Date
July 23, 2025, 2:10 a.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.971685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 17.950073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 17.990042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 18.014577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 18.145176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.835943] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 17.824915] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.746977] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.753475] Modules linked in: [ 96.754224] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 96.755425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.756068] Hardware name: linux,dummy-virt (DT) [ 96.756699] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.757444] pc : kunit_test_null_dereference+0x70/0x170 [ 96.758046] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.758672] sp : ffff800080f27d30 [ 96.759203] x29: ffff800080f27d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.760069] x26: 1ffe0000187ebac1 x25: 0000000000000000 x24: 0000000000000004 [ 96.760828] x23: fff00000c3f5d60c x22: ffffab7db2e24fb8 x21: fff00000c1b6bf08 [ 96.761577] x20: 1ffff000101e4fa6 x19: ffff800080087990 x18: 00000000dec20a8a [ 96.762327] x17: 0000000000000001 x16: fff00000da474d28 x15: 000000005eb983b6 [ 96.763149] x14: 0000000068948a06 x13: 1ffe00001b48e989 x12: fffd800018b548b4 [ 96.763666] x11: 1ffe000018b548b3 x10: fffd800018b548b3 x9 : ffffab7db2e1c420 [ 96.764083] x8 : ffff800080f27c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.764427] x5 : ffff7000101e4fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.764773] x2 : dfff800000000000 x1 : fff00000c5aa3cc0 x0 : ffff800080087990 [ 96.765237] Call trace: [ 96.765472] kunit_test_null_dereference+0x70/0x170 (P) [ 96.765783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.766114] kthread+0x328/0x630 [ 96.766374] ret_from_fork+0x10/0x20 [ 96.766912] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.767632] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.299692] ================================================================== [ 51.299757] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.299757] [ 51.299841] Use-after-free read at 0x00000000408a979c (in kfence-#163): [ 51.299912] test_krealloc+0x51c/0x830 [ 51.299958] kunit_try_run_case+0x170/0x3f0 [ 51.300003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.300048] kthread+0x328/0x630 [ 51.300087] ret_from_fork+0x10/0x20 [ 51.300127] [ 51.300152] kfence-#163: 0x00000000408a979c-0x000000007ea23abd, size=32, cache=kmalloc-32 [ 51.300152] [ 51.300207] allocated by task 337 on cpu 0 at 51.299089s (0.001114s ago): [ 51.300277] test_alloc+0x29c/0x628 [ 51.300320] test_krealloc+0xc0/0x830 [ 51.300360] kunit_try_run_case+0x170/0x3f0 [ 51.300400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.300444] kthread+0x328/0x630 [ 51.300480] ret_from_fork+0x10/0x20 [ 51.300519] [ 51.300542] freed by task 337 on cpu 0 at 51.299296s (0.001243s ago): [ 51.300603] krealloc_noprof+0x148/0x360 [ 51.300643] test_krealloc+0x1dc/0x830 [ 51.300683] kunit_try_run_case+0x170/0x3f0 [ 51.300724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.300766] kthread+0x328/0x630 [ 51.300801] ret_from_fork+0x10/0x20 [ 51.300840] [ 51.300891] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 51.300969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.300999] Hardware name: linux,dummy-virt (DT) [ 51.301034] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.231338] ================================================================== [ 51.231435] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.231435] [ 51.231534] Use-after-free read at 0x0000000019a498f7 (in kfence-#162): [ 51.231591] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.231642] kunit_try_run_case+0x170/0x3f0 [ 51.231686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.231733] kthread+0x328/0x630 [ 51.231774] ret_from_fork+0x10/0x20 [ 51.231815] [ 51.231839] kfence-#162: 0x0000000019a498f7-0x000000002da2ef65, size=32, cache=test [ 51.231839] [ 51.231908] allocated by task 335 on cpu 1 at 51.195100s (0.036804s ago): [ 51.231978] test_alloc+0x230/0x628 [ 51.232018] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.232063] kunit_try_run_case+0x170/0x3f0 [ 51.232104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.232148] kthread+0x328/0x630 [ 51.232183] ret_from_fork+0x10/0x20 [ 51.232222] [ 51.232246] freed by task 335 on cpu 1 at 51.195230s (0.037013s ago): [ 51.232303] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.232346] kunit_try_run_case+0x170/0x3f0 [ 51.232385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.232429] kthread+0x328/0x630 [ 51.232464] ret_from_fork+0x10/0x20 [ 51.232504] [ 51.232550] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 51.232627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.232657] Hardware name: linux,dummy-virt (DT) [ 51.232692] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.602530] ================================================================== [ 27.602865] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.602865] [ 27.602976] Invalid read at 0x0000000008757770: [ 27.603117] test_invalid_access+0xdc/0x1f0 [ 27.603186] kunit_try_run_case+0x170/0x3f0 [ 27.603239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.603334] kthread+0x328/0x630 [ 27.603436] ret_from_fork+0x10/0x20 [ 27.603498] [ 27.603571] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 27.603712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.603759] Hardware name: linux,dummy-virt (DT) [ 27.603803] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.379245] ================================================================== [ 27.379341] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.379341] [ 27.379406] Corrupted memory at 0x000000005ac14142 [ ! . . . . . . . . . . . . . . . ] (in kfence-#158): [ 27.379716] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.379765] kunit_try_run_case+0x170/0x3f0 [ 27.379809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.379867] kthread+0x328/0x630 [ 27.379905] ret_from_fork+0x10/0x20 [ 27.379944] [ 27.379970] kfence-#158: 0x0000000026d95c5d-0x0000000037d8a65c, size=73, cache=kmalloc-96 [ 27.379970] [ 27.380028] allocated by task 325 on cpu 0 at 27.379016s (0.001008s ago): [ 27.380091] test_alloc+0x29c/0x628 [ 27.380131] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.380175] kunit_try_run_case+0x170/0x3f0 [ 27.380215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.380258] kthread+0x328/0x630 [ 27.380294] ret_from_fork+0x10/0x20 [ 27.380334] [ 27.380359] freed by task 325 on cpu 0 at 27.379158s (0.001198s ago): [ 27.380421] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.380463] kunit_try_run_case+0x170/0x3f0 [ 27.380504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.380548] kthread+0x328/0x630 [ 27.380583] ret_from_fork+0x10/0x20 [ 27.380623] [ 27.380666] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 27.380743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.380774] Hardware name: linux,dummy-virt (DT) [ 27.380807] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.859210] ================================================================== [ 26.859309] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.859309] [ 26.859411] Out-of-bounds read at 0x00000000cacbb318 (105B right of kfence-#153): [ 26.859474] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.859524] kunit_try_run_case+0x170/0x3f0 [ 26.859569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.859614] kthread+0x328/0x630 [ 26.859654] ret_from_fork+0x10/0x20 [ 26.859694] [ 26.859719] kfence-#153: 0x00000000e79d0cb4-0x00000000132437cb, size=73, cache=kmalloc-96 [ 26.859719] [ 26.859773] allocated by task 323 on cpu 0 at 26.858968s (0.000802s ago): [ 26.859844] test_alloc+0x29c/0x628 [ 26.859900] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.859945] kunit_try_run_case+0x170/0x3f0 [ 26.859987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.860031] kthread+0x328/0x630 [ 26.860068] ret_from_fork+0x10/0x20 [ 26.860108] [ 26.860154] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 26.860234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.860264] Hardware name: linux,dummy-virt (DT) [ 26.860300] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.555133] ================================================================== [ 21.555226] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.555226] [ 21.555289] Corrupted memory at 0x00000000e8517158 [ ! ] (in kfence-#102): [ 21.555406] test_corruption+0x1d8/0x378 [ 21.555453] kunit_try_run_case+0x170/0x3f0 [ 21.555497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.555541] kthread+0x328/0x630 [ 21.555580] ret_from_fork+0x10/0x20 [ 21.555621] [ 21.555645] kfence-#102: 0x000000002c8dac0d-0x00000000a698ded9, size=32, cache=test [ 21.555645] [ 21.555703] allocated by task 313 on cpu 1 at 21.554989s (0.000710s ago): [ 21.555764] test_alloc+0x230/0x628 [ 21.555805] test_corruption+0x198/0x378 [ 21.555847] kunit_try_run_case+0x170/0x3f0 [ 21.555897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.555941] kthread+0x328/0x630 [ 21.555978] ret_from_fork+0x10/0x20 [ 21.556016] [ 21.556042] freed by task 313 on cpu 1 at 21.555050s (0.000989s ago): [ 21.556101] test_corruption+0x1d8/0x378 [ 21.556142] kunit_try_run_case+0x170/0x3f0 [ 21.556183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.556225] kthread+0x328/0x630 [ 21.556261] ret_from_fork+0x10/0x20 [ 21.556300] [ 21.556340] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 21.556418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.556446] Hardware name: linux,dummy-virt (DT) [ 21.556478] ================================================================== [ 20.827261] ================================================================== [ 20.827369] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.827369] [ 20.827560] Corrupted memory at 0x0000000001164037 [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 20.828674] test_corruption+0x278/0x378 [ 20.828728] kunit_try_run_case+0x170/0x3f0 [ 20.828774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.828820] kthread+0x328/0x630 [ 20.828871] ret_from_fork+0x10/0x20 [ 20.828911] [ 20.828938] kfence-#95: 0x000000007d16e189-0x000000006ee2dcb9, size=32, cache=kmalloc-32 [ 20.828938] [ 20.828995] allocated by task 311 on cpu 1 at 20.826982s (0.002009s ago): [ 20.829058] test_alloc+0x29c/0x628 [ 20.829100] test_corruption+0xdc/0x378 [ 20.829142] kunit_try_run_case+0x170/0x3f0 [ 20.829182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.829225] kthread+0x328/0x630 [ 20.829261] ret_from_fork+0x10/0x20 [ 20.829301] [ 20.829324] freed by task 311 on cpu 1 at 20.827087s (0.002234s ago): [ 20.829384] test_corruption+0x278/0x378 [ 20.829424] kunit_try_run_case+0x170/0x3f0 [ 20.829464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.829506] kthread+0x328/0x630 [ 20.829542] ret_from_fork+0x10/0x20 [ 20.829582] [ 20.829625] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.829705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.829734] Hardware name: linux,dummy-virt (DT) [ 20.829770] ================================================================== [ 21.035077] ================================================================== [ 21.035169] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.035169] [ 21.035233] Corrupted memory at 0x00000000d4bc3a8b [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 21.035544] test_corruption+0x120/0x378 [ 21.035592] kunit_try_run_case+0x170/0x3f0 [ 21.035636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.035681] kthread+0x328/0x630 [ 21.035720] ret_from_fork+0x10/0x20 [ 21.035760] [ 21.035784] kfence-#97: 0x00000000848742c9-0x00000000c7ee2a21, size=32, cache=test [ 21.035784] [ 21.035840] allocated by task 313 on cpu 1 at 21.034936s (0.000900s ago): [ 21.035914] test_alloc+0x230/0x628 [ 21.035956] test_corruption+0xdc/0x378 [ 21.035997] kunit_try_run_case+0x170/0x3f0 [ 21.036038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.036082] kthread+0x328/0x630 [ 21.036119] ret_from_fork+0x10/0x20 [ 21.036158] [ 21.036182] freed by task 313 on cpu 1 at 21.034996s (0.001182s ago): [ 21.036242] test_corruption+0x120/0x378 [ 21.036283] kunit_try_run_case+0x170/0x3f0 [ 21.036323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.036367] kthread+0x328/0x630 [ 21.036403] ret_from_fork+0x10/0x20 [ 21.036445] [ 21.036485] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 21.036564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.036592] Hardware name: linux,dummy-virt (DT) [ 21.036626] ================================================================== [ 20.931319] ================================================================== [ 20.931410] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.931410] [ 20.931474] Corrupted memory at 0x000000002835379b [ ! ] (in kfence-#96): [ 20.931601] test_corruption+0x284/0x378 [ 20.931649] kunit_try_run_case+0x170/0x3f0 [ 20.931693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.931740] kthread+0x328/0x630 [ 20.931779] ret_from_fork+0x10/0x20 [ 20.931819] [ 20.931843] kfence-#96: 0x00000000d4b7bd2c-0x000000002b9ec504, size=32, cache=kmalloc-32 [ 20.931843] [ 20.931919] allocated by task 311 on cpu 1 at 20.931050s (0.000865s ago): [ 20.931982] test_alloc+0x29c/0x628 [ 20.932024] test_corruption+0x198/0x378 [ 20.932063] kunit_try_run_case+0x170/0x3f0 [ 20.932103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.932145] kthread+0x328/0x630 [ 20.932182] ret_from_fork+0x10/0x20 [ 20.932222] [ 20.932246] freed by task 311 on cpu 1 at 20.931156s (0.001087s ago): [ 20.932305] test_corruption+0x284/0x378 [ 20.932344] kunit_try_run_case+0x170/0x3f0 [ 20.932384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.932428] kthread+0x328/0x630 [ 20.932463] ret_from_fork+0x10/0x20 [ 20.932502] [ 20.932542] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.932618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.932647] Hardware name: linux,dummy-virt (DT) [ 20.932681] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.619158] ================================================================== [ 20.619247] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.619247] [ 20.619312] Invalid free of 0x00000000f2bd3ae8 (in kfence-#93): [ 20.619369] test_invalid_addr_free+0x1ac/0x238 [ 20.619415] kunit_try_run_case+0x170/0x3f0 [ 20.619461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.619508] kthread+0x328/0x630 [ 20.619547] ret_from_fork+0x10/0x20 [ 20.619586] [ 20.619610] kfence-#93: 0x000000008fc943ca-0x00000000eca80bc9, size=32, cache=kmalloc-32 [ 20.619610] [ 20.619667] allocated by task 307 on cpu 1 at 20.619008s (0.000655s ago): [ 20.619731] test_alloc+0x29c/0x628 [ 20.619773] test_invalid_addr_free+0xd4/0x238 [ 20.619816] kunit_try_run_case+0x170/0x3f0 [ 20.619871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.619916] kthread+0x328/0x630 [ 20.619952] ret_from_fork+0x10/0x20 [ 20.619992] [ 20.620041] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.620123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.620152] Hardware name: linux,dummy-virt (DT) [ 20.620188] ================================================================== [ 20.723028] ================================================================== [ 20.723120] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.723120] [ 20.723183] Invalid free of 0x00000000e473f306 (in kfence-#94): [ 20.723240] test_invalid_addr_free+0xec/0x238 [ 20.723286] kunit_try_run_case+0x170/0x3f0 [ 20.723328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.723373] kthread+0x328/0x630 [ 20.723409] ret_from_fork+0x10/0x20 [ 20.723448] [ 20.723473] kfence-#94: 0x000000003c689fc0-0x000000005aa21727, size=32, cache=test [ 20.723473] [ 20.723528] allocated by task 309 on cpu 1 at 20.722908s (0.000616s ago): [ 20.723589] test_alloc+0x230/0x628 [ 20.723633] test_invalid_addr_free+0xd4/0x238 [ 20.723675] kunit_try_run_case+0x170/0x3f0 [ 20.723716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.723758] kthread+0x328/0x630 [ 20.723795] ret_from_fork+0x10/0x20 [ 20.723836] [ 20.723889] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.723970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.723999] Hardware name: linux,dummy-virt (DT) [ 20.724031] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.411362] ================================================================== [ 20.411485] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.411485] [ 20.411556] Invalid free of 0x0000000065b946e4 (in kfence-#91): [ 20.411622] test_double_free+0x1bc/0x238 [ 20.411678] kunit_try_run_case+0x170/0x3f0 [ 20.411724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.411768] kthread+0x328/0x630 [ 20.411806] ret_from_fork+0x10/0x20 [ 20.411847] [ 20.411887] kfence-#91: 0x0000000065b946e4-0x0000000035844ab6, size=32, cache=kmalloc-32 [ 20.411887] [ 20.411944] allocated by task 303 on cpu 0 at 20.411038s (0.000903s ago): [ 20.412009] test_alloc+0x29c/0x628 [ 20.412052] test_double_free+0xd4/0x238 [ 20.412092] kunit_try_run_case+0x170/0x3f0 [ 20.412133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.412176] kthread+0x328/0x630 [ 20.412214] ret_from_fork+0x10/0x20 [ 20.412254] [ 20.412277] freed by task 303 on cpu 0 at 20.411113s (0.001160s ago): [ 20.412338] test_double_free+0x1ac/0x238 [ 20.412380] kunit_try_run_case+0x170/0x3f0 [ 20.412421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.412467] kthread+0x328/0x630 [ 20.412502] ret_from_fork+0x10/0x20 [ 20.412543] [ 20.412588] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.412668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.412697] Hardware name: linux,dummy-virt (DT) [ 20.412738] ================================================================== [ 20.515155] ================================================================== [ 20.515251] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.515251] [ 20.515314] Invalid free of 0x0000000033d2db5c (in kfence-#92): [ 20.515371] test_double_free+0x100/0x238 [ 20.515416] kunit_try_run_case+0x170/0x3f0 [ 20.515460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.515508] kthread+0x328/0x630 [ 20.515546] ret_from_fork+0x10/0x20 [ 20.515585] [ 20.515609] kfence-#92: 0x0000000033d2db5c-0x00000000b8f13f0d, size=32, cache=test [ 20.515609] [ 20.515664] allocated by task 305 on cpu 0 at 20.514948s (0.000712s ago): [ 20.515726] test_alloc+0x230/0x628 [ 20.515768] test_double_free+0xd4/0x238 [ 20.515808] kunit_try_run_case+0x170/0x3f0 [ 20.515864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.515909] kthread+0x328/0x630 [ 20.515945] ret_from_fork+0x10/0x20 [ 20.515986] [ 20.516009] freed by task 305 on cpu 0 at 20.515011s (0.000995s ago): [ 20.516071] test_double_free+0xf0/0x238 [ 20.516113] kunit_try_run_case+0x170/0x3f0 [ 20.516152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.516196] kthread+0x328/0x630 [ 20.516233] ret_from_fork+0x10/0x20 [ 20.516274] [ 20.516316] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.516395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.516423] Hardware name: linux,dummy-virt (DT) [ 20.516457] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.103668] ================================================================== [ 20.103747] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.103747] [ 20.104008] Use-after-free read at 0x00000000cafbe188 (in kfence-#88): [ 20.104211] test_use_after_free_read+0x114/0x248 [ 20.104271] kunit_try_run_case+0x170/0x3f0 [ 20.104498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.104570] kthread+0x328/0x630 [ 20.104670] ret_from_fork+0x10/0x20 [ 20.104716] [ 20.104785] kfence-#88: 0x00000000cafbe188-0x0000000051b10ac4, size=32, cache=test [ 20.104785] [ 20.104866] allocated by task 297 on cpu 0 at 20.103493s (0.001343s ago): [ 20.104954] test_alloc+0x230/0x628 [ 20.104998] test_use_after_free_read+0xd0/0x248 [ 20.105138] kunit_try_run_case+0x170/0x3f0 [ 20.105302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.105369] kthread+0x328/0x630 [ 20.105435] ret_from_fork+0x10/0x20 [ 20.105521] [ 20.105583] freed by task 297 on cpu 0 at 20.103552s (0.002026s ago): [ 20.105704] test_use_after_free_read+0xf0/0x248 [ 20.105776] kunit_try_run_case+0x170/0x3f0 [ 20.105837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.105912] kthread+0x328/0x630 [ 20.105966] ret_from_fork+0x10/0x20 [ 20.106008] [ 20.106099] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 20.106178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.106206] Hardware name: linux,dummy-virt (DT) [ 20.106251] ================================================================== [ 19.992964] ================================================================== [ 19.993327] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.993327] [ 19.993600] Use-after-free read at 0x00000000221889d3 (in kfence-#87): [ 19.993695] test_use_after_free_read+0x114/0x248 [ 19.993906] kunit_try_run_case+0x170/0x3f0 [ 19.994114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.994187] kthread+0x328/0x630 [ 19.994231] ret_from_fork+0x10/0x20 [ 19.994417] [ 19.994580] kfence-#87: 0x00000000221889d3-0x000000005f00220b, size=32, cache=kmalloc-32 [ 19.994580] [ 19.994877] allocated by task 295 on cpu 0 at 19.992552s (0.002287s ago): [ 19.995066] test_alloc+0x29c/0x628 [ 19.995185] test_use_after_free_read+0xd0/0x248 [ 19.995262] kunit_try_run_case+0x170/0x3f0 [ 19.995460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.995673] kthread+0x328/0x630 [ 19.995829] ret_from_fork+0x10/0x20 [ 19.996023] [ 19.996458] freed by task 295 on cpu 0 at 19.992623s (0.003582s ago): [ 19.997219] test_use_after_free_read+0x1c0/0x248 [ 19.997322] kunit_try_run_case+0x170/0x3f0 [ 19.997996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.998145] kthread+0x328/0x630 [ 19.998497] ret_from_fork+0x10/0x20 [ 19.998586] [ 19.999081] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.999174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.999204] Hardware name: linux,dummy-virt (DT) [ 19.999535] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.889506] ================================================================== [ 19.889608] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.889608] [ 19.889966] Out-of-bounds write at 0x00000000124f38c3 (1B left of kfence-#86): [ 19.890273] test_out_of_bounds_write+0x100/0x240 [ 19.890346] kunit_try_run_case+0x170/0x3f0 [ 19.890389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.890783] kthread+0x328/0x630 [ 19.890849] ret_from_fork+0x10/0x20 [ 19.890912] [ 19.891304] kfence-#86: 0x000000008302907a-0x00000000eeab7d50, size=32, cache=test [ 19.891304] [ 19.891560] allocated by task 293 on cpu 0 at 19.889308s (0.002210s ago): [ 19.891734] test_alloc+0x230/0x628 [ 19.892128] test_out_of_bounds_write+0xc8/0x240 [ 19.892248] kunit_try_run_case+0x170/0x3f0 [ 19.892425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.892486] kthread+0x328/0x630 [ 19.892800] ret_from_fork+0x10/0x20 [ 19.892969] [ 19.893089] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.893583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.893695] Hardware name: linux,dummy-virt (DT) [ 19.893776] ================================================================== [ 19.576942] ================================================================== [ 19.577017] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.577017] [ 19.577245] Out-of-bounds write at 0x0000000045117a8f (1B left of kfence-#83): [ 19.577436] test_out_of_bounds_write+0x100/0x240 [ 19.577499] kunit_try_run_case+0x170/0x3f0 [ 19.577812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577979] kthread+0x328/0x630 [ 19.578035] ret_from_fork+0x10/0x20 [ 19.578078] [ 19.578114] kfence-#83: 0x00000000904c20a0-0x00000000c081050d, size=32, cache=kmalloc-32 [ 19.578114] [ 19.578172] allocated by task 291 on cpu 0 at 19.576369s (0.001799s ago): [ 19.578242] test_alloc+0x29c/0x628 [ 19.578282] test_out_of_bounds_write+0xc8/0x240 [ 19.578325] kunit_try_run_case+0x170/0x3f0 [ 19.578364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.578419] kthread+0x328/0x630 [ 19.578472] ret_from_fork+0x10/0x20 [ 19.578515] [ 19.579100] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.579202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.579232] Hardware name: linux,dummy-virt (DT) [ 19.579267] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.645094] ================================================================== [ 17.645444] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.645523] Read of size 1 at addr ffff800080a57b4a by task kunit_try_catch/253 [ 17.645756] [ 17.645820] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.645971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.646267] Hardware name: linux,dummy-virt (DT) [ 17.646336] Call trace: [ 17.646362] show_stack+0x20/0x38 (C) [ 17.646511] dump_stack_lvl+0x8c/0xd0 [ 17.646568] print_report+0x310/0x5d0 [ 17.646684] kasan_report+0xdc/0x128 [ 17.646745] __asan_report_load1_noabort+0x20/0x30 [ 17.646815] kasan_alloca_oob_right+0x2dc/0x340 [ 17.647217] kunit_try_run_case+0x170/0x3f0 [ 17.647299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.647547] kthread+0x328/0x630 [ 17.647735] ret_from_fork+0x10/0x20 [ 17.647940] [ 17.648064] The buggy address belongs to stack of task kunit_try_catch/253 [ 17.648145] [ 17.648369] The buggy address ffff800080a57b4a belongs to a vmalloc virtual mapping [ 17.648676] The buggy address belongs to the physical page: [ 17.648783] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103faa [ 17.648964] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.649107] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.649389] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.649532] page dumped because: kasan: bad access detected [ 17.649782] [ 17.649878] Memory state around the buggy address: [ 17.649929] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.650164] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.650539] >ffff800080a57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.651041] ^ [ 17.651214] ffff800080a57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.651356] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.651497] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.052586] ================================================================== [ 19.052708] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.052708] [ 19.052896] Out-of-bounds read at 0x000000003973b111 (32B right of kfence-#78): [ 19.053011] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.053063] kunit_try_run_case+0x170/0x3f0 [ 19.053397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.053470] kthread+0x328/0x630 [ 19.053798] ret_from_fork+0x10/0x20 [ 19.053875] [ 19.053901] kfence-#78: 0x0000000047340816-0x00000000663e2b9e, size=32, cache=kmalloc-32 [ 19.053901] [ 19.054044] allocated by task 287 on cpu 0 at 19.051959s (0.001998s ago): [ 19.054158] test_alloc+0x29c/0x628 [ 19.054278] test_out_of_bounds_read+0x198/0x3e0 [ 19.054342] kunit_try_run_case+0x170/0x3f0 [ 19.054575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.054676] kthread+0x328/0x630 [ 19.054995] ret_from_fork+0x10/0x20 [ 19.055100] [ 19.055249] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.055351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.055576] Hardware name: linux,dummy-virt (DT) [ 19.055736] ================================================================== [ 19.156002] ================================================================== [ 19.156156] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.156156] [ 19.156526] Out-of-bounds read at 0x00000000f8cddd91 (1B left of kfence-#79): [ 19.156592] test_out_of_bounds_read+0x114/0x3e0 [ 19.156684] kunit_try_run_case+0x170/0x3f0 [ 19.156772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.156890] kthread+0x328/0x630 [ 19.156935] ret_from_fork+0x10/0x20 [ 19.157000] [ 19.157026] kfence-#79: 0x000000002a3d34e3-0x00000000aa7d7b0b, size=32, cache=test [ 19.157026] [ 19.157387] allocated by task 289 on cpu 0 at 19.155889s (0.001470s ago): [ 19.157529] test_alloc+0x230/0x628 [ 19.157574] test_out_of_bounds_read+0xdc/0x3e0 [ 19.157680] kunit_try_run_case+0x170/0x3f0 [ 19.157755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.157821] kthread+0x328/0x630 [ 19.158177] ret_from_fork+0x10/0x20 [ 19.158220] [ 19.158351] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.158486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.158535] Hardware name: linux,dummy-virt (DT) [ 19.158598] ================================================================== [ 18.845111] ================================================================== [ 18.845229] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.845229] [ 18.845659] Out-of-bounds read at 0x00000000a539d5ce (1B left of kfence-#76): [ 18.847569] test_out_of_bounds_read+0x114/0x3e0 [ 18.847977] kunit_try_run_case+0x170/0x3f0 [ 18.848039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.848347] kthread+0x328/0x630 [ 18.848482] ret_from_fork+0x10/0x20 [ 18.848563] [ 18.849470] kfence-#76: 0x000000001f46b69e-0x00000000094a14f5, size=32, cache=kmalloc-32 [ 18.849470] [ 18.850594] allocated by task 287 on cpu 0 at 18.843655s (0.006832s ago): [ 18.852904] test_alloc+0x29c/0x628 [ 18.853047] test_out_of_bounds_read+0xdc/0x3e0 [ 18.853237] kunit_try_run_case+0x170/0x3f0 [ 18.853472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.853713] kthread+0x328/0x630 [ 18.853893] ret_from_fork+0x10/0x20 [ 18.854400] [ 18.854779] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.855244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.855345] Hardware name: linux,dummy-virt (DT) [ 18.855731] ================================================================== [ 19.468632] ================================================================== [ 19.468745] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.468745] [ 19.469073] Out-of-bounds read at 0x00000000e8ae6b8a (32B right of kfence-#82): [ 19.469140] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.469475] kunit_try_run_case+0x170/0x3f0 [ 19.469555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.469659] kthread+0x328/0x630 [ 19.469727] ret_from_fork+0x10/0x20 [ 19.469786] [ 19.469884] kfence-#82: 0x000000008ad57ece-0x00000000cc5f8d82, size=32, cache=test [ 19.469884] [ 19.470185] allocated by task 289 on cpu 0 at 19.468088s (0.002087s ago): [ 19.470277] test_alloc+0x230/0x628 [ 19.470321] test_out_of_bounds_read+0x198/0x3e0 [ 19.470430] kunit_try_run_case+0x170/0x3f0 [ 19.470512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.470569] kthread+0x328/0x630 [ 19.470722] ret_from_fork+0x10/0x20 [ 19.470883] [ 19.470926] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.471014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.471354] Hardware name: linux,dummy-virt (DT) [ 19.471450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.646221] ================================================================== [ 18.646280] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.646366] Write of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.646425] [ 18.646473] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.646876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.647217] Hardware name: linux,dummy-virt (DT) [ 18.647517] Call trace: [ 18.647596] show_stack+0x20/0x38 (C) [ 18.647826] dump_stack_lvl+0x8c/0xd0 [ 18.647994] print_report+0x118/0x5d0 [ 18.648295] kasan_report+0xdc/0x128 [ 18.648396] kasan_check_range+0x100/0x1a8 [ 18.648486] __kasan_check_write+0x20/0x30 [ 18.648612] strncpy_from_user+0x3c/0x2a0 [ 18.648693] copy_user_test_oob+0x5c0/0xec8 [ 18.649014] kunit_try_run_case+0x170/0x3f0 [ 18.649116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.649440] kthread+0x328/0x630 [ 18.649571] ret_from_fork+0x10/0x20 [ 18.649670] [ 18.649806] Allocated by task 285: [ 18.649886] kasan_save_stack+0x3c/0x68 [ 18.650001] kasan_save_track+0x20/0x40 [ 18.650053] kasan_save_alloc_info+0x40/0x58 [ 18.650115] __kasan_kmalloc+0xd4/0xd8 [ 18.650388] __kmalloc_noprof+0x198/0x4c8 [ 18.650813] kunit_kmalloc_array+0x34/0x88 [ 18.650944] copy_user_test_oob+0xac/0xec8 [ 18.651014] kunit_try_run_case+0x170/0x3f0 [ 18.651136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.651212] kthread+0x328/0x630 [ 18.651254] ret_from_fork+0x10/0x20 [ 18.651293] [ 18.651315] The buggy address belongs to the object at fff00000c648f500 [ 18.651315] which belongs to the cache kmalloc-128 of size 128 [ 18.651378] The buggy address is located 0 bytes inside of [ 18.651378] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.651568] [ 18.651737] The buggy address belongs to the physical page: [ 18.651827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.652048] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.652235] page_type: f5(slab) [ 18.652311] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.652458] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.652560] page dumped because: kasan: bad access detected [ 18.652645] [ 18.652675] Memory state around the buggy address: [ 18.652711] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.652779] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.652976] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.653032] ^ [ 18.653094] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653142] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653216] ================================================================== [ 18.654423] ================================================================== [ 18.654500] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.654778] Write of size 1 at addr fff00000c648f578 by task kunit_try_catch/285 [ 18.654862] [ 18.655405] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.655520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.655738] Hardware name: linux,dummy-virt (DT) [ 18.656043] Call trace: [ 18.656121] show_stack+0x20/0x38 (C) [ 18.656406] dump_stack_lvl+0x8c/0xd0 [ 18.656817] print_report+0x118/0x5d0 [ 18.656950] kasan_report+0xdc/0x128 [ 18.657339] __asan_report_store1_noabort+0x20/0x30 [ 18.657434] strncpy_from_user+0x270/0x2a0 [ 18.657813] copy_user_test_oob+0x5c0/0xec8 [ 18.657966] kunit_try_run_case+0x170/0x3f0 [ 18.658043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.658147] kthread+0x328/0x630 [ 18.658195] ret_from_fork+0x10/0x20 [ 18.658287] [ 18.658614] Allocated by task 285: [ 18.658675] kasan_save_stack+0x3c/0x68 [ 18.659039] kasan_save_track+0x20/0x40 [ 18.659195] kasan_save_alloc_info+0x40/0x58 [ 18.659267] __kasan_kmalloc+0xd4/0xd8 [ 18.659632] __kmalloc_noprof+0x198/0x4c8 [ 18.659814] kunit_kmalloc_array+0x34/0x88 [ 18.659947] copy_user_test_oob+0xac/0xec8 [ 18.660037] kunit_try_run_case+0x170/0x3f0 [ 18.660177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.660279] kthread+0x328/0x630 [ 18.660319] ret_from_fork+0x10/0x20 [ 18.660683] [ 18.660742] The buggy address belongs to the object at fff00000c648f500 [ 18.660742] which belongs to the cache kmalloc-128 of size 128 [ 18.661115] The buggy address is located 0 bytes to the right of [ 18.661115] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.661354] [ 18.661474] The buggy address belongs to the physical page: [ 18.661550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.661617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.661671] page_type: f5(slab) [ 18.662012] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.662582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.662945] page dumped because: kasan: bad access detected [ 18.663008] [ 18.663064] Memory state around the buggy address: [ 18.663126] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.663193] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663250] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.663399] ^ [ 18.663479] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663529] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663573] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.636493] ================================================================== [ 18.636822] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.637007] Read of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.637070] [ 18.637130] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.637468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.637581] Hardware name: linux,dummy-virt (DT) [ 18.637804] Call trace: [ 18.637845] show_stack+0x20/0x38 (C) [ 18.637915] dump_stack_lvl+0x8c/0xd0 [ 18.637963] print_report+0x118/0x5d0 [ 18.638012] kasan_report+0xdc/0x128 [ 18.638164] kasan_check_range+0x100/0x1a8 [ 18.638228] __kasan_check_read+0x20/0x30 [ 18.638274] copy_user_test_oob+0x4a0/0xec8 [ 18.638323] kunit_try_run_case+0x170/0x3f0 [ 18.638376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638452] kthread+0x328/0x630 [ 18.638511] ret_from_fork+0x10/0x20 [ 18.639015] [ 18.639142] Allocated by task 285: [ 18.639184] kasan_save_stack+0x3c/0x68 [ 18.639508] kasan_save_track+0x20/0x40 [ 18.639707] kasan_save_alloc_info+0x40/0x58 [ 18.639780] __kasan_kmalloc+0xd4/0xd8 [ 18.640072] __kmalloc_noprof+0x198/0x4c8 [ 18.640213] kunit_kmalloc_array+0x34/0x88 [ 18.640284] copy_user_test_oob+0xac/0xec8 [ 18.640539] kunit_try_run_case+0x170/0x3f0 [ 18.640762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.640873] kthread+0x328/0x630 [ 18.640950] ret_from_fork+0x10/0x20 [ 18.641067] [ 18.641130] The buggy address belongs to the object at fff00000c648f500 [ 18.641130] which belongs to the cache kmalloc-128 of size 128 [ 18.641295] The buggy address is located 0 bytes inside of [ 18.641295] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.641367] [ 18.641389] The buggy address belongs to the physical page: [ 18.641763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.642117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.642241] page_type: f5(slab) [ 18.642360] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.642481] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.642911] page dumped because: kasan: bad access detected [ 18.643197] [ 18.643249] Memory state around the buggy address: [ 18.643321] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.643405] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.643488] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.643767] ^ [ 18.643824] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.644143] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.644474] ================================================================== [ 18.577422] ================================================================== [ 18.577524] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.577605] Write of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.578458] [ 18.578580] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.579010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.579100] Hardware name: linux,dummy-virt (DT) [ 18.579193] Call trace: [ 18.579241] show_stack+0x20/0x38 (C) [ 18.579318] dump_stack_lvl+0x8c/0xd0 [ 18.579708] print_report+0x118/0x5d0 [ 18.579803] kasan_report+0xdc/0x128 [ 18.579880] kasan_check_range+0x100/0x1a8 [ 18.580145] __kasan_check_write+0x20/0x30 [ 18.580232] copy_user_test_oob+0x234/0xec8 [ 18.580507] kunit_try_run_case+0x170/0x3f0 [ 18.580608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.580696] kthread+0x328/0x630 [ 18.580769] ret_from_fork+0x10/0x20 [ 18.580886] [ 18.580944] Allocated by task 285: [ 18.581188] kasan_save_stack+0x3c/0x68 [ 18.581270] kasan_save_track+0x20/0x40 [ 18.581563] kasan_save_alloc_info+0x40/0x58 [ 18.581649] __kasan_kmalloc+0xd4/0xd8 [ 18.581712] __kmalloc_noprof+0x198/0x4c8 [ 18.581780] kunit_kmalloc_array+0x34/0x88 [ 18.582096] copy_user_test_oob+0xac/0xec8 [ 18.582199] kunit_try_run_case+0x170/0x3f0 [ 18.582275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.582324] kthread+0x328/0x630 [ 18.582387] ret_from_fork+0x10/0x20 [ 18.582718] [ 18.582770] The buggy address belongs to the object at fff00000c648f500 [ 18.582770] which belongs to the cache kmalloc-128 of size 128 [ 18.582905] The buggy address is located 0 bytes inside of [ 18.582905] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.582977] [ 18.583174] The buggy address belongs to the physical page: [ 18.583366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.583532] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.583893] page_type: f5(slab) [ 18.583969] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.584131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.584462] page dumped because: kasan: bad access detected [ 18.584561] [ 18.584660] Memory state around the buggy address: [ 18.584739] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.585166] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.585241] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.585291] ^ [ 18.585339] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.585418] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.585478] ================================================================== [ 18.594347] ================================================================== [ 18.594628] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.594699] Read of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.595092] [ 18.595133] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.595605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.596039] Hardware name: linux,dummy-virt (DT) [ 18.596118] Call trace: [ 18.596254] show_stack+0x20/0x38 (C) [ 18.596339] dump_stack_lvl+0x8c/0xd0 [ 18.596430] print_report+0x118/0x5d0 [ 18.596554] kasan_report+0xdc/0x128 [ 18.596823] kasan_check_range+0x100/0x1a8 [ 18.597003] __kasan_check_read+0x20/0x30 [ 18.597088] copy_user_test_oob+0x728/0xec8 [ 18.597250] kunit_try_run_case+0x170/0x3f0 [ 18.597445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.597551] kthread+0x328/0x630 [ 18.597613] ret_from_fork+0x10/0x20 [ 18.598067] [ 18.598122] Allocated by task 285: [ 18.598228] kasan_save_stack+0x3c/0x68 [ 18.598315] kasan_save_track+0x20/0x40 [ 18.598409] kasan_save_alloc_info+0x40/0x58 [ 18.598637] __kasan_kmalloc+0xd4/0xd8 [ 18.598859] __kmalloc_noprof+0x198/0x4c8 [ 18.599006] kunit_kmalloc_array+0x34/0x88 [ 18.599095] copy_user_test_oob+0xac/0xec8 [ 18.599240] kunit_try_run_case+0x170/0x3f0 [ 18.599281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.599328] kthread+0x328/0x630 [ 18.599364] ret_from_fork+0x10/0x20 [ 18.599693] [ 18.599749] The buggy address belongs to the object at fff00000c648f500 [ 18.599749] which belongs to the cache kmalloc-128 of size 128 [ 18.599925] The buggy address is located 0 bytes inside of [ 18.599925] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.600106] [ 18.600155] The buggy address belongs to the physical page: [ 18.600223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.600554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.600709] page_type: f5(slab) [ 18.600773] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.601114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.601270] page dumped because: kasan: bad access detected [ 18.601366] [ 18.601509] Memory state around the buggy address: [ 18.601587] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.601636] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602317] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.602397] ^ [ 18.602452] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602500] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602689] ================================================================== [ 18.620155] ================================================================== [ 18.620212] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.620267] Read of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.620322] [ 18.620357] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.620837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.621007] Hardware name: linux,dummy-virt (DT) [ 18.621076] Call trace: [ 18.621102] show_stack+0x20/0x38 (C) [ 18.621162] dump_stack_lvl+0x8c/0xd0 [ 18.621352] print_report+0x118/0x5d0 [ 18.621840] kasan_report+0xdc/0x128 [ 18.622066] kasan_check_range+0x100/0x1a8 [ 18.622143] __kasan_check_read+0x20/0x30 [ 18.622247] copy_user_test_oob+0x3c8/0xec8 [ 18.622332] kunit_try_run_case+0x170/0x3f0 [ 18.622395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622600] kthread+0x328/0x630 [ 18.622896] ret_from_fork+0x10/0x20 [ 18.623058] [ 18.623109] Allocated by task 285: [ 18.623151] kasan_save_stack+0x3c/0x68 [ 18.623199] kasan_save_track+0x20/0x40 [ 18.623240] kasan_save_alloc_info+0x40/0x58 [ 18.623562] __kasan_kmalloc+0xd4/0xd8 [ 18.623639] __kmalloc_noprof+0x198/0x4c8 [ 18.624019] kunit_kmalloc_array+0x34/0x88 [ 18.624142] copy_user_test_oob+0xac/0xec8 [ 18.624228] kunit_try_run_case+0x170/0x3f0 [ 18.624364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.624414] kthread+0x328/0x630 [ 18.624479] ret_from_fork+0x10/0x20 [ 18.624789] [ 18.624819] The buggy address belongs to the object at fff00000c648f500 [ 18.624819] which belongs to the cache kmalloc-128 of size 128 [ 18.625281] The buggy address is located 0 bytes inside of [ 18.625281] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.625398] [ 18.625475] The buggy address belongs to the physical page: [ 18.625511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.625579] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.625640] page_type: f5(slab) [ 18.625680] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.625735] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.625787] page dumped because: kasan: bad access detected [ 18.625831] [ 18.625874] Memory state around the buggy address: [ 18.625922] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.625970] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626016] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.626058] ^ [ 18.626103] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626149] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626191] ================================================================== [ 18.611865] ================================================================== [ 18.612089] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.612175] Write of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.612249] [ 18.612344] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.612437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.612465] Hardware name: linux,dummy-virt (DT) [ 18.612803] Call trace: [ 18.612847] show_stack+0x20/0x38 (C) [ 18.613243] dump_stack_lvl+0x8c/0xd0 [ 18.613343] print_report+0x118/0x5d0 [ 18.613445] kasan_report+0xdc/0x128 [ 18.613738] kasan_check_range+0x100/0x1a8 [ 18.613818] __kasan_check_write+0x20/0x30 [ 18.613943] copy_user_test_oob+0x35c/0xec8 [ 18.614018] kunit_try_run_case+0x170/0x3f0 [ 18.614109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.614185] kthread+0x328/0x630 [ 18.614231] ret_from_fork+0x10/0x20 [ 18.614286] [ 18.614344] Allocated by task 285: [ 18.614401] kasan_save_stack+0x3c/0x68 [ 18.614454] kasan_save_track+0x20/0x40 [ 18.614805] kasan_save_alloc_info+0x40/0x58 [ 18.615151] __kasan_kmalloc+0xd4/0xd8 [ 18.615249] __kmalloc_noprof+0x198/0x4c8 [ 18.615324] kunit_kmalloc_array+0x34/0x88 [ 18.615403] copy_user_test_oob+0xac/0xec8 [ 18.615513] kunit_try_run_case+0x170/0x3f0 [ 18.615603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.615746] kthread+0x328/0x630 [ 18.615804] ret_from_fork+0x10/0x20 [ 18.615844] [ 18.616081] The buggy address belongs to the object at fff00000c648f500 [ 18.616081] which belongs to the cache kmalloc-128 of size 128 [ 18.616324] The buggy address is located 0 bytes inside of [ 18.616324] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.616437] [ 18.616648] The buggy address belongs to the physical page: [ 18.616869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.616937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.616991] page_type: f5(slab) [ 18.617375] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.617447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.617781] page dumped because: kasan: bad access detected [ 18.617905] [ 18.617953] Memory state around the buggy address: [ 18.618027] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.618187] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.618247] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.618600] ^ [ 18.618679] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.619045] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.619145] ================================================================== [ 18.627013] ================================================================== [ 18.627358] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.627435] Write of size 121 at addr fff00000c648f500 by task kunit_try_catch/285 [ 18.627620] [ 18.627790] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.628011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.628307] Hardware name: linux,dummy-virt (DT) [ 18.628617] Call trace: [ 18.628666] show_stack+0x20/0x38 (C) [ 18.628722] dump_stack_lvl+0x8c/0xd0 [ 18.628843] print_report+0x118/0x5d0 [ 18.628915] kasan_report+0xdc/0x128 [ 18.628962] kasan_check_range+0x100/0x1a8 [ 18.629295] __kasan_check_write+0x20/0x30 [ 18.629356] copy_user_test_oob+0x434/0xec8 [ 18.629678] kunit_try_run_case+0x170/0x3f0 [ 18.629845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.630030] kthread+0x328/0x630 [ 18.630084] ret_from_fork+0x10/0x20 [ 18.630414] [ 18.630475] Allocated by task 285: [ 18.630510] kasan_save_stack+0x3c/0x68 [ 18.630666] kasan_save_track+0x20/0x40 [ 18.630750] kasan_save_alloc_info+0x40/0x58 [ 18.630820] __kasan_kmalloc+0xd4/0xd8 [ 18.631120] __kmalloc_noprof+0x198/0x4c8 [ 18.631321] kunit_kmalloc_array+0x34/0x88 [ 18.631401] copy_user_test_oob+0xac/0xec8 [ 18.631724] kunit_try_run_case+0x170/0x3f0 [ 18.631818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.632180] kthread+0x328/0x630 [ 18.632312] ret_from_fork+0x10/0x20 [ 18.632400] [ 18.632463] The buggy address belongs to the object at fff00000c648f500 [ 18.632463] which belongs to the cache kmalloc-128 of size 128 [ 18.632820] The buggy address is located 0 bytes inside of [ 18.632820] allocated 120-byte region [fff00000c648f500, fff00000c648f578) [ 18.633286] [ 18.633334] The buggy address belongs to the physical page: [ 18.633394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.633838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.633932] page_type: f5(slab) [ 18.634013] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.634147] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.634219] page dumped because: kasan: bad access detected [ 18.634262] [ 18.634283] Memory state around the buggy address: [ 18.634603] fff00000c648f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.634961] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.635095] >fff00000c648f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.635181] ^ [ 18.635373] fff00000c648f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.635431] fff00000c648f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.635474] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.537945] ================================================================== [ 18.538290] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.538520] Write of size 8 at addr fff00000c648f478 by task kunit_try_catch/281 [ 18.538730] [ 18.538781] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.539138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.539243] Hardware name: linux,dummy-virt (DT) [ 18.539357] Call trace: [ 18.539413] show_stack+0x20/0x38 (C) [ 18.539526] dump_stack_lvl+0x8c/0xd0 [ 18.539615] print_report+0x118/0x5d0 [ 18.539696] kasan_report+0xdc/0x128 [ 18.539888] kasan_check_range+0x100/0x1a8 [ 18.539961] __kasan_check_write+0x20/0x30 [ 18.540290] copy_to_kernel_nofault+0x8c/0x250 [ 18.540361] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.540494] kunit_try_run_case+0x170/0x3f0 [ 18.540579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540740] kthread+0x328/0x630 [ 18.540828] ret_from_fork+0x10/0x20 [ 18.540904] [ 18.541232] Allocated by task 281: [ 18.541293] kasan_save_stack+0x3c/0x68 [ 18.541437] kasan_save_track+0x20/0x40 [ 18.541517] kasan_save_alloc_info+0x40/0x58 [ 18.541644] __kasan_kmalloc+0xd4/0xd8 [ 18.541721] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.542056] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.542146] kunit_try_run_case+0x170/0x3f0 [ 18.542275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.542351] kthread+0x328/0x630 [ 18.542403] ret_from_fork+0x10/0x20 [ 18.542451] [ 18.542473] The buggy address belongs to the object at fff00000c648f400 [ 18.542473] which belongs to the cache kmalloc-128 of size 128 [ 18.542538] The buggy address is located 0 bytes to the right of [ 18.542538] allocated 120-byte region [fff00000c648f400, fff00000c648f478) [ 18.542606] [ 18.542682] The buggy address belongs to the physical page: [ 18.542734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.542807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.542872] page_type: f5(slab) [ 18.542914] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.542969] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.543012] page dumped because: kasan: bad access detected [ 18.543057] [ 18.543086] Memory state around the buggy address: [ 18.543136] fff00000c648f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.543182] fff00000c648f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543229] >fff00000c648f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.543271] ^ [ 18.543321] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543368] fff00000c648f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543409] ================================================================== [ 18.529641] ================================================================== [ 18.529735] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.529807] Read of size 8 at addr fff00000c648f478 by task kunit_try_catch/281 [ 18.529884] [ 18.529928] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.530026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.530252] Hardware name: linux,dummy-virt (DT) [ 18.530400] Call trace: [ 18.530447] show_stack+0x20/0x38 (C) [ 18.530509] dump_stack_lvl+0x8c/0xd0 [ 18.530890] print_report+0x118/0x5d0 [ 18.531004] kasan_report+0xdc/0x128 [ 18.531162] __asan_report_load8_noabort+0x20/0x30 [ 18.531248] copy_to_kernel_nofault+0x204/0x250 [ 18.531550] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.531603] kunit_try_run_case+0x170/0x3f0 [ 18.531762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.532149] kthread+0x328/0x630 [ 18.532231] ret_from_fork+0x10/0x20 [ 18.532437] [ 18.532506] Allocated by task 281: [ 18.532617] kasan_save_stack+0x3c/0x68 [ 18.532700] kasan_save_track+0x20/0x40 [ 18.533093] kasan_save_alloc_info+0x40/0x58 [ 18.533234] __kasan_kmalloc+0xd4/0xd8 [ 18.533304] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.533428] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.533518] kunit_try_run_case+0x170/0x3f0 [ 18.533654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533937] kthread+0x328/0x630 [ 18.534060] ret_from_fork+0x10/0x20 [ 18.534170] [ 18.534230] The buggy address belongs to the object at fff00000c648f400 [ 18.534230] which belongs to the cache kmalloc-128 of size 128 [ 18.534393] The buggy address is located 0 bytes to the right of [ 18.534393] allocated 120-byte region [fff00000c648f400, fff00000c648f478) [ 18.534502] [ 18.534879] The buggy address belongs to the physical page: [ 18.534942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 18.535130] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.535323] page_type: f5(slab) [ 18.535437] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.535546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.535599] page dumped because: kasan: bad access detected [ 18.535724] [ 18.535776] Memory state around the buggy address: [ 18.535841] fff00000c648f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.535960] fff00000c648f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536047] >fff00000c648f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.536166] ^ [ 18.536242] fff00000c648f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536327] fff00000c648f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536644] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.468419] ================================================================== [ 18.468505] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.468567] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 18.468624] [ 18.468665] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.468755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.468783] Hardware name: linux,dummy-virt (DT) [ 18.468818] Call trace: [ 18.468844] show_stack+0x20/0x38 (C) [ 18.469742] dump_stack_lvl+0x8c/0xd0 [ 18.469847] print_report+0x310/0x5d0 [ 18.469947] kasan_report+0xdc/0x128 [ 18.470015] __asan_report_load1_noabort+0x20/0x30 [ 18.470502] vmalloc_oob+0x578/0x5d0 [ 18.470591] kunit_try_run_case+0x170/0x3f0 [ 18.470989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.471148] kthread+0x328/0x630 [ 18.471243] ret_from_fork+0x10/0x20 [ 18.471407] [ 18.471479] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.472083] The buggy address belongs to the physical page: [ 18.472188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c3f9b000 pfn:0x103f9b [ 18.472355] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.472449] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.472783] raw: fff00000c3f9b000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.472920] page dumped because: kasan: bad access detected [ 18.472965] [ 18.472986] Memory state around the buggy address: [ 18.473296] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.473366] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.473658] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.473747] ^ [ 18.473863] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.473937] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.474182] ================================================================== [ 18.475773] ================================================================== [ 18.476016] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.476112] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 18.476422] [ 18.476484] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.476575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.476605] Hardware name: linux,dummy-virt (DT) [ 18.476640] Call trace: [ 18.476694] show_stack+0x20/0x38 (C) [ 18.476752] dump_stack_lvl+0x8c/0xd0 [ 18.476811] print_report+0x310/0x5d0 [ 18.476879] kasan_report+0xdc/0x128 [ 18.476927] __asan_report_load1_noabort+0x20/0x30 [ 18.476980] vmalloc_oob+0x51c/0x5d0 [ 18.477040] kunit_try_run_case+0x170/0x3f0 [ 18.477099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.477162] kthread+0x328/0x630 [ 18.477216] ret_from_fork+0x10/0x20 [ 18.477265] [ 18.477305] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.477351] The buggy address belongs to the physical page: [ 18.477385] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c3f9b000 pfn:0x103f9b [ 18.477465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.477534] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.477597] raw: fff00000c3f9b000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.477642] page dumped because: kasan: bad access detected [ 18.477676] [ 18.477698] Memory state around the buggy address: [ 18.477734] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.477785] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.477832] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.478597] ^ [ 18.478686] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.478758] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.478824] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.229416] ================================================================== [ 18.229611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.229810] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.230092] [ 18.230144] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.230334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.230399] Hardware name: linux,dummy-virt (DT) [ 18.230479] Call trace: [ 18.230505] show_stack+0x20/0x38 (C) [ 18.230696] dump_stack_lvl+0x8c/0xd0 [ 18.230997] print_report+0x118/0x5d0 [ 18.231202] kasan_report+0xdc/0x128 [ 18.231427] __asan_report_store8_noabort+0x20/0x30 [ 18.231607] kasan_atomics_helper+0x3e5c/0x4858 [ 18.231687] kasan_atomics+0x198/0x2e0 [ 18.231904] kunit_try_run_case+0x170/0x3f0 [ 18.232129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.232383] kthread+0x328/0x630 [ 18.232626] ret_from_fork+0x10/0x20 [ 18.232740] [ 18.232823] Allocated by task 265: [ 18.232970] kasan_save_stack+0x3c/0x68 [ 18.233140] kasan_save_track+0x20/0x40 [ 18.233428] kasan_save_alloc_info+0x40/0x58 [ 18.233635] __kasan_kmalloc+0xd4/0xd8 [ 18.233710] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.233900] kasan_atomics+0xb8/0x2e0 [ 18.234011] kunit_try_run_case+0x170/0x3f0 [ 18.234059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.234106] kthread+0x328/0x630 [ 18.234548] ret_from_fork+0x10/0x20 [ 18.234909] [ 18.234939] The buggy address belongs to the object at fff00000c3f8b900 [ 18.234939] which belongs to the cache kmalloc-64 of size 64 [ 18.235007] The buggy address is located 0 bytes to the right of [ 18.235007] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.235676] [ 18.235845] The buggy address belongs to the physical page: [ 18.236027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.236154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.236530] page_type: f5(slab) [ 18.236703] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.236952] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.237411] page dumped because: kasan: bad access detected [ 18.237514] [ 18.237537] Memory state around the buggy address: [ 18.237722] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.237842] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238032] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.238268] ^ [ 18.238329] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238864] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238975] ================================================================== [ 18.343440] ================================================================== [ 18.343483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.343529] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.343581] [ 18.343612] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.343694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.343723] Hardware name: linux,dummy-virt (DT) [ 18.343756] Call trace: [ 18.343778] show_stack+0x20/0x38 (C) [ 18.343829] dump_stack_lvl+0x8c/0xd0 [ 18.343981] print_report+0x118/0x5d0 [ 18.344541] kasan_report+0xdc/0x128 [ 18.344707] __asan_report_load8_noabort+0x20/0x30 [ 18.345136] kasan_atomics_helper+0x3f04/0x4858 [ 18.345233] kasan_atomics+0x198/0x2e0 [ 18.345307] kunit_try_run_case+0x170/0x3f0 [ 18.346559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.346658] kthread+0x328/0x630 [ 18.346745] ret_from_fork+0x10/0x20 [ 18.346931] [ 18.347111] Allocated by task 265: [ 18.347184] kasan_save_stack+0x3c/0x68 [ 18.347239] kasan_save_track+0x20/0x40 [ 18.347281] kasan_save_alloc_info+0x40/0x58 [ 18.347505] __kasan_kmalloc+0xd4/0xd8 [ 18.347699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.347790] kasan_atomics+0xb8/0x2e0 [ 18.348102] kunit_try_run_case+0x170/0x3f0 [ 18.348240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.348336] kthread+0x328/0x630 [ 18.348708] ret_from_fork+0x10/0x20 [ 18.348748] [ 18.349131] The buggy address belongs to the object at fff00000c3f8b900 [ 18.349131] which belongs to the cache kmalloc-64 of size 64 [ 18.349531] The buggy address is located 0 bytes to the right of [ 18.349531] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.349627] [ 18.349651] The buggy address belongs to the physical page: [ 18.349755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.350018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.350260] page_type: f5(slab) [ 18.350511] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.350577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.351127] page dumped because: kasan: bad access detected [ 18.351180] [ 18.351451] Memory state around the buggy address: [ 18.351646] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.351899] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.352220] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.352436] ^ [ 18.352664] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352842] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352952] ================================================================== [ 18.193102] ================================================================== [ 18.193155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.193210] Read of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.193641] [ 18.193872] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.194422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.194757] Hardware name: linux,dummy-virt (DT) [ 18.194884] Call trace: [ 18.194928] show_stack+0x20/0x38 (C) [ 18.195506] dump_stack_lvl+0x8c/0xd0 [ 18.195675] print_report+0x118/0x5d0 [ 18.195915] kasan_report+0xdc/0x128 [ 18.196087] __asan_report_load4_noabort+0x20/0x30 [ 18.196212] kasan_atomics_helper+0x3e04/0x4858 [ 18.196478] kasan_atomics+0x198/0x2e0 [ 18.196716] kunit_try_run_case+0x170/0x3f0 [ 18.196796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.197163] kthread+0x328/0x630 [ 18.197347] ret_from_fork+0x10/0x20 [ 18.197812] [ 18.198133] Allocated by task 265: [ 18.198200] kasan_save_stack+0x3c/0x68 [ 18.198250] kasan_save_track+0x20/0x40 [ 18.198310] kasan_save_alloc_info+0x40/0x58 [ 18.198634] __kasan_kmalloc+0xd4/0xd8 [ 18.198726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.199146] kasan_atomics+0xb8/0x2e0 [ 18.199286] kunit_try_run_case+0x170/0x3f0 [ 18.199784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.199860] kthread+0x328/0x630 [ 18.200017] ret_from_fork+0x10/0x20 [ 18.200100] [ 18.200143] The buggy address belongs to the object at fff00000c3f8b900 [ 18.200143] which belongs to the cache kmalloc-64 of size 64 [ 18.200209] The buggy address is located 0 bytes to the right of [ 18.200209] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.200290] [ 18.200313] The buggy address belongs to the physical page: [ 18.200347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.200405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.200460] page_type: f5(slab) [ 18.200501] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.200556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.200609] page dumped because: kasan: bad access detected [ 18.200654] [ 18.200683] Memory state around the buggy address: [ 18.200728] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.200774] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.200820] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.200890] ^ [ 18.200957] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.201846] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.201927] ================================================================== [ 18.431350] ================================================================== [ 18.431666] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.431764] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.431834] [ 18.431943] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.432033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.432063] Hardware name: linux,dummy-virt (DT) [ 18.432095] Call trace: [ 18.432119] show_stack+0x20/0x38 (C) [ 18.432168] dump_stack_lvl+0x8c/0xd0 [ 18.432216] print_report+0x118/0x5d0 [ 18.432264] kasan_report+0xdc/0x128 [ 18.432312] kasan_check_range+0x100/0x1a8 [ 18.432375] __kasan_check_write+0x20/0x30 [ 18.432422] kasan_atomics_helper+0x175c/0x4858 [ 18.432472] kasan_atomics+0x198/0x2e0 [ 18.432518] kunit_try_run_case+0x170/0x3f0 [ 18.432567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.432621] kthread+0x328/0x630 [ 18.432663] ret_from_fork+0x10/0x20 [ 18.432712] [ 18.432732] Allocated by task 265: [ 18.432763] kasan_save_stack+0x3c/0x68 [ 18.432806] kasan_save_track+0x20/0x40 [ 18.432873] kasan_save_alloc_info+0x40/0x58 [ 18.432916] __kasan_kmalloc+0xd4/0xd8 [ 18.432956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.433004] kasan_atomics+0xb8/0x2e0 [ 18.433044] kunit_try_run_case+0x170/0x3f0 [ 18.433083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433130] kthread+0x328/0x630 [ 18.433173] ret_from_fork+0x10/0x20 [ 18.433212] [ 18.433233] The buggy address belongs to the object at fff00000c3f8b900 [ 18.433233] which belongs to the cache kmalloc-64 of size 64 [ 18.433294] The buggy address is located 0 bytes to the right of [ 18.433294] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.433364] [ 18.433386] The buggy address belongs to the physical page: [ 18.433418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.433473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.433523] page_type: f5(slab) [ 18.433572] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.433627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.433681] page dumped because: kasan: bad access detected [ 18.433717] [ 18.433739] Memory state around the buggy address: [ 18.433773] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.433825] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.433881] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.434111] ^ [ 18.434172] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.434380] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.435252] ================================================================== [ 18.407877] ================================================================== [ 18.407944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.407998] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.408052] [ 18.408092] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.408388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.408443] Hardware name: linux,dummy-virt (DT) [ 18.408476] Call trace: [ 18.408502] show_stack+0x20/0x38 (C) [ 18.408929] dump_stack_lvl+0x8c/0xd0 [ 18.409268] print_report+0x118/0x5d0 [ 18.409483] kasan_report+0xdc/0x128 [ 18.409537] __asan_report_load8_noabort+0x20/0x30 [ 18.409592] kasan_atomics_helper+0x3df4/0x4858 [ 18.409644] kasan_atomics+0x198/0x2e0 [ 18.409692] kunit_try_run_case+0x170/0x3f0 [ 18.410016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.410170] kthread+0x328/0x630 [ 18.410250] ret_from_fork+0x10/0x20 [ 18.410328] [ 18.410386] Allocated by task 265: [ 18.410693] kasan_save_stack+0x3c/0x68 [ 18.411043] kasan_save_track+0x20/0x40 [ 18.411175] kasan_save_alloc_info+0x40/0x58 [ 18.411258] __kasan_kmalloc+0xd4/0xd8 [ 18.411383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.411471] kasan_atomics+0xb8/0x2e0 [ 18.411577] kunit_try_run_case+0x170/0x3f0 [ 18.411665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.412016] kthread+0x328/0x630 [ 18.412086] ret_from_fork+0x10/0x20 [ 18.412208] [ 18.412286] The buggy address belongs to the object at fff00000c3f8b900 [ 18.412286] which belongs to the cache kmalloc-64 of size 64 [ 18.412667] The buggy address is located 0 bytes to the right of [ 18.412667] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.412836] [ 18.412904] The buggy address belongs to the physical page: [ 18.412977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.413166] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.413309] page_type: f5(slab) [ 18.413395] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.413465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.413513] page dumped because: kasan: bad access detected [ 18.413547] [ 18.413901] Memory state around the buggy address: [ 18.414295] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.414660] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.414752] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.414942] ^ [ 18.415047] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.415376] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.415427] ================================================================== [ 18.258034] ================================================================== [ 18.258164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.258222] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.258276] [ 18.258363] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.258461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.258504] Hardware name: linux,dummy-virt (DT) [ 18.258538] Call trace: [ 18.258907] show_stack+0x20/0x38 (C) [ 18.259123] dump_stack_lvl+0x8c/0xd0 [ 18.259218] print_report+0x118/0x5d0 [ 18.259661] kasan_report+0xdc/0x128 [ 18.259752] kasan_check_range+0x100/0x1a8 [ 18.260118] __kasan_check_write+0x20/0x30 [ 18.260318] kasan_atomics_helper+0xf88/0x4858 [ 18.260505] kasan_atomics+0x198/0x2e0 [ 18.260612] kunit_try_run_case+0x170/0x3f0 [ 18.260664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.260964] kthread+0x328/0x630 [ 18.261154] ret_from_fork+0x10/0x20 [ 18.261667] [ 18.261847] Allocated by task 265: [ 18.261916] kasan_save_stack+0x3c/0x68 [ 18.262290] kasan_save_track+0x20/0x40 [ 18.262546] kasan_save_alloc_info+0x40/0x58 [ 18.262649] __kasan_kmalloc+0xd4/0xd8 [ 18.262885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.262978] kasan_atomics+0xb8/0x2e0 [ 18.263306] kunit_try_run_case+0x170/0x3f0 [ 18.263356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.263403] kthread+0x328/0x630 [ 18.263439] ret_from_fork+0x10/0x20 [ 18.263687] [ 18.264090] The buggy address belongs to the object at fff00000c3f8b900 [ 18.264090] which belongs to the cache kmalloc-64 of size 64 [ 18.264332] The buggy address is located 0 bytes to the right of [ 18.264332] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.264758] [ 18.265009] The buggy address belongs to the physical page: [ 18.265058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.265119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.265203] page_type: f5(slab) [ 18.265246] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.265301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.265347] page dumped because: kasan: bad access detected [ 18.265383] [ 18.265411] Memory state around the buggy address: [ 18.265446] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.265503] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.265559] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.265601] ^ [ 18.265650] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.265696] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.265736] ================================================================== [ 18.401888] ================================================================== [ 18.402247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.402531] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.402628] [ 18.402830] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.403022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.403100] Hardware name: linux,dummy-virt (DT) [ 18.403152] Call trace: [ 18.403178] show_stack+0x20/0x38 (C) [ 18.403583] dump_stack_lvl+0x8c/0xd0 [ 18.403681] print_report+0x118/0x5d0 [ 18.403758] kasan_report+0xdc/0x128 [ 18.404126] kasan_check_range+0x100/0x1a8 [ 18.404318] __kasan_check_write+0x20/0x30 [ 18.404593] kasan_atomics_helper+0x1644/0x4858 [ 18.404817] kasan_atomics+0x198/0x2e0 [ 18.404930] kunit_try_run_case+0x170/0x3f0 [ 18.405027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405088] kthread+0x328/0x630 [ 18.405136] ret_from_fork+0x10/0x20 [ 18.405191] [ 18.405218] Allocated by task 265: [ 18.405250] kasan_save_stack+0x3c/0x68 [ 18.405294] kasan_save_track+0x20/0x40 [ 18.405345] kasan_save_alloc_info+0x40/0x58 [ 18.405386] __kasan_kmalloc+0xd4/0xd8 [ 18.405435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.405481] kasan_atomics+0xb8/0x2e0 [ 18.405526] kunit_try_run_case+0x170/0x3f0 [ 18.405567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405614] kthread+0x328/0x630 [ 18.405649] ret_from_fork+0x10/0x20 [ 18.405686] [ 18.405708] The buggy address belongs to the object at fff00000c3f8b900 [ 18.405708] which belongs to the cache kmalloc-64 of size 64 [ 18.405780] The buggy address is located 0 bytes to the right of [ 18.405780] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.405870] [ 18.405895] The buggy address belongs to the physical page: [ 18.405937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.405993] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.406044] page_type: f5(slab) [ 18.406090] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.406151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.406197] page dumped because: kasan: bad access detected [ 18.406232] [ 18.406263] Memory state around the buggy address: [ 18.406297] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.406344] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.406392] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.406433] ^ [ 18.406475] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.406522] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.406564] ================================================================== [ 18.285704] ================================================================== [ 18.285837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.285955] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.286321] [ 18.286571] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.286991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.287129] Hardware name: linux,dummy-virt (DT) [ 18.287227] Call trace: [ 18.287350] show_stack+0x20/0x38 (C) [ 18.287423] dump_stack_lvl+0x8c/0xd0 [ 18.287607] print_report+0x118/0x5d0 [ 18.287665] kasan_report+0xdc/0x128 [ 18.287721] kasan_check_range+0x100/0x1a8 [ 18.288010] __kasan_check_write+0x20/0x30 [ 18.288118] kasan_atomics_helper+0x10c0/0x4858 [ 18.288453] kasan_atomics+0x198/0x2e0 [ 18.288657] kunit_try_run_case+0x170/0x3f0 [ 18.288828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.288915] kthread+0x328/0x630 [ 18.288992] ret_from_fork+0x10/0x20 [ 18.289364] [ 18.289750] Allocated by task 265: [ 18.289822] kasan_save_stack+0x3c/0x68 [ 18.289985] kasan_save_track+0x20/0x40 [ 18.290049] kasan_save_alloc_info+0x40/0x58 [ 18.290100] __kasan_kmalloc+0xd4/0xd8 [ 18.290138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.290180] kasan_atomics+0xb8/0x2e0 [ 18.290218] kunit_try_run_case+0x170/0x3f0 [ 18.290259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.290304] kthread+0x328/0x630 [ 18.290383] ret_from_fork+0x10/0x20 [ 18.290425] [ 18.290453] The buggy address belongs to the object at fff00000c3f8b900 [ 18.290453] which belongs to the cache kmalloc-64 of size 64 [ 18.290517] The buggy address is located 0 bytes to the right of [ 18.290517] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.290899] [ 18.290925] The buggy address belongs to the physical page: [ 18.291881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.291957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.292481] page_type: f5(slab) [ 18.292583] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.292862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.293355] page dumped because: kasan: bad access detected [ 18.293439] [ 18.293699] Memory state around the buggy address: [ 18.293778] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.294287] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.294606] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.294776] ^ [ 18.294917] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294980] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.295036] ================================================================== [ 18.301397] ================================================================== [ 18.301450] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.301500] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.301554] [ 18.301584] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.301668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.301696] Hardware name: linux,dummy-virt (DT) [ 18.301730] Call trace: [ 18.301789] show_stack+0x20/0x38 (C) [ 18.301844] dump_stack_lvl+0x8c/0xd0 [ 18.302880] print_report+0x118/0x5d0 [ 18.302936] kasan_report+0xdc/0x128 [ 18.303547] kasan_check_range+0x100/0x1a8 [ 18.303836] __kasan_check_write+0x20/0x30 [ 18.303932] kasan_atomics_helper+0x1190/0x4858 [ 18.304040] kasan_atomics+0x198/0x2e0 [ 18.304107] kunit_try_run_case+0x170/0x3f0 [ 18.304212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304378] kthread+0x328/0x630 [ 18.304846] ret_from_fork+0x10/0x20 [ 18.304969] [ 18.305064] Allocated by task 265: [ 18.305143] kasan_save_stack+0x3c/0x68 [ 18.305274] kasan_save_track+0x20/0x40 [ 18.305341] kasan_save_alloc_info+0x40/0x58 [ 18.305478] __kasan_kmalloc+0xd4/0xd8 [ 18.305519] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.305883] kasan_atomics+0xb8/0x2e0 [ 18.306288] kunit_try_run_case+0x170/0x3f0 [ 18.306390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.306473] kthread+0x328/0x630 [ 18.306541] ret_from_fork+0x10/0x20 [ 18.306596] [ 18.306890] The buggy address belongs to the object at fff00000c3f8b900 [ 18.306890] which belongs to the cache kmalloc-64 of size 64 [ 18.306971] The buggy address is located 0 bytes to the right of [ 18.306971] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.307088] [ 18.307345] The buggy address belongs to the physical page: [ 18.307397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.307482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.307560] page_type: f5(slab) [ 18.307827] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.308006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.308566] page dumped because: kasan: bad access detected [ 18.308619] [ 18.308674] Memory state around the buggy address: [ 18.308734] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.308930] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309212] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.309411] ^ [ 18.309648] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.309970] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310344] ================================================================== [ 18.265976] ================================================================== [ 18.266027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.266088] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.266141] [ 18.266170] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.266263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.266291] Hardware name: linux,dummy-virt (DT) [ 18.266324] Call trace: [ 18.266347] show_stack+0x20/0x38 (C) [ 18.266397] dump_stack_lvl+0x8c/0xd0 [ 18.266449] print_report+0x118/0x5d0 [ 18.266504] kasan_report+0xdc/0x128 [ 18.266551] kasan_check_range+0x100/0x1a8 [ 18.266629] __kasan_check_write+0x20/0x30 [ 18.267310] kasan_atomics_helper+0xff0/0x4858 [ 18.267756] kasan_atomics+0x198/0x2e0 [ 18.267834] kunit_try_run_case+0x170/0x3f0 [ 18.267932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.268222] kthread+0x328/0x630 [ 18.268363] ret_from_fork+0x10/0x20 [ 18.268784] [ 18.268819] Allocated by task 265: [ 18.268870] kasan_save_stack+0x3c/0x68 [ 18.269192] kasan_save_track+0x20/0x40 [ 18.269553] kasan_save_alloc_info+0x40/0x58 [ 18.269734] __kasan_kmalloc+0xd4/0xd8 [ 18.269812] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.269934] kasan_atomics+0xb8/0x2e0 [ 18.270021] kunit_try_run_case+0x170/0x3f0 [ 18.270189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.270250] kthread+0x328/0x630 [ 18.270464] ret_from_fork+0x10/0x20 [ 18.270690] [ 18.270977] The buggy address belongs to the object at fff00000c3f8b900 [ 18.270977] which belongs to the cache kmalloc-64 of size 64 [ 18.271181] The buggy address is located 0 bytes to the right of [ 18.271181] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.271601] [ 18.271640] The buggy address belongs to the physical page: [ 18.271818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.272036] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.272095] page_type: f5(slab) [ 18.272301] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.272541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.272916] page dumped because: kasan: bad access detected [ 18.272994] [ 18.273174] Memory state around the buggy address: [ 18.273307] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.273551] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.273916] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.274007] ^ [ 18.274440] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274520] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274562] ================================================================== [ 18.320987] ================================================================== [ 18.321079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.321132] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.321526] [ 18.321686] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.321786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.321896] Hardware name: linux,dummy-virt (DT) [ 18.321931] Call trace: [ 18.321957] show_stack+0x20/0x38 (C) [ 18.322136] dump_stack_lvl+0x8c/0xd0 [ 18.322475] print_report+0x118/0x5d0 [ 18.322656] kasan_report+0xdc/0x128 [ 18.322866] kasan_check_range+0x100/0x1a8 [ 18.323010] __kasan_check_write+0x20/0x30 [ 18.323061] kasan_atomics_helper+0x126c/0x4858 [ 18.323111] kasan_atomics+0x198/0x2e0 [ 18.323157] kunit_try_run_case+0x170/0x3f0 [ 18.323206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.323261] kthread+0x328/0x630 [ 18.323304] ret_from_fork+0x10/0x20 [ 18.323352] [ 18.323373] Allocated by task 265: [ 18.323404] kasan_save_stack+0x3c/0x68 [ 18.323446] kasan_save_track+0x20/0x40 [ 18.323885] kasan_save_alloc_info+0x40/0x58 [ 18.324345] __kasan_kmalloc+0xd4/0xd8 [ 18.324450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.324494] kasan_atomics+0xb8/0x2e0 [ 18.324534] kunit_try_run_case+0x170/0x3f0 [ 18.324575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.324626] kthread+0x328/0x630 [ 18.324669] ret_from_fork+0x10/0x20 [ 18.324707] [ 18.324747] The buggy address belongs to the object at fff00000c3f8b900 [ 18.324747] which belongs to the cache kmalloc-64 of size 64 [ 18.324813] The buggy address is located 0 bytes to the right of [ 18.324813] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.324892] [ 18.324930] The buggy address belongs to the physical page: [ 18.324973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.325029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.325088] page_type: f5(slab) [ 18.325128] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.325204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.325260] page dumped because: kasan: bad access detected [ 18.325302] [ 18.325323] Memory state around the buggy address: [ 18.325357] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.325405] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.325487] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.325532] ^ [ 18.325569] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.325619] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.325665] ================================================================== [ 18.326716] ================================================================== [ 18.326772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.327298] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.327361] [ 18.327569] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.328179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.328231] Hardware name: linux,dummy-virt (DT) [ 18.328412] Call trace: [ 18.328574] show_stack+0x20/0x38 (C) [ 18.329047] dump_stack_lvl+0x8c/0xd0 [ 18.329248] print_report+0x118/0x5d0 [ 18.329307] kasan_report+0xdc/0x128 [ 18.329374] kasan_check_range+0x100/0x1a8 [ 18.329672] __kasan_check_write+0x20/0x30 [ 18.329782] kasan_atomics_helper+0x12d8/0x4858 [ 18.330207] kasan_atomics+0x198/0x2e0 [ 18.330374] kunit_try_run_case+0x170/0x3f0 [ 18.330514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.330575] kthread+0x328/0x630 [ 18.331003] ret_from_fork+0x10/0x20 [ 18.331421] [ 18.331479] Allocated by task 265: [ 18.331533] kasan_save_stack+0x3c/0x68 [ 18.331703] kasan_save_track+0x20/0x40 [ 18.331780] kasan_save_alloc_info+0x40/0x58 [ 18.331997] __kasan_kmalloc+0xd4/0xd8 [ 18.332206] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.332288] kasan_atomics+0xb8/0x2e0 [ 18.332806] kunit_try_run_case+0x170/0x3f0 [ 18.332920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.333270] kthread+0x328/0x630 [ 18.333324] ret_from_fork+0x10/0x20 [ 18.333737] [ 18.334186] The buggy address belongs to the object at fff00000c3f8b900 [ 18.334186] which belongs to the cache kmalloc-64 of size 64 [ 18.334403] The buggy address is located 0 bytes to the right of [ 18.334403] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.334953] [ 18.335057] The buggy address belongs to the physical page: [ 18.335131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.335197] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.335251] page_type: f5(slab) [ 18.335755] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.336119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.336222] page dumped because: kasan: bad access detected [ 18.336328] [ 18.336351] Memory state around the buggy address: [ 18.336816] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.337128] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.337281] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.337676] ^ [ 18.338118] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.338215] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.338462] ================================================================== [ 18.354114] ================================================================== [ 18.354207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.354578] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.354699] [ 18.354812] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.355260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.355325] Hardware name: linux,dummy-virt (DT) [ 18.355406] Call trace: [ 18.355501] show_stack+0x20/0x38 (C) [ 18.355592] dump_stack_lvl+0x8c/0xd0 [ 18.355644] print_report+0x118/0x5d0 [ 18.355700] kasan_report+0xdc/0x128 [ 18.356035] kasan_check_range+0x100/0x1a8 [ 18.356395] __kasan_check_write+0x20/0x30 [ 18.356527] kasan_atomics_helper+0x1414/0x4858 [ 18.356626] kasan_atomics+0x198/0x2e0 [ 18.356747] kunit_try_run_case+0x170/0x3f0 [ 18.356866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.357011] kthread+0x328/0x630 [ 18.357062] ret_from_fork+0x10/0x20 [ 18.357393] [ 18.357450] Allocated by task 265: [ 18.357607] kasan_save_stack+0x3c/0x68 [ 18.357780] kasan_save_track+0x20/0x40 [ 18.357923] kasan_save_alloc_info+0x40/0x58 [ 18.358057] __kasan_kmalloc+0xd4/0xd8 [ 18.358167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.358288] kasan_atomics+0xb8/0x2e0 [ 18.358331] kunit_try_run_case+0x170/0x3f0 [ 18.358407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.358755] kthread+0x328/0x630 [ 18.358819] ret_from_fork+0x10/0x20 [ 18.358994] [ 18.359029] The buggy address belongs to the object at fff00000c3f8b900 [ 18.359029] which belongs to the cache kmalloc-64 of size 64 [ 18.359303] The buggy address is located 0 bytes to the right of [ 18.359303] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.359758] [ 18.359801] The buggy address belongs to the physical page: [ 18.359871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.360288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.360406] page_type: f5(slab) [ 18.360482] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.360789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.360886] page dumped because: kasan: bad access detected [ 18.361030] [ 18.361091] Memory state around the buggy address: [ 18.361153] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.361202] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.361473] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.361607] ^ [ 18.361971] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.362089] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.362173] ================================================================== [ 18.363431] ================================================================== [ 18.363496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.363550] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.363604] [ 18.363639] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.363723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.363751] Hardware name: linux,dummy-virt (DT) [ 18.363785] Call trace: [ 18.363867] show_stack+0x20/0x38 (C) [ 18.363926] dump_stack_lvl+0x8c/0xd0 [ 18.363976] print_report+0x118/0x5d0 [ 18.364032] kasan_report+0xdc/0x128 [ 18.364081] kasan_check_range+0x100/0x1a8 [ 18.364138] __kasan_check_write+0x20/0x30 [ 18.364186] kasan_atomics_helper+0x147c/0x4858 [ 18.364237] kasan_atomics+0x198/0x2e0 [ 18.364284] kunit_try_run_case+0x170/0x3f0 [ 18.364333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364393] kthread+0x328/0x630 [ 18.364436] ret_from_fork+0x10/0x20 [ 18.364489] [ 18.364511] Allocated by task 265: [ 18.364545] kasan_save_stack+0x3c/0x68 [ 18.364590] kasan_save_track+0x20/0x40 [ 18.364635] kasan_save_alloc_info+0x40/0x58 [ 18.364678] __kasan_kmalloc+0xd4/0xd8 [ 18.364716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.364758] kasan_atomics+0xb8/0x2e0 [ 18.364801] kunit_try_run_case+0x170/0x3f0 [ 18.364842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.365549] kthread+0x328/0x630 [ 18.365842] ret_from_fork+0x10/0x20 [ 18.365917] [ 18.365964] The buggy address belongs to the object at fff00000c3f8b900 [ 18.365964] which belongs to the cache kmalloc-64 of size 64 [ 18.366263] The buggy address is located 0 bytes to the right of [ 18.366263] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.366409] [ 18.366441] The buggy address belongs to the physical page: [ 18.366477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.366814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.366923] page_type: f5(slab) [ 18.366979] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.367392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.367494] page dumped because: kasan: bad access detected [ 18.367596] [ 18.367732] Memory state around the buggy address: [ 18.367925] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.368070] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.368148] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.368516] ^ [ 18.368672] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.368768] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.369041] ================================================================== [ 18.424071] ================================================================== [ 18.424139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.424192] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.424253] [ 18.424286] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.424370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.424398] Hardware name: linux,dummy-virt (DT) [ 18.424431] Call trace: [ 18.424453] show_stack+0x20/0x38 (C) [ 18.424504] dump_stack_lvl+0x8c/0xd0 [ 18.424551] print_report+0x118/0x5d0 [ 18.424601] kasan_report+0xdc/0x128 [ 18.425194] __asan_report_load8_noabort+0x20/0x30 [ 18.425468] kasan_atomics_helper+0x3e10/0x4858 [ 18.425623] kasan_atomics+0x198/0x2e0 [ 18.425928] kunit_try_run_case+0x170/0x3f0 [ 18.426091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.426162] kthread+0x328/0x630 [ 18.426206] ret_from_fork+0x10/0x20 [ 18.426274] [ 18.426324] Allocated by task 265: [ 18.426383] kasan_save_stack+0x3c/0x68 [ 18.426753] kasan_save_track+0x20/0x40 [ 18.426893] kasan_save_alloc_info+0x40/0x58 [ 18.426969] __kasan_kmalloc+0xd4/0xd8 [ 18.427308] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.427392] kasan_atomics+0xb8/0x2e0 [ 18.427466] kunit_try_run_case+0x170/0x3f0 [ 18.427609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.427696] kthread+0x328/0x630 [ 18.428002] ret_from_fork+0x10/0x20 [ 18.428062] [ 18.428084] The buggy address belongs to the object at fff00000c3f8b900 [ 18.428084] which belongs to the cache kmalloc-64 of size 64 [ 18.428147] The buggy address is located 0 bytes to the right of [ 18.428147] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.428217] [ 18.428239] The buggy address belongs to the physical page: [ 18.428272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.428442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.428610] page_type: f5(slab) [ 18.428685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.429035] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.429119] page dumped because: kasan: bad access detected [ 18.429176] [ 18.429198] Memory state around the buggy address: [ 18.429235] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.429586] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.429689] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.430009] ^ [ 18.430091] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.430455] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.430525] ================================================================== [ 18.184159] ================================================================== [ 18.184213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.184266] Write of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.184319] [ 18.184760] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.184930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.184979] Hardware name: linux,dummy-virt (DT) [ 18.185014] Call trace: [ 18.185039] show_stack+0x20/0x38 (C) [ 18.185375] dump_stack_lvl+0x8c/0xd0 [ 18.185726] print_report+0x118/0x5d0 [ 18.185802] kasan_report+0xdc/0x128 [ 18.185864] kasan_check_range+0x100/0x1a8 [ 18.185956] __kasan_check_write+0x20/0x30 [ 18.186012] kasan_atomics_helper+0xd3c/0x4858 [ 18.186063] kasan_atomics+0x198/0x2e0 [ 18.186180] kunit_try_run_case+0x170/0x3f0 [ 18.186231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.186288] kthread+0x328/0x630 [ 18.186511] ret_from_fork+0x10/0x20 [ 18.186749] [ 18.187078] Allocated by task 265: [ 18.187183] kasan_save_stack+0x3c/0x68 [ 18.187280] kasan_save_track+0x20/0x40 [ 18.187459] kasan_save_alloc_info+0x40/0x58 [ 18.187507] __kasan_kmalloc+0xd4/0xd8 [ 18.187942] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.188032] kasan_atomics+0xb8/0x2e0 [ 18.188094] kunit_try_run_case+0x170/0x3f0 [ 18.188434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.188501] kthread+0x328/0x630 [ 18.189131] ret_from_fork+0x10/0x20 [ 18.189378] [ 18.189496] The buggy address belongs to the object at fff00000c3f8b900 [ 18.189496] which belongs to the cache kmalloc-64 of size 64 [ 18.189705] The buggy address is located 0 bytes to the right of [ 18.189705] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.190135] [ 18.190198] The buggy address belongs to the physical page: [ 18.190279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.190521] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.190940] page_type: f5(slab) [ 18.191011] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.191260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.191423] page dumped because: kasan: bad access detected [ 18.191556] [ 18.191794] Memory state around the buggy address: [ 18.191838] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.192163] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.192344] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.192484] ^ [ 18.192553] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192610] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192652] ================================================================== [ 18.085102] ================================================================== [ 18.085163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 18.085214] Read of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.085267] [ 18.085296] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.085378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.085636] Hardware name: linux,dummy-virt (DT) [ 18.085737] Call trace: [ 18.085764] show_stack+0x20/0x38 (C) [ 18.086024] dump_stack_lvl+0x8c/0xd0 [ 18.086078] print_report+0x118/0x5d0 [ 18.086577] kasan_atomics_helper+0x42d8/0x4858 [ 18.087580] kasan_save_track+0x20/0x40 [ 18.087628] kasan_save_alloc_info+0x40/0x58 [ 18.088210] kunit_try_run_case+0x170/0x3f0 [ 18.088831] The buggy address is located 0 bytes to the right of [ 18.088831] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.091089] ================================================================== [ 18.379696] ================================================================== [ 18.379919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.379993] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.380048] [ 18.380091] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.380177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.380220] Hardware name: linux,dummy-virt (DT) [ 18.380263] Call trace: [ 18.380287] show_stack+0x20/0x38 (C) [ 18.380339] dump_stack_lvl+0x8c/0xd0 [ 18.380393] print_report+0x118/0x5d0 [ 18.380442] kasan_report+0xdc/0x128 [ 18.380496] kasan_check_range+0x100/0x1a8 [ 18.380546] __kasan_check_write+0x20/0x30 [ 18.380597] kasan_atomics_helper+0x154c/0x4858 [ 18.380647] kasan_atomics+0x198/0x2e0 [ 18.380695] kunit_try_run_case+0x170/0x3f0 [ 18.380744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.380800] kthread+0x328/0x630 [ 18.380842] ret_from_fork+0x10/0x20 [ 18.380902] [ 18.380924] Allocated by task 265: [ 18.380953] kasan_save_stack+0x3c/0x68 [ 18.380997] kasan_save_track+0x20/0x40 [ 18.381036] kasan_save_alloc_info+0x40/0x58 [ 18.381079] __kasan_kmalloc+0xd4/0xd8 [ 18.381127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.381177] kasan_atomics+0xb8/0x2e0 [ 18.381215] kunit_try_run_case+0x170/0x3f0 [ 18.381256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.381301] kthread+0x328/0x630 [ 18.381344] ret_from_fork+0x10/0x20 [ 18.381384] [ 18.381416] The buggy address belongs to the object at fff00000c3f8b900 [ 18.381416] which belongs to the cache kmalloc-64 of size 64 [ 18.381480] The buggy address is located 0 bytes to the right of [ 18.381480] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.381557] [ 18.381587] The buggy address belongs to the physical page: [ 18.381623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.381678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.381728] page_type: f5(slab) [ 18.381768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.381823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.381877] page dumped because: kasan: bad access detected [ 18.381911] [ 18.382876] Memory state around the buggy address: [ 18.382946] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.383030] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.383098] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.383158] ^ [ 18.383217] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.383287] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.383375] ================================================================== [ 18.369903] ================================================================== [ 18.370091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.370176] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.370397] [ 18.370447] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.370535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.370609] Hardware name: linux,dummy-virt (DT) [ 18.370704] Call trace: [ 18.370799] show_stack+0x20/0x38 (C) [ 18.370867] dump_stack_lvl+0x8c/0xd0 [ 18.371109] print_report+0x118/0x5d0 [ 18.371379] kasan_report+0xdc/0x128 [ 18.371487] kasan_check_range+0x100/0x1a8 [ 18.371861] __kasan_check_write+0x20/0x30 [ 18.371997] kasan_atomics_helper+0x14e4/0x4858 [ 18.372107] kasan_atomics+0x198/0x2e0 [ 18.372290] kunit_try_run_case+0x170/0x3f0 [ 18.372345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.372793] kthread+0x328/0x630 [ 18.373201] ret_from_fork+0x10/0x20 [ 18.373389] [ 18.373519] Allocated by task 265: [ 18.373647] kasan_save_stack+0x3c/0x68 [ 18.373716] kasan_save_track+0x20/0x40 [ 18.373797] kasan_save_alloc_info+0x40/0x58 [ 18.374096] __kasan_kmalloc+0xd4/0xd8 [ 18.374452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.374598] kasan_atomics+0xb8/0x2e0 [ 18.374672] kunit_try_run_case+0x170/0x3f0 [ 18.374799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.374889] kthread+0x328/0x630 [ 18.374997] ret_from_fork+0x10/0x20 [ 18.375039] [ 18.375063] The buggy address belongs to the object at fff00000c3f8b900 [ 18.375063] which belongs to the cache kmalloc-64 of size 64 [ 18.375358] The buggy address is located 0 bytes to the right of [ 18.375358] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.375944] [ 18.375985] The buggy address belongs to the physical page: [ 18.376065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.376126] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.376491] page_type: f5(slab) [ 18.376892] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.377058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.377234] page dumped because: kasan: bad access detected [ 18.377271] [ 18.377569] Memory state around the buggy address: [ 18.377889] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.377973] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.378136] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.378182] ^ [ 18.378586] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378651] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378816] ================================================================== [ 18.275682] ================================================================== [ 18.275883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.275947] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.276056] [ 18.276092] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.276318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.276351] Hardware name: linux,dummy-virt (DT) [ 18.276409] Call trace: [ 18.276466] show_stack+0x20/0x38 (C) [ 18.276520] dump_stack_lvl+0x8c/0xd0 [ 18.276738] print_report+0x118/0x5d0 [ 18.277044] kasan_report+0xdc/0x128 [ 18.277105] kasan_check_range+0x100/0x1a8 [ 18.277280] __kasan_check_write+0x20/0x30 [ 18.277522] kasan_atomics_helper+0x1058/0x4858 [ 18.277592] kasan_atomics+0x198/0x2e0 [ 18.277977] kunit_try_run_case+0x170/0x3f0 [ 18.278242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278536] kthread+0x328/0x630 [ 18.278645] ret_from_fork+0x10/0x20 [ 18.278840] [ 18.279000] Allocated by task 265: [ 18.279034] kasan_save_stack+0x3c/0x68 [ 18.279080] kasan_save_track+0x20/0x40 [ 18.279295] kasan_save_alloc_info+0x40/0x58 [ 18.279746] __kasan_kmalloc+0xd4/0xd8 [ 18.279998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.280173] kasan_atomics+0xb8/0x2e0 [ 18.280262] kunit_try_run_case+0x170/0x3f0 [ 18.280375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.280424] kthread+0x328/0x630 [ 18.280580] ret_from_fork+0x10/0x20 [ 18.281035] [ 18.281124] The buggy address belongs to the object at fff00000c3f8b900 [ 18.281124] which belongs to the cache kmalloc-64 of size 64 [ 18.281425] The buggy address is located 0 bytes to the right of [ 18.281425] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.281806] [ 18.281971] The buggy address belongs to the physical page: [ 18.282081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.282339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.282583] page_type: f5(slab) [ 18.282645] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.283176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.283241] page dumped because: kasan: bad access detected [ 18.283278] [ 18.283525] Memory state around the buggy address: [ 18.283612] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.283696] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.284057] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.284158] ^ [ 18.284200] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.284870] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.284940] ================================================================== [ 18.240180] ================================================================== [ 18.240236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.240290] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.240344] [ 18.240565] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.240767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.240799] Hardware name: linux,dummy-virt (DT) [ 18.240833] Call trace: [ 18.240870] show_stack+0x20/0x38 (C) [ 18.240923] dump_stack_lvl+0x8c/0xd0 [ 18.240970] print_report+0x118/0x5d0 [ 18.241038] kasan_report+0xdc/0x128 [ 18.241085] kasan_check_range+0x100/0x1a8 [ 18.241135] __kasan_check_write+0x20/0x30 [ 18.241182] kasan_atomics_helper+0xeb8/0x4858 [ 18.241240] kasan_atomics+0x198/0x2e0 [ 18.241291] kunit_try_run_case+0x170/0x3f0 [ 18.241343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.241398] kthread+0x328/0x630 [ 18.241442] ret_from_fork+0x10/0x20 [ 18.241490] [ 18.241511] Allocated by task 265: [ 18.241544] kasan_save_stack+0x3c/0x68 [ 18.241590] kasan_save_track+0x20/0x40 [ 18.241633] kasan_save_alloc_info+0x40/0x58 [ 18.241674] __kasan_kmalloc+0xd4/0xd8 [ 18.241726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.241771] kasan_atomics+0xb8/0x2e0 [ 18.241809] kunit_try_run_case+0x170/0x3f0 [ 18.242019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.242204] kthread+0x328/0x630 [ 18.242410] ret_from_fork+0x10/0x20 [ 18.242926] [ 18.243256] The buggy address belongs to the object at fff00000c3f8b900 [ 18.243256] which belongs to the cache kmalloc-64 of size 64 [ 18.243332] The buggy address is located 0 bytes to the right of [ 18.243332] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.243403] [ 18.243424] The buggy address belongs to the physical page: [ 18.243458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.244207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.244283] page_type: f5(slab) [ 18.244327] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.244667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.244964] page dumped because: kasan: bad access detected [ 18.245253] [ 18.245669] Memory state around the buggy address: [ 18.245765] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.246219] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.246342] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.246597] ^ [ 18.246787] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.246843] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.246896] ================================================================== [ 18.416190] ================================================================== [ 18.416402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.416493] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.416559] [ 18.416641] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.416731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.416759] Hardware name: linux,dummy-virt (DT) [ 18.416808] Call trace: [ 18.416833] show_stack+0x20/0x38 (C) [ 18.416895] dump_stack_lvl+0x8c/0xd0 [ 18.416942] print_report+0x118/0x5d0 [ 18.417241] kasan_report+0xdc/0x128 [ 18.417583] kasan_check_range+0x100/0x1a8 [ 18.417656] __kasan_check_write+0x20/0x30 [ 18.417713] kasan_atomics_helper+0x16d0/0x4858 [ 18.418220] kasan_atomics+0x198/0x2e0 [ 18.418305] kunit_try_run_case+0x170/0x3f0 [ 18.418357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.418478] kthread+0x328/0x630 [ 18.418549] ret_from_fork+0x10/0x20 [ 18.418715] [ 18.418743] Allocated by task 265: [ 18.418773] kasan_save_stack+0x3c/0x68 [ 18.418843] kasan_save_track+0x20/0x40 [ 18.418894] kasan_save_alloc_info+0x40/0x58 [ 18.419237] __kasan_kmalloc+0xd4/0xd8 [ 18.419457] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.419613] kasan_atomics+0xb8/0x2e0 [ 18.419696] kunit_try_run_case+0x170/0x3f0 [ 18.419813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.419889] kthread+0x328/0x630 [ 18.419979] ret_from_fork+0x10/0x20 [ 18.420125] [ 18.420185] The buggy address belongs to the object at fff00000c3f8b900 [ 18.420185] which belongs to the cache kmalloc-64 of size 64 [ 18.420434] The buggy address is located 0 bytes to the right of [ 18.420434] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.420636] [ 18.420686] The buggy address belongs to the physical page: [ 18.421012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.421080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.421134] page_type: f5(slab) [ 18.421485] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.421830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.421920] page dumped because: kasan: bad access detected [ 18.421975] [ 18.422068] Memory state around the buggy address: [ 18.422177] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.422226] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.422533] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.422675] ^ [ 18.422738] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423091] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423369] ================================================================== [ 18.383996] ================================================================== [ 18.384050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.384102] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.384389] [ 18.384865] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.384973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.385018] Hardware name: linux,dummy-virt (DT) [ 18.385053] Call trace: [ 18.385128] show_stack+0x20/0x38 (C) [ 18.385203] dump_stack_lvl+0x8c/0xd0 [ 18.385253] print_report+0x118/0x5d0 [ 18.385318] kasan_report+0xdc/0x128 [ 18.385369] kasan_check_range+0x100/0x1a8 [ 18.385699] __kasan_check_write+0x20/0x30 [ 18.385786] kasan_atomics_helper+0x15b4/0x4858 [ 18.386126] kasan_atomics+0x198/0x2e0 [ 18.386223] kunit_try_run_case+0x170/0x3f0 [ 18.386275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.386330] kthread+0x328/0x630 [ 18.386483] ret_from_fork+0x10/0x20 [ 18.386538] [ 18.386582] Allocated by task 265: [ 18.386612] kasan_save_stack+0x3c/0x68 [ 18.386963] kasan_save_track+0x20/0x40 [ 18.387038] kasan_save_alloc_info+0x40/0x58 [ 18.387450] __kasan_kmalloc+0xd4/0xd8 [ 18.387585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.387664] kasan_atomics+0xb8/0x2e0 [ 18.387815] kunit_try_run_case+0x170/0x3f0 [ 18.388146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.388291] kthread+0x328/0x630 [ 18.388624] ret_from_fork+0x10/0x20 [ 18.388824] [ 18.389151] The buggy address belongs to the object at fff00000c3f8b900 [ 18.389151] which belongs to the cache kmalloc-64 of size 64 [ 18.389722] The buggy address is located 0 bytes to the right of [ 18.389722] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.390088] [ 18.390511] The buggy address belongs to the physical page: [ 18.390595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.390696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.390753] page_type: f5(slab) [ 18.390796] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.390870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.390917] page dumped because: kasan: bad access detected [ 18.391230] [ 18.391307] Memory state around the buggy address: [ 18.391635] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.391772] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.391987] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.392175] ^ [ 18.392544] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.392650] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.392726] ================================================================== [ 18.310934] ================================================================== [ 18.311266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.311338] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.311562] [ 18.311730] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.311881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.311917] Hardware name: linux,dummy-virt (DT) [ 18.311996] Call trace: [ 18.312161] show_stack+0x20/0x38 (C) [ 18.312353] dump_stack_lvl+0x8c/0xd0 [ 18.312438] print_report+0x118/0x5d0 [ 18.312491] kasan_report+0xdc/0x128 [ 18.312537] kasan_check_range+0x100/0x1a8 [ 18.312890] __kasan_check_write+0x20/0x30 [ 18.312963] kasan_atomics_helper+0x11f8/0x4858 [ 18.313017] kasan_atomics+0x198/0x2e0 [ 18.313063] kunit_try_run_case+0x170/0x3f0 [ 18.313660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.313746] kthread+0x328/0x630 [ 18.313894] ret_from_fork+0x10/0x20 [ 18.313955] [ 18.313982] Allocated by task 265: [ 18.314066] kasan_save_stack+0x3c/0x68 [ 18.314114] kasan_save_track+0x20/0x40 [ 18.314864] kasan_save_alloc_info+0x40/0x58 [ 18.315017] __kasan_kmalloc+0xd4/0xd8 [ 18.315147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.315273] kasan_atomics+0xb8/0x2e0 [ 18.315375] kunit_try_run_case+0x170/0x3f0 [ 18.315437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.315605] kthread+0x328/0x630 [ 18.315791] ret_from_fork+0x10/0x20 [ 18.315872] [ 18.316006] The buggy address belongs to the object at fff00000c3f8b900 [ 18.316006] which belongs to the cache kmalloc-64 of size 64 [ 18.316118] The buggy address is located 0 bytes to the right of [ 18.316118] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.316413] [ 18.316511] The buggy address belongs to the physical page: [ 18.316837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.316969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.317066] page_type: f5(slab) [ 18.317369] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.317526] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.317872] page dumped because: kasan: bad access detected [ 18.318354] [ 18.318402] Memory state around the buggy address: [ 18.318616] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.318993] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.319309] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.319483] ^ [ 18.319578] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.319792] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.320014] ================================================================== [ 18.247907] ================================================================== [ 18.247963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.248016] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.248070] [ 18.248100] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.248626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.248886] Hardware name: linux,dummy-virt (DT) [ 18.248937] Call trace: [ 18.249083] show_stack+0x20/0x38 (C) [ 18.249144] dump_stack_lvl+0x8c/0xd0 [ 18.249191] print_report+0x118/0x5d0 [ 18.249446] kasan_report+0xdc/0x128 [ 18.249816] kasan_check_range+0x100/0x1a8 [ 18.249907] __kasan_check_write+0x20/0x30 [ 18.250159] kasan_atomics_helper+0xf20/0x4858 [ 18.250229] kasan_atomics+0x198/0x2e0 [ 18.250449] kunit_try_run_case+0x170/0x3f0 [ 18.250640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.251178] kthread+0x328/0x630 [ 18.251340] ret_from_fork+0x10/0x20 [ 18.251531] [ 18.251592] Allocated by task 265: [ 18.251624] kasan_save_stack+0x3c/0x68 [ 18.251675] kasan_save_track+0x20/0x40 [ 18.251716] kasan_save_alloc_info+0x40/0x58 [ 18.252090] __kasan_kmalloc+0xd4/0xd8 [ 18.252326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.252421] kasan_atomics+0xb8/0x2e0 [ 18.252642] kunit_try_run_case+0x170/0x3f0 [ 18.252739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.252901] kthread+0x328/0x630 [ 18.252941] ret_from_fork+0x10/0x20 [ 18.253326] [ 18.253573] The buggy address belongs to the object at fff00000c3f8b900 [ 18.253573] which belongs to the cache kmalloc-64 of size 64 [ 18.253884] The buggy address is located 0 bytes to the right of [ 18.253884] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.254171] [ 18.254208] The buggy address belongs to the physical page: [ 18.254382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.254589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.254651] page_type: f5(slab) [ 18.254693] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.254750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.254993] page dumped because: kasan: bad access detected [ 18.255343] [ 18.255454] Memory state around the buggy address: [ 18.255609] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.255661] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.255940] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.256390] ^ [ 18.256606] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.256923] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.257252] ================================================================== [ 18.339688] ================================================================== [ 18.339824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.339894] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.339955] [ 18.340056] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.340146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.340176] Hardware name: linux,dummy-virt (DT) [ 18.340328] Call trace: [ 18.340408] show_stack+0x20/0x38 (C) [ 18.340571] dump_stack_lvl+0x8c/0xd0 [ 18.340633] print_report+0x118/0x5d0 [ 18.340867] kasan_report+0xdc/0x128 [ 18.341040] kasan_check_range+0x100/0x1a8 [ 18.341158] __kasan_check_write+0x20/0x30 [ 18.341231] kasan_atomics_helper+0x1384/0x4858 [ 18.341419] kasan_atomics+0x198/0x2e0 [ 18.341472] kunit_try_run_case+0x170/0x3f0 [ 18.341553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.341875] kthread+0x328/0x630 [ 18.341940] ret_from_fork+0x10/0x20 [ 18.341992] [ 18.342013] Allocated by task 265: [ 18.342044] kasan_save_stack+0x3c/0x68 [ 18.342087] kasan_save_track+0x20/0x40 [ 18.342128] kasan_save_alloc_info+0x40/0x58 [ 18.342169] __kasan_kmalloc+0xd4/0xd8 [ 18.342209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.342249] kasan_atomics+0xb8/0x2e0 [ 18.342287] kunit_try_run_case+0x170/0x3f0 [ 18.342344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342395] kthread+0x328/0x630 [ 18.342428] ret_from_fork+0x10/0x20 [ 18.342479] [ 18.342512] The buggy address belongs to the object at fff00000c3f8b900 [ 18.342512] which belongs to the cache kmalloc-64 of size 64 [ 18.342584] The buggy address is located 0 bytes to the right of [ 18.342584] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.342656] [ 18.342688] The buggy address belongs to the physical page: [ 18.342722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.342777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.342833] page_type: f5(slab) [ 18.342885] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.342941] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.342986] page dumped because: kasan: bad access detected [ 18.343020] [ 18.343042] Memory state around the buggy address: [ 18.343085] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.343132] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.343178] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.343220] ^ [ 18.343265] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343310] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343351] ================================================================== [ 18.444431] ================================================================== [ 18.444515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.444887] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.444971] [ 18.445006] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.445191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.445227] Hardware name: linux,dummy-virt (DT) [ 18.445297] Call trace: [ 18.445323] show_stack+0x20/0x38 (C) [ 18.445385] dump_stack_lvl+0x8c/0xd0 [ 18.445431] print_report+0x118/0x5d0 [ 18.445479] kasan_report+0xdc/0x128 [ 18.445525] kasan_check_range+0x100/0x1a8 [ 18.445878] __kasan_check_write+0x20/0x30 [ 18.446289] kasan_atomics_helper+0x17ec/0x4858 [ 18.446368] kasan_atomics+0x198/0x2e0 [ 18.446536] kunit_try_run_case+0x170/0x3f0 [ 18.446933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.447111] kthread+0x328/0x630 [ 18.447198] ret_from_fork+0x10/0x20 [ 18.447385] [ 18.447537] Allocated by task 265: [ 18.447569] kasan_save_stack+0x3c/0x68 [ 18.447742] kasan_save_track+0x20/0x40 [ 18.447872] kasan_save_alloc_info+0x40/0x58 [ 18.448142] __kasan_kmalloc+0xd4/0xd8 [ 18.448273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.448350] kasan_atomics+0xb8/0x2e0 [ 18.448500] kunit_try_run_case+0x170/0x3f0 [ 18.448569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.448658] kthread+0x328/0x630 [ 18.448793] ret_from_fork+0x10/0x20 [ 18.448865] [ 18.448903] The buggy address belongs to the object at fff00000c3f8b900 [ 18.448903] which belongs to the cache kmalloc-64 of size 64 [ 18.449279] The buggy address is located 0 bytes to the right of [ 18.449279] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.449659] [ 18.449714] The buggy address belongs to the physical page: [ 18.449767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.449939] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.450056] page_type: f5(slab) [ 18.450210] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.450365] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.450416] page dumped because: kasan: bad access detected [ 18.450459] [ 18.450481] Memory state around the buggy address: [ 18.450551] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.450917] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.450986] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.451207] ^ [ 18.451255] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451475] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451576] ================================================================== [ 18.214396] ================================================================== [ 18.214570] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.214771] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.214894] [ 18.214939] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.215050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.215080] Hardware name: linux,dummy-virt (DT) [ 18.215112] Call trace: [ 18.215135] show_stack+0x20/0x38 (C) [ 18.215199] dump_stack_lvl+0x8c/0xd0 [ 18.215257] print_report+0x118/0x5d0 [ 18.215319] kasan_report+0xdc/0x128 [ 18.215369] __asan_report_load8_noabort+0x20/0x30 [ 18.215433] kasan_atomics_helper+0x3f58/0x4858 [ 18.215489] kasan_atomics+0x198/0x2e0 [ 18.215538] kunit_try_run_case+0x170/0x3f0 [ 18.215589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.215654] kthread+0x328/0x630 [ 18.215710] ret_from_fork+0x10/0x20 [ 18.215779] [ 18.215823] Allocated by task 265: [ 18.215870] kasan_save_stack+0x3c/0x68 [ 18.215925] kasan_save_track+0x20/0x40 [ 18.215965] kasan_save_alloc_info+0x40/0x58 [ 18.216020] __kasan_kmalloc+0xd4/0xd8 [ 18.216065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.216119] kasan_atomics+0xb8/0x2e0 [ 18.216183] kunit_try_run_case+0x170/0x3f0 [ 18.216226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.216273] kthread+0x328/0x630 [ 18.216308] ret_from_fork+0x10/0x20 [ 18.216357] [ 18.216393] The buggy address belongs to the object at fff00000c3f8b900 [ 18.216393] which belongs to the cache kmalloc-64 of size 64 [ 18.216465] The buggy address is located 0 bytes to the right of [ 18.216465] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.216536] [ 18.216567] The buggy address belongs to the physical page: [ 18.216609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.216676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.216727] page_type: f5(slab) [ 18.216768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.216824] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.217896] page dumped because: kasan: bad access detected [ 18.217964] [ 18.218031] Memory state around the buggy address: [ 18.218097] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.218182] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.218240] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.218520] ^ [ 18.218705] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.218761] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.218803] ================================================================== [ 18.202639] ================================================================== [ 18.202963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.203419] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.203547] [ 18.203646] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.203812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203841] Hardware name: linux,dummy-virt (DT) [ 18.203899] Call trace: [ 18.204305] show_stack+0x20/0x38 (C) [ 18.204712] dump_stack_lvl+0x8c/0xd0 [ 18.204877] print_report+0x118/0x5d0 [ 18.205167] kasan_report+0xdc/0x128 [ 18.205488] kasan_check_range+0x100/0x1a8 [ 18.205795] __kasan_check_read+0x20/0x30 [ 18.205888] kasan_atomics_helper+0xdd4/0x4858 [ 18.206077] kasan_atomics+0x198/0x2e0 [ 18.206139] kunit_try_run_case+0x170/0x3f0 [ 18.206396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.206752] kthread+0x328/0x630 [ 18.207065] ret_from_fork+0x10/0x20 [ 18.207232] [ 18.207313] Allocated by task 265: [ 18.207458] kasan_save_stack+0x3c/0x68 [ 18.207525] kasan_save_track+0x20/0x40 [ 18.207566] kasan_save_alloc_info+0x40/0x58 [ 18.207616] __kasan_kmalloc+0xd4/0xd8 [ 18.207843] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.208050] kasan_atomics+0xb8/0x2e0 [ 18.208444] kunit_try_run_case+0x170/0x3f0 [ 18.208775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.209017] kthread+0x328/0x630 [ 18.209252] ret_from_fork+0x10/0x20 [ 18.209354] [ 18.209382] The buggy address belongs to the object at fff00000c3f8b900 [ 18.209382] which belongs to the cache kmalloc-64 of size 64 [ 18.209793] The buggy address is located 0 bytes to the right of [ 18.209793] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.210009] [ 18.210148] The buggy address belongs to the physical page: [ 18.210430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.210893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.211075] page_type: f5(slab) [ 18.211123] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.211199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.211244] page dumped because: kasan: bad access detected [ 18.211605] [ 18.211687] Memory state around the buggy address: [ 18.211956] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.212015] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.212492] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.212685] ^ [ 18.213033] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.213116] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.213364] ================================================================== [ 18.393812] ================================================================== [ 18.394153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.394234] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.394289] [ 18.394323] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.394494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.394571] Hardware name: linux,dummy-virt (DT) [ 18.394634] Call trace: [ 18.394728] show_stack+0x20/0x38 (C) [ 18.394797] dump_stack_lvl+0x8c/0xd0 [ 18.394884] print_report+0x118/0x5d0 [ 18.394934] kasan_report+0xdc/0x128 [ 18.395271] __asan_report_load8_noabort+0x20/0x30 [ 18.395623] kasan_atomics_helper+0x3db0/0x4858 [ 18.395787] kasan_atomics+0x198/0x2e0 [ 18.395916] kunit_try_run_case+0x170/0x3f0 [ 18.396014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.396111] kthread+0x328/0x630 [ 18.396214] ret_from_fork+0x10/0x20 [ 18.396266] [ 18.396618] Allocated by task 265: [ 18.396981] kasan_save_stack+0x3c/0x68 [ 18.397089] kasan_save_track+0x20/0x40 [ 18.397164] kasan_save_alloc_info+0x40/0x58 [ 18.397288] __kasan_kmalloc+0xd4/0xd8 [ 18.397376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.397484] kasan_atomics+0xb8/0x2e0 [ 18.397523] kunit_try_run_case+0x170/0x3f0 [ 18.397594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.397928] kthread+0x328/0x630 [ 18.398334] ret_from_fork+0x10/0x20 [ 18.398416] [ 18.398484] The buggy address belongs to the object at fff00000c3f8b900 [ 18.398484] which belongs to the cache kmalloc-64 of size 64 [ 18.398847] The buggy address is located 0 bytes to the right of [ 18.398847] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.399006] [ 18.399101] The buggy address belongs to the physical page: [ 18.399136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.399203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.399255] page_type: f5(slab) [ 18.399623] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.399955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.400059] page dumped because: kasan: bad access detected [ 18.400168] [ 18.400239] Memory state around the buggy address: [ 18.400360] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.400412] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.400484] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.400788] ^ [ 18.400992] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.401206] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.401331] ================================================================== [ 18.219014] ================================================================== [ 18.219063] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.219780] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.219936] [ 18.219972] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.220140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.220188] Hardware name: linux,dummy-virt (DT) [ 18.220225] Call trace: [ 18.220329] show_stack+0x20/0x38 (C) [ 18.220386] dump_stack_lvl+0x8c/0xd0 [ 18.220452] print_report+0x118/0x5d0 [ 18.220793] kasan_report+0xdc/0x128 [ 18.220864] kasan_check_range+0x100/0x1a8 [ 18.220918] __kasan_check_write+0x20/0x30 [ 18.221386] kasan_atomics_helper+0xe44/0x4858 [ 18.221620] kasan_atomics+0x198/0x2e0 [ 18.221706] kunit_try_run_case+0x170/0x3f0 [ 18.221914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.222039] kthread+0x328/0x630 [ 18.222240] ret_from_fork+0x10/0x20 [ 18.222303] [ 18.222352] Allocated by task 265: [ 18.222385] kasan_save_stack+0x3c/0x68 [ 18.222443] kasan_save_track+0x20/0x40 [ 18.222671] kasan_save_alloc_info+0x40/0x58 [ 18.222841] __kasan_kmalloc+0xd4/0xd8 [ 18.223109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.223408] kasan_atomics+0xb8/0x2e0 [ 18.223493] kunit_try_run_case+0x170/0x3f0 [ 18.223968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.224285] kthread+0x328/0x630 [ 18.224398] ret_from_fork+0x10/0x20 [ 18.224749] [ 18.225009] The buggy address belongs to the object at fff00000c3f8b900 [ 18.225009] which belongs to the cache kmalloc-64 of size 64 [ 18.225374] The buggy address is located 0 bytes to the right of [ 18.225374] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.225695] [ 18.225747] The buggy address belongs to the physical page: [ 18.226083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.226350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.226511] page_type: f5(slab) [ 18.227012] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.227249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.227324] page dumped because: kasan: bad access detected [ 18.227475] [ 18.227507] Memory state around the buggy address: [ 18.227713] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.227842] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.228059] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.228213] ^ [ 18.228525] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.228698] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.228910] ================================================================== [ 18.098466] ================================================================== [ 18.098529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.098848] Write of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.099073] [ 18.099144] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.099351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.099409] Hardware name: linux,dummy-virt (DT) [ 18.099449] Call trace: [ 18.099598] show_stack+0x20/0x38 (C) [ 18.099812] dump_stack_lvl+0x8c/0xd0 [ 18.099969] print_report+0x118/0x5d0 [ 18.100041] kasan_report+0xdc/0x128 [ 18.100317] kasan_check_range+0x100/0x1a8 [ 18.100419] __kasan_check_write+0x20/0x30 [ 18.100563] kasan_atomics_helper+0x99c/0x4858 [ 18.100625] kasan_atomics+0x198/0x2e0 [ 18.100870] kunit_try_run_case+0x170/0x3f0 [ 18.100998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.101203] kthread+0x328/0x630 [ 18.101254] ret_from_fork+0x10/0x20 [ 18.101470] [ 18.101508] Allocated by task 265: [ 18.101682] kasan_save_stack+0x3c/0x68 [ 18.101920] kasan_save_track+0x20/0x40 [ 18.102073] kasan_save_alloc_info+0x40/0x58 [ 18.102216] __kasan_kmalloc+0xd4/0xd8 [ 18.102313] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.102392] kasan_atomics+0xb8/0x2e0 [ 18.102583] kunit_try_run_case+0x170/0x3f0 [ 18.102679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.102904] kthread+0x328/0x630 [ 18.103033] ret_from_fork+0x10/0x20 [ 18.103111] [ 18.103140] The buggy address belongs to the object at fff00000c3f8b900 [ 18.103140] which belongs to the cache kmalloc-64 of size 64 [ 18.103205] The buggy address is located 0 bytes to the right of [ 18.103205] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.103488] [ 18.103535] The buggy address belongs to the physical page: [ 18.103579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.103647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.103707] page_type: f5(slab) [ 18.103748] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.103818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.103872] page dumped because: kasan: bad access detected [ 18.103926] [ 18.103960] Memory state around the buggy address: [ 18.103993] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.104051] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.104098] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.104138] ^ [ 18.104175] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.105600] ================================================================== [ 18.112473] ================================================================== [ 18.112648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.112709] Write of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.112817] [ 18.112863] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.112949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.113148] Hardware name: linux,dummy-virt (DT) [ 18.113286] Call trace: [ 18.113344] show_stack+0x20/0x38 (C) [ 18.113462] dump_stack_lvl+0x8c/0xd0 [ 18.113536] print_report+0x118/0x5d0 [ 18.113685] kasan_report+0xdc/0x128 [ 18.113739] kasan_check_range+0x100/0x1a8 [ 18.113791] __kasan_check_write+0x20/0x30 [ 18.113844] kasan_atomics_helper+0xa6c/0x4858 [ 18.113904] kasan_atomics+0x198/0x2e0 [ 18.113950] kunit_try_run_case+0x170/0x3f0 [ 18.114223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.114317] kthread+0x328/0x630 [ 18.114416] ret_from_fork+0x10/0x20 [ 18.114477] [ 18.114538] Allocated by task 265: [ 18.114628] kasan_save_stack+0x3c/0x68 [ 18.114697] kasan_save_track+0x20/0x40 [ 18.114744] kasan_save_alloc_info+0x40/0x58 [ 18.114795] __kasan_kmalloc+0xd4/0xd8 [ 18.114834] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.114886] kasan_atomics+0xb8/0x2e0 [ 18.114925] kunit_try_run_case+0x170/0x3f0 [ 18.114966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.115014] kthread+0x328/0x630 [ 18.115049] ret_from_fork+0x10/0x20 [ 18.115279] [ 18.115541] The buggy address belongs to the object at fff00000c3f8b900 [ 18.115541] which belongs to the cache kmalloc-64 of size 64 [ 18.115780] The buggy address is located 0 bytes to the right of [ 18.115780] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.116003] [ 18.116047] The buggy address belongs to the physical page: [ 18.116082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.116294] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.116423] page_type: f5(slab) [ 18.116496] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.116552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.116616] page dumped because: kasan: bad access detected [ 18.116651] [ 18.116671] Memory state around the buggy address: [ 18.116712] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.116770] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.116830] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.116888] ^ [ 18.116925] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117219] ================================================================== [ 18.435583] ================================================================== [ 18.435640] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.435707] Read of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.435982] [ 18.436028] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.436122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.436467] Hardware name: linux,dummy-virt (DT) [ 18.436538] Call trace: [ 18.436588] show_stack+0x20/0x38 (C) [ 18.436649] dump_stack_lvl+0x8c/0xd0 [ 18.436789] print_report+0x118/0x5d0 [ 18.436885] kasan_report+0xdc/0x128 [ 18.436940] __asan_report_load8_noabort+0x20/0x30 [ 18.437292] kasan_atomics_helper+0x3e20/0x4858 [ 18.437373] kasan_atomics+0x198/0x2e0 [ 18.437433] kunit_try_run_case+0x170/0x3f0 [ 18.437490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.437557] kthread+0x328/0x630 [ 18.437614] ret_from_fork+0x10/0x20 [ 18.437916] [ 18.437960] Allocated by task 265: [ 18.438002] kasan_save_stack+0x3c/0x68 [ 18.438059] kasan_save_track+0x20/0x40 [ 18.438392] kasan_save_alloc_info+0x40/0x58 [ 18.438483] __kasan_kmalloc+0xd4/0xd8 [ 18.438557] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.438895] kasan_atomics+0xb8/0x2e0 [ 18.439079] kunit_try_run_case+0x170/0x3f0 [ 18.439174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439398] kthread+0x328/0x630 [ 18.439502] ret_from_fork+0x10/0x20 [ 18.439553] [ 18.439576] The buggy address belongs to the object at fff00000c3f8b900 [ 18.439576] which belongs to the cache kmalloc-64 of size 64 [ 18.439638] The buggy address is located 0 bytes to the right of [ 18.439638] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.440433] [ 18.440520] The buggy address belongs to the physical page: [ 18.440591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.440960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.441037] page_type: f5(slab) [ 18.441119] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.441456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.441818] page dumped because: kasan: bad access detected [ 18.442321] [ 18.442389] Memory state around the buggy address: [ 18.442449] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.442511] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.443272] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.443338] ^ [ 18.443381] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443436] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443479] ================================================================== [ 18.295997] ================================================================== [ 18.296061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.296114] Write of size 8 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.296216] [ 18.296267] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.296354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.296413] Hardware name: linux,dummy-virt (DT) [ 18.296447] Call trace: [ 18.296471] show_stack+0x20/0x38 (C) [ 18.296523] dump_stack_lvl+0x8c/0xd0 [ 18.296729] print_report+0x118/0x5d0 [ 18.297060] kasan_report+0xdc/0x128 [ 18.297126] kasan_check_range+0x100/0x1a8 [ 18.297178] __kasan_check_write+0x20/0x30 [ 18.297235] kasan_atomics_helper+0x1128/0x4858 [ 18.297421] kasan_atomics+0x198/0x2e0 [ 18.297787] kunit_try_run_case+0x170/0x3f0 [ 18.297922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.298154] kthread+0x328/0x630 [ 18.298341] ret_from_fork+0x10/0x20 [ 18.298413] [ 18.298442] Allocated by task 265: [ 18.298471] kasan_save_stack+0x3c/0x68 [ 18.298561] kasan_save_track+0x20/0x40 [ 18.298667] kasan_save_alloc_info+0x40/0x58 [ 18.298888] __kasan_kmalloc+0xd4/0xd8 [ 18.299110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.299236] kasan_atomics+0xb8/0x2e0 [ 18.299572] kunit_try_run_case+0x170/0x3f0 [ 18.299641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.299833] kthread+0x328/0x630 [ 18.300019] ret_from_fork+0x10/0x20 [ 18.300075] [ 18.300098] The buggy address belongs to the object at fff00000c3f8b900 [ 18.300098] which belongs to the cache kmalloc-64 of size 64 [ 18.300169] The buggy address is located 0 bytes to the right of [ 18.300169] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.300270] [ 18.300313] The buggy address belongs to the physical page: [ 18.300349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.300406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.300469] page_type: f5(slab) [ 18.300509] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.300565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.300611] page dumped because: kasan: bad access detected [ 18.300646] [ 18.300686] Memory state around the buggy address: [ 18.300730] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.300797] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.300861] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.300905] ^ [ 18.300954] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.301019] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.301059] ================================================================== [ 18.172801] ================================================================== [ 18.172891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.172957] Read of size 4 at addr fff00000c3f8b930 by task kunit_try_catch/265 [ 18.173536] [ 18.174131] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 18.174236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.174276] Hardware name: linux,dummy-virt (DT) [ 18.174311] Call trace: [ 18.174342] show_stack+0x20/0x38 (C) [ 18.174612] dump_stack_lvl+0x8c/0xd0 [ 18.174780] print_report+0x118/0x5d0 [ 18.175081] kasan_report+0xdc/0x128 [ 18.175360] __asan_report_load4_noabort+0x20/0x30 [ 18.175475] kasan_atomics_helper+0x3dd8/0x4858 [ 18.175637] kasan_atomics+0x198/0x2e0 [ 18.175690] kunit_try_run_case+0x170/0x3f0 [ 18.175738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.175995] kthread+0x328/0x630 [ 18.176346] ret_from_fork+0x10/0x20 [ 18.176723] [ 18.176787] Allocated by task 265: [ 18.177055] kasan_save_stack+0x3c/0x68 [ 18.177237] kasan_save_track+0x20/0x40 [ 18.177323] kasan_save_alloc_info+0x40/0x58 [ 18.177451] __kasan_kmalloc+0xd4/0xd8 [ 18.177541] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.177582] kasan_atomics+0xb8/0x2e0 [ 18.177829] kunit_try_run_case+0x170/0x3f0 [ 18.178209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.178480] kthread+0x328/0x630 [ 18.178729] ret_from_fork+0x10/0x20 [ 18.178986] [ 18.179167] The buggy address belongs to the object at fff00000c3f8b900 [ 18.179167] which belongs to the cache kmalloc-64 of size 64 [ 18.179355] The buggy address is located 0 bytes to the right of [ 18.179355] allocated 48-byte region [fff00000c3f8b900, fff00000c3f8b930) [ 18.179437] [ 18.179723] The buggy address belongs to the physical page: [ 18.179901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8b [ 18.180000] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.180344] page_type: f5(slab) [ 18.180548] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.180899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.181357] page dumped because: kasan: bad access detected [ 18.181760] [ 18.182356] Memory state around the buggy address: [ 18.182427] fff00000c3f8b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.182753] fff00000c3f8b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.183003] >fff00000c3f8b900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.183116] ^ [ 18.183195] fff00000c3f8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.183447] fff00000c3f8ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.183575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.886736] ================================================================== [ 17.887049] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 17.887346] Call trace: [ 17.887582] __asan_report_load8_noabort+0x20/0x30 [ 17.887709] kasan_bitops_generic+0x11c/0x1c8 [ 17.889135] __kasan_kmalloc+0xd4/0xd8 [ 17.891839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.893886] fff00000c5961200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.894696] fff00000c5961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.896165] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 17.896837] Hardware name: linux,dummy-virt (DT) [ 17.897463] kasan_report+0xdc/0x128 [ 17.899015] ret_from_fork+0x10/0x20 [ 17.899668] kasan_save_alloc_info+0x40/0x58 [ 17.900949] ret_from_fork+0x10/0x20 [ 17.901371] [ 17.901979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105961 [ 17.903403] fff00000c5961200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.903784] fff00000c5961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.905673] Read of size 8 at addr fff00000c59612a8 by task kunit_try_catch/261 [ 17.906127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.906678] print_report+0x118/0x5d0 [ 17.907270] kasan_bitops_generic+0x11c/0x1c8 [ 17.908984] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.910307] The buggy address is located 8 bytes inside of [ 17.910307] allocated 9-byte region [fff00000c59612a0, fff00000c59612a9) [ 17.911393] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.912065] fff00000c5961200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.912608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.765637] ================================================================== [ 17.765772] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.765839] Read of size 8 at addr fff00000c59612a8 by task kunit_try_catch/261 [ 17.765966] [ 17.766010] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.766106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.766304] Hardware name: linux,dummy-virt (DT) [ 17.766534] Call trace: [ 17.766623] show_stack+0x20/0x38 (C) [ 17.766803] dump_stack_lvl+0x8c/0xd0 [ 17.766990] print_report+0x118/0x5d0 [ 17.767048] kasan_report+0xdc/0x128 [ 17.767096] __asan_report_load8_noabort+0x20/0x30 [ 17.767302] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.767539] kasan_bitops_generic+0x110/0x1c8 [ 17.767641] kunit_try_run_case+0x170/0x3f0 [ 17.767795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.768058] kthread+0x328/0x630 [ 17.768153] ret_from_fork+0x10/0x20 [ 17.768694] [ 17.768743] Allocated by task 261: [ 17.768935] kasan_save_stack+0x3c/0x68 [ 17.769227] kasan_save_track+0x20/0x40 [ 17.769299] kasan_save_alloc_info+0x40/0x58 [ 17.770365] ret_from_fork+0x10/0x20 [ 17.771609] page dumped because: kasan: bad access detected [ 17.772844] ^ [ 17.774999] Write of size 8 at addr fff00000c59612a8 by task kunit_try_catch/261 [ 17.776555] kasan_bitops_generic+0x110/0x1c8 [ 17.778920] kthread+0x328/0x630 [ 17.779302] [ 17.779973] page_type: f5(slab) [ 17.780575] [ 17.780923] fff00000c5961180: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.782263] ================================================================== [ 17.754714] ================================================================== [ 17.755662] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.755749] Write of size 8 at addr fff00000c59612a8 by task kunit_try_catch/261 [ 17.755804] [ 17.755838] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.755955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.756143] Hardware name: linux,dummy-virt (DT) [ 17.756516] Call trace: [ 17.756632] show_stack+0x20/0x38 (C) [ 17.756818] dump_stack_lvl+0x8c/0xd0 [ 17.757112] print_report+0x118/0x5d0 [ 17.757228] kasan_report+0xdc/0x128 [ 17.757487] kasan_check_range+0x100/0x1a8 [ 17.757615] __kasan_check_write+0x20/0x30 [ 17.757980] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.758142] kasan_bitops_generic+0x110/0x1c8 [ 17.758332] kunit_try_run_case+0x170/0x3f0 [ 17.758442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.758556] kthread+0x328/0x630 [ 17.758632] ret_from_fork+0x10/0x20 [ 17.758681] [ 17.758890] Allocated by task 261: [ 17.759098] kasan_save_stack+0x3c/0x68 [ 17.759262] kasan_save_track+0x20/0x40 [ 17.759364] kasan_save_alloc_info+0x40/0x58 [ 17.759501] __kasan_kmalloc+0xd4/0xd8 [ 17.759589] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.759730] kasan_bitops_generic+0xa0/0x1c8 [ 17.759813] kunit_try_run_case+0x170/0x3f0 [ 17.760167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.760451] kthread+0x328/0x630 [ 17.760564] ret_from_fork+0x10/0x20 [ 17.760635] [ 17.760658] The buggy address belongs to the object at fff00000c59612a0 [ 17.760658] which belongs to the cache kmalloc-16 of size 16 [ 17.760963] The buggy address is located 8 bytes inside of [ 17.760963] allocated 9-byte region [fff00000c59612a0, fff00000c59612a9) [ 17.761065] [ 17.761142] The buggy address belongs to the physical page: [ 17.761464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105961 [ 17.761649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.761848] page_type: f5(slab) [ 17.761949] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.762064] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.762148] page dumped because: kasan: bad access detected [ 17.762557] [ 17.762672] Memory state around the buggy address: [ 17.762770] fff00000c5961180: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.762918] fff00000c5961200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.763002] >fff00000c5961280: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.763176] ^ [ 17.763223] fff00000c5961300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.763344] fff00000c5961380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.763497] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.676938] ================================================================== [ 17.677114] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.677217] Read of size 1 at addr fff00000c3f8c358 by task kunit_try_catch/257 [ 17.677324] [ 17.677392] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.677495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.677526] Hardware name: linux,dummy-virt (DT) [ 17.677558] Call trace: [ 17.677582] show_stack+0x20/0x38 (C) [ 17.677980] dump_stack_lvl+0x8c/0xd0 [ 17.678136] print_report+0x118/0x5d0 [ 17.678196] kasan_report+0xdc/0x128 [ 17.678257] __asan_report_load1_noabort+0x20/0x30 [ 17.678312] memcmp+0x198/0x1d8 [ 17.678357] kasan_memcmp+0x16c/0x300 [ 17.678404] kunit_try_run_case+0x170/0x3f0 [ 17.678465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.678520] kthread+0x328/0x630 [ 17.678798] ret_from_fork+0x10/0x20 [ 17.678869] [ 17.678890] Allocated by task 257: [ 17.678925] kasan_save_stack+0x3c/0x68 [ 17.679485] kasan_save_track+0x20/0x40 [ 17.679648] kasan_save_alloc_info+0x40/0x58 [ 17.680011] __kasan_kmalloc+0xd4/0xd8 [ 17.680201] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.680326] kasan_memcmp+0xbc/0x300 [ 17.680461] kunit_try_run_case+0x170/0x3f0 [ 17.680546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.680878] kthread+0x328/0x630 [ 17.680928] ret_from_fork+0x10/0x20 [ 17.681144] [ 17.681201] The buggy address belongs to the object at fff00000c3f8c340 [ 17.681201] which belongs to the cache kmalloc-32 of size 32 [ 17.681358] The buggy address is located 0 bytes to the right of [ 17.681358] allocated 24-byte region [fff00000c3f8c340, fff00000c3f8c358) [ 17.681520] [ 17.681590] The buggy address belongs to the physical page: [ 17.682051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8c [ 17.682172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.682328] page_type: f5(slab) [ 17.682397] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.682500] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.682546] page dumped because: kasan: bad access detected [ 17.682957] [ 17.683237] Memory state around the buggy address: [ 17.683400] fff00000c3f8c200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.683532] fff00000c3f8c280: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.683706] >fff00000c3f8c300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.683781] ^ [ 17.683901] fff00000c3f8c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684015] fff00000c3f8c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.734392] ================================================================== [ 17.734658] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.734801] Read of size 1 at addr fff00000c3f8c510 by task kunit_try_catch/259 [ 17.734990] [ 17.735089] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.735189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.735219] Hardware name: linux,dummy-virt (DT) [ 17.735280] Call trace: [ 17.735583] show_stack+0x20/0x38 (C) [ 17.735654] dump_stack_lvl+0x8c/0xd0 [ 17.736002] print_report+0x118/0x5d0 [ 17.736188] kasan_report+0xdc/0x128 [ 17.736389] __asan_report_load1_noabort+0x20/0x30 [ 17.736568] strnlen+0x80/0x88 [ 17.736956] kasan_strings+0x478/0xb00 [ 17.737116] kunit_try_run_case+0x170/0x3f0 [ 17.737232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.737396] kthread+0x328/0x630 [ 17.737634] ret_from_fork+0x10/0x20 [ 17.737943] [ 17.737988] Allocated by task 259: [ 17.738106] kasan_save_stack+0x3c/0x68 [ 17.738224] kasan_save_track+0x20/0x40 [ 17.738445] kasan_save_alloc_info+0x40/0x58 [ 17.738768] __kasan_kmalloc+0xd4/0xd8 [ 17.738932] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.739116] kasan_strings+0xc8/0xb00 [ 17.739163] kunit_try_run_case+0x170/0x3f0 [ 17.739494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.739780] kthread+0x328/0x630 [ 17.739939] ret_from_fork+0x10/0x20 [ 17.740053] [ 17.740115] Freed by task 259: [ 17.740343] kasan_save_stack+0x3c/0x68 [ 17.740505] kasan_save_track+0x20/0x40 [ 17.740651] kasan_save_free_info+0x4c/0x78 [ 17.740778] __kasan_slab_free+0x6c/0x98 [ 17.740933] kfree+0x214/0x3c8 [ 17.741012] kasan_strings+0x24c/0xb00 [ 17.741280] kunit_try_run_case+0x170/0x3f0 [ 17.741454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.741597] kthread+0x328/0x630 [ 17.741769] ret_from_fork+0x10/0x20 [ 17.741847] [ 17.741981] The buggy address belongs to the object at fff00000c3f8c500 [ 17.741981] which belongs to the cache kmalloc-32 of size 32 [ 17.742268] The buggy address is located 16 bytes inside of [ 17.742268] freed 32-byte region [fff00000c3f8c500, fff00000c3f8c520) [ 17.742639] [ 17.742957] The buggy address belongs to the physical page: [ 17.743089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8c [ 17.743186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.743373] page_type: f5(slab) [ 17.743421] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.743477] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.743719] page dumped because: kasan: bad access detected [ 17.743762] [ 17.743785] Memory state around the buggy address: [ 17.744017] fff00000c3f8c400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.744074] fff00000c3f8c480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.744172] >fff00000c3f8c500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.744238] ^ [ 17.744283] fff00000c3f8c580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.744329] fff00000c3f8c600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.744371] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.723536] ================================================================== [ 17.723984] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.724066] Read of size 1 at addr fff00000c3f8c510 by task kunit_try_catch/259 [ 17.724131] [ 17.724178] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.724265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.724297] Hardware name: linux,dummy-virt (DT) [ 17.724331] Call trace: [ 17.724361] show_stack+0x20/0x38 (C) [ 17.724415] dump_stack_lvl+0x8c/0xd0 [ 17.724464] print_report+0x118/0x5d0 [ 17.724514] kasan_report+0xdc/0x128 [ 17.724561] __asan_report_load1_noabort+0x20/0x30 [ 17.724616] strlen+0xa8/0xb0 [ 17.724658] kasan_strings+0x418/0xb00 [ 17.724711] kunit_try_run_case+0x170/0x3f0 [ 17.724770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.724828] kthread+0x328/0x630 [ 17.725974] ret_from_fork+0x10/0x20 [ 17.726048] [ 17.726076] Allocated by task 259: [ 17.726291] kasan_save_stack+0x3c/0x68 [ 17.726586] kasan_save_track+0x20/0x40 [ 17.726703] kasan_save_alloc_info+0x40/0x58 [ 17.726755] __kasan_kmalloc+0xd4/0xd8 [ 17.727079] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.727171] kasan_strings+0xc8/0xb00 [ 17.727267] kunit_try_run_case+0x170/0x3f0 [ 17.727333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.727668] kthread+0x328/0x630 [ 17.727825] ret_from_fork+0x10/0x20 [ 17.727994] [ 17.728028] Freed by task 259: [ 17.728058] kasan_save_stack+0x3c/0x68 [ 17.728128] kasan_save_track+0x20/0x40 [ 17.728490] kasan_save_free_info+0x4c/0x78 [ 17.728863] __kasan_slab_free+0x6c/0x98 [ 17.729010] kfree+0x214/0x3c8 [ 17.729104] kasan_strings+0x24c/0xb00 [ 17.729486] kunit_try_run_case+0x170/0x3f0 [ 17.729678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.729788] kthread+0x328/0x630 [ 17.729928] ret_from_fork+0x10/0x20 [ 17.730078] [ 17.730139] The buggy address belongs to the object at fff00000c3f8c500 [ 17.730139] which belongs to the cache kmalloc-32 of size 32 [ 17.730366] The buggy address is located 16 bytes inside of [ 17.730366] freed 32-byte region [fff00000c3f8c500, fff00000c3f8c520) [ 17.730604] [ 17.730661] The buggy address belongs to the physical page: [ 17.730720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8c [ 17.730781] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.731264] page_type: f5(slab) [ 17.731329] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.731442] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.731557] page dumped because: kasan: bad access detected [ 17.731804] [ 17.731878] Memory state around the buggy address: [ 17.732091] fff00000c3f8c400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.732146] fff00000c3f8c480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.732258] >fff00000c3f8c500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.732302] ^ [ 17.732384] fff00000c3f8c580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.732694] fff00000c3f8c600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.733043] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.711806] ================================================================== [ 17.711880] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.713011] Read of size 1 at addr fff00000c3f8c510 by task kunit_try_catch/259 [ 17.713100] [ 17.713135] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.713291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.713324] Hardware name: linux,dummy-virt (DT) [ 17.713384] Call trace: [ 17.713410] show_stack+0x20/0x38 (C) [ 17.713516] dump_stack_lvl+0x8c/0xd0 [ 17.713581] print_report+0x118/0x5d0 [ 17.713633] kasan_report+0xdc/0x128 [ 17.713721] __asan_report_load1_noabort+0x20/0x30 [ 17.714146] kasan_strings+0x95c/0xb00 [ 17.714214] kunit_try_run_case+0x170/0x3f0 [ 17.714266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.714330] kthread+0x328/0x630 [ 17.714375] ret_from_fork+0x10/0x20 [ 17.714743] [ 17.714788] Allocated by task 259: [ 17.715170] kasan_save_stack+0x3c/0x68 [ 17.715294] kasan_save_track+0x20/0x40 [ 17.715360] kasan_save_alloc_info+0x40/0x58 [ 17.715565] __kasan_kmalloc+0xd4/0xd8 [ 17.715794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.716043] kasan_strings+0xc8/0xb00 [ 17.716224] kunit_try_run_case+0x170/0x3f0 [ 17.716417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.716686] kthread+0x328/0x630 [ 17.717025] ret_from_fork+0x10/0x20 [ 17.717233] [ 17.717309] Freed by task 259: [ 17.717375] kasan_save_stack+0x3c/0x68 [ 17.717480] kasan_save_track+0x20/0x40 [ 17.717683] kasan_save_free_info+0x4c/0x78 [ 17.717895] __kasan_slab_free+0x6c/0x98 [ 17.718201] kfree+0x214/0x3c8 [ 17.718409] kasan_strings+0x24c/0xb00 [ 17.718504] kunit_try_run_case+0x170/0x3f0 [ 17.718689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.718901] kthread+0x328/0x630 [ 17.719047] ret_from_fork+0x10/0x20 [ 17.719166] [ 17.719209] The buggy address belongs to the object at fff00000c3f8c500 [ 17.719209] which belongs to the cache kmalloc-32 of size 32 [ 17.719403] The buggy address is located 16 bytes inside of [ 17.719403] freed 32-byte region [fff00000c3f8c500, fff00000c3f8c520) [ 17.719641] [ 17.719737] The buggy address belongs to the physical page: [ 17.719883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8c [ 17.719967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.720272] page_type: f5(slab) [ 17.720463] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.720550] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.720759] page dumped because: kasan: bad access detected [ 17.720940] [ 17.720998] Memory state around the buggy address: [ 17.721101] fff00000c3f8c400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.721412] fff00000c3f8c480: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.721691] >fff00000c3f8c500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.721786] ^ [ 17.721822] fff00000c3f8c580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.722105] fff00000c3f8c600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.722461] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.701341] ================================================================== [ 17.701722] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.701802] Read of size 1 at addr fff00000c3f8c510 by task kunit_try_catch/259 [ 17.701935] [ 17.701980] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.702068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.702105] Hardware name: linux,dummy-virt (DT) [ 17.702140] Call trace: [ 17.702167] show_stack+0x20/0x38 (C) [ 17.702515] dump_stack_lvl+0x8c/0xd0 [ 17.702604] print_report+0x118/0x5d0 [ 17.702931] kasan_report+0xdc/0x128 [ 17.703062] __asan_report_load1_noabort+0x20/0x30 [ 17.703187] strcmp+0xc0/0xc8 [ 17.703547] kasan_strings+0x340/0xb00 [ 17.703701] kunit_try_run_case+0x170/0x3f0 [ 17.703799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.704215] kthread+0x328/0x630 [ 17.704358] ret_from_fork+0x10/0x20 [ 17.704517] [ 17.704607] Allocated by task 259: [ 17.705009] kasan_save_stack+0x3c/0x68 [ 17.705168] kasan_save_track+0x20/0x40 [ 17.705297] kasan_save_alloc_info+0x40/0x58 [ 17.705394] __kasan_kmalloc+0xd4/0xd8 [ 17.705513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.705595] kasan_strings+0xc8/0xb00 [ 17.705660] kunit_try_run_case+0x170/0x3f0 [ 17.705897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.706128] kthread+0x328/0x630 [ 17.706235] ret_from_fork+0x10/0x20 [ 17.706408] [ 17.706491] Freed by task 259: [ 17.706531] kasan_save_stack+0x3c/0x68 [ 17.706771] kasan_save_track+0x20/0x40 [ 17.707039] kasan_save_free_info+0x4c/0x78 [ 17.707517] __kasan_slab_free+0x6c/0x98 [ 17.707659] kfree+0x214/0x3c8 [ 17.707780] kasan_strings+0x24c/0xb00 [ 17.707897] kunit_try_run_case+0x170/0x3f0 [ 17.707966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708015] kthread+0x328/0x630 [ 17.708061] ret_from_fork+0x10/0x20 [ 17.708136] [ 17.708159] The buggy address belongs to the object at fff00000c3f8c500 [ 17.708159] which belongs to the cache kmalloc-32 of size 32 [ 17.708235] The buggy address is located 16 bytes inside of [ 17.708235] freed 32-byte region [fff00000c3f8c500, fff00000c3f8c520) [ 17.708304] [ 17.708337] The buggy address belongs to the physical page: [ 17.708382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f8c [ 17.708448] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.708504] page_type: f5(slab) [ 17.708566] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.708636] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.708687] page dumped because: kasan: bad access detected [ 17.708743] [ 17.708773] Memory state around the buggy address: [ 17.708809] fff00000c3f8c400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.708868] fff00000c3f8c480: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.708915] >fff00000c3f8c500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.708958] ^ [ 17.709011] fff00000c3f8c580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.709057] fff00000c3f8c600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.709108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.629631] ================================================================== [ 17.630209] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.630479] Read of size 1 at addr ffff800080a57b5f by task kunit_try_catch/251 [ 17.630543] [ 17.630587] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.630920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.631092] Hardware name: linux,dummy-virt (DT) [ 17.631146] Call trace: [ 17.631174] show_stack+0x20/0x38 (C) [ 17.631238] dump_stack_lvl+0x8c/0xd0 [ 17.631288] print_report+0x310/0x5d0 [ 17.631345] kasan_report+0xdc/0x128 [ 17.631402] __asan_report_load1_noabort+0x20/0x30 [ 17.631486] kasan_alloca_oob_left+0x2b8/0x310 [ 17.631538] kunit_try_run_case+0x170/0x3f0 [ 17.631588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.631644] kthread+0x328/0x630 [ 17.631687] ret_from_fork+0x10/0x20 [ 17.631762] [ 17.631803] The buggy address belongs to stack of task kunit_try_catch/251 [ 17.631909] [ 17.631934] The buggy address ffff800080a57b5f belongs to a vmalloc virtual mapping [ 17.631988] The buggy address belongs to the physical page: [ 17.632027] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103faa [ 17.632087] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.632151] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.632207] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.632273] page dumped because: kasan: bad access detected [ 17.632305] [ 17.632327] Memory state around the buggy address: [ 17.632361] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.632417] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.632474] >ffff800080a57b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.632523] ^ [ 17.632579] ffff800080a57b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.632639] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.632682] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.608762] ================================================================== [ 17.608841] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.608910] Read of size 1 at addr ffff800080a57c2a by task kunit_try_catch/249 [ 17.608962] [ 17.608993] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.609079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.609208] Hardware name: linux,dummy-virt (DT) [ 17.609242] Call trace: [ 17.609286] show_stack+0x20/0x38 (C) [ 17.609341] dump_stack_lvl+0x8c/0xd0 [ 17.609389] print_report+0x310/0x5d0 [ 17.609438] kasan_report+0xdc/0x128 [ 17.609486] __asan_report_load1_noabort+0x20/0x30 [ 17.609539] kasan_stack_oob+0x238/0x270 [ 17.609585] kunit_try_run_case+0x170/0x3f0 [ 17.609646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.609712] kthread+0x328/0x630 [ 17.609758] ret_from_fork+0x10/0x20 [ 17.609807] [ 17.610816] The buggy address belongs to stack of task kunit_try_catch/249 [ 17.611138] and is located at offset 138 in frame: [ 17.611378] kasan_stack_oob+0x0/0x270 [ 17.611885] [ 17.612037] This frame has 4 objects: [ 17.612377] [48, 49) '__assertion' [ 17.612440] [64, 72) 'array' [ 17.612867] [96, 112) '__assertion' [ 17.613011] [128, 138) 'stack_array' [ 17.613165] [ 17.613295] The buggy address ffff800080a57c2a belongs to a vmalloc virtual mapping [ 17.613501] The buggy address belongs to the physical page: [ 17.613806] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103faa [ 17.614073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.614614] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.614913] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.614996] page dumped because: kasan: bad access detected [ 17.615049] [ 17.615092] Memory state around the buggy address: [ 17.615353] ffff800080a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.615705] ffff800080a57b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.616416] >ffff800080a57c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.616489] ^ [ 17.616530] ffff800080a57c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.617007] ffff800080a57d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.617218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.589939] ================================================================== [ 17.590006] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.590573] Read of size 1 at addr ffffab7db974f58d by task kunit_try_catch/245 [ 17.591024] [ 17.591073] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.591159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.591187] Hardware name: linux,dummy-virt (DT) [ 17.591219] Call trace: [ 17.591242] show_stack+0x20/0x38 (C) [ 17.591292] dump_stack_lvl+0x8c/0xd0 [ 17.591341] print_report+0x310/0x5d0 [ 17.591388] kasan_report+0xdc/0x128 [ 17.591434] __asan_report_load1_noabort+0x20/0x30 [ 17.591486] kasan_global_oob_right+0x230/0x270 [ 17.591533] kunit_try_run_case+0x170/0x3f0 [ 17.591582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.591636] kthread+0x328/0x630 [ 17.591677] ret_from_fork+0x10/0x20 [ 17.591732] [ 17.591787] The buggy address belongs to the variable: [ 17.591819] global_array+0xd/0x40 [ 17.591891] [ 17.592031] The buggy address ffffab7db974f58d belongs to a vmalloc virtual mapping [ 17.592322] The buggy address belongs to the physical page: [ 17.592470] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.592550] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.592640] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.592718] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.592771] page dumped because: kasan: bad access detected [ 17.592812] [ 17.592829] Memory state around the buggy address: [ 17.592888] ffffab7db974f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.592959] ffffab7db974f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.593483] >ffffab7db974f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.594152] ^ [ 17.594210] ffffab7db974f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.594359] ffffab7db974f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.594443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.568682] ================================================================== [ 17.568739] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.568795] Free of addr fff00000c77b0001 by task kunit_try_catch/243 [ 17.568838] [ 17.568883] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.568966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.568995] Hardware name: linux,dummy-virt (DT) [ 17.569027] Call trace: [ 17.569048] show_stack+0x20/0x38 (C) [ 17.569097] dump_stack_lvl+0x8c/0xd0 [ 17.569942] print_report+0x118/0x5d0 [ 17.570011] kasan_report_invalid_free+0xc0/0xe8 [ 17.570063] __kasan_mempool_poison_object+0xfc/0x150 [ 17.570172] mempool_free+0x28c/0x328 [ 17.570296] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.570798] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.571123] kunit_try_run_case+0x170/0x3f0 [ 17.571184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.571341] kthread+0x328/0x630 [ 17.571385] ret_from_fork+0x10/0x20 [ 17.571486] [ 17.571506] The buggy address belongs to the physical page: [ 17.571816] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 17.571891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.572198] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.572268] page_type: f8(unknown) [ 17.572503] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.572567] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.572627] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.572685] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.572909] head: 0bfffe0000000002 ffffc1ffc31dec01 00000000ffffffff 00000000ffffffff [ 17.573349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.573437] page dumped because: kasan: bad access detected [ 17.573701] [ 17.573772] Memory state around the buggy address: [ 17.573806] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.574175] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.574233] >fff00000c77b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.574273] ^ [ 17.574388] fff00000c77b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.574477] fff00000c77b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.574737] ================================================================== [ 17.553216] ================================================================== [ 17.553275] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.553330] Free of addr fff00000c648f001 by task kunit_try_catch/241 [ 17.553373] [ 17.553404] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.553488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.553517] Hardware name: linux,dummy-virt (DT) [ 17.553548] Call trace: [ 17.553569] show_stack+0x20/0x38 (C) [ 17.553620] dump_stack_lvl+0x8c/0xd0 [ 17.553671] print_report+0x118/0x5d0 [ 17.554001] kasan_report_invalid_free+0xc0/0xe8 [ 17.554079] check_slab_allocation+0xfc/0x108 [ 17.554130] __kasan_mempool_poison_object+0x78/0x150 [ 17.554208] mempool_free+0x28c/0x328 [ 17.554254] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.554314] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.554364] kunit_try_run_case+0x170/0x3f0 [ 17.554413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.554477] kthread+0x328/0x630 [ 17.554520] ret_from_fork+0x10/0x20 [ 17.554569] [ 17.554591] Allocated by task 241: [ 17.554620] kasan_save_stack+0x3c/0x68 [ 17.554662] kasan_save_track+0x20/0x40 [ 17.554699] kasan_save_alloc_info+0x40/0x58 [ 17.554739] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.554783] remove_element+0x130/0x1f8 [ 17.554817] mempool_alloc_preallocated+0x58/0xc0 [ 17.554867] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.554911] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.554952] kunit_try_run_case+0x170/0x3f0 [ 17.554989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.555032] kthread+0x328/0x630 [ 17.555063] ret_from_fork+0x10/0x20 [ 17.555099] [ 17.555118] The buggy address belongs to the object at fff00000c648f000 [ 17.555118] which belongs to the cache kmalloc-128 of size 128 [ 17.555181] The buggy address is located 1 bytes inside of [ 17.555181] 128-byte region [fff00000c648f000, fff00000c648f080) [ 17.555243] [ 17.555264] The buggy address belongs to the physical page: [ 17.555295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10648f [ 17.555351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.555403] page_type: f5(slab) [ 17.555443] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.555494] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.555536] page dumped because: kasan: bad access detected [ 17.555568] [ 17.555587] Memory state around the buggy address: [ 17.555617] fff00000c648ef00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 17.555661] fff00000c648ef80: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 17.555704] >fff00000c648f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.555742] ^ [ 17.555770] fff00000c648f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.555812] fff00000c648f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.555861] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.512292] ================================================================== [ 17.512351] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.512436] Free of addr fff00000c644bc00 by task kunit_try_catch/235 [ 17.512532] [ 17.512562] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.512662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.512946] Hardware name: linux,dummy-virt (DT) [ 17.512990] Call trace: [ 17.513039] show_stack+0x20/0x38 (C) [ 17.513094] dump_stack_lvl+0x8c/0xd0 [ 17.513202] print_report+0x118/0x5d0 [ 17.513277] kasan_report_invalid_free+0xc0/0xe8 [ 17.513331] check_slab_allocation+0xd4/0x108 [ 17.513419] __kasan_mempool_poison_object+0x78/0x150 [ 17.513471] mempool_free+0x28c/0x328 [ 17.513517] mempool_double_free_helper+0x150/0x2e8 [ 17.513566] mempool_kmalloc_double_free+0xc0/0x118 [ 17.513678] kunit_try_run_case+0x170/0x3f0 [ 17.513734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.513788] kthread+0x328/0x630 [ 17.513832] ret_from_fork+0x10/0x20 [ 17.514109] [ 17.514137] Allocated by task 235: [ 17.514170] kasan_save_stack+0x3c/0x68 [ 17.514214] kasan_save_track+0x20/0x40 [ 17.514252] kasan_save_alloc_info+0x40/0x58 [ 17.514415] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.514474] remove_element+0x130/0x1f8 [ 17.514510] mempool_alloc_preallocated+0x58/0xc0 [ 17.514578] mempool_double_free_helper+0x94/0x2e8 [ 17.514709] mempool_kmalloc_double_free+0xc0/0x118 [ 17.514832] kunit_try_run_case+0x170/0x3f0 [ 17.514964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.515011] kthread+0x328/0x630 [ 17.515065] ret_from_fork+0x10/0x20 [ 17.515101] [ 17.515120] Freed by task 235: [ 17.515513] kasan_save_stack+0x3c/0x68 [ 17.515611] kasan_save_track+0x20/0x40 [ 17.515703] kasan_save_free_info+0x4c/0x78 [ 17.515782] __kasan_mempool_poison_object+0xc0/0x150 [ 17.515962] mempool_free+0x28c/0x328 [ 17.516039] mempool_double_free_helper+0x100/0x2e8 [ 17.516164] mempool_kmalloc_double_free+0xc0/0x118 [ 17.516283] kunit_try_run_case+0x170/0x3f0 [ 17.516344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.516667] kthread+0x328/0x630 [ 17.516718] ret_from_fork+0x10/0x20 [ 17.516894] [ 17.516996] The buggy address belongs to the object at fff00000c644bc00 [ 17.516996] which belongs to the cache kmalloc-128 of size 128 [ 17.517085] The buggy address is located 0 bytes inside of [ 17.517085] 128-byte region [fff00000c644bc00, fff00000c644bc80) [ 17.517527] [ 17.517596] The buggy address belongs to the physical page: [ 17.517717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644b [ 17.517822] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.517992] page_type: f5(slab) [ 17.518107] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.518268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.518313] page dumped because: kasan: bad access detected [ 17.518358] [ 17.518426] Memory state around the buggy address: [ 17.518653] fff00000c644bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.519185] fff00000c644bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.519251] >fff00000c644bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.519482] ^ [ 17.519541] fff00000c644bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.519599] fff00000c644bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.519639] ================================================================== [ 17.535629] ================================================================== [ 17.535685] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.535986] Free of addr fff00000c77b0000 by task kunit_try_catch/239 [ 17.536102] [ 17.536138] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.536232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.536259] Hardware name: linux,dummy-virt (DT) [ 17.536298] Call trace: [ 17.536322] show_stack+0x20/0x38 (C) [ 17.536372] dump_stack_lvl+0x8c/0xd0 [ 17.536479] print_report+0x118/0x5d0 [ 17.536565] kasan_report_invalid_free+0xc0/0xe8 [ 17.536617] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.536673] mempool_free+0x24c/0x328 [ 17.536717] mempool_double_free_helper+0x150/0x2e8 [ 17.537438] mempool_page_alloc_double_free+0xbc/0x118 [ 17.537576] kunit_try_run_case+0x170/0x3f0 [ 17.537627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.538611] kthread+0x328/0x630 [ 17.538740] ret_from_fork+0x10/0x20 [ 17.539313] [ 17.539604] The buggy address belongs to the physical page: [ 17.539644] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 17.539706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.539769] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.539821] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.541429] page dumped because: kasan: bad access detected [ 17.541938] [ 17.542020] Memory state around the buggy address: [ 17.542156] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542638] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542686] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542726] ^ [ 17.542755] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.543800] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.543991] ================================================================== [ 17.525448] ================================================================== [ 17.525515] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.525566] Free of addr fff00000c77b0000 by task kunit_try_catch/237 [ 17.525610] [ 17.525641] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.525723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.525891] Hardware name: linux,dummy-virt (DT) [ 17.525986] Call trace: [ 17.526014] show_stack+0x20/0x38 (C) [ 17.526088] dump_stack_lvl+0x8c/0xd0 [ 17.526162] print_report+0x118/0x5d0 [ 17.526212] kasan_report_invalid_free+0xc0/0xe8 [ 17.526281] __kasan_mempool_poison_object+0x14c/0x150 [ 17.526336] mempool_free+0x28c/0x328 [ 17.526529] mempool_double_free_helper+0x150/0x2e8 [ 17.526643] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.526728] kunit_try_run_case+0x170/0x3f0 [ 17.526824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.526940] kthread+0x328/0x630 [ 17.527005] ret_from_fork+0x10/0x20 [ 17.527054] [ 17.527074] The buggy address belongs to the physical page: [ 17.527110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 17.527293] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.527420] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.527578] page_type: f8(unknown) [ 17.527665] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.527770] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.527880] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.527953] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.528016] head: 0bfffe0000000002 ffffc1ffc31dec01 00000000ffffffff 00000000ffffffff [ 17.528391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.528462] page dumped because: kasan: bad access detected [ 17.528514] [ 17.528583] Memory state around the buggy address: [ 17.528693] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528776] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528820] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528869] ^ [ 17.528897] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.528940] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.529202] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.502562] ================================================================== [ 17.502636] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.502739] Read of size 1 at addr fff00000c77ac000 by task kunit_try_catch/233 [ 17.502890] [ 17.502954] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.503041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.503067] Hardware name: linux,dummy-virt (DT) [ 17.503099] Call trace: [ 17.503121] show_stack+0x20/0x38 (C) [ 17.503526] dump_stack_lvl+0x8c/0xd0 [ 17.503678] print_report+0x118/0x5d0 [ 17.503822] kasan_report+0xdc/0x128 [ 17.503966] __asan_report_load1_noabort+0x20/0x30 [ 17.504088] mempool_uaf_helper+0x314/0x340 [ 17.504222] mempool_page_alloc_uaf+0xc0/0x118 [ 17.504290] kunit_try_run_case+0x170/0x3f0 [ 17.504684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.504862] kthread+0x328/0x630 [ 17.504928] ret_from_fork+0x10/0x20 [ 17.505024] [ 17.505348] The buggy address belongs to the physical page: [ 17.505449] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ac [ 17.505638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.505794] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.505949] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.506027] page dumped because: kasan: bad access detected [ 17.506125] [ 17.506143] Memory state around the buggy address: [ 17.506176] fff00000c77abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.506676] fff00000c77abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.506777] >fff00000c77ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.506930] ^ [ 17.507009] fff00000c77ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.507080] fff00000c77ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.507201] ================================================================== [ 17.469740] ================================================================== [ 17.469803] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.469868] Read of size 1 at addr fff00000c77ac000 by task kunit_try_catch/229 [ 17.469921] [ 17.469952] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.470037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.470065] Hardware name: linux,dummy-virt (DT) [ 17.470097] Call trace: [ 17.470504] show_stack+0x20/0x38 (C) [ 17.470674] dump_stack_lvl+0x8c/0xd0 [ 17.470745] print_report+0x118/0x5d0 [ 17.470828] kasan_report+0xdc/0x128 [ 17.470956] __asan_report_load1_noabort+0x20/0x30 [ 17.471049] mempool_uaf_helper+0x314/0x340 [ 17.471097] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.471146] kunit_try_run_case+0x170/0x3f0 [ 17.471193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.471439] kthread+0x328/0x630 [ 17.471548] ret_from_fork+0x10/0x20 [ 17.471707] [ 17.471741] The buggy address belongs to the physical page: [ 17.471783] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ac [ 17.471872] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.471921] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.472197] page_type: f8(unknown) [ 17.472279] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.472333] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.472445] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.472496] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.472548] head: 0bfffe0000000002 ffffc1ffc31deb01 00000000ffffffff 00000000ffffffff [ 17.472767] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.472928] page dumped because: kasan: bad access detected [ 17.473017] [ 17.473123] Memory state around the buggy address: [ 17.473175] fff00000c77abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473256] fff00000c77abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473617] >fff00000c77ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473733] ^ [ 17.473803] fff00000c77ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473848] fff00000c77ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.474182] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.481754] ================================================================== [ 17.481831] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.481897] Read of size 1 at addr fff00000c6495240 by task kunit_try_catch/231 [ 17.482153] [ 17.482225] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.482319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.482365] Hardware name: linux,dummy-virt (DT) [ 17.482413] Call trace: [ 17.482463] show_stack+0x20/0x38 (C) [ 17.482513] dump_stack_lvl+0x8c/0xd0 [ 17.482583] print_report+0x118/0x5d0 [ 17.482682] kasan_report+0xdc/0x128 [ 17.482774] __asan_report_load1_noabort+0x20/0x30 [ 17.482825] mempool_uaf_helper+0x314/0x340 [ 17.482892] mempool_slab_uaf+0xc0/0x118 [ 17.482939] kunit_try_run_case+0x170/0x3f0 [ 17.483255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.483352] kthread+0x328/0x630 [ 17.483483] ret_from_fork+0x10/0x20 [ 17.483594] [ 17.483614] Allocated by task 231: [ 17.483643] kasan_save_stack+0x3c/0x68 [ 17.483908] kasan_save_track+0x20/0x40 [ 17.483986] kasan_save_alloc_info+0x40/0x58 [ 17.484103] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.484204] remove_element+0x16c/0x1f8 [ 17.484316] mempool_alloc_preallocated+0x58/0xc0 [ 17.484385] mempool_uaf_helper+0xa4/0x340 [ 17.484424] mempool_slab_uaf+0xc0/0x118 [ 17.484737] kunit_try_run_case+0x170/0x3f0 [ 17.484881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.484969] kthread+0x328/0x630 [ 17.485080] ret_from_fork+0x10/0x20 [ 17.485146] [ 17.485167] Freed by task 231: [ 17.485194] kasan_save_stack+0x3c/0x68 [ 17.485471] kasan_save_track+0x20/0x40 [ 17.485587] kasan_save_free_info+0x4c/0x78 [ 17.485695] __kasan_mempool_poison_object+0xc0/0x150 [ 17.485762] mempool_free+0x28c/0x328 [ 17.485845] mempool_uaf_helper+0x104/0x340 [ 17.485896] mempool_slab_uaf+0xc0/0x118 [ 17.486174] kunit_try_run_case+0x170/0x3f0 [ 17.486238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.486284] kthread+0x328/0x630 [ 17.486318] ret_from_fork+0x10/0x20 [ 17.486364] [ 17.486386] The buggy address belongs to the object at fff00000c6495240 [ 17.486386] which belongs to the cache test_cache of size 123 [ 17.486453] The buggy address is located 0 bytes inside of [ 17.486453] freed 123-byte region [fff00000c6495240, fff00000c64952bb) [ 17.486527] [ 17.486763] The buggy address belongs to the physical page: [ 17.486829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106495 [ 17.486976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.487094] page_type: f5(slab) [ 17.487214] raw: 0bfffe0000000000 fff00000c5842780 dead000000000122 0000000000000000 [ 17.487267] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.487336] page dumped because: kasan: bad access detected [ 17.487370] [ 17.487389] Memory state around the buggy address: [ 17.487420] fff00000c6495100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.487464] fff00000c6495180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.487691] >fff00000c6495200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.487783] ^ [ 17.487881] fff00000c6495280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.487986] fff00000c6495300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.488023] ================================================================== [ 17.460930] ================================================================== [ 17.461016] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.461089] Read of size 1 at addr fff00000c644b800 by task kunit_try_catch/227 [ 17.461146] [ 17.461189] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.461278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.461305] Hardware name: linux,dummy-virt (DT) [ 17.461340] Call trace: [ 17.461365] show_stack+0x20/0x38 (C) [ 17.461418] dump_stack_lvl+0x8c/0xd0 [ 17.461468] print_report+0x118/0x5d0 [ 17.461516] kasan_report+0xdc/0x128 [ 17.461562] __asan_report_load1_noabort+0x20/0x30 [ 17.461614] mempool_uaf_helper+0x314/0x340 [ 17.461659] mempool_kmalloc_uaf+0xc4/0x120 [ 17.461706] kunit_try_run_case+0x170/0x3f0 [ 17.461756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.461810] kthread+0x328/0x630 [ 17.461908] ret_from_fork+0x10/0x20 [ 17.461966] [ 17.461988] Allocated by task 227: [ 17.462021] kasan_save_stack+0x3c/0x68 [ 17.462068] kasan_save_track+0x20/0x40 [ 17.462107] kasan_save_alloc_info+0x40/0x58 [ 17.462148] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.462193] remove_element+0x130/0x1f8 [ 17.462232] mempool_alloc_preallocated+0x58/0xc0 [ 17.462271] mempool_uaf_helper+0xa4/0x340 [ 17.462309] mempool_kmalloc_uaf+0xc4/0x120 [ 17.462347] kunit_try_run_case+0x170/0x3f0 [ 17.462386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.462431] kthread+0x328/0x630 [ 17.462471] ret_from_fork+0x10/0x20 [ 17.462508] [ 17.462527] Freed by task 227: [ 17.462569] kasan_save_stack+0x3c/0x68 [ 17.462606] kasan_save_track+0x20/0x40 [ 17.462643] kasan_save_free_info+0x4c/0x78 [ 17.462683] __kasan_mempool_poison_object+0xc0/0x150 [ 17.462725] mempool_free+0x28c/0x328 [ 17.462761] mempool_uaf_helper+0x104/0x340 [ 17.462800] mempool_kmalloc_uaf+0xc4/0x120 [ 17.462838] kunit_try_run_case+0x170/0x3f0 [ 17.462889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.462937] kthread+0x328/0x630 [ 17.462970] ret_from_fork+0x10/0x20 [ 17.463007] [ 17.463026] The buggy address belongs to the object at fff00000c644b800 [ 17.463026] which belongs to the cache kmalloc-128 of size 128 [ 17.463090] The buggy address is located 0 bytes inside of [ 17.463090] freed 128-byte region [fff00000c644b800, fff00000c644b880) [ 17.463154] [ 17.463177] The buggy address belongs to the physical page: [ 17.463209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10644b [ 17.463265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.463319] page_type: f5(slab) [ 17.463363] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.463415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.463457] page dumped because: kasan: bad access detected [ 17.463490] [ 17.463508] Memory state around the buggy address: [ 17.463541] fff00000c644b700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.463586] fff00000c644b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.463630] >fff00000c644b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.463669] ^ [ 17.463696] fff00000c644b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.463739] fff00000c644b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.463778] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.401610] ================================================================== [ 17.401904] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.402040] Read of size 1 at addr fff00000c3fae2bb by task kunit_try_catch/225 [ 17.402200] [ 17.402263] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.402650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.402679] Hardware name: linux,dummy-virt (DT) [ 17.402721] Call trace: [ 17.402785] show_stack+0x20/0x38 (C) [ 17.402879] dump_stack_lvl+0x8c/0xd0 [ 17.402929] print_report+0x118/0x5d0 [ 17.403000] kasan_report+0xdc/0x128 [ 17.403062] __asan_report_load1_noabort+0x20/0x30 [ 17.403445] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.403721] mempool_slab_oob_right+0xc0/0x118 [ 17.403773] kunit_try_run_case+0x170/0x3f0 [ 17.403822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.403886] kthread+0x328/0x630 [ 17.403930] ret_from_fork+0x10/0x20 [ 17.404068] [ 17.404089] Allocated by task 225: [ 17.404293] kasan_save_stack+0x3c/0x68 [ 17.404341] kasan_save_track+0x20/0x40 [ 17.404419] kasan_save_alloc_info+0x40/0x58 [ 17.404602] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.404669] remove_element+0x16c/0x1f8 [ 17.404708] mempool_alloc_preallocated+0x58/0xc0 [ 17.404746] mempool_oob_right_helper+0x98/0x2f0 [ 17.404804] mempool_slab_oob_right+0xc0/0x118 [ 17.404978] kunit_try_run_case+0x170/0x3f0 [ 17.405062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.405189] kthread+0x328/0x630 [ 17.405281] ret_from_fork+0x10/0x20 [ 17.405336] [ 17.405356] The buggy address belongs to the object at fff00000c3fae240 [ 17.405356] which belongs to the cache test_cache of size 123 [ 17.405416] The buggy address is located 0 bytes to the right of [ 17.405416] allocated 123-byte region [fff00000c3fae240, fff00000c3fae2bb) [ 17.405484] [ 17.405526] The buggy address belongs to the physical page: [ 17.405563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fae [ 17.405704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.405809] page_type: f5(slab) [ 17.406224] raw: 0bfffe0000000000 fff00000c3f17a00 dead000000000122 0000000000000000 [ 17.406685] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.406892] page dumped because: kasan: bad access detected [ 17.406927] [ 17.406947] Memory state around the buggy address: [ 17.406981] fff00000c3fae180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.407258] fff00000c3fae200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.407308] >fff00000c3fae280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.407348] ^ [ 17.407384] fff00000c3fae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.407455] fff00000c3fae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.407540] ================================================================== [ 17.382520] ================================================================== [ 17.382598] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.382655] Read of size 1 at addr fff00000c784e001 by task kunit_try_catch/223 [ 17.382708] [ 17.382913] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.383037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.383075] Hardware name: linux,dummy-virt (DT) [ 17.383211] Call trace: [ 17.383237] show_stack+0x20/0x38 (C) [ 17.383289] dump_stack_lvl+0x8c/0xd0 [ 17.383336] print_report+0x118/0x5d0 [ 17.383381] kasan_report+0xdc/0x128 [ 17.383426] __asan_report_load1_noabort+0x20/0x30 [ 17.383475] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.383525] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.383577] kunit_try_run_case+0x170/0x3f0 [ 17.383636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.383689] kthread+0x328/0x630 [ 17.384044] ret_from_fork+0x10/0x20 [ 17.384104] [ 17.384376] The buggy address belongs to the physical page: [ 17.384556] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 17.384618] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.384665] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.384731] page_type: f8(unknown) [ 17.384772] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.385208] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.385649] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.385805] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.385964] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 17.386109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.386279] page dumped because: kasan: bad access detected [ 17.386315] [ 17.386334] Memory state around the buggy address: [ 17.386369] fff00000c784df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.386759] fff00000c784df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.386827] >fff00000c784e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.386876] ^ [ 17.387034] fff00000c784e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.387087] fff00000c784e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.387288] ================================================================== [ 17.373030] ================================================================== [ 17.373118] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.373193] Read of size 1 at addr fff00000c3f39d73 by task kunit_try_catch/221 [ 17.373245] [ 17.373285] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 17.373371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.373400] Hardware name: linux,dummy-virt (DT) [ 17.373432] Call trace: [ 17.373458] show_stack+0x20/0x38 (C) [ 17.373510] dump_stack_lvl+0x8c/0xd0 [ 17.373562] print_report+0x118/0x5d0 [ 17.373609] kasan_report+0xdc/0x128 [ 17.373654] __asan_report_load1_noabort+0x20/0x30 [ 17.373705] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.373754] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.373804] kunit_try_run_case+0x170/0x3f0 [ 17.373874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.373927] kthread+0x328/0x630 [ 17.373973] ret_from_fork+0x10/0x20 [ 17.374022] [ 17.374040] Allocated by task 221: [ 17.374072] kasan_save_stack+0x3c/0x68 [ 17.374114] kasan_save_track+0x20/0x40 [ 17.374152] kasan_save_alloc_info+0x40/0x58 [ 17.374192] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.374237] remove_element+0x130/0x1f8 [ 17.374275] mempool_alloc_preallocated+0x58/0xc0 [ 17.374316] mempool_oob_right_helper+0x98/0x2f0 [ 17.374357] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.374395] kunit_try_run_case+0x170/0x3f0 [ 17.374434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.374483] kthread+0x328/0x630 [ 17.374515] ret_from_fork+0x10/0x20 [ 17.374552] [ 17.374617] The buggy address belongs to the object at fff00000c3f39d00 [ 17.374617] which belongs to the cache kmalloc-128 of size 128 [ 17.374692] The buggy address is located 0 bytes to the right of [ 17.374692] allocated 115-byte region [fff00000c3f39d00, fff00000c3f39d73) [ 17.374762] [ 17.374784] The buggy address belongs to the physical page: [ 17.374819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 17.374890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.374945] page_type: f5(slab) [ 17.374989] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.375042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.375085] page dumped because: kasan: bad access detected [ 17.375117] [ 17.375135] Memory state around the buggy address: [ 17.375171] fff00000c3f39c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.375217] fff00000c3f39c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.375262] >fff00000c3f39d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.375302] ^ [ 17.375343] fff00000c3f39d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.375388] fff00000c3f39e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.375427] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.813291] ================================================================== [ 16.813365] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.813440] Read of size 1 at addr fff00000c3f17640 by task kunit_try_catch/215 [ 16.813494] [ 16.813535] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.813623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.813651] Hardware name: linux,dummy-virt (DT) [ 16.813687] Call trace: [ 16.813711] show_stack+0x20/0x38 (C) [ 16.813765] dump_stack_lvl+0x8c/0xd0 [ 16.813815] print_report+0x118/0x5d0 [ 16.813875] kasan_report+0xdc/0x128 [ 16.813922] __kasan_check_byte+0x54/0x70 [ 16.813968] kmem_cache_destroy+0x34/0x218 [ 16.814015] kmem_cache_double_destroy+0x174/0x300 [ 16.814065] kunit_try_run_case+0x170/0x3f0 [ 16.814114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.814168] kthread+0x328/0x630 [ 16.814212] ret_from_fork+0x10/0x20 [ 16.814261] [ 16.814280] Allocated by task 215: [ 16.814310] kasan_save_stack+0x3c/0x68 [ 16.814352] kasan_save_track+0x20/0x40 [ 16.814391] kasan_save_alloc_info+0x40/0x58 [ 16.814432] __kasan_slab_alloc+0xa8/0xb0 [ 16.814478] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.814520] __kmem_cache_create_args+0x178/0x280 [ 16.814575] kmem_cache_double_destroy+0xc0/0x300 [ 16.814618] kunit_try_run_case+0x170/0x3f0 [ 16.814656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.814701] kthread+0x328/0x630 [ 16.814733] ret_from_fork+0x10/0x20 [ 16.814771] [ 16.814789] Freed by task 215: [ 16.814815] kasan_save_stack+0x3c/0x68 [ 16.814863] kasan_save_track+0x20/0x40 [ 16.814900] kasan_save_free_info+0x4c/0x78 [ 16.814941] __kasan_slab_free+0x6c/0x98 [ 16.814979] kmem_cache_free+0x260/0x468 [ 16.815017] slab_kmem_cache_release+0x38/0x50 [ 16.815057] kmem_cache_release+0x1c/0x30 [ 16.815093] kobject_put+0x17c/0x420 [ 16.815131] sysfs_slab_release+0x1c/0x30 [ 16.815168] kmem_cache_destroy+0x118/0x218 [ 16.815206] kmem_cache_double_destroy+0x128/0x300 [ 16.815248] kunit_try_run_case+0x170/0x3f0 [ 16.815286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815333] kthread+0x328/0x630 [ 16.815366] ret_from_fork+0x10/0x20 [ 16.815403] [ 16.815422] The buggy address belongs to the object at fff00000c3f17640 [ 16.815422] which belongs to the cache kmem_cache of size 208 [ 16.815486] The buggy address is located 0 bytes inside of [ 16.815486] freed 208-byte region [fff00000c3f17640, fff00000c3f17710) [ 16.815555] [ 16.815577] The buggy address belongs to the physical page: [ 16.815612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 16.815675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.815727] page_type: f5(slab) [ 16.815773] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.815827] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.815881] page dumped because: kasan: bad access detected [ 16.815914] [ 16.815934] Memory state around the buggy address: [ 16.815969] fff00000c3f17500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.816014] fff00000c3f17580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.816059] >fff00000c3f17600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.816099] ^ [ 16.816135] fff00000c3f17680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.816179] fff00000c3f17700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.816218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.660330] ================================================================== [ 16.660524] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.660723] Read of size 1 at addr fff00000c3f9b000 by task kunit_try_catch/213 [ 16.661054] [ 16.661118] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.661208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.661236] Hardware name: linux,dummy-virt (DT) [ 16.661271] Call trace: [ 16.661778] show_stack+0x20/0x38 (C) [ 16.661875] dump_stack_lvl+0x8c/0xd0 [ 16.661930] print_report+0x118/0x5d0 [ 16.661978] kasan_report+0xdc/0x128 [ 16.662022] __asan_report_load1_noabort+0x20/0x30 [ 16.662565] kmem_cache_rcu_uaf+0x388/0x468 [ 16.663056] kunit_try_run_case+0x170/0x3f0 [ 16.663218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663434] kthread+0x328/0x630 [ 16.663498] ret_from_fork+0x10/0x20 [ 16.663742] [ 16.663961] Allocated by task 213: [ 16.664079] kasan_save_stack+0x3c/0x68 [ 16.664219] kasan_save_track+0x20/0x40 [ 16.664274] kasan_save_alloc_info+0x40/0x58 [ 16.664489] __kasan_slab_alloc+0xa8/0xb0 [ 16.664768] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.665096] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.665612] kunit_try_run_case+0x170/0x3f0 [ 16.665745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.665992] kthread+0x328/0x630 [ 16.666293] ret_from_fork+0x10/0x20 [ 16.666371] [ 16.666393] Freed by task 0: [ 16.666666] kasan_save_stack+0x3c/0x68 [ 16.666810] kasan_save_track+0x20/0x40 [ 16.666909] kasan_save_free_info+0x4c/0x78 [ 16.667093] __kasan_slab_free+0x6c/0x98 [ 16.667263] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.667378] rcu_core+0x9f4/0x1e20 [ 16.667473] rcu_core_si+0x18/0x30 [ 16.667614] handle_softirqs+0x374/0xb28 [ 16.667670] __do_softirq+0x1c/0x28 [ 16.668139] [ 16.668249] Last potentially related work creation: [ 16.668289] kasan_save_stack+0x3c/0x68 [ 16.668375] kasan_record_aux_stack+0xb4/0xc8 [ 16.668785] kmem_cache_free+0x120/0x468 [ 16.668895] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.668938] kunit_try_run_case+0x170/0x3f0 [ 16.669000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669735] kthread+0x328/0x630 [ 16.669829] ret_from_fork+0x10/0x20 [ 16.669971] [ 16.669992] The buggy address belongs to the object at fff00000c3f9b000 [ 16.669992] which belongs to the cache test_cache of size 200 [ 16.670081] The buggy address is located 0 bytes inside of [ 16.670081] freed 200-byte region [fff00000c3f9b000, fff00000c3f9b0c8) [ 16.670181] [ 16.670215] The buggy address belongs to the physical page: [ 16.670258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f9b [ 16.670327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.670382] page_type: f5(slab) [ 16.670427] raw: 0bfffe0000000000 fff00000c3f17500 dead000000000122 0000000000000000 [ 16.670501] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.670546] page dumped because: kasan: bad access detected [ 16.670736] [ 16.670873] Memory state around the buggy address: [ 16.670914] fff00000c3f9af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.670963] fff00000c3f9af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671422] >fff00000c3f9b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671483] ^ [ 16.671760] fff00000c3f9b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.671880] fff00000c3f9b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.143166] ================================================================== [ 16.143232] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.144091] Free of addr fff00000c3f83001 by task kunit_try_catch/211 [ 16.144437] [ 16.144495] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.144692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.144762] Hardware name: linux,dummy-virt (DT) [ 16.145203] Call trace: [ 16.145233] show_stack+0x20/0x38 (C) [ 16.145441] dump_stack_lvl+0x8c/0xd0 [ 16.145630] print_report+0x118/0x5d0 [ 16.145876] kasan_report_invalid_free+0xc0/0xe8 [ 16.145999] check_slab_allocation+0xfc/0x108 [ 16.146049] __kasan_slab_pre_free+0x2c/0x48 [ 16.146099] kmem_cache_free+0xf0/0x468 [ 16.146517] kmem_cache_invalid_free+0x184/0x3c8 [ 16.146840] kunit_try_run_case+0x170/0x3f0 [ 16.147132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.147235] kthread+0x328/0x630 [ 16.147305] ret_from_fork+0x10/0x20 [ 16.147562] [ 16.147583] Allocated by task 211: [ 16.147617] kasan_save_stack+0x3c/0x68 [ 16.147662] kasan_save_track+0x20/0x40 [ 16.147917] kasan_save_alloc_info+0x40/0x58 [ 16.148132] __kasan_slab_alloc+0xa8/0xb0 [ 16.148284] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.148334] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.148382] kunit_try_run_case+0x170/0x3f0 [ 16.148838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.149260] kthread+0x328/0x630 [ 16.149553] ret_from_fork+0x10/0x20 [ 16.149800] [ 16.149822] The buggy address belongs to the object at fff00000c3f83000 [ 16.149822] which belongs to the cache test_cache of size 200 [ 16.150020] The buggy address is located 1 bytes inside of [ 16.150020] 200-byte region [fff00000c3f83000, fff00000c3f830c8) [ 16.150099] [ 16.150131] The buggy address belongs to the physical page: [ 16.150321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f83 [ 16.150637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.150830] page_type: f5(slab) [ 16.151222] raw: 0bfffe0000000000 fff00000c3f173c0 dead000000000122 0000000000000000 [ 16.151399] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.151655] page dumped because: kasan: bad access detected [ 16.151724] [ 16.151744] Memory state around the buggy address: [ 16.151779] fff00000c3f82f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.151826] fff00000c3f82f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.152226] >fff00000c3f83000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.152286] ^ [ 16.152414] fff00000c3f83080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.152506] fff00000c3f83100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.092266] ================================================================== [ 16.092334] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.092404] Free of addr fff00000c3f85000 by task kunit_try_catch/209 [ 16.092450] [ 16.093217] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.093624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.093711] Hardware name: linux,dummy-virt (DT) [ 16.093817] Call trace: [ 16.093841] show_stack+0x20/0x38 (C) [ 16.093911] dump_stack_lvl+0x8c/0xd0 [ 16.093962] print_report+0x118/0x5d0 [ 16.094421] kasan_report_invalid_free+0xc0/0xe8 [ 16.094497] check_slab_allocation+0xd4/0x108 [ 16.094776] __kasan_slab_pre_free+0x2c/0x48 [ 16.095109] kmem_cache_free+0xf0/0x468 [ 16.095173] kmem_cache_double_free+0x190/0x3c8 [ 16.095361] kunit_try_run_case+0x170/0x3f0 [ 16.095555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.096037] kthread+0x328/0x630 [ 16.096141] ret_from_fork+0x10/0x20 [ 16.096201] [ 16.096220] Allocated by task 209: [ 16.096434] kasan_save_stack+0x3c/0x68 [ 16.096744] kasan_save_track+0x20/0x40 [ 16.096842] kasan_save_alloc_info+0x40/0x58 [ 16.097231] __kasan_slab_alloc+0xa8/0xb0 [ 16.097442] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.097868] kmem_cache_double_free+0x12c/0x3c8 [ 16.098372] kunit_try_run_case+0x170/0x3f0 [ 16.098542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.098595] kthread+0x328/0x630 [ 16.098748] ret_from_fork+0x10/0x20 [ 16.098846] [ 16.098886] Freed by task 209: [ 16.098917] kasan_save_stack+0x3c/0x68 [ 16.099249] kasan_save_track+0x20/0x40 [ 16.099525] kasan_save_free_info+0x4c/0x78 [ 16.099726] __kasan_slab_free+0x6c/0x98 [ 16.099877] kmem_cache_free+0x260/0x468 [ 16.099915] kmem_cache_double_free+0x140/0x3c8 [ 16.100386] kunit_try_run_case+0x170/0x3f0 [ 16.100536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.100829] kthread+0x328/0x630 [ 16.101233] ret_from_fork+0x10/0x20 [ 16.101454] [ 16.101479] The buggy address belongs to the object at fff00000c3f85000 [ 16.101479] which belongs to the cache test_cache of size 200 [ 16.101877] The buggy address is located 0 bytes inside of [ 16.101877] 200-byte region [fff00000c3f85000, fff00000c3f850c8) [ 16.102154] [ 16.102199] The buggy address belongs to the physical page: [ 16.102488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f85 [ 16.102878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.102994] page_type: f5(slab) [ 16.103165] raw: 0bfffe0000000000 fff00000c3f17280 dead000000000122 0000000000000000 [ 16.103620] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.103955] page dumped because: kasan: bad access detected [ 16.103994] [ 16.104012] Memory state around the buggy address: [ 16.104271] fff00000c3f84f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.104550] fff00000c3f84f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.104861] >fff00000c3f85000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.105207] ^ [ 16.105249] fff00000c3f85080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.105467] fff00000c3f85100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 16.007546] ================================================================== [ 16.008295] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 16.008362] Read of size 1 at addr fff00000c3f9a0c8 by task kunit_try_catch/207 [ 16.008416] [ 16.008451] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.008535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.008562] Hardware name: linux,dummy-virt (DT) [ 16.008595] Call trace: [ 16.008618] show_stack+0x20/0x38 (C) [ 16.009230] dump_stack_lvl+0x8c/0xd0 [ 16.009281] print_report+0x118/0x5d0 [ 16.009329] kasan_report+0xdc/0x128 [ 16.009376] __asan_report_load1_noabort+0x20/0x30 [ 16.009427] kmem_cache_oob+0x344/0x430 [ 16.009471] kunit_try_run_case+0x170/0x3f0 [ 16.009520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.009572] kthread+0x328/0x630 [ 16.009614] ret_from_fork+0x10/0x20 [ 16.009663] [ 16.009681] Allocated by task 207: [ 16.009711] kasan_save_stack+0x3c/0x68 [ 16.009751] kasan_save_track+0x20/0x40 [ 16.009789] kasan_save_alloc_info+0x40/0x58 [ 16.009827] __kasan_slab_alloc+0xa8/0xb0 [ 16.009876] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.009916] kmem_cache_oob+0x12c/0x430 [ 16.009952] kunit_try_run_case+0x170/0x3f0 [ 16.009990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.010032] kthread+0x328/0x630 [ 16.010064] ret_from_fork+0x10/0x20 [ 16.010099] [ 16.010117] The buggy address belongs to the object at fff00000c3f9a000 [ 16.010117] which belongs to the cache test_cache of size 200 [ 16.010177] The buggy address is located 0 bytes to the right of [ 16.010177] allocated 200-byte region [fff00000c3f9a000, fff00000c3f9a0c8) [ 16.010243] [ 16.010264] The buggy address belongs to the physical page: [ 16.010294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f9a [ 16.010351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.010402] page_type: f5(slab) [ 16.010446] raw: 0bfffe0000000000 fff00000c3f17140 dead000000000122 0000000000000000 [ 16.010497] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.010538] page dumped because: kasan: bad access detected [ 16.011141] [ 16.011257] Memory state around the buggy address: [ 16.011314] fff00000c3f99f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.011518] fff00000c3f9a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.011568] >fff00000c3f9a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.011609] ^ [ 16.011655] fff00000c3f9a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.011700] fff00000c3f9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.011738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.960989] ================================================================== [ 15.961068] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.961128] Read of size 8 at addr fff00000c3f937c0 by task kunit_try_catch/200 [ 15.961180] [ 15.961216] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.963027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.963073] Hardware name: linux,dummy-virt (DT) [ 15.963156] Call trace: [ 15.963183] show_stack+0x20/0x38 (C) [ 15.963240] dump_stack_lvl+0x8c/0xd0 [ 15.963287] print_report+0x118/0x5d0 [ 15.963333] kasan_report+0xdc/0x128 [ 15.963378] __asan_report_load8_noabort+0x20/0x30 [ 15.963431] workqueue_uaf+0x480/0x4a8 [ 15.963474] kunit_try_run_case+0x170/0x3f0 [ 15.963521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.963574] kthread+0x328/0x630 [ 15.963616] ret_from_fork+0x10/0x20 [ 15.963712] [ 15.963810] Allocated by task 200: [ 15.963842] kasan_save_stack+0x3c/0x68 [ 15.964702] kasan_save_track+0x20/0x40 [ 15.965108] kasan_save_alloc_info+0x40/0x58 [ 15.965202] __kasan_kmalloc+0xd4/0xd8 [ 15.965240] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.965282] workqueue_uaf+0x13c/0x4a8 [ 15.966159] kunit_try_run_case+0x170/0x3f0 [ 15.966217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.966263] kthread+0x328/0x630 [ 15.966691] ret_from_fork+0x10/0x20 [ 15.966883] [ 15.966906] Freed by task 57: [ 15.967086] kasan_save_stack+0x3c/0x68 [ 15.967297] kasan_save_track+0x20/0x40 [ 15.967376] kasan_save_free_info+0x4c/0x78 [ 15.967417] __kasan_slab_free+0x6c/0x98 [ 15.967876] kfree+0x214/0x3c8 [ 15.967923] workqueue_uaf_work+0x18/0x30 [ 15.968293] process_one_work+0x530/0xf98 [ 15.968345] worker_thread+0x618/0xf38 [ 15.968729] kthread+0x328/0x630 [ 15.968774] ret_from_fork+0x10/0x20 [ 15.969117] [ 15.969146] Last potentially related work creation: [ 15.969208] kasan_save_stack+0x3c/0x68 [ 15.969597] kasan_record_aux_stack+0xb4/0xc8 [ 15.969964] __queue_work+0x65c/0x1008 [ 15.970297] queue_work_on+0xbc/0xf8 [ 15.970776] workqueue_uaf+0x210/0x4a8 [ 15.970826] kunit_try_run_case+0x170/0x3f0 [ 15.971102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.971150] kthread+0x328/0x630 [ 15.971358] ret_from_fork+0x10/0x20 [ 15.971416] [ 15.971650] The buggy address belongs to the object at fff00000c3f937c0 [ 15.971650] which belongs to the cache kmalloc-32 of size 32 [ 15.971972] The buggy address is located 0 bytes inside of [ 15.971972] freed 32-byte region [fff00000c3f937c0, fff00000c3f937e0) [ 15.972575] [ 15.972719] The buggy address belongs to the physical page: [ 15.973028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f93 [ 15.973306] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.973671] page_type: f5(slab) [ 15.973779] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.974014] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.974060] page dumped because: kasan: bad access detected [ 15.974094] [ 15.974112] Memory state around the buggy address: [ 15.974287] fff00000c3f93680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.974412] fff00000c3f93700: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.974604] >fff00000c3f93780: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.974699] ^ [ 15.974934] fff00000c3f93800: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.975186] fff00000c3f93880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.975513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.924341] ================================================================== [ 15.924478] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.924551] Read of size 4 at addr fff00000c3f93580 by task swapper/1/0 [ 15.924602] [ 15.924642] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.924725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.924753] Hardware name: linux,dummy-virt (DT) [ 15.924785] Call trace: [ 15.924808] show_stack+0x20/0x38 (C) [ 15.925466] dump_stack_lvl+0x8c/0xd0 [ 15.925524] print_report+0x118/0x5d0 [ 15.925579] kasan_report+0xdc/0x128 [ 15.925684] __asan_report_load4_noabort+0x20/0x30 [ 15.925784] rcu_uaf_reclaim+0x64/0x70 [ 15.925999] rcu_core+0x9f4/0x1e20 [ 15.926055] rcu_core_si+0x18/0x30 [ 15.926146] handle_softirqs+0x374/0xb28 [ 15.926235] __do_softirq+0x1c/0x28 [ 15.926281] ____do_softirq+0x18/0x30 [ 15.926326] call_on_irq_stack+0x24/0x30 [ 15.926373] do_softirq_own_stack+0x24/0x38 [ 15.926418] __irq_exit_rcu+0x1fc/0x318 [ 15.926473] irq_exit_rcu+0x1c/0x80 [ 15.926517] el1_interrupt+0x38/0x58 [ 15.926572] el1h_64_irq_handler+0x18/0x28 [ 15.926722] el1h_64_irq+0x6c/0x70 [ 15.926819] arch_local_irq_enable+0x4/0x8 (P) [ 15.926935] do_idle+0x384/0x4e8 [ 15.926995] cpu_startup_entry+0x68/0x80 [ 15.927040] secondary_start_kernel+0x288/0x340 [ 15.927087] __secondary_switched+0xc0/0xc8 [ 15.927142] [ 15.927187] Allocated by task 198: [ 15.927218] kasan_save_stack+0x3c/0x68 [ 15.927294] kasan_save_track+0x20/0x40 [ 15.927334] kasan_save_alloc_info+0x40/0x58 [ 15.927377] __kasan_kmalloc+0xd4/0xd8 [ 15.927413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.927453] rcu_uaf+0xb0/0x2d8 [ 15.927496] kunit_try_run_case+0x170/0x3f0 [ 15.927653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.927699] kthread+0x328/0x630 [ 15.927861] ret_from_fork+0x10/0x20 [ 15.927900] [ 15.927988] Freed by task 0: [ 15.928016] kasan_save_stack+0x3c/0x68 [ 15.928055] kasan_save_track+0x20/0x40 [ 15.928092] kasan_save_free_info+0x4c/0x78 [ 15.928141] __kasan_slab_free+0x6c/0x98 [ 15.928179] kfree+0x214/0x3c8 [ 15.928213] rcu_uaf_reclaim+0x28/0x70 [ 15.928397] rcu_core+0x9f4/0x1e20 [ 15.928435] rcu_core_si+0x18/0x30 [ 15.928471] handle_softirqs+0x374/0xb28 [ 15.928508] __do_softirq+0x1c/0x28 [ 15.928570] [ 15.928683] Last potentially related work creation: [ 15.928719] kasan_save_stack+0x3c/0x68 [ 15.928767] kasan_record_aux_stack+0xb4/0xc8 [ 15.928832] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.928885] call_rcu+0x18/0x30 [ 15.928919] rcu_uaf+0x14c/0x2d8 [ 15.929037] kunit_try_run_case+0x170/0x3f0 [ 15.929083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.929127] kthread+0x328/0x630 [ 15.929207] ret_from_fork+0x10/0x20 [ 15.929405] [ 15.929546] The buggy address belongs to the object at fff00000c3f93580 [ 15.929546] which belongs to the cache kmalloc-32 of size 32 [ 15.929686] The buggy address is located 0 bytes inside of [ 15.929686] freed 32-byte region [fff00000c3f93580, fff00000c3f935a0) [ 15.929779] [ 15.929894] The buggy address belongs to the physical page: [ 15.929931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f93 [ 15.929996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.930246] page_type: f5(slab) [ 15.930357] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.930480] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.930876] page dumped because: kasan: bad access detected [ 15.931002] [ 15.931023] Memory state around the buggy address: [ 15.931108] fff00000c3f93480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.931363] fff00000c3f93500: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.931516] >fff00000c3f93580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.931644] ^ [ 15.931675] fff00000c3f93600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.932402] fff00000c3f93680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.932632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.655916] ================================================================== [ 15.655979] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.656465] Read of size 1 at addr fff00000c3f39a00 by task kunit_try_catch/196 [ 15.656628] [ 15.656662] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.656992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.657064] Hardware name: linux,dummy-virt (DT) [ 15.657101] Call trace: [ 15.657145] show_stack+0x20/0x38 (C) [ 15.657292] dump_stack_lvl+0x8c/0xd0 [ 15.657345] print_report+0x118/0x5d0 [ 15.657433] kasan_report+0xdc/0x128 [ 15.657498] __kasan_check_byte+0x54/0x70 [ 15.657985] ksize+0x30/0x88 [ 15.658101] ksize_uaf+0x168/0x5f8 [ 15.658190] kunit_try_run_case+0x170/0x3f0 [ 15.658245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.658360] kthread+0x328/0x630 [ 15.658428] ret_from_fork+0x10/0x20 [ 15.658489] [ 15.658507] Allocated by task 196: [ 15.658677] kasan_save_stack+0x3c/0x68 [ 15.659015] kasan_save_track+0x20/0x40 [ 15.659107] kasan_save_alloc_info+0x40/0x58 [ 15.659222] __kasan_kmalloc+0xd4/0xd8 [ 15.659265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.659304] ksize_uaf+0xb8/0x5f8 [ 15.659475] kunit_try_run_case+0x170/0x3f0 [ 15.659648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.659722] kthread+0x328/0x630 [ 15.659889] ret_from_fork+0x10/0x20 [ 15.659987] [ 15.660098] Freed by task 196: [ 15.660176] kasan_save_stack+0x3c/0x68 [ 15.660266] kasan_save_track+0x20/0x40 [ 15.660307] kasan_save_free_info+0x4c/0x78 [ 15.660581] __kasan_slab_free+0x6c/0x98 [ 15.660843] kfree+0x214/0x3c8 [ 15.661028] ksize_uaf+0x11c/0x5f8 [ 15.661127] kunit_try_run_case+0x170/0x3f0 [ 15.661224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.661271] kthread+0x328/0x630 [ 15.661304] ret_from_fork+0x10/0x20 [ 15.661341] [ 15.661361] The buggy address belongs to the object at fff00000c3f39a00 [ 15.661361] which belongs to the cache kmalloc-128 of size 128 [ 15.661447] The buggy address is located 0 bytes inside of [ 15.661447] freed 128-byte region [fff00000c3f39a00, fff00000c3f39a80) [ 15.661541] [ 15.661570] The buggy address belongs to the physical page: [ 15.661617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.661672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.661722] page_type: f5(slab) [ 15.661771] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.661822] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.661884] page dumped because: kasan: bad access detected [ 15.661940] [ 15.661959] Memory state around the buggy address: [ 15.661991] fff00000c3f39900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.662036] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.662091] >fff00000c3f39a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.662131] ^ [ 15.662157] fff00000c3f39a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.662200] fff00000c3f39b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.662242] ================================================================== [ 15.677460] ================================================================== [ 15.677519] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.677719] Read of size 1 at addr fff00000c3f39a78 by task kunit_try_catch/196 [ 15.677774] [ 15.677805] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.678042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.678082] Hardware name: linux,dummy-virt (DT) [ 15.678134] Call trace: [ 15.678157] show_stack+0x20/0x38 (C) [ 15.678206] dump_stack_lvl+0x8c/0xd0 [ 15.678253] print_report+0x118/0x5d0 [ 15.678297] kasan_report+0xdc/0x128 [ 15.678342] __asan_report_load1_noabort+0x20/0x30 [ 15.678393] ksize_uaf+0x544/0x5f8 [ 15.678443] kunit_try_run_case+0x170/0x3f0 [ 15.678491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.678782] kthread+0x328/0x630 [ 15.678887] ret_from_fork+0x10/0x20 [ 15.679487] [ 15.679716] Allocated by task 196: [ 15.679783] kasan_save_stack+0x3c/0x68 [ 15.679915] kasan_save_track+0x20/0x40 [ 15.680015] kasan_save_alloc_info+0x40/0x58 [ 15.680092] __kasan_kmalloc+0xd4/0xd8 [ 15.680239] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.680324] ksize_uaf+0xb8/0x5f8 [ 15.680525] kunit_try_run_case+0x170/0x3f0 [ 15.680929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.681035] kthread+0x328/0x630 [ 15.681367] ret_from_fork+0x10/0x20 [ 15.681562] [ 15.681719] Freed by task 196: [ 15.681909] kasan_save_stack+0x3c/0x68 [ 15.681984] kasan_save_track+0x20/0x40 [ 15.682023] kasan_save_free_info+0x4c/0x78 [ 15.682276] __kasan_slab_free+0x6c/0x98 [ 15.682464] kfree+0x214/0x3c8 [ 15.682642] ksize_uaf+0x11c/0x5f8 [ 15.682738] kunit_try_run_case+0x170/0x3f0 [ 15.682860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.682946] kthread+0x328/0x630 [ 15.683359] ret_from_fork+0x10/0x20 [ 15.683429] [ 15.683506] The buggy address belongs to the object at fff00000c3f39a00 [ 15.683506] which belongs to the cache kmalloc-128 of size 128 [ 15.683610] The buggy address is located 120 bytes inside of [ 15.683610] freed 128-byte region [fff00000c3f39a00, fff00000c3f39a80) [ 15.683750] [ 15.683876] The buggy address belongs to the physical page: [ 15.684009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.684284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.684512] page_type: f5(slab) [ 15.684597] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.684779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.684865] page dumped because: kasan: bad access detected [ 15.684972] [ 15.684994] Memory state around the buggy address: [ 15.685058] fff00000c3f39900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.685122] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.685429] >fff00000c3f39a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.685704] ^ [ 15.685910] fff00000c3f39a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.686001] fff00000c3f39b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.686219] ================================================================== [ 15.665017] ================================================================== [ 15.665143] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.665195] Read of size 1 at addr fff00000c3f39a00 by task kunit_try_catch/196 [ 15.665249] [ 15.665278] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.665361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.666035] Hardware name: linux,dummy-virt (DT) [ 15.666287] Call trace: [ 15.666324] show_stack+0x20/0x38 (C) [ 15.666567] dump_stack_lvl+0x8c/0xd0 [ 15.666652] print_report+0x118/0x5d0 [ 15.666698] kasan_report+0xdc/0x128 [ 15.666940] __asan_report_load1_noabort+0x20/0x30 [ 15.667128] ksize_uaf+0x598/0x5f8 [ 15.667181] kunit_try_run_case+0x170/0x3f0 [ 15.667541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.667806] kthread+0x328/0x630 [ 15.668018] ret_from_fork+0x10/0x20 [ 15.668153] [ 15.668246] Allocated by task 196: [ 15.668277] kasan_save_stack+0x3c/0x68 [ 15.668522] kasan_save_track+0x20/0x40 [ 15.668631] kasan_save_alloc_info+0x40/0x58 [ 15.668844] __kasan_kmalloc+0xd4/0xd8 [ 15.668937] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.669230] ksize_uaf+0xb8/0x5f8 [ 15.669316] kunit_try_run_case+0x170/0x3f0 [ 15.669360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.669918] kthread+0x328/0x630 [ 15.670011] ret_from_fork+0x10/0x20 [ 15.670372] [ 15.670529] Freed by task 196: [ 15.670562] kasan_save_stack+0x3c/0x68 [ 15.670666] kasan_save_track+0x20/0x40 [ 15.670705] kasan_save_free_info+0x4c/0x78 [ 15.670747] __kasan_slab_free+0x6c/0x98 [ 15.670784] kfree+0x214/0x3c8 [ 15.671021] ksize_uaf+0x11c/0x5f8 [ 15.671235] kunit_try_run_case+0x170/0x3f0 [ 15.671593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.671976] kthread+0x328/0x630 [ 15.672196] ret_from_fork+0x10/0x20 [ 15.672445] [ 15.672512] The buggy address belongs to the object at fff00000c3f39a00 [ 15.672512] which belongs to the cache kmalloc-128 of size 128 [ 15.672847] The buggy address is located 0 bytes inside of [ 15.672847] freed 128-byte region [fff00000c3f39a00, fff00000c3f39a80) [ 15.672939] [ 15.672959] The buggy address belongs to the physical page: [ 15.673400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.673827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.674150] page_type: f5(slab) [ 15.674371] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.674500] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.674647] page dumped because: kasan: bad access detected [ 15.675017] [ 15.675095] Memory state around the buggy address: [ 15.675213] fff00000c3f39900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.675271] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.675471] >fff00000c3f39a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.675671] ^ [ 15.675745] fff00000c3f39a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.675801] fff00000c3f39b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676103] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.633063] ================================================================== [ 15.633419] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.633488] Read of size 1 at addr fff00000c3f39978 by task kunit_try_catch/194 [ 15.633544] [ 15.633576] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.633921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.634157] Hardware name: linux,dummy-virt (DT) [ 15.634359] Call trace: [ 15.634405] show_stack+0x20/0x38 (C) [ 15.634466] dump_stack_lvl+0x8c/0xd0 [ 15.634669] print_report+0x118/0x5d0 [ 15.634764] kasan_report+0xdc/0x128 [ 15.634812] __asan_report_load1_noabort+0x20/0x30 [ 15.634874] ksize_unpoisons_memory+0x618/0x740 [ 15.635346] kunit_try_run_case+0x170/0x3f0 [ 15.635460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.635872] kthread+0x328/0x630 [ 15.636095] ret_from_fork+0x10/0x20 [ 15.636339] [ 15.636405] Allocated by task 194: [ 15.636442] kasan_save_stack+0x3c/0x68 [ 15.636810] kasan_save_track+0x20/0x40 [ 15.636930] kasan_save_alloc_info+0x40/0x58 [ 15.636976] __kasan_kmalloc+0xd4/0xd8 [ 15.637324] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.637468] ksize_unpoisons_memory+0xc0/0x740 [ 15.637524] kunit_try_run_case+0x170/0x3f0 [ 15.637873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.638065] kthread+0x328/0x630 [ 15.638103] ret_from_fork+0x10/0x20 [ 15.638380] [ 15.638506] The buggy address belongs to the object at fff00000c3f39900 [ 15.638506] which belongs to the cache kmalloc-128 of size 128 [ 15.638712] The buggy address is located 5 bytes to the right of [ 15.638712] allocated 115-byte region [fff00000c3f39900, fff00000c3f39973) [ 15.638787] [ 15.639160] The buggy address belongs to the physical page: [ 15.639204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.639452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.639748] page_type: f5(slab) [ 15.639802] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.639992] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.640067] page dumped because: kasan: bad access detected [ 15.640380] [ 15.640535] Memory state around the buggy address: [ 15.640589] fff00000c3f39800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.640654] fff00000c3f39880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640744] >fff00000c3f39900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.640786] ^ [ 15.640848] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640914] fff00000c3f39a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640968] ================================================================== [ 15.619598] ================================================================== [ 15.619686] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.619740] Read of size 1 at addr fff00000c3f39973 by task kunit_try_catch/194 [ 15.619802] [ 15.619835] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.620365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.620769] Hardware name: linux,dummy-virt (DT) [ 15.620859] Call trace: [ 15.620890] show_stack+0x20/0x38 (C) [ 15.621027] dump_stack_lvl+0x8c/0xd0 [ 15.621157] print_report+0x118/0x5d0 [ 15.621220] kasan_report+0xdc/0x128 [ 15.621593] __asan_report_load1_noabort+0x20/0x30 [ 15.621793] ksize_unpoisons_memory+0x628/0x740 [ 15.621895] kunit_try_run_case+0x170/0x3f0 [ 15.622037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.622098] kthread+0x328/0x630 [ 15.622490] ret_from_fork+0x10/0x20 [ 15.622595] [ 15.622674] Allocated by task 194: [ 15.623150] kasan_save_stack+0x3c/0x68 [ 15.623566] kasan_save_track+0x20/0x40 [ 15.623742] kasan_save_alloc_info+0x40/0x58 [ 15.623840] __kasan_kmalloc+0xd4/0xd8 [ 15.623924] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.623997] ksize_unpoisons_memory+0xc0/0x740 [ 15.624039] kunit_try_run_case+0x170/0x3f0 [ 15.624078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.624520] kthread+0x328/0x630 [ 15.624749] ret_from_fork+0x10/0x20 [ 15.624940] [ 15.624964] The buggy address belongs to the object at fff00000c3f39900 [ 15.624964] which belongs to the cache kmalloc-128 of size 128 [ 15.625328] The buggy address is located 0 bytes to the right of [ 15.625328] allocated 115-byte region [fff00000c3f39900, fff00000c3f39973) [ 15.625679] [ 15.625868] The buggy address belongs to the physical page: [ 15.626009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.626181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.626347] page_type: f5(slab) [ 15.626411] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.627063] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.627310] page dumped because: kasan: bad access detected [ 15.627377] [ 15.627456] Memory state around the buggy address: [ 15.627593] fff00000c3f39800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.627678] fff00000c3f39880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.627873] >fff00000c3f39900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.628050] ^ [ 15.628197] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628263] fff00000c3f39a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628806] ================================================================== [ 15.643452] ================================================================== [ 15.643513] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.643567] Read of size 1 at addr fff00000c3f3997f by task kunit_try_catch/194 [ 15.643844] [ 15.644288] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.644394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.644422] Hardware name: linux,dummy-virt (DT) [ 15.644846] Call trace: [ 15.644961] show_stack+0x20/0x38 (C) [ 15.645155] dump_stack_lvl+0x8c/0xd0 [ 15.645379] print_report+0x118/0x5d0 [ 15.645489] kasan_report+0xdc/0x128 [ 15.645576] __asan_report_load1_noabort+0x20/0x30 [ 15.645631] ksize_unpoisons_memory+0x690/0x740 [ 15.645791] kunit_try_run_case+0x170/0x3f0 [ 15.645843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.645958] kthread+0x328/0x630 [ 15.646004] ret_from_fork+0x10/0x20 [ 15.646053] [ 15.646071] Allocated by task 194: [ 15.646099] kasan_save_stack+0x3c/0x68 [ 15.646142] kasan_save_track+0x20/0x40 [ 15.646179] kasan_save_alloc_info+0x40/0x58 [ 15.646552] __kasan_kmalloc+0xd4/0xd8 [ 15.646683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.646737] ksize_unpoisons_memory+0xc0/0x740 [ 15.646816] kunit_try_run_case+0x170/0x3f0 [ 15.646949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.646997] kthread+0x328/0x630 [ 15.647044] ret_from_fork+0x10/0x20 [ 15.647088] [ 15.647355] The buggy address belongs to the object at fff00000c3f39900 [ 15.647355] which belongs to the cache kmalloc-128 of size 128 [ 15.647534] The buggy address is located 12 bytes to the right of [ 15.647534] allocated 115-byte region [fff00000c3f39900, fff00000c3f39973) [ 15.647659] [ 15.647701] The buggy address belongs to the physical page: [ 15.647732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.647788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.647859] page_type: f5(slab) [ 15.647903] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.647968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.648010] page dumped because: kasan: bad access detected [ 15.648042] [ 15.648061] Memory state around the buggy address: [ 15.648101] fff00000c3f39800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.648147] fff00000c3f39880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.648201] >fff00000c3f39900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.648241] ^ [ 15.648283] fff00000c3f39980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.648350] fff00000c3f39a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.648405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.600464] ================================================================== [ 15.600551] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.600888] Free of addr fff00000c3ec4160 by task kunit_try_catch/192 [ 15.600951] [ 15.600985] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.601466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.601584] Hardware name: linux,dummy-virt (DT) [ 15.601622] Call trace: [ 15.601664] show_stack+0x20/0x38 (C) [ 15.601726] dump_stack_lvl+0x8c/0xd0 [ 15.601953] print_report+0x118/0x5d0 [ 15.602297] kasan_report_invalid_free+0xc0/0xe8 [ 15.602649] check_slab_allocation+0xd4/0x108 [ 15.602902] __kasan_slab_pre_free+0x2c/0x48 [ 15.603070] kfree+0xe8/0x3c8 [ 15.603492] kfree_sensitive+0x3c/0xb0 [ 15.603733] kmalloc_double_kzfree+0x168/0x308 [ 15.603795] kunit_try_run_case+0x170/0x3f0 [ 15.603843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.603911] kthread+0x328/0x630 [ 15.604335] ret_from_fork+0x10/0x20 [ 15.604547] [ 15.604628] Allocated by task 192: [ 15.604842] kasan_save_stack+0x3c/0x68 [ 15.605009] kasan_save_track+0x20/0x40 [ 15.605201] kasan_save_alloc_info+0x40/0x58 [ 15.605328] __kasan_kmalloc+0xd4/0xd8 [ 15.605443] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.605495] kmalloc_double_kzfree+0xb8/0x308 [ 15.605687] kunit_try_run_case+0x170/0x3f0 [ 15.605737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.605968] kthread+0x328/0x630 [ 15.606034] ret_from_fork+0x10/0x20 [ 15.606419] [ 15.606449] Freed by task 192: [ 15.606707] kasan_save_stack+0x3c/0x68 [ 15.606887] kasan_save_track+0x20/0x40 [ 15.607050] kasan_save_free_info+0x4c/0x78 [ 15.607203] __kasan_slab_free+0x6c/0x98 [ 15.607301] kfree+0x214/0x3c8 [ 15.607414] kfree_sensitive+0x80/0xb0 [ 15.607451] kmalloc_double_kzfree+0x11c/0x308 [ 15.607906] kunit_try_run_case+0x170/0x3f0 [ 15.608041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.608175] kthread+0x328/0x630 [ 15.608273] ret_from_fork+0x10/0x20 [ 15.608406] [ 15.608465] The buggy address belongs to the object at fff00000c3ec4160 [ 15.608465] which belongs to the cache kmalloc-16 of size 16 [ 15.608553] The buggy address is located 0 bytes inside of [ 15.608553] 16-byte region [fff00000c3ec4160, fff00000c3ec4170) [ 15.608823] [ 15.608975] The buggy address belongs to the physical page: [ 15.609300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.609409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.609489] page_type: f5(slab) [ 15.609705] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.609809] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.610302] page dumped because: kasan: bad access detected [ 15.610417] [ 15.610534] Memory state around the buggy address: [ 15.610716] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.610823] fff00000c3ec4080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.611025] >fff00000c3ec4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.611076] ^ [ 15.611118] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611390] fff00000c3ec4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611696] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.590948] ================================================================== [ 15.591294] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.591386] Read of size 1 at addr fff00000c3ec4160 by task kunit_try_catch/192 [ 15.591889] [ 15.591933] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.592339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.592383] Hardware name: linux,dummy-virt (DT) [ 15.592561] Call trace: [ 15.592629] show_stack+0x20/0x38 (C) [ 15.592907] dump_stack_lvl+0x8c/0xd0 [ 15.593304] print_report+0x118/0x5d0 [ 15.593420] kasan_report+0xdc/0x128 [ 15.593480] __kasan_check_byte+0x54/0x70 [ 15.593692] kfree_sensitive+0x30/0xb0 [ 15.594091] kmalloc_double_kzfree+0x168/0x308 [ 15.594636] kunit_try_run_case+0x170/0x3f0 [ 15.594695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.594772] kthread+0x328/0x630 [ 15.594815] ret_from_fork+0x10/0x20 [ 15.594871] [ 15.594892] Allocated by task 192: [ 15.595309] kasan_save_stack+0x3c/0x68 [ 15.595403] kasan_save_track+0x20/0x40 [ 15.595566] kasan_save_alloc_info+0x40/0x58 [ 15.595702] __kasan_kmalloc+0xd4/0xd8 [ 15.595884] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.595983] kmalloc_double_kzfree+0xb8/0x308 [ 15.596066] kunit_try_run_case+0x170/0x3f0 [ 15.596421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.596636] kthread+0x328/0x630 [ 15.596678] ret_from_fork+0x10/0x20 [ 15.596715] [ 15.596914] Freed by task 192: [ 15.596948] kasan_save_stack+0x3c/0x68 [ 15.596991] kasan_save_track+0x20/0x40 [ 15.597032] kasan_save_free_info+0x4c/0x78 [ 15.597088] __kasan_slab_free+0x6c/0x98 [ 15.597129] kfree+0x214/0x3c8 [ 15.597168] kfree_sensitive+0x80/0xb0 [ 15.597205] kmalloc_double_kzfree+0x11c/0x308 [ 15.597244] kunit_try_run_case+0x170/0x3f0 [ 15.597292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.597350] kthread+0x328/0x630 [ 15.597382] ret_from_fork+0x10/0x20 [ 15.597419] [ 15.597439] The buggy address belongs to the object at fff00000c3ec4160 [ 15.597439] which belongs to the cache kmalloc-16 of size 16 [ 15.597509] The buggy address is located 0 bytes inside of [ 15.597509] freed 16-byte region [fff00000c3ec4160, fff00000c3ec4170) [ 15.597573] [ 15.597602] The buggy address belongs to the physical page: [ 15.597640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.597696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.597751] page_type: f5(slab) [ 15.597792] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.597844] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.597915] page dumped because: kasan: bad access detected [ 15.597955] [ 15.597995] Memory state around the buggy address: [ 15.598027] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.598072] fff00000c3ec4080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.598125] >fff00000c3ec4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.598163] ^ [ 15.598217] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598279] fff00000c3ec4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.562051] ================================================================== [ 15.562119] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.562172] Read of size 1 at addr fff00000c3f904a8 by task kunit_try_catch/188 [ 15.562225] [ 15.562256] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.562338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.562366] Hardware name: linux,dummy-virt (DT) [ 15.562398] Call trace: [ 15.562421] show_stack+0x20/0x38 (C) [ 15.562477] dump_stack_lvl+0x8c/0xd0 [ 15.562537] print_report+0x118/0x5d0 [ 15.563030] kasan_report+0xdc/0x128 [ 15.563082] __asan_report_load1_noabort+0x20/0x30 [ 15.563519] kmalloc_uaf2+0x3f4/0x468 [ 15.563590] kunit_try_run_case+0x170/0x3f0 [ 15.563659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.563862] kthread+0x328/0x630 [ 15.564061] ret_from_fork+0x10/0x20 [ 15.564504] [ 15.564532] Allocated by task 188: [ 15.564937] kasan_save_stack+0x3c/0x68 [ 15.564995] kasan_save_track+0x20/0x40 [ 15.565210] kasan_save_alloc_info+0x40/0x58 [ 15.565399] __kasan_kmalloc+0xd4/0xd8 [ 15.565474] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.565812] kmalloc_uaf2+0xc4/0x468 [ 15.566016] kunit_try_run_case+0x170/0x3f0 [ 15.566284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.566395] kthread+0x328/0x630 [ 15.566469] ret_from_fork+0x10/0x20 [ 15.566668] [ 15.566766] Freed by task 188: [ 15.566827] kasan_save_stack+0x3c/0x68 [ 15.567071] kasan_save_track+0x20/0x40 [ 15.567357] kasan_save_free_info+0x4c/0x78 [ 15.567497] __kasan_slab_free+0x6c/0x98 [ 15.567609] kfree+0x214/0x3c8 [ 15.567869] kmalloc_uaf2+0x134/0x468 [ 15.568010] kunit_try_run_case+0x170/0x3f0 [ 15.568202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.568300] kthread+0x328/0x630 [ 15.568437] ret_from_fork+0x10/0x20 [ 15.568508] [ 15.568549] The buggy address belongs to the object at fff00000c3f90480 [ 15.568549] which belongs to the cache kmalloc-64 of size 64 [ 15.568863] The buggy address is located 40 bytes inside of [ 15.568863] freed 64-byte region [fff00000c3f90480, fff00000c3f904c0) [ 15.569208] [ 15.569251] The buggy address belongs to the physical page: [ 15.569421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f90 [ 15.569704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.569793] page_type: f5(slab) [ 15.569971] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.570054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.570152] page dumped because: kasan: bad access detected [ 15.570275] [ 15.570364] Memory state around the buggy address: [ 15.570645] fff00000c3f90380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.570900] fff00000c3f90400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.571048] >fff00000c3f90480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.571201] ^ [ 15.571355] fff00000c3f90500: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.571429] fff00000c3f90580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.571747] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.540913] ================================================================== [ 15.541016] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.541284] Write of size 33 at addr fff00000c3f90300 by task kunit_try_catch/186 [ 15.541559] [ 15.541600] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.541872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.541908] Hardware name: linux,dummy-virt (DT) [ 15.541964] Call trace: [ 15.541989] show_stack+0x20/0x38 (C) [ 15.542296] dump_stack_lvl+0x8c/0xd0 [ 15.542481] print_report+0x118/0x5d0 [ 15.542543] kasan_report+0xdc/0x128 [ 15.542986] kasan_check_range+0x100/0x1a8 [ 15.543085] __asan_memset+0x34/0x78 [ 15.543254] kmalloc_uaf_memset+0x170/0x310 [ 15.543444] kunit_try_run_case+0x170/0x3f0 [ 15.543500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.543555] kthread+0x328/0x630 [ 15.543603] ret_from_fork+0x10/0x20 [ 15.544025] [ 15.544069] Allocated by task 186: [ 15.544236] kasan_save_stack+0x3c/0x68 [ 15.544333] kasan_save_track+0x20/0x40 [ 15.544487] kasan_save_alloc_info+0x40/0x58 [ 15.544532] __kasan_kmalloc+0xd4/0xd8 [ 15.544755] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.544989] kmalloc_uaf_memset+0xb8/0x310 [ 15.545112] kunit_try_run_case+0x170/0x3f0 [ 15.545211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.545307] kthread+0x328/0x630 [ 15.545424] ret_from_fork+0x10/0x20 [ 15.545576] [ 15.545732] Freed by task 186: [ 15.545923] kasan_save_stack+0x3c/0x68 [ 15.546022] kasan_save_track+0x20/0x40 [ 15.546105] kasan_save_free_info+0x4c/0x78 [ 15.546300] __kasan_slab_free+0x6c/0x98 [ 15.546519] kfree+0x214/0x3c8 [ 15.546641] kmalloc_uaf_memset+0x11c/0x310 [ 15.546688] kunit_try_run_case+0x170/0x3f0 [ 15.546749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.546794] kthread+0x328/0x630 [ 15.546827] ret_from_fork+0x10/0x20 [ 15.546875] [ 15.546895] The buggy address belongs to the object at fff00000c3f90300 [ 15.546895] which belongs to the cache kmalloc-64 of size 64 [ 15.546960] The buggy address is located 0 bytes inside of [ 15.546960] freed 64-byte region [fff00000c3f90300, fff00000c3f90340) [ 15.547036] [ 15.547063] The buggy address belongs to the physical page: [ 15.547110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f90 [ 15.547168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.547227] page_type: f5(slab) [ 15.547276] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.547329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.547370] page dumped because: kasan: bad access detected [ 15.547402] [ 15.547420] Memory state around the buggy address: [ 15.547471] fff00000c3f90200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.547525] fff00000c3f90280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.547578] >fff00000c3f90300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.547626] ^ [ 15.547667] fff00000c3f90380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.547720] fff00000c3f90400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.547769] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.521707] ================================================================== [ 15.521769] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.522515] Read of size 1 at addr fff00000c3ec4148 by task kunit_try_catch/184 [ 15.522886] [ 15.522957] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.523056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.523082] Hardware name: linux,dummy-virt (DT) [ 15.523131] Call trace: [ 15.523163] show_stack+0x20/0x38 (C) [ 15.523225] dump_stack_lvl+0x8c/0xd0 [ 15.523277] print_report+0x118/0x5d0 [ 15.523332] kasan_report+0xdc/0x128 [ 15.523378] __asan_report_load1_noabort+0x20/0x30 [ 15.523430] kmalloc_uaf+0x300/0x338 [ 15.523471] kunit_try_run_case+0x170/0x3f0 [ 15.523518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.523569] kthread+0x328/0x630 [ 15.523618] ret_from_fork+0x10/0x20 [ 15.523667] [ 15.523686] Allocated by task 184: [ 15.523727] kasan_save_stack+0x3c/0x68 [ 15.523768] kasan_save_track+0x20/0x40 [ 15.523804] kasan_save_alloc_info+0x40/0x58 [ 15.523846] __kasan_kmalloc+0xd4/0xd8 [ 15.523897] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.523937] kmalloc_uaf+0xb8/0x338 [ 15.523987] kunit_try_run_case+0x170/0x3f0 [ 15.524035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.524082] kthread+0x328/0x630 [ 15.524120] ret_from_fork+0x10/0x20 [ 15.524176] [ 15.524195] Freed by task 184: [ 15.524222] kasan_save_stack+0x3c/0x68 [ 15.524266] kasan_save_track+0x20/0x40 [ 15.524304] kasan_save_free_info+0x4c/0x78 [ 15.524352] __kasan_slab_free+0x6c/0x98 [ 15.524390] kfree+0x214/0x3c8 [ 15.524434] kmalloc_uaf+0x11c/0x338 [ 15.524477] kunit_try_run_case+0x170/0x3f0 [ 15.524516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.524570] kthread+0x328/0x630 [ 15.524614] ret_from_fork+0x10/0x20 [ 15.524650] [ 15.524671] The buggy address belongs to the object at fff00000c3ec4140 [ 15.524671] which belongs to the cache kmalloc-16 of size 16 [ 15.524731] The buggy address is located 8 bytes inside of [ 15.524731] freed 16-byte region [fff00000c3ec4140, fff00000c3ec4150) [ 15.524797] [ 15.524834] The buggy address belongs to the physical page: [ 15.525168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.525474] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.525958] page_type: f5(slab) [ 15.526364] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.526441] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.526514] page dumped because: kasan: bad access detected [ 15.526580] [ 15.526635] Memory state around the buggy address: [ 15.526878] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.526946] fff00000c3ec4080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.527230] >fff00000c3ec4100: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 15.527302] ^ [ 15.527779] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527938] fff00000c3ec4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.504834] ================================================================== [ 15.505274] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.505369] Read of size 64 at addr fff00000c3f90004 by task kunit_try_catch/182 [ 15.505575] [ 15.505610] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.505841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.505944] Hardware name: linux,dummy-virt (DT) [ 15.505979] Call trace: [ 15.506014] show_stack+0x20/0x38 (C) [ 15.506067] dump_stack_lvl+0x8c/0xd0 [ 15.506113] print_report+0x118/0x5d0 [ 15.506321] kasan_report+0xdc/0x128 [ 15.506381] kasan_check_range+0x100/0x1a8 [ 15.506428] __asan_memmove+0x3c/0x98 [ 15.506791] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.506944] kunit_try_run_case+0x170/0x3f0 [ 15.507054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.507204] kthread+0x328/0x630 [ 15.507317] ret_from_fork+0x10/0x20 [ 15.507386] [ 15.507404] Allocated by task 182: [ 15.507628] kasan_save_stack+0x3c/0x68 [ 15.507768] kasan_save_track+0x20/0x40 [ 15.507946] kasan_save_alloc_info+0x40/0x58 [ 15.508024] __kasan_kmalloc+0xd4/0xd8 [ 15.508190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.508335] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.508381] kunit_try_run_case+0x170/0x3f0 [ 15.508832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.508997] kthread+0x328/0x630 [ 15.509094] ret_from_fork+0x10/0x20 [ 15.509246] [ 15.509270] The buggy address belongs to the object at fff00000c3f90000 [ 15.509270] which belongs to the cache kmalloc-64 of size 64 [ 15.509352] The buggy address is located 4 bytes inside of [ 15.509352] allocated 64-byte region [fff00000c3f90000, fff00000c3f90040) [ 15.510181] [ 15.510251] The buggy address belongs to the physical page: [ 15.510645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f90 [ 15.510745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.510873] page_type: f5(slab) [ 15.510935] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.511075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.511126] page dumped because: kasan: bad access detected [ 15.511436] [ 15.511625] Memory state around the buggy address: [ 15.511892] fff00000c3f8ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512140] fff00000c3f8ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512227] >fff00000c3f90000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.512396] ^ [ 15.512519] fff00000c3f90080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512834] fff00000c3f90100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512939] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.486150] ================================================================== [ 15.486232] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.486527] Read of size 18446744073709551614 at addr fff00000c3f5ce84 by task kunit_try_catch/180 [ 15.486943] [ 15.487007] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.487093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.487152] Hardware name: linux,dummy-virt (DT) [ 15.487184] Call trace: [ 15.487225] show_stack+0x20/0x38 (C) [ 15.487277] dump_stack_lvl+0x8c/0xd0 [ 15.487332] print_report+0x118/0x5d0 [ 15.487379] kasan_report+0xdc/0x128 [ 15.487432] kasan_check_range+0x100/0x1a8 [ 15.487490] __asan_memmove+0x3c/0x98 [ 15.487542] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.487591] kunit_try_run_case+0x170/0x3f0 [ 15.487645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.487697] kthread+0x328/0x630 [ 15.487746] ret_from_fork+0x10/0x20 [ 15.489663] [ 15.489694] Allocated by task 180: [ 15.489905] kasan_save_stack+0x3c/0x68 [ 15.490015] kasan_save_track+0x20/0x40 [ 15.490168] kasan_save_alloc_info+0x40/0x58 [ 15.490245] __kasan_kmalloc+0xd4/0xd8 [ 15.490592] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.490797] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.490908] kunit_try_run_case+0x170/0x3f0 [ 15.491064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.491250] kthread+0x328/0x630 [ 15.491471] ret_from_fork+0x10/0x20 [ 15.491728] [ 15.491773] The buggy address belongs to the object at fff00000c3f5ce80 [ 15.491773] which belongs to the cache kmalloc-64 of size 64 [ 15.492013] The buggy address is located 4 bytes inside of [ 15.492013] 64-byte region [fff00000c3f5ce80, fff00000c3f5cec0) [ 15.492091] [ 15.492112] The buggy address belongs to the physical page: [ 15.492469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f5c [ 15.492590] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.492757] page_type: f5(slab) [ 15.492875] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.493200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.493354] page dumped because: kasan: bad access detected [ 15.493431] [ 15.493572] Memory state around the buggy address: [ 15.493657] fff00000c3f5cd80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.493932] fff00000c3f5ce00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.494263] >fff00000c3f5ce80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.494348] ^ [ 15.494605] fff00000c3f5cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494656] fff00000c3f5cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494722] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.466814] ================================================================== [ 15.467382] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.467549] Write of size 16 at addr fff00000c3f39869 by task kunit_try_catch/178 [ 15.467643] [ 15.467683] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.468156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468251] Hardware name: linux,dummy-virt (DT) [ 15.468329] Call trace: [ 15.468421] show_stack+0x20/0x38 (C) [ 15.468520] dump_stack_lvl+0x8c/0xd0 [ 15.468758] print_report+0x118/0x5d0 [ 15.469008] kasan_report+0xdc/0x128 [ 15.469182] kasan_check_range+0x100/0x1a8 [ 15.469243] __asan_memset+0x34/0x78 [ 15.469286] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.469331] kunit_try_run_case+0x170/0x3f0 [ 15.469377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.469429] kthread+0x328/0x630 [ 15.469469] ret_from_fork+0x10/0x20 [ 15.469521] [ 15.469551] Allocated by task 178: [ 15.469579] kasan_save_stack+0x3c/0x68 [ 15.469620] kasan_save_track+0x20/0x40 [ 15.469673] kasan_save_alloc_info+0x40/0x58 [ 15.469721] __kasan_kmalloc+0xd4/0xd8 [ 15.469757] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.469804] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.469841] kunit_try_run_case+0x170/0x3f0 [ 15.469899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.469951] kthread+0x328/0x630 [ 15.469983] ret_from_fork+0x10/0x20 [ 15.470028] [ 15.470047] The buggy address belongs to the object at fff00000c3f39800 [ 15.470047] which belongs to the cache kmalloc-128 of size 128 [ 15.470106] The buggy address is located 105 bytes inside of [ 15.470106] allocated 120-byte region [fff00000c3f39800, fff00000c3f39878) [ 15.470170] [ 15.470190] The buggy address belongs to the physical page: [ 15.470237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.470290] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.470347] page_type: f5(slab) [ 15.470385] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.470439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.470479] page dumped because: kasan: bad access detected [ 15.470510] [ 15.470529] Memory state around the buggy address: [ 15.470835] fff00000c3f39700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.470898] fff00000c3f39780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.471277] >fff00000c3f39800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.471339] ^ [ 15.471394] fff00000c3f39880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.471528] fff00000c3f39900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.471649] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.452137] ================================================================== [ 15.452209] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.452405] Write of size 8 at addr fff00000c3f39771 by task kunit_try_catch/176 [ 15.452522] [ 15.452660] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.452952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.453092] Hardware name: linux,dummy-virt (DT) [ 15.453152] Call trace: [ 15.453281] show_stack+0x20/0x38 (C) [ 15.453345] dump_stack_lvl+0x8c/0xd0 [ 15.453529] print_report+0x118/0x5d0 [ 15.453591] kasan_report+0xdc/0x128 [ 15.453994] kasan_check_range+0x100/0x1a8 [ 15.454104] __asan_memset+0x34/0x78 [ 15.454158] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.454350] kunit_try_run_case+0x170/0x3f0 [ 15.454515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.454697] kthread+0x328/0x630 [ 15.454821] ret_from_fork+0x10/0x20 [ 15.454882] [ 15.454901] Allocated by task 176: [ 15.455130] kasan_save_stack+0x3c/0x68 [ 15.455317] kasan_save_track+0x20/0x40 [ 15.455451] kasan_save_alloc_info+0x40/0x58 [ 15.455530] __kasan_kmalloc+0xd4/0xd8 [ 15.455660] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.455735] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.456124] kunit_try_run_case+0x170/0x3f0 [ 15.456231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.456338] kthread+0x328/0x630 [ 15.456469] ret_from_fork+0x10/0x20 [ 15.456518] [ 15.456550] The buggy address belongs to the object at fff00000c3f39700 [ 15.456550] which belongs to the cache kmalloc-128 of size 128 [ 15.456667] The buggy address is located 113 bytes inside of [ 15.456667] allocated 120-byte region [fff00000c3f39700, fff00000c3f39778) [ 15.456736] [ 15.456758] The buggy address belongs to the physical page: [ 15.456798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.456880] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.456929] page_type: f5(slab) [ 15.456974] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.457042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.457088] page dumped because: kasan: bad access detected [ 15.457120] [ 15.457138] Memory state around the buggy address: [ 15.457194] fff00000c3f39600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.457247] fff00000c3f39680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.457290] >fff00000c3f39700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.457337] ^ [ 15.457378] fff00000c3f39780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.457421] fff00000c3f39800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.457468] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.434314] ================================================================== [ 15.434501] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.434590] Write of size 4 at addr fff00000c3f39675 by task kunit_try_catch/174 [ 15.434751] [ 15.434841] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.434939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.434965] Hardware name: linux,dummy-virt (DT) [ 15.435149] Call trace: [ 15.435345] show_stack+0x20/0x38 (C) [ 15.435492] dump_stack_lvl+0x8c/0xd0 [ 15.435545] print_report+0x118/0x5d0 [ 15.435591] kasan_report+0xdc/0x128 [ 15.435645] kasan_check_range+0x100/0x1a8 [ 15.435708] __asan_memset+0x34/0x78 [ 15.435750] kmalloc_oob_memset_4+0x150/0x300 [ 15.435796] kunit_try_run_case+0x170/0x3f0 [ 15.435842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.435919] kthread+0x328/0x630 [ 15.435971] ret_from_fork+0x10/0x20 [ 15.436035] [ 15.436054] Allocated by task 174: [ 15.436089] kasan_save_stack+0x3c/0x68 [ 15.436152] kasan_save_track+0x20/0x40 [ 15.436189] kasan_save_alloc_info+0x40/0x58 [ 15.436229] __kasan_kmalloc+0xd4/0xd8 [ 15.436265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.436315] kmalloc_oob_memset_4+0xb0/0x300 [ 15.436352] kunit_try_run_case+0x170/0x3f0 [ 15.436390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.436442] kthread+0x328/0x630 [ 15.436475] ret_from_fork+0x10/0x20 [ 15.436518] [ 15.436538] The buggy address belongs to the object at fff00000c3f39600 [ 15.436538] which belongs to the cache kmalloc-128 of size 128 [ 15.436605] The buggy address is located 117 bytes inside of [ 15.436605] allocated 120-byte region [fff00000c3f39600, fff00000c3f39678) [ 15.436680] [ 15.436702] The buggy address belongs to the physical page: [ 15.436733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.436795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.436862] page_type: f5(slab) [ 15.437509] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.437595] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.437674] page dumped because: kasan: bad access detected [ 15.437730] [ 15.437895] Memory state around the buggy address: [ 15.438047] fff00000c3f39500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.438550] fff00000c3f39580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439044] >fff00000c3f39600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.439141] ^ [ 15.439210] fff00000c3f39680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439265] fff00000c3f39700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439320] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.420578] ================================================================== [ 15.420869] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.421006] Write of size 2 at addr fff00000c3f39577 by task kunit_try_catch/172 [ 15.421066] [ 15.421124] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.421216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.421364] Hardware name: linux,dummy-virt (DT) [ 15.421407] Call trace: [ 15.421554] show_stack+0x20/0x38 (C) [ 15.421675] dump_stack_lvl+0x8c/0xd0 [ 15.422021] print_report+0x118/0x5d0 [ 15.422109] kasan_report+0xdc/0x128 [ 15.422166] kasan_check_range+0x100/0x1a8 [ 15.422215] __asan_memset+0x34/0x78 [ 15.422492] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.422692] kunit_try_run_case+0x170/0x3f0 [ 15.422806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.423007] kthread+0x328/0x630 [ 15.423268] ret_from_fork+0x10/0x20 [ 15.423400] [ 15.423448] Allocated by task 172: [ 15.423478] kasan_save_stack+0x3c/0x68 [ 15.423735] kasan_save_track+0x20/0x40 [ 15.423916] kasan_save_alloc_info+0x40/0x58 [ 15.424002] __kasan_kmalloc+0xd4/0xd8 [ 15.424296] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.424412] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.424655] kunit_try_run_case+0x170/0x3f0 [ 15.424841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.424901] kthread+0x328/0x630 [ 15.425082] ret_from_fork+0x10/0x20 [ 15.425306] [ 15.425357] The buggy address belongs to the object at fff00000c3f39500 [ 15.425357] which belongs to the cache kmalloc-128 of size 128 [ 15.425481] The buggy address is located 119 bytes inside of [ 15.425481] allocated 120-byte region [fff00000c3f39500, fff00000c3f39578) [ 15.425559] [ 15.425589] The buggy address belongs to the physical page: [ 15.425620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.425674] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.425736] page_type: f5(slab) [ 15.425792] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.425872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.425914] page dumped because: kasan: bad access detected [ 15.425945] [ 15.425963] Memory state around the buggy address: [ 15.426003] fff00000c3f39400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.426052] fff00000c3f39480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426105] >fff00000c3f39500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.426142] ^ [ 15.426182] fff00000c3f39580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426224] fff00000c3f39600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426263] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.402620] ================================================================== [ 15.402713] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.403218] Write of size 128 at addr fff00000c3f39400 by task kunit_try_catch/170 [ 15.403319] [ 15.403485] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.403598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.403676] Hardware name: linux,dummy-virt (DT) [ 15.403765] Call trace: [ 15.403891] show_stack+0x20/0x38 (C) [ 15.404122] dump_stack_lvl+0x8c/0xd0 [ 15.404242] print_report+0x118/0x5d0 [ 15.404449] kasan_report+0xdc/0x128 [ 15.404557] kasan_check_range+0x100/0x1a8 [ 15.404688] __asan_memset+0x34/0x78 [ 15.404832] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.404936] kunit_try_run_case+0x170/0x3f0 [ 15.405142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.405408] kthread+0x328/0x630 [ 15.405533] ret_from_fork+0x10/0x20 [ 15.406233] [ 15.406319] Allocated by task 170: [ 15.406400] kasan_save_stack+0x3c/0x68 [ 15.406482] kasan_save_track+0x20/0x40 [ 15.406661] kasan_save_alloc_info+0x40/0x58 [ 15.406881] __kasan_kmalloc+0xd4/0xd8 [ 15.406944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.407063] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.407173] kunit_try_run_case+0x170/0x3f0 [ 15.407341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.407408] kthread+0x328/0x630 [ 15.407469] ret_from_fork+0x10/0x20 [ 15.407505] [ 15.407688] The buggy address belongs to the object at fff00000c3f39400 [ 15.407688] which belongs to the cache kmalloc-128 of size 128 [ 15.407917] The buggy address is located 0 bytes inside of [ 15.407917] allocated 120-byte region [fff00000c3f39400, fff00000c3f39478) [ 15.408092] [ 15.408143] The buggy address belongs to the physical page: [ 15.408211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.408360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.408448] page_type: f5(slab) [ 15.408700] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.408903] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.409021] page dumped because: kasan: bad access detected [ 15.409121] [ 15.409339] Memory state around the buggy address: [ 15.409646] fff00000c3f39300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.409698] fff00000c3f39380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409973] >fff00000c3f39400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.410174] ^ [ 15.410268] fff00000c3f39480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410360] fff00000c3f39500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.382449] ================================================================== [ 15.382519] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.382593] Read of size 16 at addr fff00000c3ec4120 by task kunit_try_catch/168 [ 15.383020] [ 15.383072] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.383173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.383202] Hardware name: linux,dummy-virt (DT) [ 15.383233] Call trace: [ 15.383254] show_stack+0x20/0x38 (C) [ 15.383306] dump_stack_lvl+0x8c/0xd0 [ 15.383355] print_report+0x118/0x5d0 [ 15.383403] kasan_report+0xdc/0x128 [ 15.383461] __asan_report_load16_noabort+0x20/0x30 [ 15.383521] kmalloc_uaf_16+0x3bc/0x438 [ 15.383567] kunit_try_run_case+0x170/0x3f0 [ 15.383615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.383676] kthread+0x328/0x630 [ 15.383727] ret_from_fork+0x10/0x20 [ 15.383797] [ 15.383816] Allocated by task 168: [ 15.383844] kasan_save_stack+0x3c/0x68 [ 15.384438] kasan_save_track+0x20/0x40 [ 15.384824] kasan_save_alloc_info+0x40/0x58 [ 15.384937] __kasan_kmalloc+0xd4/0xd8 [ 15.385150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.385593] kmalloc_uaf_16+0x140/0x438 [ 15.386221] kunit_try_run_case+0x170/0x3f0 [ 15.386518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.386848] kthread+0x328/0x630 [ 15.387174] ret_from_fork+0x10/0x20 [ 15.387250] [ 15.387305] Freed by task 168: [ 15.387377] kasan_save_stack+0x3c/0x68 [ 15.387436] kasan_save_track+0x20/0x40 [ 15.387602] kasan_save_free_info+0x4c/0x78 [ 15.387726] __kasan_slab_free+0x6c/0x98 [ 15.387842] kfree+0x214/0x3c8 [ 15.387938] kmalloc_uaf_16+0x190/0x438 [ 15.388064] kunit_try_run_case+0x170/0x3f0 [ 15.388103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.388282] kthread+0x328/0x630 [ 15.388498] ret_from_fork+0x10/0x20 [ 15.388561] [ 15.388613] The buggy address belongs to the object at fff00000c3ec4120 [ 15.388613] which belongs to the cache kmalloc-16 of size 16 [ 15.388684] The buggy address is located 0 bytes inside of [ 15.388684] freed 16-byte region [fff00000c3ec4120, fff00000c3ec4130) [ 15.388919] [ 15.388994] The buggy address belongs to the physical page: [ 15.389142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.389527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.389934] page_type: f5(slab) [ 15.390035] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.390230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.390556] page dumped because: kasan: bad access detected [ 15.390594] [ 15.390612] Memory state around the buggy address: [ 15.390652] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.390697] fff00000c3ec4080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.390915] >fff00000c3ec4100: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.391124] ^ [ 15.391346] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391649] fff00000c3ec4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.362916] ================================================================== [ 15.363297] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.363362] Write of size 16 at addr fff00000c3ec40c0 by task kunit_try_catch/166 [ 15.363416] [ 15.363764] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.364241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.364529] Hardware name: linux,dummy-virt (DT) [ 15.364580] Call trace: [ 15.364603] show_stack+0x20/0x38 (C) [ 15.365039] dump_stack_lvl+0x8c/0xd0 [ 15.365198] print_report+0x118/0x5d0 [ 15.365283] kasan_report+0xdc/0x128 [ 15.365377] __asan_report_store16_noabort+0x20/0x30 [ 15.365503] kmalloc_oob_16+0x3a0/0x3f8 [ 15.365618] kunit_try_run_case+0x170/0x3f0 [ 15.365721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.365785] kthread+0x328/0x630 [ 15.366114] ret_from_fork+0x10/0x20 [ 15.366320] [ 15.366346] Allocated by task 166: [ 15.366424] kasan_save_stack+0x3c/0x68 [ 15.366840] kasan_save_track+0x20/0x40 [ 15.367046] kasan_save_alloc_info+0x40/0x58 [ 15.367102] __kasan_kmalloc+0xd4/0xd8 [ 15.367317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.367417] kmalloc_oob_16+0xb4/0x3f8 [ 15.367484] kunit_try_run_case+0x170/0x3f0 [ 15.367789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.367921] kthread+0x328/0x630 [ 15.368110] ret_from_fork+0x10/0x20 [ 15.368207] [ 15.368597] The buggy address belongs to the object at fff00000c3ec40c0 [ 15.368597] which belongs to the cache kmalloc-16 of size 16 [ 15.368842] The buggy address is located 0 bytes inside of [ 15.368842] allocated 13-byte region [fff00000c3ec40c0, fff00000c3ec40cd) [ 15.369083] [ 15.369293] The buggy address belongs to the physical page: [ 15.369387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.369467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.369640] page_type: f5(slab) [ 15.369867] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.370082] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.370407] page dumped because: kasan: bad access detected [ 15.370521] [ 15.370566] Memory state around the buggy address: [ 15.370628] fff00000c3ec3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370974] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.371130] >fff00000c3ec4080: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 15.371171] ^ [ 15.371229] fff00000c3ec4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.371634] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.371814] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.342266] ================================================================== [ 15.342373] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.342426] Read of size 1 at addr fff00000c0b93a00 by task kunit_try_catch/164 [ 15.342647] [ 15.342696] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.343163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.343457] Hardware name: linux,dummy-virt (DT) [ 15.343652] Call trace: [ 15.343720] show_stack+0x20/0x38 (C) [ 15.343907] dump_stack_lvl+0x8c/0xd0 [ 15.343960] print_report+0x118/0x5d0 [ 15.344344] kasan_report+0xdc/0x128 [ 15.344406] __asan_report_load1_noabort+0x20/0x30 [ 15.345040] krealloc_uaf+0x4c8/0x520 [ 15.345131] kunit_try_run_case+0x170/0x3f0 [ 15.345321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.345669] kthread+0x328/0x630 [ 15.345872] ret_from_fork+0x10/0x20 [ 15.346154] [ 15.346382] Allocated by task 164: [ 15.346463] kasan_save_stack+0x3c/0x68 [ 15.346555] kasan_save_track+0x20/0x40 [ 15.346716] kasan_save_alloc_info+0x40/0x58 [ 15.346879] __kasan_kmalloc+0xd4/0xd8 [ 15.346940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.346979] krealloc_uaf+0xc8/0x520 [ 15.347201] kunit_try_run_case+0x170/0x3f0 [ 15.347371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.347463] kthread+0x328/0x630 [ 15.347583] ret_from_fork+0x10/0x20 [ 15.347745] [ 15.347872] Freed by task 164: [ 15.347971] kasan_save_stack+0x3c/0x68 [ 15.348242] kasan_save_track+0x20/0x40 [ 15.348365] kasan_save_free_info+0x4c/0x78 [ 15.348648] __kasan_slab_free+0x6c/0x98 [ 15.348796] kfree+0x214/0x3c8 [ 15.349122] krealloc_uaf+0x12c/0x520 [ 15.349668] kunit_try_run_case+0x170/0x3f0 [ 15.349785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.349942] kthread+0x328/0x630 [ 15.350088] ret_from_fork+0x10/0x20 [ 15.350236] [ 15.350286] The buggy address belongs to the object at fff00000c0b93a00 [ 15.350286] which belongs to the cache kmalloc-256 of size 256 [ 15.350702] The buggy address is located 0 bytes inside of [ 15.350702] freed 256-byte region [fff00000c0b93a00, fff00000c0b93b00) [ 15.350923] [ 15.350982] The buggy address belongs to the physical page: [ 15.351066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.351138] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.351193] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.351434] page_type: f5(slab) [ 15.351701] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.351776] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.351915] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.352015] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.352168] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.352296] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.352349] page dumped because: kasan: bad access detected [ 15.352696] [ 15.352758] Memory state around the buggy address: [ 15.352960] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353146] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353209] >fff00000c0b93a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.353254] ^ [ 15.353318] fff00000c0b93a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.353389] fff00000c0b93b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353436] ================================================================== [ 15.330559] ================================================================== [ 15.330632] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.330683] Read of size 1 at addr fff00000c0b93a00 by task kunit_try_catch/164 [ 15.331134] [ 15.331206] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.331476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.331671] Hardware name: linux,dummy-virt (DT) [ 15.331775] Call trace: [ 15.331912] show_stack+0x20/0x38 (C) [ 15.332081] dump_stack_lvl+0x8c/0xd0 [ 15.332173] print_report+0x118/0x5d0 [ 15.332383] kasan_report+0xdc/0x128 [ 15.332658] __kasan_check_byte+0x54/0x70 [ 15.332737] krealloc_noprof+0x44/0x360 [ 15.332934] krealloc_uaf+0x180/0x520 [ 15.333004] kunit_try_run_case+0x170/0x3f0 [ 15.333256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.333413] kthread+0x328/0x630 [ 15.333736] ret_from_fork+0x10/0x20 [ 15.334036] [ 15.334093] Allocated by task 164: [ 15.334246] kasan_save_stack+0x3c/0x68 [ 15.334380] kasan_save_track+0x20/0x40 [ 15.334422] kasan_save_alloc_info+0x40/0x58 [ 15.335020] __kasan_kmalloc+0xd4/0xd8 [ 15.335353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.335405] krealloc_uaf+0xc8/0x520 [ 15.335858] kunit_try_run_case+0x170/0x3f0 [ 15.336273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.336474] kthread+0x328/0x630 [ 15.336760] ret_from_fork+0x10/0x20 [ 15.336882] [ 15.337059] Freed by task 164: [ 15.337170] kasan_save_stack+0x3c/0x68 [ 15.337376] kasan_save_track+0x20/0x40 [ 15.337522] kasan_save_free_info+0x4c/0x78 [ 15.337914] __kasan_slab_free+0x6c/0x98 [ 15.337987] kfree+0x214/0x3c8 [ 15.338106] krealloc_uaf+0x12c/0x520 [ 15.338177] kunit_try_run_case+0x170/0x3f0 [ 15.338346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.338483] kthread+0x328/0x630 [ 15.338661] ret_from_fork+0x10/0x20 [ 15.338752] [ 15.338773] The buggy address belongs to the object at fff00000c0b93a00 [ 15.338773] which belongs to the cache kmalloc-256 of size 256 [ 15.339112] The buggy address is located 0 bytes inside of [ 15.339112] freed 256-byte region [fff00000c0b93a00, fff00000c0b93b00) [ 15.339394] [ 15.339418] The buggy address belongs to the physical page: [ 15.339617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.339735] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.339908] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.339965] page_type: f5(slab) [ 15.340037] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.340089] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.340141] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.340221] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.340273] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.340322] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.340369] page dumped because: kasan: bad access detected [ 15.340400] [ 15.340418] Memory state around the buggy address: [ 15.340457] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340500] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340552] >fff00000c0b93a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.340590] ^ [ 15.340617] fff00000c0b93a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.340659] fff00000c0b93b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340697] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.223259] ================================================================== [ 15.223342] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.223397] Write of size 1 at addr fff00000c0b938d0 by task kunit_try_catch/158 [ 15.223473] [ 15.223832] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.223933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.223960] Hardware name: linux,dummy-virt (DT) [ 15.224015] Call trace: [ 15.224044] show_stack+0x20/0x38 (C) [ 15.224097] dump_stack_lvl+0x8c/0xd0 [ 15.224249] print_report+0x118/0x5d0 [ 15.224333] kasan_report+0xdc/0x128 [ 15.224442] __asan_report_store1_noabort+0x20/0x30 [ 15.224525] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.224575] krealloc_less_oob+0x20/0x38 [ 15.224637] kunit_try_run_case+0x170/0x3f0 [ 15.224923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.225104] kthread+0x328/0x630 [ 15.225200] ret_from_fork+0x10/0x20 [ 15.225262] [ 15.225334] Allocated by task 158: [ 15.225369] kasan_save_stack+0x3c/0x68 [ 15.225413] kasan_save_track+0x20/0x40 [ 15.225449] kasan_save_alloc_info+0x40/0x58 [ 15.225488] __kasan_krealloc+0x118/0x178 [ 15.225525] krealloc_noprof+0x128/0x360 [ 15.225896] krealloc_less_oob_helper+0x168/0xc50 [ 15.225999] krealloc_less_oob+0x20/0x38 [ 15.226104] kunit_try_run_case+0x170/0x3f0 [ 15.226147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.226234] kthread+0x328/0x630 [ 15.226269] ret_from_fork+0x10/0x20 [ 15.226305] [ 15.226324] The buggy address belongs to the object at fff00000c0b93800 [ 15.226324] which belongs to the cache kmalloc-256 of size 256 [ 15.226686] The buggy address is located 7 bytes to the right of [ 15.226686] allocated 201-byte region [fff00000c0b93800, fff00000c0b938c9) [ 15.226894] [ 15.226973] The buggy address belongs to the physical page: [ 15.227050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.227116] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.227163] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.227222] page_type: f5(slab) [ 15.227261] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.227778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.227878] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.228026] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.228080] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.228195] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.228256] page dumped because: kasan: bad access detected [ 15.228288] [ 15.228305] Memory state around the buggy address: [ 15.228353] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228410] fff00000c0b93800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.228452] >fff00000c0b93880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.228490] ^ [ 15.228527] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228569] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228612] ================================================================== [ 15.318744] ================================================================== [ 15.318798] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.318845] Write of size 1 at addr fff00000c65060eb by task kunit_try_catch/162 [ 15.319116] [ 15.319174] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.319449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319516] Hardware name: linux,dummy-virt (DT) [ 15.319550] Call trace: [ 15.319591] show_stack+0x20/0x38 (C) [ 15.319691] dump_stack_lvl+0x8c/0xd0 [ 15.319777] print_report+0x118/0x5d0 [ 15.319824] kasan_report+0xdc/0x128 [ 15.320022] __asan_report_store1_noabort+0x20/0x30 [ 15.320075] krealloc_less_oob_helper+0xa58/0xc50 [ 15.320350] krealloc_large_less_oob+0x20/0x38 [ 15.320474] kunit_try_run_case+0x170/0x3f0 [ 15.320525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.320591] kthread+0x328/0x630 [ 15.320710] ret_from_fork+0x10/0x20 [ 15.321009] [ 15.321113] The buggy address belongs to the physical page: [ 15.321188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.321325] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.321377] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.321430] page_type: f8(unknown) [ 15.321518] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.321571] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.321621] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.321943] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.321997] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.322416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.322488] page dumped because: kasan: bad access detected [ 15.322568] [ 15.322588] Memory state around the buggy address: [ 15.322672] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.322815] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.322926] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.322964] ^ [ 15.323010] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.323053] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.323467] ================================================================== [ 15.239864] ================================================================== [ 15.239919] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.240404] Write of size 1 at addr fff00000c0b938ea by task kunit_try_catch/158 [ 15.240541] [ 15.240575] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.241000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.241044] Hardware name: linux,dummy-virt (DT) [ 15.241348] Call trace: [ 15.241468] show_stack+0x20/0x38 (C) [ 15.241624] dump_stack_lvl+0x8c/0xd0 [ 15.241695] print_report+0x118/0x5d0 [ 15.241748] kasan_report+0xdc/0x128 [ 15.241793] __asan_report_store1_noabort+0x20/0x30 [ 15.241847] krealloc_less_oob_helper+0xae4/0xc50 [ 15.242151] krealloc_less_oob+0x20/0x38 [ 15.242221] kunit_try_run_case+0x170/0x3f0 [ 15.242277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.242735] kthread+0x328/0x630 [ 15.242932] ret_from_fork+0x10/0x20 [ 15.243187] [ 15.243231] Allocated by task 158: [ 15.243365] kasan_save_stack+0x3c/0x68 [ 15.243498] kasan_save_track+0x20/0x40 [ 15.243597] kasan_save_alloc_info+0x40/0x58 [ 15.243810] __kasan_krealloc+0x118/0x178 [ 15.244082] krealloc_noprof+0x128/0x360 [ 15.244259] krealloc_less_oob_helper+0x168/0xc50 [ 15.244507] krealloc_less_oob+0x20/0x38 [ 15.244552] kunit_try_run_case+0x170/0x3f0 [ 15.244763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.245105] kthread+0x328/0x630 [ 15.245212] ret_from_fork+0x10/0x20 [ 15.245501] [ 15.245686] The buggy address belongs to the object at fff00000c0b93800 [ 15.245686] which belongs to the cache kmalloc-256 of size 256 [ 15.246114] The buggy address is located 33 bytes to the right of [ 15.246114] allocated 201-byte region [fff00000c0b93800, fff00000c0b938c9) [ 15.246604] [ 15.246688] The buggy address belongs to the physical page: [ 15.246768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.246838] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.247075] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.247296] page_type: f5(slab) [ 15.247398] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.247452] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.247549] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.247839] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.248088] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.248145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.248331] page dumped because: kasan: bad access detected [ 15.248528] [ 15.248584] Memory state around the buggy address: [ 15.248701] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.248773] fff00000c0b93800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.249000] >fff00000c0b93880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.249089] ^ [ 15.249130] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249295] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249343] ================================================================== [ 15.294493] ================================================================== [ 15.294538] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.295164] Write of size 1 at addr fff00000c65060d0 by task kunit_try_catch/162 [ 15.295247] [ 15.295309] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.295540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.295570] Hardware name: linux,dummy-virt (DT) [ 15.295861] Call trace: [ 15.295989] show_stack+0x20/0x38 (C) [ 15.296097] dump_stack_lvl+0x8c/0xd0 [ 15.296256] print_report+0x118/0x5d0 [ 15.296346] kasan_report+0xdc/0x128 [ 15.296920] __asan_report_store1_noabort+0x20/0x30 [ 15.297055] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.297172] krealloc_large_less_oob+0x20/0x38 [ 15.297327] kunit_try_run_case+0x170/0x3f0 [ 15.297416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.297846] kthread+0x328/0x630 [ 15.297959] ret_from_fork+0x10/0x20 [ 15.298047] [ 15.298820] The buggy address belongs to the physical page: [ 15.298938] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.299023] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.299080] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.299353] page_type: f8(unknown) [ 15.299934] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.300021] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.300074] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.300539] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.300795] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.300882] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.300925] page dumped because: kasan: bad access detected [ 15.301228] [ 15.301268] Memory state around the buggy address: [ 15.301387] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.301495] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.301734] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.301859] ^ [ 15.302012] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.302157] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.302282] ================================================================== [ 15.208981] ================================================================== [ 15.209504] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.209757] Write of size 1 at addr fff00000c0b938c9 by task kunit_try_catch/158 [ 15.209867] [ 15.209904] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.210259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.210303] Hardware name: linux,dummy-virt (DT) [ 15.210337] Call trace: [ 15.210359] show_stack+0x20/0x38 (C) [ 15.210718] dump_stack_lvl+0x8c/0xd0 [ 15.210950] print_report+0x118/0x5d0 [ 15.211032] kasan_report+0xdc/0x128 [ 15.211078] __asan_report_store1_noabort+0x20/0x30 [ 15.211130] krealloc_less_oob_helper+0xa48/0xc50 [ 15.211177] krealloc_less_oob+0x20/0x38 [ 15.211502] kunit_try_run_case+0x170/0x3f0 [ 15.211686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.211748] kthread+0x328/0x630 [ 15.212301] ret_from_fork+0x10/0x20 [ 15.212529] [ 15.212614] Allocated by task 158: [ 15.212774] kasan_save_stack+0x3c/0x68 [ 15.212906] kasan_save_track+0x20/0x40 [ 15.212976] kasan_save_alloc_info+0x40/0x58 [ 15.213209] __kasan_krealloc+0x118/0x178 [ 15.213410] krealloc_noprof+0x128/0x360 [ 15.213605] krealloc_less_oob_helper+0x168/0xc50 [ 15.213743] krealloc_less_oob+0x20/0x38 [ 15.213908] kunit_try_run_case+0x170/0x3f0 [ 15.214134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.214235] kthread+0x328/0x630 [ 15.214553] ret_from_fork+0x10/0x20 [ 15.214732] [ 15.215024] The buggy address belongs to the object at fff00000c0b93800 [ 15.215024] which belongs to the cache kmalloc-256 of size 256 [ 15.215269] The buggy address is located 0 bytes to the right of [ 15.215269] allocated 201-byte region [fff00000c0b93800, fff00000c0b938c9) [ 15.215378] [ 15.215400] The buggy address belongs to the physical page: [ 15.215431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.215489] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.215985] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.216077] page_type: f5(slab) [ 15.216198] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.216291] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.216522] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.216604] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.216791] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.217002] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.217092] page dumped because: kasan: bad access detected [ 15.217315] [ 15.217424] Memory state around the buggy address: [ 15.217677] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.217879] fff00000c0b93800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.217940] >fff00000c0b93880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.218001] ^ [ 15.218044] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.218108] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.218154] ================================================================== [ 15.230304] ================================================================== [ 15.230536] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.230608] Write of size 1 at addr fff00000c0b938da by task kunit_try_catch/158 [ 15.230670] [ 15.230699] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.231254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.231388] Hardware name: linux,dummy-virt (DT) [ 15.231465] Call trace: [ 15.231592] show_stack+0x20/0x38 (C) [ 15.231646] dump_stack_lvl+0x8c/0xd0 [ 15.231842] print_report+0x118/0x5d0 [ 15.232155] kasan_report+0xdc/0x128 [ 15.232251] __asan_report_store1_noabort+0x20/0x30 [ 15.232339] krealloc_less_oob_helper+0xa80/0xc50 [ 15.232503] krealloc_less_oob+0x20/0x38 [ 15.232598] kunit_try_run_case+0x170/0x3f0 [ 15.232882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.233090] kthread+0x328/0x630 [ 15.233231] ret_from_fork+0x10/0x20 [ 15.233357] [ 15.233546] Allocated by task 158: [ 15.233655] kasan_save_stack+0x3c/0x68 [ 15.233827] kasan_save_track+0x20/0x40 [ 15.234299] kasan_save_alloc_info+0x40/0x58 [ 15.234729] __kasan_krealloc+0x118/0x178 [ 15.234809] krealloc_noprof+0x128/0x360 [ 15.234864] krealloc_less_oob_helper+0x168/0xc50 [ 15.234935] krealloc_less_oob+0x20/0x38 [ 15.234972] kunit_try_run_case+0x170/0x3f0 [ 15.235219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.235456] kthread+0x328/0x630 [ 15.235562] ret_from_fork+0x10/0x20 [ 15.235644] [ 15.235918] The buggy address belongs to the object at fff00000c0b93800 [ 15.235918] which belongs to the cache kmalloc-256 of size 256 [ 15.235981] The buggy address is located 17 bytes to the right of [ 15.235981] allocated 201-byte region [fff00000c0b93800, fff00000c0b938c9) [ 15.236424] [ 15.236602] The buggy address belongs to the physical page: [ 15.236704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.236797] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.236845] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.236917] page_type: f5(slab) [ 15.236956] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.237031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.237084] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.237132] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.237191] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.237245] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.237293] page dumped because: kasan: bad access detected [ 15.237325] [ 15.237343] Memory state around the buggy address: [ 15.237379] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237437] fff00000c0b93800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.237489] >fff00000c0b93880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.237535] ^ [ 15.237572] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237614] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237652] ================================================================== [ 15.289022] ================================================================== [ 15.289085] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.289150] Write of size 1 at addr fff00000c65060c9 by task kunit_try_catch/162 [ 15.289632] [ 15.289717] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.289903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.289962] Hardware name: linux,dummy-virt (DT) [ 15.290031] Call trace: [ 15.290138] show_stack+0x20/0x38 (C) [ 15.290214] dump_stack_lvl+0x8c/0xd0 [ 15.290415] print_report+0x118/0x5d0 [ 15.290548] kasan_report+0xdc/0x128 [ 15.290736] __asan_report_store1_noabort+0x20/0x30 [ 15.290869] krealloc_less_oob_helper+0xa48/0xc50 [ 15.290921] krealloc_large_less_oob+0x20/0x38 [ 15.290968] kunit_try_run_case+0x170/0x3f0 [ 15.291014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.291070] kthread+0x328/0x630 [ 15.291113] ret_from_fork+0x10/0x20 [ 15.291836] [ 15.291905] The buggy address belongs to the physical page: [ 15.292283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.292421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.292539] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.292697] page_type: f8(unknown) [ 15.292776] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.292863] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.293153] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.293394] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.293480] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.293539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.293621] page dumped because: kasan: bad access detected [ 15.293663] [ 15.293680] Memory state around the buggy address: [ 15.293718] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.293761] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.293814] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.293865] ^ [ 15.293902] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.293955] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.294002] ================================================================== [ 15.304465] ================================================================== [ 15.304514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.304843] Write of size 1 at addr fff00000c65060da by task kunit_try_catch/162 [ 15.304921] [ 15.305205] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.305362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305394] Hardware name: linux,dummy-virt (DT) [ 15.305424] Call trace: [ 15.305483] show_stack+0x20/0x38 (C) [ 15.305951] dump_stack_lvl+0x8c/0xd0 [ 15.306260] print_report+0x118/0x5d0 [ 15.306355] kasan_report+0xdc/0x128 [ 15.306557] __asan_report_store1_noabort+0x20/0x30 [ 15.306774] krealloc_less_oob_helper+0xa80/0xc50 [ 15.306917] krealloc_large_less_oob+0x20/0x38 [ 15.306976] kunit_try_run_case+0x170/0x3f0 [ 15.307321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.307501] kthread+0x328/0x630 [ 15.307582] ret_from_fork+0x10/0x20 [ 15.307930] [ 15.307965] The buggy address belongs to the physical page: [ 15.308033] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.308159] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.308302] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.308518] page_type: f8(unknown) [ 15.308749] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.308972] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.309172] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.309229] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.309331] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.309399] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.309462] page dumped because: kasan: bad access detected [ 15.309494] [ 15.309512] Memory state around the buggy address: [ 15.309545] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.309588] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.309652] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.309690] ^ [ 15.309737] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.309790] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.309828] ================================================================== [ 15.311865] ================================================================== [ 15.312236] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.312323] Write of size 1 at addr fff00000c65060ea by task kunit_try_catch/162 [ 15.312376] [ 15.312609] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.312872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.313087] Hardware name: linux,dummy-virt (DT) [ 15.313144] Call trace: [ 15.313166] show_stack+0x20/0x38 (C) [ 15.313455] dump_stack_lvl+0x8c/0xd0 [ 15.313620] print_report+0x118/0x5d0 [ 15.313692] kasan_report+0xdc/0x128 [ 15.313788] __asan_report_store1_noabort+0x20/0x30 [ 15.313995] krealloc_less_oob_helper+0xae4/0xc50 [ 15.314058] krealloc_large_less_oob+0x20/0x38 [ 15.314248] kunit_try_run_case+0x170/0x3f0 [ 15.314368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.314740] kthread+0x328/0x630 [ 15.314992] ret_from_fork+0x10/0x20 [ 15.315436] [ 15.315608] The buggy address belongs to the physical page: [ 15.315667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.315864] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.316157] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.316370] page_type: f8(unknown) [ 15.316474] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.316608] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.316801] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.317204] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.317290] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.317428] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.317471] page dumped because: kasan: bad access detected [ 15.317502] [ 15.317519] Memory state around the buggy address: [ 15.317551] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.317611] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.317654] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.317690] ^ [ 15.317737] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.317780] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.317821] ================================================================== [ 15.249833] ================================================================== [ 15.249896] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.250648] Write of size 1 at addr fff00000c0b938eb by task kunit_try_catch/158 [ 15.250722] [ 15.250752] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.251447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.251523] Hardware name: linux,dummy-virt (DT) [ 15.251754] Call trace: [ 15.251839] show_stack+0x20/0x38 (C) [ 15.252036] dump_stack_lvl+0x8c/0xd0 [ 15.252162] print_report+0x118/0x5d0 [ 15.252325] kasan_report+0xdc/0x128 [ 15.252432] __asan_report_store1_noabort+0x20/0x30 [ 15.252640] krealloc_less_oob_helper+0xa58/0xc50 [ 15.252901] krealloc_less_oob+0x20/0x38 [ 15.253037] kunit_try_run_case+0x170/0x3f0 [ 15.253318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.253498] kthread+0x328/0x630 [ 15.253675] ret_from_fork+0x10/0x20 [ 15.253892] [ 15.253912] Allocated by task 158: [ 15.254146] kasan_save_stack+0x3c/0x68 [ 15.254306] kasan_save_track+0x20/0x40 [ 15.254604] kasan_save_alloc_info+0x40/0x58 [ 15.254827] __kasan_krealloc+0x118/0x178 [ 15.254897] krealloc_noprof+0x128/0x360 [ 15.254936] krealloc_less_oob_helper+0x168/0xc50 [ 15.255005] krealloc_less_oob+0x20/0x38 [ 15.255268] kunit_try_run_case+0x170/0x3f0 [ 15.255595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.255672] kthread+0x328/0x630 [ 15.255779] ret_from_fork+0x10/0x20 [ 15.255844] [ 15.255885] The buggy address belongs to the object at fff00000c0b93800 [ 15.255885] which belongs to the cache kmalloc-256 of size 256 [ 15.255958] The buggy address is located 34 bytes to the right of [ 15.255958] allocated 201-byte region [fff00000c0b93800, fff00000c0b938c9) [ 15.256054] [ 15.256073] The buggy address belongs to the physical page: [ 15.256103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.256162] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.256224] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.256275] page_type: f5(slab) [ 15.256329] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.256379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.256445] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.256496] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.256559] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.256609] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.256657] page dumped because: kasan: bad access detected [ 15.256696] [ 15.256714] Memory state around the buggy address: [ 15.256750] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256808] fff00000c0b93800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.256868] >fff00000c0b93880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.256906] ^ [ 15.256954] fff00000c0b93900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256996] fff00000c0b93980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.188781] ================================================================== [ 15.188839] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.188905] Write of size 1 at addr fff00000c0b936eb by task kunit_try_catch/156 [ 15.188955] [ 15.189390] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.189710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.189823] Hardware name: linux,dummy-virt (DT) [ 15.189918] Call trace: [ 15.189939] show_stack+0x20/0x38 (C) [ 15.190092] dump_stack_lvl+0x8c/0xd0 [ 15.190316] print_report+0x118/0x5d0 [ 15.190536] kasan_report+0xdc/0x128 [ 15.190622] __asan_report_store1_noabort+0x20/0x30 [ 15.190705] krealloc_more_oob_helper+0x60c/0x678 [ 15.190753] krealloc_more_oob+0x20/0x38 [ 15.190798] kunit_try_run_case+0x170/0x3f0 [ 15.190844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.190960] kthread+0x328/0x630 [ 15.191247] ret_from_fork+0x10/0x20 [ 15.191400] [ 15.191418] Allocated by task 156: [ 15.191448] kasan_save_stack+0x3c/0x68 [ 15.191490] kasan_save_track+0x20/0x40 [ 15.191538] kasan_save_alloc_info+0x40/0x58 [ 15.191577] __kasan_krealloc+0x118/0x178 [ 15.191615] krealloc_noprof+0x128/0x360 [ 15.191652] krealloc_more_oob_helper+0x168/0x678 [ 15.191691] krealloc_more_oob+0x20/0x38 [ 15.191726] kunit_try_run_case+0x170/0x3f0 [ 15.191974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.192214] kthread+0x328/0x630 [ 15.192248] ret_from_fork+0x10/0x20 [ 15.192283] [ 15.192302] The buggy address belongs to the object at fff00000c0b93600 [ 15.192302] which belongs to the cache kmalloc-256 of size 256 [ 15.192420] The buggy address is located 0 bytes to the right of [ 15.192420] allocated 235-byte region [fff00000c0b93600, fff00000c0b936eb) [ 15.192509] [ 15.192528] The buggy address belongs to the physical page: [ 15.192561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.192628] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.192675] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.192726] page_type: f5(slab) [ 15.193004] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.193075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.193172] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.193301] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.193472] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.193523] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.193563] page dumped because: kasan: bad access detected [ 15.193595] [ 15.193652] Memory state around the buggy address: [ 15.194054] fff00000c0b93580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.194184] fff00000c0b93600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.194285] >fff00000c0b93680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.194345] ^ [ 15.194426] fff00000c0b93700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.194473] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.194594] ================================================================== [ 15.274130] ================================================================== [ 15.274212] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.274575] Write of size 1 at addr fff00000c65060f0 by task kunit_try_catch/160 [ 15.274674] [ 15.274742] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.274938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.274969] Hardware name: linux,dummy-virt (DT) [ 15.275028] Call trace: [ 15.275056] show_stack+0x20/0x38 (C) [ 15.275424] dump_stack_lvl+0x8c/0xd0 [ 15.275488] print_report+0x118/0x5d0 [ 15.275709] kasan_report+0xdc/0x128 [ 15.275779] __asan_report_store1_noabort+0x20/0x30 [ 15.276384] krealloc_more_oob_helper+0x5c0/0x678 [ 15.276573] krealloc_large_more_oob+0x20/0x38 [ 15.276629] kunit_try_run_case+0x170/0x3f0 [ 15.276919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.277086] kthread+0x328/0x630 [ 15.277352] ret_from_fork+0x10/0x20 [ 15.277573] [ 15.277602] The buggy address belongs to the physical page: [ 15.277634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.277881] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.278047] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.278474] page_type: f8(unknown) [ 15.278534] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.278587] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.278650] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.278699] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.278778] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.278831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.278892] page dumped because: kasan: bad access detected [ 15.278925] [ 15.278951] Memory state around the buggy address: [ 15.278983] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.279036] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.279088] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.279125] ^ [ 15.279166] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.279208] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.279255] ================================================================== [ 15.265101] ================================================================== [ 15.265162] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.265430] Write of size 1 at addr fff00000c65060eb by task kunit_try_catch/160 [ 15.265629] [ 15.265673] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.265810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.265870] Hardware name: linux,dummy-virt (DT) [ 15.265905] Call trace: [ 15.266105] show_stack+0x20/0x38 (C) [ 15.266589] dump_stack_lvl+0x8c/0xd0 [ 15.267058] print_report+0x118/0x5d0 [ 15.267120] kasan_report+0xdc/0x128 [ 15.267167] __asan_report_store1_noabort+0x20/0x30 [ 15.267222] krealloc_more_oob_helper+0x60c/0x678 [ 15.267800] krealloc_large_more_oob+0x20/0x38 [ 15.267906] kunit_try_run_case+0x170/0x3f0 [ 15.268030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.268318] kthread+0x328/0x630 [ 15.268398] ret_from_fork+0x10/0x20 [ 15.268780] [ 15.268904] The buggy address belongs to the physical page: [ 15.268959] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106504 [ 15.269139] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.269265] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.269352] page_type: f8(unknown) [ 15.269537] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.269605] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.269829] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.269943] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.270132] head: 0bfffe0000000002 ffffc1ffc3194101 00000000ffffffff 00000000ffffffff [ 15.270208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.270250] page dumped because: kasan: bad access detected [ 15.270281] [ 15.270299] Memory state around the buggy address: [ 15.270348] fff00000c6505f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.270404] fff00000c6506000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.270454] >fff00000c6506080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.270491] ^ [ 15.270531] fff00000c6506100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.270573] fff00000c6506180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.271042] ================================================================== [ 15.197431] ================================================================== [ 15.197489] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.197541] Write of size 1 at addr fff00000c0b936f0 by task kunit_try_catch/156 [ 15.198068] [ 15.198098] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.198362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198389] Hardware name: linux,dummy-virt (DT) [ 15.198419] Call trace: [ 15.198446] show_stack+0x20/0x38 (C) [ 15.198495] dump_stack_lvl+0x8c/0xd0 [ 15.198571] print_report+0x118/0x5d0 [ 15.198617] kasan_report+0xdc/0x128 [ 15.198662] __asan_report_store1_noabort+0x20/0x30 [ 15.198821] krealloc_more_oob_helper+0x5c0/0x678 [ 15.199001] krealloc_more_oob+0x20/0x38 [ 15.199048] kunit_try_run_case+0x170/0x3f0 [ 15.199095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.199148] kthread+0x328/0x630 [ 15.199189] ret_from_fork+0x10/0x20 [ 15.199245] [ 15.199333] Allocated by task 156: [ 15.199391] kasan_save_stack+0x3c/0x68 [ 15.199433] kasan_save_track+0x20/0x40 [ 15.199469] kasan_save_alloc_info+0x40/0x58 [ 15.199507] __kasan_krealloc+0x118/0x178 [ 15.199544] krealloc_noprof+0x128/0x360 [ 15.199608] krealloc_more_oob_helper+0x168/0x678 [ 15.199649] krealloc_more_oob+0x20/0x38 [ 15.199685] kunit_try_run_case+0x170/0x3f0 [ 15.199722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.199765] kthread+0x328/0x630 [ 15.199796] ret_from_fork+0x10/0x20 [ 15.199831] [ 15.199859] The buggy address belongs to the object at fff00000c0b93600 [ 15.199859] which belongs to the cache kmalloc-256 of size 256 [ 15.199919] The buggy address is located 5 bytes to the right of [ 15.199919] allocated 235-byte region [fff00000c0b93600, fff00000c0b936eb) [ 15.200041] [ 15.200060] The buggy address belongs to the physical page: [ 15.200091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b92 [ 15.200161] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.200235] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.200346] page_type: f5(slab) [ 15.200385] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.200435] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.200485] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.200533] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.200582] head: 0bfffe0000000001 ffffc1ffc302e481 00000000ffffffff 00000000ffffffff [ 15.200631] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.200671] page dumped because: kasan: bad access detected [ 15.200745] [ 15.200762] Memory state around the buggy address: [ 15.200799] fff00000c0b93580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200921] fff00000c0b93600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.201028] >fff00000c0b93680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.201114] ^ [ 15.201179] fff00000c0b93700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201235] fff00000c0b93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.176517] ================================================================== [ 15.176616] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.176862] Read of size 1 at addr fff00000c77f0000 by task kunit_try_catch/154 [ 15.176914] [ 15.176946] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.177025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.177051] Hardware name: linux,dummy-virt (DT) [ 15.177081] Call trace: [ 15.177102] show_stack+0x20/0x38 (C) [ 15.177150] dump_stack_lvl+0x8c/0xd0 [ 15.177299] print_report+0x118/0x5d0 [ 15.177449] kasan_report+0xdc/0x128 [ 15.177932] __asan_report_load1_noabort+0x20/0x30 [ 15.178011] page_alloc_uaf+0x328/0x350 [ 15.178057] kunit_try_run_case+0x170/0x3f0 [ 15.178457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.178518] kthread+0x328/0x630 [ 15.178567] ret_from_fork+0x10/0x20 [ 15.179033] [ 15.179145] The buggy address belongs to the physical page: [ 15.179185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f0 [ 15.179284] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.179530] page_type: f0(buddy) [ 15.179701] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 15.179878] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.179921] page dumped because: kasan: bad access detected [ 15.179952] [ 15.179970] Memory state around the buggy address: [ 15.180004] fff00000c77eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.180047] fff00000c77eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.180090] >fff00000c77f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.180130] ^ [ 15.180158] fff00000c77f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.180200] fff00000c77f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.180237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.155105] ================================================================== [ 15.155419] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.155579] Free of addr fff00000c6500001 by task kunit_try_catch/150 [ 15.155634] [ 15.155764] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.155847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.155885] Hardware name: linux,dummy-virt (DT) [ 15.155921] Call trace: [ 15.155982] show_stack+0x20/0x38 (C) [ 15.156083] dump_stack_lvl+0x8c/0xd0 [ 15.156319] print_report+0x118/0x5d0 [ 15.156430] kasan_report_invalid_free+0xc0/0xe8 [ 15.156539] __kasan_kfree_large+0x5c/0xa8 [ 15.156585] free_large_kmalloc+0x64/0x190 [ 15.156630] kfree+0x270/0x3c8 [ 15.156677] kmalloc_large_invalid_free+0x108/0x270 [ 15.156871] kunit_try_run_case+0x170/0x3f0 [ 15.156917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.157026] kthread+0x328/0x630 [ 15.157414] ret_from_fork+0x10/0x20 [ 15.157623] [ 15.157645] The buggy address belongs to the physical page: [ 15.157675] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 15.158237] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.158608] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.158819] page_type: f8(unknown) [ 15.158954] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.159004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.159110] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.159162] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.159233] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 15.159282] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.159388] page dumped because: kasan: bad access detected [ 15.159717] [ 15.159792] Memory state around the buggy address: [ 15.159862] fff00000c64fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159907] fff00000c64fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159998] >fff00000c6500000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.160222] ^ [ 15.160256] fff00000c6500080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.160299] fff00000c6500100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.160350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.141575] ================================================================== [ 15.141649] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.141705] Read of size 1 at addr fff00000c6500000 by task kunit_try_catch/148 [ 15.141755] [ 15.141787] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.141883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142261] Hardware name: linux,dummy-virt (DT) [ 15.142441] Call trace: [ 15.142510] show_stack+0x20/0x38 (C) [ 15.143090] dump_stack_lvl+0x8c/0xd0 [ 15.143152] print_report+0x118/0x5d0 [ 15.143198] kasan_report+0xdc/0x128 [ 15.143318] __asan_report_load1_noabort+0x20/0x30 [ 15.143711] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.143759] kunit_try_run_case+0x170/0x3f0 [ 15.144038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.144173] kthread+0x328/0x630 [ 15.144255] ret_from_fork+0x10/0x20 [ 15.144309] [ 15.144415] The buggy address belongs to the physical page: [ 15.144525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 15.144623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.144765] raw: 0bfffe0000000000 ffffc1ffc3194108 fff00000da478c40 0000000000000000 [ 15.144815] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.144892] page dumped because: kasan: bad access detected [ 15.145030] [ 15.145048] Memory state around the buggy address: [ 15.145079] fff00000c64fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145185] fff00000c64fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145228] >fff00000c6500000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.145265] ^ [ 15.145292] fff00000c6500080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.145334] fff00000c6500100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.145391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.120290] ================================================================== [ 15.120423] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.120477] Write of size 1 at addr fff00000c650200a by task kunit_try_catch/146 [ 15.120578] [ 15.120625] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.120708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.120734] Hardware name: linux,dummy-virt (DT) [ 15.120763] Call trace: [ 15.120802] show_stack+0x20/0x38 (C) [ 15.120943] dump_stack_lvl+0x8c/0xd0 [ 15.121090] print_report+0x118/0x5d0 [ 15.121195] kasan_report+0xdc/0x128 [ 15.121249] __asan_report_store1_noabort+0x20/0x30 [ 15.121300] kmalloc_large_oob_right+0x278/0x2b8 [ 15.121346] kunit_try_run_case+0x170/0x3f0 [ 15.121392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.121443] kthread+0x328/0x630 [ 15.121484] ret_from_fork+0x10/0x20 [ 15.121530] [ 15.121566] The buggy address belongs to the physical page: [ 15.121598] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 15.121664] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.121767] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.121836] page_type: f8(unknown) [ 15.121890] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.121948] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.121999] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.122079] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.122401] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 15.123093] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.123638] page dumped because: kasan: bad access detected [ 15.123989] [ 15.124068] Memory state around the buggy address: [ 15.124421] fff00000c6501f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.124799] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.125264] >fff00000c6502000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.125820] ^ [ 15.126057] fff00000c6502080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.126586] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.127012] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.108731] ================================================================== [ 15.108796] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.108847] Write of size 1 at addr fff00000c651df00 by task kunit_try_catch/144 [ 15.109070] [ 15.109260] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.109359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.109416] Hardware name: linux,dummy-virt (DT) [ 15.109465] Call trace: [ 15.109487] show_stack+0x20/0x38 (C) [ 15.109536] dump_stack_lvl+0x8c/0xd0 [ 15.109581] print_report+0x118/0x5d0 [ 15.109636] kasan_report+0xdc/0x128 [ 15.109682] __asan_report_store1_noabort+0x20/0x30 [ 15.109828] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.109889] kunit_try_run_case+0x170/0x3f0 [ 15.110108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.110175] kthread+0x328/0x630 [ 15.110274] ret_from_fork+0x10/0x20 [ 15.110322] [ 15.110341] Allocated by task 144: [ 15.110369] kasan_save_stack+0x3c/0x68 [ 15.110521] kasan_save_track+0x20/0x40 [ 15.110831] kasan_save_alloc_info+0x40/0x58 [ 15.110941] __kasan_kmalloc+0xd4/0xd8 [ 15.111039] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.111126] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.111168] kunit_try_run_case+0x170/0x3f0 [ 15.111206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.111271] kthread+0x328/0x630 [ 15.111303] ret_from_fork+0x10/0x20 [ 15.111339] [ 15.111359] The buggy address belongs to the object at fff00000c651c000 [ 15.111359] which belongs to the cache kmalloc-8k of size 8192 [ 15.111422] The buggy address is located 0 bytes to the right of [ 15.111422] allocated 7936-byte region [fff00000c651c000, fff00000c651df00) [ 15.111488] [ 15.111508] The buggy address belongs to the physical page: [ 15.111540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106518 [ 15.111814] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.111920] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.112003] page_type: f5(slab) [ 15.112070] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.112172] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.112233] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.112567] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.112706] head: 0bfffe0000000003 ffffc1ffc3194601 00000000ffffffff 00000000ffffffff [ 15.112843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.113019] page dumped because: kasan: bad access detected [ 15.113117] [ 15.113176] Memory state around the buggy address: [ 15.113209] fff00000c651de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.113277] fff00000c651de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.113629] >fff00000c651df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.113731] ^ [ 15.113823] fff00000c651df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.113896] fff00000c651e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114098] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.099441] ================================================================== [ 15.099514] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.099564] Write of size 1 at addr fff00000c3f39378 by task kunit_try_catch/142 [ 15.099614] [ 15.099642] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.099720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.099747] Hardware name: linux,dummy-virt (DT) [ 15.099785] Call trace: [ 15.099808] show_stack+0x20/0x38 (C) [ 15.099868] dump_stack_lvl+0x8c/0xd0 [ 15.099913] print_report+0x118/0x5d0 [ 15.099959] kasan_report+0xdc/0x128 [ 15.100004] __asan_report_store1_noabort+0x20/0x30 [ 15.100055] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.100105] kunit_try_run_case+0x170/0x3f0 [ 15.100152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.100203] kthread+0x328/0x630 [ 15.100244] ret_from_fork+0x10/0x20 [ 15.100290] [ 15.100308] Allocated by task 142: [ 15.100334] kasan_save_stack+0x3c/0x68 [ 15.100379] kasan_save_track+0x20/0x40 [ 15.100416] kasan_save_alloc_info+0x40/0x58 [ 15.100465] __kasan_kmalloc+0xd4/0xd8 [ 15.100501] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.100544] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.100585] kunit_try_run_case+0x170/0x3f0 [ 15.100621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.100673] kthread+0x328/0x630 [ 15.100705] ret_from_fork+0x10/0x20 [ 15.100745] [ 15.100763] The buggy address belongs to the object at fff00000c3f39300 [ 15.100763] which belongs to the cache kmalloc-128 of size 128 [ 15.100827] The buggy address is located 0 bytes to the right of [ 15.100827] allocated 120-byte region [fff00000c3f39300, fff00000c3f39378) [ 15.101404] [ 15.101430] The buggy address belongs to the physical page: [ 15.101459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.101512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.101559] page_type: f5(slab) [ 15.101597] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.102041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.102123] page dumped because: kasan: bad access detected [ 15.102156] [ 15.102173] Memory state around the buggy address: [ 15.102205] fff00000c3f39200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.102249] fff00000c3f39280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102291] >fff00000c3f39300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.102477] ^ [ 15.102591] fff00000c3f39380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102807] fff00000c3f39400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102845] ================================================================== [ 15.094015] ================================================================== [ 15.094099] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.094365] Write of size 1 at addr fff00000c3f39278 by task kunit_try_catch/142 [ 15.094417] [ 15.094455] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.094648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.094682] Hardware name: linux,dummy-virt (DT) [ 15.094725] Call trace: [ 15.094763] show_stack+0x20/0x38 (C) [ 15.094972] dump_stack_lvl+0x8c/0xd0 [ 15.095156] print_report+0x118/0x5d0 [ 15.095346] kasan_report+0xdc/0x128 [ 15.095572] __asan_report_store1_noabort+0x20/0x30 [ 15.095628] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.095691] kunit_try_run_case+0x170/0x3f0 [ 15.095898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.095958] kthread+0x328/0x630 [ 15.096000] ret_from_fork+0x10/0x20 [ 15.096188] [ 15.096228] Allocated by task 142: [ 15.096317] kasan_save_stack+0x3c/0x68 [ 15.096430] kasan_save_track+0x20/0x40 [ 15.096519] kasan_save_alloc_info+0x40/0x58 [ 15.096640] __kasan_kmalloc+0xd4/0xd8 [ 15.096697] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.096787] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.096864] kunit_try_run_case+0x170/0x3f0 [ 15.096901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.096944] kthread+0x328/0x630 [ 15.097015] ret_from_fork+0x10/0x20 [ 15.097219] [ 15.097278] The buggy address belongs to the object at fff00000c3f39200 [ 15.097278] which belongs to the cache kmalloc-128 of size 128 [ 15.097338] The buggy address is located 0 bytes to the right of [ 15.097338] allocated 120-byte region [fff00000c3f39200, fff00000c3f39278) [ 15.097578] [ 15.097634] The buggy address belongs to the physical page: [ 15.097719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.097863] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.097961] page_type: f5(slab) [ 15.098048] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.098149] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.098225] page dumped because: kasan: bad access detected [ 15.098297] [ 15.098346] Memory state around the buggy address: [ 15.098424] fff00000c3f39100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.098587] fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098650] >fff00000c3f39200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.098689] ^ [ 15.098731] fff00000c3f39280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098772] fff00000c3f39300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098810] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.081519] ================================================================== [ 15.081578] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.081647] Read of size 1 at addr fff00000c5c8d000 by task kunit_try_catch/140 [ 15.081699] [ 15.081727] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.081811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.081847] Hardware name: linux,dummy-virt (DT) [ 15.081890] Call trace: [ 15.081911] show_stack+0x20/0x38 (C) [ 15.081960] dump_stack_lvl+0x8c/0xd0 [ 15.082006] print_report+0x118/0x5d0 [ 15.082052] kasan_report+0xdc/0x128 [ 15.082096] __asan_report_load1_noabort+0x20/0x30 [ 15.082146] kmalloc_node_oob_right+0x2f4/0x330 [ 15.082193] kunit_try_run_case+0x170/0x3f0 [ 15.082668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.082805] kthread+0x328/0x630 [ 15.082891] ret_from_fork+0x10/0x20 [ 15.083041] [ 15.083069] Allocated by task 140: [ 15.083098] kasan_save_stack+0x3c/0x68 [ 15.083139] kasan_save_track+0x20/0x40 [ 15.083176] kasan_save_alloc_info+0x40/0x58 [ 15.083214] __kasan_kmalloc+0xd4/0xd8 [ 15.083267] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.083308] kmalloc_node_oob_right+0xbc/0x330 [ 15.083346] kunit_try_run_case+0x170/0x3f0 [ 15.083486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.083698] kthread+0x328/0x630 [ 15.083770] ret_from_fork+0x10/0x20 [ 15.083818] [ 15.083926] The buggy address belongs to the object at fff00000c5c8c000 [ 15.083926] which belongs to the cache kmalloc-4k of size 4096 [ 15.084062] The buggy address is located 0 bytes to the right of [ 15.084062] allocated 4096-byte region [fff00000c5c8c000, fff00000c5c8d000) [ 15.084207] [ 15.084255] The buggy address belongs to the physical page: [ 15.084494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c88 [ 15.085497] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.085601] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.085713] page_type: f5(slab) [ 15.085951] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.086237] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.086375] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.086593] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.086756] head: 0bfffe0000000003 ffffc1ffc3172201 00000000ffffffff 00000000ffffffff [ 15.086911] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.086977] page dumped because: kasan: bad access detected [ 15.087009] [ 15.087180] Memory state around the buggy address: [ 15.087216] fff00000c5c8cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.087259] fff00000c5c8cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.087557] >fff00000c5c8d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087626] ^ [ 15.087836] fff00000c5c8d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087920] fff00000c5c8d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088032] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.071775] ================================================================== [ 15.071884] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.071935] Read of size 1 at addr fff00000c3ec409f by task kunit_try_catch/138 [ 15.072058] [ 15.072094] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.072175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.072201] Hardware name: linux,dummy-virt (DT) [ 15.072447] Call trace: [ 15.072544] show_stack+0x20/0x38 (C) [ 15.072599] dump_stack_lvl+0x8c/0xd0 [ 15.072914] print_report+0x118/0x5d0 [ 15.073063] kasan_report+0xdc/0x128 [ 15.073140] __asan_report_load1_noabort+0x20/0x30 [ 15.073268] kmalloc_oob_left+0x2ec/0x320 [ 15.073314] kunit_try_run_case+0x170/0x3f0 [ 15.073385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.073448] kthread+0x328/0x630 [ 15.073516] ret_from_fork+0x10/0x20 [ 15.073582] [ 15.073615] Allocated by task 26: [ 15.073739] kasan_save_stack+0x3c/0x68 [ 15.073896] kasan_save_track+0x20/0x40 [ 15.073964] kasan_save_alloc_info+0x40/0x58 [ 15.074029] __kasan_kmalloc+0xd4/0xd8 [ 15.074066] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.074110] kstrdup+0x54/0xc8 [ 15.074153] devtmpfs_work_loop+0x6f8/0xa58 [ 15.074194] devtmpfsd+0x50/0x58 [ 15.074228] kthread+0x328/0x630 [ 15.074260] ret_from_fork+0x10/0x20 [ 15.074295] [ 15.074327] Freed by task 26: [ 15.074365] kasan_save_stack+0x3c/0x68 [ 15.074412] kasan_save_track+0x20/0x40 [ 15.074457] kasan_save_free_info+0x4c/0x78 [ 15.074495] __kasan_slab_free+0x6c/0x98 [ 15.074531] kfree+0x214/0x3c8 [ 15.074564] devtmpfs_work_loop+0x804/0xa58 [ 15.074600] devtmpfsd+0x50/0x58 [ 15.074631] kthread+0x328/0x630 [ 15.074662] ret_from_fork+0x10/0x20 [ 15.075082] [ 15.075116] The buggy address belongs to the object at fff00000c3ec4080 [ 15.075116] which belongs to the cache kmalloc-16 of size 16 [ 15.075234] The buggy address is located 15 bytes to the right of [ 15.075234] allocated 16-byte region [fff00000c3ec4080, fff00000c3ec4090) [ 15.075394] [ 15.075474] The buggy address belongs to the physical page: [ 15.075577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ec4 [ 15.075652] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.075844] page_type: f5(slab) [ 15.075955] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.076007] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.076176] page dumped because: kasan: bad access detected [ 15.076207] [ 15.076224] Memory state around the buggy address: [ 15.076264] fff00000c3ec3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076307] fff00000c3ec4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.076349] >fff00000c3ec4080: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 15.076524] ^ [ 15.076634] fff00000c3ec4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076678] fff00000c3ec4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076763] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.045072] ================================================================== [ 15.045423] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.046237] Write of size 1 at addr fff00000c3f39173 by task kunit_try_catch/136 [ 15.046346] [ 15.047172] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT [ 15.047316] Tainted: [N]=TEST [ 15.047348] Hardware name: linux,dummy-virt (DT) [ 15.047563] Call trace: [ 15.047729] show_stack+0x20/0x38 (C) [ 15.047932] dump_stack_lvl+0x8c/0xd0 [ 15.048005] print_report+0x118/0x5d0 [ 15.048053] kasan_report+0xdc/0x128 [ 15.048099] __asan_report_store1_noabort+0x20/0x30 [ 15.048150] kmalloc_oob_right+0x5a4/0x660 [ 15.048197] kunit_try_run_case+0x170/0x3f0 [ 15.048249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.048303] kthread+0x328/0x630 [ 15.048346] ret_from_fork+0x10/0x20 [ 15.048501] [ 15.048539] Allocated by task 136: [ 15.048656] kasan_save_stack+0x3c/0x68 [ 15.048720] kasan_save_track+0x20/0x40 [ 15.048759] kasan_save_alloc_info+0x40/0x58 [ 15.048799] __kasan_kmalloc+0xd4/0xd8 [ 15.048835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.048891] kmalloc_oob_right+0xb0/0x660 [ 15.048927] kunit_try_run_case+0x170/0x3f0 [ 15.048964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.049008] kthread+0x328/0x630 [ 15.049040] ret_from_fork+0x10/0x20 [ 15.049096] [ 15.049155] The buggy address belongs to the object at fff00000c3f39100 [ 15.049155] which belongs to the cache kmalloc-128 of size 128 [ 15.049249] The buggy address is located 0 bytes to the right of [ 15.049249] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.049318] [ 15.049399] The buggy address belongs to the physical page: [ 15.049604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.049899] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.050183] page_type: f5(slab) [ 15.050490] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.050555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.050678] page dumped because: kasan: bad access detected [ 15.050720] [ 15.050746] Memory state around the buggy address: [ 15.050975] fff00000c3f39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.051044] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051099] >fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.051153] ^ [ 15.051234] fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051277] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.051341] ================================================================== [ 15.057782] ================================================================== [ 15.057946] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.058035] Read of size 1 at addr fff00000c3f39180 by task kunit_try_catch/136 [ 15.058086] [ 15.058114] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.058193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.058314] Hardware name: linux,dummy-virt (DT) [ 15.058344] Call trace: [ 15.058503] show_stack+0x20/0x38 (C) [ 15.058667] dump_stack_lvl+0x8c/0xd0 [ 15.058765] print_report+0x118/0x5d0 [ 15.058964] kasan_report+0xdc/0x128 [ 15.059013] __asan_report_load1_noabort+0x20/0x30 [ 15.059064] kmalloc_oob_right+0x5d0/0x660 [ 15.059251] kunit_try_run_case+0x170/0x3f0 [ 15.059309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.059425] kthread+0x328/0x630 [ 15.059573] ret_from_fork+0x10/0x20 [ 15.059631] [ 15.059649] Allocated by task 136: [ 15.059678] kasan_save_stack+0x3c/0x68 [ 15.059718] kasan_save_track+0x20/0x40 [ 15.059754] kasan_save_alloc_info+0x40/0x58 [ 15.059935] __kasan_kmalloc+0xd4/0xd8 [ 15.060055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.060148] kmalloc_oob_right+0xb0/0x660 [ 15.060216] kunit_try_run_case+0x170/0x3f0 [ 15.060283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.060325] kthread+0x328/0x630 [ 15.060357] ret_from_fork+0x10/0x20 [ 15.060401] [ 15.060420] The buggy address belongs to the object at fff00000c3f39100 [ 15.060420] which belongs to the cache kmalloc-128 of size 128 [ 15.060487] The buggy address is located 13 bytes to the right of [ 15.060487] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.060569] [ 15.060588] The buggy address belongs to the physical page: [ 15.060625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.060677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.060734] page_type: f5(slab) [ 15.060781] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.060840] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.060891] page dumped because: kasan: bad access detected [ 15.060922] [ 15.060939] Memory state around the buggy address: [ 15.060969] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061011] fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.061090] >fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061307] ^ [ 15.061444] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061599] fff00000c3f39280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061694] ================================================================== [ 15.052739] ================================================================== [ 15.052778] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.052824] Write of size 1 at addr fff00000c3f39178 by task kunit_try_catch/136 [ 15.052890] [ 15.052919] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 15.052999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.053025] Hardware name: linux,dummy-virt (DT) [ 15.053054] Call trace: [ 15.053075] show_stack+0x20/0x38 (C) [ 15.053122] dump_stack_lvl+0x8c/0xd0 [ 15.053170] print_report+0x118/0x5d0 [ 15.053218] kasan_report+0xdc/0x128 [ 15.053280] __asan_report_store1_noabort+0x20/0x30 [ 15.053332] kmalloc_oob_right+0x538/0x660 [ 15.053377] kunit_try_run_case+0x170/0x3f0 [ 15.053426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.053478] kthread+0x328/0x630 [ 15.053519] ret_from_fork+0x10/0x20 [ 15.053565] [ 15.053582] Allocated by task 136: [ 15.053610] kasan_save_stack+0x3c/0x68 [ 15.053649] kasan_save_track+0x20/0x40 [ 15.053685] kasan_save_alloc_info+0x40/0x58 [ 15.054390] __kasan_kmalloc+0xd4/0xd8 [ 15.054630] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.054838] kmalloc_oob_right+0xb0/0x660 [ 15.054923] kunit_try_run_case+0x170/0x3f0 [ 15.054971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.055084] kthread+0x328/0x630 [ 15.055151] ret_from_fork+0x10/0x20 [ 15.055280] [ 15.055356] The buggy address belongs to the object at fff00000c3f39100 [ 15.055356] which belongs to the cache kmalloc-128 of size 128 [ 15.055418] The buggy address is located 5 bytes to the right of [ 15.055418] allocated 115-byte region [fff00000c3f39100, fff00000c3f39173) [ 15.055632] [ 15.055651] The buggy address belongs to the physical page: [ 15.055681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f39 [ 15.055751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.056027] page_type: f5(slab) [ 15.056108] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.056161] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.056201] page dumped because: kasan: bad access detected [ 15.056235] [ 15.056255] Memory state around the buggy address: [ 15.056487] fff00000c3f39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.056565] fff00000c3f39080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056705] >fff00000c3f39100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.056836] ^ [ 15.056897] fff00000c3f39180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056939] fff00000c3f39200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056997] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.676398] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.677884] Modules linked in: [ 97.678095] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc7 #1 PREEMPT [ 97.678492] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.679241] Hardware name: linux,dummy-virt (DT) [ 97.679818] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.680645] pc : intlog10+0x38/0x48 [ 97.681062] lr : intlog10_test+0xe4/0x200 [ 97.681506] sp : ffff8000820c7c10 [ 97.681883] x29: ffff8000820c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.682716] x26: 1ffe0000199bcd61 x25: 0000000000000000 x24: ffff8000820c7ce0 [ 97.683709] x23: ffff8000820c7d00 x22: 0000000000000000 x21: 1ffff00010418f82 [ 97.684372] x20: ffffab7db5889e80 x19: ffff800080087990 x18: 000000003dea5a8a [ 97.684733] x17: 00000000f81d6368 x16: fff00000c0975c3c x15: 00000000028aa371 [ 97.685094] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff756fb72e3379 [ 97.685438] x11: 1ffff56fb72e3378 x10: ffff756fb72e3378 x9 : ffffab7db2e379dc [ 97.685785] x8 : ffffab7db9719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.686693] x5 : ffff700010418f82 x4 : 1ffff00010010f3a x3 : 1ffff56fb6b113d0 [ 97.687492] x2 : 1ffff56fb6b113d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.688272] Call trace: [ 97.688580] intlog10+0x38/0x48 (P) [ 97.689012] kunit_try_run_case+0x170/0x3f0 [ 97.689472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.690043] kthread+0x328/0x630 [ 97.690430] ret_from_fork+0x10/0x20 [ 97.690937] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.627990] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.631993] Modules linked in: [ 97.632559] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc7 #1 PREEMPT [ 97.633559] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.634127] Hardware name: linux,dummy-virt (DT) [ 97.634653] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.635101] pc : intlog2+0xd8/0xf8 [ 97.635431] lr : intlog2_test+0xe4/0x200 [ 97.635686] sp : ffff800082117c10 [ 97.636078] x29: ffff800082117c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.636897] x26: 1ffe00001909dd61 x25: 0000000000000000 x24: ffff800082117ce0 [ 97.637475] x23: ffff800082117d00 x22: 0000000000000000 x21: 1ffff00010422f82 [ 97.638211] x20: ffffab7db5889d80 x19: ffff800080087990 x18: 0000000044369e2e [ 97.639170] x17: fff0548322cb6000 x16: fff00000c097583c x15: 0000000008dea0a8 [ 97.639546] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff756fb72e3379 [ 97.639904] x11: 1ffff56fb72e3378 x10: ffff756fb72e3378 x9 : ffffab7db2e37bdc [ 97.640247] x8 : ffffab7db9719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.640587] x5 : ffff700010422f82 x4 : 1ffff00010010f3a x3 : 1ffff56fb6b113b0 [ 97.641057] x2 : 1ffff56fb6b113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.641760] Call trace: [ 97.642037] intlog2+0xd8/0xf8 (P) [ 97.642411] kunit_try_run_case+0x170/0x3f0 [ 97.643130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.643391] kthread+0x328/0x630 [ 97.643572] ret_from_fork+0x10/0x20 [ 97.643778] ---[ end trace 0000000000000000 ]---