Date
April 22, 2025, 11:09 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.248480] ================================================================== [ 18.248745] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.249196] Read of size 4 at addr fff00000c62b9cc0 by task swapper/1/0 [ 18.249341] [ 18.249434] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.249633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.249696] Hardware name: linux,dummy-virt (DT) [ 18.249768] Call trace: [ 18.249822] show_stack+0x20/0x38 (C) [ 18.249937] dump_stack_lvl+0x8c/0xd0 [ 18.250387] print_report+0x118/0x608 [ 18.250514] kasan_report+0xdc/0x128 [ 18.251219] __asan_report_load4_noabort+0x20/0x30 [ 18.251317] rcu_uaf_reclaim+0x64/0x70 [ 18.251393] rcu_core+0x9f4/0x1e20 [ 18.251444] rcu_core_si+0x18/0x30 [ 18.251498] handle_softirqs+0x374/0xb28 [ 18.251640] __do_softirq+0x1c/0x28 [ 18.251767] ____do_softirq+0x18/0x30 [ 18.251898] call_on_irq_stack+0x24/0x58 [ 18.251998] do_softirq_own_stack+0x24/0x38 [ 18.252080] __irq_exit_rcu+0x1fc/0x318 [ 18.252155] irq_exit_rcu+0x1c/0x80 [ 18.252233] el1_interrupt+0x38/0x58 [ 18.252328] el1h_64_irq_handler+0x18/0x28 [ 18.252433] el1h_64_irq+0x6c/0x70 [ 18.252742] arch_local_irq_enable+0x4/0x8 (P) [ 18.252894] do_idle+0x384/0x4e8 [ 18.253028] cpu_startup_entry+0x64/0x80 [ 18.253132] secondary_start_kernel+0x288/0x340 [ 18.253233] __secondary_switched+0xc0/0xc8 [ 18.253394] [ 18.253460] Allocated by task 200: [ 18.253574] kasan_save_stack+0x3c/0x68 [ 18.253657] kasan_save_track+0x20/0x40 [ 18.253730] kasan_save_alloc_info+0x40/0x58 [ 18.253811] __kasan_kmalloc+0xd4/0xd8 [ 18.253871] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.253953] rcu_uaf+0xb0/0x2d8 [ 18.254025] kunit_try_run_case+0x170/0x3f0 [ 18.254114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.254204] kthread+0x328/0x630 [ 18.254276] ret_from_fork+0x10/0x20 [ 18.254366] [ 18.254414] Freed by task 0: [ 18.254475] kasan_save_stack+0x3c/0x68 [ 18.254644] kasan_save_track+0x20/0x40 [ 18.254739] kasan_save_free_info+0x4c/0x78 [ 18.254824] __kasan_slab_free+0x6c/0x98 [ 18.254902] kfree+0x214/0x3c8 [ 18.254984] rcu_uaf_reclaim+0x28/0x70 [ 18.255107] rcu_core+0x9f4/0x1e20 [ 18.255189] rcu_core_si+0x18/0x30 [ 18.255318] handle_softirqs+0x374/0xb28 [ 18.255401] __do_softirq+0x1c/0x28 [ 18.255470] [ 18.255528] Last potentially related work creation: [ 18.255610] kasan_save_stack+0x3c/0x68 [ 18.255679] kasan_record_aux_stack+0xb4/0xc8 [ 18.255756] __call_rcu_common.constprop.0+0x70/0x8b0 [ 18.255839] call_rcu+0x18/0x30 [ 18.255895] rcu_uaf+0x14c/0x2d8 [ 18.255954] kunit_try_run_case+0x170/0x3f0 [ 18.256044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.256115] kthread+0x328/0x630 [ 18.256182] ret_from_fork+0x10/0x20 [ 18.256342] [ 18.256481] The buggy address belongs to the object at fff00000c62b9cc0 [ 18.256481] which belongs to the cache kmalloc-32 of size 32 [ 18.256720] The buggy address is located 0 bytes inside of [ 18.256720] freed 32-byte region [fff00000c62b9cc0, fff00000c62b9ce0) [ 18.256952] [ 18.257613] The buggy address belongs to the physical page: [ 18.258028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062b9 [ 18.258221] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.258454] page_type: f5(slab) [ 18.258576] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.259039] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.259166] page dumped because: kasan: bad access detected [ 18.259244] [ 18.259288] Memory state around the buggy address: [ 18.259730] fff00000c62b9b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.259853] fff00000c62b9c00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.259941] >fff00000c62b9c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.260009] ^ [ 18.260079] fff00000c62b9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.260833] fff00000c62b9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.260982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.096869] ================================================================== [ 18.096986] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.097095] Read of size 1 at addr fff00000c62d4d78 by task kunit_try_catch/198 [ 18.097208] [ 18.097287] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.097488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.099940] Hardware name: linux,dummy-virt (DT) [ 18.100146] Call trace: [ 18.100221] show_stack+0x20/0x38 (C) [ 18.100874] dump_stack_lvl+0x8c/0xd0 [ 18.100988] print_report+0x118/0x608 [ 18.101084] kasan_report+0xdc/0x128 [ 18.101177] __asan_report_load1_noabort+0x20/0x30 [ 18.101290] ksize_uaf+0x544/0x5f8 [ 18.101390] kunit_try_run_case+0x170/0x3f0 [ 18.101504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.101652] kthread+0x328/0x630 [ 18.101754] ret_from_fork+0x10/0x20 [ 18.101864] [ 18.101905] Allocated by task 198: [ 18.101967] kasan_save_stack+0x3c/0x68 [ 18.102055] kasan_save_track+0x20/0x40 [ 18.103678] kasan_save_alloc_info+0x40/0x58 [ 18.103954] __kasan_kmalloc+0xd4/0xd8 [ 18.104521] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.104843] ksize_uaf+0xb8/0x5f8 [ 18.105062] kunit_try_run_case+0x170/0x3f0 [ 18.105195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.105946] kthread+0x328/0x630 [ 18.106174] ret_from_fork+0x10/0x20 [ 18.106274] [ 18.106319] Freed by task 198: [ 18.106854] kasan_save_stack+0x3c/0x68 [ 18.107183] kasan_save_track+0x20/0x40 [ 18.107876] kasan_save_free_info+0x4c/0x78 [ 18.108130] __kasan_slab_free+0x6c/0x98 [ 18.108277] kfree+0x214/0x3c8 [ 18.108463] ksize_uaf+0x11c/0x5f8 [ 18.108555] kunit_try_run_case+0x170/0x3f0 [ 18.108645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.108734] kthread+0x328/0x630 [ 18.108806] ret_from_fork+0x10/0x20 [ 18.108885] [ 18.108931] The buggy address belongs to the object at fff00000c62d4d00 [ 18.108931] which belongs to the cache kmalloc-128 of size 128 [ 18.109065] The buggy address is located 120 bytes inside of [ 18.109065] freed 128-byte region [fff00000c62d4d00, fff00000c62d4d80) [ 18.109903] [ 18.110306] The buggy address belongs to the physical page: [ 18.110642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.110788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.110921] page_type: f5(slab) [ 18.111039] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.111157] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.111249] page dumped because: kasan: bad access detected [ 18.111322] [ 18.111364] Memory state around the buggy address: [ 18.111439] fff00000c62d4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.111551] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111688] >fff00000c62d4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.111821] ^ [ 18.111922] fff00000c62d4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.112057] fff00000c62d4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.112147] ================================================================== [ 18.076992] ================================================================== [ 18.077107] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.077520] Read of size 1 at addr fff00000c62d4d00 by task kunit_try_catch/198 [ 18.077681] [ 18.077801] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.078063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.078155] Hardware name: linux,dummy-virt (DT) [ 18.078226] Call trace: [ 18.078275] show_stack+0x20/0x38 (C) [ 18.078384] dump_stack_lvl+0x8c/0xd0 [ 18.078482] print_report+0x118/0x608 [ 18.078589] kasan_report+0xdc/0x128 [ 18.078697] __asan_report_load1_noabort+0x20/0x30 [ 18.078830] ksize_uaf+0x598/0x5f8 [ 18.079455] kunit_try_run_case+0x170/0x3f0 [ 18.079547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.079672] kthread+0x328/0x630 [ 18.079780] ret_from_fork+0x10/0x20 [ 18.079896] [ 18.079936] Allocated by task 198: [ 18.079989] kasan_save_stack+0x3c/0x68 [ 18.080058] kasan_save_track+0x20/0x40 [ 18.080127] kasan_save_alloc_info+0x40/0x58 [ 18.080206] __kasan_kmalloc+0xd4/0xd8 [ 18.080282] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.080371] ksize_uaf+0xb8/0x5f8 [ 18.080672] kunit_try_run_case+0x170/0x3f0 [ 18.080939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.081567] kthread+0x328/0x630 [ 18.081935] ret_from_fork+0x10/0x20 [ 18.082253] [ 18.082386] Freed by task 198: [ 18.082454] kasan_save_stack+0x3c/0x68 [ 18.083163] kasan_save_track+0x20/0x40 [ 18.083552] kasan_save_free_info+0x4c/0x78 [ 18.083634] __kasan_slab_free+0x6c/0x98 [ 18.083704] kfree+0x214/0x3c8 [ 18.083771] ksize_uaf+0x11c/0x5f8 [ 18.083848] kunit_try_run_case+0x170/0x3f0 [ 18.085306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.085726] kthread+0x328/0x630 [ 18.086303] ret_from_fork+0x10/0x20 [ 18.086807] [ 18.086870] The buggy address belongs to the object at fff00000c62d4d00 [ 18.086870] which belongs to the cache kmalloc-128 of size 128 [ 18.087455] The buggy address is located 0 bytes inside of [ 18.087455] freed 128-byte region [fff00000c62d4d00, fff00000c62d4d80) [ 18.088056] [ 18.088105] The buggy address belongs to the physical page: [ 18.088172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.088820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.089234] page_type: f5(slab) [ 18.089321] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.089922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.090467] page dumped because: kasan: bad access detected [ 18.090553] [ 18.090597] Memory state around the buggy address: [ 18.090668] fff00000c62d4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.090774] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.090875] >fff00000c62d4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.090967] ^ [ 18.091031] fff00000c62d4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.091136] fff00000c62d4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.091232] ================================================================== [ 18.066866] ================================================================== [ 18.067004] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.067428] Read of size 1 at addr fff00000c62d4d00 by task kunit_try_catch/198 [ 18.067938] [ 18.068035] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.068229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.068284] Hardware name: linux,dummy-virt (DT) [ 18.068354] Call trace: [ 18.068405] show_stack+0x20/0x38 (C) [ 18.068518] dump_stack_lvl+0x8c/0xd0 [ 18.068633] print_report+0x118/0x608 [ 18.068732] kasan_report+0xdc/0x128 [ 18.069180] __kasan_check_byte+0x54/0x70 [ 18.069547] ksize+0x30/0x88 [ 18.069650] ksize_uaf+0x168/0x5f8 [ 18.069752] kunit_try_run_case+0x170/0x3f0 [ 18.069848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.069952] kthread+0x328/0x630 [ 18.070039] ret_from_fork+0x10/0x20 [ 18.070140] [ 18.070185] Allocated by task 198: [ 18.070246] kasan_save_stack+0x3c/0x68 [ 18.070324] kasan_save_track+0x20/0x40 [ 18.070394] kasan_save_alloc_info+0x40/0x58 [ 18.070463] __kasan_kmalloc+0xd4/0xd8 [ 18.070587] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.070668] ksize_uaf+0xb8/0x5f8 [ 18.071154] kunit_try_run_case+0x170/0x3f0 [ 18.071265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.071403] kthread+0x328/0x630 [ 18.071490] ret_from_fork+0x10/0x20 [ 18.071631] [ 18.071696] Freed by task 198: [ 18.071781] kasan_save_stack+0x3c/0x68 [ 18.071896] kasan_save_track+0x20/0x40 [ 18.072001] kasan_save_free_info+0x4c/0x78 [ 18.072085] __kasan_slab_free+0x6c/0x98 [ 18.072152] kfree+0x214/0x3c8 [ 18.072238] ksize_uaf+0x11c/0x5f8 [ 18.072302] kunit_try_run_case+0x170/0x3f0 [ 18.072380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.072520] kthread+0x328/0x630 [ 18.072630] ret_from_fork+0x10/0x20 [ 18.072697] [ 18.072736] The buggy address belongs to the object at fff00000c62d4d00 [ 18.072736] which belongs to the cache kmalloc-128 of size 128 [ 18.073109] The buggy address is located 0 bytes inside of [ 18.073109] freed 128-byte region [fff00000c62d4d00, fff00000c62d4d80) [ 18.073258] [ 18.073304] The buggy address belongs to the physical page: [ 18.073380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.073517] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.073663] page_type: f5(slab) [ 18.073768] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.073874] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.073965] page dumped because: kasan: bad access detected [ 18.074042] [ 18.074093] Memory state around the buggy address: [ 18.074163] fff00000c62d4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.074611] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.074766] >fff00000c62d4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.074891] ^ [ 18.074980] fff00000c62d4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.075115] fff00000c62d4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.075201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.026733] ================================================================== [ 18.026844] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.026952] Read of size 1 at addr fff00000c62d4c78 by task kunit_try_catch/196 [ 18.027056] [ 18.027945] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.028225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.028613] Hardware name: linux,dummy-virt (DT) [ 18.028719] Call trace: [ 18.028789] show_stack+0x20/0x38 (C) [ 18.028909] dump_stack_lvl+0x8c/0xd0 [ 18.029011] print_report+0x118/0x608 [ 18.029105] kasan_report+0xdc/0x128 [ 18.029206] __asan_report_load1_noabort+0x20/0x30 [ 18.029725] ksize_unpoisons_memory+0x618/0x740 [ 18.030194] kunit_try_run_case+0x170/0x3f0 [ 18.030416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.030556] kthread+0x328/0x630 [ 18.030663] ret_from_fork+0x10/0x20 [ 18.030778] [ 18.031454] Allocated by task 196: [ 18.031538] kasan_save_stack+0x3c/0x68 [ 18.031631] kasan_save_track+0x20/0x40 [ 18.031706] kasan_save_alloc_info+0x40/0x58 [ 18.031793] __kasan_kmalloc+0xd4/0xd8 [ 18.032622] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.033131] ksize_unpoisons_memory+0xc0/0x740 [ 18.033270] kunit_try_run_case+0x170/0x3f0 [ 18.033361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.033457] kthread+0x328/0x630 [ 18.033924] ret_from_fork+0x10/0x20 [ 18.034029] [ 18.034087] The buggy address belongs to the object at fff00000c62d4c00 [ 18.034087] which belongs to the cache kmalloc-128 of size 128 [ 18.034220] The buggy address is located 5 bytes to the right of [ 18.034220] allocated 115-byte region [fff00000c62d4c00, fff00000c62d4c73) [ 18.034376] [ 18.034765] The buggy address belongs to the physical page: [ 18.034847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.034969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.035086] page_type: f5(slab) [ 18.035618] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.035744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.035836] page dumped because: kasan: bad access detected [ 18.035907] [ 18.035953] Memory state around the buggy address: [ 18.036025] fff00000c62d4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.037092] fff00000c62d4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037444] >fff00000c62d4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.037884] ^ [ 18.038102] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038618] fff00000c62d4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038751] ================================================================== [ 18.042441] ================================================================== [ 18.042621] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.042787] Read of size 1 at addr fff00000c62d4c7f by task kunit_try_catch/196 [ 18.042932] [ 18.043007] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.043185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.043522] Hardware name: linux,dummy-virt (DT) [ 18.043738] Call trace: [ 18.043804] show_stack+0x20/0x38 (C) [ 18.043925] dump_stack_lvl+0x8c/0xd0 [ 18.044042] print_report+0x118/0x608 [ 18.044142] kasan_report+0xdc/0x128 [ 18.044510] __asan_report_load1_noabort+0x20/0x30 [ 18.044708] ksize_unpoisons_memory+0x690/0x740 [ 18.044882] kunit_try_run_case+0x170/0x3f0 [ 18.044998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.045115] kthread+0x328/0x630 [ 18.045198] ret_from_fork+0x10/0x20 [ 18.045295] [ 18.045339] Allocated by task 196: [ 18.045407] kasan_save_stack+0x3c/0x68 [ 18.045515] kasan_save_track+0x20/0x40 [ 18.045605] kasan_save_alloc_info+0x40/0x58 [ 18.045702] __kasan_kmalloc+0xd4/0xd8 [ 18.045791] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.045894] ksize_unpoisons_memory+0xc0/0x740 [ 18.045988] kunit_try_run_case+0x170/0x3f0 [ 18.046112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.046218] kthread+0x328/0x630 [ 18.046303] ret_from_fork+0x10/0x20 [ 18.046614] [ 18.046677] The buggy address belongs to the object at fff00000c62d4c00 [ 18.046677] which belongs to the cache kmalloc-128 of size 128 [ 18.046963] The buggy address is located 12 bytes to the right of [ 18.046963] allocated 115-byte region [fff00000c62d4c00, fff00000c62d4c73) [ 18.047130] [ 18.047351] The buggy address belongs to the physical page: [ 18.047509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.047663] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.047781] page_type: f5(slab) [ 18.047928] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.048188] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.048350] page dumped because: kasan: bad access detected [ 18.048413] [ 18.048453] Memory state around the buggy address: [ 18.048859] fff00000c62d4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.049073] fff00000c62d4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.049196] >fff00000c62d4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.049297] ^ [ 18.049437] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.049605] fff00000c62d4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.049740] ================================================================== [ 18.013119] ================================================================== [ 18.013262] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.013385] Read of size 1 at addr fff00000c62d4c73 by task kunit_try_catch/196 [ 18.013717] [ 18.013921] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.014139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.014205] Hardware name: linux,dummy-virt (DT) [ 18.014281] Call trace: [ 18.014333] show_stack+0x20/0x38 (C) [ 18.014446] dump_stack_lvl+0x8c/0xd0 [ 18.014566] print_report+0x118/0x608 [ 18.014676] kasan_report+0xdc/0x128 [ 18.014779] __asan_report_load1_noabort+0x20/0x30 [ 18.014891] ksize_unpoisons_memory+0x628/0x740 [ 18.015006] kunit_try_run_case+0x170/0x3f0 [ 18.015118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.015240] kthread+0x328/0x630 [ 18.015345] ret_from_fork+0x10/0x20 [ 18.015456] [ 18.015499] Allocated by task 196: [ 18.016049] kasan_save_stack+0x3c/0x68 [ 18.017125] kasan_save_track+0x20/0x40 [ 18.017214] kasan_save_alloc_info+0x40/0x58 [ 18.017295] __kasan_kmalloc+0xd4/0xd8 [ 18.017362] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.017444] ksize_unpoisons_memory+0xc0/0x740 [ 18.017644] kunit_try_run_case+0x170/0x3f0 [ 18.017863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.017972] kthread+0x328/0x630 [ 18.018056] ret_from_fork+0x10/0x20 [ 18.018139] [ 18.018182] The buggy address belongs to the object at fff00000c62d4c00 [ 18.018182] which belongs to the cache kmalloc-128 of size 128 [ 18.018322] The buggy address is located 0 bytes to the right of [ 18.018322] allocated 115-byte region [fff00000c62d4c00, fff00000c62d4c73) [ 18.018473] [ 18.018832] The buggy address belongs to the physical page: [ 18.019373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 18.019920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.020247] page_type: f5(slab) [ 18.020527] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.020853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.020999] page dumped because: kasan: bad access detected [ 18.021127] [ 18.021170] Memory state around the buggy address: [ 18.021284] fff00000c62d4b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.021435] fff00000c62d4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022011] >fff00000c62d4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.022169] ^ [ 18.022653] fff00000c62d4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022845] fff00000c62d4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022982] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.737393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 20.906523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 20.893297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.520140] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 20.483103] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 52.944678] ================================================================== [ 52.944773] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 52.944773] [ 52.944875] Use-after-free read at 0x00000000e7660cdb (in kfence-#191): [ 52.944932] test_krealloc+0x51c/0x830 [ 52.944981] kunit_try_run_case+0x170/0x3f0 [ 52.945029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.945074] kthread+0x328/0x630 [ 52.945120] ret_from_fork+0x10/0x20 [ 52.945160] [ 52.945187] kfence-#191: 0x00000000e7660cdb-0x00000000bb497690, size=32, cache=kmalloc-32 [ 52.945187] [ 52.945243] allocated by task 339 on cpu 0 at 52.943931s (0.001307s ago): [ 52.945315] test_alloc+0x29c/0x628 [ 52.945354] test_krealloc+0xc0/0x830 [ 52.945392] kunit_try_run_case+0x170/0x3f0 [ 52.945433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.945487] kthread+0x328/0x630 [ 52.945544] ret_from_fork+0x10/0x20 [ 52.945588] [ 52.945615] freed by task 339 on cpu 0 at 52.944232s (0.001379s ago): [ 52.945682] krealloc_noprof+0x148/0x360 [ 52.945721] test_krealloc+0x1dc/0x830 [ 52.945759] kunit_try_run_case+0x170/0x3f0 [ 52.945800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.945844] kthread+0x328/0x630 [ 52.945880] ret_from_fork+0x10/0x20 [ 52.945919] [ 52.945977] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 52.946055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 52.946087] Hardware name: linux,dummy-virt (DT) [ 52.946121] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 52.872211] ================================================================== [ 52.872344] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 52.872344] [ 52.872459] Use-after-free read at 0x0000000043310cb7 (in kfence-#190): [ 52.872518] test_memcache_typesafe_by_rcu+0x280/0x560 [ 52.872593] kunit_try_run_case+0x170/0x3f0 [ 52.872644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.872690] kthread+0x328/0x630 [ 52.872737] ret_from_fork+0x10/0x20 [ 52.872780] [ 52.872807] kfence-#190: 0x0000000043310cb7-0x00000000cac25963, size=32, cache=test [ 52.872807] [ 52.872862] allocated by task 337 on cpu 1 at 52.840354s (0.032503s ago): [ 52.872935] test_alloc+0x230/0x628 [ 52.872978] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 52.873020] kunit_try_run_case+0x170/0x3f0 [ 52.873062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.873107] kthread+0x328/0x630 [ 52.873146] ret_from_fork+0x10/0x20 [ 52.873186] [ 52.873212] freed by task 337 on cpu 1 at 52.840548s (0.032660s ago): [ 52.873271] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 52.873315] kunit_try_run_case+0x170/0x3f0 [ 52.873357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 52.873403] kthread+0x328/0x630 [ 52.873442] ret_from_fork+0x10/0x20 [ 52.873494] [ 52.873567] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 52.873662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 52.873695] Hardware name: linux,dummy-virt (DT) [ 52.873734] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 31.121859] ================================================================== [ 31.122078] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 31.122078] [ 31.122275] Invalid read at 0x00000000276203cf: [ 31.122423] test_invalid_access+0xdc/0x1f0 [ 31.122557] kunit_try_run_case+0x170/0x3f0 [ 31.122674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.122784] kthread+0x328/0x630 [ 31.122874] ret_from_fork+0x10/0x20 [ 31.122989] [ 31.123104] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 31.123292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.123368] Hardware name: linux,dummy-virt (DT) [ 31.123458] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 30.892212] ================================================================== [ 30.892341] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.892341] [ 30.892413] Corrupted memory at 0x000000000e713e25 [ ! . . . . . . . . . . . . . . . ] (in kfence-#185): [ 30.892752] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.892804] kunit_try_run_case+0x170/0x3f0 [ 30.892853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.892901] kthread+0x328/0x630 [ 30.892944] ret_from_fork+0x10/0x20 [ 30.892987] [ 30.893014] kfence-#185: 0x00000000cc4e42ba-0x00000000ab1d4375, size=73, cache=kmalloc-96 [ 30.893014] [ 30.893073] allocated by task 327 on cpu 0 at 30.891862s (0.001206s ago): [ 30.893140] test_alloc+0x29c/0x628 [ 30.893181] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 30.893225] kunit_try_run_case+0x170/0x3f0 [ 30.893268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.893314] kthread+0x328/0x630 [ 30.893353] ret_from_fork+0x10/0x20 [ 30.893395] [ 30.893421] freed by task 327 on cpu 0 at 30.892076s (0.001340s ago): [ 30.893495] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.893554] kunit_try_run_case+0x170/0x3f0 [ 30.893603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.893650] kthread+0x328/0x630 [ 30.893689] ret_from_fork+0x10/0x20 [ 30.893730] [ 30.893790] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 30.893875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.893906] Hardware name: linux,dummy-virt (DT) [ 30.893942] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 30.580595] ================================================================== [ 30.580715] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 30.580715] [ 30.580824] Out-of-bounds read at 0x000000004f7fcf81 (105B right of kfence-#182): [ 30.580890] test_kmalloc_aligned_oob_read+0x238/0x468 [ 30.580940] kunit_try_run_case+0x170/0x3f0 [ 30.580987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.581033] kthread+0x328/0x630 [ 30.581074] ret_from_fork+0x10/0x20 [ 30.581114] [ 30.581141] kfence-#182: 0x00000000c03cd571-0x00000000bf3e670b, size=73, cache=kmalloc-96 [ 30.581141] [ 30.581196] allocated by task 325 on cpu 0 at 30.580258s (0.000934s ago): [ 30.581272] test_alloc+0x29c/0x628 [ 30.581312] test_kmalloc_aligned_oob_read+0x100/0x468 [ 30.581353] kunit_try_run_case+0x170/0x3f0 [ 30.581394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.581440] kthread+0x328/0x630 [ 30.581489] ret_from_fork+0x10/0x20 [ 30.581542] [ 30.581610] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 30.581696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.581726] Hardware name: linux,dummy-virt (DT) [ 30.581763] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.239409] ================================================================== [ 24.239557] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.239557] [ 24.240366] Corrupted memory at 0x00000000e2c62448 [ ! ] (in kfence-#121): [ 24.241131] test_corruption+0x284/0x378 [ 24.241279] kunit_try_run_case+0x170/0x3f0 [ 24.241392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.241503] kthread+0x328/0x630 [ 24.241609] ret_from_fork+0x10/0x20 [ 24.241707] [ 24.241762] kfence-#121: 0x000000005a91cbe5-0x0000000026a3478e, size=32, cache=kmalloc-32 [ 24.241762] [ 24.241890] allocated by task 313 on cpu 0 at 24.237867s (0.004014s ago): [ 24.242024] test_alloc+0x29c/0x628 [ 24.242133] test_corruption+0x198/0x378 [ 24.242242] kunit_try_run_case+0x170/0x3f0 [ 24.242350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.242487] kthread+0x328/0x630 [ 24.242577] ret_from_fork+0x10/0x20 [ 24.242657] [ 24.242704] freed by task 313 on cpu 0 at 24.238260s (0.004438s ago): [ 24.242896] test_corruption+0x284/0x378 [ 24.242988] kunit_try_run_case+0x170/0x3f0 [ 24.243237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.243509] kthread+0x328/0x630 [ 24.243764] ret_from_fork+0x10/0x20 [ 24.244014] [ 24.244154] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.244355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.244418] Hardware name: linux,dummy-virt (DT) [ 24.244479] ================================================================== [ 24.548024] ================================================================== [ 24.548147] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.548147] [ 24.548220] Corrupted memory at 0x00000000713b9bdd [ ! . . . . . . . . . . . . . . . ] (in kfence-#124): [ 24.548557] test_corruption+0x120/0x378 [ 24.548611] kunit_try_run_case+0x170/0x3f0 [ 24.548660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.548707] kthread+0x328/0x630 [ 24.548751] ret_from_fork+0x10/0x20 [ 24.548794] [ 24.548820] kfence-#124: 0x00000000ee0b8114-0x000000006a102c49, size=32, cache=test [ 24.548820] [ 24.548879] allocated by task 315 on cpu 0 at 24.547864s (0.001010s ago): [ 24.548947] test_alloc+0x230/0x628 [ 24.548992] test_corruption+0xdc/0x378 [ 24.549035] kunit_try_run_case+0x170/0x3f0 [ 24.549080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.549129] kthread+0x328/0x630 [ 24.549170] ret_from_fork+0x10/0x20 [ 24.549211] [ 24.549236] freed by task 315 on cpu 0 at 24.547927s (0.001305s ago): [ 24.549301] test_corruption+0x120/0x378 [ 24.549343] kunit_try_run_case+0x170/0x3f0 [ 24.549388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.549438] kthread+0x328/0x630 [ 24.549490] ret_from_fork+0x10/0x20 [ 24.549543] [ 24.549606] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.549692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.549723] Hardware name: linux,dummy-virt (DT) [ 24.549760] ================================================================== [ 24.029163] ================================================================== [ 24.029356] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.029356] [ 24.029483] Corrupted memory at 0x00000000c2a812d5 [ ! . . . . . . . . . . . . . . . ] (in kfence-#119): [ 24.030797] test_corruption+0x278/0x378 [ 24.031199] kunit_try_run_case+0x170/0x3f0 [ 24.031397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.031725] kthread+0x328/0x630 [ 24.031892] ret_from_fork+0x10/0x20 [ 24.032166] [ 24.032314] kfence-#119: 0x0000000089dcae07-0x00000000181d0cc5, size=32, cache=kmalloc-32 [ 24.032314] [ 24.032671] allocated by task 313 on cpu 0 at 24.028598s (0.003959s ago): [ 24.032884] test_alloc+0x29c/0x628 [ 24.033023] test_corruption+0xdc/0x378 [ 24.033113] kunit_try_run_case+0x170/0x3f0 [ 24.033201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.033476] kthread+0x328/0x630 [ 24.033737] ret_from_fork+0x10/0x20 [ 24.034089] [ 24.034173] freed by task 313 on cpu 0 at 24.028777s (0.005385s ago): [ 24.034599] test_corruption+0x278/0x378 [ 24.034732] kunit_try_run_case+0x170/0x3f0 [ 24.034829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.035072] kthread+0x328/0x630 [ 24.035187] ret_from_fork+0x10/0x20 [ 24.035481] [ 24.035633] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.035993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.036074] Hardware name: linux,dummy-virt (DT) [ 24.036138] ================================================================== [ 24.652082] ================================================================== [ 24.652203] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.652203] [ 24.652271] Corrupted memory at 0x00000000a22da401 [ ! ] (in kfence-#125): [ 24.652393] test_corruption+0x1d8/0x378 [ 24.652439] kunit_try_run_case+0x170/0x3f0 [ 24.652488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.652554] kthread+0x328/0x630 [ 24.652605] ret_from_fork+0x10/0x20 [ 24.652646] [ 24.652672] kfence-#125: 0x000000007cca5dfd-0x000000003587d180, size=32, cache=test [ 24.652672] [ 24.652728] allocated by task 315 on cpu 0 at 24.651924s (0.000800s ago): [ 24.652790] test_alloc+0x230/0x628 [ 24.652831] test_corruption+0x198/0x378 [ 24.652869] kunit_try_run_case+0x170/0x3f0 [ 24.652910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.652952] kthread+0x328/0x630 [ 24.652991] ret_from_fork+0x10/0x20 [ 24.653029] [ 24.653054] freed by task 315 on cpu 0 at 24.651987s (0.001063s ago): [ 24.653111] test_corruption+0x1d8/0x378 [ 24.653150] kunit_try_run_case+0x170/0x3f0 [ 24.653191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.653233] kthread+0x328/0x630 [ 24.653272] ret_from_fork+0x10/0x20 [ 24.653310] [ 24.653363] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 24.653443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.653484] Hardware name: linux,dummy-virt (DT) [ 24.653525] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.821850] ================================================================== [ 23.822487] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.822487] [ 23.822638] Invalid free of 0x0000000053827397 (in kfence-#117): [ 23.822756] test_invalid_addr_free+0x1ac/0x238 [ 23.822918] kunit_try_run_case+0x170/0x3f0 [ 23.823028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.823860] kthread+0x328/0x630 [ 23.824266] ret_from_fork+0x10/0x20 [ 23.824696] [ 23.824754] kfence-#117: 0x000000009c393db0-0x00000000bd87fe83, size=32, cache=kmalloc-32 [ 23.824754] [ 23.825099] allocated by task 309 on cpu 0 at 23.821483s (0.003606s ago): [ 23.825468] test_alloc+0x29c/0x628 [ 23.825613] test_invalid_addr_free+0xd4/0x238 [ 23.825786] kunit_try_run_case+0x170/0x3f0 [ 23.825924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.826213] kthread+0x328/0x630 [ 23.826570] ret_from_fork+0x10/0x20 [ 23.826861] [ 23.826985] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.827834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.827948] Hardware name: linux,dummy-virt (DT) [ 23.828422] ================================================================== [ 23.926785] ================================================================== [ 23.926947] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.926947] [ 23.927051] Invalid free of 0x00000000eb63c523 (in kfence-#118): [ 23.927166] test_invalid_addr_free+0xec/0x238 [ 23.927262] kunit_try_run_case+0x170/0x3f0 [ 23.928110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.928304] kthread+0x328/0x630 [ 23.928505] ret_from_fork+0x10/0x20 [ 23.929036] [ 23.929188] kfence-#118: 0x0000000093d1c33a-0x000000000d967dff, size=32, cache=test [ 23.929188] [ 23.929313] allocated by task 311 on cpu 0 at 23.926256s (0.003048s ago): [ 23.929774] test_alloc+0x230/0x628 [ 23.930080] test_invalid_addr_free+0xd4/0x238 [ 23.930411] kunit_try_run_case+0x170/0x3f0 [ 23.930812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.931161] kthread+0x328/0x630 [ 23.931263] ret_from_fork+0x10/0x20 [ 23.931986] [ 23.932227] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.932724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.933003] Hardware name: linux,dummy-virt (DT) [ 23.933271] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.717520] ================================================================== [ 23.717717] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.717717] [ 23.717875] Invalid free of 0x000000001d41ad82 (in kfence-#116): [ 23.717985] test_double_free+0x100/0x238 [ 23.718079] kunit_try_run_case+0x170/0x3f0 [ 23.718174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.718308] kthread+0x328/0x630 [ 23.718421] ret_from_fork+0x10/0x20 [ 23.718537] [ 23.718596] kfence-#116: 0x000000001d41ad82-0x000000007bfba629, size=32, cache=test [ 23.718596] [ 23.718740] allocated by task 307 on cpu 0 at 23.717034s (0.001694s ago): [ 23.718910] test_alloc+0x230/0x628 [ 23.719024] test_double_free+0xd4/0x238 [ 23.719132] kunit_try_run_case+0x170/0x3f0 [ 23.719252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.719339] kthread+0x328/0x630 [ 23.719410] ret_from_fork+0x10/0x20 [ 23.719486] [ 23.719546] freed by task 307 on cpu 0 at 23.717177s (0.002360s ago): [ 23.720079] test_double_free+0xf0/0x238 [ 23.720213] kunit_try_run_case+0x170/0x3f0 [ 23.720298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.720537] kthread+0x328/0x630 [ 23.720626] ret_from_fork+0x10/0x20 [ 23.720718] [ 23.720811] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.721121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.721208] Hardware name: linux,dummy-virt (DT) [ 23.721289] ================================================================== [ 23.616688] ================================================================== [ 23.616893] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.616893] [ 23.617018] Invalid free of 0x00000000bafac7d8 (in kfence-#115): [ 23.617147] test_double_free+0x1bc/0x238 [ 23.617240] kunit_try_run_case+0x170/0x3f0 [ 23.617327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.619346] kthread+0x328/0x630 [ 23.619467] ret_from_fork+0x10/0x20 [ 23.619566] [ 23.619618] kfence-#115: 0x00000000bafac7d8-0x000000007104e12b, size=32, cache=kmalloc-32 [ 23.619618] [ 23.620725] allocated by task 305 on cpu 0 at 23.614296s (0.006400s ago): [ 23.621416] test_alloc+0x29c/0x628 [ 23.621560] test_double_free+0xd4/0x238 [ 23.622242] kunit_try_run_case+0x170/0x3f0 [ 23.622518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.622667] kthread+0x328/0x630 [ 23.622764] ret_from_fork+0x10/0x20 [ 23.622851] [ 23.622907] freed by task 305 on cpu 0 at 23.614410s (0.008489s ago): [ 23.623055] test_double_free+0x1ac/0x238 [ 23.623144] kunit_try_run_case+0x170/0x3f0 [ 23.624376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.624580] kthread+0x328/0x630 [ 23.624835] ret_from_fork+0x10/0x20 [ 23.625247] [ 23.625427] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.625629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.625705] Hardware name: linux,dummy-virt (DT) [ 23.626556] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.300652] ================================================================== [ 23.300872] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.300872] [ 23.301074] Use-after-free read at 0x00000000e756a986 (in kfence-#112): [ 23.301228] test_use_after_free_read+0x114/0x248 [ 23.301367] kunit_try_run_case+0x170/0x3f0 [ 23.301491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.301637] kthread+0x328/0x630 [ 23.301762] ret_from_fork+0x10/0x20 [ 23.301879] [ 23.301953] kfence-#112: 0x00000000e756a986-0x000000004dc4f555, size=32, cache=test [ 23.301953] [ 23.302091] allocated by task 299 on cpu 0 at 23.300278s (0.001806s ago): [ 23.302267] test_alloc+0x230/0x628 [ 23.302390] test_use_after_free_read+0xd0/0x248 [ 23.302510] kunit_try_run_case+0x170/0x3f0 [ 23.302603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.302692] kthread+0x328/0x630 [ 23.302774] ret_from_fork+0x10/0x20 [ 23.302863] [ 23.302916] freed by task 299 on cpu 0 at 23.300377s (0.002530s ago): [ 23.303125] test_use_after_free_read+0xf0/0x248 [ 23.303222] kunit_try_run_case+0x170/0x3f0 [ 23.303312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.303400] kthread+0x328/0x630 [ 23.303483] ret_from_fork+0x10/0x20 [ 23.303582] [ 23.303769] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.303942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.303997] Hardware name: linux,dummy-virt (DT) [ 23.304215] ================================================================== [ 23.198908] ================================================================== [ 23.199221] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.199221] [ 23.199714] Use-after-free read at 0x000000008356e26b (in kfence-#111): [ 23.199813] test_use_after_free_read+0x114/0x248 [ 23.200092] kunit_try_run_case+0x170/0x3f0 [ 23.200520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.200663] kthread+0x328/0x630 [ 23.200782] ret_from_fork+0x10/0x20 [ 23.200890] [ 23.200974] kfence-#111: 0x000000008356e26b-0x0000000061cdbf12, size=32, cache=kmalloc-32 [ 23.200974] [ 23.201108] allocated by task 297 on cpu 0 at 23.197754s (0.003345s ago): [ 23.201270] test_alloc+0x29c/0x628 [ 23.201363] test_use_after_free_read+0xd0/0x248 [ 23.201472] kunit_try_run_case+0x170/0x3f0 [ 23.201600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.201758] kthread+0x328/0x630 [ 23.201885] ret_from_fork+0x10/0x20 [ 23.201996] [ 23.202063] freed by task 297 on cpu 0 at 23.197880s (0.004171s ago): [ 23.202268] test_use_after_free_read+0x1c0/0x248 [ 23.202402] kunit_try_run_case+0x170/0x3f0 [ 23.202502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.202607] kthread+0x328/0x630 [ 23.202690] ret_from_fork+0x10/0x20 [ 23.202783] [ 23.202890] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.203047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.203121] Hardware name: linux,dummy-virt (DT) [ 23.203201] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.093999] ================================================================== [ 23.094255] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.094255] [ 23.094427] Out-of-bounds write at 0x0000000036c836c3 (1B left of kfence-#110): [ 23.094564] test_out_of_bounds_write+0x100/0x240 [ 23.094665] kunit_try_run_case+0x170/0x3f0 [ 23.094776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.094892] kthread+0x328/0x630 [ 23.095078] ret_from_fork+0x10/0x20 [ 23.095209] [ 23.095327] kfence-#110: 0x0000000042ea4e51-0x0000000094daf49b, size=32, cache=test [ 23.095327] [ 23.095440] allocated by task 295 on cpu 0 at 23.093829s (0.001602s ago): [ 23.095652] test_alloc+0x230/0x628 [ 23.095741] test_out_of_bounds_write+0xc8/0x240 [ 23.095925] kunit_try_run_case+0x170/0x3f0 [ 23.096273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.096422] kthread+0x328/0x630 [ 23.096510] ret_from_fork+0x10/0x20 [ 23.097120] [ 23.097731] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 23.098055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.098163] Hardware name: linux,dummy-virt (DT) [ 23.098439] ================================================================== [ 22.988859] ================================================================== [ 22.989015] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.989015] [ 22.989206] Out-of-bounds write at 0x00000000986c305b (1B left of kfence-#109): [ 22.989641] test_out_of_bounds_write+0x100/0x240 [ 22.989902] kunit_try_run_case+0x170/0x3f0 [ 22.990022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.990179] kthread+0x328/0x630 [ 22.990284] ret_from_fork+0x10/0x20 [ 22.990381] [ 22.990449] kfence-#109: 0x000000009b4c1765-0x000000001346d2dc, size=32, cache=kmalloc-32 [ 22.990449] [ 22.990605] allocated by task 293 on cpu 0 at 22.988543s (0.002053s ago): [ 22.990805] test_alloc+0x29c/0x628 [ 22.990897] test_out_of_bounds_write+0xc8/0x240 [ 22.990990] kunit_try_run_case+0x170/0x3f0 [ 22.991090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.991192] kthread+0x328/0x630 [ 22.991275] ret_from_fork+0x10/0x20 [ 22.991400] [ 22.991502] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 22.992051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.992147] Hardware name: linux,dummy-virt (DT) [ 22.992386] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.365229] ================================================================== [ 22.365448] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.365448] [ 22.365692] Out-of-bounds read at 0x0000000038dca8a1 (1B left of kfence-#103): [ 22.366013] test_out_of_bounds_read+0x114/0x3e0 [ 22.366120] kunit_try_run_case+0x170/0x3f0 [ 22.366235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.366340] kthread+0x328/0x630 [ 22.366644] ret_from_fork+0x10/0x20 [ 22.366764] [ 22.366834] kfence-#103: 0x0000000015b080d7-0x0000000078f919b0, size=32, cache=test [ 22.366834] [ 22.367008] allocated by task 291 on cpu 0 at 22.364971s (0.002027s ago): [ 22.367472] test_alloc+0x230/0x628 [ 22.367652] test_out_of_bounds_read+0xdc/0x3e0 [ 22.367873] kunit_try_run_case+0x170/0x3f0 [ 22.368203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.368385] kthread+0x328/0x630 [ 22.368469] ret_from_fork+0x10/0x20 [ 22.368648] [ 22.368857] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 22.369079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.369336] Hardware name: linux,dummy-virt (DT) [ 22.369596] ================================================================== [ 22.156818] ================================================================== [ 22.156968] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.156968] [ 22.157163] Out-of-bounds read at 0x000000009f96cf92 (32B right of kfence-#101): [ 22.157289] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.157397] kunit_try_run_case+0x170/0x3f0 [ 22.157508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.157632] kthread+0x328/0x630 [ 22.157722] ret_from_fork+0x10/0x20 [ 22.157810] [ 22.157869] kfence-#101: 0x00000000c07d91fe-0x0000000004d0d87f, size=32, cache=kmalloc-32 [ 22.157869] [ 22.157988] allocated by task 289 on cpu 0 at 22.156343s (0.001636s ago): [ 22.158132] test_alloc+0x29c/0x628 [ 22.158220] test_out_of_bounds_read+0x198/0x3e0 [ 22.158316] kunit_try_run_case+0x170/0x3f0 [ 22.158410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.158510] kthread+0x328/0x630 [ 22.158602] ret_from_fork+0x10/0x20 [ 22.158685] [ 22.158779] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 22.159199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.159435] Hardware name: linux,dummy-virt (DT) [ 22.159488] ================================================================== [ 21.950745] ================================================================== [ 21.951031] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.951031] [ 21.951298] Out-of-bounds read at 0x000000007b7cf928 (1B left of kfence-#99): [ 21.951807] test_out_of_bounds_read+0x114/0x3e0 [ 21.951939] kunit_try_run_case+0x170/0x3f0 [ 21.952038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.952138] kthread+0x328/0x630 [ 21.952231] ret_from_fork+0x10/0x20 [ 21.952319] [ 21.952368] kfence-#99: 0x0000000097b45901-0x00000000d050b7f8, size=32, cache=kmalloc-32 [ 21.952368] [ 21.952588] allocated by task 289 on cpu 0 at 21.948513s (0.003943s ago): [ 21.952915] test_alloc+0x29c/0x628 [ 21.953400] test_out_of_bounds_read+0xdc/0x3e0 [ 21.953607] kunit_try_run_case+0x170/0x3f0 [ 21.953700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.954661] kthread+0x328/0x630 [ 21.954750] ret_from_fork+0x10/0x20 [ 21.955580] [ 21.956216] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.956737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.957524] Hardware name: linux,dummy-virt (DT) [ 21.957744] ================================================================== [ 22.678809] ================================================================== [ 22.679003] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.679003] [ 22.679163] Out-of-bounds read at 0x000000000fdba11f (32B right of kfence-#106): [ 22.679292] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.680449] kunit_try_run_case+0x170/0x3f0 [ 22.680574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.680664] kthread+0x328/0x630 [ 22.680745] ret_from_fork+0x10/0x20 [ 22.681242] [ 22.681306] kfence-#106: 0x00000000fa3a127c-0x000000002f16dccc, size=32, cache=test [ 22.681306] [ 22.681849] allocated by task 291 on cpu 0 at 22.677304s (0.004531s ago): [ 22.682020] test_alloc+0x230/0x628 [ 22.682566] test_out_of_bounds_read+0x198/0x3e0 [ 22.683120] kunit_try_run_case+0x170/0x3f0 [ 22.683658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.683919] kthread+0x328/0x630 [ 22.684116] ret_from_fork+0x10/0x20 [ 22.684228] [ 22.684329] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 22.684511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.684590] Hardware name: linux,dummy-virt (DT) [ 22.684667] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 17.302160] ================================================================== [ 17.302335] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 17.302335] [ 17.302483] Corrupted memory at 0x0000000006c569e0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#64): [ 17.305547] kmalloc_track_caller_oob_right+0x224/0x488 [ 17.305665] kunit_try_run_case+0x170/0x3f0 [ 17.305747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.305939] kthread+0x328/0x630 [ 17.306028] ret_from_fork+0x10/0x20 [ 17.307509] [ 17.307949] kfence-#64: 0x000000001d53cc96-0x0000000059c06d98, size=120, cache=kmalloc-128 [ 17.307949] [ 17.308583] allocated by task 144 on cpu 1 at 17.298937s (0.009523s ago): [ 17.308847] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.308994] kunit_try_run_case+0x170/0x3f0 [ 17.309113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.309247] kthread+0x328/0x630 [ 17.309322] ret_from_fork+0x10/0x20 [ 17.309470] [ 17.309783] freed by task 144 on cpu 1 at 17.300903s (0.008661s ago): [ 17.309989] kmalloc_track_caller_oob_right+0x224/0x488 [ 17.310086] kunit_try_run_case+0x170/0x3f0 [ 17.310169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.310298] kthread+0x328/0x630 [ 17.310373] ret_from_fork+0x10/0x20 [ 17.310506] [ 17.310936] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.311123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.311187] Hardware name: linux,dummy-virt (DT) [ 17.311262] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-cs_dsp_mock_bin_add_name_or_infoisra
[ 170.737022] ================================================================== [ 170.737179] BUG: KASAN: global-out-of-bounds in cs_dsp_mock_bin_add_name_or_info.isra.0+0x19c/0x348 [ 170.737335] Read of size 12 at addr ffff9a6056144de0 by task kunit_try_catch/3323 [ 170.737415] [ 170.737524] CPU: 1 UID: 0 PID: 3323 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT [ 170.737705] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 170.737760] Hardware name: linux,dummy-virt (DT) [ 170.737827] Call trace: [ 170.737888] show_stack+0x20/0x38 (C) [ 170.737988] dump_stack_lvl+0x8c/0xd0 [ 170.738086] print_report+0x310/0x608 [ 170.738181] kasan_report+0xdc/0x128 [ 170.738267] kasan_check_range+0x100/0x1a8 [ 170.738354] __asan_memcpy+0x3c/0x98 [ 170.738439] cs_dsp_mock_bin_add_name_or_info.isra.0+0x19c/0x348 [ 170.738524] cs_dsp_mock_bin_add_info+0x18/0x30 [ 170.738641] bin_patch_name_and_info+0x168/0x6b0 [ 170.738728] kunit_try_run_case+0x170/0x3f0 [ 170.738813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 170.738904] kthread+0x328/0x630 [ 170.738964] ret_from_fork+0x10/0x20 [ 170.739019] [ 170.739042] The buggy address belongs to the variable: [ 170.739066] __loc.0+0x2c0/0x3a0 [ 170.739113] [ 170.739192] The buggy address belongs to the virtual mapping at [ 170.739192] [ffff9a6054e50000, ffff9a6056b60000) created by: [ 170.739192] paging_init+0x620/0x7d0 [ 170.739251] [ 170.739356] The buggy address belongs to the physical page: [ 170.739415] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44f44 [ 170.739494] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 170.739626] raw: 03fffe0000002000 ffffc1ffc013d108 ffffc1ffc013d108 0000000000000000 [ 170.739692] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 170.739779] page dumped because: kasan: bad access detected [ 170.739829] [ 170.739875] Memory state around the buggy address: [ 170.739937] ffff9a6056144c80: f9 f9 f9 f9 00 00 00 01 f9 f9 f9 f9 03 f9 f9 f9 [ 170.740002] ffff9a6056144d00: f9 f9 f9 f9 00 00 06 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 170.740058] >ffff9a6056144d80: f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 170.740110] ^ [ 170.740159] ffff9a6056144e00: f9 f9 f9 f9 00 00 00 00 00 07 f9 f9 f9 f9 f9 f9 [ 170.740190] ffff9a6056144e80: 00 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 170.740219] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.681845] ================================================================== [ 21.681991] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.682116] Write of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.682471] [ 21.682575] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.682772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.682835] Hardware name: linux,dummy-virt (DT) [ 21.682911] Call trace: [ 21.682963] show_stack+0x20/0x38 (C) [ 21.683075] dump_stack_lvl+0x8c/0xd0 [ 21.683178] print_report+0x118/0x608 [ 21.683558] kasan_report+0xdc/0x128 [ 21.683689] kasan_check_range+0x100/0x1a8 [ 21.683918] __kasan_check_write+0x20/0x30 [ 21.684145] strncpy_from_user+0x3c/0x2a0 [ 21.684345] copy_user_test_oob+0x5c0/0xec8 [ 21.684910] kunit_try_run_case+0x170/0x3f0 [ 21.685059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.685199] kthread+0x328/0x630 [ 21.685305] ret_from_fork+0x10/0x20 [ 21.685786] [ 21.685841] Allocated by task 287: [ 21.686435] kasan_save_stack+0x3c/0x68 [ 21.686840] kasan_save_track+0x20/0x40 [ 21.686929] kasan_save_alloc_info+0x40/0x58 [ 21.687081] __kasan_kmalloc+0xd4/0xd8 [ 21.687168] __kmalloc_noprof+0x190/0x4d0 [ 21.687249] kunit_kmalloc_array+0x34/0x88 [ 21.687334] copy_user_test_oob+0xac/0xec8 [ 21.687417] kunit_try_run_case+0x170/0x3f0 [ 21.687826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.688291] kthread+0x328/0x630 [ 21.688394] ret_from_fork+0x10/0x20 [ 21.688790] [ 21.689102] The buggy address belongs to the object at fff00000c42a5300 [ 21.689102] which belongs to the cache kmalloc-128 of size 128 [ 21.689449] The buggy address is located 0 bytes inside of [ 21.689449] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.689763] [ 21.689973] The buggy address belongs to the physical page: [ 21.690048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.690604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.690743] page_type: f5(slab) [ 21.690835] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.691456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.691883] page dumped because: kasan: bad access detected [ 21.692096] [ 21.692140] Memory state around the buggy address: [ 21.692445] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.692588] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.693197] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.693514] ^ [ 21.694049] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.694163] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.694650] ================================================================== [ 21.698297] ================================================================== [ 21.698437] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.699358] Write of size 1 at addr fff00000c42a5378 by task kunit_try_catch/287 [ 21.699994] [ 21.700524] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.700752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.700885] Hardware name: linux,dummy-virt (DT) [ 21.700956] Call trace: [ 21.701249] show_stack+0x20/0x38 (C) [ 21.701857] dump_stack_lvl+0x8c/0xd0 [ 21.702064] print_report+0x118/0x608 [ 21.702173] kasan_report+0xdc/0x128 [ 21.702462] __asan_report_store1_noabort+0x20/0x30 [ 21.702818] strncpy_from_user+0x270/0x2a0 [ 21.703199] copy_user_test_oob+0x5c0/0xec8 [ 21.703387] kunit_try_run_case+0x170/0x3f0 [ 21.703715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.703865] kthread+0x328/0x630 [ 21.703975] ret_from_fork+0x10/0x20 [ 21.704375] [ 21.704775] Allocated by task 287: [ 21.704905] kasan_save_stack+0x3c/0x68 [ 21.705310] kasan_save_track+0x20/0x40 [ 21.705563] kasan_save_alloc_info+0x40/0x58 [ 21.705870] __kasan_kmalloc+0xd4/0xd8 [ 21.706177] __kmalloc_noprof+0x190/0x4d0 [ 21.706440] kunit_kmalloc_array+0x34/0x88 [ 21.706575] copy_user_test_oob+0xac/0xec8 [ 21.707187] kunit_try_run_case+0x170/0x3f0 [ 21.707401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.707511] kthread+0x328/0x630 [ 21.707992] ret_from_fork+0x10/0x20 [ 21.708367] [ 21.708473] The buggy address belongs to the object at fff00000c42a5300 [ 21.708473] which belongs to the cache kmalloc-128 of size 128 [ 21.708803] The buggy address is located 0 bytes to the right of [ 21.708803] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.709201] [ 21.709411] The buggy address belongs to the physical page: [ 21.709729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.709871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.709990] page_type: f5(slab) [ 21.711703] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.711853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.711966] page dumped because: kasan: bad access detected [ 21.712049] [ 21.712100] Memory state around the buggy address: [ 21.712356] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.712474] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.712596] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.712819] ^ [ 21.712924] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713031] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.613217] ================================================================== [ 21.613406] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.613585] Read of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.613808] [ 21.613939] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.614146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.614211] Hardware name: linux,dummy-virt (DT) [ 21.614315] Call trace: [ 21.614392] show_stack+0x20/0x38 (C) [ 21.614559] dump_stack_lvl+0x8c/0xd0 [ 21.614713] print_report+0x118/0x608 [ 21.614854] kasan_report+0xdc/0x128 [ 21.614991] kasan_check_range+0x100/0x1a8 [ 21.615150] __kasan_check_read+0x20/0x30 [ 21.615264] copy_user_test_oob+0x728/0xec8 [ 21.615406] kunit_try_run_case+0x170/0x3f0 [ 21.615560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.615674] kthread+0x328/0x630 [ 21.615778] ret_from_fork+0x10/0x20 [ 21.616202] [ 21.616314] Allocated by task 287: [ 21.616589] kasan_save_stack+0x3c/0x68 [ 21.616686] kasan_save_track+0x20/0x40 [ 21.616776] kasan_save_alloc_info+0x40/0x58 [ 21.616860] __kasan_kmalloc+0xd4/0xd8 [ 21.616939] __kmalloc_noprof+0x190/0x4d0 [ 21.616983] kunit_kmalloc_array+0x34/0x88 [ 21.617026] copy_user_test_oob+0xac/0xec8 [ 21.617063] kunit_try_run_case+0x170/0x3f0 [ 21.617144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.617236] kthread+0x328/0x630 [ 21.618187] ret_from_fork+0x10/0x20 [ 21.618356] [ 21.618437] The buggy address belongs to the object at fff00000c42a5300 [ 21.618437] which belongs to the cache kmalloc-128 of size 128 [ 21.619084] The buggy address is located 0 bytes inside of [ 21.619084] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.619576] [ 21.619877] The buggy address belongs to the physical page: [ 21.620207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.620381] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.620491] page_type: f5(slab) [ 21.620594] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.620712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.620812] page dumped because: kasan: bad access detected [ 21.620898] [ 21.620944] Memory state around the buggy address: [ 21.622540] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.622681] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.622784] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.622888] ^ [ 21.623067] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.623505] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.623898] ================================================================== [ 21.656954] ================================================================== [ 21.657078] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.657182] Write of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.657294] [ 21.657382] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.657598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.657664] Hardware name: linux,dummy-virt (DT) [ 21.658038] Call trace: [ 21.658265] show_stack+0x20/0x38 (C) [ 21.658501] dump_stack_lvl+0x8c/0xd0 [ 21.658628] print_report+0x118/0x608 [ 21.658750] kasan_report+0xdc/0x128 [ 21.658915] kasan_check_range+0x100/0x1a8 [ 21.659032] __kasan_check_write+0x20/0x30 [ 21.659194] copy_user_test_oob+0x434/0xec8 [ 21.659318] kunit_try_run_case+0x170/0x3f0 [ 21.659418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.659581] kthread+0x328/0x630 [ 21.659886] ret_from_fork+0x10/0x20 [ 21.660031] [ 21.660307] Allocated by task 287: [ 21.660510] kasan_save_stack+0x3c/0x68 [ 21.660662] kasan_save_track+0x20/0x40 [ 21.660786] kasan_save_alloc_info+0x40/0x58 [ 21.660876] __kasan_kmalloc+0xd4/0xd8 [ 21.660941] __kmalloc_noprof+0x190/0x4d0 [ 21.661015] kunit_kmalloc_array+0x34/0x88 [ 21.661099] copy_user_test_oob+0xac/0xec8 [ 21.661185] kunit_try_run_case+0x170/0x3f0 [ 21.661279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.661387] kthread+0x328/0x630 [ 21.661495] ret_from_fork+0x10/0x20 [ 21.661648] [ 21.661729] The buggy address belongs to the object at fff00000c42a5300 [ 21.661729] which belongs to the cache kmalloc-128 of size 128 [ 21.661930] The buggy address is located 0 bytes inside of [ 21.661930] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.662145] [ 21.662214] The buggy address belongs to the physical page: [ 21.662328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.662466] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.662577] page_type: f5(slab) [ 21.662653] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.662789] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.662931] page dumped because: kasan: bad access detected [ 21.663145] [ 21.663225] Memory state around the buggy address: [ 21.663306] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.663664] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.663822] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.663933] ^ [ 21.664244] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.664411] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.664495] ================================================================== [ 21.593915] ================================================================== [ 21.594728] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.594912] Write of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.595041] [ 21.595146] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.595362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.595434] Hardware name: linux,dummy-virt (DT) [ 21.595515] Call trace: [ 21.595589] show_stack+0x20/0x38 (C) [ 21.595708] dump_stack_lvl+0x8c/0xd0 [ 21.595830] print_report+0x118/0x608 [ 21.595934] kasan_report+0xdc/0x128 [ 21.596032] kasan_check_range+0x100/0x1a8 [ 21.596141] __kasan_check_write+0x20/0x30 [ 21.596251] copy_user_test_oob+0x234/0xec8 [ 21.596361] kunit_try_run_case+0x170/0x3f0 [ 21.596476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.596616] kthread+0x328/0x630 [ 21.596717] ret_from_fork+0x10/0x20 [ 21.596871] [ 21.596933] Allocated by task 287: [ 21.597027] kasan_save_stack+0x3c/0x68 [ 21.597838] kasan_save_track+0x20/0x40 [ 21.597942] kasan_save_alloc_info+0x40/0x58 [ 21.598072] __kasan_kmalloc+0xd4/0xd8 [ 21.598174] __kmalloc_noprof+0x190/0x4d0 [ 21.598260] kunit_kmalloc_array+0x34/0x88 [ 21.598389] copy_user_test_oob+0xac/0xec8 [ 21.598509] kunit_try_run_case+0x170/0x3f0 [ 21.598657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.598762] kthread+0x328/0x630 [ 21.598853] ret_from_fork+0x10/0x20 [ 21.598983] [ 21.599040] The buggy address belongs to the object at fff00000c42a5300 [ 21.599040] which belongs to the cache kmalloc-128 of size 128 [ 21.599162] The buggy address is located 0 bytes inside of [ 21.599162] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.599639] [ 21.599704] The buggy address belongs to the physical page: [ 21.599782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.599942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.600087] page_type: f5(slab) [ 21.600191] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.600300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.600640] page dumped because: kasan: bad access detected [ 21.600776] [ 21.600854] Memory state around the buggy address: [ 21.600972] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.601119] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.601222] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.601326] ^ [ 21.601483] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.601616] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.601714] ================================================================== [ 21.647146] ================================================================== [ 21.647266] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.647374] Read of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.647488] [ 21.647623] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.648163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.648372] Hardware name: linux,dummy-virt (DT) [ 21.648509] Call trace: [ 21.648569] show_stack+0x20/0x38 (C) [ 21.649006] dump_stack_lvl+0x8c/0xd0 [ 21.649399] print_report+0x118/0x608 [ 21.649576] kasan_report+0xdc/0x128 [ 21.649724] kasan_check_range+0x100/0x1a8 [ 21.649833] __kasan_check_read+0x20/0x30 [ 21.650036] copy_user_test_oob+0x3c8/0xec8 [ 21.650313] kunit_try_run_case+0x170/0x3f0 [ 21.650430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.650636] kthread+0x328/0x630 [ 21.651027] ret_from_fork+0x10/0x20 [ 21.651189] [ 21.651239] Allocated by task 287: [ 21.651811] kasan_save_stack+0x3c/0x68 [ 21.652060] kasan_save_track+0x20/0x40 [ 21.652205] kasan_save_alloc_info+0x40/0x58 [ 21.652311] __kasan_kmalloc+0xd4/0xd8 [ 21.652395] __kmalloc_noprof+0x190/0x4d0 [ 21.652476] kunit_kmalloc_array+0x34/0x88 [ 21.652575] copy_user_test_oob+0xac/0xec8 [ 21.652669] kunit_try_run_case+0x170/0x3f0 [ 21.652764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.652913] kthread+0x328/0x630 [ 21.653030] ret_from_fork+0x10/0x20 [ 21.653150] [ 21.653205] The buggy address belongs to the object at fff00000c42a5300 [ 21.653205] which belongs to the cache kmalloc-128 of size 128 [ 21.653416] The buggy address is located 0 bytes inside of [ 21.653416] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.653586] [ 21.653637] The buggy address belongs to the physical page: [ 21.653705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.653865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.654192] page_type: f5(slab) [ 21.654276] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.654387] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.654484] page dumped because: kasan: bad access detected [ 21.654569] [ 21.654610] Memory state around the buggy address: [ 21.655068] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.655225] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.655351] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.655462] ^ [ 21.655566] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.655800] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.656003] ================================================================== [ 21.637042] ================================================================== [ 21.637252] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.637375] Write of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.637493] [ 21.637594] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.638075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.638162] Hardware name: linux,dummy-virt (DT) [ 21.638249] Call trace: [ 21.638305] show_stack+0x20/0x38 (C) [ 21.638421] dump_stack_lvl+0x8c/0xd0 [ 21.638539] print_report+0x118/0x608 [ 21.638648] kasan_report+0xdc/0x128 [ 21.638755] kasan_check_range+0x100/0x1a8 [ 21.638866] __kasan_check_write+0x20/0x30 [ 21.639400] copy_user_test_oob+0x35c/0xec8 [ 21.639656] kunit_try_run_case+0x170/0x3f0 [ 21.639879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.640115] kthread+0x328/0x630 [ 21.640480] ret_from_fork+0x10/0x20 [ 21.640677] [ 21.640727] Allocated by task 287: [ 21.640798] kasan_save_stack+0x3c/0x68 [ 21.640881] kasan_save_track+0x20/0x40 [ 21.641016] kasan_save_alloc_info+0x40/0x58 [ 21.641115] __kasan_kmalloc+0xd4/0xd8 [ 21.641367] __kmalloc_noprof+0x190/0x4d0 [ 21.641848] kunit_kmalloc_array+0x34/0x88 [ 21.642024] copy_user_test_oob+0xac/0xec8 [ 21.642124] kunit_try_run_case+0x170/0x3f0 [ 21.642210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.642661] kthread+0x328/0x630 [ 21.643174] ret_from_fork+0x10/0x20 [ 21.643334] [ 21.643412] The buggy address belongs to the object at fff00000c42a5300 [ 21.643412] which belongs to the cache kmalloc-128 of size 128 [ 21.643632] The buggy address is located 0 bytes inside of [ 21.643632] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.643839] [ 21.643886] The buggy address belongs to the physical page: [ 21.643959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.644123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.644296] page_type: f5(slab) [ 21.644396] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.644564] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.644656] page dumped because: kasan: bad access detected [ 21.644735] [ 21.644791] Memory state around the buggy address: [ 21.645059] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.645221] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.645566] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.645698] ^ [ 21.645813] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.645950] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.646040] ================================================================== [ 21.666526] ================================================================== [ 21.666759] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.667185] Read of size 121 at addr fff00000c42a5300 by task kunit_try_catch/287 [ 21.667371] [ 21.667451] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.667859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.667944] Hardware name: linux,dummy-virt (DT) [ 21.668009] Call trace: [ 21.668050] show_stack+0x20/0x38 (C) [ 21.668158] dump_stack_lvl+0x8c/0xd0 [ 21.668257] print_report+0x118/0x608 [ 21.668629] kasan_report+0xdc/0x128 [ 21.669077] kasan_check_range+0x100/0x1a8 [ 21.669309] __kasan_check_read+0x20/0x30 [ 21.669557] copy_user_test_oob+0x4a0/0xec8 [ 21.669696] kunit_try_run_case+0x170/0x3f0 [ 21.669811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.669926] kthread+0x328/0x630 [ 21.670030] ret_from_fork+0x10/0x20 [ 21.670152] [ 21.670204] Allocated by task 287: [ 21.671314] kasan_save_stack+0x3c/0x68 [ 21.671548] kasan_save_track+0x20/0x40 [ 21.671657] kasan_save_alloc_info+0x40/0x58 [ 21.671837] __kasan_kmalloc+0xd4/0xd8 [ 21.671974] __kmalloc_noprof+0x190/0x4d0 [ 21.672064] kunit_kmalloc_array+0x34/0x88 [ 21.672147] copy_user_test_oob+0xac/0xec8 [ 21.672214] kunit_try_run_case+0x170/0x3f0 [ 21.672278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.672362] kthread+0x328/0x630 [ 21.672425] ret_from_fork+0x10/0x20 [ 21.672488] [ 21.672539] The buggy address belongs to the object at fff00000c42a5300 [ 21.672539] which belongs to the cache kmalloc-128 of size 128 [ 21.672669] The buggy address is located 0 bytes inside of [ 21.672669] allocated 120-byte region [fff00000c42a5300, fff00000c42a5378) [ 21.672813] [ 21.675465] The buggy address belongs to the physical page: [ 21.675598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.675739] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.675856] page_type: f5(slab) [ 21.675945] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.676057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.676135] page dumped because: kasan: bad access detected [ 21.676200] [ 21.676241] Memory state around the buggy address: [ 21.676315] fff00000c42a5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.676420] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.676525] >fff00000c42a5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.676631] ^ [ 21.676732] fff00000c42a5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.676837] fff00000c42a5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.677370] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.510388] ================================================================== [ 21.510600] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.510947] Read of size 8 at addr fff00000c42a5278 by task kunit_try_catch/283 [ 21.511095] [ 21.511440] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.511853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.512081] Hardware name: linux,dummy-virt (DT) [ 21.512219] Call trace: [ 21.512489] show_stack+0x20/0x38 (C) [ 21.512660] dump_stack_lvl+0x8c/0xd0 [ 21.512768] print_report+0x118/0x608 [ 21.513041] kasan_report+0xdc/0x128 [ 21.513168] __asan_report_load8_noabort+0x20/0x30 [ 21.513298] copy_to_kernel_nofault+0x204/0x250 [ 21.513422] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.513574] kunit_try_run_case+0x170/0x3f0 [ 21.513705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.513848] kthread+0x328/0x630 [ 21.513966] ret_from_fork+0x10/0x20 [ 21.514088] [ 21.514140] Allocated by task 283: [ 21.514214] kasan_save_stack+0x3c/0x68 [ 21.514313] kasan_save_track+0x20/0x40 [ 21.514403] kasan_save_alloc_info+0x40/0x58 [ 21.514497] __kasan_kmalloc+0xd4/0xd8 [ 21.515154] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.515388] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.515492] kunit_try_run_case+0x170/0x3f0 [ 21.515782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.515904] kthread+0x328/0x630 [ 21.515994] ret_from_fork+0x10/0x20 [ 21.516080] [ 21.516255] The buggy address belongs to the object at fff00000c42a5200 [ 21.516255] which belongs to the cache kmalloc-128 of size 128 [ 21.516714] The buggy address is located 0 bytes to the right of [ 21.516714] allocated 120-byte region [fff00000c42a5200, fff00000c42a5278) [ 21.517461] [ 21.517553] The buggy address belongs to the physical page: [ 21.517628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.517755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.517884] page_type: f5(slab) [ 21.517982] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.518439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.518608] page dumped because: kasan: bad access detected [ 21.519013] [ 21.519096] Memory state around the buggy address: [ 21.519228] fff00000c42a5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.519341] fff00000c42a5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519438] >fff00000c42a5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.519512] ^ [ 21.519614] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519713] fff00000c42a5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519813] ================================================================== [ 21.523388] ================================================================== [ 21.523642] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.523770] Write of size 8 at addr fff00000c42a5278 by task kunit_try_catch/283 [ 21.523872] [ 21.523954] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.524146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.524214] Hardware name: linux,dummy-virt (DT) [ 21.524749] Call trace: [ 21.524821] show_stack+0x20/0x38 (C) [ 21.525004] dump_stack_lvl+0x8c/0xd0 [ 21.525345] print_report+0x118/0x608 [ 21.525610] kasan_report+0xdc/0x128 [ 21.525734] kasan_check_range+0x100/0x1a8 [ 21.525845] __kasan_check_write+0x20/0x30 [ 21.525960] copy_to_kernel_nofault+0x8c/0x250 [ 21.526076] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.526197] kunit_try_run_case+0x170/0x3f0 [ 21.526319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.526455] kthread+0x328/0x630 [ 21.527006] ret_from_fork+0x10/0x20 [ 21.527224] [ 21.527270] Allocated by task 283: [ 21.527376] kasan_save_stack+0x3c/0x68 [ 21.527562] kasan_save_track+0x20/0x40 [ 21.527654] kasan_save_alloc_info+0x40/0x58 [ 21.527961] __kasan_kmalloc+0xd4/0xd8 [ 21.528112] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.528205] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.528290] kunit_try_run_case+0x170/0x3f0 [ 21.528454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.528580] kthread+0x328/0x630 [ 21.528711] ret_from_fork+0x10/0x20 [ 21.528796] [ 21.528840] The buggy address belongs to the object at fff00000c42a5200 [ 21.528840] which belongs to the cache kmalloc-128 of size 128 [ 21.529167] The buggy address is located 0 bytes to the right of [ 21.529167] allocated 120-byte region [fff00000c42a5200, fff00000c42a5278) [ 21.529326] [ 21.529378] The buggy address belongs to the physical page: [ 21.529450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a5 [ 21.529608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.530498] page_type: f5(slab) [ 21.530618] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.531127] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.531679] page dumped because: kasan: bad access detected [ 21.531792] [ 21.531894] Memory state around the buggy address: [ 21.531988] fff00000c42a5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.532257] fff00000c42a5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532356] >fff00000c42a5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.532638] ^ [ 21.532757] fff00000c42a5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532861] fff00000c42a5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.532952] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.408474] ================================================================== [ 21.408609] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.408718] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 21.408837] [ 21.408922] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.409121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.409185] Hardware name: linux,dummy-virt (DT) [ 21.409259] Call trace: [ 21.409317] show_stack+0x20/0x38 (C) [ 21.409442] dump_stack_lvl+0x8c/0xd0 [ 21.409582] print_report+0x310/0x608 [ 21.409671] kasan_report+0xdc/0x128 [ 21.409770] __asan_report_load1_noabort+0x20/0x30 [ 21.409893] vmalloc_oob+0x51c/0x5d0 [ 21.410040] kunit_try_run_case+0x170/0x3f0 [ 21.410146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.410253] kthread+0x328/0x630 [ 21.410357] ret_from_fork+0x10/0x20 [ 21.410521] [ 21.410625] The buggy address belongs to the virtual mapping at [ 21.410625] [ffff80008010b000, ffff80008010d000) created by: [ 21.410625] vmalloc_oob+0x98/0x5d0 [ 21.410876] [ 21.410952] The buggy address belongs to the physical page: [ 21.411057] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10630d [ 21.411172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.411338] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.411474] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.411577] page dumped because: kasan: bad access detected [ 21.411653] [ 21.411708] Memory state around the buggy address: [ 21.411782] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.411876] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.411974] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.412084] ^ [ 21.412221] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.412354] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.412455] ================================================================== [ 21.396523] ================================================================== [ 21.396695] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.397820] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 21.398151] [ 21.398297] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.398843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.398924] Hardware name: linux,dummy-virt (DT) [ 21.398999] Call trace: [ 21.399055] show_stack+0x20/0x38 (C) [ 21.399175] dump_stack_lvl+0x8c/0xd0 [ 21.399564] print_report+0x310/0x608 [ 21.400274] kasan_report+0xdc/0x128 [ 21.400387] __asan_report_load1_noabort+0x20/0x30 [ 21.400943] vmalloc_oob+0x578/0x5d0 [ 21.401082] kunit_try_run_case+0x170/0x3f0 [ 21.401409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.401730] kthread+0x328/0x630 [ 21.401898] ret_from_fork+0x10/0x20 [ 21.402008] [ 21.402426] The buggy address belongs to the virtual mapping at [ 21.402426] [ffff80008010b000, ffff80008010d000) created by: [ 21.402426] vmalloc_oob+0x98/0x5d0 [ 21.402624] [ 21.402678] The buggy address belongs to the physical page: [ 21.402752] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10630d [ 21.403119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.403695] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.404088] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.404351] page dumped because: kasan: bad access detected [ 21.404884] [ 21.405114] Memory state around the buggy address: [ 21.405219] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.405543] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.405763] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.406029] ^ [ 21.406129] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.406450] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.406756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.204512] ================================================================== [ 21.204662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.204779] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.204907] [ 21.204981] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.205157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.205222] Hardware name: linux,dummy-virt (DT) [ 21.205298] Call trace: [ 21.205352] show_stack+0x20/0x38 (C) [ 21.205471] dump_stack_lvl+0x8c/0xd0 [ 21.205605] print_report+0x118/0x608 [ 21.205720] kasan_report+0xdc/0x128 [ 21.205824] kasan_check_range+0x100/0x1a8 [ 21.205937] __kasan_check_write+0x20/0x30 [ 21.206047] kasan_atomics_helper+0x1414/0x4858 [ 21.207086] kasan_atomics+0x198/0x2e0 [ 21.207392] kunit_try_run_case+0x170/0x3f0 [ 21.208028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.208437] kthread+0x328/0x630 [ 21.208915] ret_from_fork+0x10/0x20 [ 21.209038] [ 21.209085] Allocated by task 267: [ 21.209157] kasan_save_stack+0x3c/0x68 [ 21.209249] kasan_save_track+0x20/0x40 [ 21.209321] kasan_save_alloc_info+0x40/0x58 [ 21.209385] __kasan_kmalloc+0xd4/0xd8 [ 21.209446] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.209559] kasan_atomics+0xb8/0x2e0 [ 21.209630] kunit_try_run_case+0x170/0x3f0 [ 21.209707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.209792] kthread+0x328/0x630 [ 21.209861] ret_from_fork+0x10/0x20 [ 21.209933] [ 21.209975] The buggy address belongs to the object at fff00000c42b8d00 [ 21.209975] which belongs to the cache kmalloc-64 of size 64 [ 21.210093] The buggy address is located 0 bytes to the right of [ 21.210093] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.210225] [ 21.210269] The buggy address belongs to the physical page: [ 21.210334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.210436] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.211591] page_type: f5(slab) [ 21.211843] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.211970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.212062] page dumped because: kasan: bad access detected [ 21.212133] [ 21.212175] Memory state around the buggy address: [ 21.212248] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.212346] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.212436] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.212862] ^ [ 21.212977] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.213075] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.213155] ================================================================== [ 21.325225] ================================================================== [ 21.325344] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.325454] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.327330] [ 21.327436] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.327550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.327841] Hardware name: linux,dummy-virt (DT) [ 21.327928] Call trace: [ 21.327981] show_stack+0x20/0x38 (C) [ 21.328100] dump_stack_lvl+0x8c/0xd0 [ 21.328208] print_report+0x118/0x608 [ 21.328311] kasan_report+0xdc/0x128 [ 21.328413] kasan_check_range+0x100/0x1a8 [ 21.328520] __kasan_check_write+0x20/0x30 [ 21.328642] kasan_atomics_helper+0x175c/0x4858 [ 21.328750] kasan_atomics+0x198/0x2e0 [ 21.328852] kunit_try_run_case+0x170/0x3f0 [ 21.328962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.329136] kthread+0x328/0x630 [ 21.329450] ret_from_fork+0x10/0x20 [ 21.329789] [ 21.329838] Allocated by task 267: [ 21.330196] kasan_save_stack+0x3c/0x68 [ 21.330544] kasan_save_track+0x20/0x40 [ 21.330878] kasan_save_alloc_info+0x40/0x58 [ 21.331160] __kasan_kmalloc+0xd4/0xd8 [ 21.331251] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.331711] kasan_atomics+0xb8/0x2e0 [ 21.332690] kunit_try_run_case+0x170/0x3f0 [ 21.332807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.333459] kthread+0x328/0x630 [ 21.333583] ret_from_fork+0x10/0x20 [ 21.334264] [ 21.334661] The buggy address belongs to the object at fff00000c42b8d00 [ 21.334661] which belongs to the cache kmalloc-64 of size 64 [ 21.335567] The buggy address is located 0 bytes to the right of [ 21.335567] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.335741] [ 21.336149] The buggy address belongs to the physical page: [ 21.336272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.336400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.336521] page_type: f5(slab) [ 21.336620] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.336736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.336842] page dumped because: kasan: bad access detected [ 21.338623] [ 21.338855] Memory state around the buggy address: [ 21.339461] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.339699] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.340811] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.341686] ^ [ 21.343660] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343799] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.343894] ================================================================== [ 20.763944] ================================================================== [ 20.764096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 20.764339] [ 20.764451] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.764737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.765438] kasan_report+0xdc/0x128 [ 20.765685] __kasan_check_write+0x20/0x30 [ 20.766304] kunit_try_run_case+0x170/0x3f0 [ 20.767190] kasan_save_track+0x20/0x40 [ 20.767857] kthread+0x328/0x630 [ 20.768247] The buggy address is located 0 bytes to the right of [ 20.768247] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.768393] [ 20.768448] The buggy address belongs to the physical page: [ 20.768602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.768979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.769804] page dumped because: kasan: bad access detected [ 20.770503] ^ [ 20.770753] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.772973] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 20.773249] [ 20.773903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.774217] Hardware name: linux,dummy-virt (DT) [ 20.774299] Call trace: [ 20.774991] kasan_report+0xdc/0x128 [ 20.776174] kthread+0x328/0x630 [ 20.777027] kasan_save_track+0x20/0x40 [ 20.777149] kasan_save_alloc_info+0x40/0x58 [ 20.777257] __kasan_kmalloc+0xd4/0xd8 [ 20.777364] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.777611] kunit_try_run_case+0x170/0x3f0 [ 20.777978] ret_from_fork+0x10/0x20 [ 20.778067] [ 20.778133] The buggy address belongs to the object at fff00000c42b8d00 [ 20.778133] which belongs to the cache kmalloc-64 of size 64 [ 20.778511] [ 20.778607] The buggy address belongs to the physical page: [ 20.778681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.780900] ================================================================== [ 21.060597] ================================================================== [ 21.060711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 21.061330] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.061627] [ 21.061750] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.061994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.062125] Hardware name: linux,dummy-virt (DT) [ 21.062277] Call trace: [ 21.062333] show_stack+0x20/0x38 (C) [ 21.062651] dump_stack_lvl+0x8c/0xd0 [ 21.062837] print_report+0x118/0x608 [ 21.062986] kasan_report+0xdc/0x128 [ 21.063136] kasan_check_range+0x100/0x1a8 [ 21.063282] __kasan_check_write+0x20/0x30 [ 21.063428] kasan_atomics_helper+0xeb8/0x4858 [ 21.063590] kasan_atomics+0x198/0x2e0 [ 21.063696] kunit_try_run_case+0x170/0x3f0 [ 21.063784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.064249] kthread+0x328/0x630 [ 21.064400] ret_from_fork+0x10/0x20 [ 21.064524] [ 21.064582] Allocated by task 267: [ 21.064657] kasan_save_stack+0x3c/0x68 [ 21.064749] kasan_save_track+0x20/0x40 [ 21.064841] kasan_save_alloc_info+0x40/0x58 [ 21.064976] __kasan_kmalloc+0xd4/0xd8 [ 21.065063] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.065166] kasan_atomics+0xb8/0x2e0 [ 21.065248] kunit_try_run_case+0x170/0x3f0 [ 21.065411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.065538] kthread+0x328/0x630 [ 21.066122] ret_from_fork+0x10/0x20 [ 21.066357] [ 21.066408] The buggy address belongs to the object at fff00000c42b8d00 [ 21.066408] which belongs to the cache kmalloc-64 of size 64 [ 21.067748] The buggy address is located 0 bytes to the right of [ 21.067748] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.068000] [ 21.068062] The buggy address belongs to the physical page: [ 21.068146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.068280] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.068408] page_type: f5(slab) [ 21.068504] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.068645] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.070683] page dumped because: kasan: bad access detected [ 21.071240] [ 21.072088] Memory state around the buggy address: [ 21.072405] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.072612] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.073110] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.073365] ^ [ 21.073448] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.073588] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.073690] ================================================================== [ 21.053566] ================================================================== [ 21.053695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 21.053881] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.054228] [ 21.054364] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.054636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.054697] Hardware name: linux,dummy-virt (DT) [ 21.054757] Call trace: [ 21.054808] show_stack+0x20/0x38 (C) [ 21.054920] dump_stack_lvl+0x8c/0xd0 [ 21.055043] print_report+0x118/0x608 [ 21.055189] kasan_report+0xdc/0x128 [ 21.055330] __asan_report_store8_noabort+0x20/0x30 [ 21.055488] kasan_atomics_helper+0x3e5c/0x4858 [ 21.055605] kasan_atomics+0x198/0x2e0 [ 21.055699] kunit_try_run_case+0x170/0x3f0 [ 21.055813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.056356] kthread+0x328/0x630 [ 21.056490] ret_from_fork+0x10/0x20 [ 21.056637] [ 21.056715] Allocated by task 267: [ 21.056782] kasan_save_stack+0x3c/0x68 [ 21.056906] kasan_save_track+0x20/0x40 [ 21.057002] kasan_save_alloc_info+0x40/0x58 [ 21.057081] __kasan_kmalloc+0xd4/0xd8 [ 21.057154] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.057236] kasan_atomics+0xb8/0x2e0 [ 21.057309] kunit_try_run_case+0x170/0x3f0 [ 21.057601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.057703] kthread+0x328/0x630 [ 21.057805] ret_from_fork+0x10/0x20 [ 21.057915] [ 21.057963] The buggy address belongs to the object at fff00000c42b8d00 [ 21.057963] which belongs to the cache kmalloc-64 of size 64 [ 21.058109] The buggy address is located 0 bytes to the right of [ 21.058109] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.058289] [ 21.058369] The buggy address belongs to the physical page: [ 21.058447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.058591] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.058734] page_type: f5(slab) [ 21.058830] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.058957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.059078] page dumped because: kasan: bad access detected [ 21.059162] [ 21.059211] Memory state around the buggy address: [ 21.059289] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.059438] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.059563] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.059680] ^ [ 21.059795] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.059947] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.060084] ================================================================== [ 21.181820] ================================================================== [ 21.181968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.182072] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.182229] [ 21.182338] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.182586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.182647] Hardware name: linux,dummy-virt (DT) [ 21.182719] Call trace: [ 21.182778] show_stack+0x20/0x38 (C) [ 21.182900] dump_stack_lvl+0x8c/0xd0 [ 21.183130] print_report+0x118/0x608 [ 21.183231] kasan_report+0xdc/0x128 [ 21.183618] kasan_check_range+0x100/0x1a8 [ 21.184471] __kasan_check_write+0x20/0x30 [ 21.184682] kasan_atomics_helper+0x12d8/0x4858 [ 21.184782] kasan_atomics+0x198/0x2e0 [ 21.184883] kunit_try_run_case+0x170/0x3f0 [ 21.185201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.185298] kthread+0x328/0x630 [ 21.185351] ret_from_fork+0x10/0x20 [ 21.185413] [ 21.185451] Allocated by task 267: [ 21.185526] kasan_save_stack+0x3c/0x68 [ 21.185665] kasan_save_track+0x20/0x40 [ 21.185765] kasan_save_alloc_info+0x40/0x58 [ 21.185879] __kasan_kmalloc+0xd4/0xd8 [ 21.185974] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.186080] kasan_atomics+0xb8/0x2e0 [ 21.186167] kunit_try_run_case+0x170/0x3f0 [ 21.186271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.186431] kthread+0x328/0x630 [ 21.186527] ret_from_fork+0x10/0x20 [ 21.186621] [ 21.186666] The buggy address belongs to the object at fff00000c42b8d00 [ 21.186666] which belongs to the cache kmalloc-64 of size 64 [ 21.186868] The buggy address is located 0 bytes to the right of [ 21.186868] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.187090] [ 21.187141] The buggy address belongs to the physical page: [ 21.187216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.187347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.187462] page_type: f5(slab) [ 21.187550] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.187660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.187763] page dumped because: kasan: bad access detected [ 21.187844] [ 21.187890] Memory state around the buggy address: [ 21.187963] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.188053] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.188712] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.188856] ^ [ 21.189360] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.189491] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.189596] ================================================================== [ 21.105682] ================================================================== [ 21.105772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 21.105899] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.106064] [ 21.106145] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.106340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.106409] Hardware name: linux,dummy-virt (DT) [ 21.106488] Call trace: [ 21.106556] show_stack+0x20/0x38 (C) [ 21.106674] dump_stack_lvl+0x8c/0xd0 [ 21.106781] print_report+0x118/0x608 [ 21.106886] kasan_report+0xdc/0x128 [ 21.106984] kasan_check_range+0x100/0x1a8 [ 21.107092] __kasan_check_write+0x20/0x30 [ 21.107198] kasan_atomics_helper+0xff0/0x4858 [ 21.108049] kasan_atomics+0x198/0x2e0 [ 21.108258] kunit_try_run_case+0x170/0x3f0 [ 21.108468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.109132] kthread+0x328/0x630 [ 21.109475] ret_from_fork+0x10/0x20 [ 21.109864] [ 21.109920] Allocated by task 267: [ 21.110004] kasan_save_stack+0x3c/0x68 [ 21.110269] kasan_save_track+0x20/0x40 [ 21.110454] kasan_save_alloc_info+0x40/0x58 [ 21.110544] __kasan_kmalloc+0xd4/0xd8 [ 21.110929] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.111167] kasan_atomics+0xb8/0x2e0 [ 21.111497] kunit_try_run_case+0x170/0x3f0 [ 21.111624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.111804] kthread+0x328/0x630 [ 21.112042] ret_from_fork+0x10/0x20 [ 21.112380] [ 21.112438] The buggy address belongs to the object at fff00000c42b8d00 [ 21.112438] which belongs to the cache kmalloc-64 of size 64 [ 21.112583] The buggy address is located 0 bytes to the right of [ 21.112583] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.112854] [ 21.113043] The buggy address belongs to the physical page: [ 21.113131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.113541] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.113983] page_type: f5(slab) [ 21.114128] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.114459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.114756] page dumped because: kasan: bad access detected [ 21.114834] [ 21.114880] Memory state around the buggy address: [ 21.114956] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115066] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.115499] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.115691] ^ [ 21.115865] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.116036] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.116413] ================================================================== [ 20.997223] ================================================================== [ 20.997356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.997484] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.997628] [ 20.997714] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.997932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.998002] Hardware name: linux,dummy-virt (DT) [ 20.998086] Call trace: [ 20.998149] show_stack+0x20/0x38 (C) [ 20.998268] dump_stack_lvl+0x8c/0xd0 [ 20.999841] print_report+0x118/0x608 [ 21.000121] kasan_report+0xdc/0x128 [ 21.000819] kasan_check_range+0x100/0x1a8 [ 21.001065] __kasan_check_read+0x20/0x30 [ 21.001325] kasan_atomics_helper+0xdd4/0x4858 [ 21.001917] kasan_atomics+0x198/0x2e0 [ 21.002109] kunit_try_run_case+0x170/0x3f0 [ 21.002630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.003510] kthread+0x328/0x630 [ 21.003791] ret_from_fork+0x10/0x20 [ 21.004462] [ 21.004704] Allocated by task 267: [ 21.004878] kasan_save_stack+0x3c/0x68 [ 21.005161] kasan_save_track+0x20/0x40 [ 21.005593] kasan_save_alloc_info+0x40/0x58 [ 21.006071] __kasan_kmalloc+0xd4/0xd8 [ 21.006568] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.006922] kasan_atomics+0xb8/0x2e0 [ 21.007098] kunit_try_run_case+0x170/0x3f0 [ 21.007193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.008196] kthread+0x328/0x630 [ 21.008497] ret_from_fork+0x10/0x20 [ 21.008598] [ 21.009518] The buggy address belongs to the object at fff00000c42b8d00 [ 21.009518] which belongs to the cache kmalloc-64 of size 64 [ 21.009716] The buggy address is located 0 bytes to the right of [ 21.009716] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.011203] [ 21.011426] The buggy address belongs to the physical page: [ 21.011822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.012190] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.012514] page_type: f5(slab) [ 21.013280] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.013922] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.014258] page dumped because: kasan: bad access detected [ 21.014347] [ 21.014398] Memory state around the buggy address: [ 21.014479] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.014601] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.014713] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.014807] ^ [ 21.014893] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.014995] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.017133] ================================================================== [ 20.965982] ================================================================== [ 20.966105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.966224] Write of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.966339] [ 20.966451] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.966961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.967066] Hardware name: linux,dummy-virt (DT) [ 20.967487] Call trace: [ 20.968011] show_stack+0x20/0x38 (C) [ 20.968474] dump_stack_lvl+0x8c/0xd0 [ 20.968998] print_report+0x118/0x608 [ 20.969241] kasan_report+0xdc/0x128 [ 20.969413] kasan_check_range+0x100/0x1a8 [ 20.969906] __kasan_check_write+0x20/0x30 [ 20.970150] kasan_atomics_helper+0xd3c/0x4858 [ 20.970725] kasan_atomics+0x198/0x2e0 [ 20.970859] kunit_try_run_case+0x170/0x3f0 [ 20.970967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.971090] kthread+0x328/0x630 [ 20.971745] ret_from_fork+0x10/0x20 [ 20.972166] [ 20.972220] Allocated by task 267: [ 20.972305] kasan_save_stack+0x3c/0x68 [ 20.972385] kasan_save_track+0x20/0x40 [ 20.972449] kasan_save_alloc_info+0x40/0x58 [ 20.972540] __kasan_kmalloc+0xd4/0xd8 [ 20.972624] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.973222] kasan_atomics+0xb8/0x2e0 [ 20.973661] kunit_try_run_case+0x170/0x3f0 [ 20.973765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.974168] kthread+0x328/0x630 [ 20.974527] ret_from_fork+0x10/0x20 [ 20.974648] [ 20.974697] The buggy address belongs to the object at fff00000c42b8d00 [ 20.974697] which belongs to the cache kmalloc-64 of size 64 [ 20.975322] The buggy address is located 0 bytes to the right of [ 20.975322] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.975497] [ 20.976002] The buggy address belongs to the physical page: [ 20.976099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.976237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.976358] page_type: f5(slab) [ 20.977028] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.977643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.978026] page dumped because: kasan: bad access detected [ 20.978121] [ 20.978182] Memory state around the buggy address: [ 20.978276] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.978388] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.978502] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.979511] ^ [ 20.979949] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.980151] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.980368] ================================================================== [ 21.018662] ================================================================== [ 21.019270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 21.019468] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.019909] [ 21.020027] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.020463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.020675] Hardware name: linux,dummy-virt (DT) [ 21.021173] Call trace: [ 21.021355] show_stack+0x20/0x38 (C) [ 21.021520] dump_stack_lvl+0x8c/0xd0 [ 21.022329] print_report+0x118/0x608 [ 21.023092] kasan_report+0xdc/0x128 [ 21.023384] __asan_report_load8_noabort+0x20/0x30 [ 21.023942] kasan_atomics_helper+0x3f58/0x4858 [ 21.024312] kasan_atomics+0x198/0x2e0 [ 21.024817] kunit_try_run_case+0x170/0x3f0 [ 21.025408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.025561] kthread+0x328/0x630 [ 21.026070] ret_from_fork+0x10/0x20 [ 21.026192] [ 21.026241] Allocated by task 267: [ 21.027521] kasan_save_stack+0x3c/0x68 [ 21.027792] kasan_save_track+0x20/0x40 [ 21.028544] kasan_save_alloc_info+0x40/0x58 [ 21.028655] __kasan_kmalloc+0xd4/0xd8 [ 21.029196] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.029380] kasan_atomics+0xb8/0x2e0 [ 21.030180] kunit_try_run_case+0x170/0x3f0 [ 21.030558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.030684] kthread+0x328/0x630 [ 21.030772] ret_from_fork+0x10/0x20 [ 21.031893] [ 21.032276] The buggy address belongs to the object at fff00000c42b8d00 [ 21.032276] which belongs to the cache kmalloc-64 of size 64 [ 21.032411] The buggy address is located 0 bytes to the right of [ 21.032411] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.032572] [ 21.032622] The buggy address belongs to the physical page: [ 21.033923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.034074] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.034200] page_type: f5(slab) [ 21.034297] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.034427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.036605] page dumped because: kasan: bad access detected [ 21.036852] [ 21.036921] Memory state around the buggy address: [ 21.037017] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.037133] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.037240] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.037955] ^ [ 21.038522] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.039205] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.039307] ================================================================== [ 21.227163] ================================================================== [ 21.227290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.227398] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.227508] [ 21.227646] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.228159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.228195] Hardware name: linux,dummy-virt (DT) [ 21.228228] Call trace: [ 21.228277] show_stack+0x20/0x38 (C) [ 21.228373] dump_stack_lvl+0x8c/0xd0 [ 21.228482] print_report+0x118/0x608 [ 21.228589] kasan_report+0xdc/0x128 [ 21.228686] kasan_check_range+0x100/0x1a8 [ 21.228805] __kasan_check_write+0x20/0x30 [ 21.229033] kasan_atomics_helper+0x14e4/0x4858 [ 21.229146] kasan_atomics+0x198/0x2e0 [ 21.229256] kunit_try_run_case+0x170/0x3f0 [ 21.229355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229503] kthread+0x328/0x630 [ 21.230009] ret_from_fork+0x10/0x20 [ 21.230289] [ 21.230418] Allocated by task 267: [ 21.230647] kasan_save_stack+0x3c/0x68 [ 21.231006] kasan_save_track+0x20/0x40 [ 21.231131] kasan_save_alloc_info+0x40/0x58 [ 21.231226] __kasan_kmalloc+0xd4/0xd8 [ 21.231594] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.231959] kasan_atomics+0xb8/0x2e0 [ 21.232282] kunit_try_run_case+0x170/0x3f0 [ 21.232449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.232569] kthread+0x328/0x630 [ 21.232733] ret_from_fork+0x10/0x20 [ 21.233052] [ 21.233132] The buggy address belongs to the object at fff00000c42b8d00 [ 21.233132] which belongs to the cache kmalloc-64 of size 64 [ 21.233281] The buggy address is located 0 bytes to the right of [ 21.233281] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.233585] [ 21.233762] The buggy address belongs to the physical page: [ 21.233843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.233962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.234070] page_type: f5(slab) [ 21.234497] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.234808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.235105] page dumped because: kasan: bad access detected [ 21.235202] [ 21.235250] Memory state around the buggy address: [ 21.235353] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.235454] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.235557] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.235633] ^ [ 21.235731] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.235843] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.235916] ================================================================== [ 21.153637] ================================================================== [ 21.153815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 21.154130] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.154514] [ 21.154649] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.155202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.155386] Hardware name: linux,dummy-virt (DT) [ 21.155580] Call trace: [ 21.155641] show_stack+0x20/0x38 (C) [ 21.155870] dump_stack_lvl+0x8c/0xd0 [ 21.155963] print_report+0x118/0x608 [ 21.156408] kasan_report+0xdc/0x128 [ 21.156807] kasan_check_range+0x100/0x1a8 [ 21.157086] __kasan_check_write+0x20/0x30 [ 21.157444] kasan_atomics_helper+0x1190/0x4858 [ 21.157728] kasan_atomics+0x198/0x2e0 [ 21.158087] kunit_try_run_case+0x170/0x3f0 [ 21.158407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.158709] kthread+0x328/0x630 [ 21.159012] ret_from_fork+0x10/0x20 [ 21.159219] [ 21.159265] Allocated by task 267: [ 21.159577] kasan_save_stack+0x3c/0x68 [ 21.159713] kasan_save_track+0x20/0x40 [ 21.160017] kasan_save_alloc_info+0x40/0x58 [ 21.160404] __kasan_kmalloc+0xd4/0xd8 [ 21.160566] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.160836] kasan_atomics+0xb8/0x2e0 [ 21.160941] kunit_try_run_case+0x170/0x3f0 [ 21.161028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.161151] kthread+0x328/0x630 [ 21.161230] ret_from_fork+0x10/0x20 [ 21.161314] [ 21.161447] The buggy address belongs to the object at fff00000c42b8d00 [ 21.161447] which belongs to the cache kmalloc-64 of size 64 [ 21.161802] The buggy address is located 0 bytes to the right of [ 21.161802] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.162084] [ 21.162289] The buggy address belongs to the physical page: [ 21.162416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.162820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.163065] page_type: f5(slab) [ 21.163200] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.163349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.163464] page dumped because: kasan: bad access detected [ 21.163554] [ 21.163601] Memory state around the buggy address: [ 21.163757] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.163854] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.164004] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.164088] ^ [ 21.164166] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.164264] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.164346] ================================================================== [ 21.273799] ================================================================== [ 21.274045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.274169] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.274293] [ 21.274367] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.274571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.274641] Hardware name: linux,dummy-virt (DT) [ 21.274720] Call trace: [ 21.274773] show_stack+0x20/0x38 (C) [ 21.274884] dump_stack_lvl+0x8c/0xd0 [ 21.274984] print_report+0x118/0x608 [ 21.275087] kasan_report+0xdc/0x128 [ 21.275188] __asan_report_load8_noabort+0x20/0x30 [ 21.275307] kasan_atomics_helper+0x3df4/0x4858 [ 21.275408] kasan_atomics+0x198/0x2e0 [ 21.275509] kunit_try_run_case+0x170/0x3f0 [ 21.276072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.276465] kthread+0x328/0x630 [ 21.276718] ret_from_fork+0x10/0x20 [ 21.276837] [ 21.276879] Allocated by task 267: [ 21.276933] kasan_save_stack+0x3c/0x68 [ 21.277017] kasan_save_track+0x20/0x40 [ 21.277097] kasan_save_alloc_info+0x40/0x58 [ 21.277188] __kasan_kmalloc+0xd4/0xd8 [ 21.277272] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.277372] kasan_atomics+0xb8/0x2e0 [ 21.277459] kunit_try_run_case+0x170/0x3f0 [ 21.277587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.277700] kthread+0x328/0x630 [ 21.277782] ret_from_fork+0x10/0x20 [ 21.277874] [ 21.277917] The buggy address belongs to the object at fff00000c42b8d00 [ 21.277917] which belongs to the cache kmalloc-64 of size 64 [ 21.278392] The buggy address is located 0 bytes to the right of [ 21.278392] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.278961] [ 21.279043] The buggy address belongs to the physical page: [ 21.279252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.279859] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.280264] page_type: f5(slab) [ 21.280366] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.280487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.280602] page dumped because: kasan: bad access detected [ 21.280687] [ 21.280736] Memory state around the buggy address: [ 21.280819] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.280933] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.281049] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.281153] ^ [ 21.281239] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.281355] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.284027] ================================================================== [ 20.940781] ================================================================== [ 20.940906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.941015] Read of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.941124] [ 20.941201] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.941373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.941433] Hardware name: linux,dummy-virt (DT) [ 20.941512] Call trace: [ 20.941580] show_stack+0x20/0x38 (C) [ 20.941691] dump_stack_lvl+0x8c/0xd0 [ 20.941789] print_report+0x118/0x608 [ 20.941880] kasan_report+0xdc/0x128 [ 20.941974] __asan_report_load4_noabort+0x20/0x30 [ 20.942080] kasan_atomics_helper+0x3dd8/0x4858 [ 20.942175] kasan_atomics+0x198/0x2e0 [ 20.942266] kunit_try_run_case+0x170/0x3f0 [ 20.942363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.942474] kthread+0x328/0x630 [ 20.943523] ret_from_fork+0x10/0x20 [ 20.943672] [ 20.943719] Allocated by task 267: [ 20.943936] kasan_save_stack+0x3c/0x68 [ 20.944164] kasan_save_track+0x20/0x40 [ 20.944332] kasan_save_alloc_info+0x40/0x58 [ 20.944492] __kasan_kmalloc+0xd4/0xd8 [ 20.944616] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.944728] kasan_atomics+0xb8/0x2e0 [ 20.944844] kunit_try_run_case+0x170/0x3f0 [ 20.944966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.945116] kthread+0x328/0x630 [ 20.945230] ret_from_fork+0x10/0x20 [ 20.945323] [ 20.945369] The buggy address belongs to the object at fff00000c42b8d00 [ 20.945369] which belongs to the cache kmalloc-64 of size 64 [ 20.945523] The buggy address is located 0 bytes to the right of [ 20.945523] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.955876] [ 20.955940] The buggy address belongs to the physical page: [ 20.956022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.956157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.958350] page_type: f5(slab) [ 20.958485] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.958621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.958726] page dumped because: kasan: bad access detected [ 20.958807] [ 20.958852] Memory state around the buggy address: [ 20.958931] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.959022] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.960984] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.961156] ^ [ 20.962157] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.962974] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963479] ================================================================== [ 21.255151] ================================================================== [ 21.255478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.255620] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.255731] [ 21.255793] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.256283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.256370] Hardware name: linux,dummy-virt (DT) [ 21.256472] Call trace: [ 21.256538] show_stack+0x20/0x38 (C) [ 21.256666] dump_stack_lvl+0x8c/0xd0 [ 21.256776] print_report+0x118/0x608 [ 21.256881] kasan_report+0xdc/0x128 [ 21.256994] __asan_report_load8_noabort+0x20/0x30 [ 21.257103] kasan_atomics_helper+0x3db0/0x4858 [ 21.257673] kasan_atomics+0x198/0x2e0 [ 21.257835] kunit_try_run_case+0x170/0x3f0 [ 21.257988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.258164] kthread+0x328/0x630 [ 21.258309] ret_from_fork+0x10/0x20 [ 21.258454] [ 21.258529] Allocated by task 267: [ 21.258607] kasan_save_stack+0x3c/0x68 [ 21.258693] kasan_save_track+0x20/0x40 [ 21.258781] kasan_save_alloc_info+0x40/0x58 [ 21.258866] __kasan_kmalloc+0xd4/0xd8 [ 21.258948] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.259041] kasan_atomics+0xb8/0x2e0 [ 21.259143] kunit_try_run_case+0x170/0x3f0 [ 21.259239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.259687] kthread+0x328/0x630 [ 21.260097] ret_from_fork+0x10/0x20 [ 21.260232] [ 21.260296] The buggy address belongs to the object at fff00000c42b8d00 [ 21.260296] which belongs to the cache kmalloc-64 of size 64 [ 21.260425] The buggy address is located 0 bytes to the right of [ 21.260425] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.260588] [ 21.260641] The buggy address belongs to the physical page: [ 21.260720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.260834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.260945] page_type: f5(slab) [ 21.261930] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.262103] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.262198] page dumped because: kasan: bad access detected [ 21.262693] [ 21.262748] Memory state around the buggy address: [ 21.262833] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.262945] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.263047] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.263139] ^ [ 21.263229] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.263334] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.263420] ================================================================== [ 20.981310] ================================================================== [ 20.981433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.981572] Read of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.981705] [ 20.982660] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.983046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.983121] Hardware name: linux,dummy-virt (DT) [ 20.983204] Call trace: [ 20.983260] show_stack+0x20/0x38 (C) [ 20.983489] dump_stack_lvl+0x8c/0xd0 [ 20.984179] print_report+0x118/0x608 [ 20.984313] kasan_report+0xdc/0x128 [ 20.984818] __asan_report_load4_noabort+0x20/0x30 [ 20.984968] kasan_atomics_helper+0x3e04/0x4858 [ 20.985085] kasan_atomics+0x198/0x2e0 [ 20.985185] kunit_try_run_case+0x170/0x3f0 [ 20.985682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.986286] kthread+0x328/0x630 [ 20.986664] ret_from_fork+0x10/0x20 [ 20.986977] [ 20.987435] Allocated by task 267: [ 20.987527] kasan_save_stack+0x3c/0x68 [ 20.987743] kasan_save_track+0x20/0x40 [ 20.987854] kasan_save_alloc_info+0x40/0x58 [ 20.987964] __kasan_kmalloc+0xd4/0xd8 [ 20.988049] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.988133] kasan_atomics+0xb8/0x2e0 [ 20.988666] kunit_try_run_case+0x170/0x3f0 [ 20.988907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.989293] kthread+0x328/0x630 [ 20.989581] ret_from_fork+0x10/0x20 [ 20.989843] [ 20.990274] The buggy address belongs to the object at fff00000c42b8d00 [ 20.990274] which belongs to the cache kmalloc-64 of size 64 [ 20.990430] The buggy address is located 0 bytes to the right of [ 20.990430] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.990756] [ 20.991175] The buggy address belongs to the physical page: [ 20.991276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.991962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.992360] page_type: f5(slab) [ 20.992482] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.992624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.992724] page dumped because: kasan: bad access detected [ 20.992806] [ 20.993523] Memory state around the buggy address: [ 20.993640] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.993748] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.993850] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.993969] ^ [ 20.994065] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.994176] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.994269] ================================================================== [ 21.354566] ================================================================== [ 21.354678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.354792] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.354912] [ 21.355583] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.356296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.356468] Hardware name: linux,dummy-virt (DT) [ 21.356602] Call trace: [ 21.356674] show_stack+0x20/0x38 (C) [ 21.356861] dump_stack_lvl+0x8c/0xd0 [ 21.356975] print_report+0x118/0x608 [ 21.357093] kasan_report+0xdc/0x128 [ 21.357209] kasan_check_range+0x100/0x1a8 [ 21.357708] __kasan_check_write+0x20/0x30 [ 21.357843] kasan_atomics_helper+0x17ec/0x4858 [ 21.357956] kasan_atomics+0x198/0x2e0 [ 21.358096] kunit_try_run_case+0x170/0x3f0 [ 21.358211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.358333] kthread+0x328/0x630 [ 21.358438] ret_from_fork+0x10/0x20 [ 21.358561] [ 21.358609] Allocated by task 267: [ 21.358675] kasan_save_stack+0x3c/0x68 [ 21.358775] kasan_save_track+0x20/0x40 [ 21.358852] kasan_save_alloc_info+0x40/0x58 [ 21.359334] __kasan_kmalloc+0xd4/0xd8 [ 21.359448] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.359541] kasan_atomics+0xb8/0x2e0 [ 21.359620] kunit_try_run_case+0x170/0x3f0 [ 21.359705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.360028] kthread+0x328/0x630 [ 21.360132] ret_from_fork+0x10/0x20 [ 21.360314] [ 21.360680] The buggy address belongs to the object at fff00000c42b8d00 [ 21.360680] which belongs to the cache kmalloc-64 of size 64 [ 21.360926] The buggy address is located 0 bytes to the right of [ 21.360926] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.361102] [ 21.361174] The buggy address belongs to the physical page: [ 21.361319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.361438] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.362043] page_type: f5(slab) [ 21.362355] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.362562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.362880] page dumped because: kasan: bad access detected [ 21.362975] [ 21.363320] Memory state around the buggy address: [ 21.363626] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.363746] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.364261] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.364361] ^ [ 21.364609] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.364720] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.364974] ================================================================== [ 20.845950] ================================================================== [ 20.846077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.846220] Write of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.846327] [ 20.846393] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.846594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.846667] Hardware name: linux,dummy-virt (DT) [ 20.846758] Call trace: [ 20.846808] show_stack+0x20/0x38 (C) [ 20.846950] dump_stack_lvl+0x8c/0xd0 [ 20.847389] print_report+0x118/0x608 [ 20.847549] kasan_report+0xdc/0x128 [ 20.847860] kasan_check_range+0x100/0x1a8 [ 20.847957] __kasan_check_write+0x20/0x30 [ 20.848040] kasan_atomics_helper+0xa6c/0x4858 [ 20.848135] kasan_atomics+0x198/0x2e0 [ 20.848212] kunit_try_run_case+0x170/0x3f0 [ 20.848908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.849044] kthread+0x328/0x630 [ 20.852406] ret_from_fork+0x10/0x20 [ 20.852558] [ 20.852607] Allocated by task 267: [ 20.852668] kasan_save_stack+0x3c/0x68 [ 20.852833] kasan_save_track+0x20/0x40 [ 20.853032] kasan_save_alloc_info+0x40/0x58 [ 20.853136] __kasan_kmalloc+0xd4/0xd8 [ 20.853219] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.853306] kasan_atomics+0xb8/0x2e0 [ 20.853380] kunit_try_run_case+0x170/0x3f0 [ 20.853479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.853603] kthread+0x328/0x630 [ 20.853686] ret_from_fork+0x10/0x20 [ 20.853773] [ 20.853837] The buggy address belongs to the object at fff00000c42b8d00 [ 20.853837] which belongs to the cache kmalloc-64 of size 64 [ 20.854037] The buggy address is located 0 bytes to the right of [ 20.854037] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.854194] [ 20.854241] The buggy address belongs to the physical page: [ 20.854313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.854437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.854554] page_type: f5(slab) [ 20.854638] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.854750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.854849] page dumped because: kasan: bad access detected [ 20.854924] [ 20.854972] Memory state around the buggy address: [ 20.855507] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.855784] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.855885] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.855962] ^ [ 20.856058] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.856506] ================================================================== [ 20.713349] ================================================================== [ 20.717183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 20.717503] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.719240] kasan_atomics+0x198/0x2e0 [ 20.723111] kasan_atomics+0xb8/0x2e0 [ 20.725812] page dumped because: kasan: bad access detected [ 20.726402] ^ [ 20.728243] ================================================================== [ 21.346323] ================================================================== [ 21.346451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.346606] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.346768] [ 21.346879] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.347135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.347226] Hardware name: linux,dummy-virt (DT) [ 21.347309] Call trace: [ 21.347356] show_stack+0x20/0x38 (C) [ 21.347455] dump_stack_lvl+0x8c/0xd0 [ 21.347600] print_report+0x118/0x608 [ 21.347721] kasan_report+0xdc/0x128 [ 21.347821] __asan_report_load8_noabort+0x20/0x30 [ 21.347964] kasan_atomics_helper+0x3e20/0x4858 [ 21.348091] kasan_atomics+0x198/0x2e0 [ 21.348228] kunit_try_run_case+0x170/0x3f0 [ 21.348332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.348481] kthread+0x328/0x630 [ 21.348614] ret_from_fork+0x10/0x20 [ 21.348716] [ 21.348755] Allocated by task 267: [ 21.348825] kasan_save_stack+0x3c/0x68 [ 21.348922] kasan_save_track+0x20/0x40 [ 21.348997] kasan_save_alloc_info+0x40/0x58 [ 21.349086] __kasan_kmalloc+0xd4/0xd8 [ 21.349170] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.349276] kasan_atomics+0xb8/0x2e0 [ 21.349418] kunit_try_run_case+0x170/0x3f0 [ 21.349511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.349625] kthread+0x328/0x630 [ 21.349746] ret_from_fork+0x10/0x20 [ 21.349836] [ 21.349884] The buggy address belongs to the object at fff00000c42b8d00 [ 21.349884] which belongs to the cache kmalloc-64 of size 64 [ 21.350022] The buggy address is located 0 bytes to the right of [ 21.350022] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.350177] [ 21.350225] The buggy address belongs to the physical page: [ 21.350299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.350419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.350539] page_type: f5(slab) [ 21.350627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.350752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.350870] page dumped because: kasan: bad access detected [ 21.350952] [ 21.351042] Memory state around the buggy address: [ 21.351168] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.351549] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.351848] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.353132] ^ [ 21.353225] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.353327] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.353425] ================================================================== [ 21.173487] ================================================================== [ 21.173618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.174059] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.174166] [ 21.174241] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.174705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.174893] Hardware name: linux,dummy-virt (DT) [ 21.174966] Call trace: [ 21.175042] show_stack+0x20/0x38 (C) [ 21.175210] dump_stack_lvl+0x8c/0xd0 [ 21.175401] print_report+0x118/0x608 [ 21.175605] kasan_report+0xdc/0x128 [ 21.175702] kasan_check_range+0x100/0x1a8 [ 21.176098] __kasan_check_write+0x20/0x30 [ 21.176296] kasan_atomics_helper+0x126c/0x4858 [ 21.176398] kasan_atomics+0x198/0x2e0 [ 21.176477] kunit_try_run_case+0x170/0x3f0 [ 21.176573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.176689] kthread+0x328/0x630 [ 21.176792] ret_from_fork+0x10/0x20 [ 21.176903] [ 21.176951] Allocated by task 267: [ 21.177054] kasan_save_stack+0x3c/0x68 [ 21.177132] kasan_save_track+0x20/0x40 [ 21.177209] kasan_save_alloc_info+0x40/0x58 [ 21.177295] __kasan_kmalloc+0xd4/0xd8 [ 21.177387] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.177617] kasan_atomics+0xb8/0x2e0 [ 21.177984] kunit_try_run_case+0x170/0x3f0 [ 21.178144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.178294] kthread+0x328/0x630 [ 21.178407] ret_from_fork+0x10/0x20 [ 21.178520] [ 21.178575] The buggy address belongs to the object at fff00000c42b8d00 [ 21.178575] which belongs to the cache kmalloc-64 of size 64 [ 21.178721] The buggy address is located 0 bytes to the right of [ 21.178721] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.178950] [ 21.179023] The buggy address belongs to the physical page: [ 21.179141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.179268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.179410] page_type: f5(slab) [ 21.179492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.179624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.180087] page dumped because: kasan: bad access detected [ 21.180171] [ 21.180219] Memory state around the buggy address: [ 21.180308] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.180441] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.180572] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.180700] ^ [ 21.180931] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.181189] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.181293] ================================================================== [ 21.074307] ================================================================== [ 21.074486] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.074662] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.074827] [ 21.074965] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.075162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.075234] Hardware name: linux,dummy-virt (DT) [ 21.075307] Call trace: [ 21.075369] show_stack+0x20/0x38 (C) [ 21.075474] dump_stack_lvl+0x8c/0xd0 [ 21.075591] print_report+0x118/0x608 [ 21.075697] kasan_report+0xdc/0x128 [ 21.075814] kasan_check_range+0x100/0x1a8 [ 21.075930] __kasan_check_write+0x20/0x30 [ 21.076049] kasan_atomics_helper+0xf20/0x4858 [ 21.076160] kasan_atomics+0x198/0x2e0 [ 21.076265] kunit_try_run_case+0x170/0x3f0 [ 21.076375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.076500] kthread+0x328/0x630 [ 21.077614] ret_from_fork+0x10/0x20 [ 21.077731] [ 21.077795] Allocated by task 267: [ 21.077886] kasan_save_stack+0x3c/0x68 [ 21.077979] kasan_save_track+0x20/0x40 [ 21.078063] kasan_save_alloc_info+0x40/0x58 [ 21.078160] __kasan_kmalloc+0xd4/0xd8 [ 21.078244] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.078356] kasan_atomics+0xb8/0x2e0 [ 21.078436] kunit_try_run_case+0x170/0x3f0 [ 21.079121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.079259] kthread+0x328/0x630 [ 21.079344] ret_from_fork+0x10/0x20 [ 21.079481] [ 21.079571] The buggy address belongs to the object at fff00000c42b8d00 [ 21.079571] which belongs to the cache kmalloc-64 of size 64 [ 21.079728] The buggy address is located 0 bytes to the right of [ 21.079728] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.079859] [ 21.079903] The buggy address belongs to the physical page: [ 21.079974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.080296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.080449] page_type: f5(slab) [ 21.080578] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.080706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.080806] page dumped because: kasan: bad access detected [ 21.080890] [ 21.080937] Memory state around the buggy address: [ 21.081013] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.081120] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.081232] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.081329] ^ [ 21.081408] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.082341] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.082521] ================================================================== [ 21.147625] ================================================================== [ 21.147793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 21.147897] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.148035] [ 21.148106] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.148376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.148472] Hardware name: linux,dummy-virt (DT) [ 21.148547] Call trace: [ 21.148603] show_stack+0x20/0x38 (C) [ 21.148711] dump_stack_lvl+0x8c/0xd0 [ 21.148838] print_report+0x118/0x608 [ 21.148927] kasan_report+0xdc/0x128 [ 21.149029] kasan_check_range+0x100/0x1a8 [ 21.149123] __kasan_check_write+0x20/0x30 [ 21.149234] kasan_atomics_helper+0x1128/0x4858 [ 21.149366] kasan_atomics+0x198/0x2e0 [ 21.149538] kunit_try_run_case+0x170/0x3f0 [ 21.149675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.149805] kthread+0x328/0x630 [ 21.149910] ret_from_fork+0x10/0x20 [ 21.150021] [ 21.150069] Allocated by task 267: [ 21.150140] kasan_save_stack+0x3c/0x68 [ 21.150234] kasan_save_track+0x20/0x40 [ 21.150321] kasan_save_alloc_info+0x40/0x58 [ 21.150409] __kasan_kmalloc+0xd4/0xd8 [ 21.150493] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.150591] kasan_atomics+0xb8/0x2e0 [ 21.150673] kunit_try_run_case+0x170/0x3f0 [ 21.150765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.150865] kthread+0x328/0x630 [ 21.150955] ret_from_fork+0x10/0x20 [ 21.151039] [ 21.151086] The buggy address belongs to the object at fff00000c42b8d00 [ 21.151086] which belongs to the cache kmalloc-64 of size 64 [ 21.151224] The buggy address is located 0 bytes to the right of [ 21.151224] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.151418] [ 21.151469] The buggy address belongs to the physical page: [ 21.151562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.151691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.151825] page_type: f5(slab) [ 21.151905] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.152009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.152116] page dumped because: kasan: bad access detected [ 21.152203] [ 21.152254] Memory state around the buggy address: [ 21.152339] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.152614] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.152727] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.152843] ^ [ 21.152928] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153034] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153142] ================================================================== [ 21.085332] ================================================================== [ 21.085459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.085602] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.085731] [ 21.085814] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.086023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.086100] Hardware name: linux,dummy-virt (DT) [ 21.086186] Call trace: [ 21.086247] show_stack+0x20/0x38 (C) [ 21.086371] dump_stack_lvl+0x8c/0xd0 [ 21.086479] print_report+0x118/0x608 [ 21.088588] kasan_report+0xdc/0x128 [ 21.089434] kasan_check_range+0x100/0x1a8 [ 21.090104] __kasan_check_write+0x20/0x30 [ 21.090275] kasan_atomics_helper+0xf88/0x4858 [ 21.091240] kasan_atomics+0x198/0x2e0 [ 21.091341] kunit_try_run_case+0x170/0x3f0 [ 21.092114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.092401] kthread+0x328/0x630 [ 21.092652] ret_from_fork+0x10/0x20 [ 21.093256] [ 21.093348] Allocated by task 267: [ 21.093437] kasan_save_stack+0x3c/0x68 [ 21.093563] kasan_save_track+0x20/0x40 [ 21.093648] kasan_save_alloc_info+0x40/0x58 [ 21.093746] __kasan_kmalloc+0xd4/0xd8 [ 21.093843] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.094843] kasan_atomics+0xb8/0x2e0 [ 21.095456] kunit_try_run_case+0x170/0x3f0 [ 21.096097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.096203] kthread+0x328/0x630 [ 21.096277] ret_from_fork+0x10/0x20 [ 21.096357] [ 21.097661] The buggy address belongs to the object at fff00000c42b8d00 [ 21.097661] which belongs to the cache kmalloc-64 of size 64 [ 21.097852] The buggy address is located 0 bytes to the right of [ 21.097852] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.098857] [ 21.099319] The buggy address belongs to the physical page: [ 21.099722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.099839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.099956] page_type: f5(slab) [ 21.100042] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.100169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.100269] page dumped because: kasan: bad access detected [ 21.100348] [ 21.100392] Memory state around the buggy address: [ 21.100468] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.100585] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.100687] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.102127] ^ [ 21.102328] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.102457] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.102563] ================================================================== [ 20.837966] ================================================================== [ 20.838090] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.838199] Write of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.838316] [ 20.838391] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.838592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.838663] Hardware name: linux,dummy-virt (DT) [ 20.838768] Call trace: [ 20.838845] show_stack+0x20/0x38 (C) [ 20.838954] dump_stack_lvl+0x8c/0xd0 [ 20.839097] print_report+0x118/0x608 [ 20.839237] kasan_report+0xdc/0x128 [ 20.839384] kasan_check_range+0x100/0x1a8 [ 20.839482] __kasan_check_write+0x20/0x30 [ 20.839687] kasan_atomics_helper+0xa04/0x4858 [ 20.839984] kasan_atomics+0x198/0x2e0 [ 20.840224] kunit_try_run_case+0x170/0x3f0 [ 20.840409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.840573] kthread+0x328/0x630 [ 20.840694] ret_from_fork+0x10/0x20 [ 20.840795] [ 20.840993] Allocated by task 267: [ 20.841110] kasan_save_stack+0x3c/0x68 [ 20.841205] kasan_save_track+0x20/0x40 [ 20.841302] kasan_save_alloc_info+0x40/0x58 [ 20.841436] __kasan_kmalloc+0xd4/0xd8 [ 20.841599] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.841743] kasan_atomics+0xb8/0x2e0 [ 20.841861] kunit_try_run_case+0x170/0x3f0 [ 20.841993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.842141] kthread+0x328/0x630 [ 20.842254] ret_from_fork+0x10/0x20 [ 20.842333] [ 20.842378] The buggy address belongs to the object at fff00000c42b8d00 [ 20.842378] which belongs to the cache kmalloc-64 of size 64 [ 20.842519] The buggy address is located 0 bytes to the right of [ 20.842519] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.842745] [ 20.842811] The buggy address belongs to the physical page: [ 20.842913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.843085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.843201] page_type: f5(slab) [ 20.843328] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.843435] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.843543] page dumped because: kasan: bad access detected [ 20.843612] [ 20.843647] Memory state around the buggy address: [ 20.843713] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.843802] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.843906] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.843998] ^ [ 20.844076] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.844375] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.844722] ================================================================== [ 21.197572] ================================================================== [ 21.197683] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.197818] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.197993] [ 21.198103] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.198365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.198446] Hardware name: linux,dummy-virt (DT) [ 21.198521] Call trace: [ 21.198595] show_stack+0x20/0x38 (C) [ 21.198758] dump_stack_lvl+0x8c/0xd0 [ 21.198918] print_report+0x118/0x608 [ 21.199020] kasan_report+0xdc/0x128 [ 21.199149] __asan_report_load8_noabort+0x20/0x30 [ 21.199335] kasan_atomics_helper+0x3f04/0x4858 [ 21.199445] kasan_atomics+0x198/0x2e0 [ 21.199651] kunit_try_run_case+0x170/0x3f0 [ 21.199823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.199947] kthread+0x328/0x630 [ 21.200057] ret_from_fork+0x10/0x20 [ 21.200156] [ 21.200202] Allocated by task 267: [ 21.200275] kasan_save_stack+0x3c/0x68 [ 21.200461] kasan_save_track+0x20/0x40 [ 21.200583] kasan_save_alloc_info+0x40/0x58 [ 21.200667] __kasan_kmalloc+0xd4/0xd8 [ 21.200768] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.200856] kasan_atomics+0xb8/0x2e0 [ 21.200967] kunit_try_run_case+0x170/0x3f0 [ 21.201055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.201176] kthread+0x328/0x630 [ 21.201275] ret_from_fork+0x10/0x20 [ 21.201395] [ 21.201470] The buggy address belongs to the object at fff00000c42b8d00 [ 21.201470] which belongs to the cache kmalloc-64 of size 64 [ 21.201700] The buggy address is located 0 bytes to the right of [ 21.201700] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.201909] [ 21.201953] The buggy address belongs to the physical page: [ 21.202016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.202155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.202272] page_type: f5(slab) [ 21.202432] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.202551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.202651] page dumped because: kasan: bad access detected [ 21.202731] [ 21.202771] Memory state around the buggy address: [ 21.202855] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.202968] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.203077] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.203175] ^ [ 21.203258] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.203393] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.203525] ================================================================== [ 21.190410] ================================================================== [ 21.190597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.190748] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.190868] [ 21.190955] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.191215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.191333] Hardware name: linux,dummy-virt (DT) [ 21.191399] Call trace: [ 21.191447] show_stack+0x20/0x38 (C) [ 21.191562] dump_stack_lvl+0x8c/0xd0 [ 21.191677] print_report+0x118/0x608 [ 21.192275] kasan_report+0xdc/0x128 [ 21.192406] kasan_check_range+0x100/0x1a8 [ 21.192506] __kasan_check_write+0x20/0x30 [ 21.192854] kasan_atomics_helper+0x1384/0x4858 [ 21.192980] kasan_atomics+0x198/0x2e0 [ 21.193115] kunit_try_run_case+0x170/0x3f0 [ 21.193274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.193415] kthread+0x328/0x630 [ 21.193613] ret_from_fork+0x10/0x20 [ 21.193745] [ 21.193809] Allocated by task 267: [ 21.193883] kasan_save_stack+0x3c/0x68 [ 21.193972] kasan_save_track+0x20/0x40 [ 21.194063] kasan_save_alloc_info+0x40/0x58 [ 21.194158] __kasan_kmalloc+0xd4/0xd8 [ 21.194249] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.194392] kasan_atomics+0xb8/0x2e0 [ 21.194476] kunit_try_run_case+0x170/0x3f0 [ 21.194890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.195035] kthread+0x328/0x630 [ 21.195145] ret_from_fork+0x10/0x20 [ 21.195234] [ 21.195310] The buggy address belongs to the object at fff00000c42b8d00 [ 21.195310] which belongs to the cache kmalloc-64 of size 64 [ 21.195457] The buggy address is located 0 bytes to the right of [ 21.195457] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.195624] [ 21.195704] The buggy address belongs to the physical page: [ 21.195789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.195905] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.196023] page_type: f5(slab) [ 21.196104] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.196280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.196369] page dumped because: kasan: bad access detected [ 21.196475] [ 21.196543] Memory state around the buggy address: [ 21.196612] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196725] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196811] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.196894] ^ [ 21.196971] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.197076] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.197192] ================================================================== [ 20.830005] ================================================================== [ 20.830130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.830245] Write of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.830359] [ 20.830429] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.830629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.830693] Hardware name: linux,dummy-virt (DT) [ 20.830766] Call trace: [ 20.830821] show_stack+0x20/0x38 (C) [ 20.830931] dump_stack_lvl+0x8c/0xd0 [ 20.831036] print_report+0x118/0x608 [ 20.831138] kasan_report+0xdc/0x128 [ 20.831236] kasan_check_range+0x100/0x1a8 [ 20.831377] __kasan_check_write+0x20/0x30 [ 20.831472] kasan_atomics_helper+0x99c/0x4858 [ 20.831847] kasan_atomics+0x198/0x2e0 [ 20.831932] kunit_try_run_case+0x170/0x3f0 [ 20.832043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.832153] kthread+0x328/0x630 [ 20.832255] ret_from_fork+0x10/0x20 [ 20.832659] [ 20.832707] Allocated by task 267: [ 20.832799] kasan_save_stack+0x3c/0x68 [ 20.832930] kasan_save_track+0x20/0x40 [ 20.833044] kasan_save_alloc_info+0x40/0x58 [ 20.833168] __kasan_kmalloc+0xd4/0xd8 [ 20.833282] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.833399] kasan_atomics+0xb8/0x2e0 [ 20.833490] kunit_try_run_case+0x170/0x3f0 [ 20.833624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.833731] kthread+0x328/0x630 [ 20.833812] ret_from_fork+0x10/0x20 [ 20.833897] [ 20.833943] The buggy address belongs to the object at fff00000c42b8d00 [ 20.833943] which belongs to the cache kmalloc-64 of size 64 [ 20.834080] The buggy address is located 0 bytes to the right of [ 20.834080] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.834230] [ 20.834276] The buggy address belongs to the physical page: [ 20.834353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.834473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.834583] page_type: f5(slab) [ 20.834660] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.835328] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.835569] page dumped because: kasan: bad access detected [ 20.835653] [ 20.835693] Memory state around the buggy address: [ 20.835757] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.835839] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.835928] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.836020] ^ [ 20.836102] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.836203] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.836295] ================================================================== [ 21.043175] ================================================================== [ 21.043666] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 21.043800] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.044454] [ 21.044562] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.044757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.044827] Hardware name: linux,dummy-virt (DT) [ 21.044906] Call trace: [ 21.044969] show_stack+0x20/0x38 (C) [ 21.045084] dump_stack_lvl+0x8c/0xd0 [ 21.045195] print_report+0x118/0x608 [ 21.046568] kasan_report+0xdc/0x128 [ 21.046709] kasan_check_range+0x100/0x1a8 [ 21.046824] __kasan_check_write+0x20/0x30 [ 21.046942] kasan_atomics_helper+0xe44/0x4858 [ 21.047061] kasan_atomics+0x198/0x2e0 [ 21.047117] kunit_try_run_case+0x170/0x3f0 [ 21.047169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047226] kthread+0x328/0x630 [ 21.047272] ret_from_fork+0x10/0x20 [ 21.047630] [ 21.047701] Allocated by task 267: [ 21.047790] kasan_save_stack+0x3c/0x68 [ 21.047939] kasan_save_track+0x20/0x40 [ 21.048041] kasan_save_alloc_info+0x40/0x58 [ 21.048200] __kasan_kmalloc+0xd4/0xd8 [ 21.048276] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.048359] kasan_atomics+0xb8/0x2e0 [ 21.048437] kunit_try_run_case+0x170/0x3f0 [ 21.048968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.049159] kthread+0x328/0x630 [ 21.049250] ret_from_fork+0x10/0x20 [ 21.049328] [ 21.049374] The buggy address belongs to the object at fff00000c42b8d00 [ 21.049374] which belongs to the cache kmalloc-64 of size 64 [ 21.049542] The buggy address is located 0 bytes to the right of [ 21.049542] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.049710] [ 21.049765] The buggy address belongs to the physical page: [ 21.049846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.049993] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.050121] page_type: f5(slab) [ 21.050216] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.050372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.050486] page dumped because: kasan: bad access detected [ 21.050968] [ 21.051040] Memory state around the buggy address: [ 21.051447] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.051833] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.052037] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.052132] ^ [ 21.052283] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.052476] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.052805] ================================================================== [ 21.165446] ================================================================== [ 21.165642] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 21.165749] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.165914] [ 21.166022] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.166290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.166376] Hardware name: linux,dummy-virt (DT) [ 21.166456] Call trace: [ 21.166540] show_stack+0x20/0x38 (C) [ 21.166708] dump_stack_lvl+0x8c/0xd0 [ 21.166823] print_report+0x118/0x608 [ 21.166932] kasan_report+0xdc/0x128 [ 21.167033] kasan_check_range+0x100/0x1a8 [ 21.167145] __kasan_check_write+0x20/0x30 [ 21.167260] kasan_atomics_helper+0x11f8/0x4858 [ 21.167461] kasan_atomics+0x198/0x2e0 [ 21.167561] kunit_try_run_case+0x170/0x3f0 [ 21.167663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.167788] kthread+0x328/0x630 [ 21.167905] ret_from_fork+0x10/0x20 [ 21.168211] [ 21.168273] Allocated by task 267: [ 21.168625] kasan_save_stack+0x3c/0x68 [ 21.168754] kasan_save_track+0x20/0x40 [ 21.169095] kasan_save_alloc_info+0x40/0x58 [ 21.169202] __kasan_kmalloc+0xd4/0xd8 [ 21.169279] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.169416] kasan_atomics+0xb8/0x2e0 [ 21.169504] kunit_try_run_case+0x170/0x3f0 [ 21.169612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.169711] kthread+0x328/0x630 [ 21.169777] ret_from_fork+0x10/0x20 [ 21.169882] [ 21.169933] The buggy address belongs to the object at fff00000c42b8d00 [ 21.169933] which belongs to the cache kmalloc-64 of size 64 [ 21.170310] The buggy address is located 0 bytes to the right of [ 21.170310] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.170472] [ 21.170554] The buggy address belongs to the physical page: [ 21.170664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.170784] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.170946] page_type: f5(slab) [ 21.171074] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.171246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.171388] page dumped because: kasan: bad access detected [ 21.171465] [ 21.171511] Memory state around the buggy address: [ 21.171839] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.172116] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.172228] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.172540] ^ [ 21.172698] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.172850] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.172986] ================================================================== [ 21.137825] ================================================================== [ 21.138142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 21.138394] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.138784] [ 21.139311] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.139501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.139586] Hardware name: linux,dummy-virt (DT) [ 21.139675] Call trace: [ 21.139837] show_stack+0x20/0x38 (C) [ 21.139962] dump_stack_lvl+0x8c/0xd0 [ 21.140218] print_report+0x118/0x608 [ 21.140340] kasan_report+0xdc/0x128 [ 21.140744] kasan_check_range+0x100/0x1a8 [ 21.140926] __kasan_check_write+0x20/0x30 [ 21.141472] kasan_atomics_helper+0x10c0/0x4858 [ 21.141908] kasan_atomics+0x198/0x2e0 [ 21.142043] kunit_try_run_case+0x170/0x3f0 [ 21.142158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.142283] kthread+0x328/0x630 [ 21.142386] ret_from_fork+0x10/0x20 [ 21.142506] [ 21.142583] Allocated by task 267: [ 21.142691] kasan_save_stack+0x3c/0x68 [ 21.142822] kasan_save_track+0x20/0x40 [ 21.142943] kasan_save_alloc_info+0x40/0x58 [ 21.143062] __kasan_kmalloc+0xd4/0xd8 [ 21.143173] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.143495] kasan_atomics+0xb8/0x2e0 [ 21.143599] kunit_try_run_case+0x170/0x3f0 [ 21.143972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.144088] kthread+0x328/0x630 [ 21.144200] ret_from_fork+0x10/0x20 [ 21.144276] [ 21.144323] The buggy address belongs to the object at fff00000c42b8d00 [ 21.144323] which belongs to the cache kmalloc-64 of size 64 [ 21.144439] The buggy address is located 0 bytes to the right of [ 21.144439] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.144621] [ 21.144851] The buggy address belongs to the physical page: [ 21.144963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.145149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.145327] page_type: f5(slab) [ 21.145448] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.145601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.145718] page dumped because: kasan: bad access detected [ 21.145831] [ 21.145895] Memory state around the buggy address: [ 21.145986] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.146091] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.146217] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.146323] ^ [ 21.146440] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.146568] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.146655] ================================================================== [ 21.244445] ================================================================== [ 21.244624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.245063] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.245184] [ 21.245399] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.245875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.246081] Hardware name: linux,dummy-virt (DT) [ 21.246185] Call trace: [ 21.246359] show_stack+0x20/0x38 (C) [ 21.246479] dump_stack_lvl+0x8c/0xd0 [ 21.246597] print_report+0x118/0x608 [ 21.246701] kasan_report+0xdc/0x128 [ 21.246804] kasan_check_range+0x100/0x1a8 [ 21.246906] __kasan_check_write+0x20/0x30 [ 21.247014] kasan_atomics_helper+0x15b4/0x4858 [ 21.247124] kasan_atomics+0x198/0x2e0 [ 21.247648] kunit_try_run_case+0x170/0x3f0 [ 21.248103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.248241] kthread+0x328/0x630 [ 21.249005] ret_from_fork+0x10/0x20 [ 21.249144] [ 21.249193] Allocated by task 267: [ 21.249259] kasan_save_stack+0x3c/0x68 [ 21.249355] kasan_save_track+0x20/0x40 [ 21.249433] kasan_save_alloc_info+0x40/0x58 [ 21.249892] __kasan_kmalloc+0xd4/0xd8 [ 21.250302] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.250514] kasan_atomics+0xb8/0x2e0 [ 21.251189] kunit_try_run_case+0x170/0x3f0 [ 21.251468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.251793] kthread+0x328/0x630 [ 21.251919] ret_from_fork+0x10/0x20 [ 21.252039] [ 21.252095] The buggy address belongs to the object at fff00000c42b8d00 [ 21.252095] which belongs to the cache kmalloc-64 of size 64 [ 21.252286] The buggy address is located 0 bytes to the right of [ 21.252286] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.252498] [ 21.252573] The buggy address belongs to the physical page: [ 21.252644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.252774] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.252906] page_type: f5(slab) [ 21.252997] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.253129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.253232] page dumped because: kasan: bad access detected [ 21.253327] [ 21.253373] Memory state around the buggy address: [ 21.253451] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.253570] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.253669] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.253756] ^ [ 21.253838] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.253946] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.254035] ================================================================== [ 21.304318] ================================================================== [ 21.304432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.305460] Read of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.306136] [ 21.306489] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.307352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.307558] Hardware name: linux,dummy-virt (DT) [ 21.307625] Call trace: [ 21.307668] show_stack+0x20/0x38 (C) [ 21.307781] dump_stack_lvl+0x8c/0xd0 [ 21.307885] print_report+0x118/0x608 [ 21.307992] kasan_report+0xdc/0x128 [ 21.308096] __asan_report_load8_noabort+0x20/0x30 [ 21.308208] kasan_atomics_helper+0x3e10/0x4858 [ 21.308319] kasan_atomics+0x198/0x2e0 [ 21.308427] kunit_try_run_case+0x170/0x3f0 [ 21.308545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.310897] kthread+0x328/0x630 [ 21.311345] ret_from_fork+0x10/0x20 [ 21.311880] [ 21.311932] Allocated by task 267: [ 21.311992] kasan_save_stack+0x3c/0x68 [ 21.312071] kasan_save_track+0x20/0x40 [ 21.312151] kasan_save_alloc_info+0x40/0x58 [ 21.313369] __kasan_kmalloc+0xd4/0xd8 [ 21.313472] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.313801] kasan_atomics+0xb8/0x2e0 [ 21.314409] kunit_try_run_case+0x170/0x3f0 [ 21.314517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.315057] kthread+0x328/0x630 [ 21.315150] ret_from_fork+0x10/0x20 [ 21.315237] [ 21.316453] The buggy address belongs to the object at fff00000c42b8d00 [ 21.316453] which belongs to the cache kmalloc-64 of size 64 [ 21.316983] The buggy address is located 0 bytes to the right of [ 21.316983] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.317131] [ 21.317179] The buggy address belongs to the physical page: [ 21.318118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.318930] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.319240] page_type: f5(slab) [ 21.319416] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.320032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.320144] page dumped because: kasan: bad access detected [ 21.320220] [ 21.320499] Memory state around the buggy address: [ 21.320629] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.320958] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.321065] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.321155] ^ [ 21.321241] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.322327] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.322637] ================================================================== [ 21.116963] ================================================================== [ 21.117074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 21.117180] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.117299] [ 21.117374] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.118030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.118210] Hardware name: linux,dummy-virt (DT) [ 21.118706] Call trace: [ 21.119051] show_stack+0x20/0x38 (C) [ 21.119759] dump_stack_lvl+0x8c/0xd0 [ 21.120314] print_report+0x118/0x608 [ 21.120411] kasan_report+0xdc/0x128 [ 21.120939] kasan_check_range+0x100/0x1a8 [ 21.121471] __kasan_check_write+0x20/0x30 [ 21.122195] kasan_atomics_helper+0x1058/0x4858 [ 21.122418] kasan_atomics+0x198/0x2e0 [ 21.122709] kunit_try_run_case+0x170/0x3f0 [ 21.123407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.124099] kthread+0x328/0x630 [ 21.124237] ret_from_fork+0x10/0x20 [ 21.124871] [ 21.124923] Allocated by task 267: [ 21.124995] kasan_save_stack+0x3c/0x68 [ 21.125087] kasan_save_track+0x20/0x40 [ 21.125171] kasan_save_alloc_info+0x40/0x58 [ 21.126279] __kasan_kmalloc+0xd4/0xd8 [ 21.126552] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.126970] kasan_atomics+0xb8/0x2e0 [ 21.127321] kunit_try_run_case+0x170/0x3f0 [ 21.127815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.127943] kthread+0x328/0x630 [ 21.128037] ret_from_fork+0x10/0x20 [ 21.128119] [ 21.128168] The buggy address belongs to the object at fff00000c42b8d00 [ 21.128168] which belongs to the cache kmalloc-64 of size 64 [ 21.129076] The buggy address is located 0 bytes to the right of [ 21.129076] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.129829] [ 21.130210] The buggy address belongs to the physical page: [ 21.130610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.131198] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.131330] page_type: f5(slab) [ 21.131427] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.132345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.132790] page dumped because: kasan: bad access detected [ 21.133115] [ 21.133413] Memory state around the buggy address: [ 21.133926] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.134040] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.134571] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.134679] ^ [ 21.134768] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.134867] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.136306] ================================================================== [ 21.218796] ================================================================== [ 21.218916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.219033] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.219132] [ 21.219189] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.219357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.219416] Hardware name: linux,dummy-virt (DT) [ 21.219479] Call trace: [ 21.219539] show_stack+0x20/0x38 (C) [ 21.220616] dump_stack_lvl+0x8c/0xd0 [ 21.220754] print_report+0x118/0x608 [ 21.220839] kasan_report+0xdc/0x128 [ 21.220928] kasan_check_range+0x100/0x1a8 [ 21.221308] __kasan_check_write+0x20/0x30 [ 21.221567] kasan_atomics_helper+0x147c/0x4858 [ 21.221684] kasan_atomics+0x198/0x2e0 [ 21.221894] kunit_try_run_case+0x170/0x3f0 [ 21.222026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.222148] kthread+0x328/0x630 [ 21.222245] ret_from_fork+0x10/0x20 [ 21.222360] [ 21.222408] Allocated by task 267: [ 21.222473] kasan_save_stack+0x3c/0x68 [ 21.222583] kasan_save_track+0x20/0x40 [ 21.222686] kasan_save_alloc_info+0x40/0x58 [ 21.222782] __kasan_kmalloc+0xd4/0xd8 [ 21.222865] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.222962] kasan_atomics+0xb8/0x2e0 [ 21.223044] kunit_try_run_case+0x170/0x3f0 [ 21.223152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.223266] kthread+0x328/0x630 [ 21.223376] ret_from_fork+0x10/0x20 [ 21.223451] [ 21.223497] The buggy address belongs to the object at fff00000c42b8d00 [ 21.223497] which belongs to the cache kmalloc-64 of size 64 [ 21.223654] The buggy address is located 0 bytes to the right of [ 21.223654] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.223802] [ 21.224015] The buggy address belongs to the physical page: [ 21.224121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.224482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.224675] page_type: f5(slab) [ 21.224770] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.224894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.225144] page dumped because: kasan: bad access detected [ 21.225230] [ 21.225272] Memory state around the buggy address: [ 21.225549] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.225724] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.225872] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.225979] ^ [ 21.226103] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.226252] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.226372] ================================================================== [ 20.812336] ================================================================== [ 20.812449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.812572] Read of size 4 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 20.812723] [ 20.812841] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.813103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.813170] Hardware name: linux,dummy-virt (DT) [ 20.813249] Call trace: [ 20.813334] show_stack+0x20/0x38 (C) [ 20.813504] dump_stack_lvl+0x8c/0xd0 [ 20.813668] print_report+0x118/0x608 [ 20.813823] kasan_report+0xdc/0x128 [ 20.813927] __asan_report_load4_noabort+0x20/0x30 [ 20.814059] kasan_atomics_helper+0x42d8/0x4858 [ 20.814221] kasan_atomics+0x198/0x2e0 [ 20.814372] kunit_try_run_case+0x170/0x3f0 [ 20.814485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.814611] kthread+0x328/0x630 [ 20.814755] ret_from_fork+0x10/0x20 [ 20.814901] [ 20.814943] Allocated by task 267: [ 20.815006] kasan_save_stack+0x3c/0x68 [ 20.815104] kasan_save_track+0x20/0x40 [ 20.815188] kasan_save_alloc_info+0x40/0x58 [ 20.815282] __kasan_kmalloc+0xd4/0xd8 [ 20.815375] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.815489] kasan_atomics+0xb8/0x2e0 [ 20.815624] kunit_try_run_case+0x170/0x3f0 [ 20.815728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.815812] kthread+0x328/0x630 [ 20.815911] ret_from_fork+0x10/0x20 [ 20.815997] [ 20.816043] The buggy address belongs to the object at fff00000c42b8d00 [ 20.816043] which belongs to the cache kmalloc-64 of size 64 [ 20.816364] The buggy address is located 0 bytes to the right of [ 20.816364] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.816513] [ 20.816645] The buggy address belongs to the physical page: [ 20.816727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.818990] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.823087] Call trace: [ 20.823254] show_stack+0x20/0x38 (C) [ 20.823449] dump_stack_lvl+0x8c/0xd0 [ 20.823565] print_report+0x118/0x608 [ 20.823657] kasan_report+0xdc/0x128 [ 20.823739] kasan_check_range+0x100/0x1a8 [ 20.823834] __kasan_check_write+0x20/0x30 [ 20.823943] kasan_atomics_helper+0x934/0x4858 [ 20.824050] kasan_atomics+0x198/0x2e0 [ 20.824153] kunit_try_run_case+0x170/0x3f0 [ 20.824272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.824395] kthread+0x328/0x630 [ 20.824519] ret_from_fork+0x10/0x20 [ 20.824958] [ 20.825015] Allocated by task 267: [ 20.825084] kasan_save_stack+0x3c/0x68 [ 20.825170] kasan_save_track+0x20/0x40 [ 20.825247] kasan_save_alloc_info+0x40/0x58 [ 20.825345] __kasan_kmalloc+0xd4/0xd8 [ 20.825426] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.825778] kasan_atomics+0xb8/0x2e0 [ 20.825872] kunit_try_run_case+0x170/0x3f0 [ 20.825970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.826077] kthread+0x328/0x630 [ 20.826160] ret_from_fork+0x10/0x20 [ 20.826281] [ 20.826339] The buggy address belongs to the object at fff00000c42b8d00 [ 20.826339] which belongs to the cache kmalloc-64 of size 64 [ 20.826463] The buggy address is located 0 bytes to the right of [ 20.826463] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 20.826690] [ 20.826760] The buggy address belongs to the physical page: [ 20.826864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 20.826987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.827097] page_type: f5(slab) [ 20.827186] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.827341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.827427] page dumped because: kasan: bad access detected [ 20.827501] [ 20.827558] Memory state around the buggy address: [ 20.827967] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.828166] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.828254] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.828356] ^ [ 20.828434] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.828744] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.828866] ================================================================== [ 21.264507] ================================================================== [ 21.264641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.264858] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.264976] [ 21.265234] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.265635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.265710] Hardware name: linux,dummy-virt (DT) [ 21.265782] Call trace: [ 21.265832] show_stack+0x20/0x38 (C) [ 21.265946] dump_stack_lvl+0x8c/0xd0 [ 21.266052] print_report+0x118/0x608 [ 21.266159] kasan_report+0xdc/0x128 [ 21.266257] kasan_check_range+0x100/0x1a8 [ 21.266366] __kasan_check_write+0x20/0x30 [ 21.266475] kasan_atomics_helper+0x1644/0x4858 [ 21.266598] kasan_atomics+0x198/0x2e0 [ 21.266704] kunit_try_run_case+0x170/0x3f0 [ 21.266812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.266934] kthread+0x328/0x630 [ 21.267038] ret_from_fork+0x10/0x20 [ 21.267144] [ 21.267190] Allocated by task 267: [ 21.267256] kasan_save_stack+0x3c/0x68 [ 21.267961] kasan_save_track+0x20/0x40 [ 21.268130] kasan_save_alloc_info+0x40/0x58 [ 21.268258] __kasan_kmalloc+0xd4/0xd8 [ 21.268441] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.269032] kasan_atomics+0xb8/0x2e0 [ 21.269320] kunit_try_run_case+0x170/0x3f0 [ 21.269526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.269848] kthread+0x328/0x630 [ 21.269951] ret_from_fork+0x10/0x20 [ 21.270037] [ 21.270084] The buggy address belongs to the object at fff00000c42b8d00 [ 21.270084] which belongs to the cache kmalloc-64 of size 64 [ 21.270397] The buggy address is located 0 bytes to the right of [ 21.270397] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.270744] [ 21.270832] The buggy address belongs to the physical page: [ 21.270910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.271035] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.271145] page_type: f5(slab) [ 21.271234] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.271371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.271481] page dumped because: kasan: bad access detected [ 21.271577] [ 21.271621] Memory state around the buggy address: [ 21.271697] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.271811] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.272144] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.272606] ^ [ 21.272701] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.272792] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.273146] ================================================================== [ 21.287616] ================================================================== [ 21.287761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.288326] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.288464] [ 21.288548] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.289674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.289867] Hardware name: linux,dummy-virt (DT) [ 21.290043] Call trace: [ 21.290096] show_stack+0x20/0x38 (C) [ 21.290798] dump_stack_lvl+0x8c/0xd0 [ 21.290922] print_report+0x118/0x608 [ 21.291869] kasan_report+0xdc/0x128 [ 21.291977] kasan_check_range+0x100/0x1a8 [ 21.292075] __kasan_check_write+0x20/0x30 [ 21.292766] kasan_atomics_helper+0x16d0/0x4858 [ 21.293096] kasan_atomics+0x198/0x2e0 [ 21.293217] kunit_try_run_case+0x170/0x3f0 [ 21.293329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.293941] kthread+0x328/0x630 [ 21.294143] ret_from_fork+0x10/0x20 [ 21.294269] [ 21.294327] Allocated by task 267: [ 21.294421] kasan_save_stack+0x3c/0x68 [ 21.294544] kasan_save_track+0x20/0x40 [ 21.294638] kasan_save_alloc_info+0x40/0x58 [ 21.294739] __kasan_kmalloc+0xd4/0xd8 [ 21.294848] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.294939] kasan_atomics+0xb8/0x2e0 [ 21.295038] kunit_try_run_case+0x170/0x3f0 [ 21.295179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.295701] kthread+0x328/0x630 [ 21.295815] ret_from_fork+0x10/0x20 [ 21.296187] [ 21.296237] The buggy address belongs to the object at fff00000c42b8d00 [ 21.296237] which belongs to the cache kmalloc-64 of size 64 [ 21.296385] The buggy address is located 0 bytes to the right of [ 21.296385] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.296551] [ 21.296860] The buggy address belongs to the physical page: [ 21.297010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.297139] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.297338] page_type: f5(slab) [ 21.297564] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.297927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.298543] page dumped because: kasan: bad access detected [ 21.299034] [ 21.299254] Memory state around the buggy address: [ 21.299781] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.300368] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.300877] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.301676] ^ [ 21.301919] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.302447] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.302838] ================================================================== [ 21.236360] ================================================================== [ 21.236517] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.236679] Write of size 8 at addr fff00000c42b8d30 by task kunit_try_catch/267 [ 21.236803] [ 21.236870] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 21.237058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.237123] Hardware name: linux,dummy-virt (DT) [ 21.237193] Call trace: [ 21.237249] show_stack+0x20/0x38 (C) [ 21.237353] dump_stack_lvl+0x8c/0xd0 [ 21.237461] print_report+0x118/0x608 [ 21.237593] kasan_report+0xdc/0x128 [ 21.237699] kasan_check_range+0x100/0x1a8 [ 21.237802] __kasan_check_write+0x20/0x30 [ 21.237910] kasan_atomics_helper+0x154c/0x4858 [ 21.238019] kasan_atomics+0x198/0x2e0 [ 21.238116] kunit_try_run_case+0x170/0x3f0 [ 21.238223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.238343] kthread+0x328/0x630 [ 21.238442] ret_from_fork+0x10/0x20 [ 21.238560] [ 21.238600] Allocated by task 267: [ 21.238660] kasan_save_stack+0x3c/0x68 [ 21.238747] kasan_save_track+0x20/0x40 [ 21.238834] kasan_save_alloc_info+0x40/0x58 [ 21.238924] __kasan_kmalloc+0xd4/0xd8 [ 21.239005] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.239106] kasan_atomics+0xb8/0x2e0 [ 21.239174] kunit_try_run_case+0x170/0x3f0 [ 21.239262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.239350] kthread+0x328/0x630 [ 21.239438] ret_from_fork+0x10/0x20 [ 21.239528] [ 21.239661] The buggy address belongs to the object at fff00000c42b8d00 [ 21.239661] which belongs to the cache kmalloc-64 of size 64 [ 21.240250] The buggy address is located 0 bytes to the right of [ 21.240250] allocated 48-byte region [fff00000c42b8d00, fff00000c42b8d30) [ 21.240425] [ 21.240503] The buggy address belongs to the physical page: [ 21.241038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b8 [ 21.241187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.241304] page_type: f5(slab) [ 21.241414] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.241558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.242033] page dumped because: kasan: bad access detected [ 21.242143] [ 21.242191] Memory state around the buggy address: [ 21.242399] fff00000c42b8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.242511] fff00000c42b8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.242898] >fff00000c42b8d00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.243094] ^ [ 21.243332] fff00000c42b8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.243661] fff00000c42b8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.243801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.471198] ================================================================== [ 20.471333] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 20.471488] Read of size 8 at addr fff00000c40d2888 by task kunit_try_catch/263 [ 20.471617] [ 20.471837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.471894] Hardware name: linux,dummy-virt (DT) [ 20.472246] print_report+0x118/0x608 [ 20.472674] __asan_report_load8_noabort+0x20/0x30 [ 20.473485] kunit_try_run_case+0x170/0x3f0 [ 20.473763] kthread+0x328/0x630 [ 20.475442] [ 20.476638] __kasan_kmalloc+0xd4/0xd8 [ 20.476847] kasan_bitops_generic+0xa0/0x1c8 [ 20.477278] [ 20.477881] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.477985] page_type: f5(slab) [ 20.478137] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.478295] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.478588] Memory state around the buggy address: [ 20.479647] >fff00000c40d2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.479813] fff00000c40d2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.480713] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.343495] ================================================================== [ 20.343627] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.343738] Read of size 1 at addr fff00000c42a8690 by task kunit_try_catch/261 [ 20.343859] [ 20.343939] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.344111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.344179] Hardware name: linux,dummy-virt (DT) [ 20.344599] Call trace: [ 20.344670] show_stack+0x20/0x38 (C) [ 20.344901] dump_stack_lvl+0x8c/0xd0 [ 20.345104] print_report+0x118/0x608 [ 20.345219] kasan_report+0xdc/0x128 [ 20.345362] __asan_report_load1_noabort+0x20/0x30 [ 20.345500] strnlen+0x80/0x88 [ 20.345665] kasan_strings+0x478/0xb00 [ 20.345761] kunit_try_run_case+0x170/0x3f0 [ 20.345845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.346100] kthread+0x328/0x630 [ 20.346203] ret_from_fork+0x10/0x20 [ 20.346495] [ 20.346997] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.350183] The buggy address is located 16 bytes inside of [ 20.350183] freed 32-byte region [fff00000c42a8680, fff00000c42a86a0) [ 20.351848] [ 20.353091] fff00000c42a8780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.381840] Write of size 8 at addr fff00000c40d2888 by task kunit_try_catch/263 [ 20.384304] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.385282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1040d2 [ 20.387589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.388551] print_report+0x118/0x608 [ 20.391784] kunit_try_run_case+0x170/0x3f0 [ 20.392470] [ 20.393703] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.394036] page dumped because: kasan: bad access detected [ 20.397349] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.400863] kunit_try_run_case+0x170/0x3f0 [ 20.403105] page dumped because: kasan: bad access detected [ 20.403261] [ 20.403423] fff00000c40d2780: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 20.403873] fff00000c40d2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.405605] [ 20.405866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.406601] dump_stack_lvl+0x8c/0xd0 [ 20.407654] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.408951] kunit_try_run_case+0x170/0x3f0 [ 20.409306] [ 20.413627] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.413866] page dumped because: kasan: bad access detected [ 20.413937] [ 20.414149] fff00000c40d2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 20.414571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.332177] ================================================================== [ 20.332293] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.332418] Read of size 1 at addr fff00000c42a8690 by task kunit_try_catch/261 [ 20.332567] [ 20.332651] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.332844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.332947] Hardware name: linux,dummy-virt (DT) [ 20.333025] Call trace: [ 20.333088] show_stack+0x20/0x38 (C) [ 20.333274] dump_stack_lvl+0x8c/0xd0 [ 20.333388] print_report+0x118/0x608 [ 20.334723] kasan_report+0xdc/0x128 [ 20.334963] __asan_report_load1_noabort+0x20/0x30 [ 20.335577] strlen+0xa8/0xb0 [ 20.335948] kasan_strings+0x418/0xb00 [ 20.337540] kunit_try_run_case+0x170/0x3f0 [ 20.337696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.337829] kthread+0x328/0x630 [ 20.337937] ret_from_fork+0x10/0x20 [ 20.338052] [ 20.338097] Allocated by task 261: [ 20.338155] kasan_save_stack+0x3c/0x68 [ 20.338245] kasan_save_track+0x20/0x40 [ 20.338325] kasan_save_alloc_info+0x40/0x58 [ 20.338426] __kasan_kmalloc+0xd4/0xd8 [ 20.338514] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.338634] kasan_strings+0xc8/0xb00 [ 20.338711] kunit_try_run_case+0x170/0x3f0 [ 20.338794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.338996] kthread+0x328/0x630 [ 20.339216] ret_from_fork+0x10/0x20 [ 20.339376] [ 20.339448] Freed by task 261: [ 20.339547] kasan_save_stack+0x3c/0x68 [ 20.339726] kasan_save_track+0x20/0x40 [ 20.339947] kasan_save_free_info+0x4c/0x78 [ 20.340166] __kasan_slab_free+0x6c/0x98 [ 20.340414] kfree+0x214/0x3c8 [ 20.341181] kasan_strings+0x24c/0xb00 [ 20.341285] kunit_try_run_case+0x170/0x3f0 [ 20.341380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.341483] kthread+0x328/0x630 [ 20.341587] ret_from_fork+0x10/0x20 [ 20.341670] [ 20.341721] The buggy address belongs to the object at fff00000c42a8680 [ 20.341721] which belongs to the cache kmalloc-32 of size 32 [ 20.341789] The buggy address is located 16 bytes inside of [ 20.341789] freed 32-byte region [fff00000c42a8680, fff00000c42a86a0) [ 20.341853] [ 20.341877] The buggy address belongs to the physical page: [ 20.341912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a8 [ 20.341972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.342025] page_type: f5(slab) [ 20.342069] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.342125] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.342172] page dumped because: kasan: bad access detected [ 20.342208] [ 20.342230] Memory state around the buggy address: [ 20.342265] fff00000c42a8580: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.342312] fff00000c42a8600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.342356] >fff00000c42a8680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.342397] ^ [ 20.342431] fff00000c42a8700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.342475] fff00000c42a8780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.342515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.322019] ================================================================== [ 20.322198] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 20.322332] Read of size 1 at addr fff00000c42a8690 by task kunit_try_catch/261 [ 20.322456] [ 20.322599] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.322986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.323072] Hardware name: linux,dummy-virt (DT) [ 20.323148] Call trace: [ 20.323207] show_stack+0x20/0x38 (C) [ 20.323340] dump_stack_lvl+0x8c/0xd0 [ 20.323452] print_report+0x118/0x608 [ 20.323568] kasan_report+0xdc/0x128 [ 20.323743] __asan_report_load1_noabort+0x20/0x30 [ 20.323887] kasan_strings+0x95c/0xb00 [ 20.323974] kunit_try_run_case+0x170/0x3f0 [ 20.324068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.324202] kthread+0x328/0x630 [ 20.324320] ret_from_fork+0x10/0x20 [ 20.324477] [ 20.324523] Allocated by task 261: [ 20.324599] kasan_save_stack+0x3c/0x68 [ 20.324704] kasan_save_track+0x20/0x40 [ 20.324790] kasan_save_alloc_info+0x40/0x58 [ 20.324882] __kasan_kmalloc+0xd4/0xd8 [ 20.324976] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.325078] kasan_strings+0xc8/0xb00 [ 20.325193] kunit_try_run_case+0x170/0x3f0 [ 20.325316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.325455] kthread+0x328/0x630 [ 20.325568] ret_from_fork+0x10/0x20 [ 20.325645] [ 20.325690] Freed by task 261: [ 20.325755] kasan_save_stack+0x3c/0x68 [ 20.325939] kasan_save_track+0x20/0x40 [ 20.326174] kasan_save_free_info+0x4c/0x78 [ 20.326481] __kasan_slab_free+0x6c/0x98 [ 20.326617] kfree+0x214/0x3c8 [ 20.326707] kasan_strings+0x24c/0xb00 [ 20.326794] kunit_try_run_case+0x170/0x3f0 [ 20.326879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.327072] kthread+0x328/0x630 [ 20.327162] ret_from_fork+0x10/0x20 [ 20.327236] [ 20.327285] The buggy address belongs to the object at fff00000c42a8680 [ 20.327285] which belongs to the cache kmalloc-32 of size 32 [ 20.327429] The buggy address is located 16 bytes inside of [ 20.327429] freed 32-byte region [fff00000c42a8680, fff00000c42a86a0) [ 20.327606] [ 20.327684] The buggy address belongs to the physical page: [ 20.327809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a8 [ 20.327973] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.328126] page_type: f5(slab) [ 20.328198] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.328315] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.328415] page dumped because: kasan: bad access detected [ 20.328487] [ 20.328541] Memory state around the buggy address: [ 20.328614] fff00000c42a8580: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.328713] fff00000c42a8600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.328807] >fff00000c42a8680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.328890] ^ [ 20.328995] fff00000c42a8700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.329121] fff00000c42a8780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.329386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.305776] ================================================================== [ 20.305920] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.306055] Read of size 1 at addr fff00000c42a8690 by task kunit_try_catch/261 [ 20.306177] [ 20.306272] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.306563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.306659] Hardware name: linux,dummy-virt (DT) [ 20.306813] Call trace: [ 20.307176] show_stack+0x20/0x38 (C) [ 20.307607] dump_stack_lvl+0x8c/0xd0 [ 20.307764] print_report+0x118/0x608 [ 20.307970] kasan_report+0xdc/0x128 [ 20.308169] __asan_report_load1_noabort+0x20/0x30 [ 20.308395] strcmp+0xc0/0xc8 [ 20.308573] kasan_strings+0x340/0xb00 [ 20.308754] kunit_try_run_case+0x170/0x3f0 [ 20.308965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.309098] kthread+0x328/0x630 [ 20.309608] ret_from_fork+0x10/0x20 [ 20.309741] [ 20.309818] Allocated by task 261: [ 20.309911] kasan_save_stack+0x3c/0x68 [ 20.310132] kasan_save_track+0x20/0x40 [ 20.310662] kasan_save_alloc_info+0x40/0x58 [ 20.311155] __kasan_kmalloc+0xd4/0xd8 [ 20.311454] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.312006] kasan_strings+0xc8/0xb00 [ 20.312497] kunit_try_run_case+0x170/0x3f0 [ 20.312604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.312707] kthread+0x328/0x630 [ 20.312788] ret_from_fork+0x10/0x20 [ 20.312868] [ 20.312917] Freed by task 261: [ 20.313564] kasan_save_stack+0x3c/0x68 [ 20.313673] kasan_save_track+0x20/0x40 [ 20.313755] kasan_save_free_info+0x4c/0x78 [ 20.313846] __kasan_slab_free+0x6c/0x98 [ 20.313935] kfree+0x214/0x3c8 [ 20.314061] kasan_strings+0x24c/0xb00 [ 20.314276] kunit_try_run_case+0x170/0x3f0 [ 20.314425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.314640] kthread+0x328/0x630 [ 20.314725] ret_from_fork+0x10/0x20 [ 20.315204] [ 20.315608] The buggy address belongs to the object at fff00000c42a8680 [ 20.315608] which belongs to the cache kmalloc-32 of size 32 [ 20.316054] The buggy address is located 16 bytes inside of [ 20.316054] freed 32-byte region [fff00000c42a8680, fff00000c42a86a0) [ 20.316904] [ 20.316976] The buggy address belongs to the physical page: [ 20.317059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a8 [ 20.317197] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.317322] page_type: f5(slab) [ 20.317419] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.317564] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.319310] page dumped because: kasan: bad access detected [ 20.319413] [ 20.319469] Memory state around the buggy address: [ 20.319557] fff00000c42a8580: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.319679] fff00000c42a8600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.319777] >fff00000c42a8680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.319867] ^ [ 20.319940] fff00000c42a8700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.320112] fff00000c42a8780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.320210] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.273196] ================================================================== [ 20.273367] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.273578] Read of size 1 at addr fff00000c42a84d8 by task kunit_try_catch/259 [ 20.273741] [ 20.273874] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.274065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.274135] Hardware name: linux,dummy-virt (DT) [ 20.274728] Call trace: [ 20.274814] show_stack+0x20/0x38 (C) [ 20.274951] dump_stack_lvl+0x8c/0xd0 [ 20.275055] print_report+0x118/0x608 [ 20.275162] kasan_report+0xdc/0x128 [ 20.275266] __asan_report_load1_noabort+0x20/0x30 [ 20.275565] memcmp+0x198/0x1d8 [ 20.275664] kasan_memcmp+0x16c/0x300 [ 20.275764] kunit_try_run_case+0x170/0x3f0 [ 20.276363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.276866] kthread+0x328/0x630 [ 20.277057] ret_from_fork+0x10/0x20 [ 20.277263] [ 20.277310] Allocated by task 259: [ 20.277632] kasan_save_stack+0x3c/0x68 [ 20.277788] kasan_save_track+0x20/0x40 [ 20.277895] kasan_save_alloc_info+0x40/0x58 [ 20.278174] __kasan_kmalloc+0xd4/0xd8 [ 20.278500] __kmalloc_cache_noprof+0x15c/0x3c0 [ 20.278640] kasan_memcmp+0xbc/0x300 [ 20.278946] kunit_try_run_case+0x170/0x3f0 [ 20.279254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.279426] kthread+0x328/0x630 [ 20.279499] ret_from_fork+0x10/0x20 [ 20.279593] [ 20.279642] The buggy address belongs to the object at fff00000c42a84c0 [ 20.279642] which belongs to the cache kmalloc-32 of size 32 [ 20.279765] The buggy address is located 0 bytes to the right of [ 20.279765] allocated 24-byte region [fff00000c42a84c0, fff00000c42a84d8) [ 20.279933] [ 20.280077] The buggy address belongs to the physical page: [ 20.280284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042a8 [ 20.280405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.280518] page_type: f5(slab) [ 20.280793] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.281040] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.281195] page dumped because: kasan: bad access detected [ 20.281306] [ 20.281352] Memory state around the buggy address: [ 20.281431] fff00000c42a8380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.281576] fff00000c42a8400: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.281735] >fff00000c42a8480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.281873] ^ [ 20.282003] fff00000c42a8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.282147] fff00000c42a8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.282248] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.236885] ================================================================== [ 20.237029] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.237661] Read of size 1 at addr ffff800080a87b4a by task kunit_try_catch/255 [ 20.237813] [ 20.237911] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.238110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.238528] Hardware name: linux,dummy-virt (DT) [ 20.238724] Call trace: [ 20.238803] show_stack+0x20/0x38 (C) [ 20.238945] dump_stack_lvl+0x8c/0xd0 [ 20.239055] print_report+0x310/0x608 [ 20.239378] kasan_report+0xdc/0x128 [ 20.239626] __asan_report_load1_noabort+0x20/0x30 [ 20.239767] kasan_alloca_oob_right+0x2dc/0x340 [ 20.239885] kunit_try_run_case+0x170/0x3f0 [ 20.240206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.240431] kthread+0x328/0x630 [ 20.240547] ret_from_fork+0x10/0x20 [ 20.240687] [ 20.240757] The buggy address belongs to stack of task kunit_try_catch/255 [ 20.240946] [ 20.241020] The buggy address belongs to the virtual mapping at [ 20.241020] [ffff800080a80000, ffff800080a89000) created by: [ 20.241020] kernel_clone+0x150/0x7a8 [ 20.241425] [ 20.241499] The buggy address belongs to the physical page: [ 20.241603] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b6 [ 20.241773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.242000] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.242443] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.242781] page dumped because: kasan: bad access detected [ 20.242868] [ 20.242914] Memory state around the buggy address: [ 20.243089] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.243292] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.243477] >ffff800080a87b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.243620] ^ [ 20.243871] ffff800080a87b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.243981] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.244076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.213974] ================================================================== [ 20.214170] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.214313] Read of size 1 at addr ffff800080a87b5f by task kunit_try_catch/253 [ 20.214456] [ 20.214560] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.214809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.214881] Hardware name: linux,dummy-virt (DT) [ 20.214957] Call trace: [ 20.215011] show_stack+0x20/0x38 (C) [ 20.215146] dump_stack_lvl+0x8c/0xd0 [ 20.215251] print_report+0x310/0x608 [ 20.215372] kasan_report+0xdc/0x128 [ 20.215481] __asan_report_load1_noabort+0x20/0x30 [ 20.215600] kasan_alloca_oob_left+0x2b8/0x310 [ 20.215762] kunit_try_run_case+0x170/0x3f0 [ 20.215908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216055] kthread+0x328/0x630 [ 20.216150] ret_from_fork+0x10/0x20 [ 20.216247] [ 20.216472] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.216671] [ 20.216731] The buggy address belongs to the virtual mapping at [ 20.216731] [ffff800080a80000, ffff800080a89000) created by: [ 20.216731] kernel_clone+0x150/0x7a8 [ 20.216922] [ 20.216987] The buggy address belongs to the physical page: [ 20.217084] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b6 [ 20.217207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.217355] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.217485] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.217604] page dumped because: kasan: bad access detected [ 20.217692] [ 20.217767] Memory state around the buggy address: [ 20.217861] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.218004] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.218174] >ffff800080a87b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.218540] ^ [ 20.218678] ffff800080a87b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.219004] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.219103] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.187266] ================================================================== [ 20.187521] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.187687] Read of size 1 at addr ffff800080a87c2a by task kunit_try_catch/251 [ 20.187813] [ 20.187960] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.188163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.188216] Hardware name: linux,dummy-virt (DT) [ 20.188276] Call trace: [ 20.188345] show_stack+0x20/0x38 (C) [ 20.188453] dump_stack_lvl+0x8c/0xd0 [ 20.188566] print_report+0x310/0x608 [ 20.188686] kasan_report+0xdc/0x128 [ 20.188779] __asan_report_load1_noabort+0x20/0x30 [ 20.188897] kasan_stack_oob+0x238/0x270 [ 20.188987] kunit_try_run_case+0x170/0x3f0 [ 20.189080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.189183] kthread+0x328/0x630 [ 20.189294] ret_from_fork+0x10/0x20 [ 20.189449] [ 20.189643] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.189910] and is located at offset 138 in frame: [ 20.190014] kasan_stack_oob+0x0/0x270 [ 20.190403] [ 20.190504] This frame has 4 objects: [ 20.190695] [48, 49) '__assertion' [ 20.190771] [64, 72) 'array' [ 20.190839] [96, 112) '__assertion' [ 20.190987] [128, 138) 'stack_array' [ 20.191221] [ 20.191335] The buggy address belongs to the virtual mapping at [ 20.191335] [ffff800080a80000, ffff800080a89000) created by: [ 20.191335] kernel_clone+0x150/0x7a8 [ 20.191607] [ 20.191686] The buggy address belongs to the physical page: [ 20.191779] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042b6 [ 20.191910] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.192070] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.192169] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.192278] page dumped because: kasan: bad access detected [ 20.192358] [ 20.192401] Memory state around the buggy address: [ 20.192499] ffff800080a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.192617] ffff800080a87b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.192708] >ffff800080a87c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.192794] ^ [ 20.192882] ffff800080a87c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.193036] ffff800080a87d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.193144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.141929] ================================================================== [ 20.142062] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.142188] Read of size 1 at addr ffff9a6058f3e48d by task kunit_try_catch/247 [ 20.142298] [ 20.142389] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.145009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.145146] Hardware name: linux,dummy-virt (DT) [ 20.145239] Call trace: [ 20.146511] show_stack+0x20/0x38 (C) [ 20.146684] dump_stack_lvl+0x8c/0xd0 [ 20.146784] print_report+0x310/0x608 [ 20.146872] kasan_report+0xdc/0x128 [ 20.146963] __asan_report_load1_noabort+0x20/0x30 [ 20.147062] kasan_global_oob_right+0x230/0x270 [ 20.147154] kunit_try_run_case+0x170/0x3f0 [ 20.147243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.147337] kthread+0x328/0x630 [ 20.147422] ret_from_fork+0x10/0x20 [ 20.147556] [ 20.147645] The buggy address belongs to the variable: [ 20.147942] global_array+0xd/0x40 [ 20.150395] [ 20.151663] The buggy address belongs to the virtual mapping at [ 20.151663] [ffff9a6057110000, ffff9a6058ff1000) created by: [ 20.151663] paging_init+0x670/0x7d0 [ 20.151864] [ 20.152130] The buggy address belongs to the physical page: [ 20.154553] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d3e [ 20.154708] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.154869] raw: 03fffe0000002000 ffffc1ffc01f4f88 ffffc1ffc01f4f88 0000000000000000 [ 20.154981] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.155065] page dumped because: kasan: bad access detected [ 20.155124] [ 20.155157] Memory state around the buggy address: [ 20.155223] ffff9a6058f3e380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.155312] ffff9a6058f3e400: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 20.155398] >ffff9a6058f3e480: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 20.155479] ^ [ 20.155567] ffff9a6058f3e500: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 20.155660] ffff9a6058f3e580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.155740] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.106550] ================================================================== [ 20.106686] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.106816] Free of addr fff00000c4284e01 by task kunit_try_catch/243 [ 20.106913] [ 20.106994] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.107178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.107242] Hardware name: linux,dummy-virt (DT) [ 20.107348] Call trace: [ 20.107398] show_stack+0x20/0x38 (C) [ 20.107519] dump_stack_lvl+0x8c/0xd0 [ 20.107664] print_report+0x118/0x608 [ 20.107764] kasan_report_invalid_free+0xc0/0xe8 [ 20.107872] check_slab_allocation+0xfc/0x108 [ 20.107971] __kasan_mempool_poison_object+0x78/0x150 [ 20.108082] mempool_free+0x28c/0x328 [ 20.108191] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.108307] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.108465] kunit_try_run_case+0x170/0x3f0 [ 20.108593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.108717] kthread+0x328/0x630 [ 20.108804] ret_from_fork+0x10/0x20 [ 20.108888] [ 20.108934] Allocated by task 243: [ 20.108987] kasan_save_stack+0x3c/0x68 [ 20.109103] kasan_save_track+0x20/0x40 [ 20.109191] kasan_save_alloc_info+0x40/0x58 [ 20.109273] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.109355] remove_element+0x130/0x1f8 [ 20.109417] mempool_alloc_preallocated+0x58/0xc0 [ 20.109507] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.109609] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.109703] kunit_try_run_case+0x170/0x3f0 [ 20.109826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.109940] kthread+0x328/0x630 [ 20.110044] ret_from_fork+0x10/0x20 [ 20.110134] [ 20.110196] The buggy address belongs to the object at fff00000c4284e00 [ 20.110196] which belongs to the cache kmalloc-128 of size 128 [ 20.110367] The buggy address is located 1 bytes inside of [ 20.110367] 128-byte region [fff00000c4284e00, fff00000c4284e80) [ 20.110506] [ 20.110559] The buggy address belongs to the physical page: [ 20.110657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104284 [ 20.110787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.110892] page_type: f5(slab) [ 20.110967] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.111097] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.111187] page dumped because: kasan: bad access detected [ 20.111258] [ 20.111297] Memory state around the buggy address: [ 20.111365] fff00000c4284d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.111468] fff00000c4284d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111602] >fff00000c4284e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.111685] ^ [ 20.111780] fff00000c4284e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111878] fff00000c4284f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.111966] ================================================================== [ 20.120944] ================================================================== [ 20.121067] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.121191] Free of addr fff00000c7ac8001 by task kunit_try_catch/245 [ 20.121289] [ 20.121371] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.121595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.121655] Hardware name: linux,dummy-virt (DT) [ 20.121724] Call trace: [ 20.121806] show_stack+0x20/0x38 (C) [ 20.121952] dump_stack_lvl+0x8c/0xd0 [ 20.122062] print_report+0x118/0x608 [ 20.122164] kasan_report_invalid_free+0xc0/0xe8 [ 20.122299] __kasan_mempool_poison_object+0xfc/0x150 [ 20.122405] mempool_free+0x28c/0x328 [ 20.122503] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.122674] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.122797] kunit_try_run_case+0x170/0x3f0 [ 20.122911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.123076] kthread+0x328/0x630 [ 20.123200] ret_from_fork+0x10/0x20 [ 20.123348] [ 20.123409] The buggy address belongs to the physical page: [ 20.123515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107ac8 [ 20.123680] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.123770] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.123863] page_type: f8(unknown) [ 20.123934] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.124030] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.124173] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.124285] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.124395] head: 0bfffe0000000002 ffffc1ffc31eb201 00000000ffffffff 00000000ffffffff [ 20.124502] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.124609] page dumped because: kasan: bad access detected [ 20.124673] [ 20.124715] Memory state around the buggy address: [ 20.124784] fff00000c7ac7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.124880] fff00000c7ac7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.124977] >fff00000c7ac8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.125065] ^ [ 20.125132] fff00000c7ac8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.125243] fff00000c7ac8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.125365] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.025072] ================================================================== [ 20.025213] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.025896] Free of addr fff00000c4284a00 by task kunit_try_catch/237 [ 20.026175] [ 20.026294] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.026720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.026790] Hardware name: linux,dummy-virt (DT) [ 20.026873] Call trace: [ 20.027102] show_stack+0x20/0x38 (C) [ 20.027467] dump_stack_lvl+0x8c/0xd0 [ 20.027738] print_report+0x118/0x608 [ 20.027859] kasan_report_invalid_free+0xc0/0xe8 [ 20.027961] check_slab_allocation+0xd4/0x108 [ 20.028362] __kasan_mempool_poison_object+0x78/0x150 [ 20.028502] mempool_free+0x28c/0x328 [ 20.028624] mempool_double_free_helper+0x150/0x2e8 [ 20.028739] mempool_kmalloc_double_free+0xc0/0x118 [ 20.028897] kunit_try_run_case+0x170/0x3f0 [ 20.029185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.029406] kthread+0x328/0x630 [ 20.029663] ret_from_fork+0x10/0x20 [ 20.029925] [ 20.030095] Allocated by task 237: [ 20.030339] kasan_save_stack+0x3c/0x68 [ 20.030468] kasan_save_track+0x20/0x40 [ 20.031025] kasan_save_alloc_info+0x40/0x58 [ 20.031428] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.031591] remove_element+0x130/0x1f8 [ 20.031689] mempool_alloc_preallocated+0x58/0xc0 [ 20.031850] mempool_double_free_helper+0x94/0x2e8 [ 20.032511] mempool_kmalloc_double_free+0xc0/0x118 [ 20.033142] kunit_try_run_case+0x170/0x3f0 [ 20.033251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.033357] kthread+0x328/0x630 [ 20.033439] ret_from_fork+0x10/0x20 [ 20.033541] [ 20.034164] Freed by task 237: [ 20.034303] kasan_save_stack+0x3c/0x68 [ 20.034584] kasan_save_track+0x20/0x40 [ 20.034883] kasan_save_free_info+0x4c/0x78 [ 20.034976] __kasan_mempool_poison_object+0xc0/0x150 [ 20.035076] mempool_free+0x28c/0x328 [ 20.035161] mempool_double_free_helper+0x100/0x2e8 [ 20.035255] mempool_kmalloc_double_free+0xc0/0x118 [ 20.035346] kunit_try_run_case+0x170/0x3f0 [ 20.035434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.035542] kthread+0x328/0x630 [ 20.035614] ret_from_fork+0x10/0x20 [ 20.035674] [ 20.035711] The buggy address belongs to the object at fff00000c4284a00 [ 20.035711] which belongs to the cache kmalloc-128 of size 128 [ 20.037246] The buggy address is located 0 bytes inside of [ 20.037246] 128-byte region [fff00000c4284a00, fff00000c4284a80) [ 20.037560] [ 20.037619] The buggy address belongs to the physical page: [ 20.037702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104284 [ 20.037877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.037985] page_type: f5(slab) [ 20.038073] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.038195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.038293] page dumped because: kasan: bad access detected [ 20.038376] [ 20.038435] Memory state around the buggy address: [ 20.038549] fff00000c4284900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.038696] fff00000c4284980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.038830] >fff00000c4284a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.038919] ^ [ 20.039002] fff00000c4284a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.039137] fff00000c4284b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.039262] ================================================================== [ 20.059279] ================================================================== [ 20.059528] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.059673] Free of addr fff00000c7a94000 by task kunit_try_catch/239 [ 20.059768] [ 20.060036] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.060266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.060339] Hardware name: linux,dummy-virt (DT) [ 20.060411] Call trace: [ 20.060467] show_stack+0x20/0x38 (C) [ 20.060605] dump_stack_lvl+0x8c/0xd0 [ 20.060716] print_report+0x118/0x608 [ 20.060823] kasan_report_invalid_free+0xc0/0xe8 [ 20.060939] __kasan_mempool_poison_object+0x14c/0x150 [ 20.061053] mempool_free+0x28c/0x328 [ 20.061167] mempool_double_free_helper+0x150/0x2e8 [ 20.061288] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.061421] kunit_try_run_case+0x170/0x3f0 [ 20.061554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.061930] kthread+0x328/0x630 [ 20.062140] ret_from_fork+0x10/0x20 [ 20.062302] [ 20.062349] The buggy address belongs to the physical page: [ 20.062425] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a94 [ 20.062569] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.062677] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.063042] page_type: f8(unknown) [ 20.063176] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.063309] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.063420] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.063548] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.063699] head: 0bfffe0000000002 ffffc1ffc31ea501 00000000ffffffff 00000000ffffffff [ 20.063798] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.064031] page dumped because: kasan: bad access detected [ 20.064105] [ 20.064166] Memory state around the buggy address: [ 20.064241] fff00000c7a93f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.064363] fff00000c7a93f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.064484] >fff00000c7a94000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.064624] ^ [ 20.064697] fff00000c7a94080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.064832] fff00000c7a94100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.064922] ================================================================== [ 20.089920] ================================================================== [ 20.090058] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.090188] Free of addr fff00000c7a94000 by task kunit_try_catch/241 [ 20.090286] [ 20.090370] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.090570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.090634] Hardware name: linux,dummy-virt (DT) [ 20.090707] Call trace: [ 20.090765] show_stack+0x20/0x38 (C) [ 20.090882] dump_stack_lvl+0x8c/0xd0 [ 20.090987] print_report+0x118/0x608 [ 20.091088] kasan_report_invalid_free+0xc0/0xe8 [ 20.091201] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.091931] mempool_free+0x24c/0x328 [ 20.092043] mempool_double_free_helper+0x150/0x2e8 [ 20.092161] mempool_page_alloc_double_free+0xbc/0x118 [ 20.092291] kunit_try_run_case+0x170/0x3f0 [ 20.092411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.092541] kthread+0x328/0x630 [ 20.092647] ret_from_fork+0x10/0x20 [ 20.092824] [ 20.092893] The buggy address belongs to the physical page: [ 20.092961] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a94 [ 20.093201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.093454] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.093701] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.093994] page dumped because: kasan: bad access detected [ 20.094077] [ 20.094122] Memory state around the buggy address: [ 20.094201] fff00000c7a93f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.094301] fff00000c7a93f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.094483] >fff00000c7a94000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.094599] ^ [ 20.094667] fff00000c7a94080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.094959] fff00000c7a94100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.095089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.859674] ================================================================== [ 17.859811] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.859928] Read of size 1 at addr fff00000c6256108 by task kunit_try_catch/186 [ 17.860024] [ 17.860104] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.860294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.860499] Hardware name: linux,dummy-virt (DT) [ 17.861008] Call trace: [ 17.861069] show_stack+0x20/0x38 (C) [ 17.861210] dump_stack_lvl+0x8c/0xd0 [ 17.861333] print_report+0x118/0x608 [ 17.861455] kasan_report+0xdc/0x128 [ 17.861613] __asan_report_load1_noabort+0x20/0x30 [ 17.861733] kmalloc_uaf+0x300/0x338 [ 17.861990] kunit_try_run_case+0x170/0x3f0 [ 17.862174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862344] kthread+0x328/0x630 [ 17.862462] ret_from_fork+0x10/0x20 [ 17.862590] [ 17.862664] Allocated by task 186: [ 17.862753] kasan_save_stack+0x3c/0x68 [ 17.862877] kasan_save_track+0x20/0x40 [ 17.862996] kasan_save_alloc_info+0x40/0x58 [ 17.863083] __kasan_kmalloc+0xd4/0xd8 [ 17.863168] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.863499] kmalloc_uaf+0xb8/0x338 [ 17.863754] kunit_try_run_case+0x170/0x3f0 [ 17.863948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.864175] kthread+0x328/0x630 [ 17.864457] ret_from_fork+0x10/0x20 [ 17.864570] [ 17.864619] Freed by task 186: [ 17.864687] kasan_save_stack+0x3c/0x68 [ 17.864768] kasan_save_track+0x20/0x40 [ 17.864951] kasan_save_free_info+0x4c/0x78 [ 17.865115] __kasan_slab_free+0x6c/0x98 [ 17.865238] kfree+0x214/0x3c8 [ 17.865418] kmalloc_uaf+0x11c/0x338 [ 17.865826] kunit_try_run_case+0x170/0x3f0 [ 17.865924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.866100] kthread+0x328/0x630 [ 17.866375] ret_from_fork+0x10/0x20 [ 17.866488] [ 17.866545] The buggy address belongs to the object at fff00000c6256100 [ 17.866545] which belongs to the cache kmalloc-16 of size 16 [ 17.866685] The buggy address is located 8 bytes inside of [ 17.866685] freed 16-byte region [fff00000c6256100, fff00000c6256110) [ 17.866826] [ 17.866874] The buggy address belongs to the physical page: [ 17.866945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.867070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.867465] page_type: f5(slab) [ 17.867646] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.868019] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.868225] page dumped because: kasan: bad access detected [ 17.868315] [ 17.868372] Memory state around the buggy address: [ 17.868459] fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.868573] fff00000c6256080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.868681] >fff00000c6256100: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868777] ^ [ 17.869218] fff00000c6256180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.869325] fff00000c6256200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.869483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.012620] ================================================================== [ 20.012773] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.012916] Read of size 1 at addr fff00000c7a94000 by task kunit_try_catch/235 [ 20.013060] [ 20.013156] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 20.013344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.013402] Hardware name: linux,dummy-virt (DT) [ 20.013479] Call trace: [ 20.013551] show_stack+0x20/0x38 (C) [ 20.013676] dump_stack_lvl+0x8c/0xd0 [ 20.013786] print_report+0x118/0x608 [ 20.013885] kasan_report+0xdc/0x128 [ 20.013987] __asan_report_load1_noabort+0x20/0x30 [ 20.014102] mempool_uaf_helper+0x314/0x340 [ 20.014209] mempool_page_alloc_uaf+0xc0/0x118 [ 20.014325] kunit_try_run_case+0x170/0x3f0 [ 20.014437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.014574] kthread+0x328/0x630 [ 20.014678] ret_from_fork+0x10/0x20 [ 20.014785] [ 20.014836] The buggy address belongs to the physical page: [ 20.014913] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a94 [ 20.015039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.015183] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.015303] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.015389] page dumped because: kasan: bad access detected [ 20.015453] [ 20.015493] Memory state around the buggy address: [ 20.015577] fff00000c7a93f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.015674] fff00000c7a93f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.015763] >fff00000c7a94000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.015854] ^ [ 20.015922] fff00000c7a94080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.016021] fff00000c7a94100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.016113] ================================================================== [ 19.935208] ================================================================== [ 19.935381] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.935504] Read of size 1 at addr fff00000c6bb8000 by task kunit_try_catch/231 [ 19.935621] [ 19.935825] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.935993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.936051] Hardware name: linux,dummy-virt (DT) [ 19.936137] Call trace: [ 19.936187] show_stack+0x20/0x38 (C) [ 19.936327] dump_stack_lvl+0x8c/0xd0 [ 19.936616] print_report+0x118/0x608 [ 19.936868] kasan_report+0xdc/0x128 [ 19.937052] __asan_report_load1_noabort+0x20/0x30 [ 19.937155] mempool_uaf_helper+0x314/0x340 [ 19.937248] mempool_kmalloc_large_uaf+0xc4/0x120 [ 19.937512] kunit_try_run_case+0x170/0x3f0 [ 19.937708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.937847] kthread+0x328/0x630 [ 19.937943] ret_from_fork+0x10/0x20 [ 19.938048] [ 19.938096] The buggy address belongs to the physical page: [ 19.938169] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bb8 [ 19.938438] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.938641] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.938806] page_type: f8(unknown) [ 19.938902] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.939004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.939113] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.939222] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.939588] head: 0bfffe0000000002 ffffc1ffc31aee01 00000000ffffffff 00000000ffffffff [ 19.939714] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.939807] page dumped because: kasan: bad access detected [ 19.939869] [ 19.939907] Memory state around the buggy address: [ 19.939964] fff00000c6bb7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.940069] fff00000c6bb7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.940197] >fff00000c6bb8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.940289] ^ [ 19.940350] fff00000c6bb8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.940445] fff00000c6bb8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.940545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.961821] ================================================================== [ 19.961979] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.962125] Read of size 1 at addr fff00000c42ab240 by task kunit_try_catch/233 [ 19.962243] [ 19.962324] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.962762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.962849] Hardware name: linux,dummy-virt (DT) [ 19.962926] Call trace: [ 19.962984] show_stack+0x20/0x38 (C) [ 19.963101] dump_stack_lvl+0x8c/0xd0 [ 19.963205] print_report+0x118/0x608 [ 19.963299] kasan_report+0xdc/0x128 [ 19.963441] __asan_report_load1_noabort+0x20/0x30 [ 19.963553] mempool_uaf_helper+0x314/0x340 [ 19.963655] mempool_slab_uaf+0xc0/0x118 [ 19.963951] kunit_try_run_case+0x170/0x3f0 [ 19.964054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.964180] kthread+0x328/0x630 [ 19.964465] ret_from_fork+0x10/0x20 [ 19.964638] [ 19.964816] Allocated by task 233: [ 19.964895] kasan_save_stack+0x3c/0x68 [ 19.965124] kasan_save_track+0x20/0x40 [ 19.965350] kasan_save_alloc_info+0x40/0x58 [ 19.965440] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.965783] remove_element+0x16c/0x1f8 [ 19.965907] mempool_alloc_preallocated+0x58/0xc0 [ 19.965967] mempool_uaf_helper+0xa4/0x340 [ 19.966011] mempool_slab_uaf+0xc0/0x118 [ 19.966048] kunit_try_run_case+0x170/0x3f0 [ 19.966088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.966133] kthread+0x328/0x630 [ 19.966170] ret_from_fork+0x10/0x20 [ 19.966205] [ 19.966229] Freed by task 233: [ 19.966258] kasan_save_stack+0x3c/0x68 [ 19.966296] kasan_save_track+0x20/0x40 [ 19.966332] kasan_save_free_info+0x4c/0x78 [ 19.966373] __kasan_mempool_poison_object+0xc0/0x150 [ 19.966415] mempool_free+0x28c/0x328 [ 19.966452] mempool_uaf_helper+0x104/0x340 [ 19.966491] mempool_slab_uaf+0xc0/0x118 [ 19.966527] kunit_try_run_case+0x170/0x3f0 [ 19.966583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.966629] kthread+0x328/0x630 [ 19.966665] ret_from_fork+0x10/0x20 [ 19.966701] [ 19.966724] The buggy address belongs to the object at fff00000c42ab240 [ 19.966724] which belongs to the cache test_cache of size 123 [ 19.966786] The buggy address is located 0 bytes inside of [ 19.966786] freed 123-byte region [fff00000c42ab240, fff00000c42ab2bb) [ 19.966846] [ 19.966870] The buggy address belongs to the physical page: [ 19.966903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1042ab [ 19.966959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.967013] page_type: f5(slab) [ 19.967055] raw: 0bfffe0000000000 fff00000c405d780 dead000000000122 0000000000000000 [ 19.967107] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.967148] page dumped because: kasan: bad access detected [ 19.967179] [ 19.967198] Memory state around the buggy address: [ 19.967230] fff00000c42ab100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.967272] fff00000c42ab180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.967313] >fff00000c42ab200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.967361] ^ [ 19.967566] fff00000c42ab280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.967812] fff00000c42ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968018] ================================================================== [ 19.904214] ================================================================== [ 19.904413] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.904640] Read of size 1 at addr fff00000c4284600 by task kunit_try_catch/229 [ 19.904793] [ 19.904928] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.905198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.905270] Hardware name: linux,dummy-virt (DT) [ 19.905341] Call trace: [ 19.905418] show_stack+0x20/0x38 (C) [ 19.905618] dump_stack_lvl+0x8c/0xd0 [ 19.905738] print_report+0x118/0x608 [ 19.906185] kasan_report+0xdc/0x128 [ 19.906372] __asan_report_load1_noabort+0x20/0x30 [ 19.906594] mempool_uaf_helper+0x314/0x340 [ 19.906835] mempool_kmalloc_uaf+0xc4/0x120 [ 19.907133] kunit_try_run_case+0x170/0x3f0 [ 19.907248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.907353] kthread+0x328/0x630 [ 19.907507] ret_from_fork+0x10/0x20 [ 19.907763] [ 19.907830] Allocated by task 229: [ 19.907997] kasan_save_stack+0x3c/0x68 [ 19.908182] kasan_save_track+0x20/0x40 [ 19.908308] kasan_save_alloc_info+0x40/0x58 [ 19.908694] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.908803] remove_element+0x130/0x1f8 [ 19.908943] mempool_alloc_preallocated+0x58/0xc0 [ 19.909109] mempool_uaf_helper+0xa4/0x340 [ 19.909308] mempool_kmalloc_uaf+0xc4/0x120 [ 19.909506] kunit_try_run_case+0x170/0x3f0 [ 19.909666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.909828] kthread+0x328/0x630 [ 19.909897] ret_from_fork+0x10/0x20 [ 19.909962] [ 19.910005] Freed by task 229: [ 19.910060] kasan_save_stack+0x3c/0x68 [ 19.910127] kasan_save_track+0x20/0x40 [ 19.910583] kasan_save_free_info+0x4c/0x78 [ 19.910838] __kasan_mempool_poison_object+0xc0/0x150 [ 19.911053] mempool_free+0x28c/0x328 [ 19.911397] mempool_uaf_helper+0x104/0x340 [ 19.911610] mempool_kmalloc_uaf+0xc4/0x120 [ 19.911781] kunit_try_run_case+0x170/0x3f0 [ 19.912006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.912124] kthread+0x328/0x630 [ 19.912342] ret_from_fork+0x10/0x20 [ 19.912459] [ 19.912725] The buggy address belongs to the object at fff00000c4284600 [ 19.912725] which belongs to the cache kmalloc-128 of size 128 [ 19.912896] The buggy address is located 0 bytes inside of [ 19.912896] freed 128-byte region [fff00000c4284600, fff00000c4284680) [ 19.913113] [ 19.913186] The buggy address belongs to the physical page: [ 19.913388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104284 [ 19.913623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.913976] page_type: f5(slab) [ 19.914099] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.914338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.914474] page dumped because: kasan: bad access detected [ 19.914666] [ 19.914724] Memory state around the buggy address: [ 19.914825] fff00000c4284500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.914921] fff00000c4284580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.915009] >fff00000c4284600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.915098] ^ [ 19.915470] fff00000c4284680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.915657] fff00000c4284700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.915843] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.813735] ================================================================== [ 19.813854] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.813950] Read of size 1 at addr fff00000c4284273 by task kunit_try_catch/223 [ 19.814002] [ 19.814059] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.814149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.814180] Hardware name: linux,dummy-virt (DT) [ 19.814213] Call trace: [ 19.814246] show_stack+0x20/0x38 (C) [ 19.814303] dump_stack_lvl+0x8c/0xd0 [ 19.814354] print_report+0x118/0x608 [ 19.814397] kasan_report+0xdc/0x128 [ 19.814439] __asan_report_load1_noabort+0x20/0x30 [ 19.814489] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.814564] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.814620] kunit_try_run_case+0x170/0x3f0 [ 19.814672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.814724] kthread+0x328/0x630 [ 19.814772] ret_from_fork+0x10/0x20 [ 19.814821] [ 19.814841] Allocated by task 223: [ 19.814872] kasan_save_stack+0x3c/0x68 [ 19.814915] kasan_save_track+0x20/0x40 [ 19.814952] kasan_save_alloc_info+0x40/0x58 [ 19.814989] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.815030] remove_element+0x130/0x1f8 [ 19.815069] mempool_alloc_preallocated+0x58/0xc0 [ 19.815110] mempool_oob_right_helper+0x98/0x2f0 [ 19.815152] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.815191] kunit_try_run_case+0x170/0x3f0 [ 19.815230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.815274] kthread+0x328/0x630 [ 19.815371] ret_from_fork+0x10/0x20 [ 19.815441] [ 19.815506] The buggy address belongs to the object at fff00000c4284200 [ 19.815506] which belongs to the cache kmalloc-128 of size 128 [ 19.815645] The buggy address is located 0 bytes to the right of [ 19.815645] allocated 115-byte region [fff00000c4284200, fff00000c4284273) [ 19.815730] [ 19.815756] The buggy address belongs to the physical page: [ 19.815791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104284 [ 19.815849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.815902] page_type: f5(slab) [ 19.815945] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.815994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.816035] page dumped because: kasan: bad access detected [ 19.816065] [ 19.816082] Memory state around the buggy address: [ 19.816118] fff00000c4284100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.816162] fff00000c4284180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.816206] >fff00000c4284200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.816246] ^ [ 19.816287] fff00000c4284280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.816331] fff00000c4284300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.816370] ================================================================== [ 19.857368] ================================================================== [ 19.857567] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.858009] Read of size 1 at addr fff00000c62a42bb by task kunit_try_catch/227 [ 19.858140] [ 19.858840] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.859553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.859911] Hardware name: linux,dummy-virt (DT) [ 19.860047] Call trace: [ 19.860205] show_stack+0x20/0x38 (C) [ 19.860363] dump_stack_lvl+0x8c/0xd0 [ 19.860604] print_report+0x118/0x608 [ 19.860710] kasan_report+0xdc/0x128 [ 19.860810] __asan_report_load1_noabort+0x20/0x30 [ 19.861068] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.861834] mempool_slab_oob_right+0xc0/0x118 [ 19.862542] kunit_try_run_case+0x170/0x3f0 [ 19.863047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.863352] kthread+0x328/0x630 [ 19.863441] ret_from_fork+0x10/0x20 [ 19.863548] [ 19.863589] Allocated by task 227: [ 19.864366] kasan_save_stack+0x3c/0x68 [ 19.864685] kasan_save_track+0x20/0x40 [ 19.864905] kasan_save_alloc_info+0x40/0x58 [ 19.865041] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.865142] remove_element+0x16c/0x1f8 [ 19.865228] mempool_alloc_preallocated+0x58/0xc0 [ 19.865314] mempool_oob_right_helper+0x98/0x2f0 [ 19.865399] mempool_slab_oob_right+0xc0/0x118 [ 19.865499] kunit_try_run_case+0x170/0x3f0 [ 19.866737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.867090] kthread+0x328/0x630 [ 19.867221] ret_from_fork+0x10/0x20 [ 19.867492] [ 19.867690] The buggy address belongs to the object at fff00000c62a4240 [ 19.867690] which belongs to the cache test_cache of size 123 [ 19.868094] The buggy address is located 0 bytes to the right of [ 19.868094] allocated 123-byte region [fff00000c62a4240, fff00000c62a42bb) [ 19.868256] [ 19.868306] The buggy address belongs to the physical page: [ 19.868375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062a4 [ 19.868487] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.868943] page_type: f5(slab) [ 19.869192] raw: 0bfffe0000000000 fff00000c405d640 dead000000000122 0000000000000000 [ 19.869432] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.869569] page dumped because: kasan: bad access detected [ 19.869904] [ 19.869969] Memory state around the buggy address: [ 19.870172] fff00000c62a4180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.870466] fff00000c62a4200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.870730] >fff00000c62a4280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.870826] ^ [ 19.870915] fff00000c62a4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.871521] fff00000c62a4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.871727] ================================================================== [ 19.828755] ================================================================== [ 19.828910] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.829114] Read of size 1 at addr fff00000c6bb6001 by task kunit_try_catch/225 [ 19.829276] [ 19.829370] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.829670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.829744] Hardware name: linux,dummy-virt (DT) [ 19.830028] Call trace: [ 19.830396] show_stack+0x20/0x38 (C) [ 19.830565] dump_stack_lvl+0x8c/0xd0 [ 19.830661] print_report+0x118/0x608 [ 19.830970] kasan_report+0xdc/0x128 [ 19.831250] __asan_report_load1_noabort+0x20/0x30 [ 19.831365] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.831496] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 19.831670] kunit_try_run_case+0x170/0x3f0 [ 19.831823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831963] kthread+0x328/0x630 [ 19.832081] ret_from_fork+0x10/0x20 [ 19.832223] [ 19.832294] The buggy address belongs to the physical page: [ 19.832399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bb4 [ 19.832567] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.832665] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.832848] page_type: f8(unknown) [ 19.833037] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.833137] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.833542] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.833706] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.833827] head: 0bfffe0000000002 ffffc1ffc31aed01 00000000ffffffff 00000000ffffffff [ 19.833944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.834040] page dumped because: kasan: bad access detected [ 19.834111] [ 19.834150] Memory state around the buggy address: [ 19.834235] fff00000c6bb5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.834358] fff00000c6bb5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.834556] >fff00000c6bb6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.834807] ^ [ 19.834907] fff00000c6bb6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.835075] fff00000c6bb6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.835164] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.208247] ================================================================== [ 19.208496] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.208696] Read of size 1 at addr fff00000c405d3c0 by task kunit_try_catch/217 [ 19.209284] [ 19.209396] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.210376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.210488] Hardware name: linux,dummy-virt (DT) [ 19.210693] Call trace: [ 19.210962] show_stack+0x20/0x38 (C) [ 19.211314] dump_stack_lvl+0x8c/0xd0 [ 19.211523] print_report+0x118/0x608 [ 19.211636] kasan_report+0xdc/0x128 [ 19.211721] __kasan_check_byte+0x54/0x70 [ 19.211812] kmem_cache_destroy+0x34/0x218 [ 19.211899] kmem_cache_double_destroy+0x174/0x300 [ 19.212001] kunit_try_run_case+0x170/0x3f0 [ 19.212105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.212634] kthread+0x328/0x630 [ 19.213187] ret_from_fork+0x10/0x20 [ 19.213419] [ 19.213830] Allocated by task 217: [ 19.213949] kasan_save_stack+0x3c/0x68 [ 19.214139] kasan_save_track+0x20/0x40 [ 19.214234] kasan_save_alloc_info+0x40/0x58 [ 19.214546] __kasan_slab_alloc+0xa8/0xb0 [ 19.214740] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 19.214845] __kmem_cache_create_args+0x178/0x280 [ 19.214951] kmem_cache_double_destroy+0xc0/0x300 [ 19.215048] kunit_try_run_case+0x170/0x3f0 [ 19.215569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.216045] kthread+0x328/0x630 [ 19.216147] ret_from_fork+0x10/0x20 [ 19.216320] [ 19.216365] Freed by task 217: [ 19.216427] kasan_save_stack+0x3c/0x68 [ 19.216869] kasan_save_track+0x20/0x40 [ 19.216958] kasan_save_free_info+0x4c/0x78 [ 19.217500] __kasan_slab_free+0x6c/0x98 [ 19.217830] kmem_cache_free+0x260/0x470 [ 19.217930] slab_kmem_cache_release+0x38/0x50 [ 19.218242] kmem_cache_release+0x1c/0x30 [ 19.218557] kobject_put+0x17c/0x430 [ 19.218819] sysfs_slab_release+0x1c/0x30 [ 19.219115] kmem_cache_destroy+0x118/0x218 [ 19.219527] kmem_cache_double_destroy+0x128/0x300 [ 19.219843] kunit_try_run_case+0x170/0x3f0 [ 19.219936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.220021] kthread+0x328/0x630 [ 19.220092] ret_from_fork+0x10/0x20 [ 19.220170] [ 19.220574] The buggy address belongs to the object at fff00000c405d3c0 [ 19.220574] which belongs to the cache kmem_cache of size 208 [ 19.220782] The buggy address is located 0 bytes inside of [ 19.220782] freed 208-byte region [fff00000c405d3c0, fff00000c405d490) [ 19.221311] [ 19.221386] The buggy address belongs to the physical page: [ 19.221494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10405d [ 19.221647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.222193] page_type: f5(slab) [ 19.222305] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.222856] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.223088] page dumped because: kasan: bad access detected [ 19.223313] [ 19.223368] Memory state around the buggy address: [ 19.223453] fff00000c405d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.223570] fff00000c405d300: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 19.223661] >fff00000c405d380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.224005] ^ [ 19.224576] fff00000c405d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.224702] fff00000c405d480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.225510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.096687] ================================================================== [ 19.096812] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.096902] Read of size 1 at addr fff00000c5d5f000 by task kunit_try_catch/215 [ 19.096957] [ 19.097018] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 19.097111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.097142] Hardware name: linux,dummy-virt (DT) [ 19.097200] Call trace: [ 19.097232] show_stack+0x20/0x38 (C) [ 19.097292] dump_stack_lvl+0x8c/0xd0 [ 19.097343] print_report+0x118/0x608 [ 19.097390] kasan_report+0xdc/0x128 [ 19.097436] __asan_report_load1_noabort+0x20/0x30 [ 19.097506] kmem_cache_rcu_uaf+0x388/0x468 [ 19.097611] kunit_try_run_case+0x170/0x3f0 [ 19.097663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.098065] kthread+0x328/0x630 [ 19.098120] ret_from_fork+0x10/0x20 [ 19.098174] [ 19.098193] Allocated by task 215: [ 19.098740] kasan_save_stack+0x3c/0x68 [ 19.098821] kasan_save_track+0x20/0x40 [ 19.098863] kasan_save_alloc_info+0x40/0x58 [ 19.098915] __kasan_slab_alloc+0xa8/0xb0 [ 19.098954] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 19.098994] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.099033] kunit_try_run_case+0x170/0x3f0 [ 19.099071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.099114] kthread+0x328/0x630 [ 19.099150] ret_from_fork+0x10/0x20 [ 19.099185] [ 19.099207] Freed by task 0: [ 19.099237] kasan_save_stack+0x3c/0x68 [ 19.099274] kasan_save_track+0x20/0x40 [ 19.099321] kasan_save_free_info+0x4c/0x78 [ 19.099359] __kasan_slab_free+0x6c/0x98 [ 19.099393] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.099432] rcu_core+0x9f4/0x1e20 [ 19.099466] rcu_core_si+0x18/0x30 [ 19.099500] handle_softirqs+0x374/0xb28 [ 19.099548] __do_softirq+0x1c/0x28 [ 19.099585] [ 19.099606] Last potentially related work creation: [ 19.099633] kasan_save_stack+0x3c/0x68 [ 19.099669] kasan_record_aux_stack+0xb4/0xc8 [ 19.100158] kmem_cache_free+0x120/0x470 [ 19.100227] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.100269] kunit_try_run_case+0x170/0x3f0 [ 19.100309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.100352] kthread+0x328/0x630 [ 19.100387] ret_from_fork+0x10/0x20 [ 19.100423] [ 19.100444] The buggy address belongs to the object at fff00000c5d5f000 [ 19.100444] which belongs to the cache test_cache of size 200 [ 19.100507] The buggy address is located 0 bytes inside of [ 19.100507] freed 200-byte region [fff00000c5d5f000, fff00000c5d5f0c8) [ 19.100580] [ 19.100605] The buggy address belongs to the physical page: [ 19.100636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d5f [ 19.100694] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.100754] page_type: f5(slab) [ 19.100798] raw: 0bfffe0000000000 fff00000c1288780 dead000000000122 0000000000000000 [ 19.100849] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.100892] page dumped because: kasan: bad access detected [ 19.100923] [ 19.100940] Memory state around the buggy address: [ 19.100975] fff00000c5d5ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.101020] fff00000c5d5ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.101323] >fff00000c5d5f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.101387] ^ [ 19.101421] fff00000c5d5f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.101474] fff00000c5d5f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.101527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.602643] ================================================================== [ 18.602740] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.602823] Free of addr fff00000c62b6001 by task kunit_try_catch/213 [ 18.602885] [ 18.602951] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.603041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.603068] Hardware name: linux,dummy-virt (DT) [ 18.603103] Call trace: [ 18.603132] show_stack+0x20/0x38 (C) [ 18.603239] dump_stack_lvl+0x8c/0xd0 [ 18.603319] print_report+0x118/0x608 [ 18.603422] kasan_report_invalid_free+0xc0/0xe8 [ 18.603472] check_slab_allocation+0xfc/0x108 [ 18.603517] __kasan_slab_pre_free+0x2c/0x48 [ 18.603578] kmem_cache_free+0xf0/0x470 [ 18.603635] kmem_cache_invalid_free+0x184/0x3c8 [ 18.603699] kunit_try_run_case+0x170/0x3f0 [ 18.603752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.603806] kthread+0x328/0x630 [ 18.603878] ret_from_fork+0x10/0x20 [ 18.603931] [ 18.603949] Allocated by task 213: [ 18.604060] kasan_save_stack+0x3c/0x68 [ 18.604121] kasan_save_track+0x20/0x40 [ 18.604174] kasan_save_alloc_info+0x40/0x58 [ 18.604318] __kasan_slab_alloc+0xa8/0xb0 [ 18.604358] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 18.604409] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.604501] kunit_try_run_case+0x170/0x3f0 [ 18.604564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.604609] kthread+0x328/0x630 [ 18.604643] ret_from_fork+0x10/0x20 [ 18.604678] [ 18.604709] The buggy address belongs to the object at fff00000c62b6000 [ 18.604709] which belongs to the cache test_cache of size 200 [ 18.604779] The buggy address is located 1 bytes inside of [ 18.604779] 200-byte region [fff00000c62b6000, fff00000c62b60c8) [ 18.604918] [ 18.604951] The buggy address belongs to the physical page: [ 18.605011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062b6 [ 18.605157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.605214] page_type: f5(slab) [ 18.605259] raw: 0bfffe0000000000 fff00000c1288640 dead000000000122 0000000000000000 [ 18.605308] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.605349] page dumped because: kasan: bad access detected [ 18.605378] [ 18.605410] Memory state around the buggy address: [ 18.605446] fff00000c62b5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.605500] fff00000c62b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.605565] >fff00000c62b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.605606] ^ [ 18.605709] fff00000c62b6080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.605753] fff00000c62b6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.605813] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.563227] ================================================================== [ 18.563354] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.563489] Free of addr fff00000c62d9000 by task kunit_try_catch/211 [ 18.563630] [ 18.563807] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.563942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.563974] Hardware name: linux,dummy-virt (DT) [ 18.564011] Call trace: [ 18.564042] show_stack+0x20/0x38 (C) [ 18.564102] dump_stack_lvl+0x8c/0xd0 [ 18.564153] print_report+0x118/0x608 [ 18.564202] kasan_report_invalid_free+0xc0/0xe8 [ 18.564249] check_slab_allocation+0xd4/0x108 [ 18.564296] __kasan_slab_pre_free+0x2c/0x48 [ 18.564344] kmem_cache_free+0xf0/0x470 [ 18.564388] kmem_cache_double_free+0x190/0x3c8 [ 18.564439] kunit_try_run_case+0x170/0x3f0 [ 18.564490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.564560] kthread+0x328/0x630 [ 18.564613] ret_from_fork+0x10/0x20 [ 18.564664] [ 18.564684] Allocated by task 211: [ 18.564716] kasan_save_stack+0x3c/0x68 [ 18.564757] kasan_save_track+0x20/0x40 [ 18.564794] kasan_save_alloc_info+0x40/0x58 [ 18.565291] __kasan_slab_alloc+0xa8/0xb0 [ 18.565384] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 18.565776] kmem_cache_double_free+0x12c/0x3c8 [ 18.565878] kunit_try_run_case+0x170/0x3f0 [ 18.565936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.565986] kthread+0x328/0x630 [ 18.566031] ret_from_fork+0x10/0x20 [ 18.566074] [ 18.566095] Freed by task 211: [ 18.566128] kasan_save_stack+0x3c/0x68 [ 18.566392] kasan_save_track+0x20/0x40 [ 18.566441] kasan_save_free_info+0x4c/0x78 [ 18.566479] __kasan_slab_free+0x6c/0x98 [ 18.566656] kmem_cache_free+0x260/0x470 [ 18.566716] kmem_cache_double_free+0x140/0x3c8 [ 18.566760] kunit_try_run_case+0x170/0x3f0 [ 18.567025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.567194] kthread+0x328/0x630 [ 18.567336] ret_from_fork+0x10/0x20 [ 18.567385] [ 18.567425] The buggy address belongs to the object at fff00000c62d9000 [ 18.567425] which belongs to the cache test_cache of size 200 [ 18.567640] The buggy address is located 0 bytes inside of [ 18.567640] 200-byte region [fff00000c62d9000, fff00000c62d90c8) [ 18.567713] [ 18.567839] The buggy address belongs to the physical page: [ 18.567878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d9 [ 18.568081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.568150] page_type: f5(slab) [ 18.568486] raw: 0bfffe0000000000 fff00000c1288500 dead000000000122 0000000000000000 [ 18.568819] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.568888] page dumped because: kasan: bad access detected [ 18.568932] [ 18.568966] Memory state around the buggy address: [ 18.569005] fff00000c62d8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569185] fff00000c62d8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569346] >fff00000c62d9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.569394] ^ [ 18.569577] fff00000c62d9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.569736] fff00000c62d9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.373713] ================================================================== [ 18.373892] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.374030] Read of size 1 at addr fff00000c427d0c8 by task kunit_try_catch/209 [ 18.374150] [ 18.374240] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.375631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.375737] Hardware name: linux,dummy-virt (DT) [ 18.375817] Call trace: [ 18.375873] show_stack+0x20/0x38 (C) [ 18.375980] dump_stack_lvl+0x8c/0xd0 [ 18.376059] print_report+0x118/0x608 [ 18.376141] kasan_report+0xdc/0x128 [ 18.376700] __asan_report_load1_noabort+0x20/0x30 [ 18.376860] kmem_cache_oob+0x344/0x430 [ 18.376968] kunit_try_run_case+0x170/0x3f0 [ 18.377115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.377272] kthread+0x328/0x630 [ 18.377378] ret_from_fork+0x10/0x20 [ 18.377491] [ 18.377541] Allocated by task 209: [ 18.377620] kasan_save_stack+0x3c/0x68 [ 18.377741] kasan_save_track+0x20/0x40 [ 18.377819] kasan_save_alloc_info+0x40/0x58 [ 18.377921] __kasan_slab_alloc+0xa8/0xb0 [ 18.378008] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 18.378125] kmem_cache_oob+0x12c/0x430 [ 18.378243] kunit_try_run_case+0x170/0x3f0 [ 18.378328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.378423] kthread+0x328/0x630 [ 18.378504] ret_from_fork+0x10/0x20 [ 18.378587] [ 18.378626] The buggy address belongs to the object at fff00000c427d000 [ 18.378626] which belongs to the cache test_cache of size 200 [ 18.378750] The buggy address is located 0 bytes to the right of [ 18.378750] allocated 200-byte region [fff00000c427d000, fff00000c427d0c8) [ 18.378890] [ 18.378942] The buggy address belongs to the physical page: [ 18.379013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10427d [ 18.379143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.379264] page_type: f5(slab) [ 18.379357] raw: 0bfffe0000000000 fff00000c12883c0 dead000000000122 0000000000000000 [ 18.379458] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.379618] page dumped because: kasan: bad access detected [ 18.379690] [ 18.379729] Memory state around the buggy address: [ 18.379814] fff00000c427cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.379945] fff00000c427d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.380058] >fff00000c427d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.380135] ^ [ 18.380209] fff00000c427d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.380293] fff00000c427d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.380393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.309168] ================================================================== [ 18.309344] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.309487] Read of size 8 at addr fff00000c62b9ec0 by task kunit_try_catch/202 [ 18.309636] [ 18.309719] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 18.309881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.309930] Hardware name: linux,dummy-virt (DT) [ 18.309990] Call trace: [ 18.310067] show_stack+0x20/0x38 (C) [ 18.310202] dump_stack_lvl+0x8c/0xd0 [ 18.310288] print_report+0x118/0x608 [ 18.310391] kasan_report+0xdc/0x128 [ 18.310489] __asan_report_load8_noabort+0x20/0x30 [ 18.310596] workqueue_uaf+0x480/0x4a8 [ 18.310692] kunit_try_run_case+0x170/0x3f0 [ 18.310776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.310881] kthread+0x328/0x630 [ 18.311010] ret_from_fork+0x10/0x20 [ 18.311165] [ 18.311222] Allocated by task 202: [ 18.311396] kasan_save_stack+0x3c/0x68 [ 18.311504] kasan_save_track+0x20/0x40 [ 18.311628] kasan_save_alloc_info+0x40/0x58 [ 18.311783] __kasan_kmalloc+0xd4/0xd8 [ 18.311916] __kmalloc_cache_noprof+0x15c/0x3c0 [ 18.312004] workqueue_uaf+0x13c/0x4a8 [ 18.312075] kunit_try_run_case+0x170/0x3f0 [ 18.312139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.312215] kthread+0x328/0x630 [ 18.312281] ret_from_fork+0x10/0x20 [ 18.312360] [ 18.312402] Freed by task 50: [ 18.312461] kasan_save_stack+0x3c/0x68 [ 18.312550] kasan_save_track+0x20/0x40 [ 18.312633] kasan_save_free_info+0x4c/0x78 [ 18.312715] __kasan_slab_free+0x6c/0x98 [ 18.312788] kfree+0x214/0x3c8 [ 18.312862] workqueue_uaf_work+0x18/0x30 [ 18.312940] process_one_work+0x530/0xf98 [ 18.313016] worker_thread+0x8ac/0xf28 [ 18.313090] kthread+0x328/0x630 [ 18.313165] ret_from_fork+0x10/0x20 [ 18.313246] [ 18.313741] Last potentially related work creation: [ 18.313979] kasan_save_stack+0x3c/0x68 [ 18.314372] kasan_record_aux_stack+0xb4/0xc8 [ 18.314756] __queue_work+0x65c/0x1010 [ 18.314958] queue_work_on+0xbc/0xf8 [ 18.315250] workqueue_uaf+0x210/0x4a8 [ 18.315329] kunit_try_run_case+0x170/0x3f0 [ 18.315471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.315645] kthread+0x328/0x630 [ 18.315783] ret_from_fork+0x10/0x20 [ 18.315989] [ 18.316141] The buggy address belongs to the object at fff00000c62b9ec0 [ 18.316141] which belongs to the cache kmalloc-32 of size 32 [ 18.316407] The buggy address is located 0 bytes inside of [ 18.316407] freed 32-byte region [fff00000c62b9ec0, fff00000c62b9ee0) [ 18.316735] [ 18.316791] The buggy address belongs to the physical page: [ 18.316864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062b9 [ 18.317045] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.317276] page_type: f5(slab) [ 18.317496] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.317783] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.317879] page dumped because: kasan: bad access detected [ 18.317952] [ 18.318234] Memory state around the buggy address: [ 18.318486] fff00000c62b9d80: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 18.318598] fff00000c62b9e00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.318697] >fff00000c62b9e80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 18.318783] ^ [ 18.318864] fff00000c62b9f00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318951] fff00000c62b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.319391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.968723] ================================================================== [ 17.968881] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.968987] Free of addr fff00000c6256120 by task kunit_try_catch/194 [ 17.969082] [ 17.969159] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.971463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.971585] Hardware name: linux,dummy-virt (DT) [ 17.971666] Call trace: [ 17.971753] show_stack+0x20/0x38 (C) [ 17.972186] dump_stack_lvl+0x8c/0xd0 [ 17.972306] print_report+0x118/0x608 [ 17.972647] kasan_report_invalid_free+0xc0/0xe8 [ 17.973207] check_slab_allocation+0xd4/0x108 [ 17.973422] __kasan_slab_pre_free+0x2c/0x48 [ 17.973617] kfree+0xe8/0x3c8 [ 17.973735] kfree_sensitive+0x3c/0xb0 [ 17.974025] kmalloc_double_kzfree+0x168/0x308 [ 17.974684] kunit_try_run_case+0x170/0x3f0 [ 17.975006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.975343] kthread+0x328/0x630 [ 17.975460] ret_from_fork+0x10/0x20 [ 17.975563] [ 17.975600] Allocated by task 194: [ 17.975658] kasan_save_stack+0x3c/0x68 [ 17.975746] kasan_save_track+0x20/0x40 [ 17.976232] kasan_save_alloc_info+0x40/0x58 [ 17.976693] __kasan_kmalloc+0xd4/0xd8 [ 17.976797] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.977224] kmalloc_double_kzfree+0xb8/0x308 [ 17.977375] kunit_try_run_case+0x170/0x3f0 [ 17.977478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.977954] kthread+0x328/0x630 [ 17.978043] ret_from_fork+0x10/0x20 [ 17.978162] [ 17.978268] Freed by task 194: [ 17.978832] kasan_save_stack+0x3c/0x68 [ 17.978939] kasan_save_track+0x20/0x40 [ 17.979264] kasan_save_free_info+0x4c/0x78 [ 17.979607] __kasan_slab_free+0x6c/0x98 [ 17.979676] kfree+0x214/0x3c8 [ 17.979752] kfree_sensitive+0x80/0xb0 [ 17.980668] kmalloc_double_kzfree+0x11c/0x308 [ 17.981086] kunit_try_run_case+0x170/0x3f0 [ 17.981618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.982250] kthread+0x328/0x630 [ 17.982351] ret_from_fork+0x10/0x20 [ 17.982438] [ 17.982484] The buggy address belongs to the object at fff00000c6256120 [ 17.982484] which belongs to the cache kmalloc-16 of size 16 [ 17.983688] The buggy address is located 0 bytes inside of [ 17.983688] 16-byte region [fff00000c6256120, fff00000c6256130) [ 17.983883] [ 17.984471] The buggy address belongs to the physical page: [ 17.984599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.985132] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.985477] page_type: f5(slab) [ 17.986216] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.986476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.986591] page dumped because: kasan: bad access detected [ 17.986669] [ 17.987361] Memory state around the buggy address: [ 17.987749] fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.987846] fff00000c6256080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.987922] >fff00000c6256100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.988000] ^ [ 17.988067] fff00000c6256180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.988809] fff00000c6256200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.989761] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.958142] ================================================================== [ 17.958292] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.958429] Read of size 1 at addr fff00000c6256120 by task kunit_try_catch/194 [ 17.958557] [ 17.958638] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.959109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.959285] Hardware name: linux,dummy-virt (DT) [ 17.959482] Call trace: [ 17.959636] show_stack+0x20/0x38 (C) [ 17.959774] dump_stack_lvl+0x8c/0xd0 [ 17.959871] print_report+0x118/0x608 [ 17.960179] kasan_report+0xdc/0x128 [ 17.960274] __kasan_check_byte+0x54/0x70 [ 17.960359] kfree_sensitive+0x30/0xb0 [ 17.960448] kmalloc_double_kzfree+0x168/0x308 [ 17.960594] kunit_try_run_case+0x170/0x3f0 [ 17.960725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.960848] kthread+0x328/0x630 [ 17.960949] ret_from_fork+0x10/0x20 [ 17.961078] [ 17.961136] Allocated by task 194: [ 17.961230] kasan_save_stack+0x3c/0x68 [ 17.961328] kasan_save_track+0x20/0x40 [ 17.961433] kasan_save_alloc_info+0x40/0x58 [ 17.961554] __kasan_kmalloc+0xd4/0xd8 [ 17.961636] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.961820] kmalloc_double_kzfree+0xb8/0x308 [ 17.962113] kunit_try_run_case+0x170/0x3f0 [ 17.962249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.962353] kthread+0x328/0x630 [ 17.962471] ret_from_fork+0x10/0x20 [ 17.962621] [ 17.962710] Freed by task 194: [ 17.962775] kasan_save_stack+0x3c/0x68 [ 17.962857] kasan_save_track+0x20/0x40 [ 17.962939] kasan_save_free_info+0x4c/0x78 [ 17.963031] __kasan_slab_free+0x6c/0x98 [ 17.963114] kfree+0x214/0x3c8 [ 17.963247] kfree_sensitive+0x80/0xb0 [ 17.963331] kmalloc_double_kzfree+0x11c/0x308 [ 17.963423] kunit_try_run_case+0x170/0x3f0 [ 17.963510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.963624] kthread+0x328/0x630 [ 17.963704] ret_from_fork+0x10/0x20 [ 17.963786] [ 17.963830] The buggy address belongs to the object at fff00000c6256120 [ 17.963830] which belongs to the cache kmalloc-16 of size 16 [ 17.963966] The buggy address is located 0 bytes inside of [ 17.963966] freed 16-byte region [fff00000c6256120, fff00000c6256130) [ 17.964104] [ 17.964164] The buggy address belongs to the physical page: [ 17.964257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.964395] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.964977] page_type: f5(slab) [ 17.965198] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.965491] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.965640] page dumped because: kasan: bad access detected [ 17.965720] [ 17.965769] Memory state around the buggy address: [ 17.965862] fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.966045] fff00000c6256080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.966133] >fff00000c6256100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.966349] ^ [ 17.966558] fff00000c6256180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.966932] fff00000c6256200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967187] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.912930] ================================================================== [ 17.913423] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.913596] Read of size 1 at addr fff00000c62c12a8 by task kunit_try_catch/190 [ 17.913712] [ 17.913788] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.913993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.914101] Hardware name: linux,dummy-virt (DT) [ 17.914214] Call trace: [ 17.914341] show_stack+0x20/0x38 (C) [ 17.914552] dump_stack_lvl+0x8c/0xd0 [ 17.914666] print_report+0x118/0x608 [ 17.914764] kasan_report+0xdc/0x128 [ 17.915410] __asan_report_load1_noabort+0x20/0x30 [ 17.915670] kmalloc_uaf2+0x3f4/0x468 [ 17.915928] kunit_try_run_case+0x170/0x3f0 [ 17.916135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.916265] kthread+0x328/0x630 [ 17.916359] ret_from_fork+0x10/0x20 [ 17.916481] [ 17.916523] Allocated by task 190: [ 17.916848] kasan_save_stack+0x3c/0x68 [ 17.916946] kasan_save_track+0x20/0x40 [ 17.917032] kasan_save_alloc_info+0x40/0x58 [ 17.917503] __kasan_kmalloc+0xd4/0xd8 [ 17.917611] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.917741] kmalloc_uaf2+0xc4/0x468 [ 17.917865] kunit_try_run_case+0x170/0x3f0 [ 17.917970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.918070] kthread+0x328/0x630 [ 17.918185] ret_from_fork+0x10/0x20 [ 17.918269] [ 17.918310] Freed by task 190: [ 17.918376] kasan_save_stack+0x3c/0x68 [ 17.918452] kasan_save_track+0x20/0x40 [ 17.918528] kasan_save_free_info+0x4c/0x78 [ 17.918625] __kasan_slab_free+0x6c/0x98 [ 17.919311] kfree+0x214/0x3c8 [ 17.919599] kmalloc_uaf2+0x134/0x468 [ 17.919748] kunit_try_run_case+0x170/0x3f0 [ 17.919839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.919958] kthread+0x328/0x630 [ 17.920228] ret_from_fork+0x10/0x20 [ 17.920488] [ 17.920544] The buggy address belongs to the object at fff00000c62c1280 [ 17.920544] which belongs to the cache kmalloc-64 of size 64 [ 17.920910] The buggy address is located 40 bytes inside of [ 17.920910] freed 64-byte region [fff00000c62c1280, fff00000c62c12c0) [ 17.921389] [ 17.921652] The buggy address belongs to the physical page: [ 17.921732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062c1 [ 17.922064] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.922554] page_type: f5(slab) [ 17.922786] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.923227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.923562] page dumped because: kasan: bad access detected [ 17.923707] [ 17.923783] Memory state around the buggy address: [ 17.924055] fff00000c62c1180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.924188] fff00000c62c1200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.924541] >fff00000c62c1280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.924671] ^ [ 17.924747] fff00000c62c1300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.924848] fff00000c62c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.924953] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.882519] ================================================================== [ 17.882722] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.883226] Write of size 33 at addr fff00000c62c1100 by task kunit_try_catch/188 [ 17.883445] [ 17.883565] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.883887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.884110] Hardware name: linux,dummy-virt (DT) [ 17.884310] Call trace: [ 17.884375] show_stack+0x20/0x38 (C) [ 17.884647] dump_stack_lvl+0x8c/0xd0 [ 17.884758] print_report+0x118/0x608 [ 17.884852] kasan_report+0xdc/0x128 [ 17.884936] kasan_check_range+0x100/0x1a8 [ 17.885029] __asan_memset+0x34/0x78 [ 17.885611] kmalloc_uaf_memset+0x170/0x310 [ 17.885740] kunit_try_run_case+0x170/0x3f0 [ 17.885930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.886283] kthread+0x328/0x630 [ 17.886484] ret_from_fork+0x10/0x20 [ 17.886603] [ 17.886997] Allocated by task 188: [ 17.887150] kasan_save_stack+0x3c/0x68 [ 17.887254] kasan_save_track+0x20/0x40 [ 17.887387] kasan_save_alloc_info+0x40/0x58 [ 17.887508] __kasan_kmalloc+0xd4/0xd8 [ 17.887604] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.887701] kmalloc_uaf_memset+0xb8/0x310 [ 17.887796] kunit_try_run_case+0x170/0x3f0 [ 17.887865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.887941] kthread+0x328/0x630 [ 17.888025] ret_from_fork+0x10/0x20 [ 17.888095] [ 17.888132] Freed by task 188: [ 17.888412] kasan_save_stack+0x3c/0x68 [ 17.888463] kasan_save_track+0x20/0x40 [ 17.888498] kasan_save_free_info+0x4c/0x78 [ 17.888558] __kasan_slab_free+0x6c/0x98 [ 17.888635] kfree+0x214/0x3c8 [ 17.888736] kmalloc_uaf_memset+0x11c/0x310 [ 17.888856] kunit_try_run_case+0x170/0x3f0 [ 17.889017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.889204] kthread+0x328/0x630 [ 17.889402] ret_from_fork+0x10/0x20 [ 17.889614] [ 17.889678] The buggy address belongs to the object at fff00000c62c1100 [ 17.889678] which belongs to the cache kmalloc-64 of size 64 [ 17.890254] The buggy address is located 0 bytes inside of [ 17.890254] freed 64-byte region [fff00000c62c1100, fff00000c62c1140) [ 17.890606] [ 17.890654] The buggy address belongs to the physical page: [ 17.890725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062c1 [ 17.890848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.890962] page_type: f5(slab) [ 17.891043] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.891158] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.891252] page dumped because: kasan: bad access detected [ 17.891712] [ 17.891755] Memory state around the buggy address: [ 17.891824] fff00000c62c1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.891924] fff00000c62c1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.892020] >fff00000c62c1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.892114] ^ [ 17.892181] fff00000c62c1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892295] fff00000c62c1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.835987] ================================================================== [ 17.836222] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.836429] Read of size 64 at addr fff00000c62e2e04 by task kunit_try_catch/184 [ 17.836542] [ 17.836825] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.837018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.837083] Hardware name: linux,dummy-virt (DT) [ 17.837156] Call trace: [ 17.837207] show_stack+0x20/0x38 (C) [ 17.837323] dump_stack_lvl+0x8c/0xd0 [ 17.837422] print_report+0x118/0x608 [ 17.837545] kasan_report+0xdc/0x128 [ 17.837653] kasan_check_range+0x100/0x1a8 [ 17.837760] __asan_memmove+0x3c/0x98 [ 17.837861] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.837972] kunit_try_run_case+0x170/0x3f0 [ 17.838073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.838196] kthread+0x328/0x630 [ 17.838298] ret_from_fork+0x10/0x20 [ 17.838783] [ 17.838843] Allocated by task 184: [ 17.838914] kasan_save_stack+0x3c/0x68 [ 17.839002] kasan_save_track+0x20/0x40 [ 17.839076] kasan_save_alloc_info+0x40/0x58 [ 17.839155] __kasan_kmalloc+0xd4/0xd8 [ 17.839226] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.839352] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 17.839689] kunit_try_run_case+0x170/0x3f0 [ 17.839894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.839998] kthread+0x328/0x630 [ 17.840069] ret_from_fork+0x10/0x20 [ 17.840147] [ 17.840191] The buggy address belongs to the object at fff00000c62e2e00 [ 17.840191] which belongs to the cache kmalloc-64 of size 64 [ 17.840328] The buggy address is located 4 bytes inside of [ 17.840328] allocated 64-byte region [fff00000c62e2e00, fff00000c62e2e40) [ 17.840461] [ 17.840504] The buggy address belongs to the physical page: [ 17.840572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062e2 [ 17.840700] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.840928] page_type: f5(slab) [ 17.841028] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.841292] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.841416] page dumped because: kasan: bad access detected [ 17.841511] [ 17.841596] Memory state around the buggy address: [ 17.841667] fff00000c62e2d00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.841814] fff00000c62e2d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.841908] >fff00000c62e2e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.841997] ^ [ 17.842246] fff00000c62e2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.842357] fff00000c62e2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.842455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.801589] ================================================================== [ 17.801739] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.801907] Read of size 18446744073709551614 at addr fff00000c62e2c04 by task kunit_try_catch/182 [ 17.802122] [ 17.802190] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.802346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.802401] Hardware name: linux,dummy-virt (DT) [ 17.802461] Call trace: [ 17.802509] show_stack+0x20/0x38 (C) [ 17.802622] dump_stack_lvl+0x8c/0xd0 [ 17.802707] print_report+0x118/0x608 [ 17.803375] kasan_report+0xdc/0x128 [ 17.803486] kasan_check_range+0x100/0x1a8 [ 17.804401] __asan_memmove+0x3c/0x98 [ 17.804764] kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.804893] kunit_try_run_case+0x170/0x3f0 [ 17.804994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.805107] kthread+0x328/0x630 [ 17.805194] ret_from_fork+0x10/0x20 [ 17.805276] [ 17.805310] Allocated by task 182: [ 17.805362] kasan_save_stack+0x3c/0x68 [ 17.805455] kasan_save_track+0x20/0x40 [ 17.805592] kasan_save_alloc_info+0x40/0x58 [ 17.805697] __kasan_kmalloc+0xd4/0xd8 [ 17.805803] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.805914] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 17.806022] kunit_try_run_case+0x170/0x3f0 [ 17.806141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.806255] kthread+0x328/0x630 [ 17.806344] ret_from_fork+0x10/0x20 [ 17.806413] [ 17.806454] The buggy address belongs to the object at fff00000c62e2c00 [ 17.806454] which belongs to the cache kmalloc-64 of size 64 [ 17.806631] The buggy address is located 4 bytes inside of [ 17.806631] 64-byte region [fff00000c62e2c00, fff00000c62e2c40) [ 17.806756] [ 17.806798] The buggy address belongs to the physical page: [ 17.806861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062e2 [ 17.807029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.807172] page_type: f5(slab) [ 17.807361] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.807517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.807985] page dumped because: kasan: bad access detected [ 17.808064] [ 17.808406] Memory state around the buggy address: [ 17.808498] fff00000c62e2b00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.808728] fff00000c62e2b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.808928] >fff00000c62e2c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.809111] ^ [ 17.809211] fff00000c62e2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.809318] fff00000c62e2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.809415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.780879] ================================================================== [ 17.780995] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 17.781098] Write of size 16 at addr fff00000c62d4b69 by task kunit_try_catch/180 [ 17.781209] [ 17.781282] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.781479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.781812] Hardware name: linux,dummy-virt (DT) [ 17.781916] Call trace: [ 17.781966] show_stack+0x20/0x38 (C) [ 17.782082] dump_stack_lvl+0x8c/0xd0 [ 17.782296] print_report+0x118/0x608 [ 17.782398] kasan_report+0xdc/0x128 [ 17.782492] kasan_check_range+0x100/0x1a8 [ 17.782599] __asan_memset+0x34/0x78 [ 17.782693] kmalloc_oob_memset_16+0x150/0x2f8 [ 17.782802] kunit_try_run_case+0x170/0x3f0 [ 17.782910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.783025] kthread+0x328/0x630 [ 17.783120] ret_from_fork+0x10/0x20 [ 17.783225] [ 17.783265] Allocated by task 180: [ 17.783359] kasan_save_stack+0x3c/0x68 [ 17.783435] kasan_save_track+0x20/0x40 [ 17.783510] kasan_save_alloc_info+0x40/0x58 [ 17.783673] __kasan_kmalloc+0xd4/0xd8 [ 17.783758] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.783831] kmalloc_oob_memset_16+0xb0/0x2f8 [ 17.783911] kunit_try_run_case+0x170/0x3f0 [ 17.783985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.784111] kthread+0x328/0x630 [ 17.784198] ret_from_fork+0x10/0x20 [ 17.784268] [ 17.784313] The buggy address belongs to the object at fff00000c62d4b00 [ 17.784313] which belongs to the cache kmalloc-128 of size 128 [ 17.784441] The buggy address is located 105 bytes inside of [ 17.784441] allocated 120-byte region [fff00000c62d4b00, fff00000c62d4b78) [ 17.784620] [ 17.784666] The buggy address belongs to the physical page: [ 17.784761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.784884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.784987] page_type: f5(slab) [ 17.785055] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.785144] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.785243] page dumped because: kasan: bad access detected [ 17.785309] [ 17.785348] Memory state around the buggy address: [ 17.785460] fff00000c62d4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.785574] fff00000c62d4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785656] >fff00000c62d4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.785728] ^ [ 17.785799] fff00000c62d4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785869] fff00000c62d4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.765894] ================================================================== [ 17.766062] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 17.766208] Write of size 8 at addr fff00000c62d4a71 by task kunit_try_catch/178 [ 17.766335] [ 17.766428] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.766656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.766711] Hardware name: linux,dummy-virt (DT) [ 17.766771] Call trace: [ 17.766816] show_stack+0x20/0x38 (C) [ 17.766921] dump_stack_lvl+0x8c/0xd0 [ 17.767020] print_report+0x118/0x608 [ 17.767118] kasan_report+0xdc/0x128 [ 17.767247] kasan_check_range+0x100/0x1a8 [ 17.767391] __asan_memset+0x34/0x78 [ 17.767480] kmalloc_oob_memset_8+0x150/0x2f8 [ 17.767673] kunit_try_run_case+0x170/0x3f0 [ 17.767773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.767910] kthread+0x328/0x630 [ 17.768050] ret_from_fork+0x10/0x20 [ 17.768141] [ 17.768182] Allocated by task 178: [ 17.768313] kasan_save_stack+0x3c/0x68 [ 17.768391] kasan_save_track+0x20/0x40 [ 17.768457] kasan_save_alloc_info+0x40/0x58 [ 17.768527] __kasan_kmalloc+0xd4/0xd8 [ 17.768608] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.768694] kmalloc_oob_memset_8+0xb0/0x2f8 [ 17.768997] kunit_try_run_case+0x170/0x3f0 [ 17.769090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.769176] kthread+0x328/0x630 [ 17.769243] ret_from_fork+0x10/0x20 [ 17.769316] [ 17.769679] The buggy address belongs to the object at fff00000c62d4a00 [ 17.769679] which belongs to the cache kmalloc-128 of size 128 [ 17.769882] The buggy address is located 113 bytes inside of [ 17.769882] allocated 120-byte region [fff00000c62d4a00, fff00000c62d4a78) [ 17.770034] [ 17.770098] The buggy address belongs to the physical page: [ 17.770196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.770347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.770446] page_type: f5(slab) [ 17.770559] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.770708] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.770828] page dumped because: kasan: bad access detected [ 17.770908] [ 17.770946] Memory state around the buggy address: [ 17.771013] fff00000c62d4900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.771107] fff00000c62d4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.771200] >fff00000c62d4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.771319] ^ [ 17.771398] fff00000c62d4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.771486] fff00000c62d4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.771673] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.749564] ================================================================== [ 17.749694] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 17.749805] Write of size 4 at addr fff00000c62d4975 by task kunit_try_catch/176 [ 17.749956] [ 17.750050] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.750248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.750305] Hardware name: linux,dummy-virt (DT) [ 17.750374] Call trace: [ 17.750467] show_stack+0x20/0x38 (C) [ 17.750601] dump_stack_lvl+0x8c/0xd0 [ 17.750702] print_report+0x118/0x608 [ 17.750884] kasan_report+0xdc/0x128 [ 17.751012] kasan_check_range+0x100/0x1a8 [ 17.751120] __asan_memset+0x34/0x78 [ 17.751312] kmalloc_oob_memset_4+0x150/0x300 [ 17.751467] kunit_try_run_case+0x170/0x3f0 [ 17.751578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751731] kthread+0x328/0x630 [ 17.751857] ret_from_fork+0x10/0x20 [ 17.751955] [ 17.751993] Allocated by task 176: [ 17.752076] kasan_save_stack+0x3c/0x68 [ 17.752154] kasan_save_track+0x20/0x40 [ 17.752248] kasan_save_alloc_info+0x40/0x58 [ 17.752358] __kasan_kmalloc+0xd4/0xd8 [ 17.752454] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.752572] kmalloc_oob_memset_4+0xb0/0x300 [ 17.752653] kunit_try_run_case+0x170/0x3f0 [ 17.752764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.752874] kthread+0x328/0x630 [ 17.752968] ret_from_fork+0x10/0x20 [ 17.753066] [ 17.753125] The buggy address belongs to the object at fff00000c62d4900 [ 17.753125] which belongs to the cache kmalloc-128 of size 128 [ 17.753308] The buggy address is located 117 bytes inside of [ 17.753308] allocated 120-byte region [fff00000c62d4900, fff00000c62d4978) [ 17.753522] [ 17.753607] The buggy address belongs to the physical page: [ 17.753707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.753851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.753958] page_type: f5(slab) [ 17.754037] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.754143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.754230] page dumped because: kasan: bad access detected [ 17.754301] [ 17.754352] Memory state around the buggy address: [ 17.754430] fff00000c62d4800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.754536] fff00000c62d4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.754617] >fff00000c62d4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.754693] ^ [ 17.754982] fff00000c62d4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.755096] fff00000c62d4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.755390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.730687] ================================================================== [ 17.730871] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 17.731032] Write of size 2 at addr fff00000c62d4877 by task kunit_try_catch/174 [ 17.731139] [ 17.731213] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.731423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.731497] Hardware name: linux,dummy-virt (DT) [ 17.731577] Call trace: [ 17.731817] show_stack+0x20/0x38 (C) [ 17.732253] dump_stack_lvl+0x8c/0xd0 [ 17.732417] print_report+0x118/0x608 [ 17.732525] kasan_report+0xdc/0x128 [ 17.732645] kasan_check_range+0x100/0x1a8 [ 17.732799] __asan_memset+0x34/0x78 [ 17.733072] kmalloc_oob_memset_2+0x150/0x2f8 [ 17.733237] kunit_try_run_case+0x170/0x3f0 [ 17.733682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.734392] kthread+0x328/0x630 [ 17.734571] ret_from_fork+0x10/0x20 [ 17.734679] [ 17.734720] Allocated by task 174: [ 17.735384] kasan_save_stack+0x3c/0x68 [ 17.735490] kasan_save_track+0x20/0x40 [ 17.735582] kasan_save_alloc_info+0x40/0x58 [ 17.735690] __kasan_kmalloc+0xd4/0xd8 [ 17.735902] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.736118] kmalloc_oob_memset_2+0xb0/0x2f8 [ 17.736771] kunit_try_run_case+0x170/0x3f0 [ 17.737025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.737175] kthread+0x328/0x630 [ 17.737325] ret_from_fork+0x10/0x20 [ 17.737615] [ 17.737787] The buggy address belongs to the object at fff00000c62d4800 [ 17.737787] which belongs to the cache kmalloc-128 of size 128 [ 17.737936] The buggy address is located 119 bytes inside of [ 17.737936] allocated 120-byte region [fff00000c62d4800, fff00000c62d4878) [ 17.738463] [ 17.738520] The buggy address belongs to the physical page: [ 17.738701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.738949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.739142] page_type: f5(slab) [ 17.739251] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.739380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.739472] page dumped because: kasan: bad access detected [ 17.739551] [ 17.739593] Memory state around the buggy address: [ 17.739663] fff00000c62d4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.739757] fff00000c62d4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.739848] >fff00000c62d4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.739933] ^ [ 17.740049] fff00000c62d4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.740132] fff00000c62d4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.740212] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.712970] ================================================================== [ 17.713151] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 17.713303] Write of size 128 at addr fff00000c62d4700 by task kunit_try_catch/172 [ 17.713453] [ 17.713559] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.713722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.713782] Hardware name: linux,dummy-virt (DT) [ 17.713851] Call trace: [ 17.713898] show_stack+0x20/0x38 (C) [ 17.714077] dump_stack_lvl+0x8c/0xd0 [ 17.714291] print_report+0x118/0x608 [ 17.714563] kasan_report+0xdc/0x128 [ 17.714850] kasan_check_range+0x100/0x1a8 [ 17.715006] __asan_memset+0x34/0x78 [ 17.715099] kmalloc_oob_in_memset+0x144/0x2d0 [ 17.715192] kunit_try_run_case+0x170/0x3f0 [ 17.715627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.715754] kthread+0x328/0x630 [ 17.715859] ret_from_fork+0x10/0x20 [ 17.715961] [ 17.716176] Allocated by task 172: [ 17.716269] kasan_save_stack+0x3c/0x68 [ 17.716360] kasan_save_track+0x20/0x40 [ 17.716443] kasan_save_alloc_info+0x40/0x58 [ 17.716541] __kasan_kmalloc+0xd4/0xd8 [ 17.716651] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.716761] kmalloc_oob_in_memset+0xb0/0x2d0 [ 17.716861] kunit_try_run_case+0x170/0x3f0 [ 17.716955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.717080] kthread+0x328/0x630 [ 17.717155] ret_from_fork+0x10/0x20 [ 17.717493] [ 17.717548] The buggy address belongs to the object at fff00000c62d4700 [ 17.717548] which belongs to the cache kmalloc-128 of size 128 [ 17.717722] The buggy address is located 0 bytes inside of [ 17.717722] allocated 120-byte region [fff00000c62d4700, fff00000c62d4778) [ 17.717912] [ 17.717956] The buggy address belongs to the physical page: [ 17.718024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.718150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.718258] page_type: f5(slab) [ 17.718342] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.718474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.718609] page dumped because: kasan: bad access detected [ 17.718709] [ 17.718760] Memory state around the buggy address: [ 17.718856] fff00000c62d4600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.718984] fff00000c62d4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.719111] >fff00000c62d4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.719226] ^ [ 17.719405] fff00000c62d4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.719491] fff00000c62d4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.719581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.696699] ================================================================== [ 17.696818] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 17.696915] Read of size 16 at addr fff00000c62560e0 by task kunit_try_catch/170 [ 17.697058] [ 17.697139] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.697326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.697375] Hardware name: linux,dummy-virt (DT) [ 17.697471] Call trace: [ 17.697573] show_stack+0x20/0x38 (C) [ 17.697707] dump_stack_lvl+0x8c/0xd0 [ 17.697835] print_report+0x118/0x608 [ 17.697961] kasan_report+0xdc/0x128 [ 17.698085] __asan_report_load16_noabort+0x20/0x30 [ 17.698195] kmalloc_uaf_16+0x3bc/0x438 [ 17.698312] kunit_try_run_case+0x170/0x3f0 [ 17.698453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.698618] kthread+0x328/0x630 [ 17.698747] ret_from_fork+0x10/0x20 [ 17.698882] [ 17.698936] Allocated by task 170: [ 17.699000] kasan_save_stack+0x3c/0x68 [ 17.699081] kasan_save_track+0x20/0x40 [ 17.699183] kasan_save_alloc_info+0x40/0x58 [ 17.699322] __kasan_kmalloc+0xd4/0xd8 [ 17.699386] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.699465] kmalloc_uaf_16+0x140/0x438 [ 17.699549] kunit_try_run_case+0x170/0x3f0 [ 17.699744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.699833] kthread+0x328/0x630 [ 17.699904] ret_from_fork+0x10/0x20 [ 17.699977] [ 17.700015] Freed by task 170: [ 17.700066] kasan_save_stack+0x3c/0x68 [ 17.700138] kasan_save_track+0x20/0x40 [ 17.700210] kasan_save_free_info+0x4c/0x78 [ 17.700285] __kasan_slab_free+0x6c/0x98 [ 17.700450] kfree+0x214/0x3c8 [ 17.700539] kmalloc_uaf_16+0x190/0x438 [ 17.700623] kunit_try_run_case+0x170/0x3f0 [ 17.700706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.700802] kthread+0x328/0x630 [ 17.700876] ret_from_fork+0x10/0x20 [ 17.700959] [ 17.701008] The buggy address belongs to the object at fff00000c62560e0 [ 17.701008] which belongs to the cache kmalloc-16 of size 16 [ 17.701114] The buggy address is located 0 bytes inside of [ 17.701114] freed 16-byte region [fff00000c62560e0, fff00000c62560f0) [ 17.701233] [ 17.701271] The buggy address belongs to the physical page: [ 17.701362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.701489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.701617] page_type: f5(slab) [ 17.701668] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.701719] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.701758] page dumped because: kasan: bad access detected [ 17.701789] [ 17.701807] Memory state around the buggy address: [ 17.701839] fff00000c6255f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.701881] fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.701921] >fff00000c6256080: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 17.701957] ^ [ 17.701993] fff00000c6256100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.702032] fff00000c6256180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.702068] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.678311] ================================================================== [ 17.678987] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 17.679155] Write of size 16 at addr fff00000c6256080 by task kunit_try_catch/168 [ 17.679329] [ 17.679399] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.679592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.679647] Hardware name: linux,dummy-virt (DT) [ 17.679947] Call trace: [ 17.680092] show_stack+0x20/0x38 (C) [ 17.680311] dump_stack_lvl+0x8c/0xd0 [ 17.680430] print_report+0x118/0x608 [ 17.680602] kasan_report+0xdc/0x128 [ 17.680699] __asan_report_store16_noabort+0x20/0x30 [ 17.680791] kmalloc_oob_16+0x3a0/0x3f8 [ 17.680900] kunit_try_run_case+0x170/0x3f0 [ 17.680990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.681290] kthread+0x328/0x630 [ 17.681391] ret_from_fork+0x10/0x20 [ 17.681623] [ 17.681666] Allocated by task 168: [ 17.681747] kasan_save_stack+0x3c/0x68 [ 17.681866] kasan_save_track+0x20/0x40 [ 17.681949] kasan_save_alloc_info+0x40/0x58 [ 17.682078] __kasan_kmalloc+0xd4/0xd8 [ 17.682183] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.682286] kmalloc_oob_16+0xb4/0x3f8 [ 17.682369] kunit_try_run_case+0x170/0x3f0 [ 17.682450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.682557] kthread+0x328/0x630 [ 17.682642] ret_from_fork+0x10/0x20 [ 17.682721] [ 17.682764] The buggy address belongs to the object at fff00000c6256080 [ 17.682764] which belongs to the cache kmalloc-16 of size 16 [ 17.682898] The buggy address is located 0 bytes inside of [ 17.682898] allocated 13-byte region [fff00000c6256080, fff00000c625608d) [ 17.683036] [ 17.683094] The buggy address belongs to the physical page: [ 17.683179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.683315] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.683471] page_type: f5(slab) [ 17.683559] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.683664] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.683780] page dumped because: kasan: bad access detected [ 17.683852] [ 17.683882] Memory state around the buggy address: [ 17.683944] fff00000c6255f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684034] fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.684132] >fff00000c6256080: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.684235] ^ [ 17.684303] fff00000c6256100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684390] fff00000c6256180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.657461] ================================================================== [ 17.657594] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 17.657705] Read of size 1 at addr fff00000c4714800 by task kunit_try_catch/166 [ 17.657813] [ 17.657883] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.658060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.658121] Hardware name: linux,dummy-virt (DT) [ 17.658191] Call trace: [ 17.658239] show_stack+0x20/0x38 (C) [ 17.658344] dump_stack_lvl+0x8c/0xd0 [ 17.658445] print_report+0x118/0x608 [ 17.658559] kasan_report+0xdc/0x128 [ 17.658644] __asan_report_load1_noabort+0x20/0x30 [ 17.658774] krealloc_uaf+0x4c8/0x520 [ 17.658881] kunit_try_run_case+0x170/0x3f0 [ 17.658974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.659080] kthread+0x328/0x630 [ 17.659174] ret_from_fork+0x10/0x20 [ 17.659302] [ 17.659344] Allocated by task 166: [ 17.659407] kasan_save_stack+0x3c/0x68 [ 17.659491] kasan_save_track+0x20/0x40 [ 17.659640] kasan_save_alloc_info+0x40/0x58 [ 17.659869] __kasan_kmalloc+0xd4/0xd8 [ 17.659940] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.660630] krealloc_uaf+0xc8/0x520 [ 17.660807] kunit_try_run_case+0x170/0x3f0 [ 17.660906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.661113] kthread+0x328/0x630 [ 17.662748] ret_from_fork+0x10/0x20 [ 17.663052] [ 17.663115] Freed by task 166: [ 17.663186] kasan_save_stack+0x3c/0x68 [ 17.663325] kasan_save_track+0x20/0x40 [ 17.663401] kasan_save_free_info+0x4c/0x78 [ 17.663478] __kasan_slab_free+0x6c/0x98 [ 17.663528] kfree+0x214/0x3c8 [ 17.663608] krealloc_uaf+0x12c/0x520 [ 17.663652] kunit_try_run_case+0x170/0x3f0 [ 17.663690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.663732] kthread+0x328/0x630 [ 17.663779] ret_from_fork+0x10/0x20 [ 17.663846] [ 17.663885] The buggy address belongs to the object at fff00000c4714800 [ 17.663885] which belongs to the cache kmalloc-256 of size 256 [ 17.664016] The buggy address is located 0 bytes inside of [ 17.664016] freed 256-byte region [fff00000c4714800, fff00000c4714900) [ 17.664208] [ 17.664255] The buggy address belongs to the physical page: [ 17.664327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.664469] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.664620] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.664780] page_type: f5(slab) [ 17.664883] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.664976] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.665066] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.665165] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.665313] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.665423] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.665527] page dumped because: kasan: bad access detected [ 17.665613] [ 17.665655] Memory state around the buggy address: [ 17.665752] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.665882] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.665989] >fff00000c4714800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.666082] ^ [ 17.666174] fff00000c4714880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.666308] fff00000c4714900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.666398] ================================================================== [ 17.648430] ================================================================== [ 17.648607] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 17.648744] Read of size 1 at addr fff00000c4714800 by task kunit_try_catch/166 [ 17.648883] [ 17.648972] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.649192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.649262] Hardware name: linux,dummy-virt (DT) [ 17.649325] Call trace: [ 17.649371] show_stack+0x20/0x38 (C) [ 17.649475] dump_stack_lvl+0x8c/0xd0 [ 17.649578] print_report+0x118/0x608 [ 17.649660] kasan_report+0xdc/0x128 [ 17.649746] __kasan_check_byte+0x54/0x70 [ 17.649841] krealloc_noprof+0x44/0x360 [ 17.649980] krealloc_uaf+0x180/0x520 [ 17.650116] kunit_try_run_case+0x170/0x3f0 [ 17.650269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.650387] kthread+0x328/0x630 [ 17.650487] ret_from_fork+0x10/0x20 [ 17.650592] [ 17.650630] Allocated by task 166: [ 17.650682] kasan_save_stack+0x3c/0x68 [ 17.650756] kasan_save_track+0x20/0x40 [ 17.650831] kasan_save_alloc_info+0x40/0x58 [ 17.650910] __kasan_kmalloc+0xd4/0xd8 [ 17.650985] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.651074] krealloc_uaf+0xc8/0x520 [ 17.651152] kunit_try_run_case+0x170/0x3f0 [ 17.651251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.651337] kthread+0x328/0x630 [ 17.651409] ret_from_fork+0x10/0x20 [ 17.651489] [ 17.651574] Freed by task 166: [ 17.651629] kasan_save_stack+0x3c/0x68 [ 17.651707] kasan_save_track+0x20/0x40 [ 17.651794] kasan_save_free_info+0x4c/0x78 [ 17.651870] __kasan_slab_free+0x6c/0x98 [ 17.651965] kfree+0x214/0x3c8 [ 17.652056] krealloc_uaf+0x12c/0x520 [ 17.652161] kunit_try_run_case+0x170/0x3f0 [ 17.652244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.652340] kthread+0x328/0x630 [ 17.652417] ret_from_fork+0x10/0x20 [ 17.652491] [ 17.652539] The buggy address belongs to the object at fff00000c4714800 [ 17.652539] which belongs to the cache kmalloc-256 of size 256 [ 17.652720] The buggy address is located 0 bytes inside of [ 17.652720] freed 256-byte region [fff00000c4714800, fff00000c4714900) [ 17.652849] [ 17.652886] The buggy address belongs to the physical page: [ 17.652947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.653056] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.653162] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.653281] page_type: f5(slab) [ 17.653401] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.653561] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.653702] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.653815] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.653921] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.654039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.654165] page dumped because: kasan: bad access detected [ 17.654233] [ 17.654280] Memory state around the buggy address: [ 17.654367] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.654460] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.654554] >fff00000c4714800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.654634] ^ [ 17.654738] fff00000c4714880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.654870] fff00000c4714900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.654993] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.607441] ================================================================== [ 17.607633] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.607733] Write of size 1 at addr fff00000c79d60da by task kunit_try_catch/164 [ 17.608262] [ 17.608344] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.608610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.608679] Hardware name: linux,dummy-virt (DT) [ 17.608830] Call trace: [ 17.608893] show_stack+0x20/0x38 (C) [ 17.609366] dump_stack_lvl+0x8c/0xd0 [ 17.609657] print_report+0x118/0x608 [ 17.609868] kasan_report+0xdc/0x128 [ 17.609970] __asan_report_store1_noabort+0x20/0x30 [ 17.610285] krealloc_less_oob_helper+0xa80/0xc50 [ 17.610620] krealloc_large_less_oob+0x20/0x38 [ 17.610815] kunit_try_run_case+0x170/0x3f0 [ 17.611004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.611122] kthread+0x328/0x630 [ 17.611222] ret_from_fork+0x10/0x20 [ 17.611793] [ 17.611870] The buggy address belongs to the physical page: [ 17.611953] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.612162] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.612264] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.612621] page_type: f8(unknown) [ 17.612869] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.613010] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.613403] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.613954] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.614204] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.614323] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.614432] page dumped because: kasan: bad access detected [ 17.614510] [ 17.614560] Memory state around the buggy address: [ 17.614633] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.614730] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.614903] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.615024] ^ [ 17.615108] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.615208] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.615919] ================================================================== [ 17.532312] ================================================================== [ 17.532417] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.532524] Write of size 1 at addr fff00000c47146eb by task kunit_try_catch/160 [ 17.532682] [ 17.532751] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.532920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.532988] Hardware name: linux,dummy-virt (DT) [ 17.533062] Call trace: [ 17.533109] show_stack+0x20/0x38 (C) [ 17.533201] dump_stack_lvl+0x8c/0xd0 [ 17.533352] print_report+0x118/0x608 [ 17.533439] kasan_report+0xdc/0x128 [ 17.533553] __asan_report_store1_noabort+0x20/0x30 [ 17.533657] krealloc_less_oob_helper+0xa58/0xc50 [ 17.533762] krealloc_less_oob+0x20/0x38 [ 17.533851] kunit_try_run_case+0x170/0x3f0 [ 17.533951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.534060] kthread+0x328/0x630 [ 17.534148] ret_from_fork+0x10/0x20 [ 17.534767] [ 17.534815] Allocated by task 160: [ 17.535000] kasan_save_stack+0x3c/0x68 [ 17.536598] kasan_save_track+0x20/0x40 [ 17.536725] kasan_save_alloc_info+0x40/0x58 [ 17.536993] __kasan_krealloc+0x118/0x178 [ 17.537080] krealloc_noprof+0x128/0x360 [ 17.537223] krealloc_less_oob_helper+0x168/0xc50 [ 17.537323] krealloc_less_oob+0x20/0x38 [ 17.537404] kunit_try_run_case+0x170/0x3f0 [ 17.537684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.538042] kthread+0x328/0x630 [ 17.538167] ret_from_fork+0x10/0x20 [ 17.538252] [ 17.538297] The buggy address belongs to the object at fff00000c4714600 [ 17.538297] which belongs to the cache kmalloc-256 of size 256 [ 17.538431] The buggy address is located 34 bytes to the right of [ 17.538431] allocated 201-byte region [fff00000c4714600, fff00000c47146c9) [ 17.538586] [ 17.538634] The buggy address belongs to the physical page: [ 17.539014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.539164] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.539484] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.539884] page_type: f5(slab) [ 17.540018] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.540309] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.540438] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.540655] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.540922] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.541038] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.541404] page dumped because: kasan: bad access detected [ 17.541664] [ 17.541731] Memory state around the buggy address: [ 17.541819] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.541924] fff00000c4714600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.542023] >fff00000c4714680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.542111] ^ [ 17.542200] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.543044] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.543171] ================================================================== [ 17.503231] ================================================================== [ 17.503787] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.504050] Write of size 1 at addr fff00000c47146d0 by task kunit_try_catch/160 [ 17.504179] [ 17.504322] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.504701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.504800] Hardware name: linux,dummy-virt (DT) [ 17.504867] Call trace: [ 17.505068] show_stack+0x20/0x38 (C) [ 17.505283] dump_stack_lvl+0x8c/0xd0 [ 17.505402] print_report+0x118/0x608 [ 17.505514] kasan_report+0xdc/0x128 [ 17.505627] __asan_report_store1_noabort+0x20/0x30 [ 17.505745] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.505863] krealloc_less_oob+0x20/0x38 [ 17.505971] kunit_try_run_case+0x170/0x3f0 [ 17.506080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.506203] kthread+0x328/0x630 [ 17.506310] ret_from_fork+0x10/0x20 [ 17.506439] [ 17.506491] Allocated by task 160: [ 17.506577] kasan_save_stack+0x3c/0x68 [ 17.506684] kasan_save_track+0x20/0x40 [ 17.506774] kasan_save_alloc_info+0x40/0x58 [ 17.506861] __kasan_krealloc+0x118/0x178 [ 17.506939] krealloc_noprof+0x128/0x360 [ 17.507039] krealloc_less_oob_helper+0x168/0xc50 [ 17.507143] krealloc_less_oob+0x20/0x38 [ 17.507230] kunit_try_run_case+0x170/0x3f0 [ 17.507349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.507440] kthread+0x328/0x630 [ 17.507521] ret_from_fork+0x10/0x20 [ 17.507613] [ 17.507658] The buggy address belongs to the object at fff00000c4714600 [ 17.507658] which belongs to the cache kmalloc-256 of size 256 [ 17.508227] The buggy address is located 7 bytes to the right of [ 17.508227] allocated 201-byte region [fff00000c4714600, fff00000c47146c9) [ 17.508357] [ 17.508398] The buggy address belongs to the physical page: [ 17.508461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.508818] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.508959] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.509081] page_type: f5(slab) [ 17.509182] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.509347] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.509511] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.509670] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.509785] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.509896] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.509988] page dumped because: kasan: bad access detected [ 17.510056] [ 17.510098] Memory state around the buggy address: [ 17.510169] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510270] fff00000c4714600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.510378] >fff00000c4714680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.510515] ^ [ 17.510954] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.511164] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.511255] ================================================================== [ 17.632258] ================================================================== [ 17.632820] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.633059] Write of size 1 at addr fff00000c79d60eb by task kunit_try_catch/164 [ 17.633597] [ 17.633671] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.633844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.633902] Hardware name: linux,dummy-virt (DT) [ 17.633968] Call trace: [ 17.634042] show_stack+0x20/0x38 (C) [ 17.634168] dump_stack_lvl+0x8c/0xd0 [ 17.634274] print_report+0x118/0x608 [ 17.634377] kasan_report+0xdc/0x128 [ 17.634477] __asan_report_store1_noabort+0x20/0x30 [ 17.634957] krealloc_less_oob_helper+0xa58/0xc50 [ 17.635220] krealloc_large_less_oob+0x20/0x38 [ 17.635346] kunit_try_run_case+0x170/0x3f0 [ 17.635454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.635579] kthread+0x328/0x630 [ 17.635673] ret_from_fork+0x10/0x20 [ 17.635770] [ 17.635810] The buggy address belongs to the physical page: [ 17.635869] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.636207] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.636347] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.636517] page_type: f8(unknown) [ 17.636633] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.636811] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.636941] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.637048] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.637139] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.637251] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.637341] page dumped because: kasan: bad access detected [ 17.637407] [ 17.637443] Memory state around the buggy address: [ 17.637519] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.637631] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.637700] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.637739] ^ [ 17.637779] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.637837] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.637910] ================================================================== [ 17.596373] ================================================================== [ 17.596470] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.597362] Write of size 1 at addr fff00000c79d60d0 by task kunit_try_catch/164 [ 17.597575] [ 17.597840] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.598217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.598289] Hardware name: linux,dummy-virt (DT) [ 17.598361] Call trace: [ 17.598408] show_stack+0x20/0x38 (C) [ 17.598522] dump_stack_lvl+0x8c/0xd0 [ 17.598641] print_report+0x118/0x608 [ 17.599186] kasan_report+0xdc/0x128 [ 17.599654] __asan_report_store1_noabort+0x20/0x30 [ 17.599957] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.600148] krealloc_large_less_oob+0x20/0x38 [ 17.600253] kunit_try_run_case+0x170/0x3f0 [ 17.600349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.600446] kthread+0x328/0x630 [ 17.600548] ret_from_fork+0x10/0x20 [ 17.601295] [ 17.601433] The buggy address belongs to the physical page: [ 17.601729] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.601856] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.602071] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.602199] page_type: f8(unknown) [ 17.602503] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.602670] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.603100] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.603330] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.603463] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.603656] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.603931] page dumped because: kasan: bad access detected [ 17.604003] [ 17.604041] Memory state around the buggy address: [ 17.604400] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.604569] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.604748] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.604956] ^ [ 17.605038] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.605343] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.605540] ================================================================== [ 17.582686] ================================================================== [ 17.582803] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.582912] Write of size 1 at addr fff00000c79d60c9 by task kunit_try_catch/164 [ 17.583063] [ 17.583159] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.583458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.583523] Hardware name: linux,dummy-virt (DT) [ 17.583874] Call trace: [ 17.584170] show_stack+0x20/0x38 (C) [ 17.584292] dump_stack_lvl+0x8c/0xd0 [ 17.584427] print_report+0x118/0x608 [ 17.584766] kasan_report+0xdc/0x128 [ 17.585033] __asan_report_store1_noabort+0x20/0x30 [ 17.585324] krealloc_less_oob_helper+0xa48/0xc50 [ 17.585497] krealloc_large_less_oob+0x20/0x38 [ 17.586006] kunit_try_run_case+0x170/0x3f0 [ 17.586306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.586662] kthread+0x328/0x630 [ 17.586891] ret_from_fork+0x10/0x20 [ 17.586997] [ 17.587363] The buggy address belongs to the physical page: [ 17.587459] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.587615] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.587718] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.588183] page_type: f8(unknown) [ 17.588352] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.588470] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.588819] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.589228] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.589357] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.589829] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.590033] page dumped because: kasan: bad access detected [ 17.590371] [ 17.590421] Memory state around the buggy address: [ 17.590492] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.590967] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.591334] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.591444] ^ [ 17.591528] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.591644] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.591741] ================================================================== [ 17.617832] ================================================================== [ 17.618324] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.618441] Write of size 1 at addr fff00000c79d60ea by task kunit_try_catch/164 [ 17.618573] [ 17.618640] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.618812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.618874] Hardware name: linux,dummy-virt (DT) [ 17.619249] Call trace: [ 17.619395] show_stack+0x20/0x38 (C) [ 17.619522] dump_stack_lvl+0x8c/0xd0 [ 17.620131] print_report+0x118/0x608 [ 17.620374] kasan_report+0xdc/0x128 [ 17.620488] __asan_report_store1_noabort+0x20/0x30 [ 17.620739] krealloc_less_oob_helper+0xae4/0xc50 [ 17.621193] krealloc_large_less_oob+0x20/0x38 [ 17.622073] kunit_try_run_case+0x170/0x3f0 [ 17.622260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.622873] kthread+0x328/0x630 [ 17.622991] ret_from_fork+0x10/0x20 [ 17.623112] [ 17.623166] The buggy address belongs to the physical page: [ 17.623238] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.623353] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.623784] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.623915] page_type: f8(unknown) [ 17.624605] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.624998] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.625153] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.625263] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.625866] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.626158] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.626278] page dumped because: kasan: bad access detected [ 17.626390] [ 17.626437] Memory state around the buggy address: [ 17.626752] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.627013] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.627159] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.627239] ^ [ 17.627502] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.627754] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.628179] ================================================================== [ 17.486757] ================================================================== [ 17.486888] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.487009] Write of size 1 at addr fff00000c47146c9 by task kunit_try_catch/160 [ 17.487120] [ 17.487201] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.487400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.487457] Hardware name: linux,dummy-virt (DT) [ 17.487653] Call trace: [ 17.487716] show_stack+0x20/0x38 (C) [ 17.487829] dump_stack_lvl+0x8c/0xd0 [ 17.487945] print_report+0x118/0x608 [ 17.488256] kasan_report+0xdc/0x128 [ 17.488363] __asan_report_store1_noabort+0x20/0x30 [ 17.488472] krealloc_less_oob_helper+0xa48/0xc50 [ 17.488598] krealloc_less_oob+0x20/0x38 [ 17.488696] kunit_try_run_case+0x170/0x3f0 [ 17.488857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.489097] kthread+0x328/0x630 [ 17.489256] ret_from_fork+0x10/0x20 [ 17.489438] [ 17.489519] Allocated by task 160: [ 17.489593] kasan_save_stack+0x3c/0x68 [ 17.489683] kasan_save_track+0x20/0x40 [ 17.489757] kasan_save_alloc_info+0x40/0x58 [ 17.489840] __kasan_krealloc+0x118/0x178 [ 17.489921] krealloc_noprof+0x128/0x360 [ 17.490009] krealloc_less_oob_helper+0x168/0xc50 [ 17.490094] krealloc_less_oob+0x20/0x38 [ 17.490276] kunit_try_run_case+0x170/0x3f0 [ 17.490360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.490452] kthread+0x328/0x630 [ 17.490523] ret_from_fork+0x10/0x20 [ 17.490611] [ 17.490652] The buggy address belongs to the object at fff00000c4714600 [ 17.490652] which belongs to the cache kmalloc-256 of size 256 [ 17.490852] The buggy address is located 0 bytes to the right of [ 17.490852] allocated 201-byte region [fff00000c4714600, fff00000c47146c9) [ 17.491079] [ 17.491154] The buggy address belongs to the physical page: [ 17.491235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.491419] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.491702] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.492059] page_type: f5(slab) [ 17.492182] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.492401] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.492844] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.493131] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.493713] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.493837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.494364] page dumped because: kasan: bad access detected [ 17.494569] [ 17.494608] Memory state around the buggy address: [ 17.495008] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.495123] fff00000c4714600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.495740] >fff00000c4714680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.496055] ^ [ 17.496135] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.496415] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.496669] ================================================================== [ 17.521301] ================================================================== [ 17.521404] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.521544] Write of size 1 at addr fff00000c47146ea by task kunit_try_catch/160 [ 17.521657] [ 17.521721] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.521873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.521928] Hardware name: linux,dummy-virt (DT) [ 17.521991] Call trace: [ 17.522035] show_stack+0x20/0x38 (C) [ 17.522135] dump_stack_lvl+0x8c/0xd0 [ 17.522228] print_report+0x118/0x608 [ 17.522323] kasan_report+0xdc/0x128 [ 17.522410] __asan_report_store1_noabort+0x20/0x30 [ 17.522509] krealloc_less_oob_helper+0xae4/0xc50 [ 17.522629] krealloc_less_oob+0x20/0x38 [ 17.522728] kunit_try_run_case+0x170/0x3f0 [ 17.522816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.522908] kthread+0x328/0x630 [ 17.522999] ret_from_fork+0x10/0x20 [ 17.523613] [ 17.523664] Allocated by task 160: [ 17.523717] kasan_save_stack+0x3c/0x68 [ 17.523792] kasan_save_track+0x20/0x40 [ 17.523850] kasan_save_alloc_info+0x40/0x58 [ 17.523912] __kasan_krealloc+0x118/0x178 [ 17.523973] krealloc_noprof+0x128/0x360 [ 17.524040] krealloc_less_oob_helper+0x168/0xc50 [ 17.524116] krealloc_less_oob+0x20/0x38 [ 17.524188] kunit_try_run_case+0x170/0x3f0 [ 17.524259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.524336] kthread+0x328/0x630 [ 17.524401] ret_from_fork+0x10/0x20 [ 17.524455] [ 17.524486] The buggy address belongs to the object at fff00000c4714600 [ 17.524486] which belongs to the cache kmalloc-256 of size 256 [ 17.524598] The buggy address is located 33 bytes to the right of [ 17.524598] allocated 201-byte region [fff00000c4714600, fff00000c47146c9) [ 17.524743] [ 17.524829] The buggy address belongs to the physical page: [ 17.524887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.525644] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.525773] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.525875] page_type: f5(slab) [ 17.525944] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.526300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.526427] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.526769] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.527469] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.527926] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.528188] page dumped because: kasan: bad access detected [ 17.528388] [ 17.528494] Memory state around the buggy address: [ 17.528645] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.528742] fff00000c4714600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.529172] >fff00000c4714680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.529412] ^ [ 17.529885] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.530009] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.530719] ================================================================== [ 17.513058] ================================================================== [ 17.513170] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.513279] Write of size 1 at addr fff00000c47146da by task kunit_try_catch/160 [ 17.513396] [ 17.513480] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.514007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.514547] Hardware name: linux,dummy-virt (DT) [ 17.514716] Call trace: [ 17.514785] show_stack+0x20/0x38 (C) [ 17.514962] dump_stack_lvl+0x8c/0xd0 [ 17.515289] print_report+0x118/0x608 [ 17.515478] kasan_report+0xdc/0x128 [ 17.515614] __asan_report_store1_noabort+0x20/0x30 [ 17.515910] krealloc_less_oob_helper+0xa80/0xc50 [ 17.516009] krealloc_less_oob+0x20/0x38 [ 17.516091] kunit_try_run_case+0x170/0x3f0 [ 17.516188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.516293] kthread+0x328/0x630 [ 17.516550] ret_from_fork+0x10/0x20 [ 17.516648] [ 17.516685] Allocated by task 160: [ 17.516743] kasan_save_stack+0x3c/0x68 [ 17.516829] kasan_save_track+0x20/0x40 [ 17.516897] kasan_save_alloc_info+0x40/0x58 [ 17.516974] __kasan_krealloc+0x118/0x178 [ 17.517046] krealloc_noprof+0x128/0x360 [ 17.517161] krealloc_less_oob_helper+0x168/0xc50 [ 17.517241] krealloc_less_oob+0x20/0x38 [ 17.517304] kunit_try_run_case+0x170/0x3f0 [ 17.517380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.517456] kthread+0x328/0x630 [ 17.517549] ret_from_fork+0x10/0x20 [ 17.517625] [ 17.517659] The buggy address belongs to the object at fff00000c4714600 [ 17.517659] which belongs to the cache kmalloc-256 of size 256 [ 17.517766] The buggy address is located 17 bytes to the right of [ 17.517766] allocated 201-byte region [fff00000c4714600, fff00000c47146c9) [ 17.518419] [ 17.518488] The buggy address belongs to the physical page: [ 17.518572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.518663] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.518743] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.518836] page_type: f5(slab) [ 17.518907] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.519005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.519097] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.519191] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.519321] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.519416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.519491] page dumped because: kasan: bad access detected [ 17.519562] [ 17.519597] Memory state around the buggy address: [ 17.519658] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.519743] fff00000c4714600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.519817] >fff00000c4714680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.519879] ^ [ 17.519942] fff00000c4714700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.520023] fff00000c4714780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.520100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.569596] ================================================================== [ 17.569742] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.569874] Write of size 1 at addr fff00000c79d60f0 by task kunit_try_catch/162 [ 17.569994] [ 17.570088] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.570253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.570307] Hardware name: linux,dummy-virt (DT) [ 17.570374] Call trace: [ 17.570423] show_stack+0x20/0x38 (C) [ 17.570526] dump_stack_lvl+0x8c/0xd0 [ 17.570638] print_report+0x118/0x608 [ 17.570736] kasan_report+0xdc/0x128 [ 17.570831] __asan_report_store1_noabort+0x20/0x30 [ 17.570941] krealloc_more_oob_helper+0x5c0/0x678 [ 17.571052] krealloc_large_more_oob+0x20/0x38 [ 17.571166] kunit_try_run_case+0x170/0x3f0 [ 17.571270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.571423] kthread+0x328/0x630 [ 17.571553] ret_from_fork+0x10/0x20 [ 17.571653] [ 17.571695] The buggy address belongs to the physical page: [ 17.572137] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.572255] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.572349] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.572988] page_type: f8(unknown) [ 17.573075] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.573180] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.573335] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.573444] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.573581] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.573694] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.573789] page dumped because: kasan: bad access detected [ 17.573859] [ 17.573902] Memory state around the buggy address: [ 17.573965] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.574074] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.574211] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.574300] ^ [ 17.574389] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.574489] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.574626] ================================================================== [ 17.455274] ================================================================== [ 17.455449] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.455586] Write of size 1 at addr fff00000c47144eb by task kunit_try_catch/158 [ 17.455693] [ 17.455782] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.455968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.456020] Hardware name: linux,dummy-virt (DT) [ 17.456086] Call trace: [ 17.456136] show_stack+0x20/0x38 (C) [ 17.456232] dump_stack_lvl+0x8c/0xd0 [ 17.456323] print_report+0x118/0x608 [ 17.456412] kasan_report+0xdc/0x128 [ 17.456487] __asan_report_store1_noabort+0x20/0x30 [ 17.456616] krealloc_more_oob_helper+0x60c/0x678 [ 17.456733] krealloc_more_oob+0x20/0x38 [ 17.456899] kunit_try_run_case+0x170/0x3f0 [ 17.456963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.457016] kthread+0x328/0x630 [ 17.457070] ret_from_fork+0x10/0x20 [ 17.457182] [ 17.457224] Allocated by task 158: [ 17.457288] kasan_save_stack+0x3c/0x68 [ 17.457371] kasan_save_track+0x20/0x40 [ 17.457446] kasan_save_alloc_info+0x40/0x58 [ 17.457558] __kasan_krealloc+0x118/0x178 [ 17.457671] krealloc_noprof+0x128/0x360 [ 17.457758] krealloc_more_oob_helper+0x168/0x678 [ 17.457855] krealloc_more_oob+0x20/0x38 [ 17.457944] kunit_try_run_case+0x170/0x3f0 [ 17.458032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.458153] kthread+0x328/0x630 [ 17.458236] ret_from_fork+0x10/0x20 [ 17.458307] [ 17.458347] The buggy address belongs to the object at fff00000c4714400 [ 17.458347] which belongs to the cache kmalloc-256 of size 256 [ 17.458477] The buggy address is located 0 bytes to the right of [ 17.458477] allocated 235-byte region [fff00000c4714400, fff00000c47144eb) [ 17.458630] [ 17.458676] The buggy address belongs to the physical page: [ 17.458747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.458869] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.458971] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.459090] page_type: f5(slab) [ 17.459174] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.459322] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.459425] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.459529] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.459700] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.459797] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.459878] page dumped because: kasan: bad access detected [ 17.459946] [ 17.459987] Memory state around the buggy address: [ 17.460063] fff00000c4714380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.460165] fff00000c4714400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.460274] >fff00000c4714480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.460398] ^ [ 17.460508] fff00000c4714500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.460631] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.460756] ================================================================== [ 17.561920] ================================================================== [ 17.562254] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.562596] Write of size 1 at addr fff00000c79d60eb by task kunit_try_catch/162 [ 17.562935] [ 17.563042] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.563231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.563309] Hardware name: linux,dummy-virt (DT) [ 17.563413] Call trace: [ 17.563523] show_stack+0x20/0x38 (C) [ 17.563716] dump_stack_lvl+0x8c/0xd0 [ 17.563805] print_report+0x118/0x608 [ 17.563895] kasan_report+0xdc/0x128 [ 17.563990] __asan_report_store1_noabort+0x20/0x30 [ 17.564328] krealloc_more_oob_helper+0x60c/0x678 [ 17.564544] krealloc_large_more_oob+0x20/0x38 [ 17.565012] kunit_try_run_case+0x170/0x3f0 [ 17.565142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.565514] kthread+0x328/0x630 [ 17.565786] ret_from_fork+0x10/0x20 [ 17.565949] [ 17.566012] The buggy address belongs to the physical page: [ 17.566087] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079d4 [ 17.566254] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.566400] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.566548] page_type: f8(unknown) [ 17.566635] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.566792] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.566950] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.567086] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.567198] head: 0bfffe0000000002 ffffc1ffc31e7501 00000000ffffffff 00000000ffffffff [ 17.567343] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.567428] page dumped because: kasan: bad access detected [ 17.567517] [ 17.567578] Memory state around the buggy address: [ 17.567735] fff00000c79d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.567944] fff00000c79d6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.568212] >fff00000c79d6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.568304] ^ [ 17.568390] fff00000c79d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.568469] fff00000c79d6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.568550] ================================================================== [ 17.462483] ================================================================== [ 17.463075] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.463191] Write of size 1 at addr fff00000c47144f0 by task kunit_try_catch/158 [ 17.463288] [ 17.463749] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.463909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.464210] Hardware name: linux,dummy-virt (DT) [ 17.464464] Call trace: [ 17.464546] show_stack+0x20/0x38 (C) [ 17.464721] dump_stack_lvl+0x8c/0xd0 [ 17.464865] print_report+0x118/0x608 [ 17.464967] kasan_report+0xdc/0x128 [ 17.465054] __asan_report_store1_noabort+0x20/0x30 [ 17.465166] krealloc_more_oob_helper+0x5c0/0x678 [ 17.465281] krealloc_more_oob+0x20/0x38 [ 17.465390] kunit_try_run_case+0x170/0x3f0 [ 17.465564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.465733] kthread+0x328/0x630 [ 17.465838] ret_from_fork+0x10/0x20 [ 17.465944] [ 17.465985] Allocated by task 158: [ 17.466047] kasan_save_stack+0x3c/0x68 [ 17.466133] kasan_save_track+0x20/0x40 [ 17.466210] kasan_save_alloc_info+0x40/0x58 [ 17.466294] __kasan_krealloc+0x118/0x178 [ 17.466371] krealloc_noprof+0x128/0x360 [ 17.466490] krealloc_more_oob_helper+0x168/0x678 [ 17.466800] krealloc_more_oob+0x20/0x38 [ 17.466888] kunit_try_run_case+0x170/0x3f0 [ 17.466969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.467057] kthread+0x328/0x630 [ 17.467210] ret_from_fork+0x10/0x20 [ 17.467333] [ 17.467400] The buggy address belongs to the object at fff00000c4714400 [ 17.467400] which belongs to the cache kmalloc-256 of size 256 [ 17.467837] The buggy address is located 5 bytes to the right of [ 17.467837] allocated 235-byte region [fff00000c4714400, fff00000c47144eb) [ 17.468053] [ 17.468159] The buggy address belongs to the physical page: [ 17.468291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104714 [ 17.468527] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.468776] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.469000] page_type: f5(slab) [ 17.469211] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.469507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.469725] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.469850] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.470065] head: 0bfffe0000000001 ffffc1ffc311c501 00000000ffffffff 00000000ffffffff [ 17.470196] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.470651] page dumped because: kasan: bad access detected [ 17.470725] [ 17.470769] Memory state around the buggy address: [ 17.470925] fff00000c4714380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.471162] fff00000c4714400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.471404] >fff00000c4714480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.471943] ^ [ 17.472149] fff00000c4714500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.472266] fff00000c4714580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.472436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.426573] ================================================================== [ 17.426763] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 17.426878] Read of size 1 at addr fff00000c7a00000 by task kunit_try_catch/156 [ 17.426983] [ 17.427062] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.427240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.428848] Hardware name: linux,dummy-virt (DT) [ 17.428958] Call trace: [ 17.429023] show_stack+0x20/0x38 (C) [ 17.429150] dump_stack_lvl+0x8c/0xd0 [ 17.429267] print_report+0x118/0x608 [ 17.429358] kasan_report+0xdc/0x128 [ 17.429436] __asan_report_load1_noabort+0x20/0x30 [ 17.429568] page_alloc_uaf+0x328/0x350 [ 17.429662] kunit_try_run_case+0x170/0x3f0 [ 17.429761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.429855] kthread+0x328/0x630 [ 17.429943] ret_from_fork+0x10/0x20 [ 17.430041] [ 17.430082] The buggy address belongs to the physical page: [ 17.430202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a00 [ 17.430345] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.430580] page_type: f0(buddy) [ 17.430671] raw: 0bfffe0000000000 fff00000ff616228 fff00000ff616228 0000000000000000 [ 17.430800] raw: 0000000000000000 0000000000000009 00000000f0000000 0000000000000000 [ 17.431064] page dumped because: kasan: bad access detected [ 17.431150] [ 17.431191] Memory state around the buggy address: [ 17.431433] fff00000c79fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.431946] fff00000c79fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.432046] >fff00000c7a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.432596] ^ [ 17.432859] fff00000c7a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.433164] fff00000c7a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.433772] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.382214] ================================================================== [ 17.382437] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.382609] Free of addr fff00000c6bbc001 by task kunit_try_catch/152 [ 17.382741] [ 17.382814] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.383068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.383154] Hardware name: linux,dummy-virt (DT) [ 17.383247] Call trace: [ 17.383341] show_stack+0x20/0x38 (C) [ 17.383438] dump_stack_lvl+0x8c/0xd0 [ 17.383541] print_report+0x118/0x608 [ 17.383863] kasan_report_invalid_free+0xc0/0xe8 [ 17.384129] __kasan_kfree_large+0x5c/0xa8 [ 17.384244] free_large_kmalloc+0x64/0x190 [ 17.384386] kfree+0x270/0x3c8 [ 17.384896] kmalloc_large_invalid_free+0x108/0x270 [ 17.385098] kunit_try_run_case+0x170/0x3f0 [ 17.385326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.385474] kthread+0x328/0x630 [ 17.386065] ret_from_fork+0x10/0x20 [ 17.386678] [ 17.386953] The buggy address belongs to the physical page: [ 17.387236] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bbc [ 17.387429] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.387760] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.387916] page_type: f8(unknown) [ 17.387999] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.388102] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.388768] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.389136] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.389320] head: 0bfffe0000000002 ffffc1ffc31aef01 00000000ffffffff 00000000ffffffff [ 17.389582] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.389742] page dumped because: kasan: bad access detected [ 17.389831] [ 17.389870] Memory state around the buggy address: [ 17.389939] fff00000c6bbbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.390574] fff00000c6bbbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.390743] >fff00000c6bbc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.390831] ^ [ 17.390892] fff00000c6bbc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.391042] fff00000c6bbc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.391266] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.361581] ================================================================== [ 17.361942] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.362062] Read of size 1 at addr fff00000c6bbc000 by task kunit_try_catch/150 [ 17.362172] [ 17.362239] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.362427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.362488] Hardware name: linux,dummy-virt (DT) [ 17.362576] Call trace: [ 17.362629] show_stack+0x20/0x38 (C) [ 17.362766] dump_stack_lvl+0x8c/0xd0 [ 17.362856] print_report+0x118/0x608 [ 17.363118] kasan_report+0xdc/0x128 [ 17.363248] __asan_report_load1_noabort+0x20/0x30 [ 17.363348] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.363724] kunit_try_run_case+0x170/0x3f0 [ 17.363925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.364040] kthread+0x328/0x630 [ 17.364118] ret_from_fork+0x10/0x20 [ 17.364205] [ 17.364246] The buggy address belongs to the physical page: [ 17.364307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bbc [ 17.364418] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.364566] raw: 0bfffe0000000000 ffffc1ffc31e7408 fff00000da47bd80 0000000000000000 [ 17.364675] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.364855] page dumped because: kasan: bad access detected [ 17.364916] [ 17.364954] Memory state around the buggy address: [ 17.365020] fff00000c6bbbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.365117] fff00000c6bbbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.365196] >fff00000c6bbc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.365271] ^ [ 17.365326] fff00000c6bbc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.365422] fff00000c6bbc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.365519] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.338987] ================================================================== [ 17.339125] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.339223] Write of size 1 at addr fff00000c6bbe00a by task kunit_try_catch/148 [ 17.339890] [ 17.339981] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.340246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.340313] Hardware name: linux,dummy-virt (DT) [ 17.340398] Call trace: [ 17.340474] show_stack+0x20/0x38 (C) [ 17.340585] dump_stack_lvl+0x8c/0xd0 [ 17.340698] print_report+0x118/0x608 [ 17.340827] kasan_report+0xdc/0x128 [ 17.340952] __asan_report_store1_noabort+0x20/0x30 [ 17.341096] kmalloc_large_oob_right+0x278/0x2b8 [ 17.341234] kunit_try_run_case+0x170/0x3f0 [ 17.341338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.341500] kthread+0x328/0x630 [ 17.341651] ret_from_fork+0x10/0x20 [ 17.341784] [ 17.341891] The buggy address belongs to the physical page: [ 17.341966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bbc [ 17.342106] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.342215] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.342349] page_type: f8(unknown) [ 17.342462] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.342579] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.342678] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.343401] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.343596] head: 0bfffe0000000002 ffffc1ffc31aef01 00000000ffffffff 00000000ffffffff [ 17.343720] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.343813] page dumped because: kasan: bad access detected [ 17.343883] [ 17.344079] Memory state around the buggy address: [ 17.344152] fff00000c6bbdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.344309] fff00000c6bbdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.344396] >fff00000c6bbe000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.344462] ^ [ 17.344519] fff00000c6bbe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.344616] fff00000c6bbe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.344739] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.323588] ================================================================== [ 17.323715] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.323780] Write of size 1 at addr fff00000c6bedf00 by task kunit_try_catch/146 [ 17.323828] [ 17.323867] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.323946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.323971] Hardware name: linux,dummy-virt (DT) [ 17.324001] Call trace: [ 17.324025] show_stack+0x20/0x38 (C) [ 17.324073] dump_stack_lvl+0x8c/0xd0 [ 17.324116] print_report+0x118/0x608 [ 17.324157] kasan_report+0xdc/0x128 [ 17.324197] __asan_report_store1_noabort+0x20/0x30 [ 17.324243] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.324288] kunit_try_run_case+0x170/0x3f0 [ 17.324332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.324380] kthread+0x328/0x630 [ 17.324423] ret_from_fork+0x10/0x20 [ 17.324468] [ 17.324486] Allocated by task 146: [ 17.324513] kasan_save_stack+0x3c/0x68 [ 17.324634] kasan_save_track+0x20/0x40 [ 17.324703] kasan_save_alloc_info+0x40/0x58 [ 17.324765] __kasan_kmalloc+0xd4/0xd8 [ 17.324861] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.324956] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.325035] kunit_try_run_case+0x170/0x3f0 [ 17.325113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.325296] kthread+0x328/0x630 [ 17.325379] ret_from_fork+0x10/0x20 [ 17.325449] [ 17.325522] The buggy address belongs to the object at fff00000c6bec000 [ 17.325522] which belongs to the cache kmalloc-8k of size 8192 [ 17.325724] The buggy address is located 0 bytes to the right of [ 17.325724] allocated 7936-byte region [fff00000c6bec000, fff00000c6bedf00) [ 17.325867] [ 17.325923] The buggy address belongs to the physical page: [ 17.326011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106be8 [ 17.326118] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.326218] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.326352] page_type: f5(slab) [ 17.326450] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.326572] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.326691] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.326838] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.326969] head: 0bfffe0000000003 ffffc1ffc31afa01 00000000ffffffff 00000000ffffffff [ 17.327093] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.327217] page dumped because: kasan: bad access detected [ 17.327297] [ 17.327329] Memory state around the buggy address: [ 17.327393] fff00000c6bede00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.327904] fff00000c6bede80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.328008] >fff00000c6bedf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.328092] ^ [ 17.328152] fff00000c6bedf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.328242] fff00000c6bee000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.328317] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.289146] ================================================================== [ 17.289269] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.289381] Write of size 1 at addr fff00000c62d4578 by task kunit_try_catch/144 [ 17.289507] [ 17.289651] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.289817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.289877] Hardware name: linux,dummy-virt (DT) [ 17.289948] Call trace: [ 17.289998] show_stack+0x20/0x38 (C) [ 17.290101] dump_stack_lvl+0x8c/0xd0 [ 17.290192] print_report+0x118/0x608 [ 17.290281] kasan_report+0xdc/0x128 [ 17.290984] __asan_report_store1_noabort+0x20/0x30 [ 17.291323] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.291467] kunit_try_run_case+0x170/0x3f0 [ 17.291714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.291869] kthread+0x328/0x630 [ 17.291947] ret_from_fork+0x10/0x20 [ 17.292037] [ 17.292074] Allocated by task 144: [ 17.292554] kasan_save_stack+0x3c/0x68 [ 17.292749] kasan_save_track+0x20/0x40 [ 17.292968] kasan_save_alloc_info+0x40/0x58 [ 17.293171] __kasan_kmalloc+0xd4/0xd8 [ 17.293300] __kmalloc_node_track_caller_noprof+0x18c/0x4c0 [ 17.293588] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.293686] kunit_try_run_case+0x170/0x3f0 [ 17.293777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.293881] kthread+0x328/0x630 [ 17.293965] ret_from_fork+0x10/0x20 [ 17.294125] [ 17.294192] The buggy address belongs to the object at fff00000c62d4500 [ 17.294192] which belongs to the cache kmalloc-128 of size 128 [ 17.294433] The buggy address is located 0 bytes to the right of [ 17.294433] allocated 120-byte region [fff00000c62d4500, fff00000c62d4578) [ 17.294584] [ 17.294626] The buggy address belongs to the physical page: [ 17.294691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.294808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.294924] page_type: f5(slab) [ 17.294998] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.295370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.295463] page dumped because: kasan: bad access detected [ 17.295521] [ 17.295563] Memory state around the buggy address: [ 17.295643] fff00000c62d4400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.295731] fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.296076] >fff00000c62d4500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.296199] ^ [ 17.296326] fff00000c62d4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.296437] fff00000c62d4600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.296523] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.269832] ================================================================== [ 17.269975] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.270092] Read of size 1 at addr fff00000c6837000 by task kunit_try_catch/142 [ 17.270207] [ 17.270279] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.270458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.270519] Hardware name: linux,dummy-virt (DT) [ 17.270645] Call trace: [ 17.270697] show_stack+0x20/0x38 (C) [ 17.270802] dump_stack_lvl+0x8c/0xd0 [ 17.271182] print_report+0x118/0x608 [ 17.271305] kasan_report+0xdc/0x128 [ 17.271497] __asan_report_load1_noabort+0x20/0x30 [ 17.271632] kmalloc_node_oob_right+0x2f4/0x330 [ 17.271912] kunit_try_run_case+0x170/0x3f0 [ 17.272034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.272240] kthread+0x328/0x630 [ 17.272337] ret_from_fork+0x10/0x20 [ 17.272437] [ 17.272475] Allocated by task 142: [ 17.272560] kasan_save_stack+0x3c/0x68 [ 17.272730] kasan_save_track+0x20/0x40 [ 17.272817] kasan_save_alloc_info+0x40/0x58 [ 17.272894] __kasan_kmalloc+0xd4/0xd8 [ 17.272974] __kmalloc_cache_node_noprof+0x168/0x3d0 [ 17.273061] kmalloc_node_oob_right+0xbc/0x330 [ 17.273153] kunit_try_run_case+0x170/0x3f0 [ 17.273238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.273353] kthread+0x328/0x630 [ 17.273429] ret_from_fork+0x10/0x20 [ 17.273578] [ 17.273622] The buggy address belongs to the object at fff00000c6836000 [ 17.273622] which belongs to the cache kmalloc-4k of size 4096 [ 17.274112] The buggy address is located 0 bytes to the right of [ 17.274112] allocated 4096-byte region [fff00000c6836000, fff00000c6837000) [ 17.274343] [ 17.274389] The buggy address belongs to the physical page: [ 17.274523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106830 [ 17.274873] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.274984] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.275160] page_type: f5(slab) [ 17.275263] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.275392] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.275504] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.276217] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.276556] head: 0bfffe0000000003 ffffc1ffc31a0c01 00000000ffffffff 00000000ffffffff [ 17.277100] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.277291] page dumped because: kasan: bad access detected [ 17.277364] [ 17.277407] Memory state around the buggy address: [ 17.277504] fff00000c6836f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.277653] fff00000c6836f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.277758] >fff00000c6837000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.277832] ^ [ 17.277889] fff00000c6837080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.278038] fff00000c6837100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.278137] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.246159] ================================================================== [ 17.246358] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.246496] Read of size 1 at addr fff00000c625605f by task kunit_try_catch/140 [ 17.246696] [ 17.246798] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.247041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.247119] Hardware name: linux,dummy-virt (DT) [ 17.247185] Call trace: [ 17.247226] show_stack+0x20/0x38 (C) [ 17.247314] dump_stack_lvl+0x8c/0xd0 [ 17.247426] print_report+0x118/0x608 [ 17.247568] kasan_report+0xdc/0x128 [ 17.247673] __asan_report_load1_noabort+0x20/0x30 [ 17.247816] kmalloc_oob_left+0x2ec/0x320 [ 17.247956] kunit_try_run_case+0x170/0x3f0 [ 17.248099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248214] kthread+0x328/0x630 [ 17.248309] ret_from_fork+0x10/0x20 [ 17.248409] [ 17.248450] Allocated by task 26: [ 17.248514] kasan_save_stack+0x3c/0x68 [ 17.248631] kasan_save_track+0x20/0x40 [ 17.248705] kasan_save_alloc_info+0x40/0x58 [ 17.248778] __kasan_kmalloc+0xd4/0xd8 [ 17.248842] __kmalloc_node_track_caller_noprof+0x18c/0x4c0 [ 17.248924] kstrdup+0x54/0xc8 [ 17.248999] devtmpfs_work_loop+0x3a4/0x5d0 [ 17.249086] devtmpfsd+0x50/0x58 [ 17.249166] kthread+0x328/0x630 [ 17.249241] ret_from_fork+0x10/0x20 [ 17.249313] [ 17.249383] Freed by task 26: [ 17.249576] kasan_save_stack+0x3c/0x68 [ 17.249674] kasan_save_track+0x20/0x40 [ 17.249758] kasan_save_free_info+0x4c/0x78 [ 17.249876] __kasan_slab_free+0x6c/0x98 [ 17.249987] kfree+0x214/0x3c8 [ 17.250064] devtmpfs_work_loop+0x4a8/0x5d0 [ 17.250187] devtmpfsd+0x50/0x58 [ 17.250292] kthread+0x328/0x630 [ 17.250386] ret_from_fork+0x10/0x20 [ 17.250475] [ 17.250521] The buggy address belongs to the object at fff00000c6256040 [ 17.250521] which belongs to the cache kmalloc-16 of size 16 [ 17.250644] The buggy address is located 15 bytes to the right of [ 17.250644] allocated 16-byte region [fff00000c6256040, fff00000c6256050) [ 17.250772] [ 17.250813] The buggy address belongs to the physical page: [ 17.250905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106256 [ 17.251089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.251220] page_type: f5(slab) [ 17.251304] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.251420] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.251517] page dumped because: kasan: bad access detected [ 17.251602] [ 17.251641] Memory state around the buggy address: [ 17.251707] fff00000c6255f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.251806] fff00000c6255f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.251887] >fff00000c6256000: 00 00 fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 17.251964] ^ [ 17.252048] fff00000c6256080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.252148] fff00000c6256100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.252226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.218050] ================================================================== [ 17.218148] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.218266] Write of size 1 at addr fff00000c62d4478 by task kunit_try_catch/138 [ 17.218412] [ 17.218513] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.218672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.218726] Hardware name: linux,dummy-virt (DT) [ 17.218790] Call trace: [ 17.218829] show_stack+0x20/0x38 (C) [ 17.218943] dump_stack_lvl+0x8c/0xd0 [ 17.219026] print_report+0x118/0x608 [ 17.219106] kasan_report+0xdc/0x128 [ 17.219192] __asan_report_store1_noabort+0x20/0x30 [ 17.219289] kmalloc_oob_right+0x538/0x660 [ 17.219726] kunit_try_run_case+0x170/0x3f0 [ 17.220047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.220150] kthread+0x328/0x630 [ 17.220226] ret_from_fork+0x10/0x20 [ 17.220426] [ 17.220491] Allocated by task 138: [ 17.220639] kasan_save_stack+0x3c/0x68 [ 17.220907] kasan_save_track+0x20/0x40 [ 17.221161] kasan_save_alloc_info+0x40/0x58 [ 17.221268] __kasan_kmalloc+0xd4/0xd8 [ 17.221347] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.221433] kmalloc_oob_right+0xb0/0x660 [ 17.221551] kunit_try_run_case+0x170/0x3f0 [ 17.221648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.221742] kthread+0x328/0x630 [ 17.221810] ret_from_fork+0x10/0x20 [ 17.222826] [ 17.222880] The buggy address belongs to the object at fff00000c62d4400 [ 17.222880] which belongs to the cache kmalloc-128 of size 128 [ 17.223038] The buggy address is located 5 bytes to the right of [ 17.223038] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.223183] [ 17.223222] The buggy address belongs to the physical page: [ 17.223286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.223402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.224150] page_type: f5(slab) [ 17.224273] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.224499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.224662] page dumped because: kasan: bad access detected [ 17.225695] [ 17.225790] Memory state around the buggy address: [ 17.226200] fff00000c62d4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.226633] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.226907] >fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.226997] ^ [ 17.227086] fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227179] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227267] ================================================================== [ 17.208783] ================================================================== [ 17.209173] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.210185] Write of size 1 at addr fff00000c62d4473 by task kunit_try_catch/138 [ 17.210314] [ 17.211352] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.0-rc3 #1 PREEMPT [ 17.211667] Tainted: [N]=TEST [ 17.211739] Hardware name: linux,dummy-virt (DT) [ 17.212144] Call trace: [ 17.212326] show_stack+0x20/0x38 (C) [ 17.212494] dump_stack_lvl+0x8c/0xd0 [ 17.212584] print_report+0x118/0x608 [ 17.212635] kasan_report+0xdc/0x128 [ 17.212680] __asan_report_store1_noabort+0x20/0x30 [ 17.212728] kmalloc_oob_right+0x5a4/0x660 [ 17.212773] kunit_try_run_case+0x170/0x3f0 [ 17.212823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.212873] kthread+0x328/0x630 [ 17.212918] ret_from_fork+0x10/0x20 [ 17.213087] [ 17.213134] Allocated by task 138: [ 17.213313] kasan_save_stack+0x3c/0x68 [ 17.213388] kasan_save_track+0x20/0x40 [ 17.213426] kasan_save_alloc_info+0x40/0x58 [ 17.213478] __kasan_kmalloc+0xd4/0xd8 [ 17.213520] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.213582] kmalloc_oob_right+0xb0/0x660 [ 17.213623] kunit_try_run_case+0x170/0x3f0 [ 17.213659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.213700] kthread+0x328/0x630 [ 17.213734] ret_from_fork+0x10/0x20 [ 17.213791] [ 17.213857] The buggy address belongs to the object at fff00000c62d4400 [ 17.213857] which belongs to the cache kmalloc-128 of size 128 [ 17.213959] The buggy address is located 0 bytes to the right of [ 17.213959] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.214025] [ 17.214117] The buggy address belongs to the physical page: [ 17.214355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.214690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.215020] page_type: f5(slab) [ 17.215433] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.215576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.215787] page dumped because: kasan: bad access detected [ 17.215875] [ 17.215935] Memory state around the buggy address: [ 17.216274] fff00000c62d4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.216353] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216412] >fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.216468] ^ [ 17.216584] fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216628] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.216697] ================================================================== [ 17.227970] ================================================================== [ 17.228072] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.228172] Read of size 1 at addr fff00000c62d4480 by task kunit_try_catch/138 [ 17.228271] [ 17.228561] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 17.228875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.228947] Hardware name: linux,dummy-virt (DT) [ 17.229062] Call trace: [ 17.229149] show_stack+0x20/0x38 (C) [ 17.229352] dump_stack_lvl+0x8c/0xd0 [ 17.229528] print_report+0x118/0x608 [ 17.229646] kasan_report+0xdc/0x128 [ 17.229771] __asan_report_load1_noabort+0x20/0x30 [ 17.229905] kmalloc_oob_right+0x5d0/0x660 [ 17.230503] kunit_try_run_case+0x170/0x3f0 [ 17.230663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.230813] kthread+0x328/0x630 [ 17.230908] ret_from_fork+0x10/0x20 [ 17.231010] [ 17.231046] Allocated by task 138: [ 17.231101] kasan_save_stack+0x3c/0x68 [ 17.231185] kasan_save_track+0x20/0x40 [ 17.231262] kasan_save_alloc_info+0x40/0x58 [ 17.231340] __kasan_kmalloc+0xd4/0xd8 [ 17.231410] __kmalloc_cache_noprof+0x15c/0x3c0 [ 17.231658] kmalloc_oob_right+0xb0/0x660 [ 17.231800] kunit_try_run_case+0x170/0x3f0 [ 17.231880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.232104] kthread+0x328/0x630 [ 17.232186] ret_from_fork+0x10/0x20 [ 17.232251] [ 17.232289] The buggy address belongs to the object at fff00000c62d4400 [ 17.232289] which belongs to the cache kmalloc-128 of size 128 [ 17.232428] The buggy address is located 13 bytes to the right of [ 17.232428] allocated 115-byte region [fff00000c62d4400, fff00000c62d4473) [ 17.232625] [ 17.232696] The buggy address belongs to the physical page: [ 17.232758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062d4 [ 17.232878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.232975] page_type: f5(slab) [ 17.233210] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.233377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.233505] page dumped because: kasan: bad access detected [ 17.233582] [ 17.233621] Memory state around the buggy address: [ 17.233687] fff00000c62d4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.233991] fff00000c62d4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.234127] >fff00000c62d4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234214] ^ [ 17.234272] fff00000c62d4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234369] fff00000c62d4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234456] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 96.889127] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 96.889979] Modules linked in: [ 96.890323] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc3 #1 PREEMPT [ 96.890990] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.891277] Hardware name: linux,dummy-virt (DT) [ 96.891561] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.892173] pc : intlog10+0x38/0x48 [ 96.892365] lr : intlog10_test+0xe4/0x200 [ 96.892833] sp : ffff800082257c10 [ 96.892992] x29: ffff800082257c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.893521] x26: 1ffe0000188a2e81 x25: 0000000000000000 x24: ffff800082257ce0 [ 96.894296] x23: ffff800082257d00 x22: 0000000000000000 x21: 1ffff0001044af82 [ 96.894684] x20: ffff9a60550c3840 x19: ffff800080087990 x18: 0000000065c8cb1d [ 96.895128] x17: 00000000e8fd9feb x16: fff00000c096e03c x15: 00000000e8ebdfc4 [ 96.895898] x14: 00000000f1f1f1f1 x13: 1ffe00001b48ac0d x12: ffff734c0b1e1161 [ 96.896218] x11: 1ffff34c0b1e1160 x10: ffff734c0b1e1160 x9 : ffff9a605260d60c [ 96.896880] x8 : ffff9a6058f08b03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.897443] x5 : ffff70001044af82 x4 : 1ffff00010010f3a x3 : 1ffff34c0aa18708 [ 96.898042] x2 : 1ffff34c0aa18708 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.898589] Call trace: [ 96.898772] intlog10+0x38/0x48 (P) [ 96.899063] kunit_try_run_case+0x170/0x3f0 [ 96.899464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.899742] kthread+0x328/0x630 [ 96.900027] ret_from_fork+0x10/0x20 [ 96.900288] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 96.837656] WARNING: CPU: 1 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 96.838452] Modules linked in: [ 96.838817] CPU: 1 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc3 #1 PREEMPT [ 96.839185] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.839364] Hardware name: linux,dummy-virt (DT) [ 96.839699] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.841401] pc : intlog2+0xd8/0xf8 [ 96.841736] lr : intlog2_test+0xe4/0x200 [ 96.842027] sp : ffff8000821c7c10 [ 96.842266] x29: ffff8000821c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.843165] x26: 1ffe0000188c97c1 x25: 0000000000000000 x24: ffff8000821c7ce0 [ 96.843887] x23: ffff8000821c7d00 x22: 0000000000000000 x21: 1ffff00010438f82 [ 96.844355] x20: ffff9a60550c3740 x19: ffff800080087990 x18: 00000000b9268780 [ 96.844805] x17: fff065a0834ce000 x16: ffff800080010000 x15: 00000000b891789d [ 96.845246] x14: 000000002a22c82c x13: fff00000c10a9400 x12: ffff734c0b1e1161 [ 96.845645] x11: 1ffff34c0b1e1160 x10: ffff734c0b1e1160 x9 : ffff9a605260d80c [ 96.846418] x8 : ffff9a6058f08b03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.846762] x5 : ffff700010438f82 x4 : 1ffff00010010f3a x3 : 1ffff34c0aa186e8 [ 96.847050] x2 : 1ffff34c0aa186e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.848211] Call trace: [ 96.848440] intlog2+0xd8/0xf8 (P) [ 96.848781] kunit_try_run_case+0x170/0x3f0 [ 96.849153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.849543] kthread+0x328/0x630 [ 96.849809] ret_from_fork+0x10/0x20 [ 96.850159] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 95.772477] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.774855] Modules linked in: [ 95.775269] CPU: 1 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc3 #1 PREEMPT [ 95.775872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.776168] Hardware name: linux,dummy-virt (DT) [ 95.776822] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.777458] pc : kunit_test_null_dereference+0x70/0x170 [ 95.777830] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.778159] sp : ffff800080f57d30 [ 95.778318] x29: ffff800080f57d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.778873] x26: 1ffe000018815241 x25: 0000000000000000 x24: 0000000000000004 [ 95.779461] x23: fff00000c40a920c x22: ffff9a60525fabe8 x21: fff00000c1258488 [ 95.779893] x20: 1ffff000101eafa6 x19: ffff800080087990 x18: 00000000d24d5d58 [ 95.780360] x17: 0000000000000001 x16: fff00000c096e03c x15: fff00000ff616b08 [ 95.780670] x14: 00000000f1f1f1f1 x13: 1ffe00001b48efd0 x12: fffd800018cf462c [ 95.781156] x11: 1ffe000018cf462b x10: fffd800018cf462b x9 : ffff9a60525f2050 [ 95.781676] x8 : ffff800080f57c38 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.782092] x5 : ffff7000101eafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.782462] x2 : dfff800000000000 x1 : fff00000c67a2880 x0 : ffff800080087990 [ 95.782848] Call trace: [ 95.783014] kunit_test_null_dereference+0x70/0x170 (P) [ 95.783221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.783440] kthread+0x328/0x630 [ 95.783921] ret_from_fork+0x10/0x20 [ 95.784600] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.785266] ---[ end trace 0000000000000000 ]---