ 15.100665] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.100748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.100774] Hardware name: linux,dummy-virt (DT) [ 15.100820] Call trace: [ 15.100886] show_stack+0x20/0x38 (C) [ 15.101082] dump_stack_lvl+0x8c/0xd0 [ 15.101130] print_report+0x118/0x5d0 [ 15.101526] kasan_report+0xdc/0x128 [ 15.101621] __asan_report_store1_noabort+0x20/0x30 [ 15.101720] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.101865] krealloc_large_less_oob+0x20/0x38 [ 15.102060] kunit_try_run_case+0x170/0x3f0 [ 15.102161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.102264] kthread+0x328/0x630 [ 15.102309] ret_from_fork+0x10/0x20 [ 15.102362] [ 15.102388] The buggy address belongs to the physical page: [ 15.102436] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.102488] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.102534] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.102584] page_type: f8(unknown) [ 15.102627] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.102677] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.102726] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.102782] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.102833] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.102890] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.102937] page dumped because: kasan: bad access detected [ 15.102976] [ 15.102995] Memory state around the buggy address: [ 15.103034] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.103076] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.103125] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.103160] ^ [ 15.103392] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.103464] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.103895] ================================================================== [ 15.041704] ================================================================== [ 15.041842] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.042001] Write of size 1 at addr fff00000c5f4b6da by task kunit_try_catch/159 [ 15.042076] [ 15.042113] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.042275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.042331] Hardware name: linux,dummy-virt (DT) [ 15.042363] Call trace: [ 15.042395] show_stack+0x20/0x38 (C) [ 15.042602] dump_stack_lvl+0x8c/0xd0 [ 15.042801] print_report+0x118/0x5d0 [ 15.043017] kasan_report+0xdc/0x128 [ 15.043244] __asan_report_store1_noabort+0x20/0x30 [ 15.043377] krealloc_less_oob_helper+0xa80/0xc50 [ 15.043445] krealloc_less_oob+0x20/0x38 [ 15.043498] kunit_try_run_case+0x170/0x3f0 [ 15.043621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.043677] kthread+0x328/0x630 [ 15.043732] ret_from_fork+0x10/0x20 [ 15.043786] [ 15.043804] Allocated by task 159: [ 15.043832] kasan_save_stack+0x3c/0x68 [ 15.044155] kasan_save_track+0x20/0x40 [ 15.044450] kasan_save_alloc_info+0x40/0x58 [ 15.044637] __kasan_krealloc+0x118/0x178 [ 15.044686] krealloc_noprof+0x128/0x360 [ 15.044733] krealloc_less_oob_helper+0x168/0xc50 [ 15.044824] krealloc_less_oob+0x20/0x38 [ 15.044941] kunit_try_run_case+0x170/0x3f0 [ 15.045039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.045197] kthread+0x328/0x630 [ 15.045243] ret_from_fork+0x10/0x20 [ 15.045281] [ 15.045328] The buggy address belongs to the object at fff00000c5f4b600 [ 15.045328] which belongs to the cache kmalloc-256 of size 256 [ 15.045735] The buggy address is located 17 bytes to the right of [ 15.045735] allocated 201-byte region [fff00000c5f4b600, fff00000c5f4b6c9) [ 15.046225] [ 15.046261] The buggy address belongs to the physical page: [ 15.046319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.046676] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.046759] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.046839] page_type: f5(slab) [ 15.046900] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.046953] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.047126] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.047415] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.047842] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.048253] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.048338] page dumped because: kasan: bad access detected [ 15.048440] [ 15.048513] Memory state around the buggy address: [ 15.048591] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.048919] fff00000c5f4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.049335] >fff00000c5f4b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.049449] ^ [ 15.049542] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.049670] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.049746] ================================================================== [ 15.111584] ================================================================== [ 15.111630] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.111675] Write of size 1 at addr fff00000c769e0ea by task kunit_try_catch/163 [ 15.111771] [ 15.111849] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.112225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.112268] Hardware name: linux,dummy-virt (DT) [ 15.112352] Call trace: [ 15.112412] show_stack+0x20/0x38 (C) [ 15.112464] dump_stack_lvl+0x8c/0xd0 [ 15.112586] print_report+0x118/0x5d0 [ 15.112651] kasan_report+0xdc/0x128 [ 15.112899] __asan_report_store1_noabort+0x20/0x30 [ 15.112974] krealloc_less_oob_helper+0xae4/0xc50 [ 15.113153] krealloc_large_less_oob+0x20/0x38 [ 15.113321] kunit_try_run_case+0x170/0x3f0 [ 15.113381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.113448] kthread+0x328/0x630 [ 15.113535] ret_from_fork+0x10/0x20 [ 15.113584] [ 15.113626] The buggy address belongs to the physical page: [ 15.113656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.113717] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.113762] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.113816] page_type: f8(unknown) [ 15.113863] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.113923] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.113972] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.114021] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.114069] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.114125] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.114176] page dumped because: kasan: bad access detected [ 15.114222] [ 15.114240] Memory state around the buggy address: [ 15.114270] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.114328] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.114383] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.114420] ^ [ 15.114464] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.114511] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.114560] ================================================================== [ 15.055989] ================================================================== [ 15.056100] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.056152] Write of size 1 at addr fff00000c5f4b6eb by task kunit_try_catch/159 [ 15.056366] [ 15.056486] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.056850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.057088] Hardware name: linux,dummy-virt (DT) [ 15.057391] Call trace: [ 15.057456] show_stack+0x20/0x38 (C) [ 15.057573] dump_stack_lvl+0x8c/0xd0 [ 15.057638] print_report+0x118/0x5d0 [ 15.057871] kasan_report+0xdc/0x128 [ 15.058063] __asan_report_store1_noabort+0x20/0x30 [ 15.058149] krealloc_less_oob_helper+0xa58/0xc50 [ 15.058224] krealloc_less_oob+0x20/0x38 [ 15.058625] kunit_try_run_case+0x170/0x3f0 [ 15.058730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.058791] kthread+0x328/0x630 [ 15.059151] ret_from_fork+0x10/0x20 [ 15.059322] [ 15.059363] Allocated by task 159: [ 15.059398] kasan_save_stack+0x3c/0x68 [ 15.059782] kasan_save_track+0x20/0x40 [ 15.059855] kasan_save_alloc_info+0x40/0x58 [ 15.059999] __kasan_krealloc+0x118/0x178 [ 15.060097] krealloc_noprof+0x128/0x360 [ 15.060136] krealloc_less_oob_helper+0x168/0xc50 [ 15.060471] krealloc_less_oob+0x20/0x38 [ 15.060556] kunit_try_run_case+0x170/0x3f0 [ 15.060708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.060804] kthread+0x328/0x630 [ 15.061210] ret_from_fork+0x10/0x20 [ 15.061329] [ 15.061381] The buggy address belongs to the object at fff00000c5f4b600 [ 15.061381] which belongs to the cache kmalloc-256 of size 256 [ 15.061467] The buggy address is located 34 bytes to the right of [ 15.061467] allocated 201-byte region [fff00000c5f4b600, fff00000c5f4b6c9) [ 15.061856] [ 15.061900] The buggy address belongs to the physical page: [ 15.061966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.062085] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.062166] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.062298] page_type: f5(slab) [ 15.062336] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.062694] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.062769] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.063079] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.063178] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.063568] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.063635] page dumped because: kasan: bad access detected [ 15.063993] [ 15.064114] Memory state around the buggy address: [ 15.064162] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.064245] fff00000c5f4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.064334] >fff00000c5f4b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.064416] ^ [ 15.064492] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.064864] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.065006] ================================================================== [ 15.024276] ================================================================== [ 15.024413] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.024471] Write of size 1 at addr fff00000c5f4b6c9 by task kunit_try_catch/159 [ 15.024675] [ 15.024767] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.024997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025078] Hardware name: linux,dummy-virt (DT) [ 15.025138] Call trace: [ 15.025243] show_stack+0x20/0x38 (C) [ 15.025347] dump_stack_lvl+0x8c/0xd0 [ 15.025640] print_report+0x118/0x5d0 [ 15.025825] kasan_report+0xdc/0x128 [ 15.025948] __asan_report_store1_noabort+0x20/0x30 [ 15.026020] krealloc_less_oob_helper+0xa48/0xc50 [ 15.026345] krealloc_less_oob+0x20/0x38 [ 15.026430] kunit_try_run_case+0x170/0x3f0 [ 15.026504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.026649] kthread+0x328/0x630 [ 15.026749] ret_from_fork+0x10/0x20 [ 15.026914] [ 15.026984] Allocated by task 159: [ 15.027300] kasan_save_stack+0x3c/0x68 [ 15.027486] kasan_save_track+0x20/0x40 [ 15.027578] kasan_save_alloc_info+0x40/0x58 [ 15.027666] __kasan_krealloc+0x118/0x178 [ 15.027826] krealloc_noprof+0x128/0x360 [ 15.027911] krealloc_less_oob_helper+0x168/0xc50 [ 15.028133] krealloc_less_oob+0x20/0x38 [ 15.028183] kunit_try_run_case+0x170/0x3f0 [ 15.028346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.028674] kthread+0x328/0x630 [ 15.028815] ret_from_fork+0x10/0x20 [ 15.028962] [ 15.028985] The buggy address belongs to the object at fff00000c5f4b600 [ 15.028985] which belongs to the cache kmalloc-256 of size 256 [ 15.029062] The buggy address is located 0 bytes to the right of [ 15.029062] allocated 201-byte region [fff00000c5f4b600, fff00000c5f4b6c9) [ 15.029484] [ 15.029641] The buggy address belongs to the physical page: [ 15.029722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.029849] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.029909] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.029996] page_type: f5(slab) [ 15.030122] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.030200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.030577] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.030652] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.030806] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.030914] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.031058] page dumped because: kasan: bad access detected [ 15.031109] [ 15.031134] Memory state around the buggy address: [ 15.031504] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.031560] fff00000c5f4b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.031720] >fff00000c5f4b680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.031847] ^ [ 15.031904] fff00000c5f4b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.031951] fff00000c5f4b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032011] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.007875] ================================================================== [ 15.008717] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.008787] Write of size 1 at addr fff00000c5f4b4f0 by task kunit_try_catch/157 [ 15.008847] [ 15.008920] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.009220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.009898] Hardware name: linux,dummy-virt (DT) [ 15.010199] Call trace: [ 15.010232] show_stack+0x20/0x38 (C) [ 15.010284] dump_stack_lvl+0x8c/0xd0 [ 15.010355] print_report+0x118/0x5d0 [ 15.010426] kasan_report+0xdc/0x128 [ 15.010472] __asan_report_store1_noabort+0x20/0x30 [ 15.010522] krealloc_more_oob_helper+0x5c0/0x678 [ 15.010585] krealloc_more_oob+0x20/0x38 [ 15.010630] kunit_try_run_case+0x170/0x3f0 [ 15.010676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.010728] kthread+0x328/0x630 [ 15.010775] ret_from_fork+0x10/0x20 [ 15.010848] [ 15.010868] Allocated by task 157: [ 15.010895] kasan_save_stack+0x3c/0x68 [ 15.010945] kasan_save_track+0x20/0x40 [ 15.010992] kasan_save_alloc_info+0x40/0x58 [ 15.011034] __kasan_krealloc+0x118/0x178 [ 15.011079] krealloc_noprof+0x128/0x360 [ 15.011117] krealloc_more_oob_helper+0x168/0x678 [ 15.011167] krealloc_more_oob+0x20/0x38 [ 15.011223] kunit_try_run_case+0x170/0x3f0 [ 15.011261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.011302] kthread+0x328/0x630 [ 15.011335] ret_from_fork+0x10/0x20 [ 15.011376] [ 15.011395] The buggy address belongs to the object at fff00000c5f4b400 [ 15.011395] which belongs to the cache kmalloc-256 of size 256 [ 15.011452] The buggy address is located 5 bytes to the right of [ 15.011452] allocated 235-byte region [fff00000c5f4b400, fff00000c5f4b4eb) [ 15.011512] [ 15.011532] The buggy address belongs to the physical page: [ 15.011561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.011628] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.011682] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.011741] page_type: f5(slab) [ 15.011783] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.011841] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.011889] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.011935] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.011982] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.012029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.012067] page dumped because: kasan: bad access detected [ 15.012111] [ 15.012130] Memory state around the buggy address: [ 15.012161] fff00000c5f4b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.012677] fff00000c5f4b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.013231] >fff00000c5f4b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.013275] ^ [ 15.013314] fff00000c5f4b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013542] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013641] ================================================================== [ 14.998563] ================================================================== [ 14.998810] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 14.998905] Write of size 1 at addr fff00000c5f4b4eb by task kunit_try_catch/157 [ 14.999202] [ 14.999241] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.999455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.999483] Hardware name: linux,dummy-virt (DT) [ 14.999573] Call trace: [ 14.999597] show_stack+0x20/0x38 (C) [ 14.999679] dump_stack_lvl+0x8c/0xd0 [ 14.999733] print_report+0x118/0x5d0 [ 14.999778] kasan_report+0xdc/0x128 [ 14.999823] __asan_report_store1_noabort+0x20/0x30 [ 14.999873] krealloc_more_oob_helper+0x60c/0x678 [ 15.000166] krealloc_more_oob+0x20/0x38 [ 15.000668] kunit_try_run_case+0x170/0x3f0 [ 15.000774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.000841] kthread+0x328/0x630 [ 15.000960] ret_from_fork+0x10/0x20 [ 15.001205] [ 15.001274] Allocated by task 157: [ 15.001390] kasan_save_stack+0x3c/0x68 [ 15.001434] kasan_save_track+0x20/0x40 [ 15.001490] kasan_save_alloc_info+0x40/0x58 [ 15.001561] __kasan_krealloc+0x118/0x178 [ 15.002004] krealloc_noprof+0x128/0x360 [ 15.002163] krealloc_more_oob_helper+0x168/0x678 [ 15.002333] krealloc_more_oob+0x20/0x38 [ 15.002426] kunit_try_run_case+0x170/0x3f0 [ 15.002464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.002792] kthread+0x328/0x630 [ 15.002862] ret_from_fork+0x10/0x20 [ 15.003035] [ 15.003104] The buggy address belongs to the object at fff00000c5f4b400 [ 15.003104] which belongs to the cache kmalloc-256 of size 256 [ 15.003263] The buggy address is located 0 bytes to the right of [ 15.003263] allocated 235-byte region [fff00000c5f4b400, fff00000c5f4b4eb) [ 15.003357] [ 15.003395] The buggy address belongs to the physical page: [ 15.003428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f4a [ 15.003879] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.003984] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.004071] page_type: f5(slab) [ 15.004406] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.004630] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.004718] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.004860] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.005126] head: 0bfffe0000000001 ffffc1ffc317d281 00000000ffffffff 00000000ffffffff [ 15.005422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.005506] page dumped because: kasan: bad access detected [ 15.005659] [ 15.005724] Memory state around the buggy address: [ 15.005860] fff00000c5f4b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.005946] fff00000c5f4b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.006073] >fff00000c5f4b480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.006127] ^ [ 15.006206] fff00000c5f4b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.006767] fff00000c5f4b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.006851] ================================================================== [ 15.080510] ================================================================== [ 15.080556] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.080602] Write of size 1 at addr fff00000c769e0f0 by task kunit_try_catch/161 [ 15.081166] [ 15.081253] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.081750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.081785] Hardware name: linux,dummy-virt (DT) [ 15.081815] Call trace: [ 15.082244] show_stack+0x20/0x38 (C) [ 15.082497] dump_stack_lvl+0x8c/0xd0 [ 15.082570] print_report+0x118/0x5d0 [ 15.082617] kasan_report+0xdc/0x128 [ 15.082662] __asan_report_store1_noabort+0x20/0x30 [ 15.082713] krealloc_more_oob_helper+0x5c0/0x678 [ 15.082771] krealloc_large_more_oob+0x20/0x38 [ 15.082834] kunit_try_run_case+0x170/0x3f0 [ 15.082880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.082932] kthread+0x328/0x630 [ 15.082973] ret_from_fork+0x10/0x20 [ 15.083033] [ 15.083070] The buggy address belongs to the physical page: [ 15.083106] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.083157] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.083233] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.083290] page_type: f8(unknown) [ 15.083328] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.083376] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.083434] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.083489] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.083543] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.083608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.083647] page dumped because: kasan: bad access detected [ 15.083677] [ 15.083696] Memory state around the buggy address: [ 15.083726] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.083767] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.083808] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.083853] ^ [ 15.083906] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.083946] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.083991] ================================================================== [ 15.071945] ================================================================== [ 15.072006] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.072397] Write of size 1 at addr fff00000c769e0eb by task kunit_try_catch/161 [ 15.072729] [ 15.072857] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.073100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.073127] Hardware name: linux,dummy-virt (DT) [ 15.073195] Call trace: [ 15.073218] show_stack+0x20/0x38 (C) [ 15.073478] dump_stack_lvl+0x8c/0xd0 [ 15.073685] print_report+0x118/0x5d0 [ 15.073806] kasan_report+0xdc/0x128 [ 15.073955] __asan_report_store1_noabort+0x20/0x30 [ 15.074046] krealloc_more_oob_helper+0x60c/0x678 [ 15.074410] krealloc_large_more_oob+0x20/0x38 [ 15.074554] kunit_try_run_case+0x170/0x3f0 [ 15.074689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.074768] kthread+0x328/0x630 [ 15.074894] ret_from_fork+0x10/0x20 [ 15.075020] [ 15.075096] The buggy address belongs to the physical page: [ 15.075127] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769c [ 15.075458] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.075766] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.075934] page_type: f8(unknown) [ 15.075992] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.076066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.076477] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.076584] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.076682] head: 0bfffe0000000002 ffffc1ffc31da701 00000000ffffffff 00000000ffffffff [ 15.076825] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.076990] page dumped because: kasan: bad access detected [ 15.077052] [ 15.077071] Memory state around the buggy address: [ 15.077125] fff00000c769df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.077505] fff00000c769e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.077607] >fff00000c769e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.077706] ^ [ 15.077892] fff00000c769e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.078045] fff00000c769e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.078085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 14.985969] ================================================================== [ 14.986762] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 14.986960] Read of size 1 at addr fff00000c7730000 by task kunit_try_catch/155 [ 14.987031] [ 14.987080] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.987426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.987471] Hardware name: linux,dummy-virt (DT) [ 14.987512] Call trace: [ 14.987535] show_stack+0x20/0x38 (C) [ 14.987588] dump_stack_lvl+0x8c/0xd0 [ 14.987634] print_report+0x118/0x5d0 [ 14.987680] kasan_report+0xdc/0x128 [ 14.987724] __asan_report_load1_noabort+0x20/0x30 [ 14.988038] page_alloc_uaf+0x328/0x350 [ 14.988410] kunit_try_run_case+0x170/0x3f0 [ 14.988538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.988596] kthread+0x328/0x630 [ 14.988639] ret_from_fork+0x10/0x20 [ 14.988890] [ 14.988920] The buggy address belongs to the physical page: [ 14.988978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 14.989035] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.989176] page_type: f0(buddy) [ 14.989228] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 14.989432] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 14.989617] page dumped because: kasan: bad access detected [ 14.989684] [ 14.989787] Memory state around the buggy address: [ 14.989856] fff00000c772ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.989919] fff00000c772ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.990291] >fff00000c7730000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.990387] ^ [ 14.990417] fff00000c7730080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.990735] fff00000c7730100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.990849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 14.963891] ================================================================== [ 14.964021] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 14.964163] Free of addr fff00000c7698001 by task kunit_try_catch/151 [ 14.964223] [ 14.964287] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.964367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.964392] Hardware name: linux,dummy-virt (DT) [ 14.964665] Call trace: [ 14.964801] show_stack+0x20/0x38 (C) [ 14.964863] dump_stack_lvl+0x8c/0xd0 [ 14.965033] print_report+0x118/0x5d0 [ 14.965238] kasan_report_invalid_free+0xc0/0xe8 [ 14.965313] __kasan_kfree_large+0x5c/0xa8 [ 14.965639] free_large_kmalloc+0x64/0x190 [ 14.965705] kfree+0x270/0x3c8 [ 14.965746] kmalloc_large_invalid_free+0x108/0x270 [ 14.965804] kunit_try_run_case+0x170/0x3f0 [ 14.965857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.965924] kthread+0x328/0x630 [ 14.965974] ret_from_fork+0x10/0x20 [ 14.966055] [ 14.966077] The buggy address belongs to the physical page: [ 14.966110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107698 [ 14.966161] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.966244] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.966294] page_type: f8(unknown) [ 14.966334] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.966382] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.966439] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.966487] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.966534] head: 0bfffe0000000002 ffffc1ffc31da601 00000000ffffffff 00000000ffffffff [ 14.966590] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.966630] page dumped because: kasan: bad access detected [ 14.966670] [ 14.966703] Memory state around the buggy address: [ 14.966742] fff00000c7697f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.966785] fff00000c7697f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.966825] >fff00000c7698000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.966861] ^ [ 14.966888] fff00000c7698080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.966928] fff00000c7698100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.967003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 14.950629] ================================================================== [ 14.950690] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 14.950740] Read of size 1 at addr fff00000c7698000 by task kunit_try_catch/149 [ 14.950787] [ 14.950835] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.950915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.950941] Hardware name: linux,dummy-virt (DT) [ 14.950976] Call trace: [ 14.950999] show_stack+0x20/0x38 (C) [ 14.951046] dump_stack_lvl+0x8c/0xd0 [ 14.951090] print_report+0x118/0x5d0 [ 14.951135] kasan_report+0xdc/0x128 [ 14.952163] __asan_report_load1_noabort+0x20/0x30 [ 14.952278] kmalloc_large_uaf+0x2cc/0x2f8 [ 14.952371] kunit_try_run_case+0x170/0x3f0 [ 14.952457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.952510] kthread+0x328/0x630 [ 14.952626] ret_from_fork+0x10/0x20 [ 14.952679] [ 14.952700] The buggy address belongs to the physical page: [ 14.952730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107698 [ 14.952911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.953315] raw: 0bfffe0000000000 ffffc1ffc31da708 fff00000da478c40 0000000000000000 [ 14.953410] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.953460] page dumped because: kasan: bad access detected [ 14.953582] [ 14.953880] Memory state around the buggy address: [ 14.953960] fff00000c7697f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.954018] fff00000c7697f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.954068] >fff00000c7698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.954172] ^ [ 14.954231] fff00000c7698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.954278] fff00000c7698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.954417] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 14.938838] ================================================================== [ 14.939200] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 14.939328] Write of size 1 at addr fff00000c769a00a by task kunit_try_catch/147 [ 14.939382] [ 14.939442] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.939553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.939579] Hardware name: linux,dummy-virt (DT) [ 14.939609] Call trace: [ 14.939648] show_stack+0x20/0x38 (C) [ 14.939829] dump_stack_lvl+0x8c/0xd0 [ 14.939895] print_report+0x118/0x5d0 [ 14.940030] kasan_report+0xdc/0x128 [ 14.940124] __asan_report_store1_noabort+0x20/0x30 [ 14.940184] kmalloc_large_oob_right+0x278/0x2b8 [ 14.940242] kunit_try_run_case+0x170/0x3f0 [ 14.940287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.940348] kthread+0x328/0x630 [ 14.940398] ret_from_fork+0x10/0x20 [ 14.940445] [ 14.940491] The buggy address belongs to the physical page: [ 14.940523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107698 [ 14.940584] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.940629] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.940684] page_type: f8(unknown) [ 14.940721] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.940775] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.940824] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.940870] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.941373] head: 0bfffe0000000002 ffffc1ffc31da601 00000000ffffffff 00000000ffffffff [ 14.941422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.941719] page dumped because: kasan: bad access detected [ 14.942155] [ 14.942201] Memory state around the buggy address: [ 14.942254] fff00000c7699f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.942323] fff00000c7699f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.942375] >fff00000c769a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.942483] ^ [ 14.942549] fff00000c769a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.942858] fff00000c769a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.942922] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 14.923704] ================================================================== [ 14.923779] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 14.923834] Write of size 1 at addr fff00000c64a5f00 by task kunit_try_catch/145 [ 14.923955] [ 14.923991] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.924086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.924250] Hardware name: linux,dummy-virt (DT) [ 14.924284] Call trace: [ 14.924323] show_stack+0x20/0x38 (C) [ 14.924639] dump_stack_lvl+0x8c/0xd0 [ 14.924730] print_report+0x118/0x5d0 [ 14.924779] kasan_report+0xdc/0x128 [ 14.924823] __asan_report_store1_noabort+0x20/0x30 [ 14.925127] kmalloc_big_oob_right+0x2a4/0x2f0 [ 14.925313] kunit_try_run_case+0x170/0x3f0 [ 14.925440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.925576] kthread+0x328/0x630 [ 14.925653] ret_from_fork+0x10/0x20 [ 14.925786] [ 14.925806] Allocated by task 145: [ 14.925834] kasan_save_stack+0x3c/0x68 [ 14.926011] kasan_save_track+0x20/0x40 [ 14.926053] kasan_save_alloc_info+0x40/0x58 [ 14.926206] __kasan_kmalloc+0xd4/0xd8 [ 14.926323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.926412] kmalloc_big_oob_right+0xb8/0x2f0 [ 14.926550] kunit_try_run_case+0x170/0x3f0 [ 14.926620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.926670] kthread+0x328/0x630 [ 14.926702] ret_from_fork+0x10/0x20 [ 14.926788] [ 14.926810] The buggy address belongs to the object at fff00000c64a4000 [ 14.926810] which belongs to the cache kmalloc-8k of size 8192 [ 14.926869] The buggy address is located 0 bytes to the right of [ 14.926869] allocated 7936-byte region [fff00000c64a4000, fff00000c64a5f00) [ 14.926939] [ 14.926959] The buggy address belongs to the physical page: [ 14.926990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a0 [ 14.927059] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.927117] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.927169] page_type: f5(slab) [ 14.927226] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 14.927283] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 14.927331] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 14.927393] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 14.927440] head: 0bfffe0000000003 ffffc1ffc3192801 00000000ffffffff 00000000ffffffff [ 14.927492] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 14.927540] page dumped because: kasan: bad access detected [ 14.927579] [ 14.927597] Memory state around the buggy address: [ 14.927629] fff00000c64a5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.927669] fff00000c64a5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.927719] >fff00000c64a5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927755] ^ [ 14.927783] fff00000c64a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927842] fff00000c64a6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 14.909826] ================================================================== [ 14.910136] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 14.910298] Write of size 1 at addr fff00000c6094978 by task kunit_try_catch/143 [ 14.910353] [ 14.910401] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.910530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.910577] Hardware name: linux,dummy-virt (DT) [ 14.910609] Call trace: [ 14.910638] show_stack+0x20/0x38 (C) [ 14.910827] dump_stack_lvl+0x8c/0xd0 [ 14.910882] print_report+0x118/0x5d0 [ 14.910929] kasan_report+0xdc/0x128 [ 14.910982] __asan_report_store1_noabort+0x20/0x30 [ 14.911467] kmalloc_track_caller_oob_right+0x418/0x488 [ 14.911573] kunit_try_run_case+0x170/0x3f0 [ 14.911625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.911707] kthread+0x328/0x630 [ 14.911974] ret_from_fork+0x10/0x20 [ 14.912026] [ 14.912053] Allocated by task 143: [ 14.912080] kasan_save_stack+0x3c/0x68 [ 14.912300] kasan_save_track+0x20/0x40 [ 14.912352] kasan_save_alloc_info+0x40/0x58 [ 14.912392] __kasan_kmalloc+0xd4/0xd8 [ 14.912427] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.912726] kmalloc_track_caller_oob_right+0x184/0x488 [ 14.912811] kunit_try_run_case+0x170/0x3f0 [ 14.912915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.913292] kthread+0x328/0x630 [ 14.913383] ret_from_fork+0x10/0x20 [ 14.913595] [ 14.913622] The buggy address belongs to the object at fff00000c6094900 [ 14.913622] which belongs to the cache kmalloc-128 of size 128 [ 14.913679] The buggy address is located 0 bytes to the right of [ 14.913679] allocated 120-byte region [fff00000c6094900, fff00000c6094978) [ 14.913845] [ 14.913891] The buggy address belongs to the physical page: [ 14.913955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 14.914044] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.914155] page_type: f5(slab) [ 14.914219] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.914269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.914604] page dumped because: kasan: bad access detected [ 14.914747] [ 14.914824] Memory state around the buggy address: [ 14.914857] fff00000c6094800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.915183] fff00000c6094880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.915306] >fff00000c6094900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.915397] ^ [ 14.915484] fff00000c6094980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.915791] fff00000c6094a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.915855] ================================================================== [ 14.903203] ================================================================== [ 14.903262] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 14.903312] Write of size 1 at addr fff00000c6094878 by task kunit_try_catch/143 [ 14.903380] [ 14.903412] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.903498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.903525] Hardware name: linux,dummy-virt (DT) [ 14.903884] Call trace: [ 14.903919] show_stack+0x20/0x38 (C) [ 14.904167] dump_stack_lvl+0x8c/0xd0 [ 14.904228] print_report+0x118/0x5d0 [ 14.904620] kasan_report+0xdc/0x128 [ 14.905012] __asan_report_store1_noabort+0x20/0x30 [ 14.905098] kmalloc_track_caller_oob_right+0x40c/0x488 [ 14.905150] kunit_try_run_case+0x170/0x3f0 [ 14.905207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.905259] kthread+0x328/0x630 [ 14.905300] ret_from_fork+0x10/0x20 [ 14.905347] [ 14.905365] Allocated by task 143: [ 14.905393] kasan_save_stack+0x3c/0x68 [ 14.905433] kasan_save_track+0x20/0x40 [ 14.905470] kasan_save_alloc_info+0x40/0x58 [ 14.905639] __kasan_kmalloc+0xd4/0xd8 [ 14.906089] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.906157] kmalloc_track_caller_oob_right+0xa8/0x488 [ 14.906462] kunit_try_run_case+0x170/0x3f0 [ 14.906548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.906595] kthread+0x328/0x630 [ 14.906630] ret_from_fork+0x10/0x20 [ 14.906666] [ 14.906715] The buggy address belongs to the object at fff00000c6094800 [ 14.906715] which belongs to the cache kmalloc-128 of size 128 [ 14.906785] The buggy address is located 0 bytes to the right of [ 14.906785] allocated 120-byte region [fff00000c6094800, fff00000c6094878) [ 14.906848] [ 14.906891] The buggy address belongs to the physical page: [ 14.906930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 14.906981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.907026] page_type: f5(slab) [ 14.907078] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.907135] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.907182] page dumped because: kasan: bad access detected [ 14.907225] [ 14.907243] Memory state around the buggy address: [ 14.907288] fff00000c6094700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.907334] fff00000c6094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907377] >fff00000c6094800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.907413] ^ [ 14.907458] fff00000c6094880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907504] fff00000c6094900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907540] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 14.882616] ================================================================== [ 14.882675] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 14.882725] Read of size 1 at addr fff00000c6263000 by task kunit_try_catch/141 [ 14.882792] [ 14.882835] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.882914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.882940] Hardware name: linux,dummy-virt (DT) [ 14.882979] Call trace: [ 14.883001] show_stack+0x20/0x38 (C) [ 14.883058] dump_stack_lvl+0x8c/0xd0 [ 14.883106] print_report+0x118/0x5d0 [ 14.883160] kasan_report+0xdc/0x128 [ 14.883218] __asan_report_load1_noabort+0x20/0x30 [ 14.883269] kmalloc_node_oob_right+0x2f4/0x330 [ 14.883316] kunit_try_run_case+0x170/0x3f0 [ 14.883362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.883422] kthread+0x328/0x630 [ 14.883464] ret_from_fork+0x10/0x20 [ 14.883510] [ 14.883528] Allocated by task 141: [ 14.883555] kasan_save_stack+0x3c/0x68 [ 14.883593] kasan_save_track+0x20/0x40 [ 14.883629] kasan_save_alloc_info+0x40/0x58 [ 14.883673] __kasan_kmalloc+0xd4/0xd8 [ 14.883708] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 14.883756] kmalloc_node_oob_right+0xbc/0x330 [ 14.883794] kunit_try_run_case+0x170/0x3f0 [ 14.883830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.883871] kthread+0x328/0x630 [ 14.883907] ret_from_fork+0x10/0x20 [ 14.883949] [ 14.883968] The buggy address belongs to the object at fff00000c6262000 [ 14.883968] which belongs to the cache kmalloc-4k of size 4096 [ 14.884023] The buggy address is located 0 bytes to the right of [ 14.884023] allocated 4096-byte region [fff00000c6262000, fff00000c6263000) [ 14.884091] [ 14.884111] The buggy address belongs to the physical page: [ 14.884174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 14.884335] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.884381] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.884440] page_type: f5(slab) [ 14.884477] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.884525] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.884578] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.885027] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.885157] head: 0bfffe0000000003 ffffc1ffc3189801 00000000ffffffff 00000000ffffffff [ 14.885259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 14.885331] page dumped because: kasan: bad access detected [ 14.885429] [ 14.885458] Memory state around the buggy address: [ 14.885503] fff00000c6262f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.885546] fff00000c6262f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.885587] >fff00000c6263000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885622] ^ [ 14.885649] fff00000c6263080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885689] fff00000c6263100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885725] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 14.871707] ================================================================== [ 14.871964] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 14.872080] Read of size 1 at addr fff00000c60866bf by task kunit_try_catch/139 [ 14.872134] [ 14.872165] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.872263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.872349] Hardware name: linux,dummy-virt (DT) [ 14.872428] Call trace: [ 14.872468] show_stack+0x20/0x38 (C) [ 14.872551] dump_stack_lvl+0x8c/0xd0 [ 14.872598] print_report+0x118/0x5d0 [ 14.872662] kasan_report+0xdc/0x128 [ 14.872726] __asan_report_load1_noabort+0x20/0x30 [ 14.872941] kmalloc_oob_left+0x2ec/0x320 [ 14.873105] kunit_try_run_case+0x170/0x3f0 [ 14.873232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.873385] kthread+0x328/0x630 [ 14.873447] ret_from_fork+0x10/0x20 [ 14.873494] [ 14.873741] Allocated by task 26: [ 14.873778] kasan_save_stack+0x3c/0x68 [ 14.873821] kasan_save_track+0x20/0x40 [ 14.873900] kasan_save_alloc_info+0x40/0x58 [ 14.874009] __kasan_kmalloc+0xd4/0xd8 [ 14.874146] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.874283] kstrdup+0x54/0xc8 [ 14.874341] devtmpfs_work_loop+0x6f8/0xa58 [ 14.874382] devtmpfsd+0x50/0x58 [ 14.874428] kthread+0x328/0x630 [ 14.874478] ret_from_fork+0x10/0x20 [ 14.874537] [ 14.874588] Freed by task 26: [ 14.874626] kasan_save_stack+0x3c/0x68 [ 14.874663] kasan_save_track+0x20/0x40 [ 14.874861] kasan_save_free_info+0x4c/0x78 [ 14.874950] __kasan_slab_free+0x6c/0x98 [ 14.875059] kfree+0x214/0x3c8 [ 14.875157] devtmpfs_work_loop+0x804/0xa58 [ 14.875290] devtmpfsd+0x50/0x58 [ 14.875341] kthread+0x328/0x630 [ 14.875390] ret_from_fork+0x10/0x20 [ 14.875739] [ 14.875851] The buggy address belongs to the object at fff00000c60866a0 [ 14.875851] which belongs to the cache kmalloc-16 of size 16 [ 14.875981] The buggy address is located 15 bytes to the right of [ 14.875981] allocated 16-byte region [fff00000c60866a0, fff00000c60866b0) [ 14.876073] [ 14.876093] The buggy address belongs to the physical page: [ 14.876122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106086 [ 14.876384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.876503] page_type: f5(slab) [ 14.876654] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 14.876732] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.876809] page dumped because: kasan: bad access detected [ 14.876933] [ 14.876987] Memory state around the buggy address: [ 14.877019] fff00000c6086580: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 14.877065] fff00000c6086600: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 14.877105] >fff00000c6086680: 00 00 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 14.877141] ^ [ 14.877174] fff00000c6086700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877223] fff00000c6086780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877276] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 14.856509] ================================================================== [ 14.856548] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 14.856594] Write of size 1 at addr fff00000c6094778 by task kunit_try_catch/137 [ 14.856642] [ 14.856677] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.856755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.856781] Hardware name: linux,dummy-virt (DT) [ 14.856811] Call trace: [ 14.856832] show_stack+0x20/0x38 (C) [ 14.856900] dump_stack_lvl+0x8c/0xd0 [ 14.856947] print_report+0x118/0x5d0 [ 14.856992] kasan_report+0xdc/0x128 [ 14.857042] __asan_report_store1_noabort+0x20/0x30 [ 14.857104] kmalloc_oob_right+0x538/0x660 [ 14.857149] kunit_try_run_case+0x170/0x3f0 [ 14.857218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.857270] kthread+0x328/0x630 [ 14.857311] ret_from_fork+0x10/0x20 [ 14.857367] [ 14.857385] Allocated by task 137: [ 14.857412] kasan_save_stack+0x3c/0x68 [ 14.857450] kasan_save_track+0x20/0x40 [ 14.857486] kasan_save_alloc_info+0x40/0x58 [ 14.857524] __kasan_kmalloc+0xd4/0xd8 [ 14.857559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.857596] kmalloc_oob_right+0xb0/0x660 [ 14.857640] kunit_try_run_case+0x170/0x3f0 [ 14.857677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.857718] kthread+0x328/0x630 [ 14.857757] ret_from_fork+0x10/0x20 [ 14.857792] [ 14.857810] The buggy address belongs to the object at fff00000c6094700 [ 14.857810] which belongs to the cache kmalloc-128 of size 128 [ 14.857863] The buggy address is located 5 bytes to the right of [ 14.857863] allocated 115-byte region [fff00000c6094700, fff00000c6094773) [ 14.857930] [ 14.857958] The buggy address belongs to the physical page: [ 14.857987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 14.858037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.858081] page_type: f5(slab) [ 14.858118] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.858176] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.858862] page dumped because: kasan: bad access detected [ 14.858902] [ 14.858920] Memory state around the buggy address: [ 14.858951] fff00000c6094600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.858992] fff00000c6094680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859033] >fff00000c6094700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.859070] ^ [ 14.859109] fff00000c6094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859149] fff00000c6094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859383] ================================================================== [ 14.859943] ================================================================== [ 14.859990] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 14.860077] Read of size 1 at addr fff00000c6094780 by task kunit_try_catch/137 [ 14.860135] [ 14.860164] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.860487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.860581] Hardware name: linux,dummy-virt (DT) [ 14.860628] Call trace: [ 14.860657] show_stack+0x20/0x38 (C) [ 14.860798] dump_stack_lvl+0x8c/0xd0 [ 14.860845] print_report+0x118/0x5d0 [ 14.861003] kasan_report+0xdc/0x128 [ 14.861141] __asan_report_load1_noabort+0x20/0x30 [ 14.861246] kmalloc_oob_right+0x5d0/0x660 [ 14.861310] kunit_try_run_case+0x170/0x3f0 [ 14.861395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.861697] kthread+0x328/0x630 [ 14.861744] ret_from_fork+0x10/0x20 [ 14.861802] [ 14.861820] Allocated by task 137: [ 14.861847] kasan_save_stack+0x3c/0x68 [ 14.861886] kasan_save_track+0x20/0x40 [ 14.861922] kasan_save_alloc_info+0x40/0x58 [ 14.861960] __kasan_kmalloc+0xd4/0xd8 [ 14.862090] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.862157] kmalloc_oob_right+0xb0/0x660 [ 14.862240] kunit_try_run_case+0x170/0x3f0 [ 14.862335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.862443] kthread+0x328/0x630 [ 14.862550] ret_from_fork+0x10/0x20 [ 14.862584] [ 14.862621] The buggy address belongs to the object at fff00000c6094700 [ 14.862621] which belongs to the cache kmalloc-128 of size 128 [ 14.862916] The buggy address is located 13 bytes to the right of [ 14.862916] allocated 115-byte region [fff00000c6094700, fff00000c6094773) [ 14.863025] [ 14.863083] The buggy address belongs to the physical page: [ 14.863146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 14.863263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.863353] page_type: f5(slab) [ 14.863406] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.863465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.863504] page dumped because: kasan: bad access detected [ 14.863534] [ 14.863552] Memory state around the buggy address: [ 14.863581] fff00000c6094680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863692] fff00000c6094700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.863805] >fff00000c6094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863863] ^ [ 14.863917] fff00000c6094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864001] fff00000c6094880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864226] ================================================================== [ 14.847609] ================================================================== [ 14.847951] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 14.848791] Write of size 1 at addr fff00000c6094773 by task kunit_try_catch/137 [ 14.848952] [ 14.849753] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 14.849900] Tainted: [N]=TEST [ 14.849932] Hardware name: linux,dummy-virt (DT) [ 14.850149] Call trace: [ 14.850343] show_stack+0x20/0x38 (C) [ 14.850480] dump_stack_lvl+0x8c/0xd0 [ 14.850540] print_report+0x118/0x5d0 [ 14.850588] kasan_report+0xdc/0x128 [ 14.850634] __asan_report_store1_noabort+0x20/0x30 [ 14.850685] kmalloc_oob_right+0x5a4/0x660 [ 14.850730] kunit_try_run_case+0x170/0x3f0 [ 14.850781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.850833] kthread+0x328/0x630 [ 14.850877] ret_from_fork+0x10/0x20 [ 14.851030] [ 14.851068] Allocated by task 137: [ 14.851182] kasan_save_stack+0x3c/0x68 [ 14.851259] kasan_save_track+0x20/0x40 [ 14.851295] kasan_save_alloc_info+0x40/0x58 [ 14.851334] __kasan_kmalloc+0xd4/0xd8 [ 14.851370] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.851409] kmalloc_oob_right+0xb0/0x660 [ 14.851445] kunit_try_run_case+0x170/0x3f0 [ 14.851482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.851523] kthread+0x328/0x630 [ 14.851554] ret_from_fork+0x10/0x20 [ 14.851607] [ 14.851666] The buggy address belongs to the object at fff00000c6094700 [ 14.851666] which belongs to the cache kmalloc-128 of size 128 [ 14.851756] The buggy address is located 0 bytes to the right of [ 14.851756] allocated 115-byte region [fff00000c6094700, fff00000c6094773) [ 14.851821] [ 14.851902] The buggy address belongs to the physical page: [ 14.852071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106094 [ 14.852346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.852625] page_type: f5(slab) [ 14.852921] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.852984] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.853120] page dumped because: kasan: bad access detected [ 14.853164] [ 14.853203] Memory state around the buggy address: [ 14.855320] fff00000c6094600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.855396] fff00000c6094680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855451] >fff00000c6094700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.855505] ^ [ 14.855587] fff00000c6094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855629] fff00000c6094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855691] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 93.233598] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 93.234992] Modules linked in: [ 93.235563] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 93.236104] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 93.236572] Hardware name: linux,dummy-virt (DT) [ 93.236823] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.237450] pc : intlog10+0x38/0x48 [ 93.237821] lr : intlog10_test+0xe4/0x200 [ 93.238049] sp : ffff8000821f7c10 [ 93.238338] x29: ffff8000821f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.238901] x26: 1ffe000018b32e61 x25: 0000000000000000 x24: ffff8000821f7ce0 [ 93.239472] x23: ffff8000821f7d00 x22: 0000000000000000 x21: 1ffff0001043ef82 [ 93.239973] x20: ffff9b2f75689e80 x19: ffff800080087990 x18: 000000005bc8476c [ 93.240546] x17: 00000000821eb338 x16: fff00000c097543c x15: fff00000ff616b08 [ 93.241173] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7365ef2a3379 [ 93.241642] x11: 1ffff365ef2a3378 x10: ffff7365ef2a3378 x9 : ffff9b2f72c3699c [ 93.242237] x8 : ffff9b2f79519bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.242747] x5 : ffff70001043ef82 x4 : 1ffff00010010f3a x3 : 1ffff365eead13d0 [ 93.243261] x2 : 1ffff365eead13d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.243767] Call trace: [ 93.244026] intlog10+0x38/0x48 (P) [ 93.244359] kunit_try_run_case+0x170/0x3f0 [ 93.244685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.244960] kthread+0x328/0x630 [ 93.245405] ret_from_fork+0x10/0x20 [ 93.245905] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 93.169975] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 93.172895] Modules linked in: [ 93.173137] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 93.174271] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 93.174822] Hardware name: linux,dummy-virt (DT) [ 93.175305] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.175945] pc : intlog2+0xd8/0xf8 [ 93.176317] lr : intlog2_test+0xe4/0x200 [ 93.176793] sp : ffff800082197c10 [ 93.177183] x29: ffff800082197c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.178034] x26: 1ffe000018b4b701 x25: 0000000000000000 x24: ffff800082197ce0 [ 93.178592] x23: ffff800082197d00 x22: 0000000000000000 x21: 1ffff00010432f82 [ 93.178950] x20: ffff9b2f75689d80 x19: ffff800080087990 x18: 000000005757c424 [ 93.179317] x17: 0000000002dca390 x16: fff00000c097543c x15: fff00000ff616b08 [ 93.179670] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7365ef2a3379 [ 93.180063] x11: 1ffff365ef2a3378 x10: ffff7365ef2a3378 x9 : ffff9b2f72c36b9c [ 93.181146] x8 : ffff9b2f79519bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.182305] x5 : ffff700010432f82 x4 : 1ffff00010010f3a x3 : 1ffff365eead13b0 [ 93.182681] x2 : 1ffff365eead13b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.183034] Call trace: [ 93.183176] intlog2+0xd8/0xf8 (P) [ 93.183381] kunit_try_run_case+0x170/0x3f0 [ 93.183587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.183834] kthread+0x328/0x630 [ 93.184016] ret_from_fork+0x10/0x20 [ 93.185556] ---[ end trace 0000000000000000 ]---