Date
May 23, 2025, 11:07 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 28.112306] ================================================================== [ 28.112467] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 28.112607] Read of size 1 at addr fff00000c775a000 by task kunit_try_catch/198 [ 28.112751] [ 28.112840] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.113098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.113219] Hardware name: linux,dummy-virt (DT) [ 28.113350] Call trace: [ 28.113440] show_stack+0x20/0x38 (C) [ 28.113877] dump_stack_lvl+0x8c/0xd0 [ 28.114333] print_report+0x118/0x608 [ 28.114634] kasan_report+0xdc/0x128 [ 28.114811] __asan_report_load1_noabort+0x20/0x30 [ 28.114972] ksize_uaf+0x598/0x5f8 [ 28.115088] kunit_try_run_case+0x170/0x3f0 [ 28.115222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.115470] kthread+0x328/0x630 [ 28.115617] ret_from_fork+0x10/0x20 [ 28.115755] [ 28.115817] Allocated by task 198: [ 28.115975] kasan_save_stack+0x3c/0x68 [ 28.116094] kasan_save_track+0x20/0x40 [ 28.116198] kasan_save_alloc_info+0x40/0x58 [ 28.116500] __kasan_kmalloc+0xd4/0xd8 [ 28.116664] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.116815] ksize_uaf+0xb8/0x5f8 [ 28.116959] kunit_try_run_case+0x170/0x3f0 [ 28.117074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.117248] kthread+0x328/0x630 [ 28.117350] ret_from_fork+0x10/0x20 [ 28.117442] [ 28.117510] Freed by task 198: [ 28.117576] kasan_save_stack+0x3c/0x68 [ 28.117679] kasan_save_track+0x20/0x40 [ 28.117811] kasan_save_free_info+0x4c/0x78 [ 28.117947] __kasan_slab_free+0x6c/0x98 [ 28.118149] kfree+0x214/0x3c8 [ 28.118297] ksize_uaf+0x11c/0x5f8 [ 28.118412] kunit_try_run_case+0x170/0x3f0 [ 28.118599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.118745] kthread+0x328/0x630 [ 28.118888] ret_from_fork+0x10/0x20 [ 28.119023] [ 28.119141] The buggy address belongs to the object at fff00000c775a000 [ 28.119141] which belongs to the cache kmalloc-128 of size 128 [ 28.119394] The buggy address is located 0 bytes inside of [ 28.119394] freed 128-byte region [fff00000c775a000, fff00000c775a080) [ 28.119692] [ 28.119760] The buggy address belongs to the physical page: [ 28.119989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 28.120303] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.120598] page_type: f5(slab) [ 28.120734] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.120883] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.121010] page dumped because: kasan: bad access detected [ 28.121106] [ 28.121296] Memory state around the buggy address: [ 28.121977] fff00000c7759f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.122430] fff00000c7759f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.122772] >fff00000c775a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.123138] ^ [ 28.123267] fff00000c775a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.123984] fff00000c775a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.124335] ================================================================== [ 28.099435] ================================================================== [ 28.099693] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 28.099940] Read of size 1 at addr fff00000c775a000 by task kunit_try_catch/198 [ 28.100101] [ 28.100198] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.100466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.100556] Hardware name: linux,dummy-virt (DT) [ 28.100878] Call trace: [ 28.100952] show_stack+0x20/0x38 (C) [ 28.101089] dump_stack_lvl+0x8c/0xd0 [ 28.101215] print_report+0x118/0x608 [ 28.101378] kasan_report+0xdc/0x128 [ 28.101622] __kasan_check_byte+0x54/0x70 [ 28.101853] ksize+0x30/0x88 [ 28.102248] ksize_uaf+0x168/0x5f8 [ 28.102391] kunit_try_run_case+0x170/0x3f0 [ 28.102564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.102726] kthread+0x328/0x630 [ 28.102859] ret_from_fork+0x10/0x20 [ 28.103069] [ 28.103147] Allocated by task 198: [ 28.103322] kasan_save_stack+0x3c/0x68 [ 28.103582] kasan_save_track+0x20/0x40 [ 28.103977] kasan_save_alloc_info+0x40/0x58 [ 28.104211] __kasan_kmalloc+0xd4/0xd8 [ 28.104417] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.104628] ksize_uaf+0xb8/0x5f8 [ 28.104827] kunit_try_run_case+0x170/0x3f0 [ 28.105023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.105231] kthread+0x328/0x630 [ 28.105347] ret_from_fork+0x10/0x20 [ 28.105441] [ 28.105500] Freed by task 198: [ 28.105562] kasan_save_stack+0x3c/0x68 [ 28.105666] kasan_save_track+0x20/0x40 [ 28.106227] kasan_save_free_info+0x4c/0x78 [ 28.106459] __kasan_slab_free+0x6c/0x98 [ 28.106588] kfree+0x214/0x3c8 [ 28.106734] ksize_uaf+0x11c/0x5f8 [ 28.106860] kunit_try_run_case+0x170/0x3f0 [ 28.107000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.107173] kthread+0x328/0x630 [ 28.107324] ret_from_fork+0x10/0x20 [ 28.107502] [ 28.107565] The buggy address belongs to the object at fff00000c775a000 [ 28.107565] which belongs to the cache kmalloc-128 of size 128 [ 28.107739] The buggy address is located 0 bytes inside of [ 28.107739] freed 128-byte region [fff00000c775a000, fff00000c775a080) [ 28.107927] [ 28.107979] The buggy address belongs to the physical page: [ 28.108074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 28.108247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.108390] page_type: f5(slab) [ 28.108805] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.109051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.109217] page dumped because: kasan: bad access detected [ 28.109332] [ 28.109429] Memory state around the buggy address: [ 28.109515] fff00000c7759f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.109582] fff00000c7759f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.109660] >fff00000c775a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.109792] ^ [ 28.109910] fff00000c775a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.110027] fff00000c775a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.110117] ================================================================== [ 28.126742] ================================================================== [ 28.126883] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 28.127027] Read of size 1 at addr fff00000c775a078 by task kunit_try_catch/198 [ 28.127173] [ 28.127270] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.127593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.128031] Hardware name: linux,dummy-virt (DT) [ 28.128180] Call trace: [ 28.128370] show_stack+0x20/0x38 (C) [ 28.128538] dump_stack_lvl+0x8c/0xd0 [ 28.129727] print_report+0x118/0x608 [ 28.129910] kasan_report+0xdc/0x128 [ 28.130007] __asan_report_load1_noabort+0x20/0x30 [ 28.130078] ksize_uaf+0x544/0x5f8 [ 28.130145] kunit_try_run_case+0x170/0x3f0 [ 28.130213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.130292] kthread+0x328/0x630 [ 28.130355] ret_from_fork+0x10/0x20 [ 28.130426] [ 28.130479] Allocated by task 198: [ 28.130570] kasan_save_stack+0x3c/0x68 [ 28.130749] kasan_save_track+0x20/0x40 [ 28.130865] kasan_save_alloc_info+0x40/0x58 [ 28.131045] __kasan_kmalloc+0xd4/0xd8 [ 28.131213] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.131392] ksize_uaf+0xb8/0x5f8 [ 28.131905] kunit_try_run_case+0x170/0x3f0 [ 28.132046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.132116] kthread+0x328/0x630 [ 28.132175] ret_from_fork+0x10/0x20 [ 28.132301] [ 28.132389] Freed by task 198: [ 28.132520] kasan_save_stack+0x3c/0x68 [ 28.132681] kasan_save_track+0x20/0x40 [ 28.132832] kasan_save_free_info+0x4c/0x78 [ 28.132993] __kasan_slab_free+0x6c/0x98 [ 28.133151] kfree+0x214/0x3c8 [ 28.133266] ksize_uaf+0x11c/0x5f8 [ 28.133565] kunit_try_run_case+0x170/0x3f0 [ 28.133701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.134301] kthread+0x328/0x630 [ 28.134778] ret_from_fork+0x10/0x20 [ 28.134894] [ 28.134953] The buggy address belongs to the object at fff00000c775a000 [ 28.134953] which belongs to the cache kmalloc-128 of size 128 [ 28.135130] The buggy address is located 120 bytes inside of [ 28.135130] freed 128-byte region [fff00000c775a000, fff00000c775a080) [ 28.135324] [ 28.135403] The buggy address belongs to the physical page: [ 28.135515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 28.137079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.137772] page_type: f5(slab) [ 28.138098] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.138362] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.138704] page dumped because: kasan: bad access detected [ 28.139313] [ 28.139405] Memory state around the buggy address: [ 28.140018] fff00000c7759f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.140147] fff00000c7759f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.140268] >fff00000c775a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.141030] ^ [ 28.141788] fff00000c775a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.142387] fff00000c775a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.142546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 28.044887] ================================================================== [ 28.045078] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 28.045247] Read of size 1 at addr fff00000c5a34f78 by task kunit_try_catch/196 [ 28.045399] [ 28.045507] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.045797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.045989] Hardware name: linux,dummy-virt (DT) [ 28.046102] Call trace: [ 28.046192] show_stack+0x20/0x38 (C) [ 28.046396] dump_stack_lvl+0x8c/0xd0 [ 28.046554] print_report+0x118/0x608 [ 28.046699] kasan_report+0xdc/0x128 [ 28.046837] __asan_report_load1_noabort+0x20/0x30 [ 28.047036] ksize_unpoisons_memory+0x618/0x740 [ 28.047211] kunit_try_run_case+0x170/0x3f0 [ 28.047357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.047545] kthread+0x328/0x630 [ 28.047685] ret_from_fork+0x10/0x20 [ 28.047824] [ 28.047882] Allocated by task 196: [ 28.048112] kasan_save_stack+0x3c/0x68 [ 28.048335] kasan_save_track+0x20/0x40 [ 28.048509] kasan_save_alloc_info+0x40/0x58 [ 28.048624] __kasan_kmalloc+0xd4/0xd8 [ 28.048734] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.048859] ksize_unpoisons_memory+0xc0/0x740 [ 28.048977] kunit_try_run_case+0x170/0x3f0 [ 28.049089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.049223] kthread+0x328/0x630 [ 28.049377] ret_from_fork+0x10/0x20 [ 28.049500] [ 28.049545] The buggy address belongs to the object at fff00000c5a34f00 [ 28.049545] which belongs to the cache kmalloc-128 of size 128 [ 28.049678] The buggy address is located 5 bytes to the right of [ 28.049678] allocated 115-byte region [fff00000c5a34f00, fff00000c5a34f73) [ 28.049868] [ 28.049921] The buggy address belongs to the physical page: [ 28.050006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 28.050145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.050320] page_type: f5(slab) [ 28.050427] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.050652] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.050783] page dumped because: kasan: bad access detected [ 28.050915] [ 28.050962] Memory state around the buggy address: [ 28.051100] fff00000c5a34e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.051260] fff00000c5a34e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.051489] >fff00000c5a34f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.051610] ^ [ 28.051784] fff00000c5a34f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.051957] fff00000c5a35000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.052114] ================================================================== [ 28.053785] ================================================================== [ 28.053990] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 28.054199] Read of size 1 at addr fff00000c5a34f7f by task kunit_try_catch/196 [ 28.054405] [ 28.054545] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.054777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.054861] Hardware name: linux,dummy-virt (DT) [ 28.054957] Call trace: [ 28.055021] show_stack+0x20/0x38 (C) [ 28.055168] dump_stack_lvl+0x8c/0xd0 [ 28.055310] print_report+0x118/0x608 [ 28.055472] kasan_report+0xdc/0x128 [ 28.055604] __asan_report_load1_noabort+0x20/0x30 [ 28.055759] ksize_unpoisons_memory+0x690/0x740 [ 28.055897] kunit_try_run_case+0x170/0x3f0 [ 28.056138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.056358] kthread+0x328/0x630 [ 28.056546] ret_from_fork+0x10/0x20 [ 28.056695] [ 28.056742] Allocated by task 196: [ 28.056812] kasan_save_stack+0x3c/0x68 [ 28.056961] kasan_save_track+0x20/0x40 [ 28.057086] kasan_save_alloc_info+0x40/0x58 [ 28.057198] __kasan_kmalloc+0xd4/0xd8 [ 28.057284] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.057416] ksize_unpoisons_memory+0xc0/0x740 [ 28.057538] kunit_try_run_case+0x170/0x3f0 [ 28.057649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.057789] kthread+0x328/0x630 [ 28.057892] ret_from_fork+0x10/0x20 [ 28.058002] [ 28.058066] The buggy address belongs to the object at fff00000c5a34f00 [ 28.058066] which belongs to the cache kmalloc-128 of size 128 [ 28.058248] The buggy address is located 12 bytes to the right of [ 28.058248] allocated 115-byte region [fff00000c5a34f00, fff00000c5a34f73) [ 28.058524] [ 28.058592] The buggy address belongs to the physical page: [ 28.059390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 28.060732] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.061097] page_type: f5(slab) [ 28.061354] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.061608] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.062270] page dumped because: kasan: bad access detected [ 28.062545] [ 28.062672] Memory state around the buggy address: [ 28.062901] fff00000c5a34e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.063070] fff00000c5a34e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.063791] >fff00000c5a34f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.064112] ^ [ 28.064382] fff00000c5a34f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.064512] fff00000c5a35000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.064609] ================================================================== [ 28.016131] ================================================================== [ 28.016379] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 28.016568] Read of size 1 at addr fff00000c5a34f73 by task kunit_try_catch/196 [ 28.016940] [ 28.017060] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.017323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.017408] Hardware name: linux,dummy-virt (DT) [ 28.017576] Call trace: [ 28.017651] show_stack+0x20/0x38 (C) [ 28.017905] dump_stack_lvl+0x8c/0xd0 [ 28.018059] print_report+0x118/0x608 [ 28.018562] kasan_report+0xdc/0x128 [ 28.018961] __asan_report_load1_noabort+0x20/0x30 [ 28.019474] ksize_unpoisons_memory+0x628/0x740 [ 28.019745] kunit_try_run_case+0x170/0x3f0 [ 28.019942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.020188] kthread+0x328/0x630 [ 28.020329] ret_from_fork+0x10/0x20 [ 28.020491] [ 28.020540] Allocated by task 196: [ 28.020619] kasan_save_stack+0x3c/0x68 [ 28.020730] kasan_save_track+0x20/0x40 [ 28.020844] kasan_save_alloc_info+0x40/0x58 [ 28.020961] __kasan_kmalloc+0xd4/0xd8 [ 28.021068] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.021190] ksize_unpoisons_memory+0xc0/0x740 [ 28.021312] kunit_try_run_case+0x170/0x3f0 [ 28.021414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.021538] kthread+0x328/0x630 [ 28.021626] ret_from_fork+0x10/0x20 [ 28.021731] [ 28.023288] The buggy address belongs to the object at fff00000c5a34f00 [ 28.023288] which belongs to the cache kmalloc-128 of size 128 [ 28.023756] The buggy address is located 0 bytes to the right of [ 28.023756] allocated 115-byte region [fff00000c5a34f00, fff00000c5a34f73) [ 28.024482] [ 28.024674] The buggy address belongs to the physical page: [ 28.025255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 28.026005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.026253] page_type: f5(slab) [ 28.026640] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.027005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.027385] page dumped because: kasan: bad access detected [ 28.027594] [ 28.027682] Memory state around the buggy address: [ 28.027907] fff00000c5a34e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.028239] fff00000c5a34e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.028508] >fff00000c5a34f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.028711] ^ [ 28.028936] fff00000c5a34f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.030096] fff00000c5a35000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.030423] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 31.594113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 31.404056] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 31.281466] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 31.290052] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 31.305108] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 59.822091] ================================================================== [ 59.822214] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 59.822214] [ 59.822347] Use-after-free read at 0x000000003ad8bbe6 (in kfence-#217): [ 59.822420] test_krealloc+0x51c/0x830 [ 59.822512] kunit_try_run_case+0x170/0x3f0 [ 59.822579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.822646] kthread+0x328/0x630 [ 59.822706] ret_from_fork+0x10/0x20 [ 59.822765] [ 59.822798] kfence-#217: 0x000000003ad8bbe6-0x000000001dd9321c, size=32, cache=kmalloc-32 [ 59.822798] [ 59.822878] allocated by task 339 on cpu 1 at 59.821010s (0.001862s ago): [ 59.822972] test_alloc+0x29c/0x628 [ 59.823029] test_krealloc+0xc0/0x830 [ 59.823084] kunit_try_run_case+0x170/0x3f0 [ 59.823143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.823206] kthread+0x328/0x630 [ 59.823262] ret_from_fork+0x10/0x20 [ 59.823317] [ 59.823350] freed by task 339 on cpu 1 at 59.821547s (0.001797s ago): [ 59.823467] krealloc_noprof+0x148/0x360 [ 59.823524] test_krealloc+0x1dc/0x830 [ 59.823579] kunit_try_run_case+0x170/0x3f0 [ 59.823639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.823703] kthread+0x328/0x630 [ 59.823759] ret_from_fork+0x10/0x20 [ 59.823815] [ 59.823875] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 59.823998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.824043] Hardware name: linux,dummy-virt (DT) [ 59.824092] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 59.725522] ================================================================== [ 59.725686] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 59.725686] [ 59.725816] Use-after-free read at 0x00000000a066590e (in kfence-#216): [ 59.725893] test_memcache_typesafe_by_rcu+0x280/0x560 [ 59.725965] kunit_try_run_case+0x170/0x3f0 [ 59.726033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.726101] kthread+0x328/0x630 [ 59.726161] ret_from_fork+0x10/0x20 [ 59.726218] [ 59.726254] kfence-#216: 0x00000000a066590e-0x000000008c5df593, size=32, cache=test [ 59.726254] [ 59.726330] allocated by task 337 on cpu 0 at 59.713168s (0.013156s ago): [ 59.726422] test_alloc+0x230/0x628 [ 59.726502] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 59.726563] kunit_try_run_case+0x170/0x3f0 [ 59.726620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.726684] kthread+0x328/0x630 [ 59.726770] ret_from_fork+0x10/0x20 [ 59.726829] [ 59.726862] freed by task 337 on cpu 0 at 59.713375s (0.013481s ago): [ 59.726942] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 59.726999] kunit_try_run_case+0x170/0x3f0 [ 59.727059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.727121] kthread+0x328/0x630 [ 59.727178] ret_from_fork+0x10/0x20 [ 59.727234] [ 59.727294] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 59.727416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.727475] Hardware name: linux,dummy-virt (DT) [ 59.727523] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.186608] ================================================================== [ 40.186897] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 40.186897] [ 40.187136] Invalid read at 0x000000008c456713: [ 40.187335] test_invalid_access+0xdc/0x1f0 [ 40.187546] kunit_try_run_case+0x170/0x3f0 [ 40.187700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.187855] kthread+0x328/0x630 [ 40.187986] ret_from_fork+0x10/0x20 [ 40.188146] [ 40.190387] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 40.195357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.195700] Hardware name: linux,dummy-virt (DT) [ 40.195821] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.949265] ================================================================== [ 39.949476] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.949476] [ 39.949597] Corrupted memory at 0x0000000022ef6c4f [ ! . . . . . . . . . . . . . . . ] (in kfence-#212): [ 39.950024] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.950092] kunit_try_run_case+0x170/0x3f0 [ 39.950158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.950220] kthread+0x328/0x630 [ 39.950282] ret_from_fork+0x10/0x20 [ 39.950341] [ 39.950378] kfence-#212: 0x000000004e9ba7dd-0x0000000071e8940b, size=73, cache=kmalloc-96 [ 39.950378] [ 39.950477] allocated by task 327 on cpu 0 at 39.948868s (0.001602s ago): [ 39.950568] test_alloc+0x29c/0x628 [ 39.950623] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 39.950683] kunit_try_run_case+0x170/0x3f0 [ 39.950742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.950805] kthread+0x328/0x630 [ 39.950859] ret_from_fork+0x10/0x20 [ 39.950916] [ 39.950950] freed by task 327 on cpu 0 at 39.949099s (0.001846s ago): [ 39.951037] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.951095] kunit_try_run_case+0x170/0x3f0 [ 39.951154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.951217] kthread+0x328/0x630 [ 39.951271] ret_from_fork+0x10/0x20 [ 39.951328] [ 39.951397] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 39.951522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.951563] Hardware name: linux,dummy-virt (DT) [ 39.951611] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.741504] ================================================================== [ 39.741627] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 39.741627] [ 39.741757] Out-of-bounds read at 0x00000000c361b894 (105B right of kfence-#210): [ 39.741844] test_kmalloc_aligned_oob_read+0x238/0x468 [ 39.741917] kunit_try_run_case+0x170/0x3f0 [ 39.741985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.742052] kthread+0x328/0x630 [ 39.742113] ret_from_fork+0x10/0x20 [ 39.742172] [ 39.742209] kfence-#210: 0x00000000e494a841-0x00000000fd5da84b, size=73, cache=kmalloc-96 [ 39.742209] [ 39.742286] allocated by task 325 on cpu 0 at 39.741137s (0.001142s ago): [ 39.742382] test_alloc+0x29c/0x628 [ 39.742440] test_kmalloc_aligned_oob_read+0x100/0x468 [ 39.742516] kunit_try_run_case+0x170/0x3f0 [ 39.742577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.742641] kthread+0x328/0x630 [ 39.742696] ret_from_fork+0x10/0x20 [ 39.742753] [ 39.742817] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 39.742931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.742974] Hardware name: linux,dummy-virt (DT) [ 39.743026] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 35.350355] ================================================================== [ 35.350708] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 35.350708] [ 35.351045] Corrupted memory at 0x00000000e6887690 [ ! . . . . . . . . . . . . . . . ] (in kfence-#168): [ 35.353113] test_corruption+0x120/0x378 [ 35.353430] kunit_try_run_case+0x170/0x3f0 [ 35.353736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.354074] kthread+0x328/0x630 [ 35.354221] ret_from_fork+0x10/0x20 [ 35.354341] [ 35.354409] kfence-#168: 0x00000000f5be9bfb-0x00000000fe1b0c86, size=32, cache=test [ 35.354409] [ 35.354594] allocated by task 315 on cpu 0 at 35.349787s (0.004797s ago): [ 35.354777] test_alloc+0x230/0x628 [ 35.354891] test_corruption+0xdc/0x378 [ 35.355008] kunit_try_run_case+0x170/0x3f0 [ 35.355952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.356408] kthread+0x328/0x630 [ 35.356801] ret_from_fork+0x10/0x20 [ 35.356930] [ 35.356981] freed by task 315 on cpu 0 at 35.349952s (0.007022s ago): [ 35.357153] test_corruption+0x120/0x378 [ 35.357689] kunit_try_run_case+0x170/0x3f0 [ 35.358007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.358328] kthread+0x328/0x630 [ 35.358470] ret_from_fork+0x10/0x20 [ 35.358582] [ 35.359070] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 35.359394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.359648] Hardware name: linux,dummy-virt (DT) [ 35.360015] ================================================================== [ 35.034862] ================================================================== [ 35.035081] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 35.035081] [ 35.035303] Corrupted memory at 0x00000000f19fdebf [ ! . . . . . . . . . . . . . . . ] (in kfence-#165): [ 35.036401] test_corruption+0x278/0x378 [ 35.036573] kunit_try_run_case+0x170/0x3f0 [ 35.036807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.036981] kthread+0x328/0x630 [ 35.037298] ret_from_fork+0x10/0x20 [ 35.037430] [ 35.037508] kfence-#165: 0x00000000531fba15-0x0000000009dc4c97, size=32, cache=kmalloc-32 [ 35.037508] [ 35.037959] allocated by task 313 on cpu 0 at 35.034462s (0.003483s ago): [ 35.038240] test_alloc+0x29c/0x628 [ 35.038840] test_corruption+0xdc/0x378 [ 35.039055] kunit_try_run_case+0x170/0x3f0 [ 35.039406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.039828] kthread+0x328/0x630 [ 35.040133] ret_from_fork+0x10/0x20 [ 35.040255] [ 35.040320] freed by task 313 on cpu 0 at 35.034642s (0.005668s ago): [ 35.040519] test_corruption+0x278/0x378 [ 35.040969] kunit_try_run_case+0x170/0x3f0 [ 35.041615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.041782] kthread+0x328/0x630 [ 35.041983] ret_from_fork+0x10/0x20 [ 35.042306] [ 35.042729] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 35.043436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.043733] Hardware name: linux,dummy-virt (DT) [ 35.043846] ================================================================== [ 35.566319] ================================================================== [ 35.566537] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 35.566537] [ 35.566686] Corrupted memory at 0x0000000009f3f455 [ ! ] (in kfence-#170): [ 35.567019] test_corruption+0x1d8/0x378 [ 35.567141] kunit_try_run_case+0x170/0x3f0 [ 35.567277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.567421] kthread+0x328/0x630 [ 35.567560] ret_from_fork+0x10/0x20 [ 35.567680] [ 35.567748] kfence-#170: 0x0000000038edaea8-0x000000008210d175, size=32, cache=test [ 35.567748] [ 35.567902] allocated by task 315 on cpu 0 at 35.566034s (0.001858s ago): [ 35.568068] test_alloc+0x230/0x628 [ 35.568181] test_corruption+0x198/0x378 [ 35.568291] kunit_try_run_case+0x170/0x3f0 [ 35.568415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.568549] kthread+0x328/0x630 [ 35.569942] ret_from_fork+0x10/0x20 [ 35.570174] [ 35.570251] freed by task 315 on cpu 0 at 35.566140s (0.004102s ago): [ 35.570473] test_corruption+0x1d8/0x378 [ 35.570623] kunit_try_run_case+0x170/0x3f0 [ 35.570726] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.570824] kthread+0x328/0x630 [ 35.571238] ret_from_fork+0x10/0x20 [ 35.571433] [ 35.571611] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 35.571939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.572352] Hardware name: linux,dummy-virt (DT) [ 35.572479] ================================================================== [ 35.141808] ================================================================== [ 35.141999] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 35.141999] [ 35.142166] Corrupted memory at 0x00000000f17e40ee [ ! ] (in kfence-#166): [ 35.142498] test_corruption+0x284/0x378 [ 35.142624] kunit_try_run_case+0x170/0x3f0 [ 35.142800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.142929] kthread+0x328/0x630 [ 35.143047] ret_from_fork+0x10/0x20 [ 35.143168] [ 35.143282] kfence-#166: 0x000000006d29278b-0x00000000a14156af, size=32, cache=kmalloc-32 [ 35.143282] [ 35.143469] allocated by task 313 on cpu 0 at 35.141131s (0.002329s ago): [ 35.143633] test_alloc+0x29c/0x628 [ 35.143749] test_corruption+0x198/0x378 [ 35.143859] kunit_try_run_case+0x170/0x3f0 [ 35.143998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.144159] kthread+0x328/0x630 [ 35.144294] ret_from_fork+0x10/0x20 [ 35.144415] [ 35.144515] freed by task 313 on cpu 0 at 35.141378s (0.003123s ago): [ 35.144684] test_corruption+0x284/0x378 [ 35.144789] kunit_try_run_case+0x170/0x3f0 [ 35.144935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.145061] kthread+0x328/0x630 [ 35.145158] ret_from_fork+0x10/0x20 [ 35.145294] [ 35.145421] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 35.145690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.145776] Hardware name: linux,dummy-virt (DT) [ 35.145873] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 34.929253] ================================================================== [ 34.929436] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 34.929436] [ 34.929604] Invalid free of 0x00000000b1826f09 (in kfence-#164): [ 34.929754] test_invalid_addr_free+0xec/0x238 [ 34.930317] kunit_try_run_case+0x170/0x3f0 [ 34.930812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.931612] kthread+0x328/0x630 [ 34.931876] ret_from_fork+0x10/0x20 [ 34.932126] [ 34.932328] kfence-#164: 0x00000000863976b3-0x00000000506ec671, size=32, cache=test [ 34.932328] [ 34.932736] allocated by task 311 on cpu 0 at 34.928475s (0.004249s ago): [ 34.933599] test_alloc+0x230/0x628 [ 34.933724] test_invalid_addr_free+0xd4/0x238 [ 34.933842] kunit_try_run_case+0x170/0x3f0 [ 34.933967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.934102] kthread+0x328/0x630 [ 34.934225] ret_from_fork+0x10/0x20 [ 34.934345] [ 34.934472] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.934700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.934788] Hardware name: linux,dummy-virt (DT) [ 34.934881] ================================================================== [ 34.819116] ================================================================== [ 34.819663] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 34.819663] [ 34.820181] Invalid free of 0x0000000057b18c0d (in kfence-#163): [ 34.820348] test_invalid_addr_free+0x1ac/0x238 [ 34.820637] kunit_try_run_case+0x170/0x3f0 [ 34.821147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.821565] kthread+0x328/0x630 [ 34.821712] ret_from_fork+0x10/0x20 [ 34.821835] [ 34.821905] kfence-#163: 0x00000000952e4851-0x00000000c51fe2e6, size=32, cache=kmalloc-32 [ 34.821905] [ 34.822380] allocated by task 309 on cpu 0 at 34.818374s (0.003994s ago): [ 34.822587] test_alloc+0x29c/0x628 [ 34.822704] test_invalid_addr_free+0xd4/0x238 [ 34.822823] kunit_try_run_case+0x170/0x3f0 [ 34.822946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.823074] kthread+0x328/0x630 [ 34.823195] ret_from_fork+0x10/0x20 [ 34.824143] [ 34.824619] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.824924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.825023] Hardware name: linux,dummy-virt (DT) [ 34.825199] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.604787] ================================================================== [ 34.605010] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 34.605010] [ 34.605183] Invalid free of 0x0000000005a63c25 (in kfence-#161): [ 34.605354] test_double_free+0x1bc/0x238 [ 34.605503] kunit_try_run_case+0x170/0x3f0 [ 34.605632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.605766] kthread+0x328/0x630 [ 34.605883] ret_from_fork+0x10/0x20 [ 34.606003] [ 34.606071] kfence-#161: 0x0000000005a63c25-0x00000000e681bd97, size=32, cache=kmalloc-32 [ 34.606071] [ 34.606228] allocated by task 305 on cpu 0 at 34.604288s (0.001930s ago): [ 34.606440] test_alloc+0x29c/0x628 [ 34.607641] test_double_free+0xd4/0x238 [ 34.608318] kunit_try_run_case+0x170/0x3f0 [ 34.608466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.608592] kthread+0x328/0x630 [ 34.609608] ret_from_fork+0x10/0x20 [ 34.610348] [ 34.610629] freed by task 305 on cpu 0 at 34.604429s (0.006183s ago): [ 34.611017] test_double_free+0x1ac/0x238 [ 34.611290] kunit_try_run_case+0x170/0x3f0 [ 34.611432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.612409] kthread+0x328/0x630 [ 34.612988] ret_from_fork+0x10/0x20 [ 34.613609] [ 34.614258] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.615072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.615191] Hardware name: linux,dummy-virt (DT) [ 34.615684] ================================================================== [ 34.709919] ================================================================== [ 34.710087] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 34.710087] [ 34.710302] Invalid free of 0x0000000076b1d661 (in kfence-#162): [ 34.710511] test_double_free+0x100/0x238 [ 34.710684] kunit_try_run_case+0x170/0x3f0 [ 34.710817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.710945] kthread+0x328/0x630 [ 34.711064] ret_from_fork+0x10/0x20 [ 34.711180] [ 34.711247] kfence-#162: 0x0000000076b1d661-0x000000006cb1212e, size=32, cache=test [ 34.711247] [ 34.711417] allocated by task 307 on cpu 0 at 34.709378s (0.002028s ago): [ 34.711603] test_alloc+0x230/0x628 [ 34.711716] test_double_free+0xd4/0x238 [ 34.711828] kunit_try_run_case+0x170/0x3f0 [ 34.711958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.712081] kthread+0x328/0x630 [ 34.712301] ret_from_fork+0x10/0x20 [ 34.712523] [ 34.712626] freed by task 307 on cpu 0 at 34.709509s (0.003103s ago): [ 34.712852] test_double_free+0xf0/0x238 [ 34.712976] kunit_try_run_case+0x170/0x3f0 [ 34.713078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.713183] kthread+0x328/0x630 [ 34.713297] ret_from_fork+0x10/0x20 [ 34.713465] [ 34.713625] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.713936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.714038] Hardware name: linux,dummy-virt (DT) [ 34.714128] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 34.175101] ================================================================== [ 34.175305] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 34.175305] [ 34.175609] Use-after-free read at 0x00000000e71315de (in kfence-#157): [ 34.176000] test_use_after_free_read+0x114/0x248 [ 34.176229] kunit_try_run_case+0x170/0x3f0 [ 34.176430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.176617] kthread+0x328/0x630 [ 34.176791] ret_from_fork+0x10/0x20 [ 34.176933] [ 34.176997] kfence-#157: 0x00000000e71315de-0x000000002a3fc74b, size=32, cache=kmalloc-32 [ 34.176997] [ 34.177517] allocated by task 297 on cpu 0 at 34.174108s (0.003396s ago): [ 34.178562] test_alloc+0x29c/0x628 [ 34.178698] test_use_after_free_read+0xd0/0x248 [ 34.178822] kunit_try_run_case+0x170/0x3f0 [ 34.178954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.179088] kthread+0x328/0x630 [ 34.179203] ret_from_fork+0x10/0x20 [ 34.179322] [ 34.179404] freed by task 297 on cpu 0 at 34.174288s (0.005107s ago): [ 34.179600] test_use_after_free_read+0x1c0/0x248 [ 34.180783] kunit_try_run_case+0x170/0x3f0 [ 34.180934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.181244] kthread+0x328/0x630 [ 34.181378] ret_from_fork+0x10/0x20 [ 34.181513] [ 34.181581] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.181731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.181777] Hardware name: linux,dummy-virt (DT) [ 34.181824] ================================================================== [ 34.282549] ================================================================== [ 34.282756] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 34.282756] [ 34.283463] Use-after-free read at 0x00000000a238d7c0 (in kfence-#158): [ 34.283863] test_use_after_free_read+0x114/0x248 [ 34.284570] kunit_try_run_case+0x170/0x3f0 [ 34.285316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.285603] kthread+0x328/0x630 [ 34.285746] ret_from_fork+0x10/0x20 [ 34.286222] [ 34.286414] kfence-#158: 0x00000000a238d7c0-0x00000000c6365170, size=32, cache=test [ 34.286414] [ 34.286725] allocated by task 299 on cpu 0 at 34.281289s (0.005424s ago): [ 34.286928] test_alloc+0x230/0x628 [ 34.287046] test_use_after_free_read+0xd0/0x248 [ 34.287163] kunit_try_run_case+0x170/0x3f0 [ 34.287309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.287500] kthread+0x328/0x630 [ 34.287655] ret_from_fork+0x10/0x20 [ 34.287773] [ 34.287839] freed by task 299 on cpu 0 at 34.281406s (0.006424s ago): [ 34.288054] test_use_after_free_read+0xf0/0x248 [ 34.288169] kunit_try_run_case+0x170/0x3f0 [ 34.288546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.288724] kthread+0x328/0x630 [ 34.288924] ret_from_fork+0x10/0x20 [ 34.289030] [ 34.289130] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.289347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.289438] Hardware name: linux,dummy-virt (DT) [ 34.289553] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 34.065633] ================================================================== [ 34.065804] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 34.065804] [ 34.066013] Out-of-bounds write at 0x0000000017fdd83e (1B left of kfence-#156): [ 34.066172] test_out_of_bounds_write+0x100/0x240 [ 34.066305] kunit_try_run_case+0x170/0x3f0 [ 34.066427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.066798] kthread+0x328/0x630 [ 34.067469] ret_from_fork+0x10/0x20 [ 34.067609] [ 34.067945] kfence-#156: 0x00000000f473a692-0x000000007b442707, size=32, cache=test [ 34.067945] [ 34.068317] allocated by task 295 on cpu 0 at 34.065434s (0.002858s ago): [ 34.068609] test_alloc+0x230/0x628 [ 34.068716] test_out_of_bounds_write+0xc8/0x240 [ 34.068834] kunit_try_run_case+0x170/0x3f0 [ 34.069101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.069576] kthread+0x328/0x630 [ 34.069818] ret_from_fork+0x10/0x20 [ 34.069981] [ 34.070063] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 34.070228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.070299] Hardware name: linux,dummy-virt (DT) [ 34.070371] ================================================================== [ 33.531557] ================================================================== [ 33.531750] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 33.531750] [ 33.532047] Out-of-bounds write at 0x00000000e15fbddd (1B left of kfence-#151): [ 33.532825] test_out_of_bounds_write+0x100/0x240 [ 33.533001] kunit_try_run_case+0x170/0x3f0 [ 33.533188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.533352] kthread+0x328/0x630 [ 33.533526] ret_from_fork+0x10/0x20 [ 33.533650] [ 33.533757] kfence-#151: 0x0000000063b11c0a-0x00000000d5a2888f, size=32, cache=kmalloc-32 [ 33.533757] [ 33.533925] allocated by task 293 on cpu 0 at 33.530877s (0.003037s ago): [ 33.534096] test_alloc+0x29c/0x628 [ 33.534215] test_out_of_bounds_write+0xc8/0x240 [ 33.534332] kunit_try_run_case+0x170/0x3f0 [ 33.534485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.534679] kthread+0x328/0x630 [ 33.534897] ret_from_fork+0x10/0x20 [ 33.535013] [ 33.535185] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 33.535722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.535851] Hardware name: linux,dummy-virt (DT) [ 33.535949] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.211395] ================================================================== [ 33.212006] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 33.212006] [ 33.212527] Out-of-bounds read at 0x00000000957c298a (32B right of kfence-#148): [ 33.212715] test_out_of_bounds_read+0x1c8/0x3e0 [ 33.213139] kunit_try_run_case+0x170/0x3f0 [ 33.213354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.213571] kthread+0x328/0x630 [ 33.213931] ret_from_fork+0x10/0x20 [ 33.214322] [ 33.214614] kfence-#148: 0x000000003db9119b-0x0000000019416be8, size=32, cache=kmalloc-32 [ 33.214614] [ 33.214794] allocated by task 289 on cpu 0 at 33.210201s (0.004580s ago): [ 33.215273] test_alloc+0x29c/0x628 [ 33.215862] test_out_of_bounds_read+0x198/0x3e0 [ 33.216080] kunit_try_run_case+0x170/0x3f0 [ 33.216302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.216511] kthread+0x328/0x630 [ 33.216620] ret_from_fork+0x10/0x20 [ 33.216721] [ 33.217040] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 33.217577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.218073] Hardware name: linux,dummy-virt (DT) [ 33.218271] ================================================================== [ 33.106708] ================================================================== [ 33.106936] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 33.106936] [ 33.107250] Out-of-bounds read at 0x000000009355b851 (1B left of kfence-#147): [ 33.110017] test_out_of_bounds_read+0x114/0x3e0 [ 33.111153] kunit_try_run_case+0x170/0x3f0 [ 33.111572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.111870] kthread+0x328/0x630 [ 33.111992] ret_from_fork+0x10/0x20 [ 33.112093] [ 33.112754] kfence-#147: 0x0000000044c7afd9-0x0000000003715fb6, size=32, cache=kmalloc-32 [ 33.112754] [ 33.113185] allocated by task 289 on cpu 0 at 33.106061s (0.007101s ago): [ 33.113676] test_alloc+0x29c/0x628 [ 33.113807] test_out_of_bounds_read+0xdc/0x3e0 [ 33.115231] kunit_try_run_case+0x170/0x3f0 [ 33.115596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.115902] kthread+0x328/0x630 [ 33.116097] ret_from_fork+0x10/0x20 [ 33.117017] [ 33.117340] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 33.117910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.118002] Hardware name: linux,dummy-virt (DT) [ 33.118200] ================================================================== [ 33.425437] ================================================================== [ 33.425617] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 33.425617] [ 33.425801] Out-of-bounds read at 0x00000000b8fef409 (32B right of kfence-#150): [ 33.425954] test_out_of_bounds_read+0x1c8/0x3e0 [ 33.426072] kunit_try_run_case+0x170/0x3f0 [ 33.426230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.426435] kthread+0x328/0x630 [ 33.426652] ret_from_fork+0x10/0x20 [ 33.426826] [ 33.426920] kfence-#150: 0x0000000056bd78ef-0x0000000053dc025e, size=32, cache=test [ 33.426920] [ 33.427132] allocated by task 291 on cpu 0 at 33.425212s (0.001907s ago): [ 33.427327] test_alloc+0x230/0x628 [ 33.427494] test_out_of_bounds_read+0x198/0x3e0 [ 33.427601] kunit_try_run_case+0x170/0x3f0 [ 33.427760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.427953] kthread+0x328/0x630 [ 33.428176] ret_from_fork+0x10/0x20 [ 33.428436] [ 33.428708] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 33.429133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.429222] Hardware name: linux,dummy-virt (DT) [ 33.429432] ================================================================== [ 33.319615] ================================================================== [ 33.319787] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 33.319787] [ 33.320014] Out-of-bounds read at 0x000000007e3d7209 (1B left of kfence-#149): [ 33.320261] test_out_of_bounds_read+0x114/0x3e0 [ 33.320429] kunit_try_run_case+0x170/0x3f0 [ 33.320698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.321069] kthread+0x328/0x630 [ 33.321338] ret_from_fork+0x10/0x20 [ 33.321680] [ 33.321772] kfence-#149: 0x00000000ccbb35ac-0x000000009df1568b, size=32, cache=test [ 33.321772] [ 33.322176] allocated by task 291 on cpu 0 at 33.319435s (0.002731s ago): [ 33.322628] test_alloc+0x230/0x628 [ 33.323100] test_out_of_bounds_read+0xdc/0x3e0 [ 33.323259] kunit_try_run_case+0x170/0x3f0 [ 33.323606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.324150] kthread+0x328/0x630 [ 33.324350] ret_from_fork+0x10/0x20 [ 33.324562] [ 33.324674] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 33.324903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.324991] Hardware name: linux,dummy-virt (DT) [ 33.325080] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy
[ 29.557879] ================================================================== [ 29.558134] BUG: KFENCE: use-after-free read in kmem_cache_destroy+0x50/0x218 [ 29.558134] [ 29.558365] Use-after-free read at 0x0000000081c36094 (in kfence-#124): [ 29.562242] kmem_cache_destroy+0x50/0x218 [ 29.562509] kmem_cache_double_destroy+0x174/0x300 [ 29.562667] kunit_try_run_case+0x170/0x3f0 [ 29.562825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.562994] kthread+0x328/0x630 [ 29.563136] ret_from_fork+0x10/0x20 [ 29.563283] [ 29.563362] kfence-#124: 0x000000007e2f2ffa-0x0000000077174264, size=208, cache=kmem_cache [ 29.563362] [ 29.564189] allocated by task 217 on cpu 0 at 29.526895s (0.037149s ago): [ 29.565392] __kmem_cache_create_args+0x178/0x280 [ 29.566303] kmem_cache_double_destroy+0xc0/0x300 [ 29.566928] kunit_try_run_case+0x170/0x3f0 [ 29.567113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.567284] kthread+0x328/0x630 [ 29.567442] ret_from_fork+0x10/0x20 [ 29.567605] [ 29.567712] freed by task 217 on cpu 0 at 29.551974s (0.015700s ago): [ 29.569199] slab_kmem_cache_release+0x38/0x50 [ 29.569592] kmem_cache_release+0x1c/0x30 [ 29.570033] kobject_put+0x17c/0x430 [ 29.570286] sysfs_slab_release+0x1c/0x30 [ 29.570419] kmem_cache_destroy+0x118/0x218 [ 29.570653] kmem_cache_double_destroy+0x128/0x300 [ 29.570777] kunit_try_run_case+0x170/0x3f0 [ 29.570895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.571027] kthread+0x328/0x630 [ 29.571655] ret_from_fork+0x10/0x20 [ 29.572314] [ 29.572468] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 29.572987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.573180] Hardware name: linux,dummy-virt (DT) [ 29.573298] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_in_memset
[ 27.519800] ================================================================== [ 27.521223] BUG: KFENCE: memory corruption in kmalloc_oob_in_memset+0x160/0x2d0 [ 27.521223] [ 27.521879] Corrupted memory at 0x0000000042ab36ae [ ! ! ! ! ! ! ! ! ] (in kfence-#108): [ 27.524359] kmalloc_oob_in_memset+0x160/0x2d0 [ 27.524521] kunit_try_run_case+0x170/0x3f0 [ 27.524628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.524753] kthread+0x328/0x630 [ 27.524861] ret_from_fork+0x10/0x20 [ 27.524967] [ 27.525023] kfence-#108: 0x00000000c14735a2-0x000000004882ae40, size=120, cache=kmalloc-128 [ 27.525023] [ 27.526819] allocated by task 172 on cpu 0 at 27.495658s (0.031147s ago): [ 27.526964] kmalloc_oob_in_memset+0xb0/0x2d0 [ 27.527082] kunit_try_run_case+0x170/0x3f0 [ 27.527234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.527403] kthread+0x328/0x630 [ 27.527522] ret_from_fork+0x10/0x20 [ 27.527639] [ 27.527755] freed by task 172 on cpu 0 at 27.519484s (0.008261s ago): [ 27.528096] kmalloc_oob_in_memset+0x160/0x2d0 [ 27.528279] kunit_try_run_case+0x170/0x3f0 [ 27.528508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.528655] kthread+0x328/0x630 [ 27.528769] ret_from_fork+0x10/0x20 [ 27.528874] [ 27.528983] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.529255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.529346] Hardware name: linux,dummy-virt (DT) [ 27.529480] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_16
[ 27.395021] ================================================================== [ 27.395510] BUG: KFENCE: memory corruption in kmalloc_oob_16+0x1f0/0x3f8 [ 27.395510] [ 27.395725] Corrupted memory at 0x00000000714c0f52 [ ! ! ! ] (in kfence-#107): [ 27.401079] kmalloc_oob_16+0x1f0/0x3f8 [ 27.401295] kunit_try_run_case+0x170/0x3f0 [ 27.401479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.401627] kthread+0x328/0x630 [ 27.401728] ret_from_fork+0x10/0x20 [ 27.401860] [ 27.402300] kfence-#107: 0x00000000e7e09ef1-0x0000000050e6b272, size=13, cache=kmalloc-16 [ 27.402300] [ 27.402714] allocated by task 168 on cpu 0 at 27.387259s (0.015341s ago): [ 27.403052] kmalloc_oob_16+0xb4/0x3f8 [ 27.403609] kunit_try_run_case+0x170/0x3f0 [ 27.403731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.403859] kthread+0x328/0x630 [ 27.404046] ret_from_fork+0x10/0x20 [ 27.404632] [ 27.405421] freed by task 168 on cpu 0 at 27.393403s (0.011455s ago): [ 27.405721] kmalloc_oob_16+0x1f0/0x3f8 [ 27.405990] kunit_try_run_case+0x170/0x3f0 [ 27.406099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.406216] kthread+0x328/0x630 [ 27.406308] ret_from_fork+0x10/0x20 [ 27.406393] [ 27.406524] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.406905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.407000] Hardware name: linux,dummy-virt (DT) [ 27.407118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.692850] ================================================================== [ 32.693003] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 32.693146] Write of size 1 at addr fff00000c78a6178 by task kunit_try_catch/287 [ 32.693307] [ 32.693404] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.693829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.693932] Hardware name: linux,dummy-virt (DT) [ 32.694068] Call trace: [ 32.694158] show_stack+0x20/0x38 (C) [ 32.694315] dump_stack_lvl+0x8c/0xd0 [ 32.694539] print_report+0x118/0x608 [ 32.694740] kasan_report+0xdc/0x128 [ 32.694859] __asan_report_store1_noabort+0x20/0x30 [ 32.694978] strncpy_from_user+0x270/0x2a0 [ 32.695135] copy_user_test_oob+0x5c0/0xec8 [ 32.695329] kunit_try_run_case+0x170/0x3f0 [ 32.695563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.695751] kthread+0x328/0x630 [ 32.695883] ret_from_fork+0x10/0x20 [ 32.696079] [ 32.696142] Allocated by task 287: [ 32.696226] kasan_save_stack+0x3c/0x68 [ 32.696337] kasan_save_track+0x20/0x40 [ 32.696486] kasan_save_alloc_info+0x40/0x58 [ 32.696621] __kasan_kmalloc+0xd4/0xd8 [ 32.696777] __kmalloc_noprof+0x190/0x4d0 [ 32.696897] kunit_kmalloc_array+0x34/0x88 [ 32.697142] copy_user_test_oob+0xac/0xec8 [ 32.697287] kunit_try_run_case+0x170/0x3f0 [ 32.697416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.697569] kthread+0x328/0x630 [ 32.697688] ret_from_fork+0x10/0x20 [ 32.697801] [ 32.698396] The buggy address belongs to the object at fff00000c78a6100 [ 32.698396] which belongs to the cache kmalloc-128 of size 128 [ 32.698608] The buggy address is located 0 bytes to the right of [ 32.698608] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.699657] [ 32.700084] The buggy address belongs to the physical page: [ 32.700404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.700762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.701072] page_type: f5(slab) [ 32.701197] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.701894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.702175] page dumped because: kasan: bad access detected [ 32.702300] [ 32.702386] Memory state around the buggy address: [ 32.702549] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.702972] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.703120] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.703622] ^ [ 32.703969] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.704482] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.704668] ================================================================== [ 32.678315] ================================================================== [ 32.678603] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 32.679105] Write of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.679688] [ 32.679842] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.680695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.680790] Hardware name: linux,dummy-virt (DT) [ 32.680856] Call trace: [ 32.680892] show_stack+0x20/0x38 (C) [ 32.681009] dump_stack_lvl+0x8c/0xd0 [ 32.681097] print_report+0x118/0x608 [ 32.681170] kasan_report+0xdc/0x128 [ 32.681235] kasan_check_range+0x100/0x1a8 [ 32.681308] __kasan_check_write+0x20/0x30 [ 32.681377] strncpy_from_user+0x3c/0x2a0 [ 32.681464] copy_user_test_oob+0x5c0/0xec8 [ 32.681664] kunit_try_run_case+0x170/0x3f0 [ 32.681821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.681993] kthread+0x328/0x630 [ 32.682130] ret_from_fork+0x10/0x20 [ 32.682310] [ 32.682392] Allocated by task 287: [ 32.682533] kasan_save_stack+0x3c/0x68 [ 32.682707] kasan_save_track+0x20/0x40 [ 32.682869] kasan_save_alloc_info+0x40/0x58 [ 32.682999] __kasan_kmalloc+0xd4/0xd8 [ 32.683091] __kmalloc_noprof+0x190/0x4d0 [ 32.683175] kunit_kmalloc_array+0x34/0x88 [ 32.683305] copy_user_test_oob+0xac/0xec8 [ 32.683470] kunit_try_run_case+0x170/0x3f0 [ 32.683646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.683797] kthread+0x328/0x630 [ 32.683905] ret_from_fork+0x10/0x20 [ 32.684046] [ 32.684101] The buggy address belongs to the object at fff00000c78a6100 [ 32.684101] which belongs to the cache kmalloc-128 of size 128 [ 32.684241] The buggy address is located 0 bytes inside of [ 32.684241] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.684340] [ 32.684373] The buggy address belongs to the physical page: [ 32.684418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.684568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.684725] page_type: f5(slab) [ 32.684895] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.685234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.687111] page dumped because: kasan: bad access detected [ 32.687313] [ 32.687523] Memory state around the buggy address: [ 32.688178] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.688428] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.688671] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.688802] ^ [ 32.689291] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.690280] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.690795] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.606061] ================================================================== [ 32.606263] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 32.606790] Read of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.606985] [ 32.607092] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.607339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.607434] Hardware name: linux,dummy-virt (DT) [ 32.607904] Call trace: [ 32.608165] show_stack+0x20/0x38 (C) [ 32.608362] dump_stack_lvl+0x8c/0xd0 [ 32.608531] print_report+0x118/0x608 [ 32.608722] kasan_report+0xdc/0x128 [ 32.608860] kasan_check_range+0x100/0x1a8 [ 32.609007] __kasan_check_read+0x20/0x30 [ 32.609125] copy_user_test_oob+0x728/0xec8 [ 32.609272] kunit_try_run_case+0x170/0x3f0 [ 32.609405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.609592] kthread+0x328/0x630 [ 32.609747] ret_from_fork+0x10/0x20 [ 32.609892] [ 32.609953] Allocated by task 287: [ 32.610049] kasan_save_stack+0x3c/0x68 [ 32.610285] kasan_save_track+0x20/0x40 [ 32.610418] kasan_save_alloc_info+0x40/0x58 [ 32.610591] __kasan_kmalloc+0xd4/0xd8 [ 32.610739] __kmalloc_noprof+0x190/0x4d0 [ 32.610859] kunit_kmalloc_array+0x34/0x88 [ 32.610975] copy_user_test_oob+0xac/0xec8 [ 32.611087] kunit_try_run_case+0x170/0x3f0 [ 32.611210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.611351] kthread+0x328/0x630 [ 32.611490] ret_from_fork+0x10/0x20 [ 32.611597] [ 32.611666] The buggy address belongs to the object at fff00000c78a6100 [ 32.611666] which belongs to the cache kmalloc-128 of size 128 [ 32.611853] The buggy address is located 0 bytes inside of [ 32.611853] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.612077] [ 32.612153] The buggy address belongs to the physical page: [ 32.612282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.612511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.612726] page_type: f5(slab) [ 32.612856] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.613004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.613107] page dumped because: kasan: bad access detected [ 32.613219] [ 32.613274] Memory state around the buggy address: [ 32.613375] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.613539] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.613675] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.613785] ^ [ 32.613945] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.614087] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.614217] ================================================================== [ 32.627407] ================================================================== [ 32.627665] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 32.627888] Write of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.628092] [ 32.628207] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.628493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.628624] Hardware name: linux,dummy-virt (DT) [ 32.628723] Call trace: [ 32.628805] show_stack+0x20/0x38 (C) [ 32.628980] dump_stack_lvl+0x8c/0xd0 [ 32.629154] print_report+0x118/0x608 [ 32.629299] kasan_report+0xdc/0x128 [ 32.629504] kasan_check_range+0x100/0x1a8 [ 32.629718] __kasan_check_write+0x20/0x30 [ 32.629871] copy_user_test_oob+0x35c/0xec8 [ 32.629999] kunit_try_run_case+0x170/0x3f0 [ 32.630122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.630318] kthread+0x328/0x630 [ 32.630539] ret_from_fork+0x10/0x20 [ 32.630744] [ 32.630831] Allocated by task 287: [ 32.630961] kasan_save_stack+0x3c/0x68 [ 32.631119] kasan_save_track+0x20/0x40 [ 32.631237] kasan_save_alloc_info+0x40/0x58 [ 32.631365] __kasan_kmalloc+0xd4/0xd8 [ 32.631723] __kmalloc_noprof+0x190/0x4d0 [ 32.631876] kunit_kmalloc_array+0x34/0x88 [ 32.632016] copy_user_test_oob+0xac/0xec8 [ 32.632162] kunit_try_run_case+0x170/0x3f0 [ 32.632275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.632399] kthread+0x328/0x630 [ 32.632526] ret_from_fork+0x10/0x20 [ 32.632627] [ 32.632683] The buggy address belongs to the object at fff00000c78a6100 [ 32.632683] which belongs to the cache kmalloc-128 of size 128 [ 32.632843] The buggy address is located 0 bytes inside of [ 32.632843] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.633025] [ 32.633096] The buggy address belongs to the physical page: [ 32.633192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.633340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.633570] page_type: f5(slab) [ 32.633720] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.633874] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.634010] page dumped because: kasan: bad access detected [ 32.634120] [ 32.634175] Memory state around the buggy address: [ 32.634307] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.634506] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.634688] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.634853] ^ [ 32.635000] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.635219] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.635390] ================================================================== [ 32.659564] ================================================================== [ 32.660135] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 32.660378] Read of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.660550] [ 32.660649] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.660886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.660978] Hardware name: linux,dummy-virt (DT) [ 32.661870] Call trace: [ 32.661988] show_stack+0x20/0x38 (C) [ 32.662333] dump_stack_lvl+0x8c/0xd0 [ 32.662927] print_report+0x118/0x608 [ 32.663098] kasan_report+0xdc/0x128 [ 32.663235] kasan_check_range+0x100/0x1a8 [ 32.663473] __kasan_check_read+0x20/0x30 [ 32.663622] copy_user_test_oob+0x4a0/0xec8 [ 32.664287] kunit_try_run_case+0x170/0x3f0 [ 32.664859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.665120] kthread+0x328/0x630 [ 32.665357] ret_from_fork+0x10/0x20 [ 32.665611] [ 32.665698] Allocated by task 287: [ 32.666163] kasan_save_stack+0x3c/0x68 [ 32.666311] kasan_save_track+0x20/0x40 [ 32.666493] kasan_save_alloc_info+0x40/0x58 [ 32.666699] __kasan_kmalloc+0xd4/0xd8 [ 32.666823] __kmalloc_noprof+0x190/0x4d0 [ 32.667419] kunit_kmalloc_array+0x34/0x88 [ 32.667674] copy_user_test_oob+0xac/0xec8 [ 32.667818] kunit_try_run_case+0x170/0x3f0 [ 32.668029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.668566] kthread+0x328/0x630 [ 32.668812] ret_from_fork+0x10/0x20 [ 32.669018] [ 32.669165] The buggy address belongs to the object at fff00000c78a6100 [ 32.669165] which belongs to the cache kmalloc-128 of size 128 [ 32.669772] The buggy address is located 0 bytes inside of [ 32.669772] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.670012] [ 32.670099] The buggy address belongs to the physical page: [ 32.670288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.670908] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.671084] page_type: f5(slab) [ 32.671208] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.671370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.671533] page dumped because: kasan: bad access detected [ 32.672213] [ 32.672285] Memory state around the buggy address: [ 32.672919] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.673286] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.673423] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.673535] ^ [ 32.674089] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.674282] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.674414] ================================================================== [ 32.637278] ================================================================== [ 32.637416] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 32.637577] Read of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.637786] [ 32.637913] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.638160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.638246] Hardware name: linux,dummy-virt (DT) [ 32.638346] Call trace: [ 32.638430] show_stack+0x20/0x38 (C) [ 32.638633] dump_stack_lvl+0x8c/0xd0 [ 32.638809] print_report+0x118/0x608 [ 32.638993] kasan_report+0xdc/0x128 [ 32.639139] kasan_check_range+0x100/0x1a8 [ 32.639323] __kasan_check_read+0x20/0x30 [ 32.639515] copy_user_test_oob+0x3c8/0xec8 [ 32.639703] kunit_try_run_case+0x170/0x3f0 [ 32.639873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.640075] kthread+0x328/0x630 [ 32.640271] ret_from_fork+0x10/0x20 [ 32.640474] [ 32.640541] Allocated by task 287: [ 32.640628] kasan_save_stack+0x3c/0x68 [ 32.640754] kasan_save_track+0x20/0x40 [ 32.640872] kasan_save_alloc_info+0x40/0x58 [ 32.640996] __kasan_kmalloc+0xd4/0xd8 [ 32.641110] __kmalloc_noprof+0x190/0x4d0 [ 32.641227] kunit_kmalloc_array+0x34/0x88 [ 32.641361] copy_user_test_oob+0xac/0xec8 [ 32.641548] kunit_try_run_case+0x170/0x3f0 [ 32.641938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.642104] kthread+0x328/0x630 [ 32.642208] ret_from_fork+0x10/0x20 [ 32.642300] [ 32.642350] The buggy address belongs to the object at fff00000c78a6100 [ 32.642350] which belongs to the cache kmalloc-128 of size 128 [ 32.642569] The buggy address is located 0 bytes inside of [ 32.642569] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.642804] [ 32.642908] The buggy address belongs to the physical page: [ 32.643012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.643172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.643328] page_type: f5(slab) [ 32.643486] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.643664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.643839] page dumped because: kasan: bad access detected [ 32.643983] [ 32.644048] Memory state around the buggy address: [ 32.644176] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.644351] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.644546] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.644700] ^ [ 32.644964] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.645111] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.645218] ================================================================== [ 32.574756] ================================================================== [ 32.575348] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 32.575821] Write of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.576503] [ 32.576693] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.576965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.577055] Hardware name: linux,dummy-virt (DT) [ 32.577237] Call trace: [ 32.577314] show_stack+0x20/0x38 (C) [ 32.577950] dump_stack_lvl+0x8c/0xd0 [ 32.578106] print_report+0x118/0x608 [ 32.578813] kasan_report+0xdc/0x128 [ 32.579356] kasan_check_range+0x100/0x1a8 [ 32.579593] __kasan_check_write+0x20/0x30 [ 32.579832] copy_user_test_oob+0x234/0xec8 [ 32.580048] kunit_try_run_case+0x170/0x3f0 [ 32.580376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.580583] kthread+0x328/0x630 [ 32.580729] ret_from_fork+0x10/0x20 [ 32.581606] [ 32.581703] Allocated by task 287: [ 32.581874] kasan_save_stack+0x3c/0x68 [ 32.582265] kasan_save_track+0x20/0x40 [ 32.582385] kasan_save_alloc_info+0x40/0x58 [ 32.582529] __kasan_kmalloc+0xd4/0xd8 [ 32.583597] __kmalloc_noprof+0x190/0x4d0 [ 32.583777] kunit_kmalloc_array+0x34/0x88 [ 32.583896] copy_user_test_oob+0xac/0xec8 [ 32.584003] kunit_try_run_case+0x170/0x3f0 [ 32.584100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.584613] kthread+0x328/0x630 [ 32.584743] ret_from_fork+0x10/0x20 [ 32.584852] [ 32.585063] The buggy address belongs to the object at fff00000c78a6100 [ 32.585063] which belongs to the cache kmalloc-128 of size 128 [ 32.585436] The buggy address is located 0 bytes inside of [ 32.585436] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.586145] [ 32.586230] The buggy address belongs to the physical page: [ 32.586387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.586585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.586746] page_type: f5(slab) [ 32.587354] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.587566] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.587706] page dumped because: kasan: bad access detected [ 32.587822] [ 32.587888] Memory state around the buggy address: [ 32.588480] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.588649] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.589140] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.589290] ^ [ 32.589432] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.590565] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.590728] ================================================================== [ 32.646692] ================================================================== [ 32.646899] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 32.647096] Write of size 121 at addr fff00000c78a6100 by task kunit_try_catch/287 [ 32.647308] [ 32.647501] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.648110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.648333] Hardware name: linux,dummy-virt (DT) [ 32.648520] Call trace: [ 32.648622] show_stack+0x20/0x38 (C) [ 32.649014] dump_stack_lvl+0x8c/0xd0 [ 32.649167] print_report+0x118/0x608 [ 32.649309] kasan_report+0xdc/0x128 [ 32.649464] kasan_check_range+0x100/0x1a8 [ 32.649608] __kasan_check_write+0x20/0x30 [ 32.650337] copy_user_test_oob+0x434/0xec8 [ 32.650591] kunit_try_run_case+0x170/0x3f0 [ 32.650825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.651025] kthread+0x328/0x630 [ 32.651137] ret_from_fork+0x10/0x20 [ 32.651247] [ 32.651736] Allocated by task 287: [ 32.651854] kasan_save_stack+0x3c/0x68 [ 32.652056] kasan_save_track+0x20/0x40 [ 32.652583] kasan_save_alloc_info+0x40/0x58 [ 32.652732] __kasan_kmalloc+0xd4/0xd8 [ 32.652934] __kmalloc_noprof+0x190/0x4d0 [ 32.653118] kunit_kmalloc_array+0x34/0x88 [ 32.653237] copy_user_test_oob+0xac/0xec8 [ 32.653817] kunit_try_run_case+0x170/0x3f0 [ 32.653986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.654131] kthread+0x328/0x630 [ 32.654250] ret_from_fork+0x10/0x20 [ 32.654373] [ 32.654435] The buggy address belongs to the object at fff00000c78a6100 [ 32.654435] which belongs to the cache kmalloc-128 of size 128 [ 32.654684] The buggy address is located 0 bytes inside of [ 32.654684] allocated 120-byte region [fff00000c78a6100, fff00000c78a6178) [ 32.655066] [ 32.655194] The buggy address belongs to the physical page: [ 32.655350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.655658] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.655815] page_type: f5(slab) [ 32.655968] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.656119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.656307] page dumped because: kasan: bad access detected [ 32.656404] [ 32.656477] Memory state around the buggy address: [ 32.656611] fff00000c78a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.656839] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.657005] >fff00000c78a6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.657150] ^ [ 32.657322] fff00000c78a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.657469] fff00000c78a6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.657647] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 32.444879] ================================================================== [ 32.445069] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 32.445222] Write of size 8 at addr fff00000c78a6078 by task kunit_try_catch/283 [ 32.445380] [ 32.445492] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.445722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.445812] Hardware name: linux,dummy-virt (DT) [ 32.445915] Call trace: [ 32.446000] show_stack+0x20/0x38 (C) [ 32.446155] dump_stack_lvl+0x8c/0xd0 [ 32.446302] print_report+0x118/0x608 [ 32.446442] kasan_report+0xdc/0x128 [ 32.446582] kasan_check_range+0x100/0x1a8 [ 32.447001] __kasan_check_write+0x20/0x30 [ 32.447214] copy_to_kernel_nofault+0x8c/0x250 [ 32.447365] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 32.447530] kunit_try_run_case+0x170/0x3f0 [ 32.447679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.448806] kthread+0x328/0x630 [ 32.449030] ret_from_fork+0x10/0x20 [ 32.449216] [ 32.449298] Allocated by task 283: [ 32.449408] kasan_save_stack+0x3c/0x68 [ 32.449615] kasan_save_track+0x20/0x40 [ 32.449789] kasan_save_alloc_info+0x40/0x58 [ 32.450142] __kasan_kmalloc+0xd4/0xd8 [ 32.450297] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.450424] copy_to_kernel_nofault_oob+0xc8/0x418 [ 32.450814] kunit_try_run_case+0x170/0x3f0 [ 32.450971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.451196] kthread+0x328/0x630 [ 32.451862] ret_from_fork+0x10/0x20 [ 32.452028] [ 32.452207] The buggy address belongs to the object at fff00000c78a6000 [ 32.452207] which belongs to the cache kmalloc-128 of size 128 [ 32.452400] The buggy address is located 0 bytes to the right of [ 32.452400] allocated 120-byte region [fff00000c78a6000, fff00000c78a6078) [ 32.452630] [ 32.452923] The buggy address belongs to the physical page: [ 32.453046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.453214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.453370] page_type: f5(slab) [ 32.453501] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.453632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.453749] page dumped because: kasan: bad access detected [ 32.453839] [ 32.453895] Memory state around the buggy address: [ 32.454388] fff00000c78a5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.454879] fff00000c78a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.455037] >fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.455167] ^ [ 32.455298] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.455463] fff00000c78a6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.455590] ================================================================== [ 32.432978] ================================================================== [ 32.433357] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 32.433650] Read of size 8 at addr fff00000c78a6078 by task kunit_try_catch/283 [ 32.433903] [ 32.434685] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.434960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.435050] Hardware name: linux,dummy-virt (DT) [ 32.435152] Call trace: [ 32.435229] show_stack+0x20/0x38 (C) [ 32.435401] dump_stack_lvl+0x8c/0xd0 [ 32.435574] print_report+0x118/0x608 [ 32.437136] kasan_report+0xdc/0x128 [ 32.437352] __asan_report_load8_noabort+0x20/0x30 [ 32.437639] copy_to_kernel_nofault+0x204/0x250 [ 32.437900] copy_to_kernel_nofault_oob+0x158/0x418 [ 32.438069] kunit_try_run_case+0x170/0x3f0 [ 32.438366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.438548] kthread+0x328/0x630 [ 32.438679] ret_from_fork+0x10/0x20 [ 32.438825] [ 32.438888] Allocated by task 283: [ 32.438971] kasan_save_stack+0x3c/0x68 [ 32.439084] kasan_save_track+0x20/0x40 [ 32.439219] kasan_save_alloc_info+0x40/0x58 [ 32.439411] __kasan_kmalloc+0xd4/0xd8 [ 32.439543] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.439681] copy_to_kernel_nofault_oob+0xc8/0x418 [ 32.439819] kunit_try_run_case+0x170/0x3f0 [ 32.439980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.440122] kthread+0x328/0x630 [ 32.440224] ret_from_fork+0x10/0x20 [ 32.440327] [ 32.440388] The buggy address belongs to the object at fff00000c78a6000 [ 32.440388] which belongs to the cache kmalloc-128 of size 128 [ 32.440602] The buggy address is located 0 bytes to the right of [ 32.440602] allocated 120-byte region [fff00000c78a6000, fff00000c78a6078) [ 32.440884] [ 32.440978] The buggy address belongs to the physical page: [ 32.441069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a6 [ 32.441264] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.441524] page_type: f5(slab) [ 32.441732] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.441920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.442080] page dumped because: kasan: bad access detected [ 32.442245] [ 32.442330] Memory state around the buggy address: [ 32.442475] fff00000c78a5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.442597] fff00000c78a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.442703] >fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.442837] ^ [ 32.442958] fff00000c78a6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.443083] fff00000c78a6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.443195] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 32.305683] ================================================================== [ 32.305831] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 32.305982] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 32.306148] [ 32.306290] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.306586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.306670] Hardware name: linux,dummy-virt (DT) [ 32.307028] Call trace: [ 32.307106] show_stack+0x20/0x38 (C) [ 32.307777] dump_stack_lvl+0x8c/0xd0 [ 32.308356] print_report+0x310/0x608 [ 32.308600] kasan_report+0xdc/0x128 [ 32.308813] __asan_report_load1_noabort+0x20/0x30 [ 32.309030] vmalloc_oob+0x51c/0x5d0 [ 32.309176] kunit_try_run_case+0x170/0x3f0 [ 32.309324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.309498] kthread+0x328/0x630 [ 32.309630] ret_from_fork+0x10/0x20 [ 32.309783] [ 32.309859] The buggy address belongs to the virtual mapping at [ 32.309859] [ffff80008010b000, ffff80008010d000) created by: [ 32.309859] vmalloc_oob+0x98/0x5d0 [ 32.310092] [ 32.310159] The buggy address belongs to the physical page: [ 32.310268] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 32.310797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.310989] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 32.311131] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.311261] page dumped because: kasan: bad access detected [ 32.311368] [ 32.311474] Memory state around the buggy address: [ 32.311697] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.311830] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.311973] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 32.312314] ^ [ 32.312514] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 32.312871] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 32.313025] ================================================================== [ 32.296543] ================================================================== [ 32.296762] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 32.296944] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 32.297098] [ 32.297207] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.297493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.297569] Hardware name: linux,dummy-virt (DT) [ 32.297757] Call trace: [ 32.297893] show_stack+0x20/0x38 (C) [ 32.298302] dump_stack_lvl+0x8c/0xd0 [ 32.298461] print_report+0x310/0x608 [ 32.298807] kasan_report+0xdc/0x128 [ 32.298987] __asan_report_load1_noabort+0x20/0x30 [ 32.299160] vmalloc_oob+0x578/0x5d0 [ 32.299338] kunit_try_run_case+0x170/0x3f0 [ 32.299585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.299821] kthread+0x328/0x630 [ 32.299983] ret_from_fork+0x10/0x20 [ 32.300153] [ 32.300242] The buggy address belongs to the virtual mapping at [ 32.300242] [ffff80008010b000, ffff80008010d000) created by: [ 32.300242] vmalloc_oob+0x98/0x5d0 [ 32.300510] [ 32.300582] The buggy address belongs to the physical page: [ 32.300715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 32.300860] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.301034] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 32.301166] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.301582] page dumped because: kasan: bad access detected [ 32.301728] [ 32.301820] Memory state around the buggy address: [ 32.301967] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.302167] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.302359] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 32.302549] ^ [ 32.302731] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 32.302872] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 32.302995] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 32.216537] ================================================================== [ 32.216678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 32.217230] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.218176] [ 32.218302] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.218489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.218569] Hardware name: linux,dummy-virt (DT) [ 32.218663] Call trace: [ 32.218732] show_stack+0x20/0x38 (C) [ 32.218880] dump_stack_lvl+0x8c/0xd0 [ 32.219027] print_report+0x118/0x608 [ 32.219165] kasan_report+0xdc/0x128 [ 32.219325] kasan_check_range+0x100/0x1a8 [ 32.219501] __kasan_check_write+0x20/0x30 [ 32.219705] kasan_atomics_helper+0x175c/0x4858 [ 32.219910] kasan_atomics+0x198/0x2e0 [ 32.220074] kunit_try_run_case+0x170/0x3f0 [ 32.220224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.220468] kthread+0x328/0x630 [ 32.220599] ret_from_fork+0x10/0x20 [ 32.221007] [ 32.221118] Allocated by task 267: [ 32.221734] kasan_save_stack+0x3c/0x68 [ 32.221952] kasan_save_track+0x20/0x40 [ 32.222116] kasan_save_alloc_info+0x40/0x58 [ 32.222734] __kasan_kmalloc+0xd4/0xd8 [ 32.223107] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.223692] kasan_atomics+0xb8/0x2e0 [ 32.224239] kunit_try_run_case+0x170/0x3f0 [ 32.224422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.224565] kthread+0x328/0x630 [ 32.224669] ret_from_fork+0x10/0x20 [ 32.224761] [ 32.224811] The buggy address belongs to the object at fff00000c78a2180 [ 32.224811] which belongs to the cache kmalloc-64 of size 64 [ 32.224985] The buggy address is located 0 bytes to the right of [ 32.224985] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.225188] [ 32.225259] The buggy address belongs to the physical page: [ 32.225362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.225726] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.226369] page_type: f5(slab) [ 32.226771] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.227313] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.227484] page dumped because: kasan: bad access detected [ 32.228727] [ 32.229374] Memory state around the buggy address: [ 32.229687] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.230057] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.231120] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.231782] ^ [ 32.232945] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.233103] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.233843] ================================================================== [ 31.851426] ================================================================== [ 31.851610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 31.851811] Read of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.851988] [ 31.852117] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.852426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.852521] Hardware name: linux,dummy-virt (DT) [ 31.852603] Call trace: [ 31.852700] show_stack+0x20/0x38 (C) [ 31.853101] dump_stack_lvl+0x8c/0xd0 [ 31.853410] print_report+0x118/0x608 [ 31.853555] kasan_report+0xdc/0x128 [ 31.853685] __asan_report_load4_noabort+0x20/0x30 [ 31.853950] kasan_atomics_helper+0x3dd8/0x4858 [ 31.854104] kasan_atomics+0x198/0x2e0 [ 31.854263] kunit_try_run_case+0x170/0x3f0 [ 31.854413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.854600] kthread+0x328/0x630 [ 31.854755] ret_from_fork+0x10/0x20 [ 31.854976] [ 31.855038] Allocated by task 267: [ 31.855121] kasan_save_stack+0x3c/0x68 [ 31.855242] kasan_save_track+0x20/0x40 [ 31.855351] kasan_save_alloc_info+0x40/0x58 [ 31.855501] __kasan_kmalloc+0xd4/0xd8 [ 31.855618] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.855749] kasan_atomics+0xb8/0x2e0 [ 31.855867] kunit_try_run_case+0x170/0x3f0 [ 31.856024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.856152] kthread+0x328/0x630 [ 31.856266] ret_from_fork+0x10/0x20 [ 31.856463] [ 31.856519] The buggy address belongs to the object at fff00000c78a2180 [ 31.856519] which belongs to the cache kmalloc-64 of size 64 [ 31.857118] The buggy address is located 0 bytes to the right of [ 31.857118] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.857358] [ 31.857415] The buggy address belongs to the physical page: [ 31.857507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.857660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.857813] page_type: f5(slab) [ 31.858595] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.859048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.859435] page dumped because: kasan: bad access detected [ 31.859570] [ 31.859625] Memory state around the buggy address: [ 31.860003] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.860094] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.860162] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.860221] ^ [ 31.860271] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.860337] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.860394] ================================================================== [ 32.046257] ================================================================== [ 32.046749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 32.047229] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.047634] [ 32.047753] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.049502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.049575] Hardware name: linux,dummy-virt (DT) [ 32.049624] Call trace: [ 32.049668] show_stack+0x20/0x38 (C) [ 32.049783] dump_stack_lvl+0x8c/0xd0 [ 32.049859] print_report+0x118/0x608 [ 32.049927] kasan_report+0xdc/0x128 [ 32.049991] kasan_check_range+0x100/0x1a8 [ 32.050061] __kasan_check_write+0x20/0x30 [ 32.050128] kasan_atomics_helper+0x126c/0x4858 [ 32.050197] kasan_atomics+0x198/0x2e0 [ 32.050259] kunit_try_run_case+0x170/0x3f0 [ 32.050331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.050409] kthread+0x328/0x630 [ 32.050514] ret_from_fork+0x10/0x20 [ 32.050659] [ 32.050716] Allocated by task 267: [ 32.050803] kasan_save_stack+0x3c/0x68 [ 32.050922] kasan_save_track+0x20/0x40 [ 32.051037] kasan_save_alloc_info+0x40/0x58 [ 32.051157] __kasan_kmalloc+0xd4/0xd8 [ 32.051551] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.051711] kasan_atomics+0xb8/0x2e0 [ 32.051836] kunit_try_run_case+0x170/0x3f0 [ 32.052351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.052507] kthread+0x328/0x630 [ 32.052647] ret_from_fork+0x10/0x20 [ 32.052754] [ 32.053168] The buggy address belongs to the object at fff00000c78a2180 [ 32.053168] which belongs to the cache kmalloc-64 of size 64 [ 32.053377] The buggy address is located 0 bytes to the right of [ 32.053377] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.053599] [ 32.054031] The buggy address belongs to the physical page: [ 32.054537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.054708] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.055128] page_type: f5(slab) [ 32.055547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.055852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.056119] page dumped because: kasan: bad access detected [ 32.056519] [ 32.056591] Memory state around the buggy address: [ 32.056698] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.056830] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.056967] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.057323] ^ [ 32.057863] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.058189] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.058500] ================================================================== [ 32.252927] ================================================================== [ 32.253139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 32.253323] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.253495] [ 32.253597] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.253848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.253940] Hardware name: linux,dummy-virt (DT) [ 32.254037] Call trace: [ 32.254115] show_stack+0x20/0x38 (C) [ 32.254321] dump_stack_lvl+0x8c/0xd0 [ 32.254501] print_report+0x118/0x608 [ 32.254638] kasan_report+0xdc/0x128 [ 32.254888] kasan_check_range+0x100/0x1a8 [ 32.255429] __kasan_check_write+0x20/0x30 [ 32.255632] kasan_atomics_helper+0x17ec/0x4858 [ 32.255810] kasan_atomics+0x198/0x2e0 [ 32.256146] kunit_try_run_case+0x170/0x3f0 [ 32.256393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.256588] kthread+0x328/0x630 [ 32.256730] ret_from_fork+0x10/0x20 [ 32.256876] [ 32.256943] Allocated by task 267: [ 32.257651] kasan_save_stack+0x3c/0x68 [ 32.258136] kasan_save_track+0x20/0x40 [ 32.258246] kasan_save_alloc_info+0x40/0x58 [ 32.258839] __kasan_kmalloc+0xd4/0xd8 [ 32.259831] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.259994] kasan_atomics+0xb8/0x2e0 [ 32.260091] kunit_try_run_case+0x170/0x3f0 [ 32.260188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.260642] kthread+0x328/0x630 [ 32.260790] ret_from_fork+0x10/0x20 [ 32.261811] [ 32.261925] The buggy address belongs to the object at fff00000c78a2180 [ 32.261925] which belongs to the cache kmalloc-64 of size 64 [ 32.262130] The buggy address is located 0 bytes to the right of [ 32.262130] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.262338] [ 32.262523] The buggy address belongs to the physical page: [ 32.262734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.262997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.263169] page_type: f5(slab) [ 32.263280] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.263468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.263606] page dumped because: kasan: bad access detected [ 32.264569] [ 32.264775] Memory state around the buggy address: [ 32.264912] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.265053] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.265161] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.265252] ^ [ 32.265598] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.266115] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.266665] ================================================================== [ 31.909682] ================================================================== [ 31.909899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 31.910118] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.910325] [ 31.910473] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.910695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.910815] Hardware name: linux,dummy-virt (DT) [ 31.910961] Call trace: [ 31.911024] show_stack+0x20/0x38 (C) [ 31.911202] dump_stack_lvl+0x8c/0xd0 [ 31.911324] print_report+0x118/0x608 [ 31.911482] kasan_report+0xdc/0x128 [ 31.911612] kasan_check_range+0x100/0x1a8 [ 31.911731] __kasan_check_write+0x20/0x30 [ 31.911872] kasan_atomics_helper+0xe44/0x4858 [ 31.912151] kasan_atomics+0x198/0x2e0 [ 31.912343] kunit_try_run_case+0x170/0x3f0 [ 31.912495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.912723] kthread+0x328/0x630 [ 31.912924] ret_from_fork+0x10/0x20 [ 31.913072] [ 31.913134] Allocated by task 267: [ 31.913225] kasan_save_stack+0x3c/0x68 [ 31.913346] kasan_save_track+0x20/0x40 [ 31.913535] kasan_save_alloc_info+0x40/0x58 [ 31.913665] __kasan_kmalloc+0xd4/0xd8 [ 31.913779] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.913938] kasan_atomics+0xb8/0x2e0 [ 31.914027] kunit_try_run_case+0x170/0x3f0 [ 31.914124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.914258] kthread+0x328/0x630 [ 31.914361] ret_from_fork+0x10/0x20 [ 31.914478] [ 31.914537] The buggy address belongs to the object at fff00000c78a2180 [ 31.914537] which belongs to the cache kmalloc-64 of size 64 [ 31.914750] The buggy address is located 0 bytes to the right of [ 31.914750] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.914950] [ 31.915003] The buggy address belongs to the physical page: [ 31.915098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.915259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.915426] page_type: f5(slab) [ 31.915570] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.915883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.916101] page dumped because: kasan: bad access detected [ 31.916158] [ 31.916188] Memory state around the buggy address: [ 31.916290] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.916426] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.916592] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.916718] ^ [ 31.916834] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.916975] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.917101] ================================================================== [ 31.761921] ================================================================== [ 31.762099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 31.762257] Write of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.762412] [ 31.762532] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.762787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.762875] Hardware name: linux,dummy-virt (DT) [ 31.762976] Call trace: [ 31.763047] show_stack+0x20/0x38 (C) [ 31.763196] dump_stack_lvl+0x8c/0xd0 [ 31.763341] print_report+0x118/0x608 [ 31.763528] kasan_report+0xdc/0x128 [ 31.763658] kasan_check_range+0x100/0x1a8 [ 31.764118] __kasan_check_write+0x20/0x30 [ 31.764252] kasan_atomics_helper+0xad4/0x4858 [ 31.764417] kasan_atomics+0x198/0x2e0 [ 31.764587] kunit_try_run_case+0x170/0x3f0 [ 31.764732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.764971] kthread+0x328/0x630 [ 31.765409] ret_from_fork+0x10/0x20 [ 31.765758] [ 31.765847] Allocated by task 267: [ 31.765947] kasan_save_stack+0x3c/0x68 [ 31.766165] kasan_save_track+0x20/0x40 [ 31.766404] kasan_save_alloc_info+0x40/0x58 [ 31.766551] __kasan_kmalloc+0xd4/0xd8 [ 31.766666] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.766800] kasan_atomics+0xb8/0x2e0 [ 31.766912] kunit_try_run_case+0x170/0x3f0 [ 31.767038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.767177] kthread+0x328/0x630 [ 31.767299] ret_from_fork+0x10/0x20 [ 31.767419] [ 31.767501] The buggy address belongs to the object at fff00000c78a2180 [ 31.767501] which belongs to the cache kmalloc-64 of size 64 [ 31.767945] The buggy address is located 0 bytes to the right of [ 31.767945] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.768195] [ 31.768269] The buggy address belongs to the physical page: [ 31.768481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.768641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.768771] page_type: f5(slab) [ 31.768861] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.769005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.769130] page dumped because: kasan: bad access detected [ 31.769385] [ 31.769466] Memory state around the buggy address: [ 31.769597] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.769749] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.769923] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.770065] ^ [ 31.770182] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.770356] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.770514] ================================================================== [ 31.939224] ================================================================== [ 31.939368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 31.939533] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.939705] [ 31.939808] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.940059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.940148] Hardware name: linux,dummy-virt (DT) [ 31.940249] Call trace: [ 31.940320] show_stack+0x20/0x38 (C) [ 31.940478] dump_stack_lvl+0x8c/0xd0 [ 31.940616] print_report+0x118/0x608 [ 31.940759] kasan_report+0xdc/0x128 [ 31.940893] kasan_check_range+0x100/0x1a8 [ 31.941099] __kasan_check_write+0x20/0x30 [ 31.941624] kasan_atomics_helper+0xf20/0x4858 [ 31.942252] kasan_atomics+0x198/0x2e0 [ 31.942388] kunit_try_run_case+0x170/0x3f0 [ 31.942786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.942978] kthread+0x328/0x630 [ 31.943123] ret_from_fork+0x10/0x20 [ 31.943259] [ 31.943317] Allocated by task 267: [ 31.943469] kasan_save_stack+0x3c/0x68 [ 31.943645] kasan_save_track+0x20/0x40 [ 31.943785] kasan_save_alloc_info+0x40/0x58 [ 31.943904] __kasan_kmalloc+0xd4/0xd8 [ 31.944019] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.944151] kasan_atomics+0xb8/0x2e0 [ 31.944257] kunit_try_run_case+0x170/0x3f0 [ 31.944796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.945157] kthread+0x328/0x630 [ 31.945407] ret_from_fork+0x10/0x20 [ 31.945754] [ 31.945824] The buggy address belongs to the object at fff00000c78a2180 [ 31.945824] which belongs to the cache kmalloc-64 of size 64 [ 31.946012] The buggy address is located 0 bytes to the right of [ 31.946012] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.946353] [ 31.946783] The buggy address belongs to the physical page: [ 31.947043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.947228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.947395] page_type: f5(slab) [ 31.947526] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.947682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.947814] page dumped because: kasan: bad access detected [ 31.947948] [ 31.948004] Memory state around the buggy address: [ 31.948109] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.948506] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.948664] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.948776] ^ [ 31.948858] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.948961] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.949402] ================================================================== [ 32.124861] ================================================================== [ 32.124994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 32.125132] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.125282] [ 32.125387] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.125659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.125742] Hardware name: linux,dummy-virt (DT) [ 32.125843] Call trace: [ 32.125914] show_stack+0x20/0x38 (C) [ 32.126062] dump_stack_lvl+0x8c/0xd0 [ 32.126207] print_report+0x118/0x608 [ 32.126336] kasan_report+0xdc/0x128 [ 32.127334] kasan_check_range+0x100/0x1a8 [ 32.127869] __kasan_check_write+0x20/0x30 [ 32.128063] kasan_atomics_helper+0x154c/0x4858 [ 32.128204] kasan_atomics+0x198/0x2e0 [ 32.128333] kunit_try_run_case+0x170/0x3f0 [ 32.128496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.128693] kthread+0x328/0x630 [ 32.128861] ret_from_fork+0x10/0x20 [ 32.128983] [ 32.129046] Allocated by task 267: [ 32.129132] kasan_save_stack+0x3c/0x68 [ 32.129661] kasan_save_track+0x20/0x40 [ 32.130217] kasan_save_alloc_info+0x40/0x58 [ 32.130495] __kasan_kmalloc+0xd4/0xd8 [ 32.130894] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.131153] kasan_atomics+0xb8/0x2e0 [ 32.131259] kunit_try_run_case+0x170/0x3f0 [ 32.131399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.131555] kthread+0x328/0x630 [ 32.131666] ret_from_fork+0x10/0x20 [ 32.132385] [ 32.132472] The buggy address belongs to the object at fff00000c78a2180 [ 32.132472] which belongs to the cache kmalloc-64 of size 64 [ 32.132628] The buggy address is located 0 bytes to the right of [ 32.132628] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.132857] [ 32.133609] The buggy address belongs to the physical page: [ 32.133872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.134263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.134437] page_type: f5(slab) [ 32.134577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.134743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.134880] page dumped because: kasan: bad access detected [ 32.135602] [ 32.135868] Memory state around the buggy address: [ 32.136350] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.136660] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.137048] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.137331] ^ [ 32.137730] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.137908] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.138007] ================================================================== [ 32.203962] ================================================================== [ 32.204145] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 32.204549] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.204772] [ 32.204902] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.205152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.205459] Hardware name: linux,dummy-virt (DT) [ 32.205768] Call trace: [ 32.205870] show_stack+0x20/0x38 (C) [ 32.206096] dump_stack_lvl+0x8c/0xd0 [ 32.206251] print_report+0x118/0x608 [ 32.206389] kasan_report+0xdc/0x128 [ 32.206533] __asan_report_load8_noabort+0x20/0x30 [ 32.206655] kasan_atomics_helper+0x3e10/0x4858 [ 32.206787] kasan_atomics+0x198/0x2e0 [ 32.206912] kunit_try_run_case+0x170/0x3f0 [ 32.207061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.207232] kthread+0x328/0x630 [ 32.207371] ret_from_fork+0x10/0x20 [ 32.207553] [ 32.207613] Allocated by task 267: [ 32.207704] kasan_save_stack+0x3c/0x68 [ 32.207819] kasan_save_track+0x20/0x40 [ 32.207931] kasan_save_alloc_info+0x40/0x58 [ 32.208050] __kasan_kmalloc+0xd4/0xd8 [ 32.208164] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.208294] kasan_atomics+0xb8/0x2e0 [ 32.208405] kunit_try_run_case+0x170/0x3f0 [ 32.208788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.209129] kthread+0x328/0x630 [ 32.209267] ret_from_fork+0x10/0x20 [ 32.209618] [ 32.209687] The buggy address belongs to the object at fff00000c78a2180 [ 32.209687] which belongs to the cache kmalloc-64 of size 64 [ 32.209930] The buggy address is located 0 bytes to the right of [ 32.209930] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.210217] [ 32.210317] The buggy address belongs to the physical page: [ 32.210466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.210763] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.211239] page_type: f5(slab) [ 32.211391] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.211562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.211803] page dumped because: kasan: bad access detected [ 32.212106] [ 32.212202] Memory state around the buggy address: [ 32.212323] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.212510] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.212703] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.212879] ^ [ 32.213025] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.213193] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.213296] ================================================================== [ 31.730782] ================================================================== [ 31.730944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 31.731163] Write of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.731872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.734158] kunit_try_run_case+0x170/0x3f0 [ 31.734949] ret_from_fork+0x10/0x20 [ 31.735494] [ 31.735592] Allocated by task 267: [ 31.735826] kasan_save_stack+0x3c/0x68 [ 31.736092] kasan_save_track+0x20/0x40 [ 31.736298] kasan_save_alloc_info+0x40/0x58 [ 31.736462] __kasan_kmalloc+0xd4/0xd8 [ 31.736601] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.736751] kasan_atomics+0xb8/0x2e0 [ 31.736933] kunit_try_run_case+0x170/0x3f0 [ 31.737136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.737307] kthread+0x328/0x630 [ 31.737460] ret_from_fork+0x10/0x20 [ 31.737581] [ 31.737644] The buggy address belongs to the object at fff00000c78a2180 [ 31.737644] which belongs to the cache kmalloc-64 of size 64 [ 31.737819] The buggy address is located 0 bytes to the right of [ 31.737819] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.738022] [ 31.738093] The buggy address belongs to the physical page: [ 31.738190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.738351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.738525] page_type: f5(slab) [ 31.738642] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.738827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.738995] page dumped because: kasan: bad access detected [ 31.739107] [ 31.739170] Memory state around the buggy address: [ 31.739275] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.739492] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.739886] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.740296] ^ [ 31.740427] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.740557] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.740684] ================================================================== [ 32.072838] ================================================================== [ 32.072988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 32.073128] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.073282] [ 32.073379] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.073652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.073742] Hardware name: linux,dummy-virt (DT) [ 32.073881] Call trace: [ 32.073962] show_stack+0x20/0x38 (C) [ 32.074107] dump_stack_lvl+0x8c/0xd0 [ 32.074255] print_report+0x118/0x608 [ 32.074393] kasan_report+0xdc/0x128 [ 32.076126] kasan_check_range+0x100/0x1a8 [ 32.076295] __kasan_check_write+0x20/0x30 [ 32.076475] kasan_atomics_helper+0x1384/0x4858 [ 32.076621] kasan_atomics+0x198/0x2e0 [ 32.076753] kunit_try_run_case+0x170/0x3f0 [ 32.077756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.078415] kthread+0x328/0x630 [ 32.078581] ret_from_fork+0x10/0x20 [ 32.078872] [ 32.078937] Allocated by task 267: [ 32.079138] kasan_save_stack+0x3c/0x68 [ 32.079726] kasan_save_track+0x20/0x40 [ 32.079937] kasan_save_alloc_info+0x40/0x58 [ 32.080514] __kasan_kmalloc+0xd4/0xd8 [ 32.080676] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.080945] kasan_atomics+0xb8/0x2e0 [ 32.081067] kunit_try_run_case+0x170/0x3f0 [ 32.081642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.081792] kthread+0x328/0x630 [ 32.082053] ret_from_fork+0x10/0x20 [ 32.082600] [ 32.083029] The buggy address belongs to the object at fff00000c78a2180 [ 32.083029] which belongs to the cache kmalloc-64 of size 64 [ 32.083617] The buggy address is located 0 bytes to the right of [ 32.083617] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.083840] [ 32.083911] The buggy address belongs to the physical page: [ 32.084007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.085425] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.085629] page_type: f5(slab) [ 32.085800] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.086088] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.086248] page dumped because: kasan: bad access detected [ 32.086389] [ 32.087090] Memory state around the buggy address: [ 32.087442] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.087618] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.087758] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.088423] ^ [ 32.088579] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.088709] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.088837] ================================================================== [ 32.184039] ================================================================== [ 32.184175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 32.184361] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.184516] [ 32.184584] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.184771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.184890] Hardware name: linux,dummy-virt (DT) [ 32.185020] Call trace: [ 32.185089] show_stack+0x20/0x38 (C) [ 32.185216] dump_stack_lvl+0x8c/0xd0 [ 32.185346] print_report+0x118/0x608 [ 32.185479] kasan_report+0xdc/0x128 [ 32.185600] __asan_report_load8_noabort+0x20/0x30 [ 32.185734] kasan_atomics_helper+0x3df4/0x4858 [ 32.185865] kasan_atomics+0x198/0x2e0 [ 32.186002] kunit_try_run_case+0x170/0x3f0 [ 32.186200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.186402] kthread+0x328/0x630 [ 32.186566] ret_from_fork+0x10/0x20 [ 32.186714] [ 32.186780] Allocated by task 267: [ 32.186865] kasan_save_stack+0x3c/0x68 [ 32.186987] kasan_save_track+0x20/0x40 [ 32.187097] kasan_save_alloc_info+0x40/0x58 [ 32.187217] __kasan_kmalloc+0xd4/0xd8 [ 32.187322] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.187479] kasan_atomics+0xb8/0x2e0 [ 32.187588] kunit_try_run_case+0x170/0x3f0 [ 32.187713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.187852] kthread+0x328/0x630 [ 32.187960] ret_from_fork+0x10/0x20 [ 32.188071] [ 32.188500] The buggy address belongs to the object at fff00000c78a2180 [ 32.188500] which belongs to the cache kmalloc-64 of size 64 [ 32.190013] The buggy address is located 0 bytes to the right of [ 32.190013] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.190219] [ 32.190288] The buggy address belongs to the physical page: [ 32.190393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.190575] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.190731] page_type: f5(slab) [ 32.190875] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.191032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.191160] page dumped because: kasan: bad access detected [ 32.191247] [ 32.191305] Memory state around the buggy address: [ 32.191424] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.191624] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.191813] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.191984] ^ [ 32.192109] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.192244] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.192365] ================================================================== [ 32.106218] ================================================================== [ 32.106381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 32.106539] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.106689] [ 32.106753] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.106876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.106916] Hardware name: linux,dummy-virt (DT) [ 32.106964] Call trace: [ 32.107000] show_stack+0x20/0x38 (C) [ 32.107078] dump_stack_lvl+0x8c/0xd0 [ 32.107150] print_report+0x118/0x608 [ 32.107215] kasan_report+0xdc/0x128 [ 32.107281] kasan_check_range+0x100/0x1a8 [ 32.107348] __kasan_check_write+0x20/0x30 [ 32.107433] kasan_atomics_helper+0x147c/0x4858 [ 32.107558] kasan_atomics+0x198/0x2e0 [ 32.107660] kunit_try_run_case+0x170/0x3f0 [ 32.107801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.107967] kthread+0x328/0x630 [ 32.108097] ret_from_fork+0x10/0x20 [ 32.108240] [ 32.108306] Allocated by task 267: [ 32.108391] kasan_save_stack+0x3c/0x68 [ 32.108529] kasan_save_track+0x20/0x40 [ 32.108640] kasan_save_alloc_info+0x40/0x58 [ 32.108762] __kasan_kmalloc+0xd4/0xd8 [ 32.109074] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.109618] kasan_atomics+0xb8/0x2e0 [ 32.109748] kunit_try_run_case+0x170/0x3f0 [ 32.109865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.109977] kthread+0x328/0x630 [ 32.110085] ret_from_fork+0x10/0x20 [ 32.110197] [ 32.110267] The buggy address belongs to the object at fff00000c78a2180 [ 32.110267] which belongs to the cache kmalloc-64 of size 64 [ 32.110864] The buggy address is located 0 bytes to the right of [ 32.110864] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.111407] [ 32.111535] The buggy address belongs to the physical page: [ 32.111664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.111834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.112003] page_type: f5(slab) [ 32.112174] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.112398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.112601] page dumped because: kasan: bad access detected [ 32.112746] [ 32.112835] Memory state around the buggy address: [ 32.112976] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.113170] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.113358] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.113504] ^ [ 32.113601] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.113724] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.113847] ================================================================== [ 31.706346] ================================================================== [ 31.706512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 31.706669] Write of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.706822] [ 31.706926] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.707182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.708241] Hardware name: linux,dummy-virt (DT) [ 31.708377] Call trace: [ 31.709021] show_stack+0x20/0x38 (C) [ 31.709403] dump_stack_lvl+0x8c/0xd0 [ 31.709734] print_report+0x118/0x608 [ 31.710856] kasan_report+0xdc/0x128 [ 31.711219] kasan_check_range+0x100/0x1a8 [ 31.712307] __kasan_check_write+0x20/0x30 [ 31.712793] kasan_atomics_helper+0x99c/0x4858 [ 31.712974] kasan_atomics+0x198/0x2e0 [ 31.713564] kunit_try_run_case+0x170/0x3f0 [ 31.713725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.713894] kthread+0x328/0x630 [ 31.714678] ret_from_fork+0x10/0x20 [ 31.715843] [ 31.716084] Allocated by task 267: [ 31.716338] kasan_save_stack+0x3c/0x68 [ 31.716541] kasan_save_track+0x20/0x40 [ 31.716801] kasan_save_alloc_info+0x40/0x58 [ 31.717261] __kasan_kmalloc+0xd4/0xd8 [ 31.717697] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.718053] kasan_atomics+0xb8/0x2e0 [ 31.718292] kunit_try_run_case+0x170/0x3f0 [ 31.718417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.718571] kthread+0x328/0x630 [ 31.719819] ret_from_fork+0x10/0x20 [ 31.720569] [ 31.721160] The buggy address belongs to the object at fff00000c78a2180 [ 31.721160] which belongs to the cache kmalloc-64 of size 64 [ 31.721478] The buggy address is located 0 bytes to the right of [ 31.721478] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.721863] [ 31.721942] The buggy address belongs to the physical page: [ 31.722193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.722695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.723514] page_type: f5(slab) [ 31.723737] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.724196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.724657] page dumped because: kasan: bad access detected [ 31.725595] [ 31.725697] Memory state around the buggy address: [ 31.725907] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.726935] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.727076] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.727725] ^ [ 31.728140] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.728510] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.728640] ================================================================== [ 31.741925] ================================================================== [ 31.742134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 31.742303] Write of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.742492] [ 31.742641] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.742987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.743119] Hardware name: linux,dummy-virt (DT) [ 31.743222] Call trace: [ 31.743293] show_stack+0x20/0x38 (C) [ 31.743901] dump_stack_lvl+0x8c/0xd0 [ 31.744118] print_report+0x118/0x608 [ 31.744253] kasan_report+0xdc/0x128 [ 31.744386] kasan_check_range+0x100/0x1a8 [ 31.744555] __kasan_check_write+0x20/0x30 [ 31.744704] kasan_atomics_helper+0xa6c/0x4858 [ 31.744850] kasan_atomics+0x198/0x2e0 [ 31.744988] kunit_try_run_case+0x170/0x3f0 [ 31.747789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.748319] kthread+0x328/0x630 [ 31.748484] ret_from_fork+0x10/0x20 [ 31.748609] [ 31.748658] Allocated by task 267: [ 31.748740] kasan_save_stack+0x3c/0x68 [ 31.749237] kasan_save_track+0x20/0x40 [ 31.749504] kasan_save_alloc_info+0x40/0x58 [ 31.750089] __kasan_kmalloc+0xd4/0xd8 [ 31.750211] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.750341] kasan_atomics+0xb8/0x2e0 [ 31.750469] kunit_try_run_case+0x170/0x3f0 [ 31.750600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.750741] kthread+0x328/0x630 [ 31.750852] ret_from_fork+0x10/0x20 [ 31.750967] [ 31.751036] The buggy address belongs to the object at fff00000c78a2180 [ 31.751036] which belongs to the cache kmalloc-64 of size 64 [ 31.751984] The buggy address is located 0 bytes to the right of [ 31.751984] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.753329] [ 31.753405] The buggy address belongs to the physical page: [ 31.753566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.753819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.754069] page_type: f5(slab) [ 31.754245] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.754715] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.755129] page dumped because: kasan: bad access detected [ 31.755252] [ 31.755315] Memory state around the buggy address: [ 31.755683] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.755869] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.756008] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.756306] ^ [ 31.756659] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.756790] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.756891] ================================================================== [ 31.986897] ================================================================== [ 31.987046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 31.987198] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.987356] [ 31.987900] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.988328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.988422] Hardware name: linux,dummy-virt (DT) [ 31.988743] Call trace: [ 31.988897] show_stack+0x20/0x38 (C) [ 31.989057] dump_stack_lvl+0x8c/0xd0 [ 31.989197] print_report+0x118/0x608 [ 31.989379] kasan_report+0xdc/0x128 [ 31.989643] kasan_check_range+0x100/0x1a8 [ 31.990239] __kasan_check_write+0x20/0x30 [ 31.990511] kasan_atomics_helper+0x10c0/0x4858 [ 31.990728] kasan_atomics+0x198/0x2e0 [ 31.990921] kunit_try_run_case+0x170/0x3f0 [ 31.991266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.991564] kthread+0x328/0x630 [ 31.991732] ret_from_fork+0x10/0x20 [ 31.991960] [ 31.992028] Allocated by task 267: [ 31.992468] kasan_save_stack+0x3c/0x68 [ 31.992759] kasan_save_track+0x20/0x40 [ 31.992885] kasan_save_alloc_info+0x40/0x58 [ 31.993108] __kasan_kmalloc+0xd4/0xd8 [ 31.993404] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.993649] kasan_atomics+0xb8/0x2e0 [ 31.993761] kunit_try_run_case+0x170/0x3f0 [ 31.993874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.994003] kthread+0x328/0x630 [ 31.994184] ret_from_fork+0x10/0x20 [ 31.994413] [ 31.994687] The buggy address belongs to the object at fff00000c78a2180 [ 31.994687] which belongs to the cache kmalloc-64 of size 64 [ 31.995151] The buggy address is located 0 bytes to the right of [ 31.995151] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.995535] [ 31.995603] The buggy address belongs to the physical page: [ 31.996250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.996714] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.997132] page_type: f5(slab) [ 31.997313] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.997440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.997577] page dumped because: kasan: bad access detected [ 31.997677] [ 31.997730] Memory state around the buggy address: [ 31.998015] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.998291] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.998637] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.998855] ^ [ 31.998971] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.999104] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.999229] ================================================================== [ 32.139199] ================================================================== [ 32.139473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 32.139878] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.140202] [ 32.140318] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.140572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.140657] Hardware name: linux,dummy-virt (DT) [ 32.140762] Call trace: [ 32.140835] show_stack+0x20/0x38 (C) [ 32.141645] dump_stack_lvl+0x8c/0xd0 [ 32.142048] print_report+0x118/0x608 [ 32.142182] kasan_report+0xdc/0x128 [ 32.142355] kasan_check_range+0x100/0x1a8 [ 32.142514] __kasan_check_write+0x20/0x30 [ 32.142666] kasan_atomics_helper+0x15b4/0x4858 [ 32.143397] kasan_atomics+0x198/0x2e0 [ 32.143871] kunit_try_run_case+0x170/0x3f0 [ 32.144247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.144814] kthread+0x328/0x630 [ 32.145171] ret_from_fork+0x10/0x20 [ 32.145341] [ 32.145410] Allocated by task 267: [ 32.145915] kasan_save_stack+0x3c/0x68 [ 32.146187] kasan_save_track+0x20/0x40 [ 32.146491] kasan_save_alloc_info+0x40/0x58 [ 32.146754] __kasan_kmalloc+0xd4/0xd8 [ 32.146865] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.147652] kasan_atomics+0xb8/0x2e0 [ 32.147946] kunit_try_run_case+0x170/0x3f0 [ 32.148497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.148639] kthread+0x328/0x630 [ 32.148753] ret_from_fork+0x10/0x20 [ 32.148856] [ 32.148911] The buggy address belongs to the object at fff00000c78a2180 [ 32.148911] which belongs to the cache kmalloc-64 of size 64 [ 32.149460] The buggy address is located 0 bytes to the right of [ 32.149460] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.149686] [ 32.149898] The buggy address belongs to the physical page: [ 32.150008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.150170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.150320] page_type: f5(slab) [ 32.150442] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.150625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.150762] page dumped because: kasan: bad access detected [ 32.150875] [ 32.150942] Memory state around the buggy address: [ 32.151046] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.151188] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.151327] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.151865] ^ [ 32.152038] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.152179] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.152305] ================================================================== [ 32.098328] ================================================================== [ 32.098529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 32.098665] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.098927] [ 32.099070] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.099342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.099428] Hardware name: linux,dummy-virt (DT) [ 32.099530] Call trace: [ 32.099605] show_stack+0x20/0x38 (C) [ 32.099778] dump_stack_lvl+0x8c/0xd0 [ 32.100027] print_report+0x118/0x608 [ 32.100183] kasan_report+0xdc/0x128 [ 32.100296] kasan_check_range+0x100/0x1a8 [ 32.100467] __kasan_check_write+0x20/0x30 [ 32.100599] kasan_atomics_helper+0x1414/0x4858 [ 32.100772] kasan_atomics+0x198/0x2e0 [ 32.100903] kunit_try_run_case+0x170/0x3f0 [ 32.101046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.101194] kthread+0x328/0x630 [ 32.101358] ret_from_fork+0x10/0x20 [ 32.101601] [ 32.101690] Allocated by task 267: [ 32.101826] kasan_save_stack+0x3c/0x68 [ 32.101956] kasan_save_track+0x20/0x40 [ 32.102116] kasan_save_alloc_info+0x40/0x58 [ 32.102237] __kasan_kmalloc+0xd4/0xd8 [ 32.102352] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.102493] kasan_atomics+0xb8/0x2e0 [ 32.102607] kunit_try_run_case+0x170/0x3f0 [ 32.102725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.102864] kthread+0x328/0x630 [ 32.102973] ret_from_fork+0x10/0x20 [ 32.103085] [ 32.103155] The buggy address belongs to the object at fff00000c78a2180 [ 32.103155] which belongs to the cache kmalloc-64 of size 64 [ 32.103340] The buggy address is located 0 bytes to the right of [ 32.103340] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.103555] [ 32.103623] The buggy address belongs to the physical page: [ 32.103746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.103894] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.104078] page_type: f5(slab) [ 32.104206] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.104373] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.104512] page dumped because: kasan: bad access detected [ 32.104619] [ 32.104682] Memory state around the buggy address: [ 32.104824] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.104963] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.105128] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.105273] ^ [ 32.105428] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.105631] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.105749] ================================================================== [ 32.237293] ================================================================== [ 32.237460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 32.237695] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.237917] [ 32.238057] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.238333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.238501] Hardware name: linux,dummy-virt (DT) [ 32.238608] Call trace: [ 32.238681] show_stack+0x20/0x38 (C) [ 32.239272] dump_stack_lvl+0x8c/0xd0 [ 32.239535] print_report+0x118/0x608 [ 32.239736] kasan_report+0xdc/0x128 [ 32.239966] __asan_report_load8_noabort+0x20/0x30 [ 32.240159] kasan_atomics_helper+0x3e20/0x4858 [ 32.240614] kasan_atomics+0x198/0x2e0 [ 32.241016] kunit_try_run_case+0x170/0x3f0 [ 32.241216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.241593] kthread+0x328/0x630 [ 32.242012] ret_from_fork+0x10/0x20 [ 32.242588] [ 32.242715] Allocated by task 267: [ 32.242810] kasan_save_stack+0x3c/0x68 [ 32.242995] kasan_save_track+0x20/0x40 [ 32.243539] kasan_save_alloc_info+0x40/0x58 [ 32.244078] __kasan_kmalloc+0xd4/0xd8 [ 32.244206] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.244515] kasan_atomics+0xb8/0x2e0 [ 32.244859] kunit_try_run_case+0x170/0x3f0 [ 32.245058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.245282] kthread+0x328/0x630 [ 32.245376] ret_from_fork+0x10/0x20 [ 32.245486] [ 32.245547] The buggy address belongs to the object at fff00000c78a2180 [ 32.245547] which belongs to the cache kmalloc-64 of size 64 [ 32.246119] The buggy address is located 0 bytes to the right of [ 32.246119] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.246702] [ 32.246897] The buggy address belongs to the physical page: [ 32.247314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.247540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.247866] page_type: f5(slab) [ 32.248107] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.248817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.248965] page dumped because: kasan: bad access detected [ 32.249049] [ 32.249225] Memory state around the buggy address: [ 32.249339] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.249572] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.249871] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.250417] ^ [ 32.250737] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.251087] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.251580] ================================================================== [ 31.927679] ================================================================== [ 31.927831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 31.928669] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.928851] [ 31.928986] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.929333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.929503] Hardware name: linux,dummy-virt (DT) [ 31.929605] Call trace: [ 31.930130] show_stack+0x20/0x38 (C) [ 31.930319] dump_stack_lvl+0x8c/0xd0 [ 31.930560] print_report+0x118/0x608 [ 31.930696] kasan_report+0xdc/0x128 [ 31.930931] kasan_check_range+0x100/0x1a8 [ 31.931156] __kasan_check_write+0x20/0x30 [ 31.931370] kasan_atomics_helper+0xeb8/0x4858 [ 31.931599] kasan_atomics+0x198/0x2e0 [ 31.931776] kunit_try_run_case+0x170/0x3f0 [ 31.931925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.932599] kthread+0x328/0x630 [ 31.932742] ret_from_fork+0x10/0x20 [ 31.932859] [ 31.933186] Allocated by task 267: [ 31.933491] kasan_save_stack+0x3c/0x68 [ 31.933689] kasan_save_track+0x20/0x40 [ 31.933858] kasan_save_alloc_info+0x40/0x58 [ 31.934023] __kasan_kmalloc+0xd4/0xd8 [ 31.934186] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.934362] kasan_atomics+0xb8/0x2e0 [ 31.934526] kunit_try_run_case+0x170/0x3f0 [ 31.934703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.934894] kthread+0x328/0x630 [ 31.935056] ret_from_fork+0x10/0x20 [ 31.935218] [ 31.935288] The buggy address belongs to the object at fff00000c78a2180 [ 31.935288] which belongs to the cache kmalloc-64 of size 64 [ 31.935482] The buggy address is located 0 bytes to the right of [ 31.935482] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.935699] [ 31.935784] The buggy address belongs to the physical page: [ 31.935877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.936531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.936761] page_type: f5(slab) [ 31.937129] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.937367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.938066] page dumped because: kasan: bad access detected [ 31.938143] [ 31.938173] Memory state around the buggy address: [ 31.938230] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.938296] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.938362] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.938417] ^ [ 31.938506] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.938633] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.938752] ================================================================== [ 32.090704] ================================================================== [ 32.090850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 32.090995] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.091145] [ 32.091250] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.091525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.091610] Hardware name: linux,dummy-virt (DT) [ 32.091714] Call trace: [ 32.091784] show_stack+0x20/0x38 (C) [ 32.091980] dump_stack_lvl+0x8c/0xd0 [ 32.092114] print_report+0x118/0x608 [ 32.092249] kasan_report+0xdc/0x128 [ 32.092390] __asan_report_load8_noabort+0x20/0x30 [ 32.092570] kasan_atomics_helper+0x3f04/0x4858 [ 32.092704] kasan_atomics+0x198/0x2e0 [ 32.092838] kunit_try_run_case+0x170/0x3f0 [ 32.092995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.093216] kthread+0x328/0x630 [ 32.093339] ret_from_fork+0x10/0x20 [ 32.093617] [ 32.093701] Allocated by task 267: [ 32.093782] kasan_save_stack+0x3c/0x68 [ 32.093935] kasan_save_track+0x20/0x40 [ 32.094041] kasan_save_alloc_info+0x40/0x58 [ 32.094196] __kasan_kmalloc+0xd4/0xd8 [ 32.094300] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.094437] kasan_atomics+0xb8/0x2e0 [ 32.094587] kunit_try_run_case+0x170/0x3f0 [ 32.094691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.094824] kthread+0x328/0x630 [ 32.094962] ret_from_fork+0x10/0x20 [ 32.095069] [ 32.095125] The buggy address belongs to the object at fff00000c78a2180 [ 32.095125] which belongs to the cache kmalloc-64 of size 64 [ 32.095269] The buggy address is located 0 bytes to the right of [ 32.095269] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.095493] [ 32.095562] The buggy address belongs to the physical page: [ 32.095697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.095997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.096160] page_type: f5(slab) [ 32.096287] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.096505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.096699] page dumped because: kasan: bad access detected [ 32.096846] [ 32.096911] Memory state around the buggy address: [ 32.097009] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.097126] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.097276] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.097384] ^ [ 32.097512] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.097654] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.097796] ================================================================== [ 32.114583] ================================================================== [ 32.114719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 32.114858] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.115038] [ 32.115185] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.115561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.115679] Hardware name: linux,dummy-virt (DT) [ 32.115825] Call trace: [ 32.115900] show_stack+0x20/0x38 (C) [ 32.116059] dump_stack_lvl+0x8c/0xd0 [ 32.116397] print_report+0x118/0x608 [ 32.116555] kasan_report+0xdc/0x128 [ 32.116887] kasan_check_range+0x100/0x1a8 [ 32.117019] __kasan_check_write+0x20/0x30 [ 32.117167] kasan_atomics_helper+0x14e4/0x4858 [ 32.117349] kasan_atomics+0x198/0x2e0 [ 32.117563] kunit_try_run_case+0x170/0x3f0 [ 32.117722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.117956] kthread+0x328/0x630 [ 32.118147] ret_from_fork+0x10/0x20 [ 32.118354] [ 32.118460] Allocated by task 267: [ 32.118537] kasan_save_stack+0x3c/0x68 [ 32.118648] kasan_save_track+0x20/0x40 [ 32.118952] kasan_save_alloc_info+0x40/0x58 [ 32.119097] __kasan_kmalloc+0xd4/0xd8 [ 32.119408] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.119580] kasan_atomics+0xb8/0x2e0 [ 32.119733] kunit_try_run_case+0x170/0x3f0 [ 32.119846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.120006] kthread+0x328/0x630 [ 32.120162] ret_from_fork+0x10/0x20 [ 32.120317] [ 32.120389] The buggy address belongs to the object at fff00000c78a2180 [ 32.120389] which belongs to the cache kmalloc-64 of size 64 [ 32.120591] The buggy address is located 0 bytes to the right of [ 32.120591] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.120807] [ 32.120902] The buggy address belongs to the physical page: [ 32.121044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.121223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.121399] page_type: f5(slab) [ 32.121516] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.121660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.121790] page dumped because: kasan: bad access detected [ 32.122153] [ 32.122251] Memory state around the buggy address: [ 32.122371] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.122527] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.122690] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.122822] ^ [ 32.122941] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.123123] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.123273] ================================================================== [ 32.031753] ================================================================== [ 32.031903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 32.032574] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.032734] [ 32.032911] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.033549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.033646] Hardware name: linux,dummy-virt (DT) [ 32.033743] Call trace: [ 32.033844] show_stack+0x20/0x38 (C) [ 32.034115] dump_stack_lvl+0x8c/0xd0 [ 32.034707] print_report+0x118/0x608 [ 32.035105] kasan_report+0xdc/0x128 [ 32.035403] kasan_check_range+0x100/0x1a8 [ 32.035572] __kasan_check_write+0x20/0x30 [ 32.035718] kasan_atomics_helper+0x11f8/0x4858 [ 32.035865] kasan_atomics+0x198/0x2e0 [ 32.035995] kunit_try_run_case+0x170/0x3f0 [ 32.036719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.037301] kthread+0x328/0x630 [ 32.037539] ret_from_fork+0x10/0x20 [ 32.037720] [ 32.037786] Allocated by task 267: [ 32.037879] kasan_save_stack+0x3c/0x68 [ 32.037999] kasan_save_track+0x20/0x40 [ 32.038252] kasan_save_alloc_info+0x40/0x58 [ 32.038555] __kasan_kmalloc+0xd4/0xd8 [ 32.038996] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.039407] kasan_atomics+0xb8/0x2e0 [ 32.039742] kunit_try_run_case+0x170/0x3f0 [ 32.039991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.040133] kthread+0x328/0x630 [ 32.040481] ret_from_fork+0x10/0x20 [ 32.040809] [ 32.040899] The buggy address belongs to the object at fff00000c78a2180 [ 32.040899] which belongs to the cache kmalloc-64 of size 64 [ 32.041099] The buggy address is located 0 bytes to the right of [ 32.041099] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.041302] [ 32.041372] The buggy address belongs to the physical page: [ 32.041489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.041649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.042392] page_type: f5(slab) [ 32.042622] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.042889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.043119] page dumped because: kasan: bad access detected [ 32.043391] [ 32.043473] Memory state around the buggy address: [ 32.043582] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.043994] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.044139] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.044782] ^ [ 32.045130] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.045278] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.045376] ================================================================== [ 32.176210] ================================================================== [ 32.176362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 32.176596] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.176805] [ 32.176943] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.177236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.177325] Hardware name: linux,dummy-virt (DT) [ 32.177420] Call trace: [ 32.177512] show_stack+0x20/0x38 (C) [ 32.177650] dump_stack_lvl+0x8c/0xd0 [ 32.177772] print_report+0x118/0x608 [ 32.177902] kasan_report+0xdc/0x128 [ 32.178031] kasan_check_range+0x100/0x1a8 [ 32.178178] __kasan_check_write+0x20/0x30 [ 32.178321] kasan_atomics_helper+0x1644/0x4858 [ 32.178489] kasan_atomics+0x198/0x2e0 [ 32.178619] kunit_try_run_case+0x170/0x3f0 [ 32.178760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.178902] kthread+0x328/0x630 [ 32.179101] ret_from_fork+0x10/0x20 [ 32.179294] [ 32.179356] Allocated by task 267: [ 32.179466] kasan_save_stack+0x3c/0x68 [ 32.179642] kasan_save_track+0x20/0x40 [ 32.179792] kasan_save_alloc_info+0x40/0x58 [ 32.179915] __kasan_kmalloc+0xd4/0xd8 [ 32.180018] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.180170] kasan_atomics+0xb8/0x2e0 [ 32.180275] kunit_try_run_case+0x170/0x3f0 [ 32.180388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.180553] kthread+0x328/0x630 [ 32.180666] ret_from_fork+0x10/0x20 [ 32.180777] [ 32.180846] The buggy address belongs to the object at fff00000c78a2180 [ 32.180846] which belongs to the cache kmalloc-64 of size 64 [ 32.181041] The buggy address is located 0 bytes to the right of [ 32.181041] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.181267] [ 32.181339] The buggy address belongs to the physical page: [ 32.181432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.181599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.181801] page_type: f5(slab) [ 32.181942] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.182189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.182318] page dumped because: kasan: bad access detected [ 32.182397] [ 32.182466] Memory state around the buggy address: [ 32.182561] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.182705] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.182838] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.182983] ^ [ 32.183138] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.183331] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.183529] ================================================================== [ 32.193127] ================================================================== [ 32.193228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 32.193306] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.193502] [ 32.193644] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.193994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.194070] Hardware name: linux,dummy-virt (DT) [ 32.194152] Call trace: [ 32.194212] show_stack+0x20/0x38 (C) [ 32.194347] dump_stack_lvl+0x8c/0xd0 [ 32.194502] print_report+0x118/0x608 [ 32.194690] kasan_report+0xdc/0x128 [ 32.194889] kasan_check_range+0x100/0x1a8 [ 32.195087] __kasan_check_write+0x20/0x30 [ 32.195297] kasan_atomics_helper+0x16d0/0x4858 [ 32.195463] kasan_atomics+0x198/0x2e0 [ 32.195594] kunit_try_run_case+0x170/0x3f0 [ 32.195737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.195902] kthread+0x328/0x630 [ 32.196667] ret_from_fork+0x10/0x20 [ 32.197209] [ 32.197401] Allocated by task 267: [ 32.197591] kasan_save_stack+0x3c/0x68 [ 32.197764] kasan_save_track+0x20/0x40 [ 32.197907] kasan_save_alloc_info+0x40/0x58 [ 32.198058] __kasan_kmalloc+0xd4/0xd8 [ 32.198210] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.198396] kasan_atomics+0xb8/0x2e0 [ 32.198519] kunit_try_run_case+0x170/0x3f0 [ 32.198624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.199038] kthread+0x328/0x630 [ 32.199460] ret_from_fork+0x10/0x20 [ 32.199629] [ 32.199699] The buggy address belongs to the object at fff00000c78a2180 [ 32.199699] which belongs to the cache kmalloc-64 of size 64 [ 32.199937] The buggy address is located 0 bytes to the right of [ 32.199937] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.200120] [ 32.200441] The buggy address belongs to the physical page: [ 32.200663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.200861] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.201021] page_type: f5(slab) [ 32.201138] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.201310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.201492] page dumped because: kasan: bad access detected [ 32.201603] [ 32.201660] Memory state around the buggy address: [ 32.201759] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.202119] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.202283] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.202405] ^ [ 32.202566] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.202759] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.202921] ================================================================== [ 31.884383] ================================================================== [ 31.884534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 31.884686] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.884899] [ 31.885045] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.885299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.885383] Hardware name: linux,dummy-virt (DT) [ 31.885501] Call trace: [ 31.885574] show_stack+0x20/0x38 (C) [ 31.885722] dump_stack_lvl+0x8c/0xd0 [ 31.885866] print_report+0x118/0x608 [ 31.885998] kasan_report+0xdc/0x128 [ 31.886140] kasan_check_range+0x100/0x1a8 [ 31.886282] __kasan_check_read+0x20/0x30 [ 31.886477] kasan_atomics_helper+0xdd4/0x4858 [ 31.886602] kasan_atomics+0x198/0x2e0 [ 31.886727] kunit_try_run_case+0x170/0x3f0 [ 31.886857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.887021] kthread+0x328/0x630 [ 31.887166] ret_from_fork+0x10/0x20 [ 31.887422] [ 31.887505] Allocated by task 267: [ 31.887604] kasan_save_stack+0x3c/0x68 [ 31.887729] kasan_save_track+0x20/0x40 [ 31.887829] kasan_save_alloc_info+0x40/0x58 [ 31.887986] __kasan_kmalloc+0xd4/0xd8 [ 31.888147] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.888265] kasan_atomics+0xb8/0x2e0 [ 31.888414] kunit_try_run_case+0x170/0x3f0 [ 31.888538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.888824] kthread+0x328/0x630 [ 31.888941] ret_from_fork+0x10/0x20 [ 31.889038] [ 31.889108] The buggy address belongs to the object at fff00000c78a2180 [ 31.889108] which belongs to the cache kmalloc-64 of size 64 [ 31.889460] The buggy address is located 0 bytes to the right of [ 31.889460] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.889677] [ 31.889766] The buggy address belongs to the physical page: [ 31.889878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.890020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.890230] page_type: f5(slab) [ 31.890341] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.890479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.890575] page dumped because: kasan: bad access detected [ 31.890687] [ 31.890744] Memory state around the buggy address: [ 31.890845] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.890973] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.891111] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.891236] ^ [ 31.891388] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.891525] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.891677] ================================================================== [ 31.917678] ================================================================== [ 31.917806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 31.917937] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.918088] [ 31.918182] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.918839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.918994] Hardware name: linux,dummy-virt (DT) [ 31.919090] Call trace: [ 31.919199] show_stack+0x20/0x38 (C) [ 31.919421] dump_stack_lvl+0x8c/0xd0 [ 31.919575] print_report+0x118/0x608 [ 31.919751] kasan_report+0xdc/0x128 [ 31.919950] __asan_report_store8_noabort+0x20/0x30 [ 31.920163] kasan_atomics_helper+0x3e5c/0x4858 [ 31.920369] kasan_atomics+0x198/0x2e0 [ 31.920576] kunit_try_run_case+0x170/0x3f0 [ 31.920775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.920988] kthread+0x328/0x630 [ 31.921134] ret_from_fork+0x10/0x20 [ 31.921344] [ 31.921427] Allocated by task 267: [ 31.921520] kasan_save_stack+0x3c/0x68 [ 31.921622] kasan_save_track+0x20/0x40 [ 31.921720] kasan_save_alloc_info+0x40/0x58 [ 31.921899] __kasan_kmalloc+0xd4/0xd8 [ 31.922045] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.922508] kasan_atomics+0xb8/0x2e0 [ 31.922613] kunit_try_run_case+0x170/0x3f0 [ 31.923068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.923270] kthread+0x328/0x630 [ 31.923712] ret_from_fork+0x10/0x20 [ 31.923819] [ 31.923871] The buggy address belongs to the object at fff00000c78a2180 [ 31.923871] which belongs to the cache kmalloc-64 of size 64 [ 31.924284] The buggy address is located 0 bytes to the right of [ 31.924284] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.924777] [ 31.924877] The buggy address belongs to the physical page: [ 31.925023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.925256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.925395] page_type: f5(slab) [ 31.925510] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.925628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.925728] page dumped because: kasan: bad access detected [ 31.925810] [ 31.925858] Memory state around the buggy address: [ 31.925938] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.926069] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.926213] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.926316] ^ [ 31.926458] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.926576] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.926720] ================================================================== [ 31.961572] ================================================================== [ 31.961977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 31.962158] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.962315] [ 31.962768] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.963361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.963491] Hardware name: linux,dummy-virt (DT) [ 31.963677] Call trace: [ 31.963755] show_stack+0x20/0x38 (C) [ 31.964235] dump_stack_lvl+0x8c/0xd0 [ 31.964369] print_report+0x118/0x608 [ 31.964518] kasan_report+0xdc/0x128 [ 31.964649] kasan_check_range+0x100/0x1a8 [ 31.964798] __kasan_check_write+0x20/0x30 [ 31.964946] kasan_atomics_helper+0xff0/0x4858 [ 31.965094] kasan_atomics+0x198/0x2e0 [ 31.965227] kunit_try_run_case+0x170/0x3f0 [ 31.965377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.965560] kthread+0x328/0x630 [ 31.965986] ret_from_fork+0x10/0x20 [ 31.966489] [ 31.966580] Allocated by task 267: [ 31.966672] kasan_save_stack+0x3c/0x68 [ 31.966805] kasan_save_track+0x20/0x40 [ 31.966913] kasan_save_alloc_info+0x40/0x58 [ 31.967332] __kasan_kmalloc+0xd4/0xd8 [ 31.967784] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.968198] kasan_atomics+0xb8/0x2e0 [ 31.968378] kunit_try_run_case+0x170/0x3f0 [ 31.968607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.968766] kthread+0x328/0x630 [ 31.968884] ret_from_fork+0x10/0x20 [ 31.968996] [ 31.969064] The buggy address belongs to the object at fff00000c78a2180 [ 31.969064] which belongs to the cache kmalloc-64 of size 64 [ 31.969211] The buggy address is located 0 bytes to the right of [ 31.969211] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.969357] [ 31.969673] The buggy address belongs to the physical page: [ 31.969776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.970163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.970436] page_type: f5(slab) [ 31.970850] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.971173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.971319] page dumped because: kasan: bad access detected [ 31.971429] [ 31.971505] Memory state around the buggy address: [ 31.971607] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.971751] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.972309] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.972691] ^ [ 31.972967] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.973225] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.973540] ================================================================== [ 31.872746] ================================================================== [ 31.872892] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 31.873064] Read of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.873511] [ 31.873915] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.874181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.874267] Hardware name: linux,dummy-virt (DT) [ 31.874371] Call trace: [ 31.874459] show_stack+0x20/0x38 (C) [ 31.874617] dump_stack_lvl+0x8c/0xd0 [ 31.874759] print_report+0x118/0x608 [ 31.875951] kasan_report+0xdc/0x128 [ 31.876476] __asan_report_load4_noabort+0x20/0x30 [ 31.876656] kasan_atomics_helper+0x3e04/0x4858 [ 31.877160] kasan_atomics+0x198/0x2e0 [ 31.877378] kunit_try_run_case+0x170/0x3f0 [ 31.877583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.877741] kthread+0x328/0x630 [ 31.877853] ret_from_fork+0x10/0x20 [ 31.878006] [ 31.878070] Allocated by task 267: [ 31.878155] kasan_save_stack+0x3c/0x68 [ 31.878260] kasan_save_track+0x20/0x40 [ 31.878363] kasan_save_alloc_info+0x40/0x58 [ 31.878494] __kasan_kmalloc+0xd4/0xd8 [ 31.878821] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.879020] kasan_atomics+0xb8/0x2e0 [ 31.879289] kunit_try_run_case+0x170/0x3f0 [ 31.879876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.880033] kthread+0x328/0x630 [ 31.880188] ret_from_fork+0x10/0x20 [ 31.880302] [ 31.880360] The buggy address belongs to the object at fff00000c78a2180 [ 31.880360] which belongs to the cache kmalloc-64 of size 64 [ 31.880678] The buggy address is located 0 bytes to the right of [ 31.880678] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.880958] [ 31.881043] The buggy address belongs to the physical page: [ 31.881148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.881312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.881484] page_type: f5(slab) [ 31.881582] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.881700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.881822] page dumped because: kasan: bad access detected [ 31.881927] [ 31.881983] Memory state around the buggy address: [ 31.882113] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.882237] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.882359] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.882527] ^ [ 31.882714] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.882864] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.882977] ================================================================== [ 31.893582] ================================================================== [ 31.893797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 31.894009] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.894168] [ 31.894273] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.894536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.894626] Hardware name: linux,dummy-virt (DT) [ 31.894726] Call trace: [ 31.894791] show_stack+0x20/0x38 (C) [ 31.894934] dump_stack_lvl+0x8c/0xd0 [ 31.895083] print_report+0x118/0x608 [ 31.895222] kasan_report+0xdc/0x128 [ 31.895363] __asan_report_load8_noabort+0x20/0x30 [ 31.895944] kasan_atomics_helper+0x3f58/0x4858 [ 31.896597] kasan_atomics+0x198/0x2e0 [ 31.896780] kunit_try_run_case+0x170/0x3f0 [ 31.897117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.897734] kthread+0x328/0x630 [ 31.898718] ret_from_fork+0x10/0x20 [ 31.899066] [ 31.899157] Allocated by task 267: [ 31.899260] kasan_save_stack+0x3c/0x68 [ 31.899558] kasan_save_track+0x20/0x40 [ 31.899679] kasan_save_alloc_info+0x40/0x58 [ 31.899811] __kasan_kmalloc+0xd4/0xd8 [ 31.899923] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.900035] kasan_atomics+0xb8/0x2e0 [ 31.900123] kunit_try_run_case+0x170/0x3f0 [ 31.900228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.900364] kthread+0x328/0x630 [ 31.900495] ret_from_fork+0x10/0x20 [ 31.902250] [ 31.902339] The buggy address belongs to the object at fff00000c78a2180 [ 31.902339] which belongs to the cache kmalloc-64 of size 64 [ 31.902549] The buggy address is located 0 bytes to the right of [ 31.902549] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.902756] [ 31.902820] The buggy address belongs to the physical page: [ 31.902919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.903085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.903241] page_type: f5(slab) [ 31.903364] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.905077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.905233] page dumped because: kasan: bad access detected [ 31.905345] [ 31.905406] Memory state around the buggy address: [ 31.905728] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.905868] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.906004] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.906114] ^ [ 31.906220] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.906350] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.906633] ================================================================== [ 32.002134] ================================================================== [ 32.002472] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 32.002780] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.003132] [ 32.003332] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.003852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.004175] Hardware name: linux,dummy-virt (DT) [ 32.004291] Call trace: [ 32.004552] show_stack+0x20/0x38 (C) [ 32.004949] dump_stack_lvl+0x8c/0xd0 [ 32.005295] print_report+0x118/0x608 [ 32.005675] kasan_report+0xdc/0x128 [ 32.006217] kasan_check_range+0x100/0x1a8 [ 32.006540] __kasan_check_write+0x20/0x30 [ 32.006879] kasan_atomics_helper+0x1128/0x4858 [ 32.007290] kasan_atomics+0x198/0x2e0 [ 32.007582] kunit_try_run_case+0x170/0x3f0 [ 32.007851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.008288] kthread+0x328/0x630 [ 32.008654] ret_from_fork+0x10/0x20 [ 32.008806] [ 32.008868] Allocated by task 267: [ 32.008953] kasan_save_stack+0x3c/0x68 [ 32.009323] kasan_save_track+0x20/0x40 [ 32.009785] kasan_save_alloc_info+0x40/0x58 [ 32.009938] __kasan_kmalloc+0xd4/0xd8 [ 32.010229] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.010376] kasan_atomics+0xb8/0x2e0 [ 32.010819] kunit_try_run_case+0x170/0x3f0 [ 32.011466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.011679] kthread+0x328/0x630 [ 32.011853] ret_from_fork+0x10/0x20 [ 32.011976] [ 32.012031] The buggy address belongs to the object at fff00000c78a2180 [ 32.012031] which belongs to the cache kmalloc-64 of size 64 [ 32.012231] The buggy address is located 0 bytes to the right of [ 32.012231] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.012488] [ 32.012567] The buggy address belongs to the physical page: [ 32.012699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.012866] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.013022] page_type: f5(slab) [ 32.013125] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.013246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.013550] page dumped because: kasan: bad access detected [ 32.013655] [ 32.013719] Memory state around the buggy address: [ 32.014069] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.014249] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.014385] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.014524] ^ [ 32.014642] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.014782] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.014901] ================================================================== [ 31.974417] ================================================================== [ 31.974808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 31.974964] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.975125] [ 31.975227] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.975504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.975594] Hardware name: linux,dummy-virt (DT) [ 31.975693] Call trace: [ 31.975773] show_stack+0x20/0x38 (C) [ 31.975971] dump_stack_lvl+0x8c/0xd0 [ 31.976409] print_report+0x118/0x608 [ 31.976671] kasan_report+0xdc/0x128 [ 31.977024] kasan_check_range+0x100/0x1a8 [ 31.977279] __kasan_check_write+0x20/0x30 [ 31.977460] kasan_atomics_helper+0x1058/0x4858 [ 31.977610] kasan_atomics+0x198/0x2e0 [ 31.977748] kunit_try_run_case+0x170/0x3f0 [ 31.978144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.978486] kthread+0x328/0x630 [ 31.978735] ret_from_fork+0x10/0x20 [ 31.978960] [ 31.979030] Allocated by task 267: [ 31.979124] kasan_save_stack+0x3c/0x68 [ 31.979271] kasan_save_track+0x20/0x40 [ 31.979399] kasan_save_alloc_info+0x40/0x58 [ 31.979536] __kasan_kmalloc+0xd4/0xd8 [ 31.979666] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.979799] kasan_atomics+0xb8/0x2e0 [ 31.979906] kunit_try_run_case+0x170/0x3f0 [ 31.980397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.980802] kthread+0x328/0x630 [ 31.980936] ret_from_fork+0x10/0x20 [ 31.981029] [ 31.981085] The buggy address belongs to the object at fff00000c78a2180 [ 31.981085] which belongs to the cache kmalloc-64 of size 64 [ 31.981508] The buggy address is located 0 bytes to the right of [ 31.981508] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.982368] [ 31.982951] The buggy address belongs to the physical page: [ 31.983077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.983333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.983593] page_type: f5(slab) [ 31.984030] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.984281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.984503] page dumped because: kasan: bad access detected [ 31.984800] [ 31.984992] Memory state around the buggy address: [ 31.985174] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.985512] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.985630] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.985728] ^ [ 31.985820] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.985917] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.986025] ================================================================== [ 32.153144] ================================================================== [ 32.153649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 32.153809] Read of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.155558] [ 32.155707] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.155963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.156049] Hardware name: linux,dummy-virt (DT) [ 32.156152] Call trace: [ 32.156219] show_stack+0x20/0x38 (C) [ 32.156372] dump_stack_lvl+0x8c/0xd0 [ 32.156540] print_report+0x118/0x608 [ 32.156680] kasan_report+0xdc/0x128 [ 32.156822] __asan_report_load8_noabort+0x20/0x30 [ 32.156974] kasan_atomics_helper+0x3db0/0x4858 [ 32.157122] kasan_atomics+0x198/0x2e0 [ 32.157259] kunit_try_run_case+0x170/0x3f0 [ 32.157412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.160412] kthread+0x328/0x630 [ 32.161568] ret_from_fork+0x10/0x20 [ 32.162302] [ 32.162876] Allocated by task 267: [ 32.163020] kasan_save_stack+0x3c/0x68 [ 32.163439] kasan_save_track+0x20/0x40 [ 32.164182] kasan_save_alloc_info+0x40/0x58 [ 32.164324] __kasan_kmalloc+0xd4/0xd8 [ 32.164421] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.164536] kasan_atomics+0xb8/0x2e0 [ 32.164621] kunit_try_run_case+0x170/0x3f0 [ 32.164720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.164830] kthread+0x328/0x630 [ 32.164921] ret_from_fork+0x10/0x20 [ 32.165026] [ 32.165091] The buggy address belongs to the object at fff00000c78a2180 [ 32.165091] which belongs to the cache kmalloc-64 of size 64 [ 32.165280] The buggy address is located 0 bytes to the right of [ 32.165280] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.165503] [ 32.168089] The buggy address belongs to the physical page: [ 32.168420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.168585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.169238] page_type: f5(slab) [ 32.169697] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.169891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.170033] page dumped because: kasan: bad access detected [ 32.170132] [ 32.170194] Memory state around the buggy address: [ 32.170296] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.170440] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.172637] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.172887] ^ [ 32.173973] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.174796] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.175144] ================================================================== [ 32.060077] ================================================================== [ 32.060518] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 32.060745] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.060910] [ 32.060998] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.061238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.061327] Hardware name: linux,dummy-virt (DT) [ 32.061541] Call trace: [ 32.061620] show_stack+0x20/0x38 (C) [ 32.061968] dump_stack_lvl+0x8c/0xd0 [ 32.062205] print_report+0x118/0x608 [ 32.062359] kasan_report+0xdc/0x128 [ 32.062564] kasan_check_range+0x100/0x1a8 [ 32.062721] __kasan_check_write+0x20/0x30 [ 32.062888] kasan_atomics_helper+0x12d8/0x4858 [ 32.063091] kasan_atomics+0x198/0x2e0 [ 32.063278] kunit_try_run_case+0x170/0x3f0 [ 32.063488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.063680] kthread+0x328/0x630 [ 32.063845] ret_from_fork+0x10/0x20 [ 32.064027] [ 32.064084] Allocated by task 267: [ 32.064170] kasan_save_stack+0x3c/0x68 [ 32.064294] kasan_save_track+0x20/0x40 [ 32.064804] kasan_save_alloc_info+0x40/0x58 [ 32.064980] __kasan_kmalloc+0xd4/0xd8 [ 32.065320] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.065483] kasan_atomics+0xb8/0x2e0 [ 32.065584] kunit_try_run_case+0x170/0x3f0 [ 32.065684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.065795] kthread+0x328/0x630 [ 32.066153] ret_from_fork+0x10/0x20 [ 32.066289] [ 32.066350] The buggy address belongs to the object at fff00000c78a2180 [ 32.066350] which belongs to the cache kmalloc-64 of size 64 [ 32.066574] The buggy address is located 0 bytes to the right of [ 32.066574] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.066826] [ 32.066899] The buggy address belongs to the physical page: [ 32.067040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.067267] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.067489] page_type: f5(slab) [ 32.067657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.067814] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.067993] page dumped because: kasan: bad access detected [ 32.068086] [ 32.068147] Memory state around the buggy address: [ 32.068343] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.068503] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.068989] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.069136] ^ [ 32.069865] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.070582] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.071183] ================================================================== [ 31.862479] ================================================================== [ 31.862627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 31.862783] Write of size 4 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.864094] [ 31.864222] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.864359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.864400] Hardware name: linux,dummy-virt (DT) [ 31.864471] Call trace: [ 31.864541] show_stack+0x20/0x38 (C) [ 31.864676] dump_stack_lvl+0x8c/0xd0 [ 31.864793] print_report+0x118/0x608 [ 31.864900] kasan_report+0xdc/0x128 [ 31.865014] kasan_check_range+0x100/0x1a8 [ 31.865133] __kasan_check_write+0x20/0x30 [ 31.865264] kasan_atomics_helper+0xd3c/0x4858 [ 31.865403] kasan_atomics+0x198/0x2e0 [ 31.865549] kunit_try_run_case+0x170/0x3f0 [ 31.865689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.865856] kthread+0x328/0x630 [ 31.865998] ret_from_fork+0x10/0x20 [ 31.866353] [ 31.866471] Allocated by task 267: [ 31.866573] kasan_save_stack+0x3c/0x68 [ 31.867070] kasan_save_track+0x20/0x40 [ 31.867216] kasan_save_alloc_info+0x40/0x58 [ 31.867331] __kasan_kmalloc+0xd4/0xd8 [ 31.867465] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.867611] kasan_atomics+0xb8/0x2e0 [ 31.867772] kunit_try_run_case+0x170/0x3f0 [ 31.867902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.868046] kthread+0x328/0x630 [ 31.868200] ret_from_fork+0x10/0x20 [ 31.868356] [ 31.868421] The buggy address belongs to the object at fff00000c78a2180 [ 31.868421] which belongs to the cache kmalloc-64 of size 64 [ 31.868619] The buggy address is located 0 bytes to the right of [ 31.868619] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.868830] [ 31.868922] The buggy address belongs to the physical page: [ 31.869077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.869305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.869500] page_type: f5(slab) [ 31.869603] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.869747] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.869880] page dumped because: kasan: bad access detected [ 31.869985] [ 31.870152] Memory state around the buggy address: [ 31.870348] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.870496] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.870627] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.870744] ^ [ 31.870837] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.870975] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.871112] ================================================================== [ 32.017491] ================================================================== [ 32.017765] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 32.017925] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 32.018077] [ 32.018175] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 32.018420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.018512] Hardware name: linux,dummy-virt (DT) [ 32.018609] Call trace: [ 32.018676] show_stack+0x20/0x38 (C) [ 32.018830] dump_stack_lvl+0x8c/0xd0 [ 32.018970] print_report+0x118/0x608 [ 32.019681] kasan_report+0xdc/0x128 [ 32.020053] kasan_check_range+0x100/0x1a8 [ 32.020413] __kasan_check_write+0x20/0x30 [ 32.020712] kasan_atomics_helper+0x1190/0x4858 [ 32.020907] kasan_atomics+0x198/0x2e0 [ 32.021022] kunit_try_run_case+0x170/0x3f0 [ 32.021155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.021322] kthread+0x328/0x630 [ 32.021955] ret_from_fork+0x10/0x20 [ 32.022290] [ 32.022487] Allocated by task 267: [ 32.022992] kasan_save_stack+0x3c/0x68 [ 32.023306] kasan_save_track+0x20/0x40 [ 32.023700] kasan_save_alloc_info+0x40/0x58 [ 32.023865] __kasan_kmalloc+0xd4/0xd8 [ 32.024018] __kmalloc_cache_noprof+0x15c/0x3c0 [ 32.024236] kasan_atomics+0xb8/0x2e0 [ 32.024358] kunit_try_run_case+0x170/0x3f0 [ 32.024501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.024846] kthread+0x328/0x630 [ 32.024966] ret_from_fork+0x10/0x20 [ 32.025057] [ 32.025323] The buggy address belongs to the object at fff00000c78a2180 [ 32.025323] which belongs to the cache kmalloc-64 of size 64 [ 32.025531] The buggy address is located 0 bytes to the right of [ 32.025531] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 32.025990] [ 32.026627] The buggy address belongs to the physical page: [ 32.026883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 32.027060] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.027585] page_type: f5(slab) [ 32.027730] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 32.028264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 32.028611] page dumped because: kasan: bad access detected [ 32.028754] [ 32.028810] Memory state around the buggy address: [ 32.028896] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.029020] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.029160] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 32.029564] ^ [ 32.029808] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.030272] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.030734] ================================================================== [ 31.950496] ================================================================== [ 31.950665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 31.950809] Write of size 8 at addr fff00000c78a21b0 by task kunit_try_catch/267 [ 31.951130] [ 31.951262] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.951548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.951640] Hardware name: linux,dummy-virt (DT) [ 31.951772] Call trace: [ 31.951854] show_stack+0x20/0x38 (C) [ 31.952071] dump_stack_lvl+0x8c/0xd0 [ 31.952208] print_report+0x118/0x608 [ 31.952318] kasan_report+0xdc/0x128 [ 31.952532] kasan_check_range+0x100/0x1a8 [ 31.952653] __kasan_check_write+0x20/0x30 [ 31.952728] kasan_atomics_helper+0xf88/0x4858 [ 31.952831] kasan_atomics+0x198/0x2e0 [ 31.952951] kunit_try_run_case+0x170/0x3f0 [ 31.953094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.953588] kthread+0x328/0x630 [ 31.954004] ret_from_fork+0x10/0x20 [ 31.954336] [ 31.954428] Allocated by task 267: [ 31.954537] kasan_save_stack+0x3c/0x68 [ 31.954668] kasan_save_track+0x20/0x40 [ 31.954794] kasan_save_alloc_info+0x40/0x58 [ 31.954970] __kasan_kmalloc+0xd4/0xd8 [ 31.955075] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.955199] kasan_atomics+0xb8/0x2e0 [ 31.955308] kunit_try_run_case+0x170/0x3f0 [ 31.955441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.955589] kthread+0x328/0x630 [ 31.955706] ret_from_fork+0x10/0x20 [ 31.955822] [ 31.955885] The buggy address belongs to the object at fff00000c78a2180 [ 31.955885] which belongs to the cache kmalloc-64 of size 64 [ 31.956067] The buggy address is located 0 bytes to the right of [ 31.956067] allocated 48-byte region [fff00000c78a2180, fff00000c78a21b0) [ 31.956267] [ 31.956374] The buggy address belongs to the physical page: [ 31.956807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a2 [ 31.957246] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.957612] page_type: f5(slab) [ 31.957751] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 31.958031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.958159] page dumped because: kasan: bad access detected [ 31.958239] [ 31.958284] Memory state around the buggy address: [ 31.958545] fff00000c78a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.958683] fff00000c78a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.958871] >fff00000c78a2180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.958996] ^ [ 31.959140] fff00000c78a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.959328] fff00000c78a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.959526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 31.097765] ================================================================== [ 31.098024] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 31.098247] Write of size 8 at addr fff00000c5a2a728 by task kunit_try_catch/263 [ 31.098395] [ 31.098555] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.099143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.099262] Hardware name: linux,dummy-virt (DT) [ 31.099426] Call trace: [ 31.099512] show_stack+0x20/0x38 (C) [ 31.099710] dump_stack_lvl+0x8c/0xd0 [ 31.099913] print_report+0x118/0x608 [ 31.100043] kasan_report+0xdc/0x128 [ 31.100437] kasan_check_range+0x100/0x1a8 [ 31.100649] __kasan_check_write+0x20/0x30 [ 31.100846] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 31.101078] kasan_bitops_generic+0x110/0x1c8 [ 31.101279] kunit_try_run_case+0x170/0x3f0 [ 31.101494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.101928] kthread+0x328/0x630 [ 31.102133] ret_from_fork+0x10/0x20 [ 31.102280] [ 31.102341] Allocated by task 263: [ 31.102586] kasan_save_stack+0x3c/0x68 [ 31.102962] kasan_save_track+0x20/0x40 [ 31.103173] kasan_save_alloc_info+0x40/0x58 [ 31.103299] __kasan_kmalloc+0xd4/0xd8 [ 31.103430] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.103586] kasan_bitops_generic+0xa0/0x1c8 [ 31.103703] kunit_try_run_case+0x170/0x3f0 [ 31.103831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.103969] kthread+0x328/0x630 [ 31.104089] ret_from_fork+0x10/0x20 [ 31.104503] [ 31.104570] The buggy address belongs to the object at fff00000c5a2a720 [ 31.104570] which belongs to the cache kmalloc-16 of size 16 [ 31.104879] The buggy address is located 8 bytes inside of [ 31.104879] allocated 9-byte region [fff00000c5a2a720, fff00000c5a2a729) [ 31.105068] [ 31.105394] The buggy address belongs to the physical page: [ 31.105568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 31.105798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.106008] page_type: f5(slab) [ 31.106126] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.106282] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.106472] page dumped because: kasan: bad access detected [ 31.106570] [ 31.106632] Memory state around the buggy address: [ 31.106736] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.106874] fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.107013] >fff00000c5a2a700: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.107139] ^ [ 31.107242] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.107391] fff00000c5a2a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.107547] ================================================================== [ 31.109835] ================================================================== [ 31.110041] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 31.110205] Read of size 8 at addr fff00000c5a2a728 by task kunit_try_catch/263 [ 31.110424] [ 31.110640] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.111192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.111300] Hardware name: linux,dummy-virt (DT) [ 31.111427] Call trace: [ 31.111530] show_stack+0x20/0x38 (C) [ 31.111681] dump_stack_lvl+0x8c/0xd0 [ 31.112123] print_report+0x118/0x608 [ 31.112302] kasan_report+0xdc/0x128 [ 31.112493] __asan_report_load8_noabort+0x20/0x30 [ 31.112686] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 31.112903] kasan_bitops_generic+0x110/0x1c8 [ 31.113056] kunit_try_run_case+0x170/0x3f0 [ 31.113248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.113397] kthread+0x328/0x630 [ 31.113540] ret_from_fork+0x10/0x20 [ 31.113688] [ 31.113755] Allocated by task 263: [ 31.113846] kasan_save_stack+0x3c/0x68 [ 31.113967] kasan_save_track+0x20/0x40 [ 31.114080] kasan_save_alloc_info+0x40/0x58 [ 31.114207] __kasan_kmalloc+0xd4/0xd8 [ 31.114314] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.114833] kasan_bitops_generic+0xa0/0x1c8 [ 31.115186] kunit_try_run_case+0x170/0x3f0 [ 31.115432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.115682] kthread+0x328/0x630 [ 31.115819] ret_from_fork+0x10/0x20 [ 31.116021] [ 31.116116] The buggy address belongs to the object at fff00000c5a2a720 [ 31.116116] which belongs to the cache kmalloc-16 of size 16 [ 31.116281] The buggy address is located 8 bytes inside of [ 31.116281] allocated 9-byte region [fff00000c5a2a720, fff00000c5a2a729) [ 31.116813] [ 31.116907] The buggy address belongs to the physical page: [ 31.117013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 31.117179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.117379] page_type: f5(slab) [ 31.117539] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 31.117685] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.118066] page dumped because: kasan: bad access detected [ 31.118192] [ 31.118275] Memory state around the buggy address: [ 31.118393] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.118580] fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.118797] >fff00000c5a2a700: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 31.118942] ^ [ 31.119039] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.119435] fff00000c5a2a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.119586] ================================================================== [ 31.121602] ================================================================== [ 31.121784] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 31.122717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.124114] __kasan_check_write+0x20/0x30 [ 31.124655] kthread+0x328/0x630 [ 31.128939] The buggy address is located 8 bytes inside of [ 31.128939] allocated 9-byte region [fff00000c5a2a720, fff00000c5a2a729) [ 31.131035] fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.132011] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 31.064332] ================================================================== [ 31.064506] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 31.064657] Read of size 1 at addr fff00000c77a2dd0 by task kunit_try_catch/261 [ 31.064810] [ 31.064909] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.065162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.065251] Hardware name: linux,dummy-virt (DT) [ 31.065731] Call trace: [ 31.065934] show_stack+0x20/0x38 (C) [ 31.066107] dump_stack_lvl+0x8c/0xd0 [ 31.066257] print_report+0x118/0x608 [ 31.066387] kasan_report+0xdc/0x128 [ 31.066595] __asan_report_load1_noabort+0x20/0x30 [ 31.066848] strnlen+0x80/0x88 [ 31.067396] kasan_strings+0x478/0xb00 [ 31.067585] kunit_try_run_case+0x170/0x3f0 [ 31.067862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.068393] kthread+0x328/0x630 [ 31.068587] ret_from_fork+0x10/0x20 [ 31.068887] [ 31.068971] Allocated by task 261: [ 31.069166] kasan_save_stack+0x3c/0x68 [ 31.069386] kasan_save_track+0x20/0x40 [ 31.069617] kasan_save_alloc_info+0x40/0x58 [ 31.069834] __kasan_kmalloc+0xd4/0xd8 [ 31.070408] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.070664] kasan_strings+0xc8/0xb00 [ 31.070827] kunit_try_run_case+0x170/0x3f0 [ 31.071055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.071286] kthread+0x328/0x630 [ 31.071427] ret_from_fork+0x10/0x20 [ 31.071781] [ 31.071870] Freed by task 261: [ 31.072115] kasan_save_stack+0x3c/0x68 [ 31.072268] kasan_save_track+0x20/0x40 [ 31.072415] kasan_save_free_info+0x4c/0x78 [ 31.072582] __kasan_slab_free+0x6c/0x98 [ 31.072698] kfree+0x214/0x3c8 [ 31.072926] kasan_strings+0x24c/0xb00 [ 31.073052] kunit_try_run_case+0x170/0x3f0 [ 31.073224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.073383] kthread+0x328/0x630 [ 31.073494] ret_from_fork+0x10/0x20 [ 31.073582] [ 31.073630] The buggy address belongs to the object at fff00000c77a2dc0 [ 31.073630] which belongs to the cache kmalloc-32 of size 32 [ 31.073785] The buggy address is located 16 bytes inside of [ 31.073785] freed 32-byte region [fff00000c77a2dc0, fff00000c77a2de0) [ 31.074027] [ 31.074120] The buggy address belongs to the physical page: [ 31.074261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a2 [ 31.074482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.074624] page_type: f5(slab) [ 31.074933] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 31.075216] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.075341] page dumped because: kasan: bad access detected [ 31.075475] [ 31.075532] Memory state around the buggy address: [ 31.075637] fff00000c77a2c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.075776] fff00000c77a2d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.075924] >fff00000c77a2d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.076038] ^ [ 31.076580] fff00000c77a2e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.076784] fff00000c77a2e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.076960] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 31.045554] ================================================================== [ 31.045774] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 31.045951] Read of size 1 at addr fff00000c77a2dd0 by task kunit_try_catch/261 [ 31.046108] [ 31.046210] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.046469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.047332] Hardware name: linux,dummy-virt (DT) [ 31.047491] Call trace: [ 31.047566] show_stack+0x20/0x38 (C) [ 31.047796] dump_stack_lvl+0x8c/0xd0 [ 31.048040] print_report+0x118/0x608 [ 31.048712] kasan_report+0xdc/0x128 [ 31.048893] __asan_report_load1_noabort+0x20/0x30 [ 31.049049] strlen+0xa8/0xb0 [ 31.049185] kasan_strings+0x418/0xb00 [ 31.049329] kunit_try_run_case+0x170/0x3f0 [ 31.049496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.049925] kthread+0x328/0x630 [ 31.051061] ret_from_fork+0x10/0x20 [ 31.051326] [ 31.051500] Allocated by task 261: [ 31.051604] kasan_save_stack+0x3c/0x68 [ 31.051738] kasan_save_track+0x20/0x40 [ 31.052085] kasan_save_alloc_info+0x40/0x58 [ 31.052607] __kasan_kmalloc+0xd4/0xd8 [ 31.052763] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.052938] kasan_strings+0xc8/0xb00 [ 31.053397] kunit_try_run_case+0x170/0x3f0 [ 31.053793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.054269] kthread+0x328/0x630 [ 31.054435] ret_from_fork+0x10/0x20 [ 31.054569] [ 31.054637] Freed by task 261: [ 31.054728] kasan_save_stack+0x3c/0x68 [ 31.055264] kasan_save_track+0x20/0x40 [ 31.055420] kasan_save_free_info+0x4c/0x78 [ 31.056040] __kasan_slab_free+0x6c/0x98 [ 31.056197] kfree+0x214/0x3c8 [ 31.056298] kasan_strings+0x24c/0xb00 [ 31.056394] kunit_try_run_case+0x170/0x3f0 [ 31.056508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.056630] kthread+0x328/0x630 [ 31.056741] ret_from_fork+0x10/0x20 [ 31.056860] [ 31.056922] The buggy address belongs to the object at fff00000c77a2dc0 [ 31.056922] which belongs to the cache kmalloc-32 of size 32 [ 31.057116] The buggy address is located 16 bytes inside of [ 31.057116] freed 32-byte region [fff00000c77a2dc0, fff00000c77a2de0) [ 31.057314] [ 31.057384] The buggy address belongs to the physical page: [ 31.058770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a2 [ 31.059021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.059264] page_type: f5(slab) [ 31.059502] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 31.060288] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.060459] page dumped because: kasan: bad access detected [ 31.060645] [ 31.060706] Memory state around the buggy address: [ 31.060896] fff00000c77a2c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.061406] fff00000c77a2d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.061596] >fff00000c77a2d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.061827] ^ [ 31.062040] fff00000c77a2e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.062267] fff00000c77a2e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.062418] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 31.024458] ================================================================== [ 31.025147] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 31.025437] Read of size 1 at addr fff00000c77a2dd0 by task kunit_try_catch/261 [ 31.025734] [ 31.025850] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.026196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.026312] Hardware name: linux,dummy-virt (DT) [ 31.026934] Call trace: [ 31.027135] show_stack+0x20/0x38 (C) [ 31.027411] dump_stack_lvl+0x8c/0xd0 [ 31.027588] print_report+0x118/0x608 [ 31.027734] kasan_report+0xdc/0x128 [ 31.027874] __asan_report_load1_noabort+0x20/0x30 [ 31.028037] kasan_strings+0x95c/0xb00 [ 31.028788] kunit_try_run_case+0x170/0x3f0 [ 31.029344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.029535] kthread+0x328/0x630 [ 31.029686] ret_from_fork+0x10/0x20 [ 31.029837] [ 31.029900] Allocated by task 261: [ 31.029986] kasan_save_stack+0x3c/0x68 [ 31.030115] kasan_save_track+0x20/0x40 [ 31.030530] kasan_save_alloc_info+0x40/0x58 [ 31.031392] __kasan_kmalloc+0xd4/0xd8 [ 31.031659] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.031919] kasan_strings+0xc8/0xb00 [ 31.032532] kunit_try_run_case+0x170/0x3f0 [ 31.032819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.033393] kthread+0x328/0x630 [ 31.033548] ret_from_fork+0x10/0x20 [ 31.033645] [ 31.033697] Freed by task 261: [ 31.033774] kasan_save_stack+0x3c/0x68 [ 31.034538] kasan_save_track+0x20/0x40 [ 31.034700] kasan_save_free_info+0x4c/0x78 [ 31.034808] __kasan_slab_free+0x6c/0x98 [ 31.034991] kfree+0x214/0x3c8 [ 31.035151] kasan_strings+0x24c/0xb00 [ 31.035263] kunit_try_run_case+0x170/0x3f0 [ 31.035410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.035571] kthread+0x328/0x630 [ 31.035682] ret_from_fork+0x10/0x20 [ 31.035802] [ 31.035868] The buggy address belongs to the object at fff00000c77a2dc0 [ 31.035868] which belongs to the cache kmalloc-32 of size 32 [ 31.036618] The buggy address is located 16 bytes inside of [ 31.036618] freed 32-byte region [fff00000c77a2dc0, fff00000c77a2de0) [ 31.036852] [ 31.037122] The buggy address belongs to the physical page: [ 31.037249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a2 [ 31.037650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.037803] page_type: f5(slab) [ 31.038236] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 31.038528] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.038718] page dumped because: kasan: bad access detected [ 31.038832] [ 31.039090] Memory state around the buggy address: [ 31.039225] fff00000c77a2c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.039369] fff00000c77a2d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.039982] >fff00000c77a2d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.040672] ^ [ 31.040797] fff00000c77a2e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.040946] fff00000c77a2e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.041076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 31.012700] ================================================================== [ 31.012886] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 31.013038] Read of size 1 at addr fff00000c77a2dd0 by task kunit_try_catch/261 [ 31.013191] [ 31.013291] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 31.013526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.013608] Hardware name: linux,dummy-virt (DT) [ 31.013708] Call trace: [ 31.013781] show_stack+0x20/0x38 (C) [ 31.013941] dump_stack_lvl+0x8c/0xd0 [ 31.014095] print_report+0x118/0x608 [ 31.014230] kasan_report+0xdc/0x128 [ 31.014397] __asan_report_load1_noabort+0x20/0x30 [ 31.014568] strcmp+0xc0/0xc8 [ 31.014743] kasan_strings+0x340/0xb00 [ 31.014939] kunit_try_run_case+0x170/0x3f0 [ 31.015088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.015325] kthread+0x328/0x630 [ 31.015507] ret_from_fork+0x10/0x20 [ 31.015705] [ 31.015791] Allocated by task 261: [ 31.015908] kasan_save_stack+0x3c/0x68 [ 31.016029] kasan_save_track+0x20/0x40 [ 31.016140] kasan_save_alloc_info+0x40/0x58 [ 31.016262] __kasan_kmalloc+0xd4/0xd8 [ 31.016467] __kmalloc_cache_noprof+0x15c/0x3c0 [ 31.016611] kasan_strings+0xc8/0xb00 [ 31.016740] kunit_try_run_case+0x170/0x3f0 [ 31.016905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.017060] kthread+0x328/0x630 [ 31.017253] ret_from_fork+0x10/0x20 [ 31.017390] [ 31.017496] Freed by task 261: [ 31.017574] kasan_save_stack+0x3c/0x68 [ 31.017681] kasan_save_track+0x20/0x40 [ 31.017790] kasan_save_free_info+0x4c/0x78 [ 31.017900] __kasan_slab_free+0x6c/0x98 [ 31.018016] kfree+0x214/0x3c8 [ 31.018116] kasan_strings+0x24c/0xb00 [ 31.018211] kunit_try_run_case+0x170/0x3f0 [ 31.018306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.018422] kthread+0x328/0x630 [ 31.018550] ret_from_fork+0x10/0x20 [ 31.018717] [ 31.018789] The buggy address belongs to the object at fff00000c77a2dc0 [ 31.018789] which belongs to the cache kmalloc-32 of size 32 [ 31.019000] The buggy address is located 16 bytes inside of [ 31.019000] freed 32-byte region [fff00000c77a2dc0, fff00000c77a2de0) [ 31.019224] [ 31.019282] The buggy address belongs to the physical page: [ 31.019409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a2 [ 31.019582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.019796] page_type: f5(slab) [ 31.019945] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 31.020253] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 31.020370] page dumped because: kasan: bad access detected [ 31.020481] [ 31.020540] Memory state around the buggy address: [ 31.020668] fff00000c77a2c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 31.020801] fff00000c77a2d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 31.020914] >fff00000c77a2d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.021082] ^ [ 31.021286] fff00000c77a2e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 31.021507] fff00000c77a2e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 31.021805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 30.967755] ================================================================== [ 30.969148] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 30.969370] Read of size 1 at addr fff00000c77a2c18 by task kunit_try_catch/259 [ 30.969549] [ 30.969640] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.969767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.969812] Hardware name: linux,dummy-virt (DT) [ 30.969862] Call trace: [ 30.969900] show_stack+0x20/0x38 (C) [ 30.969981] dump_stack_lvl+0x8c/0xd0 [ 30.970056] print_report+0x118/0x608 [ 30.970127] kasan_report+0xdc/0x128 [ 30.970193] __asan_report_load1_noabort+0x20/0x30 [ 30.970268] memcmp+0x198/0x1d8 [ 30.970332] kasan_memcmp+0x16c/0x300 [ 30.970402] kunit_try_run_case+0x170/0x3f0 [ 30.970643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.971615] kthread+0x328/0x630 [ 30.972794] ret_from_fork+0x10/0x20 [ 30.973116] [ 30.973267] Allocated by task 259: [ 30.973494] kasan_save_stack+0x3c/0x68 [ 30.973747] kasan_save_track+0x20/0x40 [ 30.973924] kasan_save_alloc_info+0x40/0x58 [ 30.974020] __kasan_kmalloc+0xd4/0xd8 [ 30.974108] __kmalloc_cache_noprof+0x15c/0x3c0 [ 30.974622] kasan_memcmp+0xbc/0x300 [ 30.974874] kunit_try_run_case+0x170/0x3f0 [ 30.975397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.975736] kthread+0x328/0x630 [ 30.975935] ret_from_fork+0x10/0x20 [ 30.976053] [ 30.976261] The buggy address belongs to the object at fff00000c77a2c00 [ 30.976261] which belongs to the cache kmalloc-32 of size 32 [ 30.976475] The buggy address is located 0 bytes to the right of [ 30.976475] allocated 24-byte region [fff00000c77a2c00, fff00000c77a2c18) [ 30.976685] [ 30.977130] The buggy address belongs to the physical page: [ 30.977246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a2 [ 30.977511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.977860] page_type: f5(slab) [ 30.978099] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 30.978646] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 30.978948] page dumped because: kasan: bad access detected [ 30.979328] [ 30.979397] Memory state around the buggy address: [ 30.979510] fff00000c77a2b00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 30.979649] fff00000c77a2b80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 30.979790] >fff00000c77a2c00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.979911] ^ [ 30.980007] fff00000c77a2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.980147] fff00000c77a2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.980273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 30.877992] ================================================================== [ 30.878204] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 30.878398] Read of size 1 at addr ffff800080ad7b4a by task kunit_try_catch/255 [ 30.878560] [ 30.878661] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.878919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.879009] Hardware name: linux,dummy-virt (DT) [ 30.879112] Call trace: [ 30.879187] show_stack+0x20/0x38 (C) [ 30.879344] dump_stack_lvl+0x8c/0xd0 [ 30.880177] print_report+0x310/0x608 [ 30.880504] kasan_report+0xdc/0x128 [ 30.880869] __asan_report_load1_noabort+0x20/0x30 [ 30.881319] kasan_alloca_oob_right+0x2dc/0x340 [ 30.881746] kunit_try_run_case+0x170/0x3f0 [ 30.882189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.882707] kthread+0x328/0x630 [ 30.883080] ret_from_fork+0x10/0x20 [ 30.883346] [ 30.883424] The buggy address belongs to stack of task kunit_try_catch/255 [ 30.884125] [ 30.884412] The buggy address belongs to the virtual mapping at [ 30.884412] [ffff800080ad0000, ffff800080ad9000) created by: [ 30.884412] kernel_clone+0x150/0x7a8 [ 30.884802] [ 30.884861] The buggy address belongs to the physical page: [ 30.884944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 30.885514] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.886683] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.887353] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.887617] page dumped because: kasan: bad access detected [ 30.887722] [ 30.887788] Memory state around the buggy address: [ 30.887891] ffff800080ad7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.888044] ffff800080ad7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.888186] >ffff800080ad7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 30.888312] ^ [ 30.888430] ffff800080ad7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 30.889697] ffff800080ad7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 30.890039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 30.827711] ================================================================== [ 30.828492] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 30.828879] Read of size 1 at addr ffff800080ad7b5f by task kunit_try_catch/253 [ 30.829597] [ 30.829788] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.830185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.830341] Hardware name: linux,dummy-virt (DT) [ 30.830438] Call trace: [ 30.830577] show_stack+0x20/0x38 (C) [ 30.830757] dump_stack_lvl+0x8c/0xd0 [ 30.831342] print_report+0x310/0x608 [ 30.831537] kasan_report+0xdc/0x128 [ 30.831673] __asan_report_load1_noabort+0x20/0x30 [ 30.832326] kasan_alloca_oob_left+0x2b8/0x310 [ 30.832600] kunit_try_run_case+0x170/0x3f0 [ 30.832864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.833015] kthread+0x328/0x630 [ 30.833123] ret_from_fork+0x10/0x20 [ 30.833245] [ 30.833301] The buggy address belongs to stack of task kunit_try_catch/253 [ 30.834041] [ 30.834244] The buggy address belongs to the virtual mapping at [ 30.834244] [ffff800080ad0000, ffff800080ad9000) created by: [ 30.834244] kernel_clone+0x150/0x7a8 [ 30.834652] [ 30.834730] The buggy address belongs to the physical page: [ 30.835206] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 30.835485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.835791] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.835956] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.836084] page dumped because: kasan: bad access detected [ 30.836178] [ 30.836222] Memory state around the buggy address: [ 30.836303] ffff800080ad7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.836406] ffff800080ad7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.836539] >ffff800080ad7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 30.837324] ^ [ 30.838360] ffff800080ad7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 30.838626] ffff800080ad7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 30.838873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 30.787388] ================================================================== [ 30.788217] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 30.788697] Read of size 1 at addr ffff800080ae7c2a by task kunit_try_catch/251 [ 30.789019] [ 30.789231] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.789833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.790058] Hardware name: linux,dummy-virt (DT) [ 30.790221] Call trace: [ 30.790352] show_stack+0x20/0x38 (C) [ 30.790797] dump_stack_lvl+0x8c/0xd0 [ 30.791181] print_report+0x310/0x608 [ 30.791330] kasan_report+0xdc/0x128 [ 30.791896] __asan_report_load1_noabort+0x20/0x30 [ 30.792212] kasan_stack_oob+0x238/0x270 [ 30.792403] kunit_try_run_case+0x170/0x3f0 [ 30.792624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.792777] kthread+0x328/0x630 [ 30.792886] ret_from_fork+0x10/0x20 [ 30.793036] [ 30.793190] The buggy address belongs to stack of task kunit_try_catch/251 [ 30.793521] and is located at offset 138 in frame: [ 30.793653] kasan_stack_oob+0x0/0x270 [ 30.793951] [ 30.794035] This frame has 4 objects: [ 30.794462] [48, 49) '__assertion' [ 30.794595] [64, 72) 'array' [ 30.794702] [96, 112) '__assertion' [ 30.794818] [128, 138) 'stack_array' [ 30.795144] [ 30.795569] The buggy address belongs to the virtual mapping at [ 30.795569] [ffff800080ae0000, ffff800080ae9000) created by: [ 30.795569] kernel_clone+0x150/0x7a8 [ 30.796529] [ 30.796627] The buggy address belongs to the physical page: [ 30.796723] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10779a [ 30.797313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.797623] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.797775] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.797921] page dumped because: kasan: bad access detected [ 30.798069] [ 30.798133] Memory state around the buggy address: [ 30.798268] ffff800080ae7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.798419] ffff800080ae7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 30.798604] >ffff800080ae7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 30.798765] ^ [ 30.798872] ffff800080ae7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 30.799006] ffff800080ae7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 30.799128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 30.735591] ================================================================== [ 30.735947] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 30.736204] Read of size 1 at addr ffffa3ab961f14ed by task kunit_try_catch/247 [ 30.736483] [ 30.736649] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.736913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.736982] Hardware name: linux,dummy-virt (DT) [ 30.737057] Call trace: [ 30.737144] show_stack+0x20/0x38 (C) [ 30.737294] dump_stack_lvl+0x8c/0xd0 [ 30.737513] print_report+0x310/0x608 [ 30.737641] kasan_report+0xdc/0x128 [ 30.737787] __asan_report_load1_noabort+0x20/0x30 [ 30.737969] kasan_global_oob_right+0x230/0x270 [ 30.738160] kunit_try_run_case+0x170/0x3f0 [ 30.738438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.738777] kthread+0x328/0x630 [ 30.739205] ret_from_fork+0x10/0x20 [ 30.739652] [ 30.739797] The buggy address belongs to the variable: [ 30.740307] global_array+0xd/0x40 [ 30.740640] [ 30.741043] The buggy address belongs to the virtual mapping at [ 30.741043] [ffffa3ab94410000, ffffa3ab962a1000) created by: [ 30.741043] paging_init+0x66c/0x7d0 [ 30.741481] [ 30.742004] The buggy address belongs to the physical page: [ 30.742202] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47bf1 [ 30.742644] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 30.743029] raw: 03fffe0000002000 ffffc1ffc01efc48 ffffc1ffc01efc48 0000000000000000 [ 30.743590] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.744163] page dumped because: kasan: bad access detected [ 30.744217] [ 30.744247] Memory state around the buggy address: [ 30.744321] ffffa3ab961f1380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.744472] ffffa3ab961f1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.744610] >ffffa3ab961f1480: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 30.744731] ^ [ 30.744849] ffffa3ab961f1500: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 30.744957] ffffa3ab961f1580: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 30.745237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 30.662672] ================================================================== [ 30.663111] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 30.663333] Free of addr fff00000c775ac01 by task kunit_try_catch/243 [ 30.663473] [ 30.663606] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.663825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.664232] Hardware name: linux,dummy-virt (DT) [ 30.664337] Call trace: [ 30.664411] show_stack+0x20/0x38 (C) [ 30.664584] dump_stack_lvl+0x8c/0xd0 [ 30.664744] print_report+0x118/0x608 [ 30.664928] kasan_report_invalid_free+0xc0/0xe8 [ 30.665126] check_slab_allocation+0xfc/0x108 [ 30.665248] __kasan_mempool_poison_object+0x78/0x150 [ 30.665398] mempool_free+0x28c/0x328 [ 30.665542] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 30.665715] mempool_kmalloc_invalid_free+0xc0/0x118 [ 30.665849] kunit_try_run_case+0x170/0x3f0 [ 30.665973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.666109] kthread+0x328/0x630 [ 30.666528] ret_from_fork+0x10/0x20 [ 30.666740] [ 30.666794] Allocated by task 243: [ 30.666907] kasan_save_stack+0x3c/0x68 [ 30.667024] kasan_save_track+0x20/0x40 [ 30.667156] kasan_save_alloc_info+0x40/0x58 [ 30.667264] __kasan_mempool_unpoison_object+0x11c/0x180 [ 30.667406] remove_element+0x130/0x1f8 [ 30.667570] mempool_alloc_preallocated+0x58/0xc0 [ 30.667700] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 30.667836] mempool_kmalloc_invalid_free+0xc0/0x118 [ 30.668020] kunit_try_run_case+0x170/0x3f0 [ 30.668154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.668313] kthread+0x328/0x630 [ 30.668415] ret_from_fork+0x10/0x20 [ 30.668522] [ 30.668582] The buggy address belongs to the object at fff00000c775ac00 [ 30.668582] which belongs to the cache kmalloc-128 of size 128 [ 30.669031] The buggy address is located 1 bytes inside of [ 30.669031] 128-byte region [fff00000c775ac00, fff00000c775ac80) [ 30.669215] [ 30.669278] The buggy address belongs to the physical page: [ 30.669393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 30.669621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.669772] page_type: f5(slab) [ 30.669940] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.670125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.670271] page dumped because: kasan: bad access detected [ 30.670378] [ 30.670433] Memory state around the buggy address: [ 30.670576] fff00000c775ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.670766] fff00000c775ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.670942] >fff00000c775ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.671064] ^ [ 30.671150] fff00000c775ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.671281] fff00000c775ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.671425] ================================================================== [ 30.699313] ================================================================== [ 30.699790] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 30.700683] Free of addr fff00000c7898001 by task kunit_try_catch/245 [ 30.701193] [ 30.701378] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.701787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.701877] Hardware name: linux,dummy-virt (DT) [ 30.701982] Call trace: [ 30.702052] show_stack+0x20/0x38 (C) [ 30.702209] dump_stack_lvl+0x8c/0xd0 [ 30.702356] print_report+0x118/0x608 [ 30.702506] kasan_report_invalid_free+0xc0/0xe8 [ 30.703169] __kasan_mempool_poison_object+0xfc/0x150 [ 30.703627] mempool_free+0x28c/0x328 [ 30.704478] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 30.704663] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 30.704802] kunit_try_run_case+0x170/0x3f0 [ 30.705183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.705774] kthread+0x328/0x630 [ 30.705945] ret_from_fork+0x10/0x20 [ 30.706097] [ 30.706299] The buggy address belongs to the physical page: [ 30.706396] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 30.707033] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.707265] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.707567] page_type: f8(unknown) [ 30.707906] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.708301] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.708573] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.708779] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.709005] head: 0bfffe0000000002 ffffc1ffc31e2601 00000000ffffffff 00000000ffffffff [ 30.709245] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 30.709615] page dumped because: kasan: bad access detected [ 30.709983] [ 30.710056] Memory state around the buggy address: [ 30.710263] fff00000c7897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.710406] fff00000c7897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.710829] >fff00000c7898000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.711230] ^ [ 30.711439] fff00000c7898080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.711709] fff00000c7898100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.711838] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 30.632524] ================================================================== [ 30.632709] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 30.632876] Free of addr fff00000c7894000 by task kunit_try_catch/241 [ 30.632994] [ 30.633419] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.633771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.633864] Hardware name: linux,dummy-virt (DT) [ 30.633961] Call trace: [ 30.634024] show_stack+0x20/0x38 (C) [ 30.634179] dump_stack_lvl+0x8c/0xd0 [ 30.634324] print_report+0x118/0x608 [ 30.634477] kasan_report_invalid_free+0xc0/0xe8 [ 30.634610] __kasan_mempool_poison_pages+0xe0/0xe8 [ 30.635040] mempool_free+0x24c/0x328 [ 30.635247] mempool_double_free_helper+0x150/0x2e8 [ 30.635441] mempool_page_alloc_double_free+0xbc/0x118 [ 30.635640] kunit_try_run_case+0x170/0x3f0 [ 30.635861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.636066] kthread+0x328/0x630 [ 30.636226] ret_from_fork+0x10/0x20 [ 30.636936] [ 30.637126] The buggy address belongs to the physical page: [ 30.637265] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 30.637505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.637744] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.637900] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.638046] page dumped because: kasan: bad access detected [ 30.638122] [ 30.638161] Memory state around the buggy address: [ 30.638237] fff00000c7893f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.638373] fff00000c7893f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.638519] >fff00000c7894000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.638997] ^ [ 30.639144] fff00000c7894080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.639277] fff00000c7894100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.639513] ================================================================== [ 30.590418] ================================================================== [ 30.590702] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 30.590900] Free of addr fff00000c7894000 by task kunit_try_catch/239 [ 30.591094] [ 30.591216] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.592235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.592312] Hardware name: linux,dummy-virt (DT) [ 30.592406] Call trace: [ 30.592485] show_stack+0x20/0x38 (C) [ 30.593162] dump_stack_lvl+0x8c/0xd0 [ 30.593844] print_report+0x118/0x608 [ 30.594003] kasan_report_invalid_free+0xc0/0xe8 [ 30.594154] __kasan_mempool_poison_object+0x14c/0x150 [ 30.594314] mempool_free+0x28c/0x328 [ 30.595158] mempool_double_free_helper+0x150/0x2e8 [ 30.595356] mempool_kmalloc_large_double_free+0xc0/0x118 [ 30.595542] kunit_try_run_case+0x170/0x3f0 [ 30.595692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.595859] kthread+0x328/0x630 [ 30.596704] ret_from_fork+0x10/0x20 [ 30.597271] [ 30.597403] The buggy address belongs to the physical page: [ 30.597598] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 30.598041] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.598401] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.598617] page_type: f8(unknown) [ 30.598735] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.599345] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.599833] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.599993] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.600339] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 30.600915] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 30.601043] page dumped because: kasan: bad access detected [ 30.601167] [ 30.601226] Memory state around the buggy address: [ 30.601341] fff00000c7893f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.601593] fff00000c7893f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.601805] >fff00000c7894000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.602371] ^ [ 30.602492] fff00000c7894080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.602633] fff00000c7894100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.602756] ================================================================== [ 30.550366] ================================================================== [ 30.551069] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 30.551602] Free of addr fff00000c775a800 by task kunit_try_catch/237 [ 30.551913] [ 30.552232] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.552483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.552663] Hardware name: linux,dummy-virt (DT) [ 30.552804] Call trace: [ 30.552921] show_stack+0x20/0x38 (C) [ 30.553479] dump_stack_lvl+0x8c/0xd0 [ 30.553921] print_report+0x118/0x608 [ 30.554585] kasan_report_invalid_free+0xc0/0xe8 [ 30.554984] check_slab_allocation+0xd4/0x108 [ 30.555148] __kasan_mempool_poison_object+0x78/0x150 [ 30.555304] mempool_free+0x28c/0x328 [ 30.555472] mempool_double_free_helper+0x150/0x2e8 [ 30.555621] mempool_kmalloc_double_free+0xc0/0x118 [ 30.555769] kunit_try_run_case+0x170/0x3f0 [ 30.556271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.557005] kthread+0x328/0x630 [ 30.557412] ret_from_fork+0x10/0x20 [ 30.557799] [ 30.557886] Allocated by task 237: [ 30.558049] kasan_save_stack+0x3c/0x68 [ 30.558391] kasan_save_track+0x20/0x40 [ 30.558542] kasan_save_alloc_info+0x40/0x58 [ 30.558641] __kasan_mempool_unpoison_object+0x11c/0x180 [ 30.558728] remove_element+0x130/0x1f8 [ 30.559153] mempool_alloc_preallocated+0x58/0xc0 [ 30.559669] mempool_double_free_helper+0x94/0x2e8 [ 30.559991] mempool_kmalloc_double_free+0xc0/0x118 [ 30.560317] kunit_try_run_case+0x170/0x3f0 [ 30.560951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.561137] kthread+0x328/0x630 [ 30.561241] ret_from_fork+0x10/0x20 [ 30.561337] [ 30.561391] Freed by task 237: [ 30.561620] kasan_save_stack+0x3c/0x68 [ 30.561838] kasan_save_track+0x20/0x40 [ 30.561952] kasan_save_free_info+0x4c/0x78 [ 30.562051] __kasan_mempool_poison_object+0xc0/0x150 [ 30.562154] mempool_free+0x28c/0x328 [ 30.562248] mempool_double_free_helper+0x100/0x2e8 [ 30.562364] mempool_kmalloc_double_free+0xc0/0x118 [ 30.562545] kunit_try_run_case+0x170/0x3f0 [ 30.562663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.562759] kthread+0x328/0x630 [ 30.562997] ret_from_fork+0x10/0x20 [ 30.563110] [ 30.563242] The buggy address belongs to the object at fff00000c775a800 [ 30.563242] which belongs to the cache kmalloc-128 of size 128 [ 30.563591] The buggy address is located 0 bytes inside of [ 30.563591] 128-byte region [fff00000c775a800, fff00000c775a880) [ 30.563780] [ 30.563966] The buggy address belongs to the physical page: [ 30.564146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 30.564297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.564429] page_type: f5(slab) [ 30.564551] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.564697] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.564816] page dumped because: kasan: bad access detected [ 30.564906] [ 30.564956] Memory state around the buggy address: [ 30.565051] fff00000c775a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.565179] fff00000c775a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.565306] >fff00000c775a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.565418] ^ [ 30.565511] fff00000c775a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.565639] fff00000c775a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.565751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 27.626011] ================================================================== [ 27.626280] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 27.626540] Write of size 8 at addr fff00000c5a34d71 by task kunit_try_catch/178 [ 27.626915] [ 27.627037] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.627296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.627391] Hardware name: linux,dummy-virt (DT) [ 27.627499] Call trace: [ 27.627567] show_stack+0x20/0x38 (C) [ 27.627798] dump_stack_lvl+0x8c/0xd0 [ 27.628383] print_report+0x118/0x608 [ 27.628764] kasan_report+0xdc/0x128 [ 27.628900] kasan_check_range+0x100/0x1a8 [ 27.629037] __asan_memset+0x34/0x78 [ 27.629168] kmalloc_oob_memset_8+0x150/0x2f8 [ 27.629309] kunit_try_run_case+0x170/0x3f0 [ 27.629468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.629855] kthread+0x328/0x630 [ 27.630330] ret_from_fork+0x10/0x20 [ 27.630759] [ 27.631394] Allocated by task 178: [ 27.631518] kasan_save_stack+0x3c/0x68 [ 27.631899] kasan_save_track+0x20/0x40 [ 27.632067] kasan_save_alloc_info+0x40/0x58 [ 27.632182] __kasan_kmalloc+0xd4/0xd8 [ 27.632286] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.632394] kmalloc_oob_memset_8+0xb0/0x2f8 [ 27.632502] kunit_try_run_case+0x170/0x3f0 [ 27.632605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.632731] kthread+0x328/0x630 [ 27.633294] ret_from_fork+0x10/0x20 [ 27.633536] [ 27.633642] The buggy address belongs to the object at fff00000c5a34d00 [ 27.633642] which belongs to the cache kmalloc-128 of size 128 [ 27.633925] The buggy address is located 113 bytes inside of [ 27.633925] allocated 120-byte region [fff00000c5a34d00, fff00000c5a34d78) [ 27.634109] [ 27.634228] The buggy address belongs to the physical page: [ 27.634320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 27.634499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.634643] page_type: f5(slab) [ 27.634763] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.635166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.635438] page dumped because: kasan: bad access detected [ 27.635927] [ 27.636017] Memory state around the buggy address: [ 27.636257] fff00000c5a34c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.636535] fff00000c5a34c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.636685] >fff00000c5a34d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.636815] ^ [ 27.636936] fff00000c5a34d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.637061] fff00000c5a34e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.637586] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 30.516088] ================================================================== [ 30.516365] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 30.516666] Read of size 1 at addr fff00000c7894000 by task kunit_try_catch/235 [ 30.516941] [ 30.517064] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.517713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.517804] Hardware name: linux,dummy-virt (DT) [ 30.517909] Call trace: [ 30.518021] show_stack+0x20/0x38 (C) [ 30.518236] dump_stack_lvl+0x8c/0xd0 [ 30.518612] print_report+0x118/0x608 [ 30.518783] kasan_report+0xdc/0x128 [ 30.520004] __asan_report_load1_noabort+0x20/0x30 [ 30.520259] mempool_uaf_helper+0x314/0x340 [ 30.520472] mempool_page_alloc_uaf+0xc0/0x118 [ 30.520883] kunit_try_run_case+0x170/0x3f0 [ 30.521050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.521259] kthread+0x328/0x630 [ 30.521395] ret_from_fork+0x10/0x20 [ 30.521961] [ 30.522035] The buggy address belongs to the physical page: [ 30.522158] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 30.522369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.522691] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.522850] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.523000] page dumped because: kasan: bad access detected [ 30.523131] [ 30.523241] Memory state around the buggy address: [ 30.523420] fff00000c7893f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.524046] fff00000c7893f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.524121] >fff00000c7894000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.524193] ^ [ 30.524307] fff00000c7894080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.524507] fff00000c7894100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.524648] ================================================================== [ 30.421569] ================================================================== [ 30.421753] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 30.421917] Read of size 1 at addr fff00000c7890000 by task kunit_try_catch/231 [ 30.422065] [ 30.422168] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.422413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.422504] Hardware name: linux,dummy-virt (DT) [ 30.422581] Call trace: [ 30.422647] show_stack+0x20/0x38 (C) [ 30.423097] dump_stack_lvl+0x8c/0xd0 [ 30.423650] print_report+0x118/0x608 [ 30.423786] kasan_report+0xdc/0x128 [ 30.423914] __asan_report_load1_noabort+0x20/0x30 [ 30.424122] mempool_uaf_helper+0x314/0x340 [ 30.424518] mempool_kmalloc_large_uaf+0xc4/0x120 [ 30.424877] kunit_try_run_case+0x170/0x3f0 [ 30.425182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.425484] kthread+0x328/0x630 [ 30.425615] ret_from_fork+0x10/0x20 [ 30.425756] [ 30.425822] The buggy address belongs to the physical page: [ 30.425918] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 30.426072] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.426209] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.426600] page_type: f8(unknown) [ 30.427029] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.427237] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.427488] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.427719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.428016] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 30.428264] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 30.428484] page dumped because: kasan: bad access detected [ 30.428764] [ 30.428830] Memory state around the buggy address: [ 30.428942] fff00000c788ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.429088] fff00000c788ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.429187] >fff00000c7890000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.429241] ^ [ 30.429287] fff00000c7890080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.429345] fff00000c7890100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 30.429401] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 30.365951] ================================================================== [ 30.366163] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 30.366395] Read of size 1 at addr fff00000c775a400 by task kunit_try_catch/229 [ 30.367587] [ 30.367763] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.368140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.368213] Hardware name: linux,dummy-virt (DT) [ 30.368294] Call trace: [ 30.368363] show_stack+0x20/0x38 (C) [ 30.369089] dump_stack_lvl+0x8c/0xd0 [ 30.369269] print_report+0x118/0x608 [ 30.369399] kasan_report+0xdc/0x128 [ 30.369548] __asan_report_load1_noabort+0x20/0x30 [ 30.369699] mempool_uaf_helper+0x314/0x340 [ 30.369841] mempool_kmalloc_uaf+0xc4/0x120 [ 30.369989] kunit_try_run_case+0x170/0x3f0 [ 30.370146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.370308] kthread+0x328/0x630 [ 30.370485] ret_from_fork+0x10/0x20 [ 30.370691] [ 30.370769] Allocated by task 229: [ 30.370890] kasan_save_stack+0x3c/0x68 [ 30.371008] kasan_save_track+0x20/0x40 [ 30.371111] kasan_save_alloc_info+0x40/0x58 [ 30.371232] __kasan_mempool_unpoison_object+0x11c/0x180 [ 30.371361] remove_element+0x130/0x1f8 [ 30.371500] mempool_alloc_preallocated+0x58/0xc0 [ 30.371621] mempool_uaf_helper+0xa4/0x340 [ 30.371739] mempool_kmalloc_uaf+0xc4/0x120 [ 30.372402] kunit_try_run_case+0x170/0x3f0 [ 30.372602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.372732] kthread+0x328/0x630 [ 30.373020] ret_from_fork+0x10/0x20 [ 30.373139] [ 30.373212] Freed by task 229: [ 30.373292] kasan_save_stack+0x3c/0x68 [ 30.373460] kasan_save_track+0x20/0x40 [ 30.373637] kasan_save_free_info+0x4c/0x78 [ 30.373892] __kasan_mempool_poison_object+0xc0/0x150 [ 30.374035] mempool_free+0x28c/0x328 [ 30.374246] mempool_uaf_helper+0x104/0x340 [ 30.374969] mempool_kmalloc_uaf+0xc4/0x120 [ 30.375184] kunit_try_run_case+0x170/0x3f0 [ 30.375864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.376026] kthread+0x328/0x630 [ 30.376119] ret_from_fork+0x10/0x20 [ 30.376209] [ 30.376265] The buggy address belongs to the object at fff00000c775a400 [ 30.376265] which belongs to the cache kmalloc-128 of size 128 [ 30.377286] The buggy address is located 0 bytes inside of [ 30.377286] freed 128-byte region [fff00000c775a400, fff00000c775a480) [ 30.377861] [ 30.377926] The buggy address belongs to the physical page: [ 30.378027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775a [ 30.378179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.378327] page_type: f5(slab) [ 30.378465] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.378619] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.378745] page dumped because: kasan: bad access detected [ 30.378836] [ 30.378894] Memory state around the buggy address: [ 30.378992] fff00000c775a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.379126] fff00000c775a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.379260] >fff00000c775a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.381133] ^ [ 30.381237] fff00000c775a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.381922] fff00000c775a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.382047] ================================================================== [ 30.463926] ================================================================== [ 30.464992] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 30.465377] Read of size 1 at addr fff00000c77a1240 by task kunit_try_catch/233 [ 30.465521] [ 30.465611] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.467243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.467347] Hardware name: linux,dummy-virt (DT) [ 30.467791] Call trace: [ 30.468026] show_stack+0x20/0x38 (C) [ 30.468266] dump_stack_lvl+0x8c/0xd0 [ 30.468392] print_report+0x118/0x608 [ 30.468512] kasan_report+0xdc/0x128 [ 30.468647] __asan_report_load1_noabort+0x20/0x30 [ 30.468780] mempool_uaf_helper+0x314/0x340 [ 30.468920] mempool_slab_uaf+0xc0/0x118 [ 30.469043] kunit_try_run_case+0x170/0x3f0 [ 30.469186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.469338] kthread+0x328/0x630 [ 30.469469] ret_from_fork+0x10/0x20 [ 30.469634] [ 30.469722] Allocated by task 233: [ 30.469850] kasan_save_stack+0x3c/0x68 [ 30.470015] kasan_save_track+0x20/0x40 [ 30.470176] kasan_save_alloc_info+0x40/0x58 [ 30.470329] __kasan_mempool_unpoison_object+0xbc/0x180 [ 30.470518] remove_element+0x16c/0x1f8 [ 30.470644] mempool_alloc_preallocated+0x58/0xc0 [ 30.470765] mempool_uaf_helper+0xa4/0x340 [ 30.470887] mempool_slab_uaf+0xc0/0x118 [ 30.470991] kunit_try_run_case+0x170/0x3f0 [ 30.471126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.471290] kthread+0x328/0x630 [ 30.471423] ret_from_fork+0x10/0x20 [ 30.471579] [ 30.471634] Freed by task 233: [ 30.471709] kasan_save_stack+0x3c/0x68 [ 30.471815] kasan_save_track+0x20/0x40 [ 30.471936] kasan_save_free_info+0x4c/0x78 [ 30.472044] __kasan_mempool_poison_object+0xc0/0x150 [ 30.472150] mempool_free+0x28c/0x328 [ 30.472261] mempool_uaf_helper+0x104/0x340 [ 30.472424] mempool_slab_uaf+0xc0/0x118 [ 30.472560] kunit_try_run_case+0x170/0x3f0 [ 30.472691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.472881] kthread+0x328/0x630 [ 30.472981] ret_from_fork+0x10/0x20 [ 30.473066] [ 30.473110] The buggy address belongs to the object at fff00000c77a1240 [ 30.473110] which belongs to the cache test_cache of size 123 [ 30.473267] The buggy address is located 0 bytes inside of [ 30.473267] freed 123-byte region [fff00000c77a1240, fff00000c77a12bb) [ 30.473484] [ 30.473551] The buggy address belongs to the physical page: [ 30.473641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a1 [ 30.473785] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.473947] page_type: f5(slab) [ 30.474059] raw: 0bfffe0000000000 fff00000c11fdc80 dead000000000122 0000000000000000 [ 30.474200] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 30.474323] page dumped because: kasan: bad access detected [ 30.474420] [ 30.474492] Memory state around the buggy address: [ 30.474597] fff00000c77a1100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.474731] fff00000c77a1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.474864] >fff00000c77a1200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 30.474980] ^ [ 30.475082] fff00000c77a1280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.475199] fff00000c77a1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.475309] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 30.289808] ================================================================== [ 30.290476] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 30.290667] Read of size 1 at addr fff00000c779c2bb by task kunit_try_catch/227 [ 30.290813] [ 30.290907] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.291158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.291241] Hardware name: linux,dummy-virt (DT) [ 30.291338] Call trace: [ 30.292013] show_stack+0x20/0x38 (C) [ 30.292816] dump_stack_lvl+0x8c/0xd0 [ 30.293083] print_report+0x118/0x608 [ 30.293240] kasan_report+0xdc/0x128 [ 30.293370] __asan_report_load1_noabort+0x20/0x30 [ 30.293540] mempool_oob_right_helper+0x2ac/0x2f0 [ 30.293813] mempool_slab_oob_right+0xc0/0x118 [ 30.294475] kunit_try_run_case+0x170/0x3f0 [ 30.294778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.295044] kthread+0x328/0x630 [ 30.295218] ret_from_fork+0x10/0x20 [ 30.295855] [ 30.296049] Allocated by task 227: [ 30.296161] kasan_save_stack+0x3c/0x68 [ 30.296402] kasan_save_track+0x20/0x40 [ 30.296944] kasan_save_alloc_info+0x40/0x58 [ 30.297087] __kasan_mempool_unpoison_object+0xbc/0x180 [ 30.297218] remove_element+0x16c/0x1f8 [ 30.297420] mempool_alloc_preallocated+0x58/0xc0 [ 30.297710] mempool_oob_right_helper+0x98/0x2f0 [ 30.297972] mempool_slab_oob_right+0xc0/0x118 [ 30.298204] kunit_try_run_case+0x170/0x3f0 [ 30.298341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.298492] kthread+0x328/0x630 [ 30.299053] ret_from_fork+0x10/0x20 [ 30.299208] [ 30.299270] The buggy address belongs to the object at fff00000c779c240 [ 30.299270] which belongs to the cache test_cache of size 123 [ 30.299535] The buggy address is located 0 bytes to the right of [ 30.299535] allocated 123-byte region [fff00000c779c240, fff00000c779c2bb) [ 30.300352] [ 30.300552] The buggy address belongs to the physical page: [ 30.300674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10779c [ 30.300946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.301093] page_type: f5(slab) [ 30.301192] raw: 0bfffe0000000000 fff00000c11fdb40 dead000000000122 0000000000000000 [ 30.301501] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 30.301644] page dumped because: kasan: bad access detected [ 30.301959] [ 30.302043] Memory state around the buggy address: [ 30.303576] fff00000c779c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.303742] fff00000c779c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 30.303883] >fff00000c779c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 30.303989] ^ [ 30.304074] fff00000c779c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.304178] fff00000c779c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.304286] ================================================================== [ 30.251703] ================================================================== [ 30.251909] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 30.252108] Read of size 1 at addr fff00000c788e001 by task kunit_try_catch/225 [ 30.252714] [ 30.252810] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.253366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.253461] Hardware name: linux,dummy-virt (DT) [ 30.253554] Call trace: [ 30.253620] show_stack+0x20/0x38 (C) [ 30.254044] dump_stack_lvl+0x8c/0xd0 [ 30.254251] print_report+0x118/0x608 [ 30.254436] kasan_report+0xdc/0x128 [ 30.254619] __asan_report_load1_noabort+0x20/0x30 [ 30.254780] mempool_oob_right_helper+0x2ac/0x2f0 [ 30.254938] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 30.255096] kunit_try_run_case+0x170/0x3f0 [ 30.255246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.255414] kthread+0x328/0x630 [ 30.255558] ret_from_fork+0x10/0x20 [ 30.256030] [ 30.256159] The buggy address belongs to the physical page: [ 30.256578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 30.256840] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 30.256957] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 30.257105] page_type: f8(unknown) [ 30.257204] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.257329] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.257471] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 30.257605] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 30.258124] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 30.258326] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 30.258497] page dumped because: kasan: bad access detected [ 30.258638] [ 30.258709] Memory state around the buggy address: [ 30.258841] fff00000c788df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.258974] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.259136] >fff00000c788e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.259297] ^ [ 30.259426] fff00000c788e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.259627] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 30.259776] ================================================================== [ 30.219328] ================================================================== [ 30.219524] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 30.219639] Read of size 1 at addr fff00000c4621d73 by task kunit_try_catch/223 [ 30.219712] [ 30.219771] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 30.219896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.219990] Hardware name: linux,dummy-virt (DT) [ 30.220078] Call trace: [ 30.220142] show_stack+0x20/0x38 (C) [ 30.220289] dump_stack_lvl+0x8c/0xd0 [ 30.220422] print_report+0x118/0x608 [ 30.220520] kasan_report+0xdc/0x128 [ 30.220587] __asan_report_load1_noabort+0x20/0x30 [ 30.220659] mempool_oob_right_helper+0x2ac/0x2f0 [ 30.220732] mempool_kmalloc_oob_right+0xc4/0x120 [ 30.220805] kunit_try_run_case+0x170/0x3f0 [ 30.220879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.220953] kthread+0x328/0x630 [ 30.221018] ret_from_fork+0x10/0x20 [ 30.221089] [ 30.221116] Allocated by task 223: [ 30.221158] kasan_save_stack+0x3c/0x68 [ 30.221216] kasan_save_track+0x20/0x40 [ 30.221271] kasan_save_alloc_info+0x40/0x58 [ 30.221324] __kasan_mempool_unpoison_object+0x11c/0x180 [ 30.221385] remove_element+0x130/0x1f8 [ 30.221441] mempool_alloc_preallocated+0x58/0xc0 [ 30.221521] mempool_oob_right_helper+0x98/0x2f0 [ 30.221581] mempool_kmalloc_oob_right+0xc4/0x120 [ 30.221638] kunit_try_run_case+0x170/0x3f0 [ 30.221695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.221759] kthread+0x328/0x630 [ 30.221809] ret_from_fork+0x10/0x20 [ 30.221862] [ 30.221890] The buggy address belongs to the object at fff00000c4621d00 [ 30.221890] which belongs to the cache kmalloc-128 of size 128 [ 30.221972] The buggy address is located 0 bytes to the right of [ 30.221972] allocated 115-byte region [fff00000c4621d00, fff00000c4621d73) [ 30.222061] [ 30.222091] The buggy address belongs to the physical page: [ 30.222139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104621 [ 30.222215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.222289] page_type: f5(slab) [ 30.222345] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.222418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.222494] page dumped because: kasan: bad access detected [ 30.222537] [ 30.222565] Memory state around the buggy address: [ 30.222610] fff00000c4621c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.222671] fff00000c4621c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.222732] >fff00000c4621d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.222786] ^ [ 30.222843] fff00000c4621d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.222902] fff00000c4621e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 30.222957] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 29.225250] ================================================================== [ 29.225479] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 29.225667] Read of size 1 at addr fff00000c777f000 by task kunit_try_catch/215 [ 29.227462] [ 29.227581] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 29.227760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.227800] Hardware name: linux,dummy-virt (DT) [ 29.227851] Call trace: [ 29.227887] show_stack+0x20/0x38 (C) [ 29.228079] dump_stack_lvl+0x8c/0xd0 [ 29.228214] print_report+0x118/0x608 [ 29.228351] kasan_report+0xdc/0x128 [ 29.228476] __asan_report_load1_noabort+0x20/0x30 [ 29.228611] kmem_cache_rcu_uaf+0x388/0x468 [ 29.228730] kunit_try_run_case+0x170/0x3f0 [ 29.228859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.229081] kthread+0x328/0x630 [ 29.229246] ret_from_fork+0x10/0x20 [ 29.229403] [ 29.229487] Allocated by task 215: [ 29.229619] kasan_save_stack+0x3c/0x68 [ 29.229781] kasan_save_track+0x20/0x40 [ 29.229907] kasan_save_alloc_info+0x40/0x58 [ 29.230035] __kasan_slab_alloc+0xa8/0xb0 [ 29.230195] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 29.230320] kmem_cache_rcu_uaf+0x12c/0x468 [ 29.230439] kunit_try_run_case+0x170/0x3f0 [ 29.230574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.230709] kthread+0x328/0x630 [ 29.230820] ret_from_fork+0x10/0x20 [ 29.230924] [ 29.230982] Freed by task 0: [ 29.231057] kasan_save_stack+0x3c/0x68 [ 29.231162] kasan_save_track+0x20/0x40 [ 29.231269] kasan_save_free_info+0x4c/0x78 [ 29.231391] __kasan_slab_free+0x6c/0x98 [ 29.231508] slab_free_after_rcu_debug+0xd4/0x2f8 [ 29.231616] rcu_core+0x9f4/0x1e20 [ 29.231760] rcu_core_si+0x18/0x30 [ 29.231914] handle_softirqs+0x374/0xb28 [ 29.232042] __do_softirq+0x1c/0x28 [ 29.232137] [ 29.232191] Last potentially related work creation: [ 29.232273] kasan_save_stack+0x3c/0x68 [ 29.232384] kasan_record_aux_stack+0xb4/0xc8 [ 29.232528] kmem_cache_free+0x120/0x470 [ 29.232679] kmem_cache_rcu_uaf+0x16c/0x468 [ 29.232803] kunit_try_run_case+0x170/0x3f0 [ 29.233003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.233216] kthread+0x328/0x630 [ 29.233328] ret_from_fork+0x10/0x20 [ 29.233431] [ 29.233491] The buggy address belongs to the object at fff00000c777f000 [ 29.233491] which belongs to the cache test_cache of size 200 [ 29.233636] The buggy address is located 0 bytes inside of [ 29.233636] freed 200-byte region [fff00000c777f000, fff00000c777f0c8) [ 29.233793] [ 29.233851] The buggy address belongs to the physical page: [ 29.233944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777f [ 29.234111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.234261] page_type: f5(slab) [ 29.234373] raw: 0bfffe0000000000 fff00000c11fd780 dead000000000122 0000000000000000 [ 29.234543] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 29.234686] page dumped because: kasan: bad access detected [ 29.234769] [ 29.234863] Memory state around the buggy address: [ 29.234973] fff00000c777ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.235106] fff00000c777ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.235294] >fff00000c777f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.235478] ^ [ 29.235604] fff00000c777f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 29.235792] fff00000c777f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.235910] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 28.774145] ================================================================== [ 28.774419] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 28.774699] Free of addr fff00000c777e001 by task kunit_try_catch/213 [ 28.775052] [ 28.775266] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.775556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.775640] Hardware name: linux,dummy-virt (DT) [ 28.775743] Call trace: [ 28.776103] show_stack+0x20/0x38 (C) [ 28.776504] dump_stack_lvl+0x8c/0xd0 [ 28.776804] print_report+0x118/0x608 [ 28.776937] kasan_report_invalid_free+0xc0/0xe8 [ 28.777094] check_slab_allocation+0xfc/0x108 [ 28.777277] __kasan_slab_pre_free+0x2c/0x48 [ 28.777475] kmem_cache_free+0xf0/0x470 [ 28.777681] kmem_cache_invalid_free+0x184/0x3c8 [ 28.777898] kunit_try_run_case+0x170/0x3f0 [ 28.778111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.778335] kthread+0x328/0x630 [ 28.778506] ret_from_fork+0x10/0x20 [ 28.778821] [ 28.778924] Allocated by task 213: [ 28.779013] kasan_save_stack+0x3c/0x68 [ 28.779143] kasan_save_track+0x20/0x40 [ 28.779257] kasan_save_alloc_info+0x40/0x58 [ 28.779386] __kasan_slab_alloc+0xa8/0xb0 [ 28.779509] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 28.779632] kmem_cache_invalid_free+0x12c/0x3c8 [ 28.779854] kunit_try_run_case+0x170/0x3f0 [ 28.780015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.780148] kthread+0x328/0x630 [ 28.780579] ret_from_fork+0x10/0x20 [ 28.780706] [ 28.780764] The buggy address belongs to the object at fff00000c777e000 [ 28.780764] which belongs to the cache test_cache of size 200 [ 28.780925] The buggy address is located 1 bytes inside of [ 28.780925] 200-byte region [fff00000c777e000, fff00000c777e0c8) [ 28.781069] [ 28.781126] The buggy address belongs to the physical page: [ 28.781631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777e [ 28.781925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.782291] page_type: f5(slab) [ 28.782546] raw: 0bfffe0000000000 fff00000c11fd640 dead000000000122 0000000000000000 [ 28.783118] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 28.783343] page dumped because: kasan: bad access detected [ 28.783465] [ 28.783514] Memory state around the buggy address: [ 28.783605] fff00000c777df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.784189] fff00000c777df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.784623] >fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.784746] ^ [ 28.784830] fff00000c777e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 28.785324] fff00000c777e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.785490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 28.707003] ================================================================== [ 28.707426] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 28.708014] Free of addr fff00000c7779000 by task kunit_try_catch/211 [ 28.708247] [ 28.708377] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.708614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.708969] Hardware name: linux,dummy-virt (DT) [ 28.709090] Call trace: [ 28.709290] show_stack+0x20/0x38 (C) [ 28.709901] dump_stack_lvl+0x8c/0xd0 [ 28.710145] print_report+0x118/0x608 [ 28.710301] kasan_report_invalid_free+0xc0/0xe8 [ 28.710486] check_slab_allocation+0xd4/0x108 [ 28.710634] __kasan_slab_pre_free+0x2c/0x48 [ 28.710831] kmem_cache_free+0xf0/0x470 [ 28.711024] kmem_cache_double_free+0x190/0x3c8 [ 28.711233] kunit_try_run_case+0x170/0x3f0 [ 28.711412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.711597] kthread+0x328/0x630 [ 28.711734] ret_from_fork+0x10/0x20 [ 28.711880] [ 28.711936] Allocated by task 211: [ 28.712011] kasan_save_stack+0x3c/0x68 [ 28.712119] kasan_save_track+0x20/0x40 [ 28.712207] kasan_save_alloc_info+0x40/0x58 [ 28.712292] __kasan_slab_alloc+0xa8/0xb0 [ 28.712390] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 28.712515] kmem_cache_double_free+0x12c/0x3c8 [ 28.712640] kunit_try_run_case+0x170/0x3f0 [ 28.712767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.712886] kthread+0x328/0x630 [ 28.712999] ret_from_fork+0x10/0x20 [ 28.713132] [ 28.713184] Freed by task 211: [ 28.713257] kasan_save_stack+0x3c/0x68 [ 28.713373] kasan_save_track+0x20/0x40 [ 28.713509] kasan_save_free_info+0x4c/0x78 [ 28.713634] __kasan_slab_free+0x6c/0x98 [ 28.713731] kmem_cache_free+0x260/0x470 [ 28.713842] kmem_cache_double_free+0x140/0x3c8 [ 28.713958] kunit_try_run_case+0x170/0x3f0 [ 28.714070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.714216] kthread+0x328/0x630 [ 28.714318] ret_from_fork+0x10/0x20 [ 28.714474] [ 28.714528] The buggy address belongs to the object at fff00000c7779000 [ 28.714528] which belongs to the cache test_cache of size 200 [ 28.714723] The buggy address is located 0 bytes inside of [ 28.714723] 200-byte region [fff00000c7779000, fff00000c77790c8) [ 28.714977] [ 28.715055] The buggy address belongs to the physical page: [ 28.715147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107779 [ 28.715305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.715488] page_type: f5(slab) [ 28.715599] raw: 0bfffe0000000000 fff00000c11fd500 dead000000000122 0000000000000000 [ 28.715740] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 28.715890] page dumped because: kasan: bad access detected [ 28.715981] [ 28.716028] Memory state around the buggy address: [ 28.716127] fff00000c7778f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.716341] fff00000c7778f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.716524] >fff00000c7779000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.716672] ^ [ 28.716752] fff00000c7779080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 28.716900] fff00000c7779100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.717018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 28.393550] ================================================================== [ 28.393963] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 28.394141] Read of size 1 at addr fff00000c77780c8 by task kunit_try_catch/209 [ 28.394290] [ 28.394386] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.395359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.395898] Hardware name: linux,dummy-virt (DT) [ 28.396105] Call trace: [ 28.396236] show_stack+0x20/0x38 (C) [ 28.396693] dump_stack_lvl+0x8c/0xd0 [ 28.397013] print_report+0x118/0x608 [ 28.397136] kasan_report+0xdc/0x128 [ 28.397255] __asan_report_load1_noabort+0x20/0x30 [ 28.397917] kmem_cache_oob+0x344/0x430 [ 28.398464] kunit_try_run_case+0x170/0x3f0 [ 28.398939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.399176] kthread+0x328/0x630 [ 28.399739] ret_from_fork+0x10/0x20 [ 28.400075] [ 28.400188] Allocated by task 209: [ 28.400375] kasan_save_stack+0x3c/0x68 [ 28.400528] kasan_save_track+0x20/0x40 [ 28.400634] kasan_save_alloc_info+0x40/0x58 [ 28.400908] __kasan_slab_alloc+0xa8/0xb0 [ 28.401308] kmem_cache_alloc_noprof+0x10c/0x3a0 [ 28.401466] kmem_cache_oob+0x12c/0x430 [ 28.401751] kunit_try_run_case+0x170/0x3f0 [ 28.402115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.402477] kthread+0x328/0x630 [ 28.402786] ret_from_fork+0x10/0x20 [ 28.403158] [ 28.403259] The buggy address belongs to the object at fff00000c7778000 [ 28.403259] which belongs to the cache test_cache of size 200 [ 28.403719] The buggy address is located 0 bytes to the right of [ 28.403719] allocated 200-byte region [fff00000c7778000, fff00000c77780c8) [ 28.403934] [ 28.403985] The buggy address belongs to the physical page: [ 28.404075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107778 [ 28.404238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.404393] page_type: f5(slab) [ 28.404519] raw: 0bfffe0000000000 fff00000c11fd3c0 dead000000000122 0000000000000000 [ 28.404649] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 28.405280] page dumped because: kasan: bad access detected [ 28.405621] [ 28.405859] Memory state around the buggy address: [ 28.406145] fff00000c7777f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.406683] fff00000c7778000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.407071] >fff00000c7778080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 28.407207] ^ [ 28.407323] fff00000c7778100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.407486] fff00000c7778180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.407610] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 28.281011] ================================================================== [ 28.281417] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 28.281798] Read of size 8 at addr fff00000c7775200 by task kunit_try_catch/202 [ 28.282212] [ 28.282466] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.282874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.282962] Hardware name: linux,dummy-virt (DT) [ 28.283060] Call trace: [ 28.283209] show_stack+0x20/0x38 (C) [ 28.283517] dump_stack_lvl+0x8c/0xd0 [ 28.283966] print_report+0x118/0x608 [ 28.284155] kasan_report+0xdc/0x128 [ 28.284301] __asan_report_load8_noabort+0x20/0x30 [ 28.284468] workqueue_uaf+0x480/0x4a8 [ 28.284613] kunit_try_run_case+0x170/0x3f0 [ 28.284882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.285150] kthread+0x328/0x630 [ 28.285539] ret_from_fork+0x10/0x20 [ 28.286462] [ 28.286533] Allocated by task 202: [ 28.286638] kasan_save_stack+0x3c/0x68 [ 28.286769] kasan_save_track+0x20/0x40 [ 28.286869] kasan_save_alloc_info+0x40/0x58 [ 28.287074] __kasan_kmalloc+0xd4/0xd8 [ 28.287246] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.287462] workqueue_uaf+0x13c/0x4a8 [ 28.287637] kunit_try_run_case+0x170/0x3f0 [ 28.287778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.287930] kthread+0x328/0x630 [ 28.288239] ret_from_fork+0x10/0x20 [ 28.288443] [ 28.288556] Freed by task 9: [ 28.288667] kasan_save_stack+0x3c/0x68 [ 28.288851] kasan_save_track+0x20/0x40 [ 28.289021] kasan_save_free_info+0x4c/0x78 [ 28.289143] __kasan_slab_free+0x6c/0x98 [ 28.289765] kfree+0x214/0x3c8 [ 28.289894] workqueue_uaf_work+0x18/0x30 [ 28.290080] process_one_work+0x530/0xf98 [ 28.290189] worker_thread+0x8ac/0xf28 [ 28.290490] kthread+0x328/0x630 [ 28.290607] ret_from_fork+0x10/0x20 [ 28.290716] [ 28.290771] Last potentially related work creation: [ 28.290852] kasan_save_stack+0x3c/0x68 [ 28.290997] kasan_record_aux_stack+0xb4/0xc8 [ 28.291155] __queue_work+0x65c/0x1010 [ 28.291300] queue_work_on+0xbc/0xf8 [ 28.291586] workqueue_uaf+0x210/0x4a8 [ 28.291833] kunit_try_run_case+0x170/0x3f0 [ 28.292046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.292400] kthread+0x328/0x630 [ 28.292548] ret_from_fork+0x10/0x20 [ 28.293236] [ 28.293396] The buggy address belongs to the object at fff00000c7775200 [ 28.293396] which belongs to the cache kmalloc-32 of size 32 [ 28.294135] The buggy address is located 0 bytes inside of [ 28.294135] freed 32-byte region [fff00000c7775200, fff00000c7775220) [ 28.294574] [ 28.294683] The buggy address belongs to the physical page: [ 28.295242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107775 [ 28.295658] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.296053] page_type: f5(slab) [ 28.296665] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.297097] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.297561] page dumped because: kasan: bad access detected [ 28.298114] [ 28.298460] Memory state around the buggy address: [ 28.298907] fff00000c7775100: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.299104] fff00000c7775180: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 28.300381] >fff00000c7775200: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.300893] ^ [ 28.300994] fff00000c7775280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.301547] fff00000c7775300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.301681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 28.205823] ================================================================== [ 28.206118] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 28.206281] Read of size 4 at addr fff00000c7775040 by task swapper/0/0 [ 28.206419] [ 28.206540] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 28.206779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.206860] Hardware name: linux,dummy-virt (DT) [ 28.206949] Call trace: [ 28.207016] show_stack+0x20/0x38 (C) [ 28.207160] dump_stack_lvl+0x8c/0xd0 [ 28.207296] print_report+0x118/0x608 [ 28.207435] kasan_report+0xdc/0x128 [ 28.209279] __asan_report_load4_noabort+0x20/0x30 [ 28.209625] rcu_uaf_reclaim+0x64/0x70 [ 28.210583] rcu_core+0x9f4/0x1e20 [ 28.210895] rcu_core_si+0x18/0x30 [ 28.211181] handle_softirqs+0x374/0xb28 [ 28.211577] __do_softirq+0x1c/0x28 [ 28.212244] ____do_softirq+0x18/0x30 [ 28.212513] call_on_irq_stack+0x24/0x58 [ 28.212681] do_softirq_own_stack+0x24/0x38 [ 28.212799] __irq_exit_rcu+0x1fc/0x318 [ 28.212915] irq_exit_rcu+0x1c/0x80 [ 28.213035] el1_interrupt+0x38/0x58 [ 28.213178] el1h_64_irq_handler+0x18/0x28 [ 28.213322] el1h_64_irq+0x6c/0x70 [ 28.215488] arch_local_irq_enable+0x4/0x8 (P) [ 28.215778] do_idle+0x384/0x4e8 [ 28.216707] cpu_startup_entry+0x64/0x80 [ 28.216914] rest_init+0x160/0x188 [ 28.217324] start_kernel+0x310/0x3d8 [ 28.217506] __primary_switched+0x8c/0xa0 [ 28.218299] [ 28.218371] Allocated by task 200: [ 28.218483] kasan_save_stack+0x3c/0x68 [ 28.218610] kasan_save_track+0x20/0x40 [ 28.218718] kasan_save_alloc_info+0x40/0x58 [ 28.218832] __kasan_kmalloc+0xd4/0xd8 [ 28.218943] __kmalloc_cache_noprof+0x15c/0x3c0 [ 28.219073] rcu_uaf+0xb0/0x2d8 [ 28.219176] kunit_try_run_case+0x170/0x3f0 [ 28.219299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.219459] kthread+0x328/0x630 [ 28.219571] ret_from_fork+0x10/0x20 [ 28.219679] [ 28.219740] Freed by task 0: [ 28.219818] kasan_save_stack+0x3c/0x68 [ 28.219924] kasan_save_track+0x20/0x40 [ 28.222395] kasan_save_free_info+0x4c/0x78 [ 28.223390] __kasan_slab_free+0x6c/0x98 [ 28.223674] kfree+0x214/0x3c8 [ 28.223892] rcu_uaf_reclaim+0x28/0x70 [ 28.224058] rcu_core+0x9f4/0x1e20 [ 28.224147] rcu_core_si+0x18/0x30 [ 28.224235] handle_softirqs+0x374/0xb28 [ 28.224345] __do_softirq+0x1c/0x28 [ 28.225498] [ 28.226215] Last potentially related work creation: [ 28.226710] kasan_save_stack+0x3c/0x68 [ 28.226852] kasan_record_aux_stack+0xb4/0xc8 [ 28.227312] __call_rcu_common.constprop.0+0x70/0x8b0 [ 28.228122] call_rcu+0x18/0x30 [ 28.228223] rcu_uaf+0x14c/0x2d8 [ 28.228307] kunit_try_run_case+0x170/0x3f0 [ 28.228411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.228554] kthread+0x328/0x630 [ 28.230854] ret_from_fork+0x10/0x20 [ 28.231087] [ 28.231183] The buggy address belongs to the object at fff00000c7775040 [ 28.231183] which belongs to the cache kmalloc-32 of size 32 [ 28.231874] The buggy address is located 0 bytes inside of [ 28.231874] freed 32-byte region [fff00000c7775040, fff00000c7775060) [ 28.232431] [ 28.232504] The buggy address belongs to the physical page: [ 28.232581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107775 [ 28.232735] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.234151] page_type: f5(slab) [ 28.234440] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.234871] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.235405] page dumped because: kasan: bad access detected [ 28.235892] [ 28.236305] Memory state around the buggy address: [ 28.236620] fff00000c7774f00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.236764] fff00000c7774f80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.236900] >fff00000c7775000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.237020] ^ [ 28.238378] fff00000c7775080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.239538] fff00000c7775100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.240244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 27.978567] ================================================================== [ 27.978772] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 27.978916] Free of addr fff00000c5a2a700 by task kunit_try_catch/194 [ 27.979254] [ 27.979364] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.979812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.979960] Hardware name: linux,dummy-virt (DT) [ 27.980014] Call trace: [ 27.980063] show_stack+0x20/0x38 (C) [ 27.980253] dump_stack_lvl+0x8c/0xd0 [ 27.980409] print_report+0x118/0x608 [ 27.980540] kasan_report_invalid_free+0xc0/0xe8 [ 27.980657] check_slab_allocation+0xd4/0x108 [ 27.980786] __kasan_slab_pre_free+0x2c/0x48 [ 27.980927] kfree+0xe8/0x3c8 [ 27.981059] kfree_sensitive+0x3c/0xb0 [ 27.981190] kmalloc_double_kzfree+0x168/0x308 [ 27.981358] kunit_try_run_case+0x170/0x3f0 [ 27.981526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.981673] kthread+0x328/0x630 [ 27.981831] ret_from_fork+0x10/0x20 [ 27.982153] [ 27.982262] Allocated by task 194: [ 27.982618] kasan_save_stack+0x3c/0x68 [ 27.982777] kasan_save_track+0x20/0x40 [ 27.982893] kasan_save_alloc_info+0x40/0x58 [ 27.983003] __kasan_kmalloc+0xd4/0xd8 [ 27.983111] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.983248] kmalloc_double_kzfree+0xb8/0x308 [ 27.983432] kunit_try_run_case+0x170/0x3f0 [ 27.983623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.983812] kthread+0x328/0x630 [ 27.984019] ret_from_fork+0x10/0x20 [ 27.984480] [ 27.984547] Freed by task 194: [ 27.984662] kasan_save_stack+0x3c/0x68 [ 27.984835] kasan_save_track+0x20/0x40 [ 27.985099] kasan_save_free_info+0x4c/0x78 [ 27.985241] __kasan_slab_free+0x6c/0x98 [ 27.985776] kfree+0x214/0x3c8 [ 27.985917] kfree_sensitive+0x80/0xb0 [ 27.986032] kmalloc_double_kzfree+0x11c/0x308 [ 27.986275] kunit_try_run_case+0x170/0x3f0 [ 27.986818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.987193] kthread+0x328/0x630 [ 27.987598] ret_from_fork+0x10/0x20 [ 27.987736] [ 27.987794] The buggy address belongs to the object at fff00000c5a2a700 [ 27.987794] which belongs to the cache kmalloc-16 of size 16 [ 27.988023] The buggy address is located 0 bytes inside of [ 27.988023] 16-byte region [fff00000c5a2a700, fff00000c5a2a710) [ 27.988422] [ 27.988506] The buggy address belongs to the physical page: [ 27.988771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 27.989101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.989409] page_type: f5(slab) [ 27.989666] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.989892] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.990392] page dumped because: kasan: bad access detected [ 27.990640] [ 27.990703] Memory state around the buggy address: [ 27.990920] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.991137] fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.991274] >fff00000c5a2a700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.991404] ^ [ 27.991501] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.991917] fff00000c5a2a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.992150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 27.963406] ================================================================== [ 27.963644] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 27.963822] Read of size 1 at addr fff00000c5a2a700 by task kunit_try_catch/194 [ 27.963965] [ 27.964061] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.964713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.964789] Hardware name: linux,dummy-virt (DT) [ 27.965578] Call trace: [ 27.965767] show_stack+0x20/0x38 (C) [ 27.966269] dump_stack_lvl+0x8c/0xd0 [ 27.966641] print_report+0x118/0x608 [ 27.966861] kasan_report+0xdc/0x128 [ 27.967026] __kasan_check_byte+0x54/0x70 [ 27.967365] kfree_sensitive+0x30/0xb0 [ 27.967550] kmalloc_double_kzfree+0x168/0x308 [ 27.967702] kunit_try_run_case+0x170/0x3f0 [ 27.967988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.968190] kthread+0x328/0x630 [ 27.968325] ret_from_fork+0x10/0x20 [ 27.968543] [ 27.968616] Allocated by task 194: [ 27.968703] kasan_save_stack+0x3c/0x68 [ 27.968819] kasan_save_track+0x20/0x40 [ 27.968929] kasan_save_alloc_info+0x40/0x58 [ 27.969042] __kasan_kmalloc+0xd4/0xd8 [ 27.969162] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.969283] kmalloc_double_kzfree+0xb8/0x308 [ 27.969489] kunit_try_run_case+0x170/0x3f0 [ 27.969723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.969936] kthread+0x328/0x630 [ 27.970260] ret_from_fork+0x10/0x20 [ 27.970375] [ 27.970433] Freed by task 194: [ 27.970525] kasan_save_stack+0x3c/0x68 [ 27.970749] kasan_save_track+0x20/0x40 [ 27.971062] kasan_save_free_info+0x4c/0x78 [ 27.971501] __kasan_slab_free+0x6c/0x98 [ 27.971735] kfree+0x214/0x3c8 [ 27.972005] kfree_sensitive+0x80/0xb0 [ 27.972114] kmalloc_double_kzfree+0x11c/0x308 [ 27.972243] kunit_try_run_case+0x170/0x3f0 [ 27.972360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.972489] kthread+0x328/0x630 [ 27.972569] ret_from_fork+0x10/0x20 [ 27.972661] [ 27.972716] The buggy address belongs to the object at fff00000c5a2a700 [ 27.972716] which belongs to the cache kmalloc-16 of size 16 [ 27.972895] The buggy address is located 0 bytes inside of [ 27.972895] freed 16-byte region [fff00000c5a2a700, fff00000c5a2a710) [ 27.973081] [ 27.973141] The buggy address belongs to the physical page: [ 27.973236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 27.973398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.973565] page_type: f5(slab) [ 27.973689] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.974054] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.974300] page dumped because: kasan: bad access detected [ 27.974399] [ 27.974466] Memory state around the buggy address: [ 27.975068] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.975271] fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.975423] >fff00000c5a2a700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.975614] ^ [ 27.975737] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.975916] fff00000c5a2a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.976019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 27.869051] ================================================================== [ 27.869259] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 27.869426] Read of size 1 at addr fff00000c775e1a8 by task kunit_try_catch/190 [ 27.869599] [ 27.869693] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.869931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.870009] Hardware name: linux,dummy-virt (DT) [ 27.870117] Call trace: [ 27.870245] show_stack+0x20/0x38 (C) [ 27.870737] dump_stack_lvl+0x8c/0xd0 [ 27.871117] print_report+0x118/0x608 [ 27.871617] kasan_report+0xdc/0x128 [ 27.871857] __asan_report_load1_noabort+0x20/0x30 [ 27.872293] kmalloc_uaf2+0x3f4/0x468 [ 27.872691] kunit_try_run_case+0x170/0x3f0 [ 27.873040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.873222] kthread+0x328/0x630 [ 27.873328] ret_from_fork+0x10/0x20 [ 27.873740] [ 27.873935] Allocated by task 190: [ 27.874027] kasan_save_stack+0x3c/0x68 [ 27.874149] kasan_save_track+0x20/0x40 [ 27.874332] kasan_save_alloc_info+0x40/0x58 [ 27.874648] __kasan_kmalloc+0xd4/0xd8 [ 27.874853] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.874984] kmalloc_uaf2+0xc4/0x468 [ 27.875099] kunit_try_run_case+0x170/0x3f0 [ 27.875212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.875938] kthread+0x328/0x630 [ 27.876479] ret_from_fork+0x10/0x20 [ 27.876626] [ 27.876681] Freed by task 190: [ 27.876759] kasan_save_stack+0x3c/0x68 [ 27.876870] kasan_save_track+0x20/0x40 [ 27.876967] kasan_save_free_info+0x4c/0x78 [ 27.877054] __kasan_slab_free+0x6c/0x98 [ 27.877492] kfree+0x214/0x3c8 [ 27.877977] kmalloc_uaf2+0x134/0x468 [ 27.878303] kunit_try_run_case+0x170/0x3f0 [ 27.878432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.878587] kthread+0x328/0x630 [ 27.878689] ret_from_fork+0x10/0x20 [ 27.878788] [ 27.879405] The buggy address belongs to the object at fff00000c775e180 [ 27.879405] which belongs to the cache kmalloc-64 of size 64 [ 27.880039] The buggy address is located 40 bytes inside of [ 27.880039] freed 64-byte region [fff00000c775e180, fff00000c775e1c0) [ 27.880373] [ 27.880438] The buggy address belongs to the physical page: [ 27.880623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775e [ 27.880782] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.880930] page_type: f5(slab) [ 27.881037] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.883516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.884124] page dumped because: kasan: bad access detected [ 27.884225] [ 27.884376] Memory state around the buggy address: [ 27.884672] fff00000c775e080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.885095] fff00000c775e100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.885400] >fff00000c775e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.885762] ^ [ 27.885899] fff00000c775e200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 27.886033] fff00000c775e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.886847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 27.804136] ================================================================== [ 27.804661] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 27.804911] Write of size 33 at addr fff00000c775e080 by task kunit_try_catch/188 [ 27.805315] [ 27.805683] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.806063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.806155] Hardware name: linux,dummy-virt (DT) [ 27.806382] Call trace: [ 27.806651] show_stack+0x20/0x38 (C) [ 27.807107] dump_stack_lvl+0x8c/0xd0 [ 27.807499] print_report+0x118/0x608 [ 27.807636] kasan_report+0xdc/0x128 [ 27.807753] kasan_check_range+0x100/0x1a8 [ 27.807899] __asan_memset+0x34/0x78 [ 27.808036] kmalloc_uaf_memset+0x170/0x310 [ 27.808245] kunit_try_run_case+0x170/0x3f0 [ 27.808633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.809299] kthread+0x328/0x630 [ 27.809551] ret_from_fork+0x10/0x20 [ 27.809864] [ 27.809998] Allocated by task 188: [ 27.810151] kasan_save_stack+0x3c/0x68 [ 27.810271] kasan_save_track+0x20/0x40 [ 27.810382] kasan_save_alloc_info+0x40/0x58 [ 27.810510] __kasan_kmalloc+0xd4/0xd8 [ 27.810618] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.810744] kmalloc_uaf_memset+0xb8/0x310 [ 27.810857] kunit_try_run_case+0x170/0x3f0 [ 27.810977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.811111] kthread+0x328/0x630 [ 27.812082] ret_from_fork+0x10/0x20 [ 27.812513] [ 27.812573] Freed by task 188: [ 27.812656] kasan_save_stack+0x3c/0x68 [ 27.812759] kasan_save_track+0x20/0x40 [ 27.813061] kasan_save_free_info+0x4c/0x78 [ 27.813329] __kasan_slab_free+0x6c/0x98 [ 27.813651] kfree+0x214/0x3c8 [ 27.814072] kmalloc_uaf_memset+0x11c/0x310 [ 27.814324] kunit_try_run_case+0x170/0x3f0 [ 27.814649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.814904] kthread+0x328/0x630 [ 27.815219] ret_from_fork+0x10/0x20 [ 27.815361] [ 27.815427] The buggy address belongs to the object at fff00000c775e080 [ 27.815427] which belongs to the cache kmalloc-64 of size 64 [ 27.815620] The buggy address is located 0 bytes inside of [ 27.815620] freed 64-byte region [fff00000c775e080, fff00000c775e0c0) [ 27.815812] [ 27.815870] The buggy address belongs to the physical page: [ 27.816610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10775e [ 27.817427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.817738] page_type: f5(slab) [ 27.817972] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.818150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.818597] page dumped because: kasan: bad access detected [ 27.818718] [ 27.818770] Memory state around the buggy address: [ 27.818870] fff00000c775df80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.819007] fff00000c775e000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.819138] >fff00000c775e080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.819256] ^ [ 27.819341] fff00000c775e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.820394] fff00000c775e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.821558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 27.777961] ================================================================== [ 27.778153] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 27.778320] Read of size 1 at addr fff00000c5a2a6e8 by task kunit_try_catch/186 [ 27.778486] [ 27.778582] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.778827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.778909] Hardware name: linux,dummy-virt (DT) [ 27.778998] Call trace: [ 27.779079] show_stack+0x20/0x38 (C) [ 27.779221] dump_stack_lvl+0x8c/0xd0 [ 27.779368] print_report+0x118/0x608 [ 27.779515] kasan_report+0xdc/0x128 [ 27.779638] __asan_report_load1_noabort+0x20/0x30 [ 27.779846] kmalloc_uaf+0x300/0x338 [ 27.780438] kunit_try_run_case+0x170/0x3f0 [ 27.780604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.780782] kthread+0x328/0x630 [ 27.780898] ret_from_fork+0x10/0x20 [ 27.781028] [ 27.781087] Allocated by task 186: [ 27.781400] kasan_save_stack+0x3c/0x68 [ 27.781551] kasan_save_track+0x20/0x40 [ 27.781674] kasan_save_alloc_info+0x40/0x58 [ 27.781785] __kasan_kmalloc+0xd4/0xd8 [ 27.781902] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.782029] kmalloc_uaf+0xb8/0x338 [ 27.782184] kunit_try_run_case+0x170/0x3f0 [ 27.782307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.782437] kthread+0x328/0x630 [ 27.782664] ret_from_fork+0x10/0x20 [ 27.782800] [ 27.783042] Freed by task 186: [ 27.783415] kasan_save_stack+0x3c/0x68 [ 27.783762] kasan_save_track+0x20/0x40 [ 27.783979] kasan_save_free_info+0x4c/0x78 [ 27.784109] __kasan_slab_free+0x6c/0x98 [ 27.784200] kfree+0x214/0x3c8 [ 27.784320] kmalloc_uaf+0x11c/0x338 [ 27.784416] kunit_try_run_case+0x170/0x3f0 [ 27.784577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.784756] kthread+0x328/0x630 [ 27.784916] ret_from_fork+0x10/0x20 [ 27.785019] [ 27.785076] The buggy address belongs to the object at fff00000c5a2a6e0 [ 27.785076] which belongs to the cache kmalloc-16 of size 16 [ 27.785273] The buggy address is located 8 bytes inside of [ 27.785273] freed 16-byte region [fff00000c5a2a6e0, fff00000c5a2a6f0) [ 27.785544] [ 27.785604] The buggy address belongs to the physical page: [ 27.785717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 27.785889] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.786037] page_type: f5(slab) [ 27.786149] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.786344] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.786476] page dumped because: kasan: bad access detected [ 27.786564] [ 27.786614] Memory state around the buggy address: [ 27.786703] fff00000c5a2a580: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.786884] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.787068] >fff00000c5a2a680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.787208] ^ [ 27.787327] fff00000c5a2a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.787485] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.787631] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 27.745640] ================================================================== [ 27.746032] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 27.746228] Read of size 64 at addr fff00000c7770d84 by task kunit_try_catch/184 [ 27.746420] [ 27.746723] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.747058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.747196] Hardware name: linux,dummy-virt (DT) [ 27.747301] Call trace: [ 27.747427] show_stack+0x20/0x38 (C) [ 27.748187] dump_stack_lvl+0x8c/0xd0 [ 27.748399] print_report+0x118/0x608 [ 27.748603] kasan_report+0xdc/0x128 [ 27.748773] kasan_check_range+0x100/0x1a8 [ 27.748892] __asan_memmove+0x3c/0x98 [ 27.749002] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 27.749223] kunit_try_run_case+0x170/0x3f0 [ 27.749428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.749676] kthread+0x328/0x630 [ 27.749856] ret_from_fork+0x10/0x20 [ 27.750011] [ 27.750073] Allocated by task 184: [ 27.750193] kasan_save_stack+0x3c/0x68 [ 27.750353] kasan_save_track+0x20/0x40 [ 27.750497] kasan_save_alloc_info+0x40/0x58 [ 27.750602] __kasan_kmalloc+0xd4/0xd8 [ 27.751176] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.751603] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 27.752025] kunit_try_run_case+0x170/0x3f0 [ 27.752203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.752351] kthread+0x328/0x630 [ 27.752461] ret_from_fork+0x10/0x20 [ 27.752569] [ 27.752879] The buggy address belongs to the object at fff00000c7770d80 [ 27.752879] which belongs to the cache kmalloc-64 of size 64 [ 27.753100] The buggy address is located 4 bytes inside of [ 27.753100] allocated 64-byte region [fff00000c7770d80, fff00000c7770dc0) [ 27.753327] [ 27.753394] The buggy address belongs to the physical page: [ 27.753537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 27.753790] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.753936] page_type: f5(slab) [ 27.754054] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.754225] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.754397] page dumped because: kasan: bad access detected [ 27.754557] [ 27.754866] Memory state around the buggy address: [ 27.755233] fff00000c7770c80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.755425] fff00000c7770d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.756191] >fff00000c7770d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 27.756294] ^ [ 27.756395] fff00000c7770e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.757597] fff00000c7770e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.757737] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 27.707334] ================================================================== [ 27.708064] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 27.708253] Read of size 18446744073709551614 at addr fff00000c7770c04 by task kunit_try_catch/182 [ 27.708486] [ 27.708581] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.708803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.708866] Hardware name: linux,dummy-virt (DT) [ 27.708944] Call trace: [ 27.709009] show_stack+0x20/0x38 (C) [ 27.709155] dump_stack_lvl+0x8c/0xd0 [ 27.709294] print_report+0x118/0x608 [ 27.709424] kasan_report+0xdc/0x128 [ 27.710282] kasan_check_range+0x100/0x1a8 [ 27.710916] __asan_memmove+0x3c/0x98 [ 27.710998] kmalloc_memmove_negative_size+0x154/0x2e0 [ 27.711118] kunit_try_run_case+0x170/0x3f0 [ 27.711306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.711557] kthread+0x328/0x630 [ 27.711741] ret_from_fork+0x10/0x20 [ 27.711894] [ 27.711941] Allocated by task 182: [ 27.712002] kasan_save_stack+0x3c/0x68 [ 27.712104] kasan_save_track+0x20/0x40 [ 27.712250] kasan_save_alloc_info+0x40/0x58 [ 27.712358] __kasan_kmalloc+0xd4/0xd8 [ 27.712497] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.712647] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 27.712764] kunit_try_run_case+0x170/0x3f0 [ 27.712876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.712980] kthread+0x328/0x630 [ 27.713060] ret_from_fork+0x10/0x20 [ 27.713148] [ 27.713201] The buggy address belongs to the object at fff00000c7770c00 [ 27.713201] which belongs to the cache kmalloc-64 of size 64 [ 27.713367] The buggy address is located 4 bytes inside of [ 27.713367] 64-byte region [fff00000c7770c00, fff00000c7770c40) [ 27.713569] [ 27.713621] The buggy address belongs to the physical page: [ 27.713706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 27.714154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.714332] page_type: f5(slab) [ 27.714522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.714720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.714886] page dumped because: kasan: bad access detected [ 27.715015] [ 27.715079] Memory state around the buggy address: [ 27.715168] fff00000c7770b00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 27.715327] fff00000c7770b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.715532] >fff00000c7770c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 27.715695] ^ [ 27.715780] fff00000c7770c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.715904] fff00000c7770d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.716024] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 27.667083] ================================================================== [ 27.667282] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 27.667476] Write of size 16 at addr fff00000c5a34e69 by task kunit_try_catch/180 [ 27.668243] [ 27.668460] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.668974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.669064] Hardware name: linux,dummy-virt (DT) [ 27.669155] Call trace: [ 27.669221] show_stack+0x20/0x38 (C) [ 27.669738] dump_stack_lvl+0x8c/0xd0 [ 27.669986] print_report+0x118/0x608 [ 27.670317] kasan_report+0xdc/0x128 [ 27.670539] kasan_check_range+0x100/0x1a8 [ 27.670810] __asan_memset+0x34/0x78 [ 27.671045] kmalloc_oob_memset_16+0x150/0x2f8 [ 27.671344] kunit_try_run_case+0x170/0x3f0 [ 27.671834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.671981] kthread+0x328/0x630 [ 27.672111] ret_from_fork+0x10/0x20 [ 27.672252] [ 27.672308] Allocated by task 180: [ 27.672388] kasan_save_stack+0x3c/0x68 [ 27.672923] kasan_save_track+0x20/0x40 [ 27.673385] kasan_save_alloc_info+0x40/0x58 [ 27.673544] __kasan_kmalloc+0xd4/0xd8 [ 27.673651] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.673968] kmalloc_oob_memset_16+0xb0/0x2f8 [ 27.674547] kunit_try_run_case+0x170/0x3f0 [ 27.674763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.675055] kthread+0x328/0x630 [ 27.675608] ret_from_fork+0x10/0x20 [ 27.675742] [ 27.675913] The buggy address belongs to the object at fff00000c5a34e00 [ 27.675913] which belongs to the cache kmalloc-128 of size 128 [ 27.676303] The buggy address is located 105 bytes inside of [ 27.676303] allocated 120-byte region [fff00000c5a34e00, fff00000c5a34e78) [ 27.676768] [ 27.676920] The buggy address belongs to the physical page: [ 27.677070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 27.677430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.677818] page_type: f5(slab) [ 27.678080] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.678337] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.678884] page dumped because: kasan: bad access detected [ 27.678999] [ 27.679053] Memory state around the buggy address: [ 27.679146] fff00000c5a34d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.679797] fff00000c5a34d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.680117] >fff00000c5a34e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.680256] ^ [ 27.680357] fff00000c5a34e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.680483] fff00000c5a34f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.680592] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 27.594077] ================================================================== [ 27.594323] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 27.594772] Write of size 4 at addr fff00000c5a34c75 by task kunit_try_catch/176 [ 27.594979] [ 27.595162] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.595568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.595683] Hardware name: linux,dummy-virt (DT) [ 27.595874] Call trace: [ 27.596053] show_stack+0x20/0x38 (C) [ 27.596334] dump_stack_lvl+0x8c/0xd0 [ 27.596522] print_report+0x118/0x608 [ 27.596933] kasan_report+0xdc/0x128 [ 27.597100] kasan_check_range+0x100/0x1a8 [ 27.597172] __asan_memset+0x34/0x78 [ 27.597235] kmalloc_oob_memset_4+0x150/0x300 [ 27.597303] kunit_try_run_case+0x170/0x3f0 [ 27.597371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.597459] kthread+0x328/0x630 [ 27.597802] ret_from_fork+0x10/0x20 [ 27.598031] [ 27.598099] Allocated by task 176: [ 27.598570] kasan_save_stack+0x3c/0x68 [ 27.598789] kasan_save_track+0x20/0x40 [ 27.598917] kasan_save_alloc_info+0x40/0x58 [ 27.599088] __kasan_kmalloc+0xd4/0xd8 [ 27.599205] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.599687] kmalloc_oob_memset_4+0xb0/0x300 [ 27.599963] kunit_try_run_case+0x170/0x3f0 [ 27.600140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.600292] kthread+0x328/0x630 [ 27.600396] ret_from_fork+0x10/0x20 [ 27.600501] [ 27.600550] The buggy address belongs to the object at fff00000c5a34c00 [ 27.600550] which belongs to the cache kmalloc-128 of size 128 [ 27.600728] The buggy address is located 117 bytes inside of [ 27.600728] allocated 120-byte region [fff00000c5a34c00, fff00000c5a34c78) [ 27.600915] [ 27.600985] The buggy address belongs to the physical page: [ 27.601109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 27.601381] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.601747] page_type: f5(slab) [ 27.602004] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.602241] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.602368] page dumped because: kasan: bad access detected [ 27.602471] [ 27.602523] Memory state around the buggy address: [ 27.602617] fff00000c5a34b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.602745] fff00000c5a34b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.602871] >fff00000c5a34c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.602983] ^ [ 27.603101] fff00000c5a34c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.603226] fff00000c5a34d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.603340] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 27.562251] ================================================================== [ 27.562570] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 27.562762] Write of size 2 at addr fff00000c5a34b77 by task kunit_try_catch/174 [ 27.562946] [ 27.563081] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.563415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.563504] Hardware name: linux,dummy-virt (DT) [ 27.563579] Call trace: [ 27.563641] show_stack+0x20/0x38 (C) [ 27.563812] dump_stack_lvl+0x8c/0xd0 [ 27.563985] print_report+0x118/0x608 [ 27.564125] kasan_report+0xdc/0x128 [ 27.564297] kasan_check_range+0x100/0x1a8 [ 27.564463] __asan_memset+0x34/0x78 [ 27.564671] kmalloc_oob_memset_2+0x150/0x2f8 [ 27.564877] kunit_try_run_case+0x170/0x3f0 [ 27.565066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.565197] kthread+0x328/0x630 [ 27.565328] ret_from_fork+0x10/0x20 [ 27.565470] [ 27.565523] Allocated by task 174: [ 27.565624] kasan_save_stack+0x3c/0x68 [ 27.565744] kasan_save_track+0x20/0x40 [ 27.565845] kasan_save_alloc_info+0x40/0x58 [ 27.565944] __kasan_kmalloc+0xd4/0xd8 [ 27.566033] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.566129] kmalloc_oob_memset_2+0xb0/0x2f8 [ 27.566226] kunit_try_run_case+0x170/0x3f0 [ 27.566326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.566480] kthread+0x328/0x630 [ 27.566653] ret_from_fork+0x10/0x20 [ 27.566762] [ 27.566987] The buggy address belongs to the object at fff00000c5a34b00 [ 27.566987] which belongs to the cache kmalloc-128 of size 128 [ 27.567341] The buggy address is located 119 bytes inside of [ 27.567341] allocated 120-byte region [fff00000c5a34b00, fff00000c5a34b78) [ 27.567636] [ 27.567996] The buggy address belongs to the physical page: [ 27.568094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 27.568361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.568851] page_type: f5(slab) [ 27.569007] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.569154] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.569273] page dumped because: kasan: bad access detected [ 27.569352] [ 27.569394] Memory state around the buggy address: [ 27.569706] fff00000c5a34a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.570026] fff00000c5a34a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.570411] >fff00000c5a34b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.570683] ^ [ 27.570855] fff00000c5a34b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.571327] fff00000c5a34c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.571481] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 27.438418] ================================================================== [ 27.438628] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 27.438792] Read of size 16 at addr fff00000c5a2a6c0 by task kunit_try_catch/170 [ 27.438938] [ 27.439029] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.439264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.439342] Hardware name: linux,dummy-virt (DT) [ 27.440146] Call trace: [ 27.440263] show_stack+0x20/0x38 (C) [ 27.440903] dump_stack_lvl+0x8c/0xd0 [ 27.441328] print_report+0x118/0x608 [ 27.441960] kasan_report+0xdc/0x128 [ 27.442114] __asan_report_load16_noabort+0x20/0x30 [ 27.442263] kmalloc_uaf_16+0x3bc/0x438 [ 27.442401] kunit_try_run_case+0x170/0x3f0 [ 27.442562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.443223] kthread+0x328/0x630 [ 27.443536] ret_from_fork+0x10/0x20 [ 27.443781] [ 27.443836] Allocated by task 170: [ 27.444019] kasan_save_stack+0x3c/0x68 [ 27.444247] kasan_save_track+0x20/0x40 [ 27.444828] kasan_save_alloc_info+0x40/0x58 [ 27.445047] __kasan_kmalloc+0xd4/0xd8 [ 27.445178] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.445387] kmalloc_uaf_16+0x140/0x438 [ 27.445526] kunit_try_run_case+0x170/0x3f0 [ 27.445643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.445867] kthread+0x328/0x630 [ 27.445979] ret_from_fork+0x10/0x20 [ 27.447240] [ 27.447924] Freed by task 170: [ 27.448025] kasan_save_stack+0x3c/0x68 [ 27.448155] kasan_save_track+0x20/0x40 [ 27.448261] kasan_save_free_info+0x4c/0x78 [ 27.448372] __kasan_slab_free+0x6c/0x98 [ 27.448492] kfree+0x214/0x3c8 [ 27.448595] kmalloc_uaf_16+0x190/0x438 [ 27.448685] kunit_try_run_case+0x170/0x3f0 [ 27.448768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.449235] kthread+0x328/0x630 [ 27.450047] ret_from_fork+0x10/0x20 [ 27.450434] [ 27.450514] The buggy address belongs to the object at fff00000c5a2a6c0 [ 27.450514] which belongs to the cache kmalloc-16 of size 16 [ 27.450700] The buggy address is located 0 bytes inside of [ 27.450700] freed 16-byte region [fff00000c5a2a6c0, fff00000c5a2a6d0) [ 27.450879] [ 27.452320] The buggy address belongs to the physical page: [ 27.452421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 27.452605] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.452751] page_type: f5(slab) [ 27.452861] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.453009] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.453831] page dumped because: kasan: bad access detected [ 27.453993] [ 27.454050] Memory state around the buggy address: [ 27.454211] fff00000c5a2a580: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.454353] fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.454689] >fff00000c5a2a680: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 27.455200] ^ [ 27.455364] fff00000c5a2a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.455519] fff00000c5a2a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.455635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 27.349218] ================================================================== [ 27.349441] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 27.349849] Read of size 1 at addr fff00000c1a54a00 by task kunit_try_catch/166 [ 27.350111] [ 27.350312] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.350860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.350942] Hardware name: linux,dummy-virt (DT) [ 27.351322] Call trace: [ 27.351508] show_stack+0x20/0x38 (C) [ 27.351737] dump_stack_lvl+0x8c/0xd0 [ 27.352246] print_report+0x118/0x608 [ 27.352387] kasan_report+0xdc/0x128 [ 27.352534] __kasan_check_byte+0x54/0x70 [ 27.352774] krealloc_noprof+0x44/0x360 [ 27.353030] krealloc_uaf+0x180/0x520 [ 27.353521] kunit_try_run_case+0x170/0x3f0 [ 27.353833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.354129] kthread+0x328/0x630 [ 27.354500] ret_from_fork+0x10/0x20 [ 27.354899] [ 27.354984] Allocated by task 166: [ 27.355086] kasan_save_stack+0x3c/0x68 [ 27.355534] kasan_save_track+0x20/0x40 [ 27.355673] kasan_save_alloc_info+0x40/0x58 [ 27.355864] __kasan_kmalloc+0xd4/0xd8 [ 27.356013] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.356135] krealloc_uaf+0xc8/0x520 [ 27.356288] kunit_try_run_case+0x170/0x3f0 [ 27.356404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.356525] kthread+0x328/0x630 [ 27.356603] ret_from_fork+0x10/0x20 [ 27.356715] [ 27.356769] Freed by task 166: [ 27.356845] kasan_save_stack+0x3c/0x68 [ 27.356953] kasan_save_track+0x20/0x40 [ 27.357051] kasan_save_free_info+0x4c/0x78 [ 27.357186] __kasan_slab_free+0x6c/0x98 [ 27.357291] kfree+0x214/0x3c8 [ 27.357389] krealloc_uaf+0x12c/0x520 [ 27.357528] kunit_try_run_case+0x170/0x3f0 [ 27.357644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.357771] kthread+0x328/0x630 [ 27.357895] ret_from_fork+0x10/0x20 [ 27.358015] [ 27.358120] The buggy address belongs to the object at fff00000c1a54a00 [ 27.358120] which belongs to the cache kmalloc-256 of size 256 [ 27.358415] The buggy address is located 0 bytes inside of [ 27.358415] freed 256-byte region [fff00000c1a54a00, fff00000c1a54b00) [ 27.358636] [ 27.358699] The buggy address belongs to the physical page: [ 27.358800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.359022] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.359208] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.359403] page_type: f5(slab) [ 27.359537] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.359734] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.359881] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.360054] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.360214] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.360347] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.360501] page dumped because: kasan: bad access detected [ 27.360697] [ 27.360754] Memory state around the buggy address: [ 27.360845] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.360957] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.361052] >fff00000c1a54a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.361131] ^ [ 27.361237] fff00000c1a54a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.361380] fff00000c1a54b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.361503] ================================================================== [ 27.363181] ================================================================== [ 27.363382] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 27.363603] Read of size 1 at addr fff00000c1a54a00 by task kunit_try_catch/166 [ 27.363795] [ 27.363918] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.364128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.364201] Hardware name: linux,dummy-virt (DT) [ 27.364323] Call trace: [ 27.364401] show_stack+0x20/0x38 (C) [ 27.364554] dump_stack_lvl+0x8c/0xd0 [ 27.364710] print_report+0x118/0x608 [ 27.364844] kasan_report+0xdc/0x128 [ 27.364960] __asan_report_load1_noabort+0x20/0x30 [ 27.365082] krealloc_uaf+0x4c8/0x520 [ 27.365200] kunit_try_run_case+0x170/0x3f0 [ 27.365351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.365557] kthread+0x328/0x630 [ 27.365774] ret_from_fork+0x10/0x20 [ 27.366000] [ 27.366077] Allocated by task 166: [ 27.366155] kasan_save_stack+0x3c/0x68 [ 27.366309] kasan_save_track+0x20/0x40 [ 27.366417] kasan_save_alloc_info+0x40/0x58 [ 27.366533] __kasan_kmalloc+0xd4/0xd8 [ 27.366630] __kmalloc_cache_noprof+0x15c/0x3c0 [ 27.366744] krealloc_uaf+0xc8/0x520 [ 27.366854] kunit_try_run_case+0x170/0x3f0 [ 27.366965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.367088] kthread+0x328/0x630 [ 27.367193] ret_from_fork+0x10/0x20 [ 27.367296] [ 27.367350] Freed by task 166: [ 27.367437] kasan_save_stack+0x3c/0x68 [ 27.367561] kasan_save_track+0x20/0x40 [ 27.367703] kasan_save_free_info+0x4c/0x78 [ 27.367813] __kasan_slab_free+0x6c/0x98 [ 27.367947] kfree+0x214/0x3c8 [ 27.368047] krealloc_uaf+0x12c/0x520 [ 27.368157] kunit_try_run_case+0x170/0x3f0 [ 27.368260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.368421] kthread+0x328/0x630 [ 27.368550] ret_from_fork+0x10/0x20 [ 27.368656] [ 27.368711] The buggy address belongs to the object at fff00000c1a54a00 [ 27.368711] which belongs to the cache kmalloc-256 of size 256 [ 27.368883] The buggy address is located 0 bytes inside of [ 27.368883] freed 256-byte region [fff00000c1a54a00, fff00000c1a54b00) [ 27.369045] [ 27.369091] The buggy address belongs to the physical page: [ 27.369162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.369683] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.369826] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.369992] page_type: f5(slab) [ 27.370149] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.370298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.370461] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.370608] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.370773] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.370974] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.371142] page dumped because: kasan: bad access detected [ 27.371226] [ 27.371276] Memory state around the buggy address: [ 27.371411] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.371550] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.371774] >fff00000c1a54a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.371886] ^ [ 27.371967] fff00000c1a54a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.372113] fff00000c1a54b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.372245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 27.160639] ================================================================== [ 27.160784] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 27.160934] Write of size 1 at addr fff00000c1a548eb by task kunit_try_catch/160 [ 27.161085] [ 27.161208] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.162064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.162172] Hardware name: linux,dummy-virt (DT) [ 27.162285] Call trace: [ 27.162467] show_stack+0x20/0x38 (C) [ 27.162734] dump_stack_lvl+0x8c/0xd0 [ 27.162887] print_report+0x118/0x608 [ 27.163016] kasan_report+0xdc/0x128 [ 27.163150] __asan_report_store1_noabort+0x20/0x30 [ 27.163300] krealloc_less_oob_helper+0xa58/0xc50 [ 27.163851] krealloc_less_oob+0x20/0x38 [ 27.164840] kunit_try_run_case+0x170/0x3f0 [ 27.164990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.165151] kthread+0x328/0x630 [ 27.165437] ret_from_fork+0x10/0x20 [ 27.165723] [ 27.165780] Allocated by task 160: [ 27.165970] kasan_save_stack+0x3c/0x68 [ 27.166623] kasan_save_track+0x20/0x40 [ 27.166760] kasan_save_alloc_info+0x40/0x58 [ 27.166873] __kasan_krealloc+0x118/0x178 [ 27.167085] krealloc_noprof+0x128/0x360 [ 27.167191] krealloc_less_oob_helper+0x168/0xc50 [ 27.167324] krealloc_less_oob+0x20/0x38 [ 27.167478] kunit_try_run_case+0x170/0x3f0 [ 27.167595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.167734] kthread+0x328/0x630 [ 27.167845] ret_from_fork+0x10/0x20 [ 27.168204] [ 27.168788] The buggy address belongs to the object at fff00000c1a54800 [ 27.168788] which belongs to the cache kmalloc-256 of size 256 [ 27.169117] The buggy address is located 34 bytes to the right of [ 27.169117] allocated 201-byte region [fff00000c1a54800, fff00000c1a548c9) [ 27.169461] [ 27.169532] The buggy address belongs to the physical page: [ 27.169877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.170091] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.170249] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.170407] page_type: f5(slab) [ 27.170534] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.171791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.172373] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.172558] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.172674] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.172782] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.172903] page dumped because: kasan: bad access detected [ 27.172994] [ 27.173550] Memory state around the buggy address: [ 27.173945] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.174295] fff00000c1a54800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.174474] >fff00000c1a54880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.174593] ^ [ 27.174749] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.174942] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.175517] ================================================================== [ 27.095479] ================================================================== [ 27.095662] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 27.096121] Write of size 1 at addr fff00000c1a548c9 by task kunit_try_catch/160 [ 27.096545] [ 27.096817] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.097435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.097538] Hardware name: linux,dummy-virt (DT) [ 27.097631] Call trace: [ 27.097698] show_stack+0x20/0x38 (C) [ 27.097846] dump_stack_lvl+0x8c/0xd0 [ 27.097987] print_report+0x118/0x608 [ 27.098123] kasan_report+0xdc/0x128 [ 27.098262] __asan_report_store1_noabort+0x20/0x30 [ 27.098473] krealloc_less_oob_helper+0xa48/0xc50 [ 27.098605] krealloc_less_oob+0x20/0x38 [ 27.099073] kunit_try_run_case+0x170/0x3f0 [ 27.099260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.099442] kthread+0x328/0x630 [ 27.099626] ret_from_fork+0x10/0x20 [ 27.099790] [ 27.099840] Allocated by task 160: [ 27.099912] kasan_save_stack+0x3c/0x68 [ 27.100018] kasan_save_track+0x20/0x40 [ 27.100203] kasan_save_alloc_info+0x40/0x58 [ 27.100611] __kasan_krealloc+0x118/0x178 [ 27.100804] krealloc_noprof+0x128/0x360 [ 27.100917] krealloc_less_oob_helper+0x168/0xc50 [ 27.101028] krealloc_less_oob+0x20/0x38 [ 27.101140] kunit_try_run_case+0x170/0x3f0 [ 27.101252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.101381] kthread+0x328/0x630 [ 27.101501] ret_from_fork+0x10/0x20 [ 27.101606] [ 27.101658] The buggy address belongs to the object at fff00000c1a54800 [ 27.101658] which belongs to the cache kmalloc-256 of size 256 [ 27.101790] The buggy address is located 0 bytes to the right of [ 27.101790] allocated 201-byte region [fff00000c1a54800, fff00000c1a548c9) [ 27.101945] [ 27.102000] The buggy address belongs to the physical page: [ 27.102208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.102353] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.102690] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.102935] page_type: f5(slab) [ 27.103096] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.103249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.103430] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.103648] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.103792] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.103945] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.104053] page dumped because: kasan: bad access detected [ 27.104140] [ 27.104465] Memory state around the buggy address: [ 27.104571] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.104701] fff00000c1a54800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.104829] >fff00000c1a54880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.104932] ^ [ 27.105350] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.105502] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.106110] ================================================================== [ 27.258677] ================================================================== [ 27.258933] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 27.259111] Write of size 1 at addr fff00000c77da0c9 by task kunit_try_catch/164 [ 27.259312] [ 27.259465] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.259673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.259752] Hardware name: linux,dummy-virt (DT) [ 27.259843] Call trace: [ 27.259953] show_stack+0x20/0x38 (C) [ 27.260107] dump_stack_lvl+0x8c/0xd0 [ 27.260243] print_report+0x118/0x608 [ 27.260469] kasan_report+0xdc/0x128 [ 27.260601] __asan_report_store1_noabort+0x20/0x30 [ 27.260740] krealloc_less_oob_helper+0xa48/0xc50 [ 27.260907] krealloc_large_less_oob+0x20/0x38 [ 27.261045] kunit_try_run_case+0x170/0x3f0 [ 27.261164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.261314] kthread+0x328/0x630 [ 27.261389] ret_from_fork+0x10/0x20 [ 27.261508] [ 27.261566] The buggy address belongs to the physical page: [ 27.261676] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.261832] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.261967] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.262124] page_type: f8(unknown) [ 27.262235] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.262378] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.262544] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.262688] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.262839] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.262973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.263086] page dumped because: kasan: bad access detected [ 27.263197] [ 27.263245] Memory state around the buggy address: [ 27.263340] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.263486] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.263648] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.263832] ^ [ 27.263970] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.264098] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.264212] ================================================================== [ 27.281773] ================================================================== [ 27.281902] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 27.282048] Write of size 1 at addr fff00000c77da0da by task kunit_try_catch/164 [ 27.282192] [ 27.282284] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.285000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.285361] Hardware name: linux,dummy-virt (DT) [ 27.285951] Call trace: [ 27.286457] show_stack+0x20/0x38 (C) [ 27.287183] dump_stack_lvl+0x8c/0xd0 [ 27.288100] print_report+0x118/0x608 [ 27.288299] kasan_report+0xdc/0x128 [ 27.288415] __asan_report_store1_noabort+0x20/0x30 [ 27.289345] krealloc_less_oob_helper+0xa80/0xc50 [ 27.289686] krealloc_large_less_oob+0x20/0x38 [ 27.290462] kunit_try_run_case+0x170/0x3f0 [ 27.290750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.291033] kthread+0x328/0x630 [ 27.291626] ret_from_fork+0x10/0x20 [ 27.291793] [ 27.291904] The buggy address belongs to the physical page: [ 27.292271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.292700] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.292904] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.295877] page_type: f8(unknown) [ 27.296055] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.296304] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.296509] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.296628] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.296941] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.297096] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.297355] page dumped because: kasan: bad access detected [ 27.297839] [ 27.297908] Memory state around the buggy address: [ 27.298094] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.298337] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.298542] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.298670] ^ [ 27.298784] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.298948] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.299126] ================================================================== [ 27.313821] ================================================================== [ 27.314232] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 27.314559] Write of size 1 at addr fff00000c77da0eb by task kunit_try_catch/164 [ 27.314798] [ 27.315053] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.315579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.315661] Hardware name: linux,dummy-virt (DT) [ 27.315852] Call trace: [ 27.316023] show_stack+0x20/0x38 (C) [ 27.316330] dump_stack_lvl+0x8c/0xd0 [ 27.316486] print_report+0x118/0x608 [ 27.316620] kasan_report+0xdc/0x128 [ 27.316733] __asan_report_store1_noabort+0x20/0x30 [ 27.317045] krealloc_less_oob_helper+0xa58/0xc50 [ 27.317311] krealloc_large_less_oob+0x20/0x38 [ 27.317654] kunit_try_run_case+0x170/0x3f0 [ 27.317927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.318304] kthread+0x328/0x630 [ 27.318608] ret_from_fork+0x10/0x20 [ 27.319233] [ 27.319407] The buggy address belongs to the physical page: [ 27.319662] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.319848] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.319982] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.320117] page_type: f8(unknown) [ 27.320211] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.320344] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.320500] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.320644] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.321225] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.321784] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.322237] page dumped because: kasan: bad access detected [ 27.322443] [ 27.322510] Memory state around the buggy address: [ 27.322619] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.322788] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.322942] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.323065] ^ [ 27.323230] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.323415] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.323591] ================================================================== [ 27.122828] ================================================================== [ 27.122963] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 27.123108] Write of size 1 at addr fff00000c1a548da by task kunit_try_catch/160 [ 27.123250] [ 27.123339] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.125891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.126281] Hardware name: linux,dummy-virt (DT) [ 27.126799] Call trace: [ 27.126889] show_stack+0x20/0x38 (C) [ 27.127053] dump_stack_lvl+0x8c/0xd0 [ 27.127194] print_report+0x118/0x608 [ 27.128099] kasan_report+0xdc/0x128 [ 27.128351] __asan_report_store1_noabort+0x20/0x30 [ 27.128497] krealloc_less_oob_helper+0xa80/0xc50 [ 27.129222] krealloc_less_oob+0x20/0x38 [ 27.129392] kunit_try_run_case+0x170/0x3f0 [ 27.129750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.130391] kthread+0x328/0x630 [ 27.130876] ret_from_fork+0x10/0x20 [ 27.131058] [ 27.131113] Allocated by task 160: [ 27.131197] kasan_save_stack+0x3c/0x68 [ 27.131570] kasan_save_track+0x20/0x40 [ 27.131709] kasan_save_alloc_info+0x40/0x58 [ 27.131891] __kasan_krealloc+0x118/0x178 [ 27.132144] krealloc_noprof+0x128/0x360 [ 27.132256] krealloc_less_oob_helper+0x168/0xc50 [ 27.132359] krealloc_less_oob+0x20/0x38 [ 27.132464] kunit_try_run_case+0x170/0x3f0 [ 27.133232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.133516] kthread+0x328/0x630 [ 27.133964] ret_from_fork+0x10/0x20 [ 27.134333] [ 27.134409] The buggy address belongs to the object at fff00000c1a54800 [ 27.134409] which belongs to the cache kmalloc-256 of size 256 [ 27.134941] The buggy address is located 17 bytes to the right of [ 27.134941] allocated 201-byte region [fff00000c1a54800, fff00000c1a548c9) [ 27.135514] [ 27.135576] The buggy address belongs to the physical page: [ 27.136045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.136631] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.136777] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.136937] page_type: f5(slab) [ 27.138053] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.138249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.138463] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.138898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.139316] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.139706] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.139999] page dumped because: kasan: bad access detected [ 27.140099] [ 27.140160] Memory state around the buggy address: [ 27.140242] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.140340] fff00000c1a54800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.141101] >fff00000c1a54880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.141374] ^ [ 27.141598] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.141741] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.141859] ================================================================== [ 27.109364] ================================================================== [ 27.109570] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 27.109726] Write of size 1 at addr fff00000c1a548d0 by task kunit_try_catch/160 [ 27.109867] [ 27.109959] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.110196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.110274] Hardware name: linux,dummy-virt (DT) [ 27.110365] Call trace: [ 27.110429] show_stack+0x20/0x38 (C) [ 27.110586] dump_stack_lvl+0x8c/0xd0 [ 27.110986] print_report+0x118/0x608 [ 27.111137] kasan_report+0xdc/0x128 [ 27.111267] __asan_report_store1_noabort+0x20/0x30 [ 27.111432] krealloc_less_oob_helper+0xb9c/0xc50 [ 27.112586] krealloc_less_oob+0x20/0x38 [ 27.113120] kunit_try_run_case+0x170/0x3f0 [ 27.113580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.114074] kthread+0x328/0x630 [ 27.114251] ret_from_fork+0x10/0x20 [ 27.114412] [ 27.114505] Allocated by task 160: [ 27.114621] kasan_save_stack+0x3c/0x68 [ 27.114780] kasan_save_track+0x20/0x40 [ 27.114884] kasan_save_alloc_info+0x40/0x58 [ 27.115008] __kasan_krealloc+0x118/0x178 [ 27.115144] krealloc_noprof+0x128/0x360 [ 27.115247] krealloc_less_oob_helper+0x168/0xc50 [ 27.115423] krealloc_less_oob+0x20/0x38 [ 27.115591] kunit_try_run_case+0x170/0x3f0 [ 27.115867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.116054] kthread+0x328/0x630 [ 27.116280] ret_from_fork+0x10/0x20 [ 27.116596] [ 27.116656] The buggy address belongs to the object at fff00000c1a54800 [ 27.116656] which belongs to the cache kmalloc-256 of size 256 [ 27.116856] The buggy address is located 7 bytes to the right of [ 27.116856] allocated 201-byte region [fff00000c1a54800, fff00000c1a548c9) [ 27.117117] [ 27.117197] The buggy address belongs to the physical page: [ 27.117350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.117599] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.118113] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.118283] page_type: f5(slab) [ 27.118396] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.118560] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.118705] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.118854] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.119941] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.120101] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.120164] page dumped because: kasan: bad access detected [ 27.120207] [ 27.120246] Memory state around the buggy address: [ 27.120325] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.120469] fff00000c1a54800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.120595] >fff00000c1a54880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.120694] ^ [ 27.120778] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.120911] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.121020] ================================================================== [ 27.145670] ================================================================== [ 27.145909] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 27.146744] Write of size 1 at addr fff00000c1a548ea by task kunit_try_catch/160 [ 27.147000] [ 27.147179] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.147799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.147886] Hardware name: linux,dummy-virt (DT) [ 27.148509] Call trace: [ 27.148792] show_stack+0x20/0x38 (C) [ 27.148960] dump_stack_lvl+0x8c/0xd0 [ 27.149101] print_report+0x118/0x608 [ 27.149357] kasan_report+0xdc/0x128 [ 27.149629] __asan_report_store1_noabort+0x20/0x30 [ 27.150482] krealloc_less_oob_helper+0xae4/0xc50 [ 27.150875] krealloc_less_oob+0x20/0x38 [ 27.151126] kunit_try_run_case+0x170/0x3f0 [ 27.151284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.151468] kthread+0x328/0x630 [ 27.152030] ret_from_fork+0x10/0x20 [ 27.152371] [ 27.152432] Allocated by task 160: [ 27.152746] kasan_save_stack+0x3c/0x68 [ 27.152862] kasan_save_track+0x20/0x40 [ 27.152962] kasan_save_alloc_info+0x40/0x58 [ 27.153523] __kasan_krealloc+0x118/0x178 [ 27.153704] krealloc_noprof+0x128/0x360 [ 27.153825] krealloc_less_oob_helper+0x168/0xc50 [ 27.153946] krealloc_less_oob+0x20/0x38 [ 27.154066] kunit_try_run_case+0x170/0x3f0 [ 27.154223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.154347] kthread+0x328/0x630 [ 27.154501] ret_from_fork+0x10/0x20 [ 27.154647] [ 27.154732] The buggy address belongs to the object at fff00000c1a54800 [ 27.154732] which belongs to the cache kmalloc-256 of size 256 [ 27.154967] The buggy address is located 33 bytes to the right of [ 27.154967] allocated 201-byte region [fff00000c1a54800, fff00000c1a548c9) [ 27.155229] [ 27.155314] The buggy address belongs to the physical page: [ 27.155423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.155572] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.155723] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.156123] page_type: f5(slab) [ 27.156289] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.156431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.156569] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.156692] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.156796] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.156921] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.157262] page dumped because: kasan: bad access detected [ 27.157550] [ 27.157638] Memory state around the buggy address: [ 27.157726] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.157896] fff00000c1a54800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.158020] >fff00000c1a54880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 27.158131] ^ [ 27.158248] fff00000c1a54900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.158410] fff00000c1a54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.158537] ================================================================== [ 27.301547] ================================================================== [ 27.301681] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 27.301919] Write of size 1 at addr fff00000c77da0ea by task kunit_try_catch/164 [ 27.302262] [ 27.302482] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.302791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.302915] Hardware name: linux,dummy-virt (DT) [ 27.303315] Call trace: [ 27.303419] show_stack+0x20/0x38 (C) [ 27.303651] dump_stack_lvl+0x8c/0xd0 [ 27.303867] print_report+0x118/0x608 [ 27.304197] kasan_report+0xdc/0x128 [ 27.304361] __asan_report_store1_noabort+0x20/0x30 [ 27.304508] krealloc_less_oob_helper+0xae4/0xc50 [ 27.304646] krealloc_large_less_oob+0x20/0x38 [ 27.304776] kunit_try_run_case+0x170/0x3f0 [ 27.304977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.305218] kthread+0x328/0x630 [ 27.305401] ret_from_fork+0x10/0x20 [ 27.305607] [ 27.305665] The buggy address belongs to the physical page: [ 27.305978] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.306336] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.306537] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.306902] page_type: f8(unknown) [ 27.307061] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.307229] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.307389] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.307923] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.308184] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.308489] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.308867] page dumped because: kasan: bad access detected [ 27.308960] [ 27.309017] Memory state around the buggy address: [ 27.309102] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.309198] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.309305] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.309406] ^ [ 27.309612] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.309826] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.310084] ================================================================== [ 27.268287] ================================================================== [ 27.268432] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 27.270305] Write of size 1 at addr fff00000c77da0d0 by task kunit_try_catch/164 [ 27.270536] [ 27.270653] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.270889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.270964] Hardware name: linux,dummy-virt (DT) [ 27.271053] Call trace: [ 27.271136] show_stack+0x20/0x38 (C) [ 27.271331] dump_stack_lvl+0x8c/0xd0 [ 27.271558] print_report+0x118/0x608 [ 27.271695] kasan_report+0xdc/0x128 [ 27.271829] __asan_report_store1_noabort+0x20/0x30 [ 27.271984] krealloc_less_oob_helper+0xb9c/0xc50 [ 27.272120] krealloc_large_less_oob+0x20/0x38 [ 27.272604] kunit_try_run_case+0x170/0x3f0 [ 27.272781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.272940] kthread+0x328/0x630 [ 27.273061] ret_from_fork+0x10/0x20 [ 27.273442] [ 27.273528] The buggy address belongs to the physical page: [ 27.273673] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.273824] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.273971] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.274235] page_type: f8(unknown) [ 27.274367] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.274558] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.274771] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.275068] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.275820] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.276022] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.276138] page dumped because: kasan: bad access detected [ 27.276358] [ 27.276416] Memory state around the buggy address: [ 27.276631] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.276882] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.276989] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 27.277672] ^ [ 27.277992] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.278219] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.278510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 27.236638] ================================================================== [ 27.236831] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 27.237015] Write of size 1 at addr fff00000c77da0f0 by task kunit_try_catch/162 [ 27.237166] [ 27.237284] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.237542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.237614] Hardware name: linux,dummy-virt (DT) [ 27.237695] Call trace: [ 27.237758] show_stack+0x20/0x38 (C) [ 27.237889] dump_stack_lvl+0x8c/0xd0 [ 27.238044] print_report+0x118/0x608 [ 27.238165] kasan_report+0xdc/0x128 [ 27.238284] __asan_report_store1_noabort+0x20/0x30 [ 27.238420] krealloc_more_oob_helper+0x5c0/0x678 [ 27.238581] krealloc_large_more_oob+0x20/0x38 [ 27.238738] kunit_try_run_case+0x170/0x3f0 [ 27.238929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.239134] kthread+0x328/0x630 [ 27.239273] ret_from_fork+0x10/0x20 [ 27.239687] [ 27.239781] The buggy address belongs to the physical page: [ 27.239878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.240269] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.240442] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.240620] page_type: f8(unknown) [ 27.240718] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.240838] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.240964] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.241078] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.241213] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.241353] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.241496] page dumped because: kasan: bad access detected [ 27.241598] [ 27.241675] Memory state around the buggy address: [ 27.241798] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.241928] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.242056] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.242170] ^ [ 27.242314] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.242439] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.242556] ================================================================== [ 27.040336] ================================================================== [ 27.040587] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 27.040758] Write of size 1 at addr fff00000c1a546eb by task kunit_try_catch/158 [ 27.040915] [ 27.041051] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.041327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.041391] Hardware name: linux,dummy-virt (DT) [ 27.041484] Call trace: [ 27.041545] show_stack+0x20/0x38 (C) [ 27.041716] dump_stack_lvl+0x8c/0xd0 [ 27.041897] print_report+0x118/0x608 [ 27.042061] kasan_report+0xdc/0x128 [ 27.042227] __asan_report_store1_noabort+0x20/0x30 [ 27.042424] krealloc_more_oob_helper+0x60c/0x678 [ 27.042594] krealloc_more_oob+0x20/0x38 [ 27.042793] kunit_try_run_case+0x170/0x3f0 [ 27.042938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.043121] kthread+0x328/0x630 [ 27.043306] ret_from_fork+0x10/0x20 [ 27.043511] [ 27.043621] Allocated by task 158: [ 27.043709] kasan_save_stack+0x3c/0x68 [ 27.043835] kasan_save_track+0x20/0x40 [ 27.044050] kasan_save_alloc_info+0x40/0x58 [ 27.044230] __kasan_krealloc+0x118/0x178 [ 27.044365] krealloc_noprof+0x128/0x360 [ 27.044524] krealloc_more_oob_helper+0x168/0x678 [ 27.044689] krealloc_more_oob+0x20/0x38 [ 27.044829] kunit_try_run_case+0x170/0x3f0 [ 27.044969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.045127] kthread+0x328/0x630 [ 27.045412] ret_from_fork+0x10/0x20 [ 27.045565] [ 27.045619] The buggy address belongs to the object at fff00000c1a54600 [ 27.045619] which belongs to the cache kmalloc-256 of size 256 [ 27.045761] The buggy address is located 0 bytes to the right of [ 27.045761] allocated 235-byte region [fff00000c1a54600, fff00000c1a546eb) [ 27.045942] [ 27.046001] The buggy address belongs to the physical page: [ 27.046110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.046357] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.046554] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.046727] page_type: f5(slab) [ 27.046875] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.047034] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.047170] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.047937] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.048059] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.048131] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.048211] page dumped because: kasan: bad access detected [ 27.048312] [ 27.048375] Memory state around the buggy address: [ 27.048484] fff00000c1a54580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.048594] fff00000c1a54600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.048690] >fff00000c1a54680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 27.048788] ^ [ 27.048897] fff00000c1a54700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.049034] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.049162] ================================================================== [ 27.050473] ================================================================== [ 27.050587] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 27.050794] Write of size 1 at addr fff00000c1a546f0 by task kunit_try_catch/158 [ 27.050971] [ 27.051088] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.051320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.051411] Hardware name: linux,dummy-virt (DT) [ 27.051526] Call trace: [ 27.051589] show_stack+0x20/0x38 (C) [ 27.051728] dump_stack_lvl+0x8c/0xd0 [ 27.051862] print_report+0x118/0x608 [ 27.052055] kasan_report+0xdc/0x128 [ 27.052206] __asan_report_store1_noabort+0x20/0x30 [ 27.052355] krealloc_more_oob_helper+0x5c0/0x678 [ 27.052522] krealloc_more_oob+0x20/0x38 [ 27.052650] kunit_try_run_case+0x170/0x3f0 [ 27.052781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.052916] kthread+0x328/0x630 [ 27.053029] ret_from_fork+0x10/0x20 [ 27.053155] [ 27.053205] Allocated by task 158: [ 27.053575] kasan_save_stack+0x3c/0x68 [ 27.053721] kasan_save_track+0x20/0x40 [ 27.053827] kasan_save_alloc_info+0x40/0x58 [ 27.053984] __kasan_krealloc+0x118/0x178 [ 27.054112] krealloc_noprof+0x128/0x360 [ 27.054490] krealloc_more_oob_helper+0x168/0x678 [ 27.054616] krealloc_more_oob+0x20/0x38 [ 27.054732] kunit_try_run_case+0x170/0x3f0 [ 27.054934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.055128] kthread+0x328/0x630 [ 27.055294] ret_from_fork+0x10/0x20 [ 27.055406] [ 27.055886] The buggy address belongs to the object at fff00000c1a54600 [ 27.055886] which belongs to the cache kmalloc-256 of size 256 [ 27.056160] The buggy address is located 5 bytes to the right of [ 27.056160] allocated 235-byte region [fff00000c1a54600, fff00000c1a546eb) [ 27.056476] [ 27.056540] The buggy address belongs to the physical page: [ 27.056827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a54 [ 27.056976] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.057236] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.057425] page_type: f5(slab) [ 27.057617] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.057779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.057930] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 27.058494] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.058665] head: 0bfffe0000000001 ffffc1ffc3069501 00000000ffffffff 00000000ffffffff [ 27.058813] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 27.058936] page dumped because: kasan: bad access detected [ 27.059091] [ 27.059144] Memory state around the buggy address: [ 27.059300] fff00000c1a54580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.059692] fff00000c1a54600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.059840] >fff00000c1a54680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 27.060079] ^ [ 27.060860] fff00000c1a54700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.061003] fff00000c1a54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.061121] ================================================================== [ 27.202984] ================================================================== [ 27.203180] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 27.203594] Write of size 1 at addr fff00000c77da0eb by task kunit_try_catch/162 [ 27.204092] [ 27.204528] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.205016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.205099] Hardware name: linux,dummy-virt (DT) [ 27.205651] Call trace: [ 27.206070] show_stack+0x20/0x38 (C) [ 27.206230] dump_stack_lvl+0x8c/0xd0 [ 27.206356] print_report+0x118/0x608 [ 27.207534] kasan_report+0xdc/0x128 [ 27.207943] __asan_report_store1_noabort+0x20/0x30 [ 27.208102] krealloc_more_oob_helper+0x60c/0x678 [ 27.208257] krealloc_large_more_oob+0x20/0x38 [ 27.210030] kunit_try_run_case+0x170/0x3f0 [ 27.210477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.210831] kthread+0x328/0x630 [ 27.211003] ret_from_fork+0x10/0x20 [ 27.211147] [ 27.211208] The buggy address belongs to the physical page: [ 27.211303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 27.212609] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.213164] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.213732] page_type: f8(unknown) [ 27.214276] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.215203] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.215614] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.215767] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.215914] head: 0bfffe0000000002 ffffc1ffc31df601 00000000ffffffff 00000000ffffffff [ 27.216046] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.216142] page dumped because: kasan: bad access detected [ 27.216958] [ 27.217058] Memory state around the buggy address: [ 27.217378] fff00000c77d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.217737] fff00000c77da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.218131] >fff00000c77da080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 27.218726] ^ [ 27.219198] fff00000c77da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.219360] fff00000c77da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.220077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 27.011901] ================================================================== [ 27.012134] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 27.012304] Read of size 1 at addr fff00000c77f0000 by task kunit_try_catch/156 [ 27.012466] [ 27.012572] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 27.012894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.013282] Hardware name: linux,dummy-virt (DT) [ 27.013517] Call trace: [ 27.013728] show_stack+0x20/0x38 (C) [ 27.014338] dump_stack_lvl+0x8c/0xd0 [ 27.014641] print_report+0x118/0x608 [ 27.014788] kasan_report+0xdc/0x128 [ 27.014916] __asan_report_load1_noabort+0x20/0x30 [ 27.015065] page_alloc_uaf+0x328/0x350 [ 27.015206] kunit_try_run_case+0x170/0x3f0 [ 27.015369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.015617] kthread+0x328/0x630 [ 27.015805] ret_from_fork+0x10/0x20 [ 27.016004] [ 27.016056] The buggy address belongs to the physical page: [ 27.016141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f0 [ 27.016626] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.016787] page_type: f0(buddy) [ 27.016889] raw: 0bfffe0000000000 fff00000ff616020 fff00000ff616020 0000000000000000 [ 27.017282] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 27.017410] page dumped because: kasan: bad access detected [ 27.017530] [ 27.017609] Memory state around the buggy address: [ 27.017718] fff00000c77eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.017871] fff00000c77eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.017996] >fff00000c77f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.018148] ^ [ 27.018268] fff00000c77f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.018438] fff00000c77f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.018609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 26.950404] ================================================================== [ 26.950702] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 26.950889] Free of addr fff00000c77a4001 by task kunit_try_catch/152 [ 26.951020] [ 26.951116] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.951351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.951438] Hardware name: linux,dummy-virt (DT) [ 26.952097] Call trace: [ 26.952185] show_stack+0x20/0x38 (C) [ 26.952353] dump_stack_lvl+0x8c/0xd0 [ 26.952506] print_report+0x118/0x608 [ 26.952641] kasan_report_invalid_free+0xc0/0xe8 [ 26.952780] __kasan_kfree_large+0x5c/0xa8 [ 26.952913] free_large_kmalloc+0x64/0x190 [ 26.953058] kfree+0x270/0x3c8 [ 26.953192] kmalloc_large_invalid_free+0x108/0x270 [ 26.953309] kunit_try_run_case+0x170/0x3f0 [ 26.953699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.953898] kthread+0x328/0x630 [ 26.954033] ret_from_fork+0x10/0x20 [ 26.954176] [ 26.954595] The buggy address belongs to the physical page: [ 26.954798] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a4 [ 26.954969] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.955105] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.955265] page_type: f8(unknown) [ 26.955390] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.956071] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.956192] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.956302] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.956429] head: 0bfffe0000000002 ffffc1ffc31de901 00000000ffffffff 00000000ffffffff [ 26.957109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.957275] page dumped because: kasan: bad access detected [ 26.957416] [ 26.957508] Memory state around the buggy address: [ 26.957646] fff00000c77a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.957824] fff00000c77a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.957991] >fff00000c77a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.958104] ^ [ 26.958191] fff00000c77a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.958366] fff00000c77a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.958595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 26.926606] ================================================================== [ 26.926877] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 26.927166] Read of size 1 at addr fff00000c77a4000 by task kunit_try_catch/150 [ 26.927735] [ 26.927943] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.928304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.928407] Hardware name: linux,dummy-virt (DT) [ 26.928607] Call trace: [ 26.928933] show_stack+0x20/0x38 (C) [ 26.929119] dump_stack_lvl+0x8c/0xd0 [ 26.929260] print_report+0x118/0x608 [ 26.929391] kasan_report+0xdc/0x128 [ 26.929537] __asan_report_load1_noabort+0x20/0x30 [ 26.929664] kmalloc_large_uaf+0x2cc/0x2f8 [ 26.929769] kunit_try_run_case+0x170/0x3f0 [ 26.929884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.930022] kthread+0x328/0x630 [ 26.930148] ret_from_fork+0x10/0x20 [ 26.930290] [ 26.930699] The buggy address belongs to the physical page: [ 26.931088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a4 [ 26.931346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.931898] raw: 0bfffe0000000000 ffffc1ffc31df608 fff00000da482d80 0000000000000000 [ 26.932226] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.932356] page dumped because: kasan: bad access detected [ 26.932465] [ 26.932519] Memory state around the buggy address: [ 26.932625] fff00000c77a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.932753] fff00000c77a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.933124] >fff00000c77a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.933363] ^ [ 26.933465] fff00000c77a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.933583] fff00000c77a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.933729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 26.898489] ================================================================== [ 26.898707] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 26.898875] Write of size 1 at addr fff00000c77a600a by task kunit_try_catch/148 [ 26.899018] [ 26.899111] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.899347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.899431] Hardware name: linux,dummy-virt (DT) [ 26.899528] Call trace: [ 26.899592] show_stack+0x20/0x38 (C) [ 26.900118] dump_stack_lvl+0x8c/0xd0 [ 26.900309] print_report+0x118/0x608 [ 26.900439] kasan_report+0xdc/0x128 [ 26.900599] __asan_report_store1_noabort+0x20/0x30 [ 26.900734] kmalloc_large_oob_right+0x278/0x2b8 [ 26.901140] kunit_try_run_case+0x170/0x3f0 [ 26.901224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.901299] kthread+0x328/0x630 [ 26.901364] ret_from_fork+0x10/0x20 [ 26.901433] [ 26.901527] The buggy address belongs to the physical page: [ 26.901617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077a4 [ 26.901851] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.902012] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.902183] page_type: f8(unknown) [ 26.902293] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.902440] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.902604] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.902748] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.902894] head: 0bfffe0000000002 ffffc1ffc31de901 00000000ffffffff 00000000ffffffff [ 26.903037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.903156] page dumped because: kasan: bad access detected [ 26.903248] [ 26.903301] Memory state around the buggy address: [ 26.903407] fff00000c77a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.904045] fff00000c77a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.904263] >fff00000c77a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.904430] ^ [ 26.904770] fff00000c77a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.904971] fff00000c77a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.905082] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 26.870917] ================================================================== [ 26.871122] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 26.871280] Write of size 1 at addr fff00000c64cdf00 by task kunit_try_catch/146 [ 26.871434] [ 26.871537] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.871776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.871850] Hardware name: linux,dummy-virt (DT) [ 26.871951] Call trace: [ 26.872021] show_stack+0x20/0x38 (C) [ 26.872167] dump_stack_lvl+0x8c/0xd0 [ 26.872333] print_report+0x118/0x608 [ 26.872483] kasan_report+0xdc/0x128 [ 26.872662] __asan_report_store1_noabort+0x20/0x30 [ 26.872839] kmalloc_big_oob_right+0x2a4/0x2f0 [ 26.872969] kunit_try_run_case+0x170/0x3f0 [ 26.873194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.873355] kthread+0x328/0x630 [ 26.873505] ret_from_fork+0x10/0x20 [ 26.873647] [ 26.873704] Allocated by task 146: [ 26.873783] kasan_save_stack+0x3c/0x68 [ 26.873890] kasan_save_track+0x20/0x40 [ 26.874053] kasan_save_alloc_info+0x40/0x58 [ 26.874213] __kasan_kmalloc+0xd4/0xd8 [ 26.874301] __kmalloc_cache_noprof+0x15c/0x3c0 [ 26.874414] kmalloc_big_oob_right+0xb8/0x2f0 [ 26.874564] kunit_try_run_case+0x170/0x3f0 [ 26.874725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.874908] kthread+0x328/0x630 [ 26.875055] ret_from_fork+0x10/0x20 [ 26.875202] [ 26.875285] The buggy address belongs to the object at fff00000c64cc000 [ 26.875285] which belongs to the cache kmalloc-8k of size 8192 [ 26.875541] The buggy address is located 0 bytes to the right of [ 26.875541] allocated 7936-byte region [fff00000c64cc000, fff00000c64cdf00) [ 26.875794] [ 26.875850] The buggy address belongs to the physical page: [ 26.875986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c8 [ 26.876129] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.876293] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.876441] page_type: f5(slab) [ 26.876568] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 26.876747] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 26.876916] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 26.877047] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 26.877206] head: 0bfffe0000000003 ffffc1ffc3193201 00000000ffffffff 00000000ffffffff [ 26.877387] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 26.877552] page dumped because: kasan: bad access detected [ 26.877668] [ 26.877744] Memory state around the buggy address: [ 26.877867] fff00000c64cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.877988] fff00000c64cde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.878105] >fff00000c64cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.878212] ^ [ 26.878344] fff00000c64cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.878510] fff00000c64ce000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.878617] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 26.838075] ================================================================== [ 26.838209] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 26.838358] Write of size 1 at addr fff00000c5a34978 by task kunit_try_catch/144 [ 26.838518] [ 26.838611] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.838846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.838924] Hardware name: linux,dummy-virt (DT) [ 26.839015] Call trace: [ 26.839082] show_stack+0x20/0x38 (C) [ 26.839222] dump_stack_lvl+0x8c/0xd0 [ 26.839358] print_report+0x118/0x608 [ 26.839513] kasan_report+0xdc/0x128 [ 26.839634] __asan_report_store1_noabort+0x20/0x30 [ 26.839779] kmalloc_track_caller_oob_right+0x418/0x488 [ 26.839926] kunit_try_run_case+0x170/0x3f0 [ 26.840057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.840207] kthread+0x328/0x630 [ 26.840344] ret_from_fork+0x10/0x20 [ 26.840609] [ 26.840818] Allocated by task 144: [ 26.840906] kasan_save_stack+0x3c/0x68 [ 26.841929] kasan_save_track+0x20/0x40 [ 26.843386] kasan_save_alloc_info+0x40/0x58 [ 26.844136] __kasan_kmalloc+0xd4/0xd8 [ 26.844251] __kmalloc_node_track_caller_noprof+0x18c/0x4c0 [ 26.844440] kmalloc_track_caller_oob_right+0x184/0x488 [ 26.844620] kunit_try_run_case+0x170/0x3f0 [ 26.844719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.844844] kthread+0x328/0x630 [ 26.844939] ret_from_fork+0x10/0x20 [ 26.845264] [ 26.845361] The buggy address belongs to the object at fff00000c5a34900 [ 26.845361] which belongs to the cache kmalloc-128 of size 128 [ 26.845563] The buggy address is located 0 bytes to the right of [ 26.845563] allocated 120-byte region [fff00000c5a34900, fff00000c5a34978) [ 26.845752] [ 26.845826] The buggy address belongs to the physical page: [ 26.845946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 26.846157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.846404] page_type: f5(slab) [ 26.846531] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.846679] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.846800] page dumped because: kasan: bad access detected [ 26.846889] [ 26.846940] Memory state around the buggy address: [ 26.847078] fff00000c5a34800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.847208] fff00000c5a34880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.847325] >fff00000c5a34900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.847464] ^ [ 26.847575] fff00000c5a34980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.848290] fff00000c5a34a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.848637] ================================================================== [ 26.823435] ================================================================== [ 26.824011] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 26.824290] Write of size 1 at addr fff00000c5a34878 by task kunit_try_catch/144 [ 26.824562] [ 26.824892] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.825145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.825220] Hardware name: linux,dummy-virt (DT) [ 26.825299] Call trace: [ 26.825352] show_stack+0x20/0x38 (C) [ 26.825505] dump_stack_lvl+0x8c/0xd0 [ 26.825771] print_report+0x118/0x608 [ 26.825921] kasan_report+0xdc/0x128 [ 26.826057] __asan_report_store1_noabort+0x20/0x30 [ 26.826270] kmalloc_track_caller_oob_right+0x40c/0x488 [ 26.826433] kunit_try_run_case+0x170/0x3f0 [ 26.826600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.826747] kthread+0x328/0x630 [ 26.827230] ret_from_fork+0x10/0x20 [ 26.827478] [ 26.827536] Allocated by task 144: [ 26.827700] kasan_save_stack+0x3c/0x68 [ 26.828046] kasan_save_track+0x20/0x40 [ 26.828530] kasan_save_alloc_info+0x40/0x58 [ 26.828673] __kasan_kmalloc+0xd4/0xd8 [ 26.828776] __kmalloc_node_track_caller_noprof+0x18c/0x4c0 [ 26.828884] kmalloc_track_caller_oob_right+0xa8/0x488 [ 26.829035] kunit_try_run_case+0x170/0x3f0 [ 26.829152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.829283] kthread+0x328/0x630 [ 26.829387] ret_from_fork+0x10/0x20 [ 26.830047] [ 26.830676] The buggy address belongs to the object at fff00000c5a34800 [ 26.830676] which belongs to the cache kmalloc-128 of size 128 [ 26.832234] The buggy address is located 0 bytes to the right of [ 26.832234] allocated 120-byte region [fff00000c5a34800, fff00000c5a34878) [ 26.833653] [ 26.833972] The buggy address belongs to the physical page: [ 26.834285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 26.834467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.834616] page_type: f5(slab) [ 26.834728] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.834873] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.834994] page dumped because: kasan: bad access detected [ 26.835085] [ 26.835137] Memory state around the buggy address: [ 26.835246] fff00000c5a34700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.835370] fff00000c5a34780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.835519] >fff00000c5a34800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.835631] ^ [ 26.835745] fff00000c5a34880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.835860] fff00000c5a34900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.835984] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 26.783436] ================================================================== [ 26.783660] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 26.783829] Read of size 1 at addr fff00000c639f000 by task kunit_try_catch/142 [ 26.784299] [ 26.784441] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.785327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.785519] Hardware name: linux,dummy-virt (DT) [ 26.785619] Call trace: [ 26.785687] show_stack+0x20/0x38 (C) [ 26.786018] dump_stack_lvl+0x8c/0xd0 [ 26.786661] print_report+0x118/0x608 [ 26.786827] kasan_report+0xdc/0x128 [ 26.786961] __asan_report_load1_noabort+0x20/0x30 [ 26.787108] kmalloc_node_oob_right+0x2f4/0x330 [ 26.787256] kunit_try_run_case+0x170/0x3f0 [ 26.787410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.787592] kthread+0x328/0x630 [ 26.787727] ret_from_fork+0x10/0x20 [ 26.787872] [ 26.788558] Allocated by task 142: [ 26.788800] kasan_save_stack+0x3c/0x68 [ 26.789044] kasan_save_track+0x20/0x40 [ 26.789151] kasan_save_alloc_info+0x40/0x58 [ 26.789241] __kasan_kmalloc+0xd4/0xd8 [ 26.789903] __kmalloc_cache_node_noprof+0x168/0x3d0 [ 26.790585] kmalloc_node_oob_right+0xbc/0x330 [ 26.791019] kunit_try_run_case+0x170/0x3f0 [ 26.791832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.792248] kthread+0x328/0x630 [ 26.792511] ret_from_fork+0x10/0x20 [ 26.792604] [ 26.792690] The buggy address belongs to the object at fff00000c639e000 [ 26.792690] which belongs to the cache kmalloc-4k of size 4096 [ 26.792854] The buggy address is located 0 bytes to the right of [ 26.792854] allocated 4096-byte region [fff00000c639e000, fff00000c639f000) [ 26.793115] [ 26.793201] The buggy address belongs to the physical page: [ 26.793532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 26.794780] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.795899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.796127] page_type: f5(slab) [ 26.796279] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 26.796575] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 26.796774] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 26.796923] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 26.797042] head: 0bfffe0000000003 ffffc1ffc318e601 00000000ffffffff 00000000ffffffff [ 26.797150] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 26.798377] page dumped because: kasan: bad access detected [ 26.798583] [ 26.798640] Memory state around the buggy address: [ 26.798760] fff00000c639ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.798885] fff00000c639ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.799224] >fff00000c639f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.799342] ^ [ 26.799464] fff00000c639f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.799615] fff00000c639f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.799887] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 26.731314] ================================================================== [ 26.732356] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 26.732568] Read of size 1 at addr fff00000c5a2a65f by task kunit_try_catch/140 [ 26.732716] [ 26.732809] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.733027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.733395] Hardware name: linux,dummy-virt (DT) [ 26.733725] Call trace: [ 26.733962] show_stack+0x20/0x38 (C) [ 26.734466] dump_stack_lvl+0x8c/0xd0 [ 26.734746] print_report+0x118/0x608 [ 26.735470] kasan_report+0xdc/0x128 [ 26.735640] __asan_report_load1_noabort+0x20/0x30 [ 26.735790] kmalloc_oob_left+0x2ec/0x320 [ 26.735983] kunit_try_run_case+0x170/0x3f0 [ 26.736478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.737035] kthread+0x328/0x630 [ 26.737192] ret_from_fork+0x10/0x20 [ 26.737516] [ 26.737716] Allocated by task 26: [ 26.737802] kasan_save_stack+0x3c/0x68 [ 26.738230] kasan_save_track+0x20/0x40 [ 26.738494] kasan_save_alloc_info+0x40/0x58 [ 26.738786] __kasan_kmalloc+0xd4/0xd8 [ 26.739039] __kmalloc_node_track_caller_noprof+0x18c/0x4c0 [ 26.739258] kstrdup+0x54/0xc8 [ 26.739500] devtmpfs_work_loop+0x6f8/0xa58 [ 26.739906] devtmpfsd+0x50/0x58 [ 26.740182] kthread+0x328/0x630 [ 26.740546] ret_from_fork+0x10/0x20 [ 26.740932] [ 26.741063] Freed by task 26: [ 26.741272] kasan_save_stack+0x3c/0x68 [ 26.741567] kasan_save_track+0x20/0x40 [ 26.741703] kasan_save_free_info+0x4c/0x78 [ 26.741819] __kasan_slab_free+0x6c/0x98 [ 26.741923] kfree+0x214/0x3c8 [ 26.742025] devtmpfs_work_loop+0x804/0xa58 [ 26.742140] devtmpfsd+0x50/0x58 [ 26.742236] kthread+0x328/0x630 [ 26.742341] ret_from_fork+0x10/0x20 [ 26.742864] [ 26.743132] The buggy address belongs to the object at fff00000c5a2a640 [ 26.743132] which belongs to the cache kmalloc-16 of size 16 [ 26.743715] The buggy address is located 15 bytes to the right of [ 26.743715] allocated 16-byte region [fff00000c5a2a640, fff00000c5a2a650) [ 26.744318] [ 26.744412] The buggy address belongs to the physical page: [ 26.744567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2a [ 26.744939] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.745091] page_type: f5(slab) [ 26.745177] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.745625] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.745993] page dumped because: kasan: bad access detected [ 26.746290] [ 26.746416] Memory state around the buggy address: [ 26.746620] fff00000c5a2a500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.746906] fff00000c5a2a580: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 26.747290] >fff00000c5a2a600: 00 01 fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 26.747826] ^ [ 26.748222] fff00000c5a2a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.748722] fff00000c5a2a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.748827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 26.666047] ================================================================== [ 26.666800] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 26.668056] Write of size 1 at addr fff00000c5a34773 by task kunit_try_catch/138 [ 26.668312] [ 26.670003] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.0-rc7 #1 PREEMPT [ 26.670361] Tainted: [N]=TEST [ 26.670473] Hardware name: linux,dummy-virt (DT) [ 26.670979] Call trace: [ 26.671318] show_stack+0x20/0x38 (C) [ 26.671693] dump_stack_lvl+0x8c/0xd0 [ 26.671848] print_report+0x118/0x608 [ 26.672006] kasan_report+0xdc/0x128 [ 26.672123] __asan_report_store1_noabort+0x20/0x30 [ 26.672249] kmalloc_oob_right+0x5a4/0x660 [ 26.672388] kunit_try_run_case+0x170/0x3f0 [ 26.672514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.672660] kthread+0x328/0x630 [ 26.672785] ret_from_fork+0x10/0x20 [ 26.673080] [ 26.673136] Allocated by task 138: [ 26.673290] kasan_save_stack+0x3c/0x68 [ 26.673384] kasan_save_track+0x20/0x40 [ 26.673439] kasan_save_alloc_info+0x40/0x58 [ 26.673519] __kasan_kmalloc+0xd4/0xd8 [ 26.673568] __kmalloc_cache_noprof+0x15c/0x3c0 [ 26.673628] kmalloc_oob_right+0xb0/0x660 [ 26.673681] kunit_try_run_case+0x170/0x3f0 [ 26.673735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.673796] kthread+0x328/0x630 [ 26.673846] ret_from_fork+0x10/0x20 [ 26.673923] [ 26.674005] The buggy address belongs to the object at fff00000c5a34700 [ 26.674005] which belongs to the cache kmalloc-128 of size 128 [ 26.674134] The buggy address is located 0 bytes to the right of [ 26.674134] allocated 115-byte region [fff00000c5a34700, fff00000c5a34773) [ 26.674229] [ 26.674336] The buggy address belongs to the physical page: [ 26.674587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 26.674951] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.675332] page_type: f5(slab) [ 26.675773] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.675865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.676068] page dumped because: kasan: bad access detected [ 26.676171] [ 26.676274] Memory state around the buggy address: [ 26.676588] fff00000c5a34600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.676687] fff00000c5a34680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.676766] >fff00000c5a34700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.676841] ^ [ 26.676955] fff00000c5a34780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.677017] fff00000c5a34800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.677108] ================================================================== [ 26.678362] ================================================================== [ 26.678543] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 26.678738] Write of size 1 at addr fff00000c5a34778 by task kunit_try_catch/138 [ 26.678934] [ 26.679044] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.679300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.679416] Hardware name: linux,dummy-virt (DT) [ 26.679515] Call trace: [ 26.679562] show_stack+0x20/0x38 (C) [ 26.679677] dump_stack_lvl+0x8c/0xd0 [ 26.679788] print_report+0x118/0x608 [ 26.679890] kasan_report+0xdc/0x128 [ 26.680006] __asan_report_store1_noabort+0x20/0x30 [ 26.680128] kmalloc_oob_right+0x538/0x660 [ 26.680232] kunit_try_run_case+0x170/0x3f0 [ 26.680345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.680499] kthread+0x328/0x630 [ 26.680668] ret_from_fork+0x10/0x20 [ 26.680851] [ 26.680924] Allocated by task 138: [ 26.681010] kasan_save_stack+0x3c/0x68 [ 26.681172] kasan_save_track+0x20/0x40 [ 26.681312] kasan_save_alloc_info+0x40/0x58 [ 26.681483] __kasan_kmalloc+0xd4/0xd8 [ 26.681619] __kmalloc_cache_noprof+0x15c/0x3c0 [ 26.681728] kmalloc_oob_right+0xb0/0x660 [ 26.681817] kunit_try_run_case+0x170/0x3f0 [ 26.683493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.683632] kthread+0x328/0x630 [ 26.683737] ret_from_fork+0x10/0x20 [ 26.683835] [ 26.683884] The buggy address belongs to the object at fff00000c5a34700 [ 26.683884] which belongs to the cache kmalloc-128 of size 128 [ 26.684036] The buggy address is located 5 bytes to the right of [ 26.684036] allocated 115-byte region [fff00000c5a34700, fff00000c5a34773) [ 26.684212] [ 26.684271] The buggy address belongs to the physical page: [ 26.684357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 26.684512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.684653] page_type: f5(slab) [ 26.684766] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.684915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.685038] page dumped because: kasan: bad access detected [ 26.685130] [ 26.685180] Memory state around the buggy address: [ 26.685316] fff00000c5a34600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.685430] fff00000c5a34680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.685556] >fff00000c5a34700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.685648] ^ [ 26.685801] fff00000c5a34780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686041] fff00000c5a34800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686159] ================================================================== [ 26.687553] ================================================================== [ 26.687792] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 26.688129] Read of size 1 at addr fff00000c5a34780 by task kunit_try_catch/138 [ 26.688337] [ 26.688652] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 26.689251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.689347] Hardware name: linux,dummy-virt (DT) [ 26.689434] Call trace: [ 26.689513] show_stack+0x20/0x38 (C) [ 26.689652] dump_stack_lvl+0x8c/0xd0 [ 26.689814] print_report+0x118/0x608 [ 26.689950] kasan_report+0xdc/0x128 [ 26.690258] __asan_report_load1_noabort+0x20/0x30 [ 26.690499] kmalloc_oob_right+0x5d0/0x660 [ 26.690662] kunit_try_run_case+0x170/0x3f0 [ 26.690801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.690963] kthread+0x328/0x630 [ 26.691098] ret_from_fork+0x10/0x20 [ 26.691241] [ 26.691799] Allocated by task 138: [ 26.692049] kasan_save_stack+0x3c/0x68 [ 26.692352] kasan_save_track+0x20/0x40 [ 26.692518] kasan_save_alloc_info+0x40/0x58 [ 26.692622] __kasan_kmalloc+0xd4/0xd8 [ 26.692714] __kmalloc_cache_noprof+0x15c/0x3c0 [ 26.692823] kmalloc_oob_right+0xb0/0x660 [ 26.693174] kunit_try_run_case+0x170/0x3f0 [ 26.693502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.693697] kthread+0x328/0x630 [ 26.693995] ret_from_fork+0x10/0x20 [ 26.694293] [ 26.694568] The buggy address belongs to the object at fff00000c5a34700 [ 26.694568] which belongs to the cache kmalloc-128 of size 128 [ 26.694852] The buggy address is located 13 bytes to the right of [ 26.694852] allocated 115-byte region [fff00000c5a34700, fff00000c5a34773) [ 26.695188] [ 26.695260] The buggy address belongs to the physical page: [ 26.695651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a34 [ 26.696055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.696317] page_type: f5(slab) [ 26.696585] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.696718] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.696817] page dumped because: kasan: bad access detected [ 26.696898] [ 26.696945] Memory state around the buggy address: [ 26.697034] fff00000c5a34680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.697659] fff00000c5a34700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.698116] >fff00000c5a34780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.698429] ^ [ 26.698667] fff00000c5a34800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.698861] fff00000c5a34880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.699288] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 121.687781] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 121.689634] Modules linked in: [ 121.690006] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7 #1 PREEMPT [ 121.691208] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 121.692166] Hardware name: linux,dummy-virt (DT) [ 121.692610] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 121.693289] pc : intlog10+0x38/0x48 [ 121.693851] lr : intlog10_test+0xe4/0x200 [ 121.694388] sp : ffff800082317c10 [ 121.694773] x29: ffff800082317c90 x28: 0000000000000000 x27: 0000000000000000 [ 121.695697] x26: 1ffe0000182360a1 x25: 0000000000000000 x24: ffff800082317ce0 [ 121.696722] x23: ffff800082317d00 x22: 0000000000000000 x21: 1ffff00010462f82 [ 121.697684] x20: ffffa3ab92424e80 x19: ffff800080087990 x18: 0000000005ae4aaa [ 121.698637] x17: 0000000029663a6e x16: 0000000025154e50 x15: 000000008ba5b5f0 [ 121.699567] x14: 00000000f1f1f1f1 x13: 1ffe00001b48fdd0 x12: ffff747572c37769 [ 121.700500] x11: 1ffff47572c37768 x10: ffff747572c37768 x9 : ffffa3ab8fa0f88c [ 121.701412] x8 : ffffa3ab961bbb43 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 121.702629] x5 : ffff700010462f82 x4 : 1ffff00010010f3a x3 : 1ffff475724849d0 [ 121.703540] x2 : 1ffff475724849d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 121.704563] Call trace: [ 121.705153] intlog10+0x38/0x48 (P) [ 121.705705] kunit_try_run_case+0x170/0x3f0 [ 121.706143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 121.706648] kthread+0x328/0x630 [ 121.707099] ret_from_fork+0x10/0x20 [ 121.707628] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 121.575548] WARNING: CPU: 0 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 121.582614] Modules linked in: [ 121.583383] CPU: 0 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc7 #1 PREEMPT [ 121.585892] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 121.586301] Hardware name: linux,dummy-virt (DT) [ 121.586892] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 121.587772] pc : intlog2+0xd8/0xf8 [ 121.588205] lr : intlog2_test+0xe4/0x200 [ 121.588837] sp : ffff800082267c10 [ 121.589366] x29: ffff800082267c90 x28: 0000000000000000 x27: 0000000000000000 [ 121.590397] x26: 1ffe000018236021 x25: 0000000000000000 x24: ffff800082267ce0 [ 121.591100] x23: ffff800082267d00 x22: 0000000000000000 x21: 1ffff0001044cf82 [ 121.592255] x20: ffffa3ab92424d80 x19: ffff800080087990 x18: 000000008b5fc281 [ 121.593203] x17: 0000000000000001 x16: 0000000000000100 x15: fff00000ff616b08 [ 121.594164] x14: 00000000f1f1f1f1 x13: 1ffe00001b48fdd0 x12: ffff747572c37769 [ 121.595135] x11: 1ffff47572c37768 x10: ffff747572c37768 x9 : ffffa3ab8fa0fa8c [ 121.595843] x8 : ffffa3ab961bbb43 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 121.597157] x5 : ffff70001044cf82 x4 : 1ffff00010010f3a x3 : 1ffff475724849b0 [ 121.598656] x2 : 1ffff475724849b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 121.599474] Call trace: [ 121.599848] intlog2+0xd8/0xf8 (P) [ 121.600467] kunit_try_run_case+0x170/0x3f0 [ 121.601415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 121.602151] kthread+0x328/0x630 [ 121.602655] ret_from_fork+0x10/0x20 [ 121.603138] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 120.011641] Internal error: Oops: 0000000096000005 [#1] SMP [ 120.020192] Modules linked in: [ 120.021232] CPU: 1 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7 #1 PREEMPT [ 120.022331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 120.022915] Hardware name: linux,dummy-virt (DT) [ 120.023690] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 120.024768] pc : kunit_test_null_dereference+0x70/0x170 [ 120.025497] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 120.026308] sp : ffff800080ff7d30 [ 120.026964] x29: ffff800080ff7d90 x28: 0000000000000000 x27: 0000000000000000 [ 120.028010] x26: 1ffe000018f13d81 x25: 0000000000000000 x24: 0000000000000004 [ 120.028883] x23: fff00000c789ec0c x22: ffffa3ab8f9fce68 x21: fff00000c1126308 [ 120.029779] x20: 1ffff000101fefa6 x19: ffff800080087990 x18: 0000000052e8c106 [ 120.030663] x17: 0000000000000000 x16: fff00000da4a0f60 x15: 000000009e5051d5 [ 120.031559] x14: 00000000f1f1f1f1 x13: 1ffe00001b4941d0 x12: fffd800018cf93a4 [ 120.032429] x11: 1ffe000018cf93a3 x10: fffd800018cf93a3 x9 : ffffa3ab8f9f42d0 [ 120.033384] x8 : ffff800080ff7c38 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 120.034287] x5 : ffff7000101fefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 120.035175] x2 : dfff800000000000 x1 : fff00000c67c9440 x0 : ffff800080087990 [ 120.036106] Call trace: [ 120.036506] kunit_test_null_dereference+0x70/0x170 (P) [ 120.037132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 120.037767] kthread+0x328/0x630 [ 120.038187] ret_from_fork+0x10/0x20 [ 120.039187] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 120.040233] ---[ end trace 0000000000000000 ]---