Date
June 7, 2025, 10:40 a.m.
Failure - log-parser-boot - internal-error-oops-oops-preempt-smp
[ 117.646981] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 117.647794] Modules linked in: [ 117.648638] CPU: 0 UID: 0 PID: 621 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 117.650744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 117.651306] Hardware name: linux,dummy-virt (DT) [ 117.652009] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 117.652798] pc : kunit_test_null_dereference+0x70/0x170 [ 117.654072] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 117.654789] sp : ffff8000833d7d30 [ 117.655271] x29: ffff8000833d7d90 x28: 0000000000000000 x27: 0000000000000000 [ 117.656307] x26: 1ffe00001980eb01 x25: 0000000000000000 x24: fff00000c8c6ae80 [ 117.658088] x23: ffffadfe203dd378 x22: ffffadfe203e5f78 x21: fff00000c8c6ae88 [ 117.658824] x20: 1ffff0001067afa6 x19: ffff800080087990 x18: 00000000ab4613c5 [ 117.659800] x17: 00000000b3bdeaf9 x16: fff00000c0951c3c x15: 000000004f400341 [ 117.660766] x14: 1ffe00001b495988 x13: fff00000da4acd18 x12: fffd8000191c011c [ 117.661907] x11: 1ffe0000191c011b x10: fffd8000191c011b x9 : ffffadfe203dd400 [ 117.662809] x8 : ffff8000833d7c28 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 117.663753] x5 : ffff70001067afa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 117.664685] x2 : dfff800000000000 x1 : fff00000c8e00000 x0 : ffff800080087990 [ 117.665676] Call trace: [ 117.666088] kunit_test_null_dereference+0x70/0x170 (P) [ 117.666717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 117.667940] kthread+0x318/0x620 [ 117.668480] ret_from_fork+0x10/0x20 [ 117.669804] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 117.670773] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 61.127112] ================================================================== [ 61.127785] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 61.127785] [ 61.128464] Use-after-free read at 0x0000000073356e49 (in kfence-#186): [ 61.129375] test_krealloc+0x51c/0x830 [ 61.130534] kunit_try_run_case+0x170/0x3f0 [ 61.132223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.133247] kthread+0x318/0x620 [ 61.133803] ret_from_fork+0x10/0x20 [ 61.134367] [ 61.134711] kfence-#186: 0x0000000073356e49-0x00000000b10284cc, size=32, cache=kmalloc-32 [ 61.134711] [ 61.135680] allocated by task 326 on cpu 0 at 61.124411s (0.011257s ago): [ 61.136463] test_alloc+0x29c/0x628 [ 61.136968] test_krealloc+0xc0/0x830 [ 61.137519] kunit_try_run_case+0x170/0x3f0 [ 61.138110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.138741] kthread+0x318/0x620 [ 61.139303] ret_from_fork+0x10/0x20 [ 61.139806] [ 61.140151] freed by task 326 on cpu 0 at 61.124937s (0.015202s ago): [ 61.140838] krealloc_noprof+0x148/0x360 [ 61.141435] test_krealloc+0x1dc/0x830 [ 61.142037] kunit_try_run_case+0x170/0x3f0 [ 61.142597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.143376] kthread+0x318/0x620 [ 61.143878] ret_from_fork+0x10/0x20 [ 61.144423] [ 61.144768] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 61.145734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.146314] Hardware name: linux,dummy-virt (DT) [ 61.146845] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 61.037715] ================================================================== [ 61.038446] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 61.038446] [ 61.039579] Use-after-free read at 0x00000000c2405346 (in kfence-#185): [ 61.040361] test_memcache_typesafe_by_rcu+0x280/0x560 [ 61.041111] kunit_try_run_case+0x170/0x3f0 [ 61.041713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.042465] kthread+0x318/0x620 [ 61.043099] ret_from_fork+0x10/0x20 [ 61.043647] [ 61.044065] kfence-#185: 0x00000000c2405346-0x000000008c4430b4, size=32, cache=test [ 61.044065] [ 61.045045] allocated by task 324 on cpu 0 at 61.018169s (0.026863s ago): [ 61.045970] test_alloc+0x230/0x628 [ 61.046538] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 61.047287] kunit_try_run_case+0x170/0x3f0 [ 61.047913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.048568] kthread+0x318/0x620 [ 61.049207] ret_from_fork+0x10/0x20 [ 61.049740] [ 61.050146] freed by task 324 on cpu 0 at 61.018343s (0.031790s ago): [ 61.050908] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 61.051623] kunit_try_run_case+0x170/0x3f0 [ 61.052241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.052940] kthread+0x318/0x620 [ 61.053458] ret_from_fork+0x10/0x20 [ 61.054058] [ 61.054466] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 61.055531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.056124] Hardware name: linux,dummy-virt (DT) [ 61.056767] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 38.999979] ================================================================== [ 39.000959] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 39.000959] [ 39.002807] Invalid read at 0x00000000badf0555: [ 39.003467] test_invalid_access+0xdc/0x1f0 [ 39.004078] kunit_try_run_case+0x170/0x3f0 [ 39.004637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.005658] kthread+0x318/0x620 [ 39.006829] ret_from_fork+0x10/0x20 [ 39.007479] [ 39.007953] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 39.009384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.009861] Hardware name: linux,dummy-virt (DT) [ 39.011084] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 38.762188] ================================================================== [ 38.762952] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 38.762952] [ 38.763811] Corrupted memory at 0x00000000aca65d90 [ ! . . . . . . . . . . . . . . . ] (in kfence-#181): [ 38.766076] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 38.766661] kunit_try_run_case+0x170/0x3f0 [ 38.767165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.767735] kthread+0x318/0x620 [ 38.768177] ret_from_fork+0x10/0x20 [ 38.768618] [ 38.768965] kfence-#181: 0x00000000eaaa38d2-0x000000001a315279, size=73, cache=kmalloc-96 [ 38.768965] [ 38.769851] allocated by task 314 on cpu 0 at 38.761766s (0.008073s ago): [ 38.770629] test_alloc+0x29c/0x628 [ 38.771173] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 38.771787] kunit_try_run_case+0x170/0x3f0 [ 38.772339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.772957] kthread+0x318/0x620 [ 38.773431] ret_from_fork+0x10/0x20 [ 38.773965] [ 38.774334] freed by task 314 on cpu 0 at 38.761995s (0.012327s ago): [ 38.775119] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 38.775760] kunit_try_run_case+0x170/0x3f0 [ 38.776317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.776982] kthread+0x318/0x620 [ 38.777501] ret_from_fork+0x10/0x20 [ 38.778013] [ 38.778378] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 38.779298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.779758] Hardware name: linux,dummy-virt (DT) [ 38.780373] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 38.242214] ================================================================== [ 38.242927] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 38.242927] [ 38.243918] Out-of-bounds read at 0x0000000004e2f5f9 (105B right of kfence-#176): [ 38.244556] test_kmalloc_aligned_oob_read+0x238/0x468 [ 38.245379] kunit_try_run_case+0x170/0x3f0 [ 38.246015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.246716] kthread+0x318/0x620 [ 38.247196] ret_from_fork+0x10/0x20 [ 38.247715] [ 38.248094] kfence-#176: 0x000000002cc07e27-0x000000004b6094a8, size=73, cache=kmalloc-96 [ 38.248094] [ 38.249011] allocated by task 312 on cpu 1 at 38.241765s (0.007235s ago): [ 38.249758] test_alloc+0x29c/0x628 [ 38.250311] test_kmalloc_aligned_oob_read+0x100/0x468 [ 38.251051] kunit_try_run_case+0x170/0x3f0 [ 38.251521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.252354] kthread+0x318/0x620 [ 38.252785] ret_from_fork+0x10/0x20 [ 38.253351] [ 38.253736] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 38.254690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.255179] Hardware name: linux,dummy-virt (DT) [ 38.255725] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 33.770350] ================================================================== [ 33.771060] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 33.771060] [ 33.771863] Corrupted memory at 0x00000000fc953c86 [ ! . . . . . . . . . . . . . . . ] (in kfence-#133): [ 33.775062] test_corruption+0x278/0x378 [ 33.775594] kunit_try_run_case+0x170/0x3f0 [ 33.776170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.776808] kthread+0x318/0x620 [ 33.777320] ret_from_fork+0x10/0x20 [ 33.777817] [ 33.778135] kfence-#133: 0x0000000095560c4d-0x000000006f74639e, size=32, cache=kmalloc-32 [ 33.778135] [ 33.779100] allocated by task 300 on cpu 0 at 33.769854s (0.009234s ago): [ 33.779874] test_alloc+0x29c/0x628 [ 33.780421] test_corruption+0xdc/0x378 [ 33.781009] kunit_try_run_case+0x170/0x3f0 [ 33.781543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.782253] kthread+0x318/0x620 [ 33.782698] ret_from_fork+0x10/0x20 [ 33.783276] [ 33.783584] freed by task 300 on cpu 0 at 33.770022s (0.013551s ago): [ 33.784342] test_corruption+0x278/0x378 [ 33.784920] kunit_try_run_case+0x170/0x3f0 [ 33.785426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.786141] kthread+0x318/0x620 [ 33.786634] ret_from_fork+0x10/0x20 [ 33.787320] [ 33.787782] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.788786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.789286] Hardware name: linux,dummy-virt (DT) [ 33.789779] ================================================================== [ 33.874256] ================================================================== [ 33.874989] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 33.874989] [ 33.875738] Corrupted memory at 0x0000000010a44190 [ ! ] (in kfence-#134): [ 33.876780] test_corruption+0x284/0x378 [ 33.877595] kunit_try_run_case+0x170/0x3f0 [ 33.878187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.878850] kthread+0x318/0x620 [ 33.879325] ret_from_fork+0x10/0x20 [ 33.879829] [ 33.880189] kfence-#134: 0x0000000074204c31-0x0000000008759350, size=32, cache=kmalloc-32 [ 33.880189] [ 33.881104] allocated by task 300 on cpu 0 at 33.873783s (0.007309s ago): [ 33.881918] test_alloc+0x29c/0x628 [ 33.882364] test_corruption+0x198/0x378 [ 33.882974] kunit_try_run_case+0x170/0x3f0 [ 33.883491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.884144] kthread+0x318/0x620 [ 33.884575] ret_from_fork+0x10/0x20 [ 33.885126] [ 33.885500] freed by task 300 on cpu 0 at 33.873953s (0.011534s ago): [ 33.886280] test_corruption+0x284/0x378 [ 33.886771] kunit_try_run_case+0x170/0x3f0 [ 33.887357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.888075] kthread+0x318/0x620 [ 33.888507] ret_from_fork+0x10/0x20 [ 33.889084] [ 33.889448] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.890419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.890866] Hardware name: linux,dummy-virt (DT) [ 33.891545] ================================================================== [ 34.394107] ================================================================== [ 34.394821] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 34.394821] [ 34.395522] Corrupted memory at 0x00000000da859577 [ ! ] (in kfence-#139): [ 34.396688] test_corruption+0x1d8/0x378 [ 34.397473] kunit_try_run_case+0x170/0x3f0 [ 34.397973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.398701] kthread+0x318/0x620 [ 34.399175] ret_from_fork+0x10/0x20 [ 34.399705] [ 34.400046] kfence-#139: 0x00000000c0225ef1-0x00000000043f00dd, size=32, cache=test [ 34.400046] [ 34.401042] allocated by task 302 on cpu 0 at 34.393831s (0.007199s ago): [ 34.401996] test_alloc+0x230/0x628 [ 34.402511] test_corruption+0x198/0x378 [ 34.403022] kunit_try_run_case+0x170/0x3f0 [ 34.403565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.404265] kthread+0x318/0x620 [ 34.404727] ret_from_fork+0x10/0x20 [ 34.405232] [ 34.405562] freed by task 302 on cpu 0 at 34.393945s (0.011605s ago): [ 34.406295] test_corruption+0x1d8/0x378 [ 34.406811] kunit_try_run_case+0x170/0x3f0 [ 34.407387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.408101] kthread+0x318/0x620 [ 34.408599] ret_from_fork+0x10/0x20 [ 34.409109] [ 34.409472] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 34.410437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.410999] Hardware name: linux,dummy-virt (DT) [ 34.411525] ================================================================== [ 33.977971] ================================================================== [ 33.978620] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 33.978620] [ 33.979407] Corrupted memory at 0x0000000073e7ce1d [ ! . . . . . . . . . . . . . . . ] (in kfence-#135): [ 33.981940] test_corruption+0x120/0x378 [ 33.982464] kunit_try_run_case+0x170/0x3f0 [ 33.983099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.983729] kthread+0x318/0x620 [ 33.984238] ret_from_fork+0x10/0x20 [ 33.984765] [ 33.985095] kfence-#135: 0x00000000b22d62e3-0x00000000102b2b0c, size=32, cache=test [ 33.985095] [ 33.985968] allocated by task 302 on cpu 0 at 33.977710s (0.008246s ago): [ 33.986777] test_alloc+0x230/0x628 [ 33.987321] test_corruption+0xdc/0x378 [ 33.987867] kunit_try_run_case+0x170/0x3f0 [ 33.988426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.989049] kthread+0x318/0x620 [ 33.989596] ret_from_fork+0x10/0x20 [ 33.990089] [ 33.990423] freed by task 302 on cpu 0 at 33.977798s (0.012613s ago): [ 33.991154] test_corruption+0x120/0x378 [ 33.991719] kunit_try_run_case+0x170/0x3f0 [ 33.992333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.992960] kthread+0x318/0x620 [ 33.993470] ret_from_fork+0x10/0x20 [ 33.994040] [ 33.994409] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.995403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.995857] Hardware name: linux,dummy-virt (DT) [ 33.996472] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 33.249998] ================================================================== [ 33.250769] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 33.250769] [ 33.251537] Invalid free of 0x00000000ccb30b5e (in kfence-#128): [ 33.252294] test_invalid_addr_free+0xec/0x238 [ 33.252943] kunit_try_run_case+0x170/0x3f0 [ 33.253573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.254274] kthread+0x318/0x620 [ 33.254837] ret_from_fork+0x10/0x20 [ 33.255414] [ 33.255777] kfence-#128: 0x0000000012741f77-0x000000003f515073, size=32, cache=test [ 33.255777] [ 33.256626] allocated by task 298 on cpu 1 at 33.249783s (0.006833s ago): [ 33.257529] test_alloc+0x230/0x628 [ 33.258120] test_invalid_addr_free+0xd4/0x238 [ 33.258757] kunit_try_run_case+0x170/0x3f0 [ 33.259268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.260027] kthread+0x318/0x620 [ 33.260564] ret_from_fork+0x10/0x20 [ 33.261139] [ 33.261530] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.262539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.263040] Hardware name: linux,dummy-virt (DT) [ 33.263646] ================================================================== [ 33.145901] ================================================================== [ 33.146527] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 33.146527] [ 33.147415] Invalid free of 0x00000000a5216c97 (in kfence-#127): [ 33.148047] test_invalid_addr_free+0x1ac/0x238 [ 33.148637] kunit_try_run_case+0x170/0x3f0 [ 33.149160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.149856] kthread+0x318/0x620 [ 33.150421] ret_from_fork+0x10/0x20 [ 33.150965] [ 33.151301] kfence-#127: 0x00000000c526f662-0x000000009dcbba1a, size=32, cache=kmalloc-32 [ 33.151301] [ 33.152089] allocated by task 296 on cpu 1 at 33.145645s (0.006432s ago): [ 33.152970] test_alloc+0x29c/0x628 [ 33.153461] test_invalid_addr_free+0xd4/0x238 [ 33.154033] kunit_try_run_case+0x170/0x3f0 [ 33.154620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.155256] kthread+0x318/0x620 [ 33.155669] ret_from_fork+0x10/0x20 [ 33.156239] [ 33.156589] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.157670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.158181] Hardware name: linux,dummy-virt (DT) [ 33.158780] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 33.042111] ================================================================== [ 33.042769] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 33.042769] [ 33.043542] Invalid free of 0x000000005ccf2165 (in kfence-#126): [ 33.044146] test_double_free+0x100/0x238 [ 33.044754] kunit_try_run_case+0x170/0x3f0 [ 33.045273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.046004] kthread+0x318/0x620 [ 33.046519] ret_from_fork+0x10/0x20 [ 33.047110] [ 33.047439] kfence-#126: 0x000000005ccf2165-0x00000000b1658439, size=32, cache=test [ 33.047439] [ 33.048436] allocated by task 294 on cpu 0 at 33.041767s (0.006656s ago): [ 33.049244] test_alloc+0x230/0x628 [ 33.049734] test_double_free+0xd4/0x238 [ 33.050260] kunit_try_run_case+0x170/0x3f0 [ 33.050791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.051419] kthread+0x318/0x620 [ 33.051916] ret_from_fork+0x10/0x20 [ 33.052397] [ 33.052739] freed by task 294 on cpu 0 at 33.041857s (0.010870s ago): [ 33.053508] test_double_free+0xf0/0x238 [ 33.054061] kunit_try_run_case+0x170/0x3f0 [ 33.054676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.055340] kthread+0x318/0x620 [ 33.055783] ret_from_fork+0x10/0x20 [ 33.056327] [ 33.056688] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 33.057567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.058179] Hardware name: linux,dummy-virt (DT) [ 33.058653] ================================================================== [ 32.938350] ================================================================== [ 32.939152] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 32.939152] [ 32.939956] Invalid free of 0x000000004675fcfb (in kfence-#125): [ 32.940551] test_double_free+0x1bc/0x238 [ 32.941276] kunit_try_run_case+0x170/0x3f0 [ 32.941866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.942503] kthread+0x318/0x620 [ 32.942942] ret_from_fork+0x10/0x20 [ 32.943514] [ 32.943897] kfence-#125: 0x000000004675fcfb-0x0000000023770ba1, size=32, cache=kmalloc-32 [ 32.943897] [ 32.944977] allocated by task 292 on cpu 0 at 32.937844s (0.007122s ago): [ 32.945699] test_alloc+0x29c/0x628 [ 32.946264] test_double_free+0xd4/0x238 [ 32.946902] kunit_try_run_case+0x170/0x3f0 [ 32.947545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.948261] kthread+0x318/0x620 [ 32.948810] ret_from_fork+0x10/0x20 [ 32.949370] [ 32.949705] freed by task 292 on cpu 0 at 32.937976s (0.011717s ago): [ 32.950568] test_double_free+0x1ac/0x238 [ 32.951103] kunit_try_run_case+0x170/0x3f0 [ 32.951727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.952392] kthread+0x318/0x620 [ 32.952945] ret_from_fork+0x10/0x20 [ 32.953497] [ 32.953908] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 32.954927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.955453] Hardware name: linux,dummy-virt (DT) [ 32.956053] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 32.626026] ================================================================== [ 32.626725] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 32.626725] [ 32.627707] Use-after-free read at 0x0000000048c48b14 (in kfence-#122): [ 32.628354] test_use_after_free_read+0x114/0x248 [ 32.629330] kunit_try_run_case+0x170/0x3f0 [ 32.630005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.630759] kthread+0x318/0x620 [ 32.631380] ret_from_fork+0x10/0x20 [ 32.632046] [ 32.632478] kfence-#122: 0x0000000048c48b14-0x00000000d83cd514, size=32, cache=test [ 32.632478] [ 32.633674] allocated by task 286 on cpu 1 at 32.625703s (0.007956s ago): [ 32.634547] test_alloc+0x230/0x628 [ 32.635169] test_use_after_free_read+0xd0/0x248 [ 32.635730] kunit_try_run_case+0x170/0x3f0 [ 32.636468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.637038] kthread+0x318/0x620 [ 32.637601] ret_from_fork+0x10/0x20 [ 32.638131] [ 32.638501] freed by task 286 on cpu 1 at 32.625792s (0.012697s ago): [ 32.639417] test_use_after_free_read+0xf0/0x248 [ 32.640054] kunit_try_run_case+0x170/0x3f0 [ 32.640647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.641351] kthread+0x318/0x620 [ 32.641853] ret_from_fork+0x10/0x20 [ 32.642411] [ 32.642833] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 32.643848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.644441] Hardware name: linux,dummy-virt (DT) [ 32.645005] ================================================================== [ 32.522098] ================================================================== [ 32.522817] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 32.522817] [ 32.523634] Use-after-free read at 0x00000000618392db (in kfence-#121): [ 32.524488] test_use_after_free_read+0x114/0x248 [ 32.525239] kunit_try_run_case+0x170/0x3f0 [ 32.525843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.526568] kthread+0x318/0x620 [ 32.527197] ret_from_fork+0x10/0x20 [ 32.527734] [ 32.528120] kfence-#121: 0x00000000618392db-0x000000004a3b76d5, size=32, cache=kmalloc-32 [ 32.528120] [ 32.529006] allocated by task 284 on cpu 1 at 32.521673s (0.007322s ago): [ 32.529921] test_alloc+0x29c/0x628 [ 32.530602] test_use_after_free_read+0xd0/0x248 [ 32.531221] kunit_try_run_case+0x170/0x3f0 [ 32.531812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.532543] kthread+0x318/0x620 [ 32.533069] ret_from_fork+0x10/0x20 [ 32.533608] [ 32.534233] freed by task 284 on cpu 1 at 32.521786s (0.012242s ago): [ 32.535081] test_use_after_free_read+0x1c0/0x248 [ 32.535609] kunit_try_run_case+0x170/0x3f0 [ 32.536199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.536868] kthread+0x318/0x620 [ 32.537403] ret_from_fork+0x10/0x20 [ 32.537980] [ 32.538384] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 32.539345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.539902] Hardware name: linux,dummy-virt (DT) [ 32.540448] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 32.002055] ================================================================== [ 32.002811] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 32.002811] [ 32.003613] Out-of-bounds write at 0x0000000001510862 (1B left of kfence-#116): [ 32.004902] test_out_of_bounds_write+0x100/0x240 [ 32.005759] kunit_try_run_case+0x170/0x3f0 [ 32.006336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.006928] kthread+0x318/0x620 [ 32.007448] ret_from_fork+0x10/0x20 [ 32.007981] [ 32.008294] kfence-#116: 0x00000000ce997732-0x0000000048e1c55a, size=32, cache=kmalloc-32 [ 32.008294] [ 32.009188] allocated by task 280 on cpu 1 at 32.001777s (0.007399s ago): [ 32.010038] test_alloc+0x29c/0x628 [ 32.010521] test_out_of_bounds_write+0xc8/0x240 [ 32.011189] kunit_try_run_case+0x170/0x3f0 [ 32.011747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.012491] kthread+0x318/0x620 [ 32.012952] ret_from_fork+0x10/0x20 [ 32.013469] [ 32.013832] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 32.014823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.015350] Hardware name: linux,dummy-virt (DT) [ 32.015925] ================================================================== [ 32.417961] ================================================================== [ 32.418792] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 32.418792] [ 32.419692] Out-of-bounds write at 0x000000006d444d96 (1B left of kfence-#120): [ 32.421404] test_out_of_bounds_write+0x100/0x240 [ 32.422178] kunit_try_run_case+0x170/0x3f0 [ 32.422712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.423560] kthread+0x318/0x620 [ 32.424030] ret_from_fork+0x10/0x20 [ 32.424603] [ 32.425071] kfence-#120: 0x00000000a7750c7c-0x00000000befc4c35, size=32, cache=test [ 32.425071] [ 32.426037] allocated by task 282 on cpu 0 at 32.417783s (0.008243s ago): [ 32.426919] test_alloc+0x230/0x628 [ 32.427510] test_out_of_bounds_write+0xc8/0x240 [ 32.428078] kunit_try_run_case+0x170/0x3f0 [ 32.428718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.429395] kthread+0x318/0x620 [ 32.429948] ret_from_fork+0x10/0x20 [ 32.430497] [ 32.430931] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 32.431927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.432470] Hardware name: linux,dummy-virt (DT) [ 32.433081] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 31.689909] ================================================================== [ 31.690897] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 31.690897] [ 31.691742] Out-of-bounds read at 0x00000000c0818bf1 (1B left of kfence-#113): [ 31.692465] test_out_of_bounds_read+0x114/0x3e0 [ 31.693015] kunit_try_run_case+0x170/0x3f0 [ 31.693626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.694329] kthread+0x318/0x620 [ 31.695317] ret_from_fork+0x10/0x20 [ 31.695754] [ 31.696153] kfence-#113: 0x000000002fbec8d9-0x00000000109a3621, size=32, cache=test [ 31.696153] [ 31.696818] allocated by task 278 on cpu 0 at 31.689739s (0.007068s ago): [ 31.697477] test_alloc+0x230/0x628 [ 31.697867] test_out_of_bounds_read+0xdc/0x3e0 [ 31.698389] kunit_try_run_case+0x170/0x3f0 [ 31.698984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.699767] kthread+0x318/0x620 [ 31.700272] ret_from_fork+0x10/0x20 [ 31.700829] [ 31.703694] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.705154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.705539] Hardware name: linux,dummy-virt (DT) [ 31.707097] ================================================================== [ 31.586177] ================================================================== [ 31.586946] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 31.586946] [ 31.587809] Out-of-bounds read at 0x00000000fbf0aefe (32B right of kfence-#112): [ 31.588565] test_out_of_bounds_read+0x1c8/0x3e0 [ 31.589146] kunit_try_run_case+0x170/0x3f0 [ 31.589720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.590480] kthread+0x318/0x620 [ 31.590993] ret_from_fork+0x10/0x20 [ 31.591505] [ 31.591853] kfence-#112: 0x000000002a7fb7be-0x0000000076528a39, size=32, cache=kmalloc-32 [ 31.591853] [ 31.592799] allocated by task 276 on cpu 0 at 31.585756s (0.007031s ago): [ 31.593523] test_alloc+0x29c/0x628 [ 31.594123] test_out_of_bounds_read+0x198/0x3e0 [ 31.594660] kunit_try_run_case+0x170/0x3f0 [ 31.595254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.595971] kthread+0x318/0x620 [ 31.596470] ret_from_fork+0x10/0x20 [ 31.596982] [ 31.597326] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.598235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.598753] Hardware name: linux,dummy-virt (DT) [ 31.599366] ================================================================== [ 31.897943] ================================================================== [ 31.899020] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 31.899020] [ 31.899826] Out-of-bounds read at 0x000000009814c61a (32B right of kfence-#115): [ 31.900720] test_out_of_bounds_read+0x1c8/0x3e0 [ 31.901370] kunit_try_run_case+0x170/0x3f0 [ 31.902017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.902700] kthread+0x318/0x620 [ 31.903284] ret_from_fork+0x10/0x20 [ 31.903834] [ 31.904132] kfence-#115: 0x00000000cc8ca68e-0x00000000216803ec, size=32, cache=test [ 31.904132] [ 31.905143] allocated by task 278 on cpu 0 at 31.897770s (0.007361s ago): [ 31.905986] test_alloc+0x230/0x628 [ 31.906443] test_out_of_bounds_read+0x198/0x3e0 [ 31.907128] kunit_try_run_case+0x170/0x3f0 [ 31.907678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.908364] kthread+0x318/0x620 [ 31.908851] ret_from_fork+0x10/0x20 [ 31.909304] [ 31.909666] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.910605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.911082] Hardware name: linux,dummy-virt (DT) [ 31.911689] ================================================================== [ 31.482762] ================================================================== [ 31.483523] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 31.483523] [ 31.484417] Out-of-bounds read at 0x00000000652c4fb1 (1B left of kfence-#111): [ 31.485599] test_out_of_bounds_read+0x114/0x3e0 [ 31.486272] kunit_try_run_case+0x170/0x3f0 [ 31.486850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.487514] kthread+0x318/0x620 [ 31.487974] ret_from_fork+0x10/0x20 [ 31.488507] [ 31.489162] kfence-#111: 0x00000000076792a4-0x00000000efe44966, size=32, cache=kmalloc-32 [ 31.489162] [ 31.490325] allocated by task 276 on cpu 0 at 31.481730s (0.008472s ago): [ 31.491690] test_alloc+0x29c/0x628 [ 31.492145] test_out_of_bounds_read+0xdc/0x3e0 [ 31.492691] kunit_try_run_case+0x170/0x3f0 [ 31.493258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.493862] kthread+0x318/0x620 [ 31.494355] ret_from_fork+0x10/0x20 [ 31.495035] [ 31.495446] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.496398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.496905] Hardware name: linux,dummy-virt (DT) [ 31.497415] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 31.274878] ================================================================== [ 31.275618] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 31.276585] Write of size 1 at addr fff00000c6414878 by task kunit_try_catch/274 [ 31.277399] [ 31.277800] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.278066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.278154] Hardware name: linux,dummy-virt (DT) [ 31.278259] Call trace: [ 31.278351] show_stack+0x20/0x38 (C) [ 31.278510] dump_stack_lvl+0x8c/0xd0 [ 31.278578] print_report+0x118/0x608 [ 31.278663] kasan_report+0xdc/0x128 [ 31.278829] __asan_report_store1_noabort+0x20/0x30 [ 31.279015] strncpy_from_user+0x270/0x2a0 [ 31.279182] copy_user_test_oob+0x5c0/0xec0 [ 31.279353] kunit_try_run_case+0x170/0x3f0 [ 31.279432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.279500] kthread+0x318/0x620 [ 31.279557] ret_from_fork+0x10/0x20 [ 31.279624] [ 31.286121] Allocated by task 274: [ 31.286602] kasan_save_stack+0x3c/0x68 [ 31.287262] kasan_save_track+0x20/0x40 [ 31.287940] kasan_save_alloc_info+0x40/0x58 [ 31.288424] __kasan_kmalloc+0xd4/0xd8 [ 31.289048] __kmalloc_noprof+0x198/0x4c8 [ 31.289687] kunit_kmalloc_array+0x34/0x88 [ 31.290217] copy_user_test_oob+0xac/0xec0 [ 31.290798] kunit_try_run_case+0x170/0x3f0 [ 31.291503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.292170] kthread+0x318/0x620 [ 31.292785] ret_from_fork+0x10/0x20 [ 31.293334] [ 31.293725] The buggy address belongs to the object at fff00000c6414800 [ 31.293725] which belongs to the cache kmalloc-128 of size 128 [ 31.294976] The buggy address is located 0 bytes to the right of [ 31.294976] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.296244] [ 31.296618] The buggy address belongs to the physical page: [ 31.297270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.298185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.298932] page_type: f5(slab) [ 31.299445] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.300317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.301125] page dumped because: kasan: bad access detected [ 31.301740] [ 31.302080] Memory state around the buggy address: [ 31.302674] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.303522] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.304333] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.305105] ^ [ 31.305853] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.306695] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.307458] ================================================================== [ 31.239659] ================================================================== [ 31.240454] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 31.240789] Write of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.241450] [ 31.241675] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.241780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.241817] Hardware name: linux,dummy-virt (DT) [ 31.241856] Call trace: [ 31.242210] show_stack+0x20/0x38 (C) [ 31.242503] dump_stack_lvl+0x8c/0xd0 [ 31.242715] print_report+0x118/0x608 [ 31.242979] kasan_report+0xdc/0x128 [ 31.243124] kasan_check_range+0x100/0x1a8 [ 31.243261] __kasan_check_write+0x20/0x30 [ 31.243403] strncpy_from_user+0x3c/0x2a0 [ 31.243480] copy_user_test_oob+0x5c0/0xec0 [ 31.243542] kunit_try_run_case+0x170/0x3f0 [ 31.243600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.243665] kthread+0x318/0x620 [ 31.243723] ret_from_fork+0x10/0x20 [ 31.243784] [ 31.250951] Allocated by task 274: [ 31.251419] kasan_save_stack+0x3c/0x68 [ 31.252013] kasan_save_track+0x20/0x40 [ 31.252585] kasan_save_alloc_info+0x40/0x58 [ 31.253258] __kasan_kmalloc+0xd4/0xd8 [ 31.253865] __kmalloc_noprof+0x198/0x4c8 [ 31.254506] kunit_kmalloc_array+0x34/0x88 [ 31.255098] copy_user_test_oob+0xac/0xec0 [ 31.255759] kunit_try_run_case+0x170/0x3f0 [ 31.256376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.257121] kthread+0x318/0x620 [ 31.257694] ret_from_fork+0x10/0x20 [ 31.258284] [ 31.258635] The buggy address belongs to the object at fff00000c6414800 [ 31.258635] which belongs to the cache kmalloc-128 of size 128 [ 31.259942] The buggy address is located 0 bytes inside of [ 31.259942] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.261115] [ 31.261423] The buggy address belongs to the physical page: [ 31.262138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.263078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.263871] page_type: f5(slab) [ 31.264431] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.265287] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.266078] page dumped because: kasan: bad access detected [ 31.266714] [ 31.267090] Memory state around the buggy address: [ 31.267680] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.268520] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.269391] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.270256] ^ [ 31.271039] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.271802] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.272691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 31.206005] ================================================================== [ 31.206876] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec0 [ 31.207711] Read of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.208597] [ 31.208960] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.209116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.209155] Hardware name: linux,dummy-virt (DT) [ 31.209224] Call trace: [ 31.209297] show_stack+0x20/0x38 (C) [ 31.209439] dump_stack_lvl+0x8c/0xd0 [ 31.209581] print_report+0x118/0x608 [ 31.209722] kasan_report+0xdc/0x128 [ 31.209854] kasan_check_range+0x100/0x1a8 [ 31.209945] __kasan_check_read+0x20/0x30 [ 31.210004] copy_user_test_oob+0x4a0/0xec0 [ 31.210066] kunit_try_run_case+0x170/0x3f0 [ 31.210123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.210203] kthread+0x318/0x620 [ 31.210260] ret_from_fork+0x10/0x20 [ 31.210322] [ 31.216178] Allocated by task 274: [ 31.216711] kasan_save_stack+0x3c/0x68 [ 31.217375] kasan_save_track+0x20/0x40 [ 31.217868] kasan_save_alloc_info+0x40/0x58 [ 31.218471] __kasan_kmalloc+0xd4/0xd8 [ 31.218966] __kmalloc_noprof+0x198/0x4c8 [ 31.219506] kunit_kmalloc_array+0x34/0x88 [ 31.220052] copy_user_test_oob+0xac/0xec0 [ 31.220606] kunit_try_run_case+0x170/0x3f0 [ 31.221163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.221856] kthread+0x318/0x620 [ 31.222395] ret_from_fork+0x10/0x20 [ 31.222933] [ 31.223235] The buggy address belongs to the object at fff00000c6414800 [ 31.223235] which belongs to the cache kmalloc-128 of size 128 [ 31.224455] The buggy address is located 0 bytes inside of [ 31.224455] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.225583] [ 31.225874] The buggy address belongs to the physical page: [ 31.226513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.227256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.228020] page_type: f5(slab) [ 31.228509] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.229348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.230640] page dumped because: kasan: bad access detected [ 31.231358] [ 31.231798] Memory state around the buggy address: [ 31.232327] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.233243] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.233958] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.234638] ^ [ 31.235657] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.236535] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.237222] ================================================================== [ 31.012830] ================================================================== [ 31.014376] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec0 [ 31.015534] Write of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.016487] [ 31.016997] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.017164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.017214] Hardware name: linux,dummy-virt (DT) [ 31.017298] Call trace: [ 31.017333] show_stack+0x20/0x38 (C) [ 31.017406] dump_stack_lvl+0x8c/0xd0 [ 31.017475] print_report+0x118/0x608 [ 31.017540] kasan_report+0xdc/0x128 [ 31.017601] kasan_check_range+0x100/0x1a8 [ 31.017658] __kasan_check_write+0x20/0x30 [ 31.017715] copy_user_test_oob+0x234/0xec0 [ 31.017775] kunit_try_run_case+0x170/0x3f0 [ 31.017840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.017933] kthread+0x318/0x620 [ 31.017999] ret_from_fork+0x10/0x20 [ 31.018063] [ 31.024312] Allocated by task 274: [ 31.024798] kasan_save_stack+0x3c/0x68 [ 31.025388] kasan_save_track+0x20/0x40 [ 31.025903] kasan_save_alloc_info+0x40/0x58 [ 31.026499] __kasan_kmalloc+0xd4/0xd8 [ 31.027141] __kmalloc_noprof+0x198/0x4c8 [ 31.027663] kunit_kmalloc_array+0x34/0x88 [ 31.028217] copy_user_test_oob+0xac/0xec0 [ 31.028770] kunit_try_run_case+0x170/0x3f0 [ 31.029377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.030044] kthread+0x318/0x620 [ 31.030532] ret_from_fork+0x10/0x20 [ 31.030992] [ 31.031287] The buggy address belongs to the object at fff00000c6414800 [ 31.031287] which belongs to the cache kmalloc-128 of size 128 [ 31.032578] The buggy address is located 0 bytes inside of [ 31.032578] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.033810] [ 31.034154] The buggy address belongs to the physical page: [ 31.034818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.035603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.036326] page_type: f5(slab) [ 31.036871] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.037659] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.038412] page dumped because: kasan: bad access detected [ 31.039051] [ 31.039360] Memory state around the buggy address: [ 31.039953] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.040650] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.041468] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.042248] ^ [ 31.043443] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.044075] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.044908] ================================================================== [ 31.054126] ================================================================== [ 31.054878] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec0 [ 31.055647] Read of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.056295] [ 31.056705] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.056951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.057038] Hardware name: linux,dummy-virt (DT) [ 31.057130] Call trace: [ 31.057198] show_stack+0x20/0x38 (C) [ 31.057336] dump_stack_lvl+0x8c/0xd0 [ 31.057496] print_report+0x118/0x608 [ 31.057615] kasan_report+0xdc/0x128 [ 31.057679] kasan_check_range+0x100/0x1a8 [ 31.057737] __kasan_check_read+0x20/0x30 [ 31.057795] copy_user_test_oob+0x728/0xec0 [ 31.057860] kunit_try_run_case+0x170/0x3f0 [ 31.057955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.058023] kthread+0x318/0x620 [ 31.058082] ret_from_fork+0x10/0x20 [ 31.058142] [ 31.064525] Allocated by task 274: [ 31.065090] kasan_save_stack+0x3c/0x68 [ 31.065703] kasan_save_track+0x20/0x40 [ 31.066301] kasan_save_alloc_info+0x40/0x58 [ 31.066952] __kasan_kmalloc+0xd4/0xd8 [ 31.067581] __kmalloc_noprof+0x198/0x4c8 [ 31.068140] kunit_kmalloc_array+0x34/0x88 [ 31.068876] copy_user_test_oob+0xac/0xec0 [ 31.069493] kunit_try_run_case+0x170/0x3f0 [ 31.070107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.070791] kthread+0x318/0x620 [ 31.071227] ret_from_fork+0x10/0x20 [ 31.071658] [ 31.072042] The buggy address belongs to the object at fff00000c6414800 [ 31.072042] which belongs to the cache kmalloc-128 of size 128 [ 31.073120] The buggy address is located 0 bytes inside of [ 31.073120] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.074609] [ 31.075154] The buggy address belongs to the physical page: [ 31.075743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.076722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.077468] page_type: f5(slab) [ 31.077821] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.078761] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.079549] page dumped because: kasan: bad access detected [ 31.080183] [ 31.080505] Memory state around the buggy address: [ 31.081111] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.081902] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.082676] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.083435] ^ [ 31.084176] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.084991] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.085655] ================================================================== [ 31.092873] ================================================================== [ 31.093860] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec0 [ 31.095043] Write of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.096768] [ 31.097472] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.097703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.097763] Hardware name: linux,dummy-virt (DT) [ 31.097807] Call trace: [ 31.097835] show_stack+0x20/0x38 (C) [ 31.097985] dump_stack_lvl+0x8c/0xd0 [ 31.098132] print_report+0x118/0x608 [ 31.098214] kasan_report+0xdc/0x128 [ 31.098276] kasan_check_range+0x100/0x1a8 [ 31.098332] __kasan_check_write+0x20/0x30 [ 31.098389] copy_user_test_oob+0x35c/0xec0 [ 31.098450] kunit_try_run_case+0x170/0x3f0 [ 31.098507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.098572] kthread+0x318/0x620 [ 31.098627] ret_from_fork+0x10/0x20 [ 31.098687] [ 31.105310] Allocated by task 274: [ 31.105945] kasan_save_stack+0x3c/0x68 [ 31.106599] kasan_save_track+0x20/0x40 [ 31.107367] kasan_save_alloc_info+0x40/0x58 [ 31.108019] __kasan_kmalloc+0xd4/0xd8 [ 31.108725] __kmalloc_noprof+0x198/0x4c8 [ 31.109400] kunit_kmalloc_array+0x34/0x88 [ 31.109979] copy_user_test_oob+0xac/0xec0 [ 31.110760] kunit_try_run_case+0x170/0x3f0 [ 31.111456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.112253] kthread+0x318/0x620 [ 31.112932] ret_from_fork+0x10/0x20 [ 31.113490] [ 31.113912] The buggy address belongs to the object at fff00000c6414800 [ 31.113912] which belongs to the cache kmalloc-128 of size 128 [ 31.115243] The buggy address is located 0 bytes inside of [ 31.115243] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.116571] [ 31.116931] The buggy address belongs to the physical page: [ 31.117691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.118654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.119453] page_type: f5(slab) [ 31.120023] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.120915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.121734] page dumped because: kasan: bad access detected [ 31.122412] [ 31.122774] Memory state around the buggy address: [ 31.123435] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.124276] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.125099] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.125866] ^ [ 31.126575] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.127357] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.128244] ================================================================== [ 31.165492] ================================================================== [ 31.166223] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec0 [ 31.167479] Write of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.168310] [ 31.168671] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.169503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.169590] Hardware name: linux,dummy-virt (DT) [ 31.169685] Call trace: [ 31.169752] show_stack+0x20/0x38 (C) [ 31.169913] dump_stack_lvl+0x8c/0xd0 [ 31.170044] print_report+0x118/0x608 [ 31.170283] kasan_report+0xdc/0x128 [ 31.170410] kasan_check_range+0x100/0x1a8 [ 31.170538] __kasan_check_write+0x20/0x30 [ 31.170663] copy_user_test_oob+0x434/0xec0 [ 31.170791] kunit_try_run_case+0x170/0x3f0 [ 31.170960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.171102] kthread+0x318/0x620 [ 31.171227] ret_from_fork+0x10/0x20 [ 31.171349] [ 31.181568] Allocated by task 274: [ 31.182369] kasan_save_stack+0x3c/0x68 [ 31.182868] kasan_save_track+0x20/0x40 [ 31.183345] kasan_save_alloc_info+0x40/0x58 [ 31.183827] __kasan_kmalloc+0xd4/0xd8 [ 31.184629] __kmalloc_noprof+0x198/0x4c8 [ 31.185176] kunit_kmalloc_array+0x34/0x88 [ 31.185727] copy_user_test_oob+0xac/0xec0 [ 31.186418] kunit_try_run_case+0x170/0x3f0 [ 31.187064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.187746] kthread+0x318/0x620 [ 31.188287] ret_from_fork+0x10/0x20 [ 31.188852] [ 31.189256] The buggy address belongs to the object at fff00000c6414800 [ 31.189256] which belongs to the cache kmalloc-128 of size 128 [ 31.190535] The buggy address is located 0 bytes inside of [ 31.190535] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.191852] [ 31.192270] The buggy address belongs to the physical page: [ 31.192981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.193922] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.194677] page_type: f5(slab) [ 31.195224] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.196105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.196907] page dumped because: kasan: bad access detected [ 31.197583] [ 31.197973] Memory state around the buggy address: [ 31.198549] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.199394] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.200111] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.200829] ^ [ 31.201633] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.202411] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.203185] ================================================================== [ 31.131432] ================================================================== [ 31.132158] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec0 [ 31.133281] Read of size 121 at addr fff00000c6414800 by task kunit_try_catch/274 [ 31.134314] [ 31.134741] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.135048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.135119] Hardware name: linux,dummy-virt (DT) [ 31.135164] Call trace: [ 31.135195] show_stack+0x20/0x38 (C) [ 31.135265] dump_stack_lvl+0x8c/0xd0 [ 31.135328] print_report+0x118/0x608 [ 31.135386] kasan_report+0xdc/0x128 [ 31.135444] kasan_check_range+0x100/0x1a8 [ 31.135502] __kasan_check_read+0x20/0x30 [ 31.135558] copy_user_test_oob+0x3c8/0xec0 [ 31.135616] kunit_try_run_case+0x170/0x3f0 [ 31.135675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.135737] kthread+0x318/0x620 [ 31.135792] ret_from_fork+0x10/0x20 [ 31.135859] [ 31.142819] Allocated by task 274: [ 31.143542] kasan_save_stack+0x3c/0x68 [ 31.144351] kasan_save_track+0x20/0x40 [ 31.145008] kasan_save_alloc_info+0x40/0x58 [ 31.145566] __kasan_kmalloc+0xd4/0xd8 [ 31.146076] __kmalloc_noprof+0x198/0x4c8 [ 31.146625] kunit_kmalloc_array+0x34/0x88 [ 31.147296] copy_user_test_oob+0xac/0xec0 [ 31.147802] kunit_try_run_case+0x170/0x3f0 [ 31.148336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.148959] kthread+0x318/0x620 [ 31.149467] ret_from_fork+0x10/0x20 [ 31.149959] [ 31.150294] The buggy address belongs to the object at fff00000c6414800 [ 31.150294] which belongs to the cache kmalloc-128 of size 128 [ 31.151393] The buggy address is located 0 bytes inside of [ 31.151393] allocated 120-byte region [fff00000c6414800, fff00000c6414878) [ 31.152566] [ 31.152951] The buggy address belongs to the physical page: [ 31.153552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 31.154339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.155062] page_type: f5(slab) [ 31.155530] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.156326] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.157041] page dumped because: kasan: bad access detected [ 31.157666] [ 31.157988] Memory state around the buggy address: [ 31.158548] fff00000c6414700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.159303] fff00000c6414780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.160071] >fff00000c6414800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.160667] ^ [ 31.161795] fff00000c6414880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.162561] fff00000c6414900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.163345] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 30.918236] ================================================================== [ 30.919845] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 30.921492] Read of size 8 at addr fff00000c64f9978 by task kunit_try_catch/270 [ 30.922758] [ 30.923219] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.923415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.923484] Hardware name: linux,dummy-virt (DT) [ 30.923570] Call trace: [ 30.923642] show_stack+0x20/0x38 (C) [ 30.923799] dump_stack_lvl+0x8c/0xd0 [ 30.924019] print_report+0x118/0x608 [ 30.924166] kasan_report+0xdc/0x128 [ 30.924346] __asan_report_load8_noabort+0x20/0x30 [ 30.924495] copy_to_kernel_nofault+0x204/0x250 [ 30.924616] copy_to_kernel_nofault_oob+0x158/0x418 [ 30.924685] kunit_try_run_case+0x170/0x3f0 [ 30.924747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.924814] kthread+0x318/0x620 [ 30.924873] ret_from_fork+0x10/0x20 [ 30.924974] [ 30.931943] Allocated by task 270: [ 30.932545] kasan_save_stack+0x3c/0x68 [ 30.933273] kasan_save_track+0x20/0x40 [ 30.933753] kasan_save_alloc_info+0x40/0x58 [ 30.934436] __kasan_kmalloc+0xd4/0xd8 [ 30.934976] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.935601] copy_to_kernel_nofault_oob+0xc8/0x418 [ 30.936271] kunit_try_run_case+0x170/0x3f0 [ 30.936839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.937899] kthread+0x318/0x620 [ 30.938569] ret_from_fork+0x10/0x20 [ 30.939164] [ 30.939468] The buggy address belongs to the object at fff00000c64f9900 [ 30.939468] which belongs to the cache kmalloc-128 of size 128 [ 30.941040] The buggy address is located 0 bytes to the right of [ 30.941040] allocated 120-byte region [fff00000c64f9900, fff00000c64f9978) [ 30.942179] [ 30.942403] The buggy address belongs to the physical page: [ 30.942931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9 [ 30.943611] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.944916] page_type: f5(slab) [ 30.945526] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.946302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.947081] page dumped because: kasan: bad access detected [ 30.947655] [ 30.947956] Memory state around the buggy address: [ 30.948520] fff00000c64f9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.949611] fff00000c64f9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.950451] >fff00000c64f9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.951067] ^ [ 30.951668] fff00000c64f9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.952970] fff00000c64f9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.953809] ================================================================== [ 30.955454] ================================================================== [ 30.956047] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 30.956724] Write of size 8 at addr fff00000c64f9978 by task kunit_try_catch/270 [ 30.958222] [ 30.958613] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.958805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.958877] Hardware name: linux,dummy-virt (DT) [ 30.958974] Call trace: [ 30.959032] show_stack+0x20/0x38 (C) [ 30.959154] dump_stack_lvl+0x8c/0xd0 [ 30.959276] print_report+0x118/0x608 [ 30.959426] kasan_report+0xdc/0x128 [ 30.959572] kasan_check_range+0x100/0x1a8 [ 30.959717] __kasan_check_write+0x20/0x30 [ 30.959861] copy_to_kernel_nofault+0x8c/0x250 [ 30.960030] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 30.960104] kunit_try_run_case+0x170/0x3f0 [ 30.960165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.960233] kthread+0x318/0x620 [ 30.960293] ret_from_fork+0x10/0x20 [ 30.960354] [ 30.968430] Allocated by task 270: [ 30.968786] kasan_save_stack+0x3c/0x68 [ 30.969772] kasan_save_track+0x20/0x40 [ 30.970255] kasan_save_alloc_info+0x40/0x58 [ 30.970671] __kasan_kmalloc+0xd4/0xd8 [ 30.971063] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.971499] copy_to_kernel_nofault_oob+0xc8/0x418 [ 30.972537] kunit_try_run_case+0x170/0x3f0 [ 30.973647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.974255] kthread+0x318/0x620 [ 30.974722] ret_from_fork+0x10/0x20 [ 30.975216] [ 30.975563] The buggy address belongs to the object at fff00000c64f9900 [ 30.975563] which belongs to the cache kmalloc-128 of size 128 [ 30.976981] The buggy address is located 0 bytes to the right of [ 30.976981] allocated 120-byte region [fff00000c64f9900, fff00000c64f9978) [ 30.978170] [ 30.978466] The buggy address belongs to the physical page: [ 30.979136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9 [ 30.979970] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.980583] page_type: f5(slab) [ 30.981167] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.981959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.982720] page dumped because: kasan: bad access detected [ 30.983340] [ 30.983637] Memory state around the buggy address: [ 30.984133] fff00000c64f9800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.984914] fff00000c64f9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.985922] >fff00000c64f9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.986626] ^ [ 30.987772] fff00000c64f9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.988415] fff00000c64f9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.989173] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 30.812337] ================================================================== [ 30.813626] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 30.814500] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258 [ 30.815337] [ 30.815650] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.815857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.815961] Hardware name: linux,dummy-virt (DT) [ 30.816059] Call trace: [ 30.816129] show_stack+0x20/0x38 (C) [ 30.816276] dump_stack_lvl+0x8c/0xd0 [ 30.816418] print_report+0x310/0x608 [ 30.816561] kasan_report+0xdc/0x128 [ 30.816705] __asan_report_load1_noabort+0x20/0x30 [ 30.816846] vmalloc_oob+0x578/0x5d0 [ 30.817017] kunit_try_run_case+0x170/0x3f0 [ 30.817152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.817299] kthread+0x318/0x620 [ 30.817379] ret_from_fork+0x10/0x20 [ 30.817441] [ 30.824008] The buggy address belongs to the virtual mapping at [ 30.824008] [ffff80008010b000, ffff80008010d000) created by: [ 30.824008] vmalloc_oob+0x98/0x5d0 [ 30.826057] [ 30.826545] The buggy address belongs to the physical page: [ 30.827109] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106366 [ 30.828118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.828988] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.830089] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.831010] page dumped because: kasan: bad access detected [ 30.831751] [ 30.832238] Memory state around the buggy address: [ 30.832754] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.833967] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.834567] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 30.835246] ^ [ 30.835987] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.836858] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.838033] ================================================================== [ 30.840768] ================================================================== [ 30.841584] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 30.842446] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258 [ 30.843303] [ 30.843662] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.844192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.844285] Hardware name: linux,dummy-virt (DT) [ 30.844380] Call trace: [ 30.844452] show_stack+0x20/0x38 (C) [ 30.844594] dump_stack_lvl+0x8c/0xd0 [ 30.844667] print_report+0x310/0x608 [ 30.844728] kasan_report+0xdc/0x128 [ 30.844788] __asan_report_load1_noabort+0x20/0x30 [ 30.844849] vmalloc_oob+0x51c/0x5d0 [ 30.845066] kunit_try_run_case+0x170/0x3f0 [ 30.845262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.845339] kthread+0x318/0x620 [ 30.845399] ret_from_fork+0x10/0x20 [ 30.845458] [ 30.852254] The buggy address belongs to the virtual mapping at [ 30.852254] [ffff80008010b000, ffff80008010d000) created by: [ 30.852254] vmalloc_oob+0x98/0x5d0 [ 30.853862] [ 30.854252] The buggy address belongs to the physical page: [ 30.855354] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106366 [ 30.856145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.857287] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.858380] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.859617] page dumped because: kasan: bad access detected [ 30.860714] [ 30.861397] Memory state around the buggy address: [ 30.862393] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.863339] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.864340] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 30.865305] ^ [ 30.866154] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.867097] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.867973] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 28.541865] ================================================================== [ 28.543327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 28.544142] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.545112] [ 28.545579] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.545851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.545959] Hardware name: linux,dummy-virt (DT) [ 28.546110] Call trace: [ 28.546189] show_stack+0x20/0x38 (C) [ 28.546259] dump_stack_lvl+0x8c/0xd0 [ 28.546364] print_report+0x118/0x608 [ 28.546439] kasan_report+0xdc/0x128 [ 28.546499] kasan_check_range+0x100/0x1a8 [ 28.546554] __kasan_check_write+0x20/0x30 [ 28.546611] kasan_atomics_helper+0x6ec/0x4858 [ 28.546682] kasan_atomics+0x198/0x2e8 [ 28.546742] kunit_try_run_case+0x170/0x3f0 [ 28.546799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.546873] kthread+0x318/0x620 [ 28.546963] ret_from_fork+0x10/0x20 [ 28.547027] [ 28.556694] Allocated by task 254: [ 28.557393] kasan_save_stack+0x3c/0x68 [ 28.558352] kasan_save_track+0x20/0x40 [ 28.559304] kasan_save_alloc_info+0x40/0x58 [ 28.560058] __kasan_kmalloc+0xd4/0xd8 [ 28.560619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.561498] kasan_atomics+0xb8/0x2e8 [ 28.562105] kunit_try_run_case+0x170/0x3f0 [ 28.562579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.563417] kthread+0x318/0x620 [ 28.565415] ret_from_fork+0x10/0x20 [ 28.566606] [ 28.566959] The buggy address belongs to the object at fff00000c65edb80 [ 28.566959] which belongs to the cache kmalloc-64 of size 64 [ 28.569299] The buggy address is located 0 bytes to the right of [ 28.569299] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.570504] [ 28.571046] The buggy address belongs to the physical page: [ 28.571923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.573340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.574137] page_type: f5(slab) [ 28.574801] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.576205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.577067] page dumped because: kasan: bad access detected [ 28.577493] [ 28.577703] Memory state around the buggy address: [ 28.578116] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.578674] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.579848] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.581023] ^ [ 28.581847] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.583160] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.584658] ================================================================== [ 28.066612] ================================================================== [ 28.068849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 28.071621] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.073363] [ 28.073638] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.073835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.074555] Hardware name: linux,dummy-virt (DT) [ 28.074640] Call trace: [ 28.074698] show_stack+0x20/0x38 (C) [ 28.074820] dump_stack_lvl+0x8c/0xd0 [ 28.074957] print_report+0x118/0x608 [ 28.075084] kasan_report+0xdc/0x128 [ 28.075202] __asan_report_load4_noabort+0x20/0x30 [ 28.075326] kasan_atomics_helper+0x40fc/0x4858 [ 28.075446] kasan_atomics+0x198/0x2e8 [ 28.075563] kunit_try_run_case+0x170/0x3f0 [ 28.075682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.075813] kthread+0x318/0x620 [ 28.075948] ret_from_fork+0x10/0x20 [ 28.076071] [ 28.088818] Allocated by task 254: [ 28.090011] kasan_save_stack+0x3c/0x68 [ 28.091290] kasan_save_track+0x20/0x40 [ 28.092546] kasan_save_alloc_info+0x40/0x58 [ 28.094006] __kasan_kmalloc+0xd4/0xd8 [ 28.095239] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.096565] kasan_atomics+0xb8/0x2e8 [ 28.097696] kunit_try_run_case+0x170/0x3f0 [ 28.098837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.100301] kthread+0x318/0x620 [ 28.100671] ret_from_fork+0x10/0x20 [ 28.102100] [ 28.102876] The buggy address belongs to the object at fff00000c65edb80 [ 28.102876] which belongs to the cache kmalloc-64 of size 64 [ 28.105673] The buggy address is located 0 bytes to the right of [ 28.105673] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.107056] [ 28.107687] The buggy address belongs to the physical page: [ 28.108145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.109254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.110120] page_type: f5(slab) [ 28.110547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.111838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.112501] page dumped because: kasan: bad access detected [ 28.112767] [ 28.112944] Memory state around the buggy address: [ 28.113489] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.114819] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.115381] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.115922] ^ [ 28.116336] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.116840] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.119037] ================================================================== [ 27.828550] ================================================================== [ 27.829361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 27.830026] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 27.830701] [ 27.831066] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.831632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.831705] Hardware name: linux,dummy-virt (DT) [ 27.831792] Call trace: [ 27.831857] show_stack+0x20/0x38 (C) [ 27.832740] dump_stack_lvl+0x8c/0xd0 [ 27.832876] print_report+0x118/0x608 [ 27.835616] kasan_report+0xdc/0x128 [ 27.835742] __asan_report_store4_noabort+0x20/0x30 [ 27.836964] kasan_atomics_helper+0x3f7c/0x4858 [ 27.837106] kasan_atomics+0x198/0x2e8 [ 27.841941] kunit_try_run_case+0x170/0x3f0 [ 27.842101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.842240] kthread+0x318/0x620 [ 27.842362] ret_from_fork+0x10/0x20 [ 27.842505] [ 27.857130] Allocated by task 254: [ 27.857958] kasan_save_stack+0x3c/0x68 [ 27.858399] kasan_save_track+0x20/0x40 [ 27.858781] kasan_save_alloc_info+0x40/0x58 [ 27.859198] __kasan_kmalloc+0xd4/0xd8 [ 27.859951] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.860745] kasan_atomics+0xb8/0x2e8 [ 27.862386] kunit_try_run_case+0x170/0x3f0 [ 27.863179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.864229] kthread+0x318/0x620 [ 27.865331] ret_from_fork+0x10/0x20 [ 27.866038] [ 27.866433] The buggy address belongs to the object at fff00000c65edb80 [ 27.866433] which belongs to the cache kmalloc-64 of size 64 [ 27.869127] The buggy address is located 0 bytes to the right of [ 27.869127] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 27.871344] [ 27.871592] The buggy address belongs to the physical page: [ 27.872226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 27.874138] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.875225] page_type: f5(slab) [ 27.875849] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.876910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.877478] page dumped because: kasan: bad access detected [ 27.878702] [ 27.879138] Memory state around the buggy address: [ 27.880250] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.881631] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.883033] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.883903] ^ [ 27.885122] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.885830] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.887080] ================================================================== [ 29.323462] ================================================================== [ 29.326824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 29.328342] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.331447] [ 29.331877] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.332530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.332611] Hardware name: linux,dummy-virt (DT) [ 29.332700] Call trace: [ 29.332765] show_stack+0x20/0x38 (C) [ 29.332972] dump_stack_lvl+0x8c/0xd0 [ 29.333117] print_report+0x118/0x608 [ 29.333248] kasan_report+0xdc/0x128 [ 29.333386] __asan_report_load4_noabort+0x20/0x30 [ 29.333528] kasan_atomics_helper+0x3dbc/0x4858 [ 29.333645] kasan_atomics+0x198/0x2e8 [ 29.333749] kunit_try_run_case+0x170/0x3f0 [ 29.333868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.334034] kthread+0x318/0x620 [ 29.334152] ret_from_fork+0x10/0x20 [ 29.334296] [ 29.346497] Allocated by task 254: [ 29.348068] kasan_save_stack+0x3c/0x68 [ 29.348829] kasan_save_track+0x20/0x40 [ 29.349285] kasan_save_alloc_info+0x40/0x58 [ 29.349703] __kasan_kmalloc+0xd4/0xd8 [ 29.351288] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.351961] kasan_atomics+0xb8/0x2e8 [ 29.352416] kunit_try_run_case+0x170/0x3f0 [ 29.354263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.355323] kthread+0x318/0x620 [ 29.356413] ret_from_fork+0x10/0x20 [ 29.356870] [ 29.357182] The buggy address belongs to the object at fff00000c65edb80 [ 29.357182] which belongs to the cache kmalloc-64 of size 64 [ 29.359434] The buggy address is located 0 bytes to the right of [ 29.359434] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.362348] [ 29.362668] The buggy address belongs to the physical page: [ 29.364496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.365415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.367021] page_type: f5(slab) [ 29.367364] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.369478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.370633] page dumped because: kasan: bad access detected [ 29.371219] [ 29.371524] Memory state around the buggy address: [ 29.372862] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.374859] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.375745] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.377476] ^ [ 29.378306] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.379536] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.380091] ================================================================== [ 30.281525] ================================================================== [ 30.282334] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 30.283134] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.283985] [ 30.284355] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.284570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.284657] Hardware name: linux,dummy-virt (DT) [ 30.284783] Call trace: [ 30.284862] show_stack+0x20/0x38 (C) [ 30.285071] dump_stack_lvl+0x8c/0xd0 [ 30.285277] print_report+0x118/0x608 [ 30.285417] kasan_report+0xdc/0x128 [ 30.285555] kasan_check_range+0x100/0x1a8 [ 30.285633] __kasan_check_write+0x20/0x30 [ 30.285691] kasan_atomics_helper+0x1384/0x4858 [ 30.285753] kasan_atomics+0x198/0x2e8 [ 30.285809] kunit_try_run_case+0x170/0x3f0 [ 30.285868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.285966] kthread+0x318/0x620 [ 30.286024] ret_from_fork+0x10/0x20 [ 30.286086] [ 30.292834] Allocated by task 254: [ 30.293304] kasan_save_stack+0x3c/0x68 [ 30.293826] kasan_save_track+0x20/0x40 [ 30.294491] kasan_save_alloc_info+0x40/0x58 [ 30.295189] __kasan_kmalloc+0xd4/0xd8 [ 30.295691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.296402] kasan_atomics+0xb8/0x2e8 [ 30.297003] kunit_try_run_case+0x170/0x3f0 [ 30.297612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.298400] kthread+0x318/0x620 [ 30.298916] ret_from_fork+0x10/0x20 [ 30.299525] [ 30.299837] The buggy address belongs to the object at fff00000c65edb80 [ 30.299837] which belongs to the cache kmalloc-64 of size 64 [ 30.300961] The buggy address is located 0 bytes to the right of [ 30.300961] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.302328] [ 30.302606] The buggy address belongs to the physical page: [ 30.303355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.304244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.304984] page_type: f5(slab) [ 30.305530] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.306315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.307152] page dumped because: kasan: bad access detected [ 30.307730] [ 30.308060] Memory state around the buggy address: [ 30.308463] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.309035] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.309543] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.310085] ^ [ 30.310695] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.311342] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.312220] ================================================================== [ 30.213828] ================================================================== [ 30.214457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 30.215423] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.216177] [ 30.216574] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.216832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.216938] Hardware name: linux,dummy-virt (DT) [ 30.217078] Call trace: [ 30.217153] show_stack+0x20/0x38 (C) [ 30.217293] dump_stack_lvl+0x8c/0xd0 [ 30.217441] print_report+0x118/0x608 [ 30.217620] kasan_report+0xdc/0x128 [ 30.217760] kasan_check_range+0x100/0x1a8 [ 30.217826] __kasan_check_write+0x20/0x30 [ 30.217912] kasan_atomics_helper+0x126c/0x4858 [ 30.217983] kasan_atomics+0x198/0x2e8 [ 30.218040] kunit_try_run_case+0x170/0x3f0 [ 30.218100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.218177] kthread+0x318/0x620 [ 30.218236] ret_from_fork+0x10/0x20 [ 30.218297] [ 30.224705] Allocated by task 254: [ 30.225292] kasan_save_stack+0x3c/0x68 [ 30.225935] kasan_save_track+0x20/0x40 [ 30.226639] kasan_save_alloc_info+0x40/0x58 [ 30.227248] __kasan_kmalloc+0xd4/0xd8 [ 30.227802] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.228457] kasan_atomics+0xb8/0x2e8 [ 30.228983] kunit_try_run_case+0x170/0x3f0 [ 30.229595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.230309] kthread+0x318/0x620 [ 30.230818] ret_from_fork+0x10/0x20 [ 30.231395] [ 30.231726] The buggy address belongs to the object at fff00000c65edb80 [ 30.231726] which belongs to the cache kmalloc-64 of size 64 [ 30.232774] The buggy address is located 0 bytes to the right of [ 30.232774] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.234176] [ 30.234511] The buggy address belongs to the physical page: [ 30.235208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.235877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.236740] page_type: f5(slab) [ 30.237358] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.238225] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.239041] page dumped because: kasan: bad access detected [ 30.239716] [ 30.240093] Memory state around the buggy address: [ 30.240676] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.241428] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.242250] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.243138] ^ [ 30.243724] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.244488] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.245253] ================================================================== [ 30.730915] ================================================================== [ 30.732268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 30.732964] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.734045] [ 30.734803] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.735129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.735227] Hardware name: linux,dummy-virt (DT) [ 30.735315] Call trace: [ 30.735386] show_stack+0x20/0x38 (C) [ 30.735529] dump_stack_lvl+0x8c/0xd0 [ 30.735737] print_report+0x118/0x608 [ 30.735929] kasan_report+0xdc/0x128 [ 30.736155] __asan_report_load8_noabort+0x20/0x30 [ 30.736251] kasan_atomics_helper+0x3e20/0x4858 [ 30.736317] kasan_atomics+0x198/0x2e8 [ 30.736375] kunit_try_run_case+0x170/0x3f0 [ 30.736435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.736498] kthread+0x318/0x620 [ 30.736557] ret_from_fork+0x10/0x20 [ 30.736617] [ 30.743374] Allocated by task 254: [ 30.743773] kasan_save_stack+0x3c/0x68 [ 30.744529] kasan_save_track+0x20/0x40 [ 30.745256] kasan_save_alloc_info+0x40/0x58 [ 30.745857] __kasan_kmalloc+0xd4/0xd8 [ 30.746543] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.747246] kasan_atomics+0xb8/0x2e8 [ 30.747834] kunit_try_run_case+0x170/0x3f0 [ 30.748501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.749240] kthread+0x318/0x620 [ 30.749809] ret_from_fork+0x10/0x20 [ 30.750411] [ 30.750808] The buggy address belongs to the object at fff00000c65edb80 [ 30.750808] which belongs to the cache kmalloc-64 of size 64 [ 30.752115] The buggy address is located 0 bytes to the right of [ 30.752115] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.753535] [ 30.753952] The buggy address belongs to the physical page: [ 30.754634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.755550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.756220] page_type: f5(slab) [ 30.756438] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.756776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.757801] page dumped because: kasan: bad access detected [ 30.758400] [ 30.758780] Memory state around the buggy address: [ 30.759414] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.760221] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.760990] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.761741] ^ [ 30.762342] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.763171] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.763942] ================================================================== [ 28.331439] ================================================================== [ 28.332159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 28.332905] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.333764] [ 28.334195] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.334411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.334502] Hardware name: linux,dummy-virt (DT) [ 28.334600] Call trace: [ 28.334673] show_stack+0x20/0x38 (C) [ 28.334814] dump_stack_lvl+0x8c/0xd0 [ 28.334977] print_report+0x118/0x608 [ 28.335113] kasan_report+0xdc/0x128 [ 28.335177] kasan_check_range+0x100/0x1a8 [ 28.335235] __kasan_check_write+0x20/0x30 [ 28.335294] kasan_atomics_helper+0x4e4/0x4858 [ 28.335354] kasan_atomics+0x198/0x2e8 [ 28.335410] kunit_try_run_case+0x170/0x3f0 [ 28.335469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.335531] kthread+0x318/0x620 [ 28.335588] ret_from_fork+0x10/0x20 [ 28.335647] [ 28.344187] Allocated by task 254: [ 28.344533] kasan_save_stack+0x3c/0x68 [ 28.344984] kasan_save_track+0x20/0x40 [ 28.345362] kasan_save_alloc_info+0x40/0x58 [ 28.345753] __kasan_kmalloc+0xd4/0xd8 [ 28.350271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.353095] kasan_atomics+0xb8/0x2e8 [ 28.354547] kunit_try_run_case+0x170/0x3f0 [ 28.357273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.358647] kthread+0x318/0x620 [ 28.359257] ret_from_fork+0x10/0x20 [ 28.359807] [ 28.360152] The buggy address belongs to the object at fff00000c65edb80 [ 28.360152] which belongs to the cache kmalloc-64 of size 64 [ 28.361398] The buggy address is located 0 bytes to the right of [ 28.361398] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.362949] [ 28.363217] The buggy address belongs to the physical page: [ 28.364020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.365370] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.366239] page_type: f5(slab) [ 28.366580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.367148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.367710] page dumped because: kasan: bad access detected [ 28.368197] [ 28.368516] Memory state around the buggy address: [ 28.369034] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.369853] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.370837] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.371680] ^ [ 28.372194] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373380] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.374719] ================================================================== [ 29.010767] ================================================================== [ 29.012015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 29.012601] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.013841] [ 29.016083] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.016311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.016398] Hardware name: linux,dummy-virt (DT) [ 29.016490] Call trace: [ 29.016560] show_stack+0x20/0x38 (C) [ 29.016712] dump_stack_lvl+0x8c/0xd0 [ 29.016853] print_report+0x118/0x608 [ 29.017009] kasan_report+0xdc/0x128 [ 29.017116] kasan_check_range+0x100/0x1a8 [ 29.017217] __kasan_check_write+0x20/0x30 [ 29.017314] kasan_atomics_helper+0xa04/0x4858 [ 29.017435] kasan_atomics+0x198/0x2e8 [ 29.017560] kunit_try_run_case+0x170/0x3f0 [ 29.017686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.017827] kthread+0x318/0x620 [ 29.017993] ret_from_fork+0x10/0x20 [ 29.018129] [ 29.028752] Allocated by task 254: [ 29.029256] kasan_save_stack+0x3c/0x68 [ 29.029744] kasan_save_track+0x20/0x40 [ 29.030523] kasan_save_alloc_info+0x40/0x58 [ 29.031404] __kasan_kmalloc+0xd4/0xd8 [ 29.032164] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.033154] kasan_atomics+0xb8/0x2e8 [ 29.034287] kunit_try_run_case+0x170/0x3f0 [ 29.035983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.036699] kthread+0x318/0x620 [ 29.037073] ret_from_fork+0x10/0x20 [ 29.037405] [ 29.037616] The buggy address belongs to the object at fff00000c65edb80 [ 29.037616] which belongs to the cache kmalloc-64 of size 64 [ 29.040618] The buggy address is located 0 bytes to the right of [ 29.040618] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.043072] [ 29.043441] The buggy address belongs to the physical page: [ 29.044809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.046220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.047341] page_type: f5(slab) [ 29.047724] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.049379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.050841] page dumped because: kasan: bad access detected [ 29.051791] [ 29.052582] Memory state around the buggy address: [ 29.053592] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.054291] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.055485] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.057071] ^ [ 29.058196] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.059643] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.061038] ================================================================== [ 29.194326] ================================================================== [ 29.195763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 29.196790] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.197585] [ 29.197861] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.198057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.198122] Hardware name: linux,dummy-virt (DT) [ 29.198210] Call trace: [ 29.198268] show_stack+0x20/0x38 (C) [ 29.198409] dump_stack_lvl+0x8c/0xd0 [ 29.198545] print_report+0x118/0x608 [ 29.198680] kasan_report+0xdc/0x128 [ 29.198814] __asan_report_load4_noabort+0x20/0x30 [ 29.199447] kasan_atomics_helper+0x3dcc/0x4858 [ 29.199598] kasan_atomics+0x198/0x2e8 [ 29.199753] kunit_try_run_case+0x170/0x3f0 [ 29.199980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.200132] kthread+0x318/0x620 [ 29.200333] ret_from_fork+0x10/0x20 [ 29.200487] [ 29.211130] Allocated by task 254: [ 29.212260] kasan_save_stack+0x3c/0x68 [ 29.213451] kasan_save_track+0x20/0x40 [ 29.214458] kasan_save_alloc_info+0x40/0x58 [ 29.215736] __kasan_kmalloc+0xd4/0xd8 [ 29.216707] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.217451] kasan_atomics+0xb8/0x2e8 [ 29.217835] kunit_try_run_case+0x170/0x3f0 [ 29.219208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.220596] kthread+0x318/0x620 [ 29.222607] ret_from_fork+0x10/0x20 [ 29.223026] [ 29.223268] The buggy address belongs to the object at fff00000c65edb80 [ 29.223268] which belongs to the cache kmalloc-64 of size 64 [ 29.227565] The buggy address is located 0 bytes to the right of [ 29.227565] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.233765] [ 29.234501] The buggy address belongs to the physical page: [ 29.237103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.239479] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.240542] page_type: f5(slab) [ 29.242015] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.242557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.243071] page dumped because: kasan: bad access detected [ 29.243472] [ 29.243708] Memory state around the buggy address: [ 29.244815] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.248105] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.248634] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.249346] ^ [ 29.251529] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.253661] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.256031] ================================================================== [ 30.346545] ================================================================== [ 30.347333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 30.348038] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.349218] [ 30.349630] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.349816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.349902] Hardware name: linux,dummy-virt (DT) [ 30.350027] Call trace: [ 30.350133] show_stack+0x20/0x38 (C) [ 30.350350] dump_stack_lvl+0x8c/0xd0 [ 30.350555] print_report+0x118/0x608 [ 30.350755] kasan_report+0xdc/0x128 [ 30.350940] kasan_check_range+0x100/0x1a8 [ 30.351059] __kasan_check_write+0x20/0x30 [ 30.351169] kasan_atomics_helper+0x1414/0x4858 [ 30.351318] kasan_atomics+0x198/0x2e8 [ 30.351429] kunit_try_run_case+0x170/0x3f0 [ 30.351544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.351668] kthread+0x318/0x620 [ 30.351816] ret_from_fork+0x10/0x20 [ 30.351984] [ 30.358741] Allocated by task 254: [ 30.359283] kasan_save_stack+0x3c/0x68 [ 30.359919] kasan_save_track+0x20/0x40 [ 30.360534] kasan_save_alloc_info+0x40/0x58 [ 30.361149] __kasan_kmalloc+0xd4/0xd8 [ 30.361715] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.362252] kasan_atomics+0xb8/0x2e8 [ 30.362688] kunit_try_run_case+0x170/0x3f0 [ 30.363398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.364153] kthread+0x318/0x620 [ 30.364704] ret_from_fork+0x10/0x20 [ 30.365284] [ 30.365594] The buggy address belongs to the object at fff00000c65edb80 [ 30.365594] which belongs to the cache kmalloc-64 of size 64 [ 30.366714] The buggy address is located 0 bytes to the right of [ 30.366714] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.368117] [ 30.368505] The buggy address belongs to the physical page: [ 30.369153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.370021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.371070] page_type: f5(slab) [ 30.371559] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.372572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.373352] page dumped because: kasan: bad access detected [ 30.374351] [ 30.375118] Memory state around the buggy address: [ 30.376025] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.376776] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.377532] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.378262] ^ [ 30.378856] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.379558] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.380571] ================================================================== [ 28.376582] ================================================================== [ 28.377444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 28.379286] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.380560] [ 28.380952] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.381134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.381197] Hardware name: linux,dummy-virt (DT) [ 28.381271] Call trace: [ 28.381326] show_stack+0x20/0x38 (C) [ 28.381440] dump_stack_lvl+0x8c/0xd0 [ 28.381548] print_report+0x118/0x608 [ 28.381650] kasan_report+0xdc/0x128 [ 28.381755] kasan_check_range+0x100/0x1a8 [ 28.381859] __kasan_check_write+0x20/0x30 [ 28.381999] kasan_atomics_helper+0x54c/0x4858 [ 28.382149] kasan_atomics+0x198/0x2e8 [ 28.382303] kunit_try_run_case+0x170/0x3f0 [ 28.382444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.382603] kthread+0x318/0x620 [ 28.382741] ret_from_fork+0x10/0x20 [ 28.382926] [ 28.394376] Allocated by task 254: [ 28.394942] kasan_save_stack+0x3c/0x68 [ 28.395566] kasan_save_track+0x20/0x40 [ 28.396123] kasan_save_alloc_info+0x40/0x58 [ 28.396648] __kasan_kmalloc+0xd4/0xd8 [ 28.397730] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.398151] kasan_atomics+0xb8/0x2e8 [ 28.398509] kunit_try_run_case+0x170/0x3f0 [ 28.398878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.400519] kthread+0x318/0x620 [ 28.401426] ret_from_fork+0x10/0x20 [ 28.401847] [ 28.402227] The buggy address belongs to the object at fff00000c65edb80 [ 28.402227] which belongs to the cache kmalloc-64 of size 64 [ 28.403901] The buggy address is located 0 bytes to the right of [ 28.403901] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.405196] [ 28.405512] The buggy address belongs to the physical page: [ 28.406416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.407298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.407989] page_type: f5(slab) [ 28.408427] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.409199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.410069] page dumped because: kasan: bad access detected [ 28.410535] [ 28.410747] Memory state around the buggy address: [ 28.411145] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.411647] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.417131] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.418563] ^ [ 28.419141] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.419875] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.420659] ================================================================== [ 29.664719] ================================================================== [ 29.666557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 29.667370] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.667943] [ 29.668183] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.668369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.668447] Hardware name: linux,dummy-virt (DT) [ 29.668529] Call trace: [ 29.668592] show_stack+0x20/0x38 (C) [ 29.669117] dump_stack_lvl+0x8c/0xd0 [ 29.669710] print_report+0x118/0x608 [ 29.669852] kasan_report+0xdc/0x128 [ 29.670014] kasan_check_range+0x100/0x1a8 [ 29.670078] __kasan_check_read+0x20/0x30 [ 29.670136] kasan_atomics_helper+0xdd4/0x4858 [ 29.670213] kasan_atomics+0x198/0x2e8 [ 29.670270] kunit_try_run_case+0x170/0x3f0 [ 29.670425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.670524] kthread+0x318/0x620 [ 29.670582] ret_from_fork+0x10/0x20 [ 29.670646] [ 29.680223] Allocated by task 254: [ 29.680947] kasan_save_stack+0x3c/0x68 [ 29.682059] kasan_save_track+0x20/0x40 [ 29.682775] kasan_save_alloc_info+0x40/0x58 [ 29.683422] __kasan_kmalloc+0xd4/0xd8 [ 29.683779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.684912] kasan_atomics+0xb8/0x2e8 [ 29.685712] kunit_try_run_case+0x170/0x3f0 [ 29.686392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.687263] kthread+0x318/0x620 [ 29.687768] ret_from_fork+0x10/0x20 [ 29.688351] [ 29.688764] The buggy address belongs to the object at fff00000c65edb80 [ 29.688764] which belongs to the cache kmalloc-64 of size 64 [ 29.689592] The buggy address is located 0 bytes to the right of [ 29.689592] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.690873] [ 29.691137] The buggy address belongs to the physical page: [ 29.691557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.692277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.693146] page_type: f5(slab) [ 29.693627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.694460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.697045] page dumped because: kasan: bad access detected [ 29.697709] [ 29.698215] Memory state around the buggy address: [ 29.698906] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.699438] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.700234] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.701025] ^ [ 29.701413] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.701910] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.702396] ================================================================== [ 30.458984] ================================================================== [ 30.459844] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 30.460449] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.461535] [ 30.461930] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.462176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.462248] Hardware name: linux,dummy-virt (DT) [ 30.462325] Call trace: [ 30.462418] show_stack+0x20/0x38 (C) [ 30.462562] dump_stack_lvl+0x8c/0xd0 [ 30.462698] print_report+0x118/0x608 [ 30.462838] kasan_report+0xdc/0x128 [ 30.463005] kasan_check_range+0x100/0x1a8 [ 30.463186] __kasan_check_write+0x20/0x30 [ 30.463364] kasan_atomics_helper+0x154c/0x4858 [ 30.463510] kasan_atomics+0x198/0x2e8 [ 30.463635] kunit_try_run_case+0x170/0x3f0 [ 30.463704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.463773] kthread+0x318/0x620 [ 30.463829] ret_from_fork+0x10/0x20 [ 30.463916] [ 30.470754] Allocated by task 254: [ 30.471316] kasan_save_stack+0x3c/0x68 [ 30.471950] kasan_save_track+0x20/0x40 [ 30.472484] kasan_save_alloc_info+0x40/0x58 [ 30.473049] __kasan_kmalloc+0xd4/0xd8 [ 30.473533] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.474075] kasan_atomics+0xb8/0x2e8 [ 30.474638] kunit_try_run_case+0x170/0x3f0 [ 30.475299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.475915] kthread+0x318/0x620 [ 30.476326] ret_from_fork+0x10/0x20 [ 30.476864] [ 30.477276] The buggy address belongs to the object at fff00000c65edb80 [ 30.477276] which belongs to the cache kmalloc-64 of size 64 [ 30.478658] The buggy address is located 0 bytes to the right of [ 30.478658] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.479919] [ 30.480236] The buggy address belongs to the physical page: [ 30.480991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.481961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.482710] page_type: f5(slab) [ 30.483237] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.484054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.484830] page dumped because: kasan: bad access detected [ 30.485466] [ 30.485783] Memory state around the buggy address: [ 30.486313] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.487205] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.487924] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.488750] ^ [ 30.489464] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.490235] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.491085] ================================================================== [ 28.160503] ================================================================== [ 28.161468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 28.162581] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.163931] [ 28.164333] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.164515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.164574] Hardware name: linux,dummy-virt (DT) [ 28.164645] Call trace: [ 28.164694] show_stack+0x20/0x38 (C) [ 28.164803] dump_stack_lvl+0x8c/0xd0 [ 28.164933] print_report+0x118/0x608 [ 28.165041] kasan_report+0xdc/0x128 [ 28.165142] __asan_report_store4_noabort+0x20/0x30 [ 28.165271] kasan_atomics_helper+0x3f94/0x4858 [ 28.165409] kasan_atomics+0x198/0x2e8 [ 28.165556] kunit_try_run_case+0x170/0x3f0 [ 28.165704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.165871] kthread+0x318/0x620 [ 28.166034] ret_from_fork+0x10/0x20 [ 28.166193] [ 28.172472] Allocated by task 254: [ 28.172897] kasan_save_stack+0x3c/0x68 [ 28.173327] kasan_save_track+0x20/0x40 [ 28.173779] kasan_save_alloc_info+0x40/0x58 [ 28.174199] __kasan_kmalloc+0xd4/0xd8 [ 28.174568] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.175016] kasan_atomics+0xb8/0x2e8 [ 28.175463] kunit_try_run_case+0x170/0x3f0 [ 28.175964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.176732] kthread+0x318/0x620 [ 28.177263] ret_from_fork+0x10/0x20 [ 28.177822] [ 28.178142] The buggy address belongs to the object at fff00000c65edb80 [ 28.178142] which belongs to the cache kmalloc-64 of size 64 [ 28.179335] The buggy address is located 0 bytes to the right of [ 28.179335] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.180113] [ 28.180330] The buggy address belongs to the physical page: [ 28.180748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.181566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.182441] page_type: f5(slab) [ 28.182985] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.183819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.184645] page dumped because: kasan: bad access detected [ 28.185196] [ 28.185510] Memory state around the buggy address: [ 28.186214] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.186968] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.187616] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.188179] ^ [ 28.188585] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.189127] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.189626] ================================================================== [ 28.592093] ================================================================== [ 28.592931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 28.596515] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.597149] [ 28.597444] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.597655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.597734] Hardware name: linux,dummy-virt (DT) [ 28.597820] Call trace: [ 28.597900] show_stack+0x20/0x38 (C) [ 28.598040] dump_stack_lvl+0x8c/0xd0 [ 28.598184] print_report+0x118/0x608 [ 28.598313] kasan_report+0xdc/0x128 [ 28.598439] kasan_check_range+0x100/0x1a8 [ 28.598569] __kasan_check_write+0x20/0x30 [ 28.598699] kasan_atomics_helper+0x760/0x4858 [ 28.598842] kasan_atomics+0x198/0x2e8 [ 28.599643] kunit_try_run_case+0x170/0x3f0 [ 28.599768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.599928] kthread+0x318/0x620 [ 28.600050] ret_from_fork+0x10/0x20 [ 28.600185] [ 28.616651] Allocated by task 254: [ 28.618513] kasan_save_stack+0x3c/0x68 [ 28.618971] kasan_save_track+0x20/0x40 [ 28.619354] kasan_save_alloc_info+0x40/0x58 [ 28.619759] __kasan_kmalloc+0xd4/0xd8 [ 28.621696] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.623414] kasan_atomics+0xb8/0x2e8 [ 28.625018] kunit_try_run_case+0x170/0x3f0 [ 28.626237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.627532] kthread+0x318/0x620 [ 28.629154] ret_from_fork+0x10/0x20 [ 28.631698] [ 28.631959] The buggy address belongs to the object at fff00000c65edb80 [ 28.631959] which belongs to the cache kmalloc-64 of size 64 [ 28.632803] The buggy address is located 0 bytes to the right of [ 28.632803] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.633755] [ 28.636940] The buggy address belongs to the physical page: [ 28.637653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.639734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.640487] page_type: f5(slab) [ 28.643867] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.645432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.647228] page dumped because: kasan: bad access detected [ 28.649082] [ 28.649383] Memory state around the buggy address: [ 28.649815] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.650746] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.654640] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.656079] ^ [ 28.656670] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.661047] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.661943] ================================================================== [ 28.123811] ================================================================== [ 28.125608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 28.126640] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.127375] [ 28.127731] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.128145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.128235] Hardware name: linux,dummy-virt (DT) [ 28.128372] Call trace: [ 28.128448] show_stack+0x20/0x38 (C) [ 28.128608] dump_stack_lvl+0x8c/0xd0 [ 28.128791] print_report+0x118/0x608 [ 28.128864] kasan_report+0xdc/0x128 [ 28.128980] kasan_check_range+0x100/0x1a8 [ 28.129044] __kasan_check_write+0x20/0x30 [ 28.129138] kasan_atomics_helper+0x32c/0x4858 [ 28.129208] kasan_atomics+0x198/0x2e8 [ 28.129265] kunit_try_run_case+0x170/0x3f0 [ 28.129326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.129389] kthread+0x318/0x620 [ 28.129471] ret_from_fork+0x10/0x20 [ 28.129599] [ 28.134973] Allocated by task 254: [ 28.135574] kasan_save_stack+0x3c/0x68 [ 28.136191] kasan_save_track+0x20/0x40 [ 28.136813] kasan_save_alloc_info+0x40/0x58 [ 28.137442] __kasan_kmalloc+0xd4/0xd8 [ 28.138936] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.140310] kasan_atomics+0xb8/0x2e8 [ 28.141231] kunit_try_run_case+0x170/0x3f0 [ 28.141961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.142744] kthread+0x318/0x620 [ 28.143395] ret_from_fork+0x10/0x20 [ 28.144080] [ 28.144414] The buggy address belongs to the object at fff00000c65edb80 [ 28.144414] which belongs to the cache kmalloc-64 of size 64 [ 28.145653] The buggy address is located 0 bytes to the right of [ 28.145653] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.146493] [ 28.146732] The buggy address belongs to the physical page: [ 28.147169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.147742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.149166] page_type: f5(slab) [ 28.150269] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.151173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.152080] page dumped because: kasan: bad access detected [ 28.152848] [ 28.153315] Memory state around the buggy address: [ 28.153754] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.154581] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.155495] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.156457] ^ [ 28.156911] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.157869] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.158562] ================================================================== [ 29.747386] ================================================================== [ 29.748083] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 29.748660] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.749227] [ 29.749490] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.749675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.749741] Hardware name: linux,dummy-virt (DT) [ 29.749818] Call trace: [ 29.749873] show_stack+0x20/0x38 (C) [ 29.750042] dump_stack_lvl+0x8c/0xd0 [ 29.751322] print_report+0x118/0x608 [ 29.751454] kasan_report+0xdc/0x128 [ 29.751574] kasan_check_range+0x100/0x1a8 [ 29.751686] __kasan_check_write+0x20/0x30 [ 29.751799] kasan_atomics_helper+0xe44/0x4858 [ 29.751946] kasan_atomics+0x198/0x2e8 [ 29.752066] kunit_try_run_case+0x170/0x3f0 [ 29.752183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.752309] kthread+0x318/0x620 [ 29.752432] ret_from_fork+0x10/0x20 [ 29.752560] [ 29.765804] Allocated by task 254: [ 29.766738] kasan_save_stack+0x3c/0x68 [ 29.767916] kasan_save_track+0x20/0x40 [ 29.769006] kasan_save_alloc_info+0x40/0x58 [ 29.770119] __kasan_kmalloc+0xd4/0xd8 [ 29.771137] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.772183] kasan_atomics+0xb8/0x2e8 [ 29.772573] kunit_try_run_case+0x170/0x3f0 [ 29.773559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.774878] kthread+0x318/0x620 [ 29.775876] ret_from_fork+0x10/0x20 [ 29.776515] [ 29.776754] The buggy address belongs to the object at fff00000c65edb80 [ 29.776754] which belongs to the cache kmalloc-64 of size 64 [ 29.781491] The buggy address is located 0 bytes to the right of [ 29.781491] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.784127] [ 29.784740] The buggy address belongs to the physical page: [ 29.785791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.786926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.787438] page_type: f5(slab) [ 29.787753] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.789481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.790290] page dumped because: kasan: bad access detected [ 29.791021] [ 29.791373] Memory state around the buggy address: [ 29.792002] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.792798] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.793360] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.793858] ^ [ 29.794299] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.794816] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.795485] ================================================================== [ 30.524867] ================================================================== [ 30.525569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 30.526314] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.527109] [ 30.527365] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.527554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.527624] Hardware name: linux,dummy-virt (DT) [ 30.527703] Call trace: [ 30.527762] show_stack+0x20/0x38 (C) [ 30.527907] dump_stack_lvl+0x8c/0xd0 [ 30.528026] print_report+0x118/0x608 [ 30.528170] kasan_report+0xdc/0x128 [ 30.528313] __asan_report_load8_noabort+0x20/0x30 [ 30.528454] kasan_atomics_helper+0x3db0/0x4858 [ 30.528601] kasan_atomics+0x198/0x2e8 [ 30.528718] kunit_try_run_case+0x170/0x3f0 [ 30.528834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.528977] kthread+0x318/0x620 [ 30.529078] ret_from_fork+0x10/0x20 [ 30.529187] [ 30.538438] Allocated by task 254: [ 30.538754] kasan_save_stack+0x3c/0x68 [ 30.540371] kasan_save_track+0x20/0x40 [ 30.540944] kasan_save_alloc_info+0x40/0x58 [ 30.541592] __kasan_kmalloc+0xd4/0xd8 [ 30.542618] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.543540] kasan_atomics+0xb8/0x2e8 [ 30.544222] kunit_try_run_case+0x170/0x3f0 [ 30.544689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.545321] kthread+0x318/0x620 [ 30.545742] ret_from_fork+0x10/0x20 [ 30.546300] [ 30.546593] The buggy address belongs to the object at fff00000c65edb80 [ 30.546593] which belongs to the cache kmalloc-64 of size 64 [ 30.547695] The buggy address is located 0 bytes to the right of [ 30.547695] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.548899] [ 30.549222] The buggy address belongs to the physical page: [ 30.549842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.550633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.551306] page_type: f5(slab) [ 30.551831] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.552668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.553366] page dumped because: kasan: bad access detected [ 30.554023] [ 30.554345] Memory state around the buggy address: [ 30.554878] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.555661] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.556364] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.557181] ^ [ 30.557738] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.558491] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.559186] ================================================================== [ 29.465966] ================================================================== [ 29.466510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 29.467327] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.468551] [ 29.469060] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.469263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.469330] Hardware name: linux,dummy-virt (DT) [ 29.469414] Call trace: [ 29.469476] show_stack+0x20/0x38 (C) [ 29.469600] dump_stack_lvl+0x8c/0xd0 [ 29.469724] print_report+0x118/0x608 [ 29.469846] kasan_report+0xdc/0x128 [ 29.470002] kasan_check_range+0x100/0x1a8 [ 29.470144] __kasan_check_write+0x20/0x30 [ 29.470294] kasan_atomics_helper+0xca0/0x4858 [ 29.470432] kasan_atomics+0x198/0x2e8 [ 29.470571] kunit_try_run_case+0x170/0x3f0 [ 29.470706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.470858] kthread+0x318/0x620 [ 29.471008] ret_from_fork+0x10/0x20 [ 29.471152] [ 29.481593] Allocated by task 254: [ 29.482336] kasan_save_stack+0x3c/0x68 [ 29.483081] kasan_save_track+0x20/0x40 [ 29.483774] kasan_save_alloc_info+0x40/0x58 [ 29.484623] __kasan_kmalloc+0xd4/0xd8 [ 29.485407] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.486258] kasan_atomics+0xb8/0x2e8 [ 29.486949] kunit_try_run_case+0x170/0x3f0 [ 29.487775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.488822] kthread+0x318/0x620 [ 29.489475] ret_from_fork+0x10/0x20 [ 29.490186] [ 29.490613] The buggy address belongs to the object at fff00000c65edb80 [ 29.490613] which belongs to the cache kmalloc-64 of size 64 [ 29.492479] The buggy address is located 0 bytes to the right of [ 29.492479] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.494502] [ 29.494923] The buggy address belongs to the physical page: [ 29.495789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.497029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.498209] page_type: f5(slab) [ 29.498917] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.499603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.500731] page dumped because: kasan: bad access detected [ 29.501628] [ 29.502036] Memory state around the buggy address: [ 29.502830] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.504119] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.505305] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.505833] ^ [ 29.506668] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.508258] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.509565] ================================================================== [ 30.180156] ================================================================== [ 30.181116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 30.182010] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.182828] [ 30.183190] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.183412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.183538] Hardware name: linux,dummy-virt (DT) [ 30.183632] Call trace: [ 30.183706] show_stack+0x20/0x38 (C) [ 30.183899] dump_stack_lvl+0x8c/0xd0 [ 30.184053] print_report+0x118/0x608 [ 30.184228] kasan_report+0xdc/0x128 [ 30.184374] kasan_check_range+0x100/0x1a8 [ 30.184491] __kasan_check_write+0x20/0x30 [ 30.184551] kasan_atomics_helper+0x11f8/0x4858 [ 30.184615] kasan_atomics+0x198/0x2e8 [ 30.184672] kunit_try_run_case+0x170/0x3f0 [ 30.184732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.184800] kthread+0x318/0x620 [ 30.184855] ret_from_fork+0x10/0x20 [ 30.184949] [ 30.191728] Allocated by task 254: [ 30.192236] kasan_save_stack+0x3c/0x68 [ 30.192928] kasan_save_track+0x20/0x40 [ 30.193376] kasan_save_alloc_info+0x40/0x58 [ 30.194012] __kasan_kmalloc+0xd4/0xd8 [ 30.194613] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.195255] kasan_atomics+0xb8/0x2e8 [ 30.195829] kunit_try_run_case+0x170/0x3f0 [ 30.196436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.197083] kthread+0x318/0x620 [ 30.197494] ret_from_fork+0x10/0x20 [ 30.198102] [ 30.198481] The buggy address belongs to the object at fff00000c65edb80 [ 30.198481] which belongs to the cache kmalloc-64 of size 64 [ 30.199795] The buggy address is located 0 bytes to the right of [ 30.199795] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.201080] [ 30.201424] The buggy address belongs to the physical page: [ 30.202024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.202720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.203573] page_type: f5(slab) [ 30.204111] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.205047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.205922] page dumped because: kasan: bad access detected [ 30.206616] [ 30.206978] Memory state around the buggy address: [ 30.207678] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.208460] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.209224] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.209985] ^ [ 30.210554] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.211415] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.212188] ================================================================== [ 28.500238] ================================================================== [ 28.501006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 28.501865] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.502661] [ 28.503040] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.503271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.503359] Hardware name: linux,dummy-virt (DT) [ 28.503452] Call trace: [ 28.503539] show_stack+0x20/0x38 (C) [ 28.503681] dump_stack_lvl+0x8c/0xd0 [ 28.503838] print_report+0x118/0x608 [ 28.503997] kasan_report+0xdc/0x128 [ 28.504145] kasan_check_range+0x100/0x1a8 [ 28.504226] __kasan_check_write+0x20/0x30 [ 28.504298] kasan_atomics_helper+0x684/0x4858 [ 28.504362] kasan_atomics+0x198/0x2e8 [ 28.504420] kunit_try_run_case+0x170/0x3f0 [ 28.504478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.504543] kthread+0x318/0x620 [ 28.504600] ret_from_fork+0x10/0x20 [ 28.504660] [ 28.516676] Allocated by task 254: [ 28.517251] kasan_save_stack+0x3c/0x68 [ 28.517875] kasan_save_track+0x20/0x40 [ 28.518319] kasan_save_alloc_info+0x40/0x58 [ 28.518729] __kasan_kmalloc+0xd4/0xd8 [ 28.519099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.519903] kasan_atomics+0xb8/0x2e8 [ 28.520267] kunit_try_run_case+0x170/0x3f0 [ 28.520652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.521101] kthread+0x318/0x620 [ 28.522142] ret_from_fork+0x10/0x20 [ 28.522560] [ 28.522823] The buggy address belongs to the object at fff00000c65edb80 [ 28.522823] which belongs to the cache kmalloc-64 of size 64 [ 28.526133] The buggy address is located 0 bytes to the right of [ 28.526133] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.528947] [ 28.529284] The buggy address belongs to the physical page: [ 28.529976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.530960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.531650] page_type: f5(slab) [ 28.532111] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.532932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.533687] page dumped because: kasan: bad access detected [ 28.534313] [ 28.534612] Memory state around the buggy address: [ 28.535198] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.537129] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.537636] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.538135] ^ [ 28.538562] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.539193] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.539669] ================================================================== [ 28.744086] ================================================================== [ 28.744710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 28.745375] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.746346] [ 28.747243] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.748993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.749072] Hardware name: linux,dummy-virt (DT) [ 28.749153] Call trace: [ 28.749211] show_stack+0x20/0x38 (C) [ 28.749332] dump_stack_lvl+0x8c/0xd0 [ 28.749445] print_report+0x118/0x608 [ 28.749564] kasan_report+0xdc/0x128 [ 28.749672] kasan_check_range+0x100/0x1a8 [ 28.750253] __kasan_check_write+0x20/0x30 [ 28.750370] kasan_atomics_helper+0x894/0x4858 [ 28.750485] kasan_atomics+0x198/0x2e8 [ 28.750597] kunit_try_run_case+0x170/0x3f0 [ 28.750704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.750821] kthread+0x318/0x620 [ 28.750975] ret_from_fork+0x10/0x20 [ 28.751111] [ 28.763272] Allocated by task 254: [ 28.763621] kasan_save_stack+0x3c/0x68 [ 28.765932] kasan_save_track+0x20/0x40 [ 28.766626] kasan_save_alloc_info+0x40/0x58 [ 28.767845] __kasan_kmalloc+0xd4/0xd8 [ 28.768740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.769959] kasan_atomics+0xb8/0x2e8 [ 28.770951] kunit_try_run_case+0x170/0x3f0 [ 28.773085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.773630] kthread+0x318/0x620 [ 28.774037] ret_from_fork+0x10/0x20 [ 28.774443] [ 28.774694] The buggy address belongs to the object at fff00000c65edb80 [ 28.774694] which belongs to the cache kmalloc-64 of size 64 [ 28.779538] The buggy address is located 0 bytes to the right of [ 28.779538] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.782632] [ 28.783130] The buggy address belongs to the physical page: [ 28.787405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.788495] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.789779] page_type: f5(slab) [ 28.790762] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.792973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.794209] page dumped because: kasan: bad access detected [ 28.795359] [ 28.795667] Memory state around the buggy address: [ 28.797910] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.798747] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.799399] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.803684] ^ [ 28.804726] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.807326] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.807862] ================================================================== [ 28.018669] ================================================================== [ 28.020557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 28.022488] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.023719] [ 28.024141] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.024333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.024404] Hardware name: linux,dummy-virt (DT) [ 28.024483] Call trace: [ 28.024539] show_stack+0x20/0x38 (C) [ 28.024662] dump_stack_lvl+0x8c/0xd0 [ 28.024778] print_report+0x118/0x608 [ 28.024916] kasan_report+0xdc/0x128 [ 28.025062] kasan_check_range+0x100/0x1a8 [ 28.025243] __kasan_check_read+0x20/0x30 [ 28.025392] kasan_atomics_helper+0x2b0/0x4858 [ 28.025578] kasan_atomics+0x198/0x2e8 [ 28.025722] kunit_try_run_case+0x170/0x3f0 [ 28.025920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.026082] kthread+0x318/0x620 [ 28.026216] ret_from_fork+0x10/0x20 [ 28.026343] [ 28.035664] Allocated by task 254: [ 28.036382] kasan_save_stack+0x3c/0x68 [ 28.037265] kasan_save_track+0x20/0x40 [ 28.038185] kasan_save_alloc_info+0x40/0x58 [ 28.038968] __kasan_kmalloc+0xd4/0xd8 [ 28.039661] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.040512] kasan_atomics+0xb8/0x2e8 [ 28.041321] kunit_try_run_case+0x170/0x3f0 [ 28.042094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.043054] kthread+0x318/0x620 [ 28.043971] ret_from_fork+0x10/0x20 [ 28.044510] [ 28.044748] The buggy address belongs to the object at fff00000c65edb80 [ 28.044748] which belongs to the cache kmalloc-64 of size 64 [ 28.045565] The buggy address is located 0 bytes to the right of [ 28.045565] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.047517] [ 28.047938] The buggy address belongs to the physical page: [ 28.048823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.050203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.051299] page_type: f5(slab) [ 28.051950] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.053364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.054563] page dumped because: kasan: bad access detected [ 28.055578] [ 28.056037] Memory state around the buggy address: [ 28.056905] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.057876] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.059181] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.060115] ^ [ 28.060530] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.061431] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.062684] ================================================================== [ 29.439988] ================================================================== [ 29.441180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 29.442390] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.443680] [ 29.444157] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.444378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.444459] Hardware name: linux,dummy-virt (DT) [ 29.444547] Call trace: [ 29.444605] show_stack+0x20/0x38 (C) [ 29.444737] dump_stack_lvl+0x8c/0xd0 [ 29.444860] print_report+0x118/0x608 [ 29.445015] kasan_report+0xdc/0x128 [ 29.445143] __asan_report_load4_noabort+0x20/0x30 [ 29.445278] kasan_atomics_helper+0x3de4/0x4858 [ 29.445410] kasan_atomics+0x198/0x2e8 [ 29.445535] kunit_try_run_case+0x170/0x3f0 [ 29.445667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.445800] kthread+0x318/0x620 [ 29.445952] ret_from_fork+0x10/0x20 [ 29.446097] [ 29.451405] Allocated by task 254: [ 29.451752] kasan_save_stack+0x3c/0x68 [ 29.452149] kasan_save_track+0x20/0x40 [ 29.452519] kasan_save_alloc_info+0x40/0x58 [ 29.452925] __kasan_kmalloc+0xd4/0xd8 [ 29.453286] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.453687] kasan_atomics+0xb8/0x2e8 [ 29.454064] kunit_try_run_case+0x170/0x3f0 [ 29.454457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.454928] kthread+0x318/0x620 [ 29.455266] ret_from_fork+0x10/0x20 [ 29.455619] [ 29.455840] The buggy address belongs to the object at fff00000c65edb80 [ 29.455840] which belongs to the cache kmalloc-64 of size 64 [ 29.456622] The buggy address is located 0 bytes to the right of [ 29.456622] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.457440] [ 29.457667] The buggy address belongs to the physical page: [ 29.458103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.458690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.459220] page_type: f5(slab) [ 29.459581] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.460156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.460688] page dumped because: kasan: bad access detected [ 29.461132] [ 29.461354] Memory state around the buggy address: [ 29.461744] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.462282] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.462797] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.463320] ^ [ 29.463716] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.464251] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.464759] ================================================================== [ 29.926214] ================================================================== [ 29.927968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 29.928575] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.929205] [ 29.929452] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.929650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.929720] Hardware name: linux,dummy-virt (DT) [ 29.929804] Call trace: [ 29.929869] show_stack+0x20/0x38 (C) [ 29.930025] dump_stack_lvl+0x8c/0xd0 [ 29.930184] print_report+0x118/0x608 [ 29.930326] kasan_report+0xdc/0x128 [ 29.930464] kasan_check_range+0x100/0x1a8 [ 29.930588] __kasan_check_write+0x20/0x30 [ 29.930736] kasan_atomics_helper+0xf88/0x4858 [ 29.930905] kasan_atomics+0x198/0x2e8 [ 29.931045] kunit_try_run_case+0x170/0x3f0 [ 29.931186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.931337] kthread+0x318/0x620 [ 29.931480] ret_from_fork+0x10/0x20 [ 29.931623] [ 29.936917] Allocated by task 254: [ 29.937441] kasan_save_stack+0x3c/0x68 [ 29.937985] kasan_save_track+0x20/0x40 [ 29.938480] kasan_save_alloc_info+0x40/0x58 [ 29.939028] __kasan_kmalloc+0xd4/0xd8 [ 29.939600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.940243] kasan_atomics+0xb8/0x2e8 [ 29.940651] kunit_try_run_case+0x170/0x3f0 [ 29.941098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.941681] kthread+0x318/0x620 [ 29.942472] ret_from_fork+0x10/0x20 [ 29.943605] [ 29.943986] The buggy address belongs to the object at fff00000c65edb80 [ 29.943986] which belongs to the cache kmalloc-64 of size 64 [ 29.945378] The buggy address is located 0 bytes to the right of [ 29.945378] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.946234] [ 29.946467] The buggy address belongs to the physical page: [ 29.946926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.949089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.949600] page_type: f5(slab) [ 29.949939] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.950787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.951584] page dumped because: kasan: bad access detected [ 29.952221] [ 29.952545] Memory state around the buggy address: [ 29.953495] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.956152] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.957137] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.958195] ^ [ 29.959205] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.960548] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.961923] ================================================================== [ 29.621533] ================================================================== [ 29.625681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 29.626288] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.626857] [ 29.630053] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.630283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.630352] Hardware name: linux,dummy-virt (DT) [ 29.630422] Call trace: [ 29.630475] show_stack+0x20/0x38 (C) [ 29.630590] dump_stack_lvl+0x8c/0xd0 [ 29.630711] print_report+0x118/0x608 [ 29.630836] kasan_report+0xdc/0x128 [ 29.630999] __asan_report_load4_noabort+0x20/0x30 [ 29.631145] kasan_atomics_helper+0x3e04/0x4858 [ 29.631288] kasan_atomics+0x198/0x2e8 [ 29.631409] kunit_try_run_case+0x170/0x3f0 [ 29.631520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.631647] kthread+0x318/0x620 [ 29.631759] ret_from_fork+0x10/0x20 [ 29.631875] [ 29.638605] Allocated by task 254: [ 29.640333] kasan_save_stack+0x3c/0x68 [ 29.641067] kasan_save_track+0x20/0x40 [ 29.641797] kasan_save_alloc_info+0x40/0x58 [ 29.642506] __kasan_kmalloc+0xd4/0xd8 [ 29.643287] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.644583] kasan_atomics+0xb8/0x2e8 [ 29.645315] kunit_try_run_case+0x170/0x3f0 [ 29.645869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.647225] kthread+0x318/0x620 [ 29.647585] ret_from_fork+0x10/0x20 [ 29.647988] [ 29.648219] The buggy address belongs to the object at fff00000c65edb80 [ 29.648219] which belongs to the cache kmalloc-64 of size 64 [ 29.649686] The buggy address is located 0 bytes to the right of [ 29.649686] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.651654] [ 29.652017] The buggy address belongs to the physical page: [ 29.652987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.654280] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.654797] page_type: f5(slab) [ 29.655297] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.656458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.656981] page dumped because: kasan: bad access detected [ 29.657474] [ 29.658002] Memory state around the buggy address: [ 29.658528] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.659824] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.660768] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.661346] ^ [ 29.661813] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.662381] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.663119] ================================================================== [ 30.560634] ================================================================== [ 30.561337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 30.562683] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.563703] [ 30.564498] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.564732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.564790] Hardware name: linux,dummy-virt (DT) [ 30.564832] Call trace: [ 30.564864] show_stack+0x20/0x38 (C) [ 30.564966] dump_stack_lvl+0x8c/0xd0 [ 30.565031] print_report+0x118/0x608 [ 30.565094] kasan_report+0xdc/0x128 [ 30.565154] kasan_check_range+0x100/0x1a8 [ 30.565237] __kasan_check_write+0x20/0x30 [ 30.565318] kasan_atomics_helper+0x1644/0x4858 [ 30.565406] kasan_atomics+0x198/0x2e8 [ 30.565488] kunit_try_run_case+0x170/0x3f0 [ 30.565573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.565690] kthread+0x318/0x620 [ 30.565750] ret_from_fork+0x10/0x20 [ 30.565812] [ 30.572147] Allocated by task 254: [ 30.572684] kasan_save_stack+0x3c/0x68 [ 30.573190] kasan_save_track+0x20/0x40 [ 30.573769] kasan_save_alloc_info+0x40/0x58 [ 30.574276] __kasan_kmalloc+0xd4/0xd8 [ 30.574841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.575462] kasan_atomics+0xb8/0x2e8 [ 30.576020] kunit_try_run_case+0x170/0x3f0 [ 30.576606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.577239] kthread+0x318/0x620 [ 30.577725] ret_from_fork+0x10/0x20 [ 30.578273] [ 30.578598] The buggy address belongs to the object at fff00000c65edb80 [ 30.578598] which belongs to the cache kmalloc-64 of size 64 [ 30.579689] The buggy address is located 0 bytes to the right of [ 30.579689] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.580972] [ 30.581274] The buggy address belongs to the physical page: [ 30.581956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.582770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.583437] page_type: f5(slab) [ 30.583948] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.584805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.585571] page dumped because: kasan: bad access detected [ 30.586181] [ 30.586463] Memory state around the buggy address: [ 30.587012] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.587693] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.588329] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.589138] ^ [ 30.589734] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.590521] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.591359] ================================================================== [ 28.194851] ================================================================== [ 28.195854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 28.196664] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.197363] [ 28.197669] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.198041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.198130] Hardware name: linux,dummy-virt (DT) [ 28.198239] Call trace: [ 28.198314] show_stack+0x20/0x38 (C) [ 28.198505] dump_stack_lvl+0x8c/0xd0 [ 28.198648] print_report+0x118/0x608 [ 28.198786] kasan_report+0xdc/0x128 [ 28.198975] kasan_check_range+0x100/0x1a8 [ 28.199142] __kasan_check_write+0x20/0x30 [ 28.199334] kasan_atomics_helper+0x3ac/0x4858 [ 28.199482] kasan_atomics+0x198/0x2e8 [ 28.199551] kunit_try_run_case+0x170/0x3f0 [ 28.199613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.199680] kthread+0x318/0x620 [ 28.199823] ret_from_fork+0x10/0x20 [ 28.199979] [ 28.211474] Allocated by task 254: [ 28.212056] kasan_save_stack+0x3c/0x68 [ 28.212455] kasan_save_track+0x20/0x40 [ 28.212818] kasan_save_alloc_info+0x40/0x58 [ 28.213236] __kasan_kmalloc+0xd4/0xd8 [ 28.213615] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.215014] kasan_atomics+0xb8/0x2e8 [ 28.216221] kunit_try_run_case+0x170/0x3f0 [ 28.217352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.218092] kthread+0x318/0x620 [ 28.218682] ret_from_fork+0x10/0x20 [ 28.219238] [ 28.219638] The buggy address belongs to the object at fff00000c65edb80 [ 28.219638] which belongs to the cache kmalloc-64 of size 64 [ 28.221159] The buggy address is located 0 bytes to the right of [ 28.221159] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.222584] [ 28.223037] The buggy address belongs to the physical page: [ 28.223637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.225917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.226787] page_type: f5(slab) [ 28.227923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.228777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.229582] page dumped because: kasan: bad access detected [ 28.230286] [ 28.230620] Memory state around the buggy address: [ 28.231432] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.231760] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.232380] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.233046] ^ [ 28.233645] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.234404] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.235154] ================================================================== [ 29.892818] ================================================================== [ 29.893860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 29.895100] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.895875] [ 29.896295] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.896513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.896643] Hardware name: linux,dummy-virt (DT) [ 29.896769] Call trace: [ 29.896868] show_stack+0x20/0x38 (C) [ 29.897036] dump_stack_lvl+0x8c/0xd0 [ 29.897178] print_report+0x118/0x608 [ 29.897322] kasan_report+0xdc/0x128 [ 29.897447] kasan_check_range+0x100/0x1a8 [ 29.897513] __kasan_check_write+0x20/0x30 [ 29.897573] kasan_atomics_helper+0xf20/0x4858 [ 29.897632] kasan_atomics+0x198/0x2e8 [ 29.897690] kunit_try_run_case+0x170/0x3f0 [ 29.897749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.897811] kthread+0x318/0x620 [ 29.897868] ret_from_fork+0x10/0x20 [ 29.897961] [ 29.905089] Allocated by task 254: [ 29.905584] kasan_save_stack+0x3c/0x68 [ 29.906370] kasan_save_track+0x20/0x40 [ 29.907027] kasan_save_alloc_info+0x40/0x58 [ 29.907597] __kasan_kmalloc+0xd4/0xd8 [ 29.908187] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.908809] kasan_atomics+0xb8/0x2e8 [ 29.909381] kunit_try_run_case+0x170/0x3f0 [ 29.909989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.910623] kthread+0x318/0x620 [ 29.911248] ret_from_fork+0x10/0x20 [ 29.911794] [ 29.912146] The buggy address belongs to the object at fff00000c65edb80 [ 29.912146] which belongs to the cache kmalloc-64 of size 64 [ 29.913221] The buggy address is located 0 bytes to the right of [ 29.913221] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.914412] [ 29.914771] The buggy address belongs to the physical page: [ 29.915371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.916241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.916931] page_type: f5(slab) [ 29.917403] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.918107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.918649] page dumped because: kasan: bad access detected [ 29.919100] [ 29.919318] Memory state around the buggy address: [ 29.919697] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.920303] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.920952] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.921641] ^ [ 29.922238] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.923025] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.923787] ================================================================== [ 30.384599] ================================================================== [ 30.387342] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 30.389497] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.390083] [ 30.390350] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.390547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.390618] Hardware name: linux,dummy-virt (DT) [ 30.390697] Call trace: [ 30.390751] show_stack+0x20/0x38 (C) [ 30.390871] dump_stack_lvl+0x8c/0xd0 [ 30.392080] print_report+0x118/0x608 [ 30.392155] kasan_report+0xdc/0x128 [ 30.392216] kasan_check_range+0x100/0x1a8 [ 30.392272] __kasan_check_write+0x20/0x30 [ 30.392328] kasan_atomics_helper+0x147c/0x4858 [ 30.392387] kasan_atomics+0x198/0x2e8 [ 30.392444] kunit_try_run_case+0x170/0x3f0 [ 30.392503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.392568] kthread+0x318/0x620 [ 30.392623] ret_from_fork+0x10/0x20 [ 30.392681] [ 30.400470] Allocated by task 254: [ 30.401120] kasan_save_stack+0x3c/0x68 [ 30.401813] kasan_save_track+0x20/0x40 [ 30.402433] kasan_save_alloc_info+0x40/0x58 [ 30.403118] __kasan_kmalloc+0xd4/0xd8 [ 30.403738] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.404477] kasan_atomics+0xb8/0x2e8 [ 30.405043] kunit_try_run_case+0x170/0x3f0 [ 30.405743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.406548] kthread+0x318/0x620 [ 30.407141] ret_from_fork+0x10/0x20 [ 30.407653] [ 30.408023] The buggy address belongs to the object at fff00000c65edb80 [ 30.408023] which belongs to the cache kmalloc-64 of size 64 [ 30.409185] The buggy address is located 0 bytes to the right of [ 30.409185] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.410450] [ 30.410756] The buggy address belongs to the physical page: [ 30.411430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.412163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.412865] page_type: f5(slab) [ 30.413442] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.414255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.415152] page dumped because: kasan: bad access detected [ 30.415866] [ 30.416233] Memory state around the buggy address: [ 30.416778] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.417624] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.418378] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.419213] ^ [ 30.419789] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.420538] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.421392] ================================================================== [ 28.463279] ================================================================== [ 28.464441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 28.466863] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.467651] [ 28.467913] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.468095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.468165] Hardware name: linux,dummy-virt (DT) [ 28.468236] Call trace: [ 28.468291] show_stack+0x20/0x38 (C) [ 28.468400] dump_stack_lvl+0x8c/0xd0 [ 28.468517] print_report+0x118/0x608 [ 28.468623] kasan_report+0xdc/0x128 [ 28.468722] kasan_check_range+0x100/0x1a8 [ 28.468815] __kasan_check_write+0x20/0x30 [ 28.468955] kasan_atomics_helper+0x61c/0x4858 [ 28.469067] kasan_atomics+0x198/0x2e8 [ 28.469172] kunit_try_run_case+0x170/0x3f0 [ 28.469280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.469400] kthread+0x318/0x620 [ 28.469499] ret_from_fork+0x10/0x20 [ 28.469609] [ 28.476765] Allocated by task 254: [ 28.477243] kasan_save_stack+0x3c/0x68 [ 28.477793] kasan_save_track+0x20/0x40 [ 28.478323] kasan_save_alloc_info+0x40/0x58 [ 28.478800] __kasan_kmalloc+0xd4/0xd8 [ 28.479317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.479836] kasan_atomics+0xb8/0x2e8 [ 28.480384] kunit_try_run_case+0x170/0x3f0 [ 28.481015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.482353] kthread+0x318/0x620 [ 28.482856] ret_from_fork+0x10/0x20 [ 28.483402] [ 28.483745] The buggy address belongs to the object at fff00000c65edb80 [ 28.483745] which belongs to the cache kmalloc-64 of size 64 [ 28.485056] The buggy address is located 0 bytes to the right of [ 28.485056] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.487957] [ 28.488719] The buggy address belongs to the physical page: [ 28.489277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.489691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.490147] page_type: f5(slab) [ 28.490708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.491513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.492314] page dumped because: kasan: bad access detected [ 28.492928] [ 28.493237] Memory state around the buggy address: [ 28.493851] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.494651] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.495390] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.496117] ^ [ 28.496691] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.497475] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.498191] ================================================================== [ 29.138473] ================================================================== [ 29.141025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 29.143811] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.145829] [ 29.146802] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.147029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.147112] Hardware name: linux,dummy-virt (DT) [ 29.147198] Call trace: [ 29.147264] show_stack+0x20/0x38 (C) [ 29.147400] dump_stack_lvl+0x8c/0xd0 [ 29.147525] print_report+0x118/0x608 [ 29.147658] kasan_report+0xdc/0x128 [ 29.147781] kasan_check_range+0x100/0x1a8 [ 29.147950] __kasan_check_write+0x20/0x30 [ 29.148097] kasan_atomics_helper+0xad4/0x4858 [ 29.148249] kasan_atomics+0x198/0x2e8 [ 29.148393] kunit_try_run_case+0x170/0x3f0 [ 29.148514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.148641] kthread+0x318/0x620 [ 29.148745] ret_from_fork+0x10/0x20 [ 29.148875] [ 29.163375] Allocated by task 254: [ 29.163872] kasan_save_stack+0x3c/0x68 [ 29.164686] kasan_save_track+0x20/0x40 [ 29.167034] kasan_save_alloc_info+0x40/0x58 [ 29.167438] __kasan_kmalloc+0xd4/0xd8 [ 29.167810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.168302] kasan_atomics+0xb8/0x2e8 [ 29.168695] kunit_try_run_case+0x170/0x3f0 [ 29.170497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.171563] kthread+0x318/0x620 [ 29.172367] ret_from_fork+0x10/0x20 [ 29.173182] [ 29.173636] The buggy address belongs to the object at fff00000c65edb80 [ 29.173636] which belongs to the cache kmalloc-64 of size 64 [ 29.175737] The buggy address is located 0 bytes to the right of [ 29.175737] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.177484] [ 29.177762] The buggy address belongs to the physical page: [ 29.178286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.179016] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.180188] page_type: f5(slab) [ 29.180949] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.182403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.183726] page dumped because: kasan: bad access detected [ 29.184803] [ 29.185263] Memory state around the buggy address: [ 29.186220] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.187510] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.188872] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.190121] ^ [ 29.191136] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.192401] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.193032] ================================================================== [ 27.735498] ================================================================== [ 27.744243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 27.752071] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 27.752860] [ 27.756730] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.758996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.759073] Hardware name: linux,dummy-virt (DT) [ 27.759155] Call trace: [ 27.759218] show_stack+0x20/0x38 (C) [ 27.759352] dump_stack_lvl+0x8c/0xd0 [ 27.759478] print_report+0x118/0x608 [ 27.759597] kasan_report+0xdc/0x128 [ 27.759714] __asan_report_load4_noabort+0x20/0x30 [ 27.759834] kasan_atomics_helper+0x40a8/0x4858 [ 27.759979] kasan_atomics+0x198/0x2e8 [ 27.760098] kunit_try_run_case+0x170/0x3f0 [ 27.760218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.760348] kthread+0x318/0x620 [ 27.760461] ret_from_fork+0x10/0x20 [ 27.760583] [ 27.781187] Allocated by task 254: [ 27.784390] kasan_save_stack+0x3c/0x68 [ 27.784839] kasan_save_track+0x20/0x40 [ 27.788482] kasan_save_alloc_info+0x40/0x58 [ 27.789202] __kasan_kmalloc+0xd4/0xd8 [ 27.789632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.793268] kasan_atomics+0xb8/0x2e8 [ 27.794815] kunit_try_run_case+0x170/0x3f0 [ 27.795386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.798360] kthread+0x318/0x620 [ 27.798983] ret_from_fork+0x10/0x20 [ 27.799374] [ 27.799625] The buggy address belongs to the object at fff00000c65edb80 [ 27.799625] which belongs to the cache kmalloc-64 of size 64 [ 27.800626] The buggy address is located 0 bytes to the right of [ 27.800626] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 27.802856] [ 27.803626] The buggy address belongs to the physical page: [ 27.804185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 27.805095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.807592] page_type: f5(slab) [ 27.810361] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.811388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.814554] page dumped because: kasan: bad access detected [ 27.815063] [ 27.815372] Memory state around the buggy address: [ 27.815851] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.818390] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.818982] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.819515] ^ [ 27.819964] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.822730] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.823638] ================================================================== [ 30.007812] ================================================================== [ 30.008460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 30.009214] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.009754] [ 30.010847] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.011074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.011142] Hardware name: linux,dummy-virt (DT) [ 30.011216] Call trace: [ 30.011268] show_stack+0x20/0x38 (C) [ 30.011389] dump_stack_lvl+0x8c/0xd0 [ 30.011495] print_report+0x118/0x608 [ 30.011595] kasan_report+0xdc/0x128 [ 30.011696] kasan_check_range+0x100/0x1a8 [ 30.011793] __kasan_check_write+0x20/0x30 [ 30.011912] kasan_atomics_helper+0x1058/0x4858 [ 30.012023] kasan_atomics+0x198/0x2e8 [ 30.012128] kunit_try_run_case+0x170/0x3f0 [ 30.012231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.012341] kthread+0x318/0x620 [ 30.012449] ret_from_fork+0x10/0x20 [ 30.012579] [ 30.022937] Allocated by task 254: [ 30.023442] kasan_save_stack+0x3c/0x68 [ 30.024135] kasan_save_track+0x20/0x40 [ 30.024821] kasan_save_alloc_info+0x40/0x58 [ 30.025593] __kasan_kmalloc+0xd4/0xd8 [ 30.026580] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.027290] kasan_atomics+0xb8/0x2e8 [ 30.027679] kunit_try_run_case+0x170/0x3f0 [ 30.028100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.028539] kthread+0x318/0x620 [ 30.028878] ret_from_fork+0x10/0x20 [ 30.029665] [ 30.029923] The buggy address belongs to the object at fff00000c65edb80 [ 30.029923] which belongs to the cache kmalloc-64 of size 64 [ 30.030698] The buggy address is located 0 bytes to the right of [ 30.030698] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.033673] [ 30.034175] The buggy address belongs to the physical page: [ 30.034860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.035752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.036519] page_type: f5(slab) [ 30.036856] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.037469] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.038037] page dumped because: kasan: bad access detected [ 30.038472] [ 30.038696] Memory state around the buggy address: [ 30.039182] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.040015] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.040727] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.041690] ^ [ 30.042333] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.043169] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.043995] ================================================================== [ 30.247174] ================================================================== [ 30.248169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 30.248974] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.250865] [ 30.251262] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.251512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.251602] Hardware name: linux,dummy-virt (DT) [ 30.251686] Call trace: [ 30.251723] show_stack+0x20/0x38 (C) [ 30.251790] dump_stack_lvl+0x8c/0xd0 [ 30.251853] print_report+0x118/0x608 [ 30.251940] kasan_report+0xdc/0x128 [ 30.252003] kasan_check_range+0x100/0x1a8 [ 30.252062] __kasan_check_write+0x20/0x30 [ 30.252119] kasan_atomics_helper+0x12d8/0x4858 [ 30.252180] kasan_atomics+0x198/0x2e8 [ 30.252235] kunit_try_run_case+0x170/0x3f0 [ 30.252294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.252359] kthread+0x318/0x620 [ 30.252414] ret_from_fork+0x10/0x20 [ 30.252475] [ 30.259286] Allocated by task 254: [ 30.259822] kasan_save_stack+0x3c/0x68 [ 30.260467] kasan_save_track+0x20/0x40 [ 30.261189] kasan_save_alloc_info+0x40/0x58 [ 30.261691] __kasan_kmalloc+0xd4/0xd8 [ 30.262377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.263014] kasan_atomics+0xb8/0x2e8 [ 30.263622] kunit_try_run_case+0x170/0x3f0 [ 30.264206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.264980] kthread+0x318/0x620 [ 30.265540] ret_from_fork+0x10/0x20 [ 30.266223] [ 30.266496] The buggy address belongs to the object at fff00000c65edb80 [ 30.266496] which belongs to the cache kmalloc-64 of size 64 [ 30.267702] The buggy address is located 0 bytes to the right of [ 30.267702] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.268927] [ 30.269276] The buggy address belongs to the physical page: [ 30.269830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.270663] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.271352] page_type: f5(slab) [ 30.271824] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.272776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.273543] page dumped because: kasan: bad access detected [ 30.274256] [ 30.274614] Memory state around the buggy address: [ 30.275182] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.276015] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.276826] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.277613] ^ [ 30.278236] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.278983] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.279778] ================================================================== [ 30.492690] ================================================================== [ 30.493597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 30.494493] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.495251] [ 30.495657] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.495928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.496015] Hardware name: linux,dummy-virt (DT) [ 30.496111] Call trace: [ 30.496219] show_stack+0x20/0x38 (C) [ 30.496374] dump_stack_lvl+0x8c/0xd0 [ 30.496558] print_report+0x118/0x608 [ 30.496705] kasan_report+0xdc/0x128 [ 30.496818] kasan_check_range+0x100/0x1a8 [ 30.496879] __kasan_check_write+0x20/0x30 [ 30.496974] kasan_atomics_helper+0x15b4/0x4858 [ 30.497036] kasan_atomics+0x198/0x2e8 [ 30.497096] kunit_try_run_case+0x170/0x3f0 [ 30.497155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.497221] kthread+0x318/0x620 [ 30.497276] ret_from_fork+0x10/0x20 [ 30.497335] [ 30.504132] Allocated by task 254: [ 30.504671] kasan_save_stack+0x3c/0x68 [ 30.505290] kasan_save_track+0x20/0x40 [ 30.505876] kasan_save_alloc_info+0x40/0x58 [ 30.506668] __kasan_kmalloc+0xd4/0xd8 [ 30.507252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.507899] kasan_atomics+0xb8/0x2e8 [ 30.508552] kunit_try_run_case+0x170/0x3f0 [ 30.509168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.509957] kthread+0x318/0x620 [ 30.510479] ret_from_fork+0x10/0x20 [ 30.511072] [ 30.511419] The buggy address belongs to the object at fff00000c65edb80 [ 30.511419] which belongs to the cache kmalloc-64 of size 64 [ 30.512499] The buggy address is located 0 bytes to the right of [ 30.512499] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.513868] [ 30.514127] The buggy address belongs to the physical page: [ 30.514609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.515327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.516147] page_type: f5(slab) [ 30.516543] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.517216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.517983] page dumped because: kasan: bad access detected [ 30.518611] [ 30.518938] Memory state around the buggy address: [ 30.519459] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.520180] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.520907] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.521565] ^ [ 30.522087] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.522878] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.523436] ================================================================== [ 29.703822] ================================================================== [ 29.705052] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 29.705914] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.706497] [ 29.706775] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.707033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.707104] Hardware name: linux,dummy-virt (DT) [ 29.707179] Call trace: [ 29.707238] show_stack+0x20/0x38 (C) [ 29.707359] dump_stack_lvl+0x8c/0xd0 [ 29.707471] print_report+0x118/0x608 [ 29.707588] kasan_report+0xdc/0x128 [ 29.707704] __asan_report_load8_noabort+0x20/0x30 [ 29.707820] kasan_atomics_helper+0x3f58/0x4858 [ 29.707989] kasan_atomics+0x198/0x2e8 [ 29.708216] kunit_try_run_case+0x170/0x3f0 [ 29.708394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.708604] kthread+0x318/0x620 [ 29.708762] ret_from_fork+0x10/0x20 [ 29.708916] [ 29.719102] Allocated by task 254: [ 29.719479] kasan_save_stack+0x3c/0x68 [ 29.719862] kasan_save_track+0x20/0x40 [ 29.721567] kasan_save_alloc_info+0x40/0x58 [ 29.722651] __kasan_kmalloc+0xd4/0xd8 [ 29.723431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.724408] kasan_atomics+0xb8/0x2e8 [ 29.725380] kunit_try_run_case+0x170/0x3f0 [ 29.726097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.726929] kthread+0x318/0x620 [ 29.727591] ret_from_fork+0x10/0x20 [ 29.728106] [ 29.728436] The buggy address belongs to the object at fff00000c65edb80 [ 29.728436] which belongs to the cache kmalloc-64 of size 64 [ 29.729962] The buggy address is located 0 bytes to the right of [ 29.729962] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.731662] [ 29.732026] The buggy address belongs to the physical page: [ 29.732556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.733114] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.733614] page_type: f5(slab) [ 29.734154] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.735223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.736151] page dumped because: kasan: bad access detected [ 29.736979] [ 29.737394] Memory state around the buggy address: [ 29.737962] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.738604] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.739576] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.741046] ^ [ 29.741682] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.742266] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.744407] ================================================================== [ 30.593778] ================================================================== [ 30.595131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 30.595792] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.596618] [ 30.597357] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.597580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.597669] Hardware name: linux,dummy-virt (DT) [ 30.597758] Call trace: [ 30.597831] show_stack+0x20/0x38 (C) [ 30.597995] dump_stack_lvl+0x8c/0xd0 [ 30.598074] print_report+0x118/0x608 [ 30.598135] kasan_report+0xdc/0x128 [ 30.598211] __asan_report_load8_noabort+0x20/0x30 [ 30.598273] kasan_atomics_helper+0x3df4/0x4858 [ 30.598334] kasan_atomics+0x198/0x2e8 [ 30.598393] kunit_try_run_case+0x170/0x3f0 [ 30.598451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.598516] kthread+0x318/0x620 [ 30.598575] ret_from_fork+0x10/0x20 [ 30.598635] [ 30.604615] Allocated by task 254: [ 30.605037] kasan_save_stack+0x3c/0x68 [ 30.605579] kasan_save_track+0x20/0x40 [ 30.606246] kasan_save_alloc_info+0x40/0x58 [ 30.606833] __kasan_kmalloc+0xd4/0xd8 [ 30.607377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.608026] kasan_atomics+0xb8/0x2e8 [ 30.608538] kunit_try_run_case+0x170/0x3f0 [ 30.609064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.609718] kthread+0x318/0x620 [ 30.610293] ret_from_fork+0x10/0x20 [ 30.610777] [ 30.611125] The buggy address belongs to the object at fff00000c65edb80 [ 30.611125] which belongs to the cache kmalloc-64 of size 64 [ 30.612307] The buggy address is located 0 bytes to the right of [ 30.612307] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.613426] [ 30.613776] The buggy address belongs to the physical page: [ 30.614448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.615167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.615940] page_type: f5(slab) [ 30.616454] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.617281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.618079] page dumped because: kasan: bad access detected [ 30.618694] [ 30.619048] Memory state around the buggy address: [ 30.619627] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.620359] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.621052] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.621860] ^ [ 30.622421] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.623224] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.623919] ================================================================== [ 28.422219] ================================================================== [ 28.422974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 28.423526] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.424060] [ 28.424297] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.424510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.424606] Hardware name: linux,dummy-virt (DT) [ 28.424704] Call trace: [ 28.424775] show_stack+0x20/0x38 (C) [ 28.424931] dump_stack_lvl+0x8c/0xd0 [ 28.425090] print_report+0x118/0x608 [ 28.425246] kasan_report+0xdc/0x128 [ 28.425390] kasan_check_range+0x100/0x1a8 [ 28.425566] __kasan_check_write+0x20/0x30 [ 28.425709] kasan_atomics_helper+0x5b4/0x4858 [ 28.425863] kasan_atomics+0x198/0x2e8 [ 28.426041] kunit_try_run_case+0x170/0x3f0 [ 28.426193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.426360] kthread+0x318/0x620 [ 28.426494] ret_from_fork+0x10/0x20 [ 28.426649] [ 28.435944] Allocated by task 254: [ 28.436419] kasan_save_stack+0x3c/0x68 [ 28.437053] kasan_save_track+0x20/0x40 [ 28.437617] kasan_save_alloc_info+0x40/0x58 [ 28.438227] __kasan_kmalloc+0xd4/0xd8 [ 28.438653] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.439322] kasan_atomics+0xb8/0x2e8 [ 28.439810] kunit_try_run_case+0x170/0x3f0 [ 28.440380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.440991] kthread+0x318/0x620 [ 28.441325] ret_from_fork+0x10/0x20 [ 28.441675] [ 28.443951] The buggy address belongs to the object at fff00000c65edb80 [ 28.443951] which belongs to the cache kmalloc-64 of size 64 [ 28.444867] The buggy address is located 0 bytes to the right of [ 28.444867] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.445991] [ 28.446290] The buggy address belongs to the physical page: [ 28.446970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.447874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.448698] page_type: f5(slab) [ 28.449232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.449825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.450385] page dumped because: kasan: bad access detected [ 28.450843] [ 28.451194] Memory state around the buggy address: [ 28.451767] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.454876] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.455825] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.456618] ^ [ 28.457116] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.457644] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.458255] ================================================================== [ 30.313651] ================================================================== [ 30.315924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 30.316533] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.317296] [ 30.317590] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.317878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.317997] Hardware name: linux,dummy-virt (DT) [ 30.318094] Call trace: [ 30.318177] show_stack+0x20/0x38 (C) [ 30.318331] dump_stack_lvl+0x8c/0xd0 [ 30.318476] print_report+0x118/0x608 [ 30.318608] kasan_report+0xdc/0x128 [ 30.318734] __asan_report_load8_noabort+0x20/0x30 [ 30.318856] kasan_atomics_helper+0x3f04/0x4858 [ 30.319004] kasan_atomics+0x198/0x2e8 [ 30.319131] kunit_try_run_case+0x170/0x3f0 [ 30.319256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.319397] kthread+0x318/0x620 [ 30.319521] ret_from_fork+0x10/0x20 [ 30.319667] [ 30.325319] Allocated by task 254: [ 30.325641] kasan_save_stack+0x3c/0x68 [ 30.326065] kasan_save_track+0x20/0x40 [ 30.326645] kasan_save_alloc_info+0x40/0x58 [ 30.327221] __kasan_kmalloc+0xd4/0xd8 [ 30.327795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.328417] kasan_atomics+0xb8/0x2e8 [ 30.328999] kunit_try_run_case+0x170/0x3f0 [ 30.329569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.330034] kthread+0x318/0x620 [ 30.330379] ret_from_fork+0x10/0x20 [ 30.330705] [ 30.330941] The buggy address belongs to the object at fff00000c65edb80 [ 30.330941] which belongs to the cache kmalloc-64 of size 64 [ 30.332384] The buggy address is located 0 bytes to the right of [ 30.332384] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.333802] [ 30.334088] The buggy address belongs to the physical page: [ 30.334579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.335494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.336340] page_type: f5(slab) [ 30.336755] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.337537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.338412] page dumped because: kasan: bad access detected [ 30.338984] [ 30.339258] Memory state around the buggy address: [ 30.339827] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.340736] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.341681] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.342449] ^ [ 30.343189] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.344053] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.344770] ================================================================== [ 29.512393] ================================================================== [ 29.516467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 29.518297] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.519091] [ 29.519449] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.519650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.519726] Hardware name: linux,dummy-virt (DT) [ 29.519807] Call trace: [ 29.519866] show_stack+0x20/0x38 (C) [ 29.521441] dump_stack_lvl+0x8c/0xd0 [ 29.521571] print_report+0x118/0x608 [ 29.521697] kasan_report+0xdc/0x128 [ 29.521816] __asan_report_load4_noabort+0x20/0x30 [ 29.521976] kasan_atomics_helper+0x3dd8/0x4858 [ 29.522106] kasan_atomics+0x198/0x2e8 [ 29.522246] kunit_try_run_case+0x170/0x3f0 [ 29.522373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.522510] kthread+0x318/0x620 [ 29.522627] ret_from_fork+0x10/0x20 [ 29.522753] [ 29.531419] Allocated by task 254: [ 29.533282] kasan_save_stack+0x3c/0x68 [ 29.534113] kasan_save_track+0x20/0x40 [ 29.535152] kasan_save_alloc_info+0x40/0x58 [ 29.536406] __kasan_kmalloc+0xd4/0xd8 [ 29.536818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.537267] kasan_atomics+0xb8/0x2e8 [ 29.537635] kunit_try_run_case+0x170/0x3f0 [ 29.538046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.538529] kthread+0x318/0x620 [ 29.538900] ret_from_fork+0x10/0x20 [ 29.542363] [ 29.543711] The buggy address belongs to the object at fff00000c65edb80 [ 29.543711] which belongs to the cache kmalloc-64 of size 64 [ 29.546177] The buggy address is located 0 bytes to the right of [ 29.546177] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.549530] [ 29.550350] The buggy address belongs to the physical page: [ 29.551040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.552634] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.553661] page_type: f5(slab) [ 29.554135] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.554680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.556562] page dumped because: kasan: bad access detected [ 29.557807] [ 29.559163] Memory state around the buggy address: [ 29.559801] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.561929] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.562666] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.563237] ^ [ 29.563670] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.564841] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.566340] ================================================================== [ 30.138360] ================================================================== [ 30.138857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 30.141524] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.143324] [ 30.144402] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.144616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.144689] Hardware name: linux,dummy-virt (DT) [ 30.144775] Call trace: [ 30.144834] show_stack+0x20/0x38 (C) [ 30.144979] dump_stack_lvl+0x8c/0xd0 [ 30.145101] print_report+0x118/0x608 [ 30.145226] kasan_report+0xdc/0x128 [ 30.145345] kasan_check_range+0x100/0x1a8 [ 30.145467] __kasan_check_write+0x20/0x30 [ 30.145587] kasan_atomics_helper+0x1190/0x4858 [ 30.145712] kasan_atomics+0x198/0x2e8 [ 30.145829] kunit_try_run_case+0x170/0x3f0 [ 30.146255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.146399] kthread+0x318/0x620 [ 30.146516] ret_from_fork+0x10/0x20 [ 30.146630] [ 30.154397] Allocated by task 254: [ 30.154726] kasan_save_stack+0x3c/0x68 [ 30.157300] kasan_save_track+0x20/0x40 [ 30.158670] kasan_save_alloc_info+0x40/0x58 [ 30.159653] __kasan_kmalloc+0xd4/0xd8 [ 30.160299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.161039] kasan_atomics+0xb8/0x2e8 [ 30.161757] kunit_try_run_case+0x170/0x3f0 [ 30.162498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.163305] kthread+0x318/0x620 [ 30.163999] ret_from_fork+0x10/0x20 [ 30.164638] [ 30.164954] The buggy address belongs to the object at fff00000c65edb80 [ 30.164954] which belongs to the cache kmalloc-64 of size 64 [ 30.166034] The buggy address is located 0 bytes to the right of [ 30.166034] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.167228] [ 30.167554] The buggy address belongs to the physical page: [ 30.168309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.169234] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.170082] page_type: f5(slab) [ 30.170662] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.171427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.172296] page dumped because: kasan: bad access detected [ 30.172954] [ 30.173304] Memory state around the buggy address: [ 30.173864] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.174649] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.175368] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.176117] ^ [ 30.176854] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.177680] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.178464] ================================================================== [ 28.667746] ================================================================== [ 28.668514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 28.670728] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.673051] [ 28.675006] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.675276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.675355] Hardware name: linux,dummy-virt (DT) [ 28.675441] Call trace: [ 28.675507] show_stack+0x20/0x38 (C) [ 28.675639] dump_stack_lvl+0x8c/0xd0 [ 28.675773] print_report+0x118/0x608 [ 28.675924] kasan_report+0xdc/0x128 [ 28.676057] kasan_check_range+0x100/0x1a8 [ 28.676184] __kasan_check_write+0x20/0x30 [ 28.676313] kasan_atomics_helper+0x7cc/0x4858 [ 28.676456] kasan_atomics+0x198/0x2e8 [ 28.676582] kunit_try_run_case+0x170/0x3f0 [ 28.676712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.676851] kthread+0x318/0x620 [ 28.677362] ret_from_fork+0x10/0x20 [ 28.677498] [ 28.694717] Allocated by task 254: [ 28.697422] kasan_save_stack+0x3c/0x68 [ 28.698809] kasan_save_track+0x20/0x40 [ 28.699314] kasan_save_alloc_info+0x40/0x58 [ 28.699756] __kasan_kmalloc+0xd4/0xd8 [ 28.702021] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.703078] kasan_atomics+0xb8/0x2e8 [ 28.703595] kunit_try_run_case+0x170/0x3f0 [ 28.705480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.706748] kthread+0x318/0x620 [ 28.707154] ret_from_fork+0x10/0x20 [ 28.707560] [ 28.707810] The buggy address belongs to the object at fff00000c65edb80 [ 28.707810] which belongs to the cache kmalloc-64 of size 64 [ 28.710795] The buggy address is located 0 bytes to the right of [ 28.710795] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.713471] [ 28.713784] The buggy address belongs to the physical page: [ 28.716631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.720041] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.721005] page_type: f5(slab) [ 28.721488] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.723183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.723771] page dumped because: kasan: bad access detected [ 28.725264] [ 28.726206] Memory state around the buggy address: [ 28.726785] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.727577] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.731998] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.734396] ^ [ 28.735598] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.736366] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.738237] ================================================================== [ 29.797051] ================================================================== [ 29.798354] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 29.799160] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.799921] [ 29.800211] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.800402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.800467] Hardware name: linux,dummy-virt (DT) [ 29.800545] Call trace: [ 29.800598] show_stack+0x20/0x38 (C) [ 29.800723] dump_stack_lvl+0x8c/0xd0 [ 29.800859] print_report+0x118/0x608 [ 29.801042] kasan_report+0xdc/0x128 [ 29.801179] __asan_report_store8_noabort+0x20/0x30 [ 29.801309] kasan_atomics_helper+0x3e5c/0x4858 [ 29.801452] kasan_atomics+0x198/0x2e8 [ 29.801662] kunit_try_run_case+0x170/0x3f0 [ 29.801865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.802019] kthread+0x318/0x620 [ 29.802135] ret_from_fork+0x10/0x20 [ 29.802286] [ 29.811708] Allocated by task 254: [ 29.812228] kasan_save_stack+0x3c/0x68 [ 29.812739] kasan_save_track+0x20/0x40 [ 29.813331] kasan_save_alloc_info+0x40/0x58 [ 29.814241] __kasan_kmalloc+0xd4/0xd8 [ 29.815210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.815868] kasan_atomics+0xb8/0x2e8 [ 29.816763] kunit_try_run_case+0x170/0x3f0 [ 29.818147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.819099] kthread+0x318/0x620 [ 29.820439] ret_from_fork+0x10/0x20 [ 29.821402] [ 29.821634] The buggy address belongs to the object at fff00000c65edb80 [ 29.821634] which belongs to the cache kmalloc-64 of size 64 [ 29.823804] The buggy address is located 0 bytes to the right of [ 29.823804] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.825093] [ 29.825708] The buggy address belongs to the physical page: [ 29.826619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.827389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.828548] page_type: f5(slab) [ 29.830368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.831456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.832133] page dumped because: kasan: bad access detected [ 29.832662] [ 29.833476] Memory state around the buggy address: [ 29.834015] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.835246] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.835805] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.836985] ^ [ 29.837839] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.838764] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.839456] ================================================================== [ 30.423335] ================================================================== [ 30.423950] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 30.424742] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.425766] [ 30.426131] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.426393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.426482] Hardware name: linux,dummy-virt (DT) [ 30.426581] Call trace: [ 30.426688] show_stack+0x20/0x38 (C) [ 30.426916] dump_stack_lvl+0x8c/0xd0 [ 30.427060] print_report+0x118/0x608 [ 30.427205] kasan_report+0xdc/0x128 [ 30.427365] kasan_check_range+0x100/0x1a8 [ 30.427475] __kasan_check_write+0x20/0x30 [ 30.427586] kasan_atomics_helper+0x14e4/0x4858 [ 30.427708] kasan_atomics+0x198/0x2e8 [ 30.427849] kunit_try_run_case+0x170/0x3f0 [ 30.428012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.428137] kthread+0x318/0x620 [ 30.428198] ret_from_fork+0x10/0x20 [ 30.428260] [ 30.435046] Allocated by task 254: [ 30.435629] kasan_save_stack+0x3c/0x68 [ 30.436809] kasan_save_track+0x20/0x40 [ 30.437412] kasan_save_alloc_info+0x40/0x58 [ 30.438409] __kasan_kmalloc+0xd4/0xd8 [ 30.438987] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.439742] kasan_atomics+0xb8/0x2e8 [ 30.440387] kunit_try_run_case+0x170/0x3f0 [ 30.441068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.441785] kthread+0x318/0x620 [ 30.442263] ret_from_fork+0x10/0x20 [ 30.442939] [ 30.443415] The buggy address belongs to the object at fff00000c65edb80 [ 30.443415] which belongs to the cache kmalloc-64 of size 64 [ 30.444517] The buggy address is located 0 bytes to the right of [ 30.444517] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.445799] [ 30.446184] The buggy address belongs to the physical page: [ 30.446841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.447688] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.448505] page_type: f5(slab) [ 30.449040] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.449907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.450624] page dumped because: kasan: bad access detected [ 30.451250] [ 30.451648] Memory state around the buggy address: [ 30.452261] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.453086] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.453812] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.454629] ^ [ 30.455296] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.456081] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.456821] ================================================================== [ 27.892397] ================================================================== [ 27.894407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 27.896932] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 27.898763] [ 27.899463] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.900080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.900153] Hardware name: linux,dummy-virt (DT) [ 27.900233] Call trace: [ 27.900289] show_stack+0x20/0x38 (C) [ 27.900421] dump_stack_lvl+0x8c/0xd0 [ 27.900534] print_report+0x118/0x608 [ 27.900652] kasan_report+0xdc/0x128 [ 27.900762] kasan_check_range+0x100/0x1a8 [ 27.900876] __kasan_check_read+0x20/0x30 [ 27.901057] kasan_atomics_helper+0x1ec/0x4858 [ 27.901181] kasan_atomics+0x198/0x2e8 [ 27.901292] kunit_try_run_case+0x170/0x3f0 [ 27.901412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.901536] kthread+0x318/0x620 [ 27.901648] ret_from_fork+0x10/0x20 [ 27.901764] [ 27.912824] Allocated by task 254: [ 27.915713] kasan_save_stack+0x3c/0x68 [ 27.916675] kasan_save_track+0x20/0x40 [ 27.918566] kasan_save_alloc_info+0x40/0x58 [ 27.919521] __kasan_kmalloc+0xd4/0xd8 [ 27.920818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.922314] kasan_atomics+0xb8/0x2e8 [ 27.923620] kunit_try_run_case+0x170/0x3f0 [ 27.924999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.926281] kthread+0x318/0x620 [ 27.926649] ret_from_fork+0x10/0x20 [ 27.927036] [ 27.927276] The buggy address belongs to the object at fff00000c65edb80 [ 27.927276] which belongs to the cache kmalloc-64 of size 64 [ 27.929499] The buggy address is located 0 bytes to the right of [ 27.929499] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 27.933278] [ 27.934269] The buggy address belongs to the physical page: [ 27.935958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 27.938157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.940125] page_type: f5(slab) [ 27.941269] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 27.941859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.942442] page dumped because: kasan: bad access detected [ 27.943945] [ 27.944465] Memory state around the buggy address: [ 27.946175] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.948417] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.950662] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.952707] ^ [ 27.954285] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.955778] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.957858] ================================================================== [ 28.236448] ================================================================== [ 28.236993] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 28.237528] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.238618] [ 28.239014] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.239229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.239314] Hardware name: linux,dummy-virt (DT) [ 28.239410] Call trace: [ 28.239524] show_stack+0x20/0x38 (C) [ 28.239644] dump_stack_lvl+0x8c/0xd0 [ 28.239754] print_report+0x118/0x608 [ 28.239867] kasan_report+0xdc/0x128 [ 28.239994] kasan_check_range+0x100/0x1a8 [ 28.240093] __kasan_check_write+0x20/0x30 [ 28.240194] kasan_atomics_helper+0x414/0x4858 [ 28.240301] kasan_atomics+0x198/0x2e8 [ 28.240403] kunit_try_run_case+0x170/0x3f0 [ 28.240504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.240620] kthread+0x318/0x620 [ 28.240721] ret_from_fork+0x10/0x20 [ 28.240824] [ 28.248756] Allocated by task 254: [ 28.249200] kasan_save_stack+0x3c/0x68 [ 28.249584] kasan_save_track+0x20/0x40 [ 28.253102] kasan_save_alloc_info+0x40/0x58 [ 28.253777] __kasan_kmalloc+0xd4/0xd8 [ 28.254343] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.256238] kasan_atomics+0xb8/0x2e8 [ 28.256851] kunit_try_run_case+0x170/0x3f0 [ 28.257566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.258356] kthread+0x318/0x620 [ 28.259073] ret_from_fork+0x10/0x20 [ 28.259624] [ 28.260098] The buggy address belongs to the object at fff00000c65edb80 [ 28.260098] which belongs to the cache kmalloc-64 of size 64 [ 28.261563] The buggy address is located 0 bytes to the right of [ 28.261563] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.263665] [ 28.264389] The buggy address belongs to the physical page: [ 28.264816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.265406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.266931] page_type: f5(slab) [ 28.267718] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.268611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.269534] page dumped because: kasan: bad access detected [ 28.270135] [ 28.270435] Memory state around the buggy address: [ 28.271303] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.272169] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.272862] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.273526] ^ [ 28.274955] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.275976] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.276603] ================================================================== [ 30.087057] ================================================================== [ 30.087921] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 30.089687] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.090301] [ 30.090562] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.090749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.090817] Hardware name: linux,dummy-virt (DT) [ 30.090913] Call trace: [ 30.090973] show_stack+0x20/0x38 (C) [ 30.091091] dump_stack_lvl+0x8c/0xd0 [ 30.091200] print_report+0x118/0x608 [ 30.091316] kasan_report+0xdc/0x128 [ 30.091415] kasan_check_range+0x100/0x1a8 [ 30.091515] __kasan_check_write+0x20/0x30 [ 30.091613] kasan_atomics_helper+0x1128/0x4858 [ 30.091721] kasan_atomics+0x198/0x2e8 [ 30.091819] kunit_try_run_case+0x170/0x3f0 [ 30.092709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.092791] kthread+0x318/0x620 [ 30.092851] ret_from_fork+0x10/0x20 [ 30.092945] [ 30.100879] Allocated by task 254: [ 30.101412] kasan_save_stack+0x3c/0x68 [ 30.102014] kasan_save_track+0x20/0x40 [ 30.102595] kasan_save_alloc_info+0x40/0x58 [ 30.103262] __kasan_kmalloc+0xd4/0xd8 [ 30.103803] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.104615] kasan_atomics+0xb8/0x2e8 [ 30.106149] kunit_try_run_case+0x170/0x3f0 [ 30.108048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.109458] kthread+0x318/0x620 [ 30.110420] ret_from_fork+0x10/0x20 [ 30.111284] [ 30.112201] The buggy address belongs to the object at fff00000c65edb80 [ 30.112201] which belongs to the cache kmalloc-64 of size 64 [ 30.113419] The buggy address is located 0 bytes to the right of [ 30.113419] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.116528] [ 30.117705] The buggy address belongs to the physical page: [ 30.119492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.121337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.121867] page_type: f5(slab) [ 30.123804] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.125705] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.127840] page dumped because: kasan: bad access detected [ 30.128513] [ 30.128751] Memory state around the buggy address: [ 30.130608] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.132301] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.132983] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.133600] ^ [ 30.134361] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.135061] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.135762] ================================================================== [ 29.062302] ================================================================== [ 29.065762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 29.068431] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.071290] [ 29.071928] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.072137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.072215] Hardware name: linux,dummy-virt (DT) [ 29.072300] Call trace: [ 29.072366] show_stack+0x20/0x38 (C) [ 29.072503] dump_stack_lvl+0x8c/0xd0 [ 29.072632] print_report+0x118/0x608 [ 29.072762] kasan_report+0xdc/0x128 [ 29.072915] kasan_check_range+0x100/0x1a8 [ 29.073046] __kasan_check_write+0x20/0x30 [ 29.073181] kasan_atomics_helper+0xa6c/0x4858 [ 29.073323] kasan_atomics+0x198/0x2e8 [ 29.073454] kunit_try_run_case+0x170/0x3f0 [ 29.073582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.073724] kthread+0x318/0x620 [ 29.073850] ret_from_fork+0x10/0x20 [ 29.074654] [ 29.088924] Allocated by task 254: [ 29.089318] kasan_save_stack+0x3c/0x68 [ 29.089752] kasan_save_track+0x20/0x40 [ 29.092755] kasan_save_alloc_info+0x40/0x58 [ 29.094312] __kasan_kmalloc+0xd4/0xd8 [ 29.095384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.096877] kasan_atomics+0xb8/0x2e8 [ 29.098267] kunit_try_run_case+0x170/0x3f0 [ 29.099730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.101433] kthread+0x318/0x620 [ 29.102737] ret_from_fork+0x10/0x20 [ 29.103877] [ 29.104156] The buggy address belongs to the object at fff00000c65edb80 [ 29.104156] which belongs to the cache kmalloc-64 of size 64 [ 29.106447] The buggy address is located 0 bytes to the right of [ 29.106447] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.109680] [ 29.110603] The buggy address belongs to the physical page: [ 29.112338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.113711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.116028] page_type: f5(slab) [ 29.117319] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.118337] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.118944] page dumped because: kasan: bad access detected [ 29.119407] [ 29.119664] Memory state around the buggy address: [ 29.122555] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.124940] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.126678] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.128612] ^ [ 29.130262] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.132380] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.133689] ================================================================== [ 28.945560] ================================================================== [ 28.948196] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 28.948765] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.952404] [ 28.952695] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.953281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.953367] Hardware name: linux,dummy-virt (DT) [ 28.953453] Call trace: [ 28.953519] show_stack+0x20/0x38 (C) [ 28.953655] dump_stack_lvl+0x8c/0xd0 [ 28.953786] print_report+0x118/0x608 [ 28.953937] kasan_report+0xdc/0x128 [ 28.954080] kasan_check_range+0x100/0x1a8 [ 28.954244] __kasan_check_write+0x20/0x30 [ 28.954386] kasan_atomics_helper+0x99c/0x4858 [ 28.954534] kasan_atomics+0x198/0x2e8 [ 28.954674] kunit_try_run_case+0x170/0x3f0 [ 28.954808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.956775] kthread+0x318/0x620 [ 28.956922] ret_from_fork+0x10/0x20 [ 28.957056] [ 28.969578] Allocated by task 254: [ 28.970535] kasan_save_stack+0x3c/0x68 [ 28.975507] kasan_save_track+0x20/0x40 [ 28.976312] kasan_save_alloc_info+0x40/0x58 [ 28.979176] __kasan_kmalloc+0xd4/0xd8 [ 28.979603] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.980324] kasan_atomics+0xb8/0x2e8 [ 28.981099] kunit_try_run_case+0x170/0x3f0 [ 28.982598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.984536] kthread+0x318/0x620 [ 28.985755] ret_from_fork+0x10/0x20 [ 28.986595] [ 28.987248] The buggy address belongs to the object at fff00000c65edb80 [ 28.987248] which belongs to the cache kmalloc-64 of size 64 [ 28.991134] The buggy address is located 0 bytes to the right of [ 28.991134] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.992034] [ 28.992276] The buggy address belongs to the physical page: [ 28.992692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.994275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.995419] page_type: f5(slab) [ 28.996086] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.997489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.998694] page dumped because: kasan: bad access detected [ 28.999599] [ 28.999991] Memory state around the buggy address: [ 29.000980] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.002111] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.003106] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.003939] ^ [ 29.004856] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.007957] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.008786] ================================================================== [ 29.842048] ================================================================== [ 29.842737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 29.843589] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.844512] [ 29.844811] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.845507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.845579] Hardware name: linux,dummy-virt (DT) [ 29.845652] Call trace: [ 29.845711] show_stack+0x20/0x38 (C) [ 29.845839] dump_stack_lvl+0x8c/0xd0 [ 29.846033] print_report+0x118/0x608 [ 29.846584] kasan_report+0xdc/0x128 [ 29.846716] kasan_check_range+0x100/0x1a8 [ 29.846841] __kasan_check_write+0x20/0x30 [ 29.846984] kasan_atomics_helper+0xeb8/0x4858 [ 29.847110] kasan_atomics+0x198/0x2e8 [ 29.847235] kunit_try_run_case+0x170/0x3f0 [ 29.849405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.849546] kthread+0x318/0x620 [ 29.849702] ret_from_fork+0x10/0x20 [ 29.849825] [ 29.864211] Allocated by task 254: [ 29.864569] kasan_save_stack+0x3c/0x68 [ 29.865300] kasan_save_track+0x20/0x40 [ 29.865954] kasan_save_alloc_info+0x40/0x58 [ 29.866484] __kasan_kmalloc+0xd4/0xd8 [ 29.867096] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.867615] kasan_atomics+0xb8/0x2e8 [ 29.870016] kunit_try_run_case+0x170/0x3f0 [ 29.870807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.871522] kthread+0x318/0x620 [ 29.873083] ret_from_fork+0x10/0x20 [ 29.874079] [ 29.874436] The buggy address belongs to the object at fff00000c65edb80 [ 29.874436] which belongs to the cache kmalloc-64 of size 64 [ 29.876441] The buggy address is located 0 bytes to the right of [ 29.876441] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.877701] [ 29.878022] The buggy address belongs to the physical page: [ 29.878500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.879187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.880541] page_type: f5(slab) [ 29.881406] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.882404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.883398] page dumped because: kasan: bad access detected [ 29.884214] [ 29.884728] Memory state around the buggy address: [ 29.885121] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.885661] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.886967] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.887685] ^ [ 29.888552] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.889420] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.889990] ================================================================== [ 30.625424] ================================================================== [ 30.626119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 30.627078] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.627840] [ 30.628235] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.628449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.628532] Hardware name: linux,dummy-virt (DT) [ 30.628632] Call trace: [ 30.628700] show_stack+0x20/0x38 (C) [ 30.628845] dump_stack_lvl+0x8c/0xd0 [ 30.629008] print_report+0x118/0x608 [ 30.629235] kasan_report+0xdc/0x128 [ 30.629381] kasan_check_range+0x100/0x1a8 [ 30.629517] __kasan_check_write+0x20/0x30 [ 30.629629] kasan_atomics_helper+0x16d0/0x4858 [ 30.629694] kasan_atomics+0x198/0x2e8 [ 30.629754] kunit_try_run_case+0x170/0x3f0 [ 30.629811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.629876] kthread+0x318/0x620 [ 30.629969] ret_from_fork+0x10/0x20 [ 30.630031] [ 30.636368] Allocated by task 254: [ 30.636832] kasan_save_stack+0x3c/0x68 [ 30.637457] kasan_save_track+0x20/0x40 [ 30.638092] kasan_save_alloc_info+0x40/0x58 [ 30.638674] __kasan_kmalloc+0xd4/0xd8 [ 30.639145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.639789] kasan_atomics+0xb8/0x2e8 [ 30.640408] kunit_try_run_case+0x170/0x3f0 [ 30.640970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.641648] kthread+0x318/0x620 [ 30.642211] ret_from_fork+0x10/0x20 [ 30.643227] [ 30.643509] The buggy address belongs to the object at fff00000c65edb80 [ 30.643509] which belongs to the cache kmalloc-64 of size 64 [ 30.645646] The buggy address is located 0 bytes to the right of [ 30.645646] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.648941] [ 30.649206] The buggy address belongs to the physical page: [ 30.649679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.652384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.654120] page_type: f5(slab) [ 30.655308] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.656316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.657264] page dumped because: kasan: bad access detected [ 30.657868] [ 30.658455] Memory state around the buggy address: [ 30.659029] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.659851] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.660571] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.661499] ^ [ 30.662286] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.663167] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.664021] ================================================================== [ 30.765697] ================================================================== [ 30.766562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 30.767344] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.768254] [ 30.768629] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.768898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.768983] Hardware name: linux,dummy-virt (DT) [ 30.769094] Call trace: [ 30.769169] show_stack+0x20/0x38 (C) [ 30.769362] dump_stack_lvl+0x8c/0xd0 [ 30.769508] print_report+0x118/0x608 [ 30.769589] kasan_report+0xdc/0x128 [ 30.769648] kasan_check_range+0x100/0x1a8 [ 30.769706] __kasan_check_write+0x20/0x30 [ 30.769761] kasan_atomics_helper+0x17ec/0x4858 [ 30.769823] kasan_atomics+0x198/0x2e8 [ 30.769878] kunit_try_run_case+0x170/0x3f0 [ 30.769974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.770039] kthread+0x318/0x620 [ 30.770097] ret_from_fork+0x10/0x20 [ 30.770156] [ 30.776806] Allocated by task 254: [ 30.777377] kasan_save_stack+0x3c/0x68 [ 30.777967] kasan_save_track+0x20/0x40 [ 30.778563] kasan_save_alloc_info+0x40/0x58 [ 30.779148] __kasan_kmalloc+0xd4/0xd8 [ 30.779754] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.780378] kasan_atomics+0xb8/0x2e8 [ 30.781009] kunit_try_run_case+0x170/0x3f0 [ 30.781595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.782360] kthread+0x318/0x620 [ 30.782932] ret_from_fork+0x10/0x20 [ 30.783493] [ 30.783821] The buggy address belongs to the object at fff00000c65edb80 [ 30.783821] which belongs to the cache kmalloc-64 of size 64 [ 30.784973] The buggy address is located 0 bytes to the right of [ 30.784973] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.786250] [ 30.786656] The buggy address belongs to the physical page: [ 30.787595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.788361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.789243] page_type: f5(slab) [ 30.789684] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.790467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.791342] page dumped because: kasan: bad access detected [ 30.791614] [ 30.791748] Memory state around the buggy address: [ 30.792090] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.792693] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.793874] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.794700] ^ [ 30.795258] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.796038] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.796788] ================================================================== [ 28.282097] ================================================================== [ 28.283484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 28.286274] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.287587] [ 28.287859] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.288066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.288134] Hardware name: linux,dummy-virt (DT) [ 28.288214] Call trace: [ 28.288271] show_stack+0x20/0x38 (C) [ 28.288391] dump_stack_lvl+0x8c/0xd0 [ 28.288508] print_report+0x118/0x608 [ 28.288622] kasan_report+0xdc/0x128 [ 28.288738] kasan_check_range+0x100/0x1a8 [ 28.288849] __kasan_check_write+0x20/0x30 [ 28.289633] kasan_atomics_helper+0x47c/0x4858 [ 28.289756] kasan_atomics+0x198/0x2e8 [ 28.289875] kunit_try_run_case+0x170/0x3f0 [ 28.290013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.290145] kthread+0x318/0x620 [ 28.290276] ret_from_fork+0x10/0x20 [ 28.290402] [ 28.303990] Allocated by task 254: [ 28.304471] kasan_save_stack+0x3c/0x68 [ 28.305005] kasan_save_track+0x20/0x40 [ 28.305451] kasan_save_alloc_info+0x40/0x58 [ 28.306081] __kasan_kmalloc+0xd4/0xd8 [ 28.306657] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.307209] kasan_atomics+0xb8/0x2e8 [ 28.307976] kunit_try_run_case+0x170/0x3f0 [ 28.308527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.309144] kthread+0x318/0x620 [ 28.310372] ret_from_fork+0x10/0x20 [ 28.310742] [ 28.311098] The buggy address belongs to the object at fff00000c65edb80 [ 28.311098] which belongs to the cache kmalloc-64 of size 64 [ 28.312264] The buggy address is located 0 bytes to the right of [ 28.312264] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.313393] [ 28.313989] The buggy address belongs to the physical page: [ 28.314684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.315781] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.316728] page_type: f5(slab) [ 28.317245] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.318304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.319328] page dumped because: kasan: bad access detected [ 28.320013] [ 28.320570] Memory state around the buggy address: [ 28.321544] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.322065] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.323026] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.324231] ^ [ 28.325298] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.326114] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.327535] ================================================================== [ 29.384857] ================================================================== [ 29.386299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 29.387207] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.389732] [ 29.390026] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.390242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.390313] Hardware name: linux,dummy-virt (DT) [ 29.390392] Call trace: [ 29.390449] show_stack+0x20/0x38 (C) [ 29.390573] dump_stack_lvl+0x8c/0xd0 [ 29.390696] print_report+0x118/0x608 [ 29.390813] kasan_report+0xdc/0x128 [ 29.391772] kasan_check_range+0x100/0x1a8 [ 29.391923] __kasan_check_write+0x20/0x30 [ 29.392042] kasan_atomics_helper+0xc08/0x4858 [ 29.392163] kasan_atomics+0x198/0x2e8 [ 29.392281] kunit_try_run_case+0x170/0x3f0 [ 29.392399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.392535] kthread+0x318/0x620 [ 29.392653] ret_from_fork+0x10/0x20 [ 29.392777] [ 29.404183] Allocated by task 254: [ 29.404692] kasan_save_stack+0x3c/0x68 [ 29.406187] kasan_save_track+0x20/0x40 [ 29.406589] kasan_save_alloc_info+0x40/0x58 [ 29.407026] __kasan_kmalloc+0xd4/0xd8 [ 29.407431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.407854] kasan_atomics+0xb8/0x2e8 [ 29.409188] kunit_try_run_case+0x170/0x3f0 [ 29.409819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.412379] kthread+0x318/0x620 [ 29.413650] ret_from_fork+0x10/0x20 [ 29.414150] [ 29.414410] The buggy address belongs to the object at fff00000c65edb80 [ 29.414410] which belongs to the cache kmalloc-64 of size 64 [ 29.416702] The buggy address is located 0 bytes to the right of [ 29.416702] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.417766] [ 29.418467] The buggy address belongs to the physical page: [ 29.419957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.421672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.422598] page_type: f5(slab) [ 29.424290] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.425376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.426783] page dumped because: kasan: bad access detected [ 29.427811] [ 29.428562] Memory state around the buggy address: [ 29.429174] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.429828] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.431524] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.433809] ^ [ 29.434491] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.435099] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.435625] ================================================================== [ 29.260740] ================================================================== [ 29.261511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 29.265408] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.266341] [ 29.266618] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.266816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.266911] Hardware name: linux,dummy-virt (DT) [ 29.267723] Call trace: [ 29.267790] show_stack+0x20/0x38 (C) [ 29.267995] dump_stack_lvl+0x8c/0xd0 [ 29.268130] print_report+0x118/0x608 [ 29.268252] kasan_report+0xdc/0x128 [ 29.268367] kasan_check_range+0x100/0x1a8 [ 29.268486] __kasan_check_write+0x20/0x30 [ 29.268603] kasan_atomics_helper+0xb70/0x4858 [ 29.268723] kasan_atomics+0x198/0x2e8 [ 29.268847] kunit_try_run_case+0x170/0x3f0 [ 29.269000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.269127] kthread+0x318/0x620 [ 29.269232] ret_from_fork+0x10/0x20 [ 29.269357] [ 29.284145] Allocated by task 254: [ 29.285254] kasan_save_stack+0x3c/0x68 [ 29.285824] kasan_save_track+0x20/0x40 [ 29.286392] kasan_save_alloc_info+0x40/0x58 [ 29.288116] __kasan_kmalloc+0xd4/0xd8 [ 29.288654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.290156] kasan_atomics+0xb8/0x2e8 [ 29.290955] kunit_try_run_case+0x170/0x3f0 [ 29.291480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.295394] kthread+0x318/0x620 [ 29.296218] ret_from_fork+0x10/0x20 [ 29.297119] [ 29.297353] The buggy address belongs to the object at fff00000c65edb80 [ 29.297353] which belongs to the cache kmalloc-64 of size 64 [ 29.298234] The buggy address is located 0 bytes to the right of [ 29.298234] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.301067] [ 29.301932] The buggy address belongs to the physical page: [ 29.302676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.304508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.305725] page_type: f5(slab) [ 29.306809] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.308481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.309682] page dumped because: kasan: bad access detected [ 29.310802] [ 29.312099] Memory state around the buggy address: [ 29.312661] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.313335] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.313879] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.316931] ^ [ 29.317513] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.319806] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.320467] ================================================================== [ 30.666293] ================================================================== [ 30.666977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 30.667733] Read of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.668469] [ 30.668855] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.669149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.669231] Hardware name: linux,dummy-virt (DT) [ 30.669364] Call trace: [ 30.669434] show_stack+0x20/0x38 (C) [ 30.669558] dump_stack_lvl+0x8c/0xd0 [ 30.669623] print_report+0x118/0x608 [ 30.669685] kasan_report+0xdc/0x128 [ 30.669743] __asan_report_load8_noabort+0x20/0x30 [ 30.669804] kasan_atomics_helper+0x3e10/0x4858 [ 30.669866] kasan_atomics+0x198/0x2e8 [ 30.669956] kunit_try_run_case+0x170/0x3f0 [ 30.670018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.670084] kthread+0x318/0x620 [ 30.670140] ret_from_fork+0x10/0x20 [ 30.670217] [ 30.676816] Allocated by task 254: [ 30.677420] kasan_save_stack+0x3c/0x68 [ 30.677975] kasan_save_track+0x20/0x40 [ 30.678634] kasan_save_alloc_info+0x40/0x58 [ 30.679310] __kasan_kmalloc+0xd4/0xd8 [ 30.679841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.680496] kasan_atomics+0xb8/0x2e8 [ 30.681113] kunit_try_run_case+0x170/0x3f0 [ 30.681671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.682434] kthread+0x318/0x620 [ 30.682958] ret_from_fork+0x10/0x20 [ 30.683532] [ 30.683902] The buggy address belongs to the object at fff00000c65edb80 [ 30.683902] which belongs to the cache kmalloc-64 of size 64 [ 30.684970] The buggy address is located 0 bytes to the right of [ 30.684970] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.686313] [ 30.686643] The buggy address belongs to the physical page: [ 30.687382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.688332] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.689085] page_type: f5(slab) [ 30.689795] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.690679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.691560] page dumped because: kasan: bad access detected [ 30.692133] [ 30.692419] Memory state around the buggy address: [ 30.692984] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.693654] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.694356] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.695115] ^ [ 30.695852] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.696735] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.697542] ================================================================== [ 29.567751] ================================================================== [ 29.570311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 29.571175] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.571811] [ 29.574479] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.574684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.574758] Hardware name: linux,dummy-virt (DT) [ 29.574843] Call trace: [ 29.574925] show_stack+0x20/0x38 (C) [ 29.575057] dump_stack_lvl+0x8c/0xd0 [ 29.575190] print_report+0x118/0x608 [ 29.575319] kasan_report+0xdc/0x128 [ 29.575439] kasan_check_range+0x100/0x1a8 [ 29.575562] __kasan_check_write+0x20/0x30 [ 29.575679] kasan_atomics_helper+0xd3c/0x4858 [ 29.575794] kasan_atomics+0x198/0x2e8 [ 29.575941] kunit_try_run_case+0x170/0x3f0 [ 29.576068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.576201] kthread+0x318/0x620 [ 29.576320] ret_from_fork+0x10/0x20 [ 29.576444] [ 29.589675] Allocated by task 254: [ 29.591527] kasan_save_stack+0x3c/0x68 [ 29.592225] kasan_save_track+0x20/0x40 [ 29.592616] kasan_save_alloc_info+0x40/0x58 [ 29.594076] __kasan_kmalloc+0xd4/0xd8 [ 29.594856] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.595304] kasan_atomics+0xb8/0x2e8 [ 29.597468] kunit_try_run_case+0x170/0x3f0 [ 29.598372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.599858] kthread+0x318/0x620 [ 29.600700] ret_from_fork+0x10/0x20 [ 29.601521] [ 29.601975] The buggy address belongs to the object at fff00000c65edb80 [ 29.601975] which belongs to the cache kmalloc-64 of size 64 [ 29.604004] The buggy address is located 0 bytes to the right of [ 29.604004] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.605537] [ 29.605798] The buggy address belongs to the physical page: [ 29.607151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.608186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.609229] page_type: f5(slab) [ 29.609714] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.610609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.611415] page dumped because: kasan: bad access detected [ 29.614639] [ 29.614975] Memory state around the buggy address: [ 29.615436] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.616024] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.616726] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.617691] ^ [ 29.618345] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.618951] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.619832] ================================================================== [ 28.873910] ================================================================== [ 28.874441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 28.877197] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.877994] [ 28.878300] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.878460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.878518] Hardware name: linux,dummy-virt (DT) [ 28.878588] Call trace: [ 28.878634] show_stack+0x20/0x38 (C) [ 28.878735] dump_stack_lvl+0x8c/0xd0 [ 28.878828] print_report+0x118/0x608 [ 28.881284] kasan_report+0xdc/0x128 [ 28.881407] kasan_check_range+0x100/0x1a8 [ 28.881524] __kasan_check_write+0x20/0x30 [ 28.881629] kasan_atomics_helper+0x934/0x4858 [ 28.881747] kasan_atomics+0x198/0x2e8 [ 28.881859] kunit_try_run_case+0x170/0x3f0 [ 28.881996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.882121] kthread+0x318/0x620 [ 28.882239] ret_from_fork+0x10/0x20 [ 28.882349] [ 28.896279] Allocated by task 254: [ 28.897010] kasan_save_stack+0x3c/0x68 [ 28.899756] kasan_save_track+0x20/0x40 [ 28.901231] kasan_save_alloc_info+0x40/0x58 [ 28.901670] __kasan_kmalloc+0xd4/0xd8 [ 28.902096] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.902550] kasan_atomics+0xb8/0x2e8 [ 28.903919] kunit_try_run_case+0x170/0x3f0 [ 28.904817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.906220] kthread+0x318/0x620 [ 28.908674] ret_from_fork+0x10/0x20 [ 28.909146] [ 28.909423] The buggy address belongs to the object at fff00000c65edb80 [ 28.909423] which belongs to the cache kmalloc-64 of size 64 [ 28.914560] The buggy address is located 0 bytes to the right of [ 28.914560] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.915452] [ 28.915718] The buggy address belongs to the physical page: [ 28.916658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.918798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.921921] page_type: f5(slab) [ 28.923387] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.925393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.927514] page dumped because: kasan: bad access detected [ 28.928511] [ 28.928765] Memory state around the buggy address: [ 28.929218] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.929790] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.932606] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.935923] ^ [ 28.938116] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.938698] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.940934] ================================================================== [ 30.045740] ================================================================== [ 30.046806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 30.047791] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.048383] [ 30.048654] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.048990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.049121] Hardware name: linux,dummy-virt (DT) [ 30.049196] Call trace: [ 30.049253] show_stack+0x20/0x38 (C) [ 30.049387] dump_stack_lvl+0x8c/0xd0 [ 30.049560] print_report+0x118/0x608 [ 30.049670] kasan_report+0xdc/0x128 [ 30.049770] kasan_check_range+0x100/0x1a8 [ 30.049912] __kasan_check_write+0x20/0x30 [ 30.050032] kasan_atomics_helper+0x10c0/0x4858 [ 30.050148] kasan_atomics+0x198/0x2e8 [ 30.050271] kunit_try_run_case+0x170/0x3f0 [ 30.050389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.050516] kthread+0x318/0x620 [ 30.050627] ret_from_fork+0x10/0x20 [ 30.050741] [ 30.063257] Allocated by task 254: [ 30.063601] kasan_save_stack+0x3c/0x68 [ 30.064247] kasan_save_track+0x20/0x40 [ 30.064647] kasan_save_alloc_info+0x40/0x58 [ 30.065033] __kasan_kmalloc+0xd4/0xd8 [ 30.065371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.065909] kasan_atomics+0xb8/0x2e8 [ 30.066921] kunit_try_run_case+0x170/0x3f0 [ 30.068617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.069350] kthread+0x318/0x620 [ 30.069980] ret_from_fork+0x10/0x20 [ 30.070346] [ 30.070575] The buggy address belongs to the object at fff00000c65edb80 [ 30.070575] which belongs to the cache kmalloc-64 of size 64 [ 30.071438] The buggy address is located 0 bytes to the right of [ 30.071438] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.073513] [ 30.073846] The buggy address belongs to the physical page: [ 30.074515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.076059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.077311] page_type: f5(slab) [ 30.077695] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.078326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.079095] page dumped because: kasan: bad access detected [ 30.079571] [ 30.079791] Memory state around the buggy address: [ 30.080442] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.081200] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.081731] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.082262] ^ [ 30.082656] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.083225] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.083823] ================================================================== [ 29.963773] ================================================================== [ 29.964539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 29.965896] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 29.966576] [ 29.966960] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 29.967168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.967249] Hardware name: linux,dummy-virt (DT) [ 29.967348] Call trace: [ 29.967482] show_stack+0x20/0x38 (C) [ 29.967634] dump_stack_lvl+0x8c/0xd0 [ 29.967759] print_report+0x118/0x608 [ 29.967923] kasan_report+0xdc/0x128 [ 29.968044] kasan_check_range+0x100/0x1a8 [ 29.968168] __kasan_check_write+0x20/0x30 [ 29.968286] kasan_atomics_helper+0xff0/0x4858 [ 29.968403] kasan_atomics+0x198/0x2e8 [ 29.968514] kunit_try_run_case+0x170/0x3f0 [ 29.968623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.968747] kthread+0x318/0x620 [ 29.968855] ret_from_fork+0x10/0x20 [ 29.968992] [ 29.978931] Allocated by task 254: [ 29.979320] kasan_save_stack+0x3c/0x68 [ 29.979700] kasan_save_track+0x20/0x40 [ 29.981252] kasan_save_alloc_info+0x40/0x58 [ 29.981943] __kasan_kmalloc+0xd4/0xd8 [ 29.982326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.982733] kasan_atomics+0xb8/0x2e8 [ 29.983148] kunit_try_run_case+0x170/0x3f0 [ 29.984820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.985793] kthread+0x318/0x620 [ 29.986536] ret_from_fork+0x10/0x20 [ 29.987239] [ 29.987699] The buggy address belongs to the object at fff00000c65edb80 [ 29.987699] which belongs to the cache kmalloc-64 of size 64 [ 29.990062] The buggy address is located 0 bytes to the right of [ 29.990062] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 29.991178] [ 29.991432] The buggy address belongs to the physical page: [ 29.991848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 29.994240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.995159] page_type: f5(slab) [ 29.995592] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.996343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.997371] page dumped because: kasan: bad access detected [ 29.998205] [ 29.998606] Memory state around the buggy address: [ 29.999519] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.000595] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.001761] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.002635] ^ [ 30.003084] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.004432] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.005338] ================================================================== [ 30.699670] ================================================================== [ 30.700623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 30.701287] Write of size 8 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 30.702319] [ 30.702668] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 30.702989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.703074] Hardware name: linux,dummy-virt (DT) [ 30.703235] Call trace: [ 30.703300] show_stack+0x20/0x38 (C) [ 30.703412] dump_stack_lvl+0x8c/0xd0 [ 30.703527] print_report+0x118/0x608 [ 30.703648] kasan_report+0xdc/0x128 [ 30.703789] kasan_check_range+0x100/0x1a8 [ 30.703939] __kasan_check_write+0x20/0x30 [ 30.704081] kasan_atomics_helper+0x175c/0x4858 [ 30.704179] kasan_atomics+0x198/0x2e8 [ 30.704241] kunit_try_run_case+0x170/0x3f0 [ 30.704302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.704367] kthread+0x318/0x620 [ 30.704422] ret_from_fork+0x10/0x20 [ 30.704485] [ 30.711531] Allocated by task 254: [ 30.712068] kasan_save_stack+0x3c/0x68 [ 30.712646] kasan_save_track+0x20/0x40 [ 30.713381] kasan_save_alloc_info+0x40/0x58 [ 30.714102] __kasan_kmalloc+0xd4/0xd8 [ 30.714685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.715380] kasan_atomics+0xb8/0x2e8 [ 30.716098] kunit_try_run_case+0x170/0x3f0 [ 30.716686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.717470] kthread+0x318/0x620 [ 30.718040] ret_from_fork+0x10/0x20 [ 30.718627] [ 30.719028] The buggy address belongs to the object at fff00000c65edb80 [ 30.719028] which belongs to the cache kmalloc-64 of size 64 [ 30.720308] The buggy address is located 0 bytes to the right of [ 30.720308] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 30.721542] [ 30.721874] The buggy address belongs to the physical page: [ 30.722483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 30.723392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.724206] page_type: f5(slab) [ 30.724652] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.725420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.726147] page dumped because: kasan: bad access detected [ 30.726813] [ 30.727467] Memory state around the buggy address: [ 30.728156] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.728488] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.728802] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.729136] ^ [ 30.729385] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.729699] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.730033] ================================================================== [ 28.814292] ================================================================== [ 28.815605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 28.817443] Read of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 28.819692] [ 28.820009] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 28.820216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.820287] Hardware name: linux,dummy-virt (DT) [ 28.820376] Call trace: [ 28.820439] show_stack+0x20/0x38 (C) [ 28.820578] dump_stack_lvl+0x8c/0xd0 [ 28.820708] print_report+0x118/0x608 [ 28.820837] kasan_report+0xdc/0x128 [ 28.821715] __asan_report_load4_noabort+0x20/0x30 [ 28.821843] kasan_atomics_helper+0x42d8/0x4858 [ 28.822046] kasan_atomics+0x198/0x2e8 [ 28.822190] kunit_try_run_case+0x170/0x3f0 [ 28.822327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.822466] kthread+0x318/0x620 [ 28.822598] ret_from_fork+0x10/0x20 [ 28.822719] [ 28.834747] Allocated by task 254: [ 28.835180] kasan_save_stack+0x3c/0x68 [ 28.835564] kasan_save_track+0x20/0x40 [ 28.836478] kasan_save_alloc_info+0x40/0x58 [ 28.838561] __kasan_kmalloc+0xd4/0xd8 [ 28.839314] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.840526] kasan_atomics+0xb8/0x2e8 [ 28.841811] kunit_try_run_case+0x170/0x3f0 [ 28.842631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.843626] kthread+0x318/0x620 [ 28.844867] ret_from_fork+0x10/0x20 [ 28.846089] [ 28.846362] The buggy address belongs to the object at fff00000c65edb80 [ 28.846362] which belongs to the cache kmalloc-64 of size 64 [ 28.848730] The buggy address is located 0 bytes to the right of [ 28.848730] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 28.850983] [ 28.851218] The buggy address belongs to the physical page: [ 28.851616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.853687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.855714] page_type: f5(slab) [ 28.856612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.858015] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.859551] page dumped because: kasan: bad access detected [ 28.861408] [ 28.861752] Memory state around the buggy address: [ 28.863407] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.864618] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.866816] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.867686] ^ [ 28.869078] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.869780] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.870411] ================================================================== [ 27.963527] ================================================================== [ 27.965834] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 27.968672] Write of size 4 at addr fff00000c65edbb0 by task kunit_try_catch/254 [ 27.970573] [ 27.971501] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.971705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.971775] Hardware name: linux,dummy-virt (DT) [ 27.971856] Call trace: [ 27.971936] show_stack+0x20/0x38 (C) [ 27.972069] dump_stack_lvl+0x8c/0xd0 [ 27.972187] print_report+0x118/0x608 [ 27.972305] kasan_report+0xdc/0x128 [ 27.972421] kasan_check_range+0x100/0x1a8 [ 27.972535] __kasan_check_write+0x20/0x30 [ 27.972647] kasan_atomics_helper+0x24c/0x4858 [ 27.972770] kasan_atomics+0x198/0x2e8 [ 27.972901] kunit_try_run_case+0x170/0x3f0 [ 27.973085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.973234] kthread+0x318/0x620 [ 27.973353] ret_from_fork+0x10/0x20 [ 27.973478] [ 27.985454] Allocated by task 254: [ 27.986365] kasan_save_stack+0x3c/0x68 [ 27.987163] kasan_save_track+0x20/0x40 [ 27.987867] kasan_save_alloc_info+0x40/0x58 [ 27.988640] __kasan_kmalloc+0xd4/0xd8 [ 27.989762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.990899] kasan_atomics+0xb8/0x2e8 [ 27.991659] kunit_try_run_case+0x170/0x3f0 [ 27.992430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.993560] kthread+0x318/0x620 [ 27.993975] ret_from_fork+0x10/0x20 [ 27.994358] [ 27.994599] The buggy address belongs to the object at fff00000c65edb80 [ 27.994599] which belongs to the cache kmalloc-64 of size 64 [ 27.996613] The buggy address is located 0 bytes to the right of [ 27.996613] allocated 48-byte region [fff00000c65edb80, fff00000c65edbb0) [ 27.998934] [ 27.999399] The buggy address belongs to the physical page: [ 28.000433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ed [ 28.002056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.003348] page_type: f5(slab) [ 28.004032] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.004962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.006580] page dumped because: kasan: bad access detected [ 28.007458] [ 28.007701] Memory state around the buggy address: [ 28.008421] fff00000c65eda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.010144] fff00000c65edb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.011294] >fff00000c65edb80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.012071] ^ [ 28.013105] fff00000c65edc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.014420] fff00000c65edc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.015662] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 27.007496] ================================================================== [ 27.008315] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 27.009259] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.011576] [ 27.012239] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.012446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.012519] Hardware name: linux,dummy-virt (DT) [ 27.012605] Call trace: [ 27.012666] show_stack+0x20/0x38 (C) [ 27.012801] dump_stack_lvl+0x8c/0xd0 [ 27.013584] print_report+0x118/0x608 [ 27.013726] kasan_report+0xdc/0x128 [ 27.013853] kasan_check_range+0x100/0x1a8 [ 27.014003] __kasan_check_write+0x20/0x30 [ 27.014134] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 27.014292] kasan_bitops_generic+0x11c/0x1c8 [ 27.014417] kunit_try_run_case+0x170/0x3f0 [ 27.014554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.014690] kthread+0x318/0x620 [ 27.014816] ret_from_fork+0x10/0x20 [ 27.014965] [ 27.028840] Allocated by task 250: [ 27.030320] kasan_save_stack+0x3c/0x68 [ 27.031804] kasan_save_track+0x20/0x40 [ 27.033286] kasan_save_alloc_info+0x40/0x58 [ 27.034470] __kasan_kmalloc+0xd4/0xd8 [ 27.036080] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.036520] kasan_bitops_generic+0xa0/0x1c8 [ 27.037832] kunit_try_run_case+0x170/0x3f0 [ 27.039368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.041309] kthread+0x318/0x620 [ 27.042091] ret_from_fork+0x10/0x20 [ 27.043554] [ 27.044150] The buggy address belongs to the object at fff00000c596b740 [ 27.044150] which belongs to the cache kmalloc-16 of size 16 [ 27.045797] The buggy address is located 8 bytes inside of [ 27.045797] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.049136] [ 27.050085] The buggy address belongs to the physical page: [ 27.051345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.051979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.052521] page_type: f5(slab) [ 27.052870] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.056520] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.058729] page dumped because: kasan: bad access detected [ 27.059992] [ 27.060963] Memory state around the buggy address: [ 27.062639] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.064653] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.066282] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.067874] ^ [ 27.068335] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.069845] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.072358] ================================================================== [ 27.158971] ================================================================== [ 27.159744] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 27.160533] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.163822] [ 27.164184] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.164384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.164453] Hardware name: linux,dummy-virt (DT) [ 27.164537] Call trace: [ 27.164592] show_stack+0x20/0x38 (C) [ 27.164715] dump_stack_lvl+0x8c/0xd0 [ 27.164829] print_report+0x118/0x608 [ 27.165516] kasan_report+0xdc/0x128 [ 27.165645] kasan_check_range+0x100/0x1a8 [ 27.165762] __kasan_check_write+0x20/0x30 [ 27.165909] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 27.166059] kasan_bitops_generic+0x11c/0x1c8 [ 27.166197] kunit_try_run_case+0x170/0x3f0 [ 27.166331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.166473] kthread+0x318/0x620 [ 27.166595] ret_from_fork+0x10/0x20 [ 27.166724] [ 27.178431] Allocated by task 250: [ 27.179861] kasan_save_stack+0x3c/0x68 [ 27.181063] kasan_save_track+0x20/0x40 [ 27.181782] kasan_save_alloc_info+0x40/0x58 [ 27.183073] __kasan_kmalloc+0xd4/0xd8 [ 27.184198] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.184644] kasan_bitops_generic+0xa0/0x1c8 [ 27.185866] kunit_try_run_case+0x170/0x3f0 [ 27.186502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.188187] kthread+0x318/0x620 [ 27.189764] ret_from_fork+0x10/0x20 [ 27.190495] [ 27.190756] The buggy address belongs to the object at fff00000c596b740 [ 27.190756] which belongs to the cache kmalloc-16 of size 16 [ 27.192773] The buggy address is located 8 bytes inside of [ 27.192773] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.195101] [ 27.195436] The buggy address belongs to the physical page: [ 27.196823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.197926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.199318] page_type: f5(slab) [ 27.199706] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.201993] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.203258] page dumped because: kasan: bad access detected [ 27.204658] [ 27.205470] Memory state around the buggy address: [ 27.206075] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.206633] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.207488] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.209820] ^ [ 27.211107] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.212635] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.213416] ================================================================== [ 27.344512] ================================================================== [ 27.347579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 27.349675] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.352036] [ 27.352307] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.352513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.352601] Hardware name: linux,dummy-virt (DT) [ 27.352693] Call trace: [ 27.352755] show_stack+0x20/0x38 (C) [ 27.353525] dump_stack_lvl+0x8c/0xd0 [ 27.353661] print_report+0x118/0x608 [ 27.353782] kasan_report+0xdc/0x128 [ 27.353918] __asan_report_load8_noabort+0x20/0x30 [ 27.354047] kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 27.354192] kasan_bitops_generic+0x11c/0x1c8 [ 27.354336] kunit_try_run_case+0x170/0x3f0 [ 27.354448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.354575] kthread+0x318/0x620 [ 27.354688] ret_from_fork+0x10/0x20 [ 27.354804] [ 27.368582] Allocated by task 250: [ 27.369372] kasan_save_stack+0x3c/0x68 [ 27.370023] kasan_save_track+0x20/0x40 [ 27.370538] kasan_save_alloc_info+0x40/0x58 [ 27.371617] __kasan_kmalloc+0xd4/0xd8 [ 27.373030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.373804] kasan_bitops_generic+0xa0/0x1c8 [ 27.375148] kunit_try_run_case+0x170/0x3f0 [ 27.375584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.376085] kthread+0x318/0x620 [ 27.376438] ret_from_fork+0x10/0x20 [ 27.376824] [ 27.378181] The buggy address belongs to the object at fff00000c596b740 [ 27.378181] which belongs to the cache kmalloc-16 of size 16 [ 27.383208] The buggy address is located 8 bytes inside of [ 27.383208] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.384093] [ 27.384343] The buggy address belongs to the physical page: [ 27.384782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.387468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.389176] page_type: f5(slab) [ 27.389687] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.397016] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.398145] page dumped because: kasan: bad access detected [ 27.398821] [ 27.400047] Memory state around the buggy address: [ 27.400471] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.404344] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.405287] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.405821] ^ [ 27.408055] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.410098] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.412925] ================================================================== [ 27.216283] ================================================================== [ 27.218070] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 27.220442] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.222386] [ 27.222725] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.223874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.223969] Hardware name: linux,dummy-virt (DT) [ 27.224055] Call trace: [ 27.224111] show_stack+0x20/0x38 (C) [ 27.224239] dump_stack_lvl+0x8c/0xd0 [ 27.224358] print_report+0x118/0x608 [ 27.224475] kasan_report+0xdc/0x128 [ 27.224593] __asan_report_load8_noabort+0x20/0x30 [ 27.224711] kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 27.224847] kasan_bitops_generic+0x11c/0x1c8 [ 27.225231] kunit_try_run_case+0x170/0x3f0 [ 27.225368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.225507] kthread+0x318/0x620 [ 27.225635] ret_from_fork+0x10/0x20 [ 27.225767] [ 27.237055] Allocated by task 250: [ 27.237527] kasan_save_stack+0x3c/0x68 [ 27.239413] kasan_save_track+0x20/0x40 [ 27.239903] kasan_save_alloc_info+0x40/0x58 [ 27.242104] __kasan_kmalloc+0xd4/0xd8 [ 27.243381] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.244135] kasan_bitops_generic+0xa0/0x1c8 [ 27.244554] kunit_try_run_case+0x170/0x3f0 [ 27.245566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.247298] kthread+0x318/0x620 [ 27.248515] ret_from_fork+0x10/0x20 [ 27.249475] [ 27.250294] The buggy address belongs to the object at fff00000c596b740 [ 27.250294] which belongs to the cache kmalloc-16 of size 16 [ 27.251374] The buggy address is located 8 bytes inside of [ 27.251374] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.252588] [ 27.252845] The buggy address belongs to the physical page: [ 27.257189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.259080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.260529] page_type: f5(slab) [ 27.261427] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.263753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.265636] page dumped because: kasan: bad access detected [ 27.268114] [ 27.268415] Memory state around the buggy address: [ 27.268851] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.270797] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.274289] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.275663] ^ [ 27.277044] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.277707] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.282329] ================================================================== [ 27.503299] ================================================================== [ 27.504236] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 27.506448] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.507551] [ 27.509691] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.509916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.509989] Hardware name: linux,dummy-virt (DT) [ 27.510070] Call trace: [ 27.510126] show_stack+0x20/0x38 (C) [ 27.510266] dump_stack_lvl+0x8c/0xd0 [ 27.510383] print_report+0x118/0x608 [ 27.510505] kasan_report+0xdc/0x128 [ 27.510618] __asan_report_load8_noabort+0x20/0x30 [ 27.510736] kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 27.510874] kasan_bitops_generic+0x11c/0x1c8 [ 27.511021] kunit_try_run_case+0x170/0x3f0 [ 27.511143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.511274] kthread+0x318/0x620 [ 27.511389] ret_from_fork+0x10/0x20 [ 27.511510] [ 27.529680] Allocated by task 250: [ 27.530210] kasan_save_stack+0x3c/0x68 [ 27.530760] kasan_save_track+0x20/0x40 [ 27.534281] kasan_save_alloc_info+0x40/0x58 [ 27.535574] __kasan_kmalloc+0xd4/0xd8 [ 27.537315] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.537748] kasan_bitops_generic+0xa0/0x1c8 [ 27.538207] kunit_try_run_case+0x170/0x3f0 [ 27.538581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.539097] kthread+0x318/0x620 [ 27.539455] ret_from_fork+0x10/0x20 [ 27.539822] [ 27.543971] The buggy address belongs to the object at fff00000c596b740 [ 27.543971] which belongs to the cache kmalloc-16 of size 16 [ 27.548323] The buggy address is located 8 bytes inside of [ 27.548323] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.549655] [ 27.550658] The buggy address belongs to the physical page: [ 27.552123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.553149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.553681] page_type: f5(slab) [ 27.555088] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.555764] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.556345] page dumped because: kasan: bad access detected [ 27.556798] [ 27.557058] Memory state around the buggy address: [ 27.557472] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.559347] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.561694] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.562534] ^ [ 27.564491] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.565517] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.567629] ================================================================== [ 27.416415] ================================================================== [ 27.417016] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 27.417676] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.422579] [ 27.422852] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.423078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.423150] Hardware name: linux,dummy-virt (DT) [ 27.423228] Call trace: [ 27.423285] show_stack+0x20/0x38 (C) [ 27.423412] dump_stack_lvl+0x8c/0xd0 [ 27.423529] print_report+0x118/0x608 [ 27.423645] kasan_report+0xdc/0x128 [ 27.423760] kasan_check_range+0x100/0x1a8 [ 27.423875] __kasan_check_write+0x20/0x30 [ 27.425453] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 27.425601] kasan_bitops_generic+0x11c/0x1c8 [ 27.425733] kunit_try_run_case+0x170/0x3f0 [ 27.425852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.426008] kthread+0x318/0x620 [ 27.426122] ret_from_fork+0x10/0x20 [ 27.426254] [ 27.445477] Allocated by task 250: [ 27.445866] kasan_save_stack+0x3c/0x68 [ 27.446368] kasan_save_track+0x20/0x40 [ 27.446755] kasan_save_alloc_info+0x40/0x58 [ 27.449401] __kasan_kmalloc+0xd4/0xd8 [ 27.452336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.453642] kasan_bitops_generic+0xa0/0x1c8 [ 27.454961] kunit_try_run_case+0x170/0x3f0 [ 27.457440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.458859] kthread+0x318/0x620 [ 27.462778] ret_from_fork+0x10/0x20 [ 27.463423] [ 27.463748] The buggy address belongs to the object at fff00000c596b740 [ 27.463748] which belongs to the cache kmalloc-16 of size 16 [ 27.466963] The buggy address is located 8 bytes inside of [ 27.466963] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.469870] [ 27.471941] The buggy address belongs to the physical page: [ 27.472413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.473591] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.474807] page_type: f5(slab) [ 27.476558] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.481352] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.482194] page dumped because: kasan: bad access detected [ 27.483591] [ 27.484111] Memory state around the buggy address: [ 27.486521] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.488361] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.490674] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.491409] ^ [ 27.492947] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.493760] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.497147] ================================================================== [ 27.575396] ================================================================== [ 27.576225] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 27.581010] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.581754] [ 27.585222] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.585425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.585491] Hardware name: linux,dummy-virt (DT) [ 27.585570] Call trace: [ 27.585624] show_stack+0x20/0x38 (C) [ 27.585753] dump_stack_lvl+0x8c/0xd0 [ 27.585874] print_report+0x118/0x608 [ 27.586020] kasan_report+0xdc/0x128 [ 27.586134] __asan_report_load8_noabort+0x20/0x30 [ 27.586266] kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 27.586401] kasan_bitops_generic+0x11c/0x1c8 [ 27.586519] kunit_try_run_case+0x170/0x3f0 [ 27.586639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.586768] kthread+0x318/0x620 [ 27.586904] ret_from_fork+0x10/0x20 [ 27.587030] [ 27.603530] Allocated by task 250: [ 27.606739] kasan_save_stack+0x3c/0x68 [ 27.607536] kasan_save_track+0x20/0x40 [ 27.608940] kasan_save_alloc_info+0x40/0x58 [ 27.609498] __kasan_kmalloc+0xd4/0xd8 [ 27.612712] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.615839] kasan_bitops_generic+0xa0/0x1c8 [ 27.616621] kunit_try_run_case+0x170/0x3f0 [ 27.619550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.620769] kthread+0x318/0x620 [ 27.621318] ret_from_fork+0x10/0x20 [ 27.621734] [ 27.625397] The buggy address belongs to the object at fff00000c596b740 [ 27.625397] which belongs to the cache kmalloc-16 of size 16 [ 27.629746] The buggy address is located 8 bytes inside of [ 27.629746] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.630712] [ 27.634014] The buggy address belongs to the physical page: [ 27.634699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.641605] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.642515] page_type: f5(slab) [ 27.644087] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.646778] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.650872] page dumped because: kasan: bad access detected [ 27.651474] [ 27.651713] Memory state around the buggy address: [ 27.652143] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.652738] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.656375] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.656930] ^ [ 27.657400] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.658979] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.661277] ================================================================== [ 27.286379] ================================================================== [ 27.287570] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 27.288709] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.293159] [ 27.293496] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.293690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.293753] Hardware name: linux,dummy-virt (DT) [ 27.293826] Call trace: [ 27.293877] show_stack+0x20/0x38 (C) [ 27.294649] dump_stack_lvl+0x8c/0xd0 [ 27.294770] print_report+0x118/0x608 [ 27.294930] kasan_report+0xdc/0x128 [ 27.295067] kasan_check_range+0x100/0x1a8 [ 27.295197] __kasan_check_write+0x20/0x30 [ 27.295321] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 27.295455] kasan_bitops_generic+0x11c/0x1c8 [ 27.295581] kunit_try_run_case+0x170/0x3f0 [ 27.295700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.295840] kthread+0x318/0x620 [ 27.295978] ret_from_fork+0x10/0x20 [ 27.296102] [ 27.311944] Allocated by task 250: [ 27.312399] kasan_save_stack+0x3c/0x68 [ 27.312811] kasan_save_track+0x20/0x40 [ 27.313847] kasan_save_alloc_info+0x40/0x58 [ 27.315375] __kasan_kmalloc+0xd4/0xd8 [ 27.316186] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.316768] kasan_bitops_generic+0xa0/0x1c8 [ 27.317972] kunit_try_run_case+0x170/0x3f0 [ 27.318364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.318799] kthread+0x318/0x620 [ 27.319208] ret_from_fork+0x10/0x20 [ 27.319564] [ 27.321138] The buggy address belongs to the object at fff00000c596b740 [ 27.321138] which belongs to the cache kmalloc-16 of size 16 [ 27.321966] The buggy address is located 8 bytes inside of [ 27.321966] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.322755] [ 27.325359] The buggy address belongs to the physical page: [ 27.325775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.328226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.329120] page_type: f5(slab) [ 27.329506] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.330133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.330776] page dumped because: kasan: bad access detected [ 27.334562] [ 27.335068] Memory state around the buggy address: [ 27.336312] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.336843] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.338176] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.339860] ^ [ 27.340344] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.340862] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.342669] ================================================================== [ 27.075528] ================================================================== [ 27.077975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 27.080664] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.081255] [ 27.081517] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.081709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.081775] Hardware name: linux,dummy-virt (DT) [ 27.081853] Call trace: [ 27.084959] show_stack+0x20/0x38 (C) [ 27.085102] dump_stack_lvl+0x8c/0xd0 [ 27.085228] print_report+0x118/0x608 [ 27.085367] kasan_report+0xdc/0x128 [ 27.085500] __asan_report_load8_noabort+0x20/0x30 [ 27.085631] kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 27.085781] kasan_bitops_generic+0x11c/0x1c8 [ 27.085938] kunit_try_run_case+0x170/0x3f0 [ 27.086066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.086216] kthread+0x318/0x620 [ 27.086335] ret_from_fork+0x10/0x20 [ 27.086454] [ 27.102439] Allocated by task 250: [ 27.102824] kasan_save_stack+0x3c/0x68 [ 27.104555] kasan_save_track+0x20/0x40 [ 27.107135] kasan_save_alloc_info+0x40/0x58 [ 27.109009] __kasan_kmalloc+0xd4/0xd8 [ 27.110167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.111733] kasan_bitops_generic+0xa0/0x1c8 [ 27.113006] kunit_try_run_case+0x170/0x3f0 [ 27.113443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.114795] kthread+0x318/0x620 [ 27.116029] ret_from_fork+0x10/0x20 [ 27.117174] [ 27.118173] The buggy address belongs to the object at fff00000c596b740 [ 27.118173] which belongs to the cache kmalloc-16 of size 16 [ 27.121459] The buggy address is located 8 bytes inside of [ 27.121459] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.124385] [ 27.125138] The buggy address belongs to the physical page: [ 27.126430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.127068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.127617] page_type: f5(slab) [ 27.129451] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.131756] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.133488] page dumped because: kasan: bad access detected [ 27.135260] [ 27.136324] Memory state around the buggy address: [ 27.137917] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.139840] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.141539] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.142116] ^ [ 27.142597] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.145216] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.147078] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 26.500304] ================================================================== [ 26.502191] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 26.502844] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.503422] [ 26.503680] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.503873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.504865] Hardware name: linux,dummy-virt (DT) [ 26.504972] Call trace: [ 26.505345] show_stack+0x20/0x38 (C) [ 26.505478] dump_stack_lvl+0x8c/0xd0 [ 26.507985] print_report+0x118/0x608 [ 26.508127] kasan_report+0xdc/0x128 [ 26.508256] __asan_report_load8_noabort+0x20/0x30 [ 26.508396] kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 26.508528] kasan_bitops_generic+0x110/0x1c8 [ 26.508647] kunit_try_run_case+0x170/0x3f0 [ 26.508767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.508920] kthread+0x318/0x620 [ 26.509911] ret_from_fork+0x10/0x20 [ 26.510043] [ 26.527744] Allocated by task 250: [ 26.529231] kasan_save_stack+0x3c/0x68 [ 26.531393] kasan_save_track+0x20/0x40 [ 26.533152] kasan_save_alloc_info+0x40/0x58 [ 26.534414] __kasan_kmalloc+0xd4/0xd8 [ 26.535858] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.537194] kasan_bitops_generic+0xa0/0x1c8 [ 26.537615] kunit_try_run_case+0x170/0x3f0 [ 26.539281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.540908] kthread+0x318/0x620 [ 26.541752] ret_from_fork+0x10/0x20 [ 26.543459] [ 26.544189] The buggy address belongs to the object at fff00000c596b740 [ 26.544189] which belongs to the cache kmalloc-16 of size 16 [ 26.545571] The buggy address is located 8 bytes inside of [ 26.545571] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.547558] [ 26.547806] The buggy address belongs to the physical page: [ 26.549498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.551816] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.552860] page_type: f5(slab) [ 26.554051] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.555688] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.557420] page dumped because: kasan: bad access detected [ 26.559028] [ 26.559711] Memory state around the buggy address: [ 26.561248] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.561861] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.563036] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.563572] ^ [ 26.564953] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.566812] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.570226] ================================================================== [ 26.308262] ================================================================== [ 26.309181] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 26.310086] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.310841] [ 26.311215] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.311437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.311526] Hardware name: linux,dummy-virt (DT) [ 26.311623] Call trace: [ 26.311699] show_stack+0x20/0x38 (C) [ 26.311853] dump_stack_lvl+0x8c/0xd0 [ 26.312018] print_report+0x118/0x608 [ 26.312153] kasan_report+0xdc/0x128 [ 26.312266] kasan_check_range+0x100/0x1a8 [ 26.312382] __kasan_check_write+0x20/0x30 [ 26.312497] kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 26.312645] kasan_bitops_generic+0x110/0x1c8 [ 26.312792] kunit_try_run_case+0x170/0x3f0 [ 26.312951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.313153] kthread+0x318/0x620 [ 26.313284] ret_from_fork+0x10/0x20 [ 26.313453] [ 26.321953] Allocated by task 250: [ 26.323955] kasan_save_stack+0x3c/0x68 [ 26.325300] kasan_save_track+0x20/0x40 [ 26.325733] kasan_save_alloc_info+0x40/0x58 [ 26.326403] __kasan_kmalloc+0xd4/0xd8 [ 26.326806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.327278] kasan_bitops_generic+0xa0/0x1c8 [ 26.327694] kunit_try_run_case+0x170/0x3f0 [ 26.329594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.330562] kthread+0x318/0x620 [ 26.331766] ret_from_fork+0x10/0x20 [ 26.332448] [ 26.332838] The buggy address belongs to the object at fff00000c596b740 [ 26.332838] which belongs to the cache kmalloc-16 of size 16 [ 26.336678] The buggy address is located 8 bytes inside of [ 26.336678] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.338206] [ 26.338430] The buggy address belongs to the physical page: [ 26.338823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.341835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.343554] page_type: f5(slab) [ 26.344648] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.348248] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.348843] page dumped because: kasan: bad access detected [ 26.350125] [ 26.350539] Memory state around the buggy address: [ 26.351338] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.352470] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.353980] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.354575] ^ [ 26.355065] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.355584] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.356435] ================================================================== [ 26.781949] ================================================================== [ 26.784680] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 26.787518] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.789616] [ 26.790609] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.790833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.790923] Hardware name: linux,dummy-virt (DT) [ 26.791142] Call trace: [ 26.791203] show_stack+0x20/0x38 (C) [ 26.791330] dump_stack_lvl+0x8c/0xd0 [ 26.791443] print_report+0x118/0x608 [ 26.791562] kasan_report+0xdc/0x128 [ 26.791681] kasan_check_range+0x100/0x1a8 [ 26.791806] __kasan_check_write+0x20/0x30 [ 26.792113] kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 26.792241] kasan_bitops_generic+0x110/0x1c8 [ 26.792365] kunit_try_run_case+0x170/0x3f0 [ 26.792484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.792615] kthread+0x318/0x620 [ 26.792727] ret_from_fork+0x10/0x20 [ 26.792848] [ 26.811286] Allocated by task 250: [ 26.813620] kasan_save_stack+0x3c/0x68 [ 26.814069] kasan_save_track+0x20/0x40 [ 26.814466] kasan_save_alloc_info+0x40/0x58 [ 26.816065] __kasan_kmalloc+0xd4/0xd8 [ 26.817053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.819192] kasan_bitops_generic+0xa0/0x1c8 [ 26.821006] kunit_try_run_case+0x170/0x3f0 [ 26.822529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.824171] kthread+0x318/0x620 [ 26.825640] ret_from_fork+0x10/0x20 [ 26.826469] [ 26.827710] The buggy address belongs to the object at fff00000c596b740 [ 26.827710] which belongs to the cache kmalloc-16 of size 16 [ 26.829470] The buggy address is located 8 bytes inside of [ 26.829470] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.832859] [ 26.833570] The buggy address belongs to the physical page: [ 26.835323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.836475] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.838295] page_type: f5(slab) [ 26.840059] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.841713] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.843142] page dumped because: kasan: bad access detected [ 26.843612] [ 26.843866] Memory state around the buggy address: [ 26.846252] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.848269] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.850297] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.851724] ^ [ 26.853674] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.855150] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.855706] ================================================================== [ 26.934402] ================================================================== [ 26.935981] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 26.939155] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.941340] [ 26.941875] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.942365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.942438] Hardware name: linux,dummy-virt (DT) [ 26.942513] Call trace: [ 26.942570] show_stack+0x20/0x38 (C) [ 26.942692] dump_stack_lvl+0x8c/0xd0 [ 26.942813] print_report+0x118/0x608 [ 26.943234] kasan_report+0xdc/0x128 [ 26.943374] __asan_report_load8_noabort+0x20/0x30 [ 26.943507] kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 26.943644] kasan_bitops_generic+0x110/0x1c8 [ 26.943777] kunit_try_run_case+0x170/0x3f0 [ 26.943924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.944066] kthread+0x318/0x620 [ 26.944184] ret_from_fork+0x10/0x20 [ 26.944306] [ 26.956477] Allocated by task 250: [ 26.958240] kasan_save_stack+0x3c/0x68 [ 26.959253] kasan_save_track+0x20/0x40 [ 26.960317] kasan_save_alloc_info+0x40/0x58 [ 26.961761] __kasan_kmalloc+0xd4/0xd8 [ 26.963109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.964663] kasan_bitops_generic+0xa0/0x1c8 [ 26.966276] kunit_try_run_case+0x170/0x3f0 [ 26.967683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.968181] kthread+0x318/0x620 [ 26.968538] ret_from_fork+0x10/0x20 [ 26.970038] [ 26.970565] The buggy address belongs to the object at fff00000c596b740 [ 26.970565] which belongs to the cache kmalloc-16 of size 16 [ 26.974532] The buggy address is located 8 bytes inside of [ 26.974532] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.977529] [ 26.977796] The buggy address belongs to the physical page: [ 26.979970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.981664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.983651] page_type: f5(slab) [ 26.984907] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.985497] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.987264] page dumped because: kasan: bad access detected [ 26.989026] [ 26.990053] Memory state around the buggy address: [ 26.991536] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.993532] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.994724] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.996948] ^ [ 26.998232] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.998786] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.001381] ================================================================== [ 26.359340] ================================================================== [ 26.362054] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 26.363369] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.364598] [ 26.365092] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.365291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.365360] Hardware name: linux,dummy-virt (DT) [ 26.365444] Call trace: [ 26.365504] show_stack+0x20/0x38 (C) [ 26.365629] dump_stack_lvl+0x8c/0xd0 [ 26.365749] print_report+0x118/0x608 [ 26.365867] kasan_report+0xdc/0x128 [ 26.366837] __asan_report_load8_noabort+0x20/0x30 [ 26.366996] kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 26.367153] kasan_bitops_generic+0x110/0x1c8 [ 26.367299] kunit_try_run_case+0x170/0x3f0 [ 26.367445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.367603] kthread+0x318/0x620 [ 26.367748] ret_from_fork+0x10/0x20 [ 26.367918] [ 26.378405] Allocated by task 250: [ 26.379266] kasan_save_stack+0x3c/0x68 [ 26.380079] kasan_save_track+0x20/0x40 [ 26.380525] kasan_save_alloc_info+0x40/0x58 [ 26.380946] __kasan_kmalloc+0xd4/0xd8 [ 26.382535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.383401] kasan_bitops_generic+0xa0/0x1c8 [ 26.384186] kunit_try_run_case+0x170/0x3f0 [ 26.384956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.386334] kthread+0x318/0x620 [ 26.386987] ret_from_fork+0x10/0x20 [ 26.387573] [ 26.387813] The buggy address belongs to the object at fff00000c596b740 [ 26.387813] which belongs to the cache kmalloc-16 of size 16 [ 26.391430] The buggy address is located 8 bytes inside of [ 26.391430] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.395404] [ 26.396442] The buggy address belongs to the physical page: [ 26.398252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.398857] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.399407] page_type: f5(slab) [ 26.399764] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.404021] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.406488] page dumped because: kasan: bad access detected [ 26.408081] [ 26.408912] Memory state around the buggy address: [ 26.410471] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.412916] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.415564] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.416858] ^ [ 26.419245] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.420734] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.423738] ================================================================== [ 26.707359] ================================================================== [ 26.711311] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 26.712659] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.713261] [ 26.713529] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.713725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.713795] Hardware name: linux,dummy-virt (DT) [ 26.713875] Call trace: [ 26.715437] show_stack+0x20/0x38 (C) [ 26.715577] dump_stack_lvl+0x8c/0xd0 [ 26.715710] print_report+0x118/0x608 [ 26.715839] kasan_report+0xdc/0x128 [ 26.715990] __asan_report_load8_noabort+0x20/0x30 [ 26.716110] kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 26.716242] kasan_bitops_generic+0x110/0x1c8 [ 26.716365] kunit_try_run_case+0x170/0x3f0 [ 26.716484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.716617] kthread+0x318/0x620 [ 26.716728] ret_from_fork+0x10/0x20 [ 26.716850] [ 26.734842] Allocated by task 250: [ 26.735929] kasan_save_stack+0x3c/0x68 [ 26.736363] kasan_save_track+0x20/0x40 [ 26.736746] kasan_save_alloc_info+0x40/0x58 [ 26.738467] __kasan_kmalloc+0xd4/0xd8 [ 26.740289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.741962] kasan_bitops_generic+0xa0/0x1c8 [ 26.743461] kunit_try_run_case+0x170/0x3f0 [ 26.744748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.745258] kthread+0x318/0x620 [ 26.745620] ret_from_fork+0x10/0x20 [ 26.747387] [ 26.748276] The buggy address belongs to the object at fff00000c596b740 [ 26.748276] which belongs to the cache kmalloc-16 of size 16 [ 26.751468] The buggy address is located 8 bytes inside of [ 26.751468] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.754585] [ 26.754855] The buggy address belongs to the physical page: [ 26.756714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.758414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.759931] page_type: f5(slab) [ 26.761422] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.763076] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.764639] page dumped because: kasan: bad access detected [ 26.765130] [ 26.765371] Memory state around the buggy address: [ 26.765776] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.768721] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.770855] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.772821] ^ [ 26.774629] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.775965] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.777579] ================================================================== [ 26.571577] ================================================================== [ 26.574638] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 26.575650] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.579468] [ 26.581844] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.582323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.582403] Hardware name: linux,dummy-virt (DT) [ 26.582496] Call trace: [ 26.582555] show_stack+0x20/0x38 (C) [ 26.582688] dump_stack_lvl+0x8c/0xd0 [ 26.582816] print_report+0x118/0x608 [ 26.582956] kasan_report+0xdc/0x128 [ 26.583081] kasan_check_range+0x100/0x1a8 [ 26.583203] __kasan_check_write+0x20/0x30 [ 26.583326] kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 26.583463] kasan_bitops_generic+0x110/0x1c8 [ 26.583590] kunit_try_run_case+0x170/0x3f0 [ 26.583715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.583855] kthread+0x318/0x620 [ 26.583986] ret_from_fork+0x10/0x20 [ 26.584115] [ 26.598696] Allocated by task 250: [ 26.601212] kasan_save_stack+0x3c/0x68 [ 26.601778] kasan_save_track+0x20/0x40 [ 26.603163] kasan_save_alloc_info+0x40/0x58 [ 26.603819] __kasan_kmalloc+0xd4/0xd8 [ 26.605059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.605505] kasan_bitops_generic+0xa0/0x1c8 [ 26.605927] kunit_try_run_case+0x170/0x3f0 [ 26.606571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.608815] kthread+0x318/0x620 [ 26.609580] ret_from_fork+0x10/0x20 [ 26.610740] [ 26.611037] The buggy address belongs to the object at fff00000c596b740 [ 26.611037] which belongs to the cache kmalloc-16 of size 16 [ 26.613177] The buggy address is located 8 bytes inside of [ 26.613177] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.614705] [ 26.615068] The buggy address belongs to the physical page: [ 26.615493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.617389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.618461] page_type: f5(slab) [ 26.619671] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.621300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.622649] page dumped because: kasan: bad access detected [ 26.623721] [ 26.624031] Memory state around the buggy address: [ 26.624616] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.626535] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.627780] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.629330] ^ [ 26.630034] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.630585] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.631343] ================================================================== [ 26.635457] ================================================================== [ 26.638025] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 26.642024] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.644512] [ 26.644777] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.644982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.645053] Hardware name: linux,dummy-virt (DT) [ 26.645129] Call trace: [ 26.645178] show_stack+0x20/0x38 (C) [ 26.645290] dump_stack_lvl+0x8c/0xd0 [ 26.645400] print_report+0x118/0x608 [ 26.645506] kasan_report+0xdc/0x128 [ 26.645609] kasan_check_range+0x100/0x1a8 [ 26.645710] __kasan_check_write+0x20/0x30 [ 26.645810] kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 26.646633] kasan_bitops_generic+0x110/0x1c8 [ 26.646764] kunit_try_run_case+0x170/0x3f0 [ 26.646908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.647043] kthread+0x318/0x620 [ 26.647158] ret_from_fork+0x10/0x20 [ 26.647277] [ 26.660795] Allocated by task 250: [ 26.662233] kasan_save_stack+0x3c/0x68 [ 26.663623] kasan_save_track+0x20/0x40 [ 26.664994] kasan_save_alloc_info+0x40/0x58 [ 26.666475] __kasan_kmalloc+0xd4/0xd8 [ 26.666874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.668809] kasan_bitops_generic+0xa0/0x1c8 [ 26.670341] kunit_try_run_case+0x170/0x3f0 [ 26.671392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.672614] kthread+0x318/0x620 [ 26.673786] ret_from_fork+0x10/0x20 [ 26.674315] [ 26.674559] The buggy address belongs to the object at fff00000c596b740 [ 26.674559] which belongs to the cache kmalloc-16 of size 16 [ 26.675379] The buggy address is located 8 bytes inside of [ 26.675379] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.678798] [ 26.680415] The buggy address belongs to the physical page: [ 26.681714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.684027] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.685963] page_type: f5(slab) [ 26.687437] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.689737] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.690539] page dumped because: kasan: bad access detected [ 26.692271] [ 26.692990] Memory state around the buggy address: [ 26.694651] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.696489] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.697063] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.697600] ^ [ 26.699604] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.701918] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.703896] ================================================================== [ 26.860619] ================================================================== [ 26.863573] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 26.866114] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.869148] [ 26.870349] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.870546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.870615] Hardware name: linux,dummy-virt (DT) [ 26.870695] Call trace: [ 26.870761] show_stack+0x20/0x38 (C) [ 26.870910] dump_stack_lvl+0x8c/0xd0 [ 26.871031] print_report+0x118/0x608 [ 26.871151] kasan_report+0xdc/0x128 [ 26.871262] kasan_check_range+0x100/0x1a8 [ 26.871377] __kasan_check_write+0x20/0x30 [ 26.871487] kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 26.871615] kasan_bitops_generic+0x110/0x1c8 [ 26.871734] kunit_try_run_case+0x170/0x3f0 [ 26.871848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.871997] kthread+0x318/0x620 [ 26.872112] ret_from_fork+0x10/0x20 [ 26.872229] [ 26.888066] Allocated by task 250: [ 26.889418] kasan_save_stack+0x3c/0x68 [ 26.890853] kasan_save_track+0x20/0x40 [ 26.892303] kasan_save_alloc_info+0x40/0x58 [ 26.893767] __kasan_kmalloc+0xd4/0xd8 [ 26.895022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.895461] kasan_bitops_generic+0xa0/0x1c8 [ 26.895878] kunit_try_run_case+0x170/0x3f0 [ 26.898601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.899808] kthread+0x318/0x620 [ 26.901189] ret_from_fork+0x10/0x20 [ 26.902623] [ 26.903543] The buggy address belongs to the object at fff00000c596b740 [ 26.903543] which belongs to the cache kmalloc-16 of size 16 [ 26.904855] The buggy address is located 8 bytes inside of [ 26.904855] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.908792] [ 26.909555] The buggy address belongs to the physical page: [ 26.910272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.910878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.913423] page_type: f5(slab) [ 26.914821] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.916870] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.917461] page dumped because: kasan: bad access detected [ 26.918931] [ 26.919479] Memory state around the buggy address: [ 26.921380] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.922869] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.925126] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.926524] ^ [ 26.927016] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.927579] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.930507] ================================================================== [ 26.427625] ================================================================== [ 26.430036] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 26.433525] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 26.435550] [ 26.436016] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.436451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.436524] Hardware name: linux,dummy-virt (DT) [ 26.436604] Call trace: [ 26.436658] show_stack+0x20/0x38 (C) [ 26.436788] dump_stack_lvl+0x8c/0xd0 [ 26.436927] print_report+0x118/0x608 [ 26.437156] kasan_report+0xdc/0x128 [ 26.438305] kasan_check_range+0x100/0x1a8 [ 26.438433] __kasan_check_write+0x20/0x30 [ 26.438545] kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 26.438674] kasan_bitops_generic+0x110/0x1c8 [ 26.438791] kunit_try_run_case+0x170/0x3f0 [ 26.438932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.439065] kthread+0x318/0x620 [ 26.439178] ret_from_fork+0x10/0x20 [ 26.439294] [ 26.454262] Allocated by task 250: [ 26.454632] kasan_save_stack+0x3c/0x68 [ 26.455054] kasan_save_track+0x20/0x40 [ 26.455446] kasan_save_alloc_info+0x40/0x58 [ 26.455843] __kasan_kmalloc+0xd4/0xd8 [ 26.458024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.459343] kasan_bitops_generic+0xa0/0x1c8 [ 26.460959] kunit_try_run_case+0x170/0x3f0 [ 26.462914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.464277] kthread+0x318/0x620 [ 26.465591] ret_from_fork+0x10/0x20 [ 26.466496] [ 26.467317] The buggy address belongs to the object at fff00000c596b740 [ 26.467317] which belongs to the cache kmalloc-16 of size 16 [ 26.471216] The buggy address is located 8 bytes inside of [ 26.471216] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 26.472640] [ 26.473618] The buggy address belongs to the physical page: [ 26.474820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 26.477865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.478962] page_type: f5(slab) [ 26.479329] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 26.480293] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.482866] page dumped because: kasan: bad access detected [ 26.484092] [ 26.484677] Memory state around the buggy address: [ 26.486835] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 26.488373] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 26.488945] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.491493] ^ [ 26.494236] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.495571] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.496876] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 26.255721] ================================================================== [ 26.257103] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 26.258189] Read of size 1 at addr fff00000c64bc790 by task kunit_try_catch/248 [ 26.259501] [ 26.260422] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.260639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.260727] Hardware name: linux,dummy-virt (DT) [ 26.260794] Call trace: [ 26.260828] show_stack+0x20/0x38 (C) [ 26.260928] dump_stack_lvl+0x8c/0xd0 [ 26.260996] print_report+0x118/0x608 [ 26.261130] kasan_report+0xdc/0x128 [ 26.261260] __asan_report_load1_noabort+0x20/0x30 [ 26.261379] strnlen+0x80/0x88 [ 26.261435] kasan_strings+0x364/0x8d8 [ 26.261493] kunit_try_run_case+0x170/0x3f0 [ 26.261552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.261616] kthread+0x318/0x620 [ 26.261673] ret_from_fork+0x10/0x20 [ 26.261734] [ 26.270210] Allocated by task 248: [ 26.270693] kasan_save_stack+0x3c/0x68 [ 26.271168] kasan_save_track+0x20/0x40 [ 26.271725] kasan_save_alloc_info+0x40/0x58 [ 26.273124] __kasan_kmalloc+0xd4/0xd8 [ 26.273671] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.274563] kasan_strings+0xb0/0x8d8 [ 26.275167] kunit_try_run_case+0x170/0x3f0 [ 26.275722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.276409] kthread+0x318/0x620 [ 26.276937] ret_from_fork+0x10/0x20 [ 26.278419] [ 26.278700] Freed by task 248: [ 26.279065] kasan_save_stack+0x3c/0x68 [ 26.279660] kasan_save_track+0x20/0x40 [ 26.280237] kasan_save_free_info+0x4c/0x78 [ 26.280831] __kasan_slab_free+0x6c/0x98 [ 26.281626] kfree+0x214/0x3c8 [ 26.282083] kasan_strings+0x124/0x8d8 [ 26.282664] kunit_try_run_case+0x170/0x3f0 [ 26.283299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.284000] kthread+0x318/0x620 [ 26.284977] ret_from_fork+0x10/0x20 [ 26.285505] [ 26.285920] The buggy address belongs to the object at fff00000c64bc780 [ 26.285920] which belongs to the cache kmalloc-32 of size 32 [ 26.287070] The buggy address is located 16 bytes inside of [ 26.287070] freed 32-byte region [fff00000c64bc780, fff00000c64bc7a0) [ 26.288140] [ 26.288414] The buggy address belongs to the physical page: [ 26.289145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 26.290088] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.290815] page_type: f5(slab) [ 26.291288] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.292297] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.293196] page dumped because: kasan: bad access detected [ 26.294006] [ 26.294484] Memory state around the buggy address: [ 26.295794] fff00000c64bc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.296554] fff00000c64bc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.297668] >fff00000c64bc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.298583] ^ [ 26.299144] fff00000c64bc800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.299978] fff00000c64bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.300737] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 25.918332] ================================================================== [ 25.919767] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2e4/0x348 [ 25.920716] Read of size 1 at addr ffff800080ba7b4a by task kunit_try_catch/242 [ 25.922120] [ 25.922404] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.922600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.922671] Hardware name: linux,dummy-virt (DT) [ 25.922752] Call trace: [ 25.922810] show_stack+0x20/0x38 (C) [ 25.923416] dump_stack_lvl+0x8c/0xd0 [ 25.923552] print_report+0x310/0x608 [ 25.923673] kasan_report+0xdc/0x128 [ 25.923789] __asan_report_load1_noabort+0x20/0x30 [ 25.924861] kasan_alloca_oob_right+0x2e4/0x348 [ 25.925514] kunit_try_run_case+0x170/0x3f0 [ 25.925826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.925981] kthread+0x318/0x620 [ 25.926099] ret_from_fork+0x10/0x20 [ 25.926229] [ 25.935713] The buggy address belongs to stack of task kunit_try_catch/242 [ 25.938485] [ 25.939711] The buggy address belongs to the virtual mapping at [ 25.939711] [ffff800080ba0000, ffff800080ba9000) created by: [ 25.939711] kernel_clone+0x150/0x7a8 [ 25.940862] [ 25.943750] The buggy address belongs to the physical page: [ 25.945282] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c1 [ 25.946629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.947962] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.948538] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.950693] page dumped because: kasan: bad access detected [ 25.951560] [ 25.952677] Memory state around the buggy address: [ 25.955513] ffff800080ba7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.958478] ffff800080ba7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.962704] >ffff800080ba7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 25.963591] ^ [ 25.966226] ffff800080ba7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 25.969547] ffff800080ba7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.970642] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 26.207258] ================================================================== [ 26.207957] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 26.208620] Read of size 1 at addr fff00000c64bc790 by task kunit_try_catch/248 [ 26.210214] [ 26.210554] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.210784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.210869] Hardware name: linux,dummy-virt (DT) [ 26.210984] Call trace: [ 26.211055] show_stack+0x20/0x38 (C) [ 26.211126] dump_stack_lvl+0x8c/0xd0 [ 26.211189] print_report+0x118/0x608 [ 26.211251] kasan_report+0xdc/0x128 [ 26.211310] __asan_report_load1_noabort+0x20/0x30 [ 26.211371] strlen+0xa8/0xb0 [ 26.211430] kasan_strings+0x304/0x8d8 [ 26.211491] kunit_try_run_case+0x170/0x3f0 [ 26.211552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.211618] kthread+0x318/0x620 [ 26.211676] ret_from_fork+0x10/0x20 [ 26.211737] [ 26.219046] Allocated by task 248: [ 26.219545] kasan_save_stack+0x3c/0x68 [ 26.220412] kasan_save_track+0x20/0x40 [ 26.220916] kasan_save_alloc_info+0x40/0x58 [ 26.221952] __kasan_kmalloc+0xd4/0xd8 [ 26.222488] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.223146] kasan_strings+0xb0/0x8d8 [ 26.223586] kunit_try_run_case+0x170/0x3f0 [ 26.224179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.224831] kthread+0x318/0x620 [ 26.226226] ret_from_fork+0x10/0x20 [ 26.226729] [ 26.227053] Freed by task 248: [ 26.227523] kasan_save_stack+0x3c/0x68 [ 26.228070] kasan_save_track+0x20/0x40 [ 26.228525] kasan_save_free_info+0x4c/0x78 [ 26.229151] __kasan_slab_free+0x6c/0x98 [ 26.229876] kfree+0x214/0x3c8 [ 26.230321] kasan_strings+0x124/0x8d8 [ 26.230932] kunit_try_run_case+0x170/0x3f0 [ 26.231484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.232195] kthread+0x318/0x620 [ 26.232686] ret_from_fork+0x10/0x20 [ 26.233909] [ 26.234245] The buggy address belongs to the object at fff00000c64bc780 [ 26.234245] which belongs to the cache kmalloc-32 of size 32 [ 26.235316] The buggy address is located 16 bytes inside of [ 26.235316] freed 32-byte region [fff00000c64bc780, fff00000c64bc7a0) [ 26.237267] [ 26.237639] The buggy address belongs to the physical page: [ 26.238690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 26.239549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.241868] page_type: f5(slab) [ 26.242521] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.243320] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.244434] page dumped because: kasan: bad access detected [ 26.245394] [ 26.247041] Memory state around the buggy address: [ 26.247871] fff00000c64bc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.249058] fff00000c64bc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.250198] >fff00000c64bc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.250732] ^ [ 26.251407] fff00000c64bc800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.252566] fff00000c64bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.253726] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 26.163283] ================================================================== [ 26.163939] BUG: KASAN: slab-use-after-free in kasan_strings+0x838/0x8d8 [ 26.164741] Read of size 1 at addr fff00000c64bc790 by task kunit_try_catch/248 [ 26.165584] [ 26.166377] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.166592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.166679] Hardware name: linux,dummy-virt (DT) [ 26.166725] Call trace: [ 26.166755] show_stack+0x20/0x38 (C) [ 26.166840] dump_stack_lvl+0x8c/0xd0 [ 26.166991] print_report+0x118/0x608 [ 26.167107] kasan_report+0xdc/0x128 [ 26.167226] __asan_report_load1_noabort+0x20/0x30 [ 26.167371] kasan_strings+0x838/0x8d8 [ 26.167510] kunit_try_run_case+0x170/0x3f0 [ 26.167655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.167730] kthread+0x318/0x620 [ 26.167789] ret_from_fork+0x10/0x20 [ 26.167854] [ 26.175182] Allocated by task 248: [ 26.175661] kasan_save_stack+0x3c/0x68 [ 26.176162] kasan_save_track+0x20/0x40 [ 26.176699] kasan_save_alloc_info+0x40/0x58 [ 26.177358] __kasan_kmalloc+0xd4/0xd8 [ 26.178739] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.179322] kasan_strings+0xb0/0x8d8 [ 26.179818] kunit_try_run_case+0x170/0x3f0 [ 26.180384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.181029] kthread+0x318/0x620 [ 26.181510] ret_from_fork+0x10/0x20 [ 26.182028] [ 26.182338] Freed by task 248: [ 26.182808] kasan_save_stack+0x3c/0x68 [ 26.183778] kasan_save_track+0x20/0x40 [ 26.184357] kasan_save_free_info+0x4c/0x78 [ 26.184900] __kasan_slab_free+0x6c/0x98 [ 26.186230] kfree+0x214/0x3c8 [ 26.186858] kasan_strings+0x124/0x8d8 [ 26.187334] kunit_try_run_case+0x170/0x3f0 [ 26.187811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.188585] kthread+0x318/0x620 [ 26.189073] ret_from_fork+0x10/0x20 [ 26.189506] [ 26.189857] The buggy address belongs to the object at fff00000c64bc780 [ 26.189857] which belongs to the cache kmalloc-32 of size 32 [ 26.191103] The buggy address is located 16 bytes inside of [ 26.191103] freed 32-byte region [fff00000c64bc780, fff00000c64bc7a0) [ 26.192768] [ 26.193328] The buggy address belongs to the physical page: [ 26.194462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 26.194832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.195988] page_type: f5(slab) [ 26.196638] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.197553] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.198498] page dumped because: kasan: bad access detected [ 26.199248] [ 26.199598] Memory state around the buggy address: [ 26.200185] fff00000c64bc680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.200986] fff00000c64bc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.202418] >fff00000c64bc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.203148] ^ [ 26.203644] fff00000c64bc800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.204405] fff00000c64bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.205112] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 26.113505] ================================================================== [ 26.118917] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 26.120374] Read of size 1 at addr fff00000c64bc790 by task kunit_try_catch/248 [ 26.123812] [ 26.124217] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.124412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.124482] Hardware name: linux,dummy-virt (DT) [ 26.124567] Call trace: [ 26.124639] show_stack+0x20/0x38 (C) [ 26.124793] dump_stack_lvl+0x8c/0xd0 [ 26.124985] print_report+0x118/0x608 [ 26.125186] kasan_report+0xdc/0x128 [ 26.125333] __asan_report_load1_noabort+0x20/0x30 [ 26.125478] strcmp+0xc0/0xc8 [ 26.125637] kasan_strings+0x228/0x8d8 [ 26.125734] kunit_try_run_case+0x170/0x3f0 [ 26.125797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.125865] kthread+0x318/0x620 [ 26.125954] ret_from_fork+0x10/0x20 [ 26.126020] [ 26.132221] Allocated by task 248: [ 26.132685] kasan_save_stack+0x3c/0x68 [ 26.133221] kasan_save_track+0x20/0x40 [ 26.133760] kasan_save_alloc_info+0x40/0x58 [ 26.134370] __kasan_kmalloc+0xd4/0xd8 [ 26.134814] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.135451] kasan_strings+0xb0/0x8d8 [ 26.136426] kunit_try_run_case+0x170/0x3f0 [ 26.136979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.137532] kthread+0x318/0x620 [ 26.138538] ret_from_fork+0x10/0x20 [ 26.139309] [ 26.139750] Freed by task 248: [ 26.140100] kasan_save_stack+0x3c/0x68 [ 26.140714] kasan_save_track+0x20/0x40 [ 26.141148] kasan_save_free_info+0x4c/0x78 [ 26.141707] __kasan_slab_free+0x6c/0x98 [ 26.142345] kfree+0x214/0x3c8 [ 26.142795] kasan_strings+0x124/0x8d8 [ 26.143704] kunit_try_run_case+0x170/0x3f0 [ 26.144324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.144973] kthread+0x318/0x620 [ 26.146292] ret_from_fork+0x10/0x20 [ 26.146767] [ 26.147103] The buggy address belongs to the object at fff00000c64bc780 [ 26.147103] which belongs to the cache kmalloc-32 of size 32 [ 26.148242] The buggy address is located 16 bytes inside of [ 26.148242] freed 32-byte region [fff00000c64bc780, fff00000c64bc7a0) [ 26.149730] [ 26.150063] The buggy address belongs to the physical page: [ 26.150659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 26.151636] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.152408] page_type: f5(slab) [ 26.152894] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.154353] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.155150] page dumped because: kasan: bad access detected [ 26.155727] [ 26.156053] Memory state around the buggy address: [ 26.156606] fff00000c64bc680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.157715] fff00000c64bc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.158338] >fff00000c64bc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.159100] ^ [ 26.159587] fff00000c64bc800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.160421] fff00000c64bc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.161928] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 26.024796] ================================================================== [ 26.028137] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 26.032215] Read of size 1 at addr fff00000c64bc658 by task kunit_try_catch/246 [ 26.033643] [ 26.035459] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.035665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.035736] Hardware name: linux,dummy-virt (DT) [ 26.035817] Call trace: [ 26.035874] show_stack+0x20/0x38 (C) [ 26.036034] dump_stack_lvl+0x8c/0xd0 [ 26.036152] print_report+0x118/0x608 [ 26.036360] kasan_report+0xdc/0x128 [ 26.036481] __asan_report_load1_noabort+0x20/0x30 [ 26.036598] memcmp+0x198/0x1d8 [ 26.036708] kasan_memcmp+0x16c/0x300 [ 26.036822] kunit_try_run_case+0x170/0x3f0 [ 26.036964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.037104] kthread+0x318/0x620 [ 26.037224] ret_from_fork+0x10/0x20 [ 26.037347] [ 26.050767] Allocated by task 246: [ 26.051172] kasan_save_stack+0x3c/0x68 [ 26.051586] kasan_save_track+0x20/0x40 [ 26.053710] kasan_save_alloc_info+0x40/0x58 [ 26.055312] __kasan_kmalloc+0xd4/0xd8 [ 26.055945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.056378] kasan_memcmp+0xbc/0x300 [ 26.056742] kunit_try_run_case+0x170/0x3f0 [ 26.059500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.060571] kthread+0x318/0x620 [ 26.061528] ret_from_fork+0x10/0x20 [ 26.062994] [ 26.063303] The buggy address belongs to the object at fff00000c64bc640 [ 26.063303] which belongs to the cache kmalloc-32 of size 32 [ 26.066501] The buggy address is located 0 bytes to the right of [ 26.066501] allocated 24-byte region [fff00000c64bc640, fff00000c64bc658) [ 26.067375] [ 26.067616] The buggy address belongs to the physical page: [ 26.069242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 26.071351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.074498] page_type: f5(slab) [ 26.075393] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.077146] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.079550] page dumped because: kasan: bad access detected [ 26.080374] [ 26.080613] Memory state around the buggy address: [ 26.081805] fff00000c64bc500: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.084243] fff00000c64bc580: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 26.086158] >fff00000c64bc600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.086795] ^ [ 26.088718] fff00000c64bc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.090621] fff00000c64bc700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.092427] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 25.836480] ================================================================== [ 25.840298] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 25.843425] Read of size 1 at addr ffff800080ba7b5f by task kunit_try_catch/240 [ 25.844080] [ 25.844345] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.844542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.844613] Hardware name: linux,dummy-virt (DT) [ 25.844690] Call trace: [ 25.844750] show_stack+0x20/0x38 (C) [ 25.844874] dump_stack_lvl+0x8c/0xd0 [ 25.847707] print_report+0x310/0x608 [ 25.847837] kasan_report+0xdc/0x128 [ 25.847973] __asan_report_load1_noabort+0x20/0x30 [ 25.848097] kasan_alloca_oob_left+0x2b8/0x310 [ 25.848219] kunit_try_run_case+0x170/0x3f0 [ 25.848335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.848465] kthread+0x318/0x620 [ 25.848577] ret_from_fork+0x10/0x20 [ 25.848698] [ 25.864912] The buggy address belongs to stack of task kunit_try_catch/240 [ 25.866512] [ 25.866775] The buggy address belongs to the virtual mapping at [ 25.866775] [ffff800080ba0000, ffff800080ba9000) created by: [ 25.866775] kernel_clone+0x150/0x7a8 [ 25.871294] [ 25.871623] The buggy address belongs to the physical page: [ 25.872083] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c1 [ 25.872677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.874447] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.875397] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.878352] page dumped because: kasan: bad access detected [ 25.878802] [ 25.879052] Memory state around the buggy address: [ 25.879459] ffff800080ba7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.881678] ffff800080ba7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.882726] >ffff800080ba7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 25.883552] ^ [ 25.886276] ffff800080ba7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 25.887128] ffff800080ba7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.889497] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 25.754660] ================================================================== [ 25.759629] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 25.760781] Read of size 1 at addr ffff800080b87c2a by task kunit_try_catch/238 [ 25.763908] [ 25.764357] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.764553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.764614] Hardware name: linux,dummy-virt (DT) [ 25.764690] Call trace: [ 25.764743] show_stack+0x20/0x38 (C) [ 25.765477] dump_stack_lvl+0x8c/0xd0 [ 25.765619] print_report+0x310/0x608 [ 25.765730] kasan_report+0xdc/0x128 [ 25.765842] __asan_report_load1_noabort+0x20/0x30 [ 25.765976] kasan_stack_oob+0x238/0x270 [ 25.766086] kunit_try_run_case+0x170/0x3f0 [ 25.766212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.766339] kthread+0x318/0x620 [ 25.766442] ret_from_fork+0x10/0x20 [ 25.766557] [ 25.779196] The buggy address belongs to stack of task kunit_try_catch/238 [ 25.779847] and is located at offset 138 in frame: [ 25.780621] kasan_stack_oob+0x0/0x270 [ 25.783041] [ 25.783864] This frame has 4 objects: [ 25.784546] [48, 49) '__assertion' [ 25.784681] [64, 72) 'array' [ 25.786504] [96, 112) '__assertion' [ 25.787604] [128, 138) 'stack_array' [ 25.788781] [ 25.791098] The buggy address belongs to the virtual mapping at [ 25.791098] [ffff800080b80000, ffff800080b89000) created by: [ 25.791098] kernel_clone+0x150/0x7a8 [ 25.793781] [ 25.794045] The buggy address belongs to the physical page: [ 25.794492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065dc [ 25.795103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.795655] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.799309] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.800920] page dumped because: kasan: bad access detected [ 25.802999] [ 25.803880] Memory state around the buggy address: [ 25.804775] ffff800080b87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.805580] ffff800080b87b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 25.807254] >ffff800080b87c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 25.808361] ^ [ 25.810388] ffff800080b87c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 25.811594] ffff800080b87d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.812184] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 25.633945] ================================================================== [ 25.638315] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 25.638934] Read of size 1 at addr ffffadfe26a780cd by task kunit_try_catch/234 [ 25.639484] [ 25.639758] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.642589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.642670] Hardware name: linux,dummy-virt (DT) [ 25.642754] Call trace: [ 25.642821] show_stack+0x20/0x38 (C) [ 25.642977] dump_stack_lvl+0x8c/0xd0 [ 25.643091] print_report+0x310/0x608 [ 25.643208] kasan_report+0xdc/0x128 [ 25.643316] __asan_report_load1_noabort+0x20/0x30 [ 25.643435] kasan_global_oob_right+0x230/0x270 [ 25.643546] kunit_try_run_case+0x170/0x3f0 [ 25.643664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.643789] kthread+0x318/0x620 [ 25.646152] ret_from_fork+0x10/0x20 [ 25.646321] [ 25.661905] The buggy address belongs to the variable: [ 25.662370] global_array+0xd/0x40 [ 25.662770] [ 25.663357] The buggy address belongs to the virtual mapping at [ 25.663357] [ffffadfe24d00000, ffffadfe26b31000) created by: [ 25.663357] paging_init+0x66c/0x7d0 [ 25.668818] [ 25.671783] The buggy address belongs to the physical page: [ 25.672739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47a78 [ 25.676100] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 25.676715] raw: 03fffe0000002000 ffffc1ffc01e9e08 ffffc1ffc01e9e08 0000000000000000 [ 25.677304] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.677846] page dumped because: kasan: bad access detected [ 25.679866] [ 25.681192] Memory state around the buggy address: [ 25.684089] ffffadfe26a77f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.685253] ffffadfe26a78000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.686441] >ffffadfe26a78080: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 25.689338] ^ [ 25.689794] ffffadfe26a78100: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 25.690383] ffffadfe26a78180: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 25.692937] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 25.552011] ================================================================== [ 25.553269] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 25.554149] Free of addr fff00000c6610001 by task kunit_try_catch/232 [ 25.554847] [ 25.555199] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.555330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.555363] Hardware name: linux,dummy-virt (DT) [ 25.555434] Call trace: [ 25.555501] show_stack+0x20/0x38 (C) [ 25.555646] dump_stack_lvl+0x8c/0xd0 [ 25.555850] print_report+0x118/0x608 [ 25.556021] kasan_report_invalid_free+0xc0/0xe8 [ 25.556160] __kasan_mempool_poison_object+0xfc/0x150 [ 25.556342] mempool_free+0x28c/0x328 [ 25.556485] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 25.556615] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 25.556747] kunit_try_run_case+0x170/0x3f0 [ 25.556898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.557092] kthread+0x318/0x620 [ 25.557225] ret_from_fork+0x10/0x20 [ 25.557349] [ 25.564192] The buggy address belongs to the physical page: [ 25.564765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106610 [ 25.567227] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.568385] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.571595] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.572269] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.572851] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.574778] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.579104] head: 0bfffe0000000002 ffffc1ffc3198401 ffffffffffffffff 0000000000000000 [ 25.582343] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.585728] page dumped because: kasan: bad access detected [ 25.588147] [ 25.588385] Memory state around the buggy address: [ 25.588785] fff00000c660ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.591749] fff00000c660ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.595197] >fff00000c6610000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.598425] ^ [ 25.599053] fff00000c6610080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.602804] fff00000c6610100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.606140] ================================================================== [ 25.458980] ================================================================== [ 25.462650] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 25.464416] Free of addr fff00000c6414501 by task kunit_try_catch/230 [ 25.466711] [ 25.467470] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.467734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.467800] Hardware name: linux,dummy-virt (DT) [ 25.467872] Call trace: [ 25.467949] show_stack+0x20/0x38 (C) [ 25.468072] dump_stack_lvl+0x8c/0xd0 [ 25.468185] print_report+0x118/0x608 [ 25.468296] kasan_report_invalid_free+0xc0/0xe8 [ 25.468416] check_slab_allocation+0xfc/0x108 [ 25.468535] __kasan_mempool_poison_object+0x78/0x150 [ 25.468661] mempool_free+0x28c/0x328 [ 25.468775] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 25.468918] mempool_kmalloc_invalid_free+0xc0/0x118 [ 25.469389] kunit_try_run_case+0x170/0x3f0 [ 25.469522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.469647] kthread+0x318/0x620 [ 25.469754] ret_from_fork+0x10/0x20 [ 25.469871] [ 25.488564] Allocated by task 230: [ 25.490708] kasan_save_stack+0x3c/0x68 [ 25.491686] kasan_save_track+0x20/0x40 [ 25.493611] kasan_save_alloc_info+0x40/0x58 [ 25.494961] __kasan_mempool_unpoison_object+0x11c/0x180 [ 25.495979] remove_element+0x130/0x1f8 [ 25.498094] mempool_alloc_preallocated+0x58/0xc0 [ 25.499409] mempool_kmalloc_invalid_free_helper+0x94/0x2a0 [ 25.500275] mempool_kmalloc_invalid_free+0xc0/0x118 [ 25.500718] kunit_try_run_case+0x170/0x3f0 [ 25.502479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.504150] kthread+0x318/0x620 [ 25.506518] ret_from_fork+0x10/0x20 [ 25.507466] [ 25.508311] The buggy address belongs to the object at fff00000c6414500 [ 25.508311] which belongs to the cache kmalloc-128 of size 128 [ 25.511927] The buggy address is located 1 bytes inside of [ 25.511927] 128-byte region [fff00000c6414500, fff00000c6414580) [ 25.514640] [ 25.514902] The buggy address belongs to the physical page: [ 25.515343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 25.516548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.518919] page_type: f5(slab) [ 25.519787] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.522669] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.524493] page dumped because: kasan: bad access detected [ 25.526621] [ 25.527231] Memory state around the buggy address: [ 25.528340] fff00000c6414400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.530173] fff00000c6414480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.532539] >fff00000c6414500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.534761] ^ [ 25.535807] fff00000c6414580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.536698] fff00000c6414600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.539439] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 25.383635] ================================================================== [ 25.387389] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 25.388764] Free of addr fff00000c6594000 by task kunit_try_catch/228 [ 25.391611] [ 25.392413] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.392676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.392742] Hardware name: linux,dummy-virt (DT) [ 25.392812] Call trace: [ 25.392868] show_stack+0x20/0x38 (C) [ 25.393418] dump_stack_lvl+0x8c/0xd0 [ 25.393549] print_report+0x118/0x608 [ 25.393661] kasan_report_invalid_free+0xc0/0xe8 [ 25.393786] __kasan_mempool_poison_pages+0xe0/0xe8 [ 25.393929] mempool_free+0x24c/0x328 [ 25.394063] mempool_double_free_helper+0x150/0x2e0 [ 25.394199] mempool_page_alloc_double_free+0xbc/0x118 [ 25.394321] kunit_try_run_case+0x170/0x3f0 [ 25.394434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.394561] kthread+0x318/0x620 [ 25.394667] ret_from_fork+0x10/0x20 [ 25.394789] [ 25.409854] The buggy address belongs to the physical page: [ 25.411401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106594 [ 25.414643] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.416588] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.419061] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.420445] page dumped because: kasan: bad access detected [ 25.422981] [ 25.423816] Memory state around the buggy address: [ 25.425662] fff00000c6593f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.426924] fff00000c6593f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.428350] >fff00000c6594000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.430346] ^ [ 25.431972] fff00000c6594080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.434388] fff00000c6594100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.436285] ================================================================== [ 25.295254] ================================================================== [ 25.299225] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 25.301520] Free of addr fff00000c6610000 by task kunit_try_catch/226 [ 25.302547] [ 25.304064] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.304262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.304327] Hardware name: linux,dummy-virt (DT) [ 25.304400] Call trace: [ 25.304452] show_stack+0x20/0x38 (C) [ 25.304578] dump_stack_lvl+0x8c/0xd0 [ 25.304697] print_report+0x118/0x608 [ 25.304814] kasan_report_invalid_free+0xc0/0xe8 [ 25.305590] __kasan_mempool_poison_object+0x14c/0x150 [ 25.305723] mempool_free+0x28c/0x328 [ 25.305845] mempool_double_free_helper+0x150/0x2e0 [ 25.305988] mempool_kmalloc_large_double_free+0xc0/0x118 [ 25.306114] kunit_try_run_case+0x170/0x3f0 [ 25.306240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.306365] kthread+0x318/0x620 [ 25.306475] ret_from_fork+0x10/0x20 [ 25.306595] [ 25.320754] The buggy address belongs to the physical page: [ 25.323114] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106610 [ 25.324769] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.327367] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.327976] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.328550] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.331119] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.333977] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.335694] head: 0bfffe0000000002 ffffc1ffc3198401 ffffffffffffffff 0000000000000000 [ 25.337734] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 25.339629] page dumped because: kasan: bad access detected [ 25.342082] [ 25.342489] Memory state around the buggy address: [ 25.342922] fff00000c660ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.343459] fff00000c660ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.345640] >fff00000c6610000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.347322] ^ [ 25.348451] fff00000c6610080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.351045] fff00000c6610100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.352765] ================================================================== [ 25.183444] ================================================================== [ 25.186700] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 25.188857] Free of addr fff00000c64f9700 by task kunit_try_catch/224 [ 25.190598] [ 25.191479] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.191694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.191760] Hardware name: linux,dummy-virt (DT) [ 25.191835] Call trace: [ 25.191900] show_stack+0x20/0x38 (C) [ 25.192025] dump_stack_lvl+0x8c/0xd0 [ 25.192142] print_report+0x118/0x608 [ 25.192254] kasan_report_invalid_free+0xc0/0xe8 [ 25.192375] check_slab_allocation+0xd4/0x108 [ 25.192498] __kasan_mempool_poison_object+0x78/0x150 [ 25.192618] mempool_free+0x28c/0x328 [ 25.192729] mempool_double_free_helper+0x150/0x2e0 [ 25.192844] mempool_kmalloc_double_free+0xc0/0x118 [ 25.194302] kunit_try_run_case+0x170/0x3f0 [ 25.194420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.194569] kthread+0x318/0x620 [ 25.194688] ret_from_fork+0x10/0x20 [ 25.194802] [ 25.209590] Allocated by task 224: [ 25.211173] kasan_save_stack+0x3c/0x68 [ 25.212434] kasan_save_track+0x20/0x40 [ 25.214698] kasan_save_alloc_info+0x40/0x58 [ 25.216064] __kasan_mempool_unpoison_object+0x11c/0x180 [ 25.217728] remove_element+0x130/0x1f8 [ 25.218908] mempool_alloc_preallocated+0x58/0xc0 [ 25.219773] mempool_double_free_helper+0x94/0x2e0 [ 25.220253] mempool_kmalloc_double_free+0xc0/0x118 [ 25.220686] kunit_try_run_case+0x170/0x3f0 [ 25.223163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.224519] kthread+0x318/0x620 [ 25.225812] ret_from_fork+0x10/0x20 [ 25.226786] [ 25.227860] Freed by task 224: [ 25.228908] kasan_save_stack+0x3c/0x68 [ 25.231150] kasan_save_track+0x20/0x40 [ 25.232266] kasan_save_free_info+0x4c/0x78 [ 25.232666] __kasan_mempool_poison_object+0xc0/0x150 [ 25.234557] mempool_free+0x28c/0x328 [ 25.235742] mempool_double_free_helper+0x100/0x2e0 [ 25.238560] mempool_kmalloc_double_free+0xc0/0x118 [ 25.239839] kunit_try_run_case+0x170/0x3f0 [ 25.240607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.242305] kthread+0x318/0x620 [ 25.243465] ret_from_fork+0x10/0x20 [ 25.244762] [ 25.246175] The buggy address belongs to the object at fff00000c64f9700 [ 25.246175] which belongs to the cache kmalloc-128 of size 128 [ 25.248168] The buggy address is located 0 bytes inside of [ 25.248168] 128-byte region [fff00000c64f9700, fff00000c64f9780) [ 25.249879] [ 25.250688] The buggy address belongs to the physical page: [ 25.252084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9 [ 25.254924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.256511] page_type: f5(slab) [ 25.257956] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.258557] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.260288] page dumped because: kasan: bad access detected [ 25.262477] [ 25.263113] Memory state around the buggy address: [ 25.264600] fff00000c64f9600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.266631] fff00000c64f9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.267637] >fff00000c64f9700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.268183] ^ [ 25.268511] fff00000c64f9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.271183] fff00000c64f9800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.272815] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 25.107547] ================================================================== [ 25.110477] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 25.111910] Read of size 1 at addr fff00000c6594000 by task kunit_try_catch/222 [ 25.112465] [ 25.112718] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.112921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.112984] Hardware name: linux,dummy-virt (DT) [ 25.114155] Call trace: [ 25.114222] show_stack+0x20/0x38 (C) [ 25.114339] dump_stack_lvl+0x8c/0xd0 [ 25.114455] print_report+0x118/0x608 [ 25.114562] kasan_report+0xdc/0x128 [ 25.114674] __asan_report_load1_noabort+0x20/0x30 [ 25.114789] mempool_uaf_helper+0x314/0x340 [ 25.115381] mempool_page_alloc_uaf+0xc0/0x118 [ 25.115513] kunit_try_run_case+0x170/0x3f0 [ 25.115623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.115748] kthread+0x318/0x620 [ 25.115855] ret_from_fork+0x10/0x20 [ 25.115988] [ 25.129817] The buggy address belongs to the physical page: [ 25.131520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106594 [ 25.132141] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.132696] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.135284] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.136766] page dumped because: kasan: bad access detected [ 25.138278] [ 25.138647] Memory state around the buggy address: [ 25.139968] fff00000c6593f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.142285] fff00000c6593f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.142926] >fff00000c6594000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.144553] ^ [ 25.145456] fff00000c6594080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.146817] fff00000c6594100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.147624] ================================================================== [ 24.916650] ================================================================== [ 24.918241] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.919055] Read of size 1 at addr fff00000c6590000 by task kunit_try_catch/218 [ 24.919782] [ 24.920268] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.920440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.920481] Hardware name: linux,dummy-virt (DT) [ 24.920521] Call trace: [ 24.920574] show_stack+0x20/0x38 (C) [ 24.920712] dump_stack_lvl+0x8c/0xd0 [ 24.920848] print_report+0x118/0x608 [ 24.921000] kasan_report+0xdc/0x128 [ 24.921150] __asan_report_load1_noabort+0x20/0x30 [ 24.921295] mempool_uaf_helper+0x314/0x340 [ 24.921421] mempool_kmalloc_large_uaf+0xc4/0x120 [ 24.921547] kunit_try_run_case+0x170/0x3f0 [ 24.921635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.921704] kthread+0x318/0x620 [ 24.921756] ret_from_fork+0x10/0x20 [ 24.921815] [ 24.928962] The buggy address belongs to the physical page: [ 24.929797] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106590 [ 24.931024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.931676] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.932432] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.933380] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.934374] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.935217] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.935996] head: 0bfffe0000000002 ffffc1ffc3196401 ffffffffffffffff 0000000000000000 [ 24.936754] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.937624] page dumped because: kasan: bad access detected [ 24.938534] [ 24.938842] Memory state around the buggy address: [ 24.939420] fff00000c658ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.941079] fff00000c658ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.942331] >fff00000c6590000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.942861] ^ [ 24.943217] fff00000c6590080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.943758] fff00000c6590100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.947721] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 24.848721] ================================================================== [ 24.849837] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.850809] Read of size 1 at addr fff00000c64f9300 by task kunit_try_catch/216 [ 24.851662] [ 24.852022] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.852239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.852314] Hardware name: linux,dummy-virt (DT) [ 24.852408] Call trace: [ 24.852475] show_stack+0x20/0x38 (C) [ 24.852627] dump_stack_lvl+0x8c/0xd0 [ 24.852770] print_report+0x118/0x608 [ 24.852928] kasan_report+0xdc/0x128 [ 24.853074] __asan_report_load1_noabort+0x20/0x30 [ 24.853204] mempool_uaf_helper+0x314/0x340 [ 24.853329] mempool_kmalloc_uaf+0xc4/0x120 [ 24.853391] kunit_try_run_case+0x170/0x3f0 [ 24.853453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.853515] kthread+0x318/0x620 [ 24.853573] ret_from_fork+0x10/0x20 [ 24.853631] [ 24.861284] Allocated by task 216: [ 24.861696] kasan_save_stack+0x3c/0x68 [ 24.862225] kasan_save_track+0x20/0x40 [ 24.862802] kasan_save_alloc_info+0x40/0x58 [ 24.863372] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.864237] remove_element+0x130/0x1f8 [ 24.864742] mempool_alloc_preallocated+0x58/0xc0 [ 24.865391] mempool_uaf_helper+0xa4/0x340 [ 24.866404] mempool_kmalloc_uaf+0xc4/0x120 [ 24.868486] kunit_try_run_case+0x170/0x3f0 [ 24.869860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.870379] kthread+0x318/0x620 [ 24.870734] ret_from_fork+0x10/0x20 [ 24.873299] [ 24.873904] Freed by task 216: [ 24.875320] kasan_save_stack+0x3c/0x68 [ 24.876909] kasan_save_track+0x20/0x40 [ 24.880080] kasan_save_free_info+0x4c/0x78 [ 24.880532] __kasan_mempool_poison_object+0xc0/0x150 [ 24.881007] mempool_free+0x28c/0x328 [ 24.881379] mempool_uaf_helper+0x104/0x340 [ 24.881791] mempool_kmalloc_uaf+0xc4/0x120 [ 24.885099] kunit_try_run_case+0x170/0x3f0 [ 24.885505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.887221] kthread+0x318/0x620 [ 24.888510] ret_from_fork+0x10/0x20 [ 24.890251] [ 24.890623] The buggy address belongs to the object at fff00000c64f9300 [ 24.890623] which belongs to the cache kmalloc-128 of size 128 [ 24.891975] The buggy address is located 0 bytes inside of [ 24.891975] freed 128-byte region [fff00000c64f9300, fff00000c64f9380) [ 24.893633] [ 24.894110] The buggy address belongs to the physical page: [ 24.894843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9 [ 24.895707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.896567] page_type: f5(slab) [ 24.897647] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.898438] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.899191] page dumped because: kasan: bad access detected [ 24.899851] [ 24.900415] Memory state around the buggy address: [ 24.900986] fff00000c64f9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.902234] fff00000c64f9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.903095] >fff00000c64f9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.903944] ^ [ 24.904545] fff00000c64f9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.905259] fff00000c64f9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.906291] ================================================================== [ 24.981383] ================================================================== [ 24.985489] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.988114] Read of size 1 at addr fff00000c65df240 by task kunit_try_catch/220 [ 24.990765] [ 24.991492] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.991689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.991757] Hardware name: linux,dummy-virt (DT) [ 24.991833] Call trace: [ 24.992457] show_stack+0x20/0x38 (C) [ 24.992601] dump_stack_lvl+0x8c/0xd0 [ 24.992720] print_report+0x118/0x608 [ 24.992835] kasan_report+0xdc/0x128 [ 24.992966] __asan_report_load1_noabort+0x20/0x30 [ 24.993085] mempool_uaf_helper+0x314/0x340 [ 24.993197] mempool_slab_uaf+0xc0/0x118 [ 24.993310] kunit_try_run_case+0x170/0x3f0 [ 24.993424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.993550] kthread+0x318/0x620 [ 24.993653] ret_from_fork+0x10/0x20 [ 24.993764] [ 25.008101] Allocated by task 220: [ 25.009420] kasan_save_stack+0x3c/0x68 [ 25.010171] kasan_save_track+0x20/0x40 [ 25.010574] kasan_save_alloc_info+0x40/0x58 [ 25.012086] __kasan_mempool_unpoison_object+0xbc/0x180 [ 25.014290] remove_element+0x16c/0x1f8 [ 25.015308] mempool_alloc_preallocated+0x58/0xc0 [ 25.017059] mempool_uaf_helper+0xa4/0x340 [ 25.018371] mempool_slab_uaf+0xc0/0x118 [ 25.018749] kunit_try_run_case+0x170/0x3f0 [ 25.019135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.019569] kthread+0x318/0x620 [ 25.021224] ret_from_fork+0x10/0x20 [ 25.022262] [ 25.023327] Freed by task 220: [ 25.024627] kasan_save_stack+0x3c/0x68 [ 25.025948] kasan_save_track+0x20/0x40 [ 25.027387] kasan_save_free_info+0x4c/0x78 [ 25.029477] __kasan_mempool_poison_object+0xc0/0x150 [ 25.030858] mempool_free+0x28c/0x328 [ 25.032734] mempool_uaf_helper+0x104/0x340 [ 25.033669] mempool_slab_uaf+0xc0/0x118 [ 25.034099] kunit_try_run_case+0x170/0x3f0 [ 25.034522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.036269] kthread+0x318/0x620 [ 25.037989] ret_from_fork+0x10/0x20 [ 25.039135] [ 25.039916] The buggy address belongs to the object at fff00000c65df240 [ 25.039916] which belongs to the cache test_cache of size 123 [ 25.042810] The buggy address is located 0 bytes inside of [ 25.042810] freed 123-byte region [fff00000c65df240, fff00000c65df2bb) [ 25.045009] [ 25.045239] The buggy address belongs to the physical page: [ 25.045660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065df [ 25.050054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.050579] page_type: f5(slab) [ 25.051331] raw: 0bfffe0000000000 fff00000c65e2000 dead000000000122 0000000000000000 [ 25.052307] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.053032] page dumped because: kasan: bad access detected [ 25.053528] [ 25.053757] Memory state around the buggy address: [ 25.055704] fff00000c65df100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.057350] fff00000c65df180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.058093] >fff00000c65df200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.058949] ^ [ 25.059423] fff00000c65df280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.060828] fff00000c65df300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.061626] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 24.760148] ================================================================== [ 24.761337] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.761996] Read of size 1 at addr fff00000c6592001 by task kunit_try_catch/212 [ 24.763183] [ 24.763459] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.763564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.763600] Hardware name: linux,dummy-virt (DT) [ 24.763639] Call trace: [ 24.763667] show_stack+0x20/0x38 (C) [ 24.763731] dump_stack_lvl+0x8c/0xd0 [ 24.763791] print_report+0x118/0x608 [ 24.763848] kasan_report+0xdc/0x128 [ 24.763954] __asan_report_load1_noabort+0x20/0x30 [ 24.764097] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.764244] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 24.764392] kunit_try_run_case+0x170/0x3f0 [ 24.764528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.764681] kthread+0x318/0x620 [ 24.764814] ret_from_fork+0x10/0x20 [ 24.764967] [ 24.770941] The buggy address belongs to the physical page: [ 24.771452] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106590 [ 24.772451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.773355] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.774140] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.775636] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.776422] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.777255] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.778088] head: 0bfffe0000000002 ffffc1ffc3196401 ffffffffffffffff 0000000000000000 [ 24.778836] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 24.779617] page dumped because: kasan: bad access detected [ 24.780208] [ 24.780507] Memory state around the buggy address: [ 24.781081] fff00000c6591f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.781686] fff00000c6591f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.782582] >fff00000c6592000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.783290] ^ [ 24.783765] fff00000c6592080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.784509] fff00000c6592100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.785288] ================================================================== [ 24.714131] ================================================================== [ 24.715113] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.715829] Read of size 1 at addr fff00000c6331f73 by task kunit_try_catch/210 [ 24.716647] [ 24.716989] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.717269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.717347] Hardware name: linux,dummy-virt (DT) [ 24.717436] Call trace: [ 24.717499] show_stack+0x20/0x38 (C) [ 24.717629] dump_stack_lvl+0x8c/0xd0 [ 24.717756] print_report+0x118/0x608 [ 24.717869] kasan_report+0xdc/0x128 [ 24.718002] __asan_report_load1_noabort+0x20/0x30 [ 24.718126] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.718278] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.718416] kunit_try_run_case+0x170/0x3f0 [ 24.718555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.718690] kthread+0x318/0x620 [ 24.718756] ret_from_fork+0x10/0x20 [ 24.718816] [ 24.725945] Allocated by task 210: [ 24.726561] kasan_save_stack+0x3c/0x68 [ 24.727069] kasan_save_track+0x20/0x40 [ 24.727560] kasan_save_alloc_info+0x40/0x58 [ 24.728115] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.728721] remove_element+0x130/0x1f8 [ 24.729755] mempool_alloc_preallocated+0x58/0xc0 [ 24.730206] mempool_oob_right_helper+0x98/0x2f0 [ 24.730771] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.731404] kunit_try_run_case+0x170/0x3f0 [ 24.731912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.732414] kthread+0x318/0x620 [ 24.732879] ret_from_fork+0x10/0x20 [ 24.733468] [ 24.733779] The buggy address belongs to the object at fff00000c6331f00 [ 24.733779] which belongs to the cache kmalloc-128 of size 128 [ 24.735046] The buggy address is located 0 bytes to the right of [ 24.735046] allocated 115-byte region [fff00000c6331f00, fff00000c6331f73) [ 24.736312] [ 24.736645] The buggy address belongs to the physical page: [ 24.738010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 24.739103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.739921] page_type: f5(slab) [ 24.740323] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.741033] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 24.742496] page dumped because: kasan: bad access detected [ 24.743262] [ 24.743651] Memory state around the buggy address: [ 24.744412] fff00000c6331e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.745468] fff00000c6331e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.746413] >fff00000c6331f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.747266] ^ [ 24.748117] fff00000c6331f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.748997] fff00000c6332000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.749950] ================================================================== [ 24.795750] ================================================================== [ 24.796829] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.797597] Read of size 1 at addr fff00000c64cf2bb by task kunit_try_catch/214 [ 24.799227] [ 24.799556] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.799764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.799843] Hardware name: linux,dummy-virt (DT) [ 24.799945] Call trace: [ 24.800007] show_stack+0x20/0x38 (C) [ 24.800102] dump_stack_lvl+0x8c/0xd0 [ 24.800165] print_report+0x118/0x608 [ 24.800222] kasan_report+0xdc/0x128 [ 24.800276] __asan_report_load1_noabort+0x20/0x30 [ 24.800335] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.800392] mempool_slab_oob_right+0xc0/0x118 [ 24.800450] kunit_try_run_case+0x170/0x3f0 [ 24.800508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.800571] kthread+0x318/0x620 [ 24.800626] ret_from_fork+0x10/0x20 [ 24.800684] [ 24.806714] Allocated by task 214: [ 24.807202] kasan_save_stack+0x3c/0x68 [ 24.807774] kasan_save_track+0x20/0x40 [ 24.808949] kasan_save_alloc_info+0x40/0x58 [ 24.809536] __kasan_mempool_unpoison_object+0xbc/0x180 [ 24.810086] remove_element+0x16c/0x1f8 [ 24.810632] mempool_alloc_preallocated+0x58/0xc0 [ 24.811206] mempool_oob_right_helper+0x98/0x2f0 [ 24.811795] mempool_slab_oob_right+0xc0/0x118 [ 24.812360] kunit_try_run_case+0x170/0x3f0 [ 24.812865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.813524] kthread+0x318/0x620 [ 24.813977] ret_from_fork+0x10/0x20 [ 24.814493] [ 24.814791] The buggy address belongs to the object at fff00000c64cf240 [ 24.814791] which belongs to the cache test_cache of size 123 [ 24.815901] The buggy address is located 0 bytes to the right of [ 24.815901] allocated 123-byte region [fff00000c64cf240, fff00000c64cf2bb) [ 24.817050] [ 24.817343] The buggy address belongs to the physical page: [ 24.818005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064cf [ 24.818842] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.819628] page_type: f5(slab) [ 24.820086] raw: 0bfffe0000000000 fff00000c1bcadc0 dead000000000122 0000000000000000 [ 24.820826] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 24.821679] page dumped because: kasan: bad access detected [ 24.822345] [ 24.822669] Memory state around the buggy address: [ 24.823313] fff00000c64cf180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.824118] fff00000c64cf200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 24.824850] >fff00000c64cf280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 24.825539] ^ [ 24.826126] fff00000c64cf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.826851] fff00000c64cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.827578] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 24.097799] ================================================================== [ 24.100948] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x17c/0x2f8 [ 24.102045] Read of size 1 at addr fff00000c5679dc0 by task kunit_try_catch/204 [ 24.102683] [ 24.103058] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.103276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.103356] Hardware name: linux,dummy-virt (DT) [ 24.103449] Call trace: [ 24.103517] show_stack+0x20/0x38 (C) [ 24.103666] dump_stack_lvl+0x8c/0xd0 [ 24.103818] print_report+0x118/0x608 [ 24.104025] kasan_report+0xdc/0x128 [ 24.104162] __kasan_check_byte+0x54/0x70 [ 24.104291] kmem_cache_destroy+0x34/0x218 [ 24.104362] kmem_cache_double_destroy+0x17c/0x2f8 [ 24.104424] kunit_try_run_case+0x170/0x3f0 [ 24.104484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.104548] kthread+0x318/0x620 [ 24.104609] ret_from_fork+0x10/0x20 [ 24.104669] [ 24.110950] Allocated by task 204: [ 24.111395] kasan_save_stack+0x3c/0x68 [ 24.111953] kasan_save_track+0x20/0x40 [ 24.112489] kasan_save_alloc_info+0x40/0x58 [ 24.114326] __kasan_slab_alloc+0xa8/0xb0 [ 24.114875] kmem_cache_alloc_noprof+0x10c/0x398 [ 24.115462] __kmem_cache_create_args+0x18c/0x2b0 [ 24.116039] kmem_cache_double_destroy+0xc8/0x2f8 [ 24.116577] kunit_try_run_case+0x170/0x3f0 [ 24.118106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.118702] kthread+0x318/0x620 [ 24.119191] ret_from_fork+0x10/0x20 [ 24.120101] [ 24.120348] Freed by task 204: [ 24.120806] kasan_save_stack+0x3c/0x68 [ 24.122178] kasan_save_track+0x20/0x40 [ 24.122558] kasan_save_free_info+0x4c/0x78 [ 24.123344] __kasan_slab_free+0x6c/0x98 [ 24.124192] kmem_cache_free+0x260/0x468 [ 24.124963] slab_kmem_cache_release+0x38/0x50 [ 24.126030] kmem_cache_release+0x1c/0x30 [ 24.126470] kobject_put+0x17c/0x420 [ 24.127138] sysfs_slab_release+0x1c/0x30 [ 24.127975] kmem_cache_destroy+0x118/0x218 [ 24.128651] kmem_cache_double_destroy+0x130/0x2f8 [ 24.129574] kunit_try_run_case+0x170/0x3f0 [ 24.130327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.131038] kthread+0x318/0x620 [ 24.131571] ret_from_fork+0x10/0x20 [ 24.132056] [ 24.132380] The buggy address belongs to the object at fff00000c5679dc0 [ 24.132380] which belongs to the cache kmem_cache of size 208 [ 24.134343] The buggy address is located 0 bytes inside of [ 24.134343] freed 208-byte region [fff00000c5679dc0, fff00000c5679e90) [ 24.135455] [ 24.135725] The buggy address belongs to the physical page: [ 24.136668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105679 [ 24.137814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.138559] page_type: f5(slab) [ 24.139049] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 24.139940] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 24.140735] page dumped because: kasan: bad access detected [ 24.141530] [ 24.141868] Memory state around the buggy address: [ 24.142957] fff00000c5679c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.143859] fff00000c5679d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 24.144609] >fff00000c5679d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 24.145536] ^ [ 24.146279] fff00000c5679e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.147091] fff00000c5679e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.148033] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 24.010061] ================================================================== [ 24.011361] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x390/0x468 [ 24.012378] Read of size 1 at addr fff00000c64cf000 by task kunit_try_catch/202 [ 24.013471] [ 24.013976] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.014237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.014313] Hardware name: linux,dummy-virt (DT) [ 24.014358] Call trace: [ 24.014388] show_stack+0x20/0x38 (C) [ 24.014457] dump_stack_lvl+0x8c/0xd0 [ 24.014523] print_report+0x118/0x608 [ 24.014581] kasan_report+0xdc/0x128 [ 24.014639] __asan_report_load1_noabort+0x20/0x30 [ 24.014698] kmem_cache_rcu_uaf+0x390/0x468 [ 24.014754] kunit_try_run_case+0x170/0x3f0 [ 24.014815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.014901] kthread+0x318/0x620 [ 24.014977] ret_from_fork+0x10/0x20 [ 24.015038] [ 24.020900] Allocated by task 202: [ 24.021366] kasan_save_stack+0x3c/0x68 [ 24.022051] kasan_save_track+0x20/0x40 [ 24.022696] kasan_save_alloc_info+0x40/0x58 [ 24.023324] __kasan_slab_alloc+0xa8/0xb0 [ 24.024501] kmem_cache_alloc_noprof+0x10c/0x398 [ 24.025136] kmem_cache_rcu_uaf+0x12c/0x468 [ 24.026123] kunit_try_run_case+0x170/0x3f0 [ 24.026653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.027293] kthread+0x318/0x620 [ 24.027748] ret_from_fork+0x10/0x20 [ 24.028241] [ 24.028557] Freed by task 0: [ 24.029021] kasan_save_stack+0x3c/0x68 [ 24.029516] kasan_save_track+0x20/0x40 [ 24.030055] kasan_save_free_info+0x4c/0x78 [ 24.030650] __kasan_slab_free+0x6c/0x98 [ 24.031193] slab_free_after_rcu_debug+0xd4/0x2f8 [ 24.031813] rcu_core+0x9f4/0x1e20 [ 24.032332] rcu_core_si+0x18/0x30 [ 24.032838] handle_softirqs+0x374/0xb28 [ 24.033393] __do_softirq+0x1c/0x28 [ 24.033854] [ 24.034203] Last potentially related work creation: [ 24.034722] kasan_save_stack+0x3c/0x68 [ 24.035239] kasan_record_aux_stack+0xb4/0xc8 [ 24.035809] kmem_cache_free+0x120/0x468 [ 24.036373] kmem_cache_rcu_uaf+0x16c/0x468 [ 24.036903] kunit_try_run_case+0x170/0x3f0 [ 24.037433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.038046] kthread+0x318/0x620 [ 24.038563] ret_from_fork+0x10/0x20 [ 24.039106] [ 24.039419] The buggy address belongs to the object at fff00000c64cf000 [ 24.039419] which belongs to the cache test_cache of size 200 [ 24.040582] The buggy address is located 0 bytes inside of [ 24.040582] freed 200-byte region [fff00000c64cf000, fff00000c64cf0c8) [ 24.041684] [ 24.042022] The buggy address belongs to the physical page: [ 24.042597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064cf [ 24.043475] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.044204] page_type: f5(slab) [ 24.044643] raw: 0bfffe0000000000 fff00000c1bcac80 dead000000000122 0000000000000000 [ 24.045431] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.046106] page dumped because: kasan: bad access detected [ 24.046783] [ 24.047123] Memory state around the buggy address: [ 24.047653] fff00000c64cef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.048488] fff00000c64cef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.049220] >fff00000c64cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.049932] ^ [ 24.050355] fff00000c64cf080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 24.051048] fff00000c64cf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.051748] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 23.902951] ================================================================== [ 23.903540] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3b8 [ 23.903875] Free of addr fff00000c6457001 by task kunit_try_catch/200 [ 23.904909] [ 23.905239] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.906021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.906104] Hardware name: linux,dummy-virt (DT) [ 23.906728] Call trace: [ 23.906831] show_stack+0x20/0x38 (C) [ 23.907006] dump_stack_lvl+0x8c/0xd0 [ 23.907151] print_report+0x118/0x608 [ 23.907283] kasan_report_invalid_free+0xc0/0xe8 [ 23.907404] check_slab_allocation+0xfc/0x108 [ 23.907521] __kasan_slab_pre_free+0x2c/0x48 [ 23.907616] kmem_cache_free+0xf0/0x468 [ 23.907680] kmem_cache_invalid_free+0x184/0x3b8 [ 23.907739] kunit_try_run_case+0x170/0x3f0 [ 23.907800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.907867] kthread+0x318/0x620 [ 23.907959] ret_from_fork+0x10/0x20 [ 23.908020] [ 23.915721] Allocated by task 200: [ 23.916501] kasan_save_stack+0x3c/0x68 [ 23.917332] kasan_save_track+0x20/0x40 [ 23.917954] kasan_save_alloc_info+0x40/0x58 [ 23.918477] __kasan_slab_alloc+0xa8/0xb0 [ 23.919238] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.919819] kmem_cache_invalid_free+0x12c/0x3b8 [ 23.920614] kunit_try_run_case+0x170/0x3f0 [ 23.921535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.922256] kthread+0x318/0x620 [ 23.922678] ret_from_fork+0x10/0x20 [ 23.923215] [ 23.923540] The buggy address belongs to the object at fff00000c6457000 [ 23.923540] which belongs to the cache test_cache of size 200 [ 23.924674] The buggy address is located 1 bytes inside of [ 23.924674] 200-byte region [fff00000c6457000, fff00000c64570c8) [ 23.926560] [ 23.926827] The buggy address belongs to the physical page: [ 23.927691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106457 [ 23.928305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.928929] page_type: f5(slab) [ 23.929746] raw: 0bfffe0000000000 fff00000c5679c80 dead000000000122 0000000000000000 [ 23.930580] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.931701] page dumped because: kasan: bad access detected [ 23.932197] [ 23.932455] Memory state around the buggy address: [ 23.933717] fff00000c6456f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.934636] fff00000c6456f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.935336] >fff00000c6457000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.936304] ^ [ 23.936804] fff00000c6457080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 23.937897] fff00000c6457100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.938592] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 23.836988] ================================================================== [ 23.838969] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 23.839744] Free of addr fff00000c64be000 by task kunit_try_catch/198 [ 23.840509] [ 23.840856] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.841577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.841659] Hardware name: linux,dummy-virt (DT) [ 23.841747] Call trace: [ 23.841816] show_stack+0x20/0x38 (C) [ 23.841976] dump_stack_lvl+0x8c/0xd0 [ 23.842116] print_report+0x118/0x608 [ 23.842203] kasan_report_invalid_free+0xc0/0xe8 [ 23.842272] check_slab_allocation+0xd4/0x108 [ 23.842333] __kasan_slab_pre_free+0x2c/0x48 [ 23.842391] kmem_cache_free+0xf0/0x468 [ 23.842454] kmem_cache_double_free+0x190/0x3c8 [ 23.842515] kunit_try_run_case+0x170/0x3f0 [ 23.842578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.842642] kthread+0x318/0x620 [ 23.842699] ret_from_fork+0x10/0x20 [ 23.842760] [ 23.851965] Allocated by task 198: [ 23.852526] kasan_save_stack+0x3c/0x68 [ 23.853367] kasan_save_track+0x20/0x40 [ 23.854212] kasan_save_alloc_info+0x40/0x58 [ 23.854857] __kasan_slab_alloc+0xa8/0xb0 [ 23.855404] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.856030] kmem_cache_double_free+0x12c/0x3c8 [ 23.856666] kunit_try_run_case+0x170/0x3f0 [ 23.857511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.858243] kthread+0x318/0x620 [ 23.858781] ret_from_fork+0x10/0x20 [ 23.859321] [ 23.859626] Freed by task 198: [ 23.860018] kasan_save_stack+0x3c/0x68 [ 23.860549] kasan_save_track+0x20/0x40 [ 23.861106] kasan_save_free_info+0x4c/0x78 [ 23.862153] __kasan_slab_free+0x6c/0x98 [ 23.862603] kmem_cache_free+0x260/0x468 [ 23.863155] kmem_cache_double_free+0x140/0x3c8 [ 23.863638] kunit_try_run_case+0x170/0x3f0 [ 23.864069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.865186] kthread+0x318/0x620 [ 23.865609] ret_from_fork+0x10/0x20 [ 23.866331] [ 23.866628] The buggy address belongs to the object at fff00000c64be000 [ 23.866628] which belongs to the cache test_cache of size 200 [ 23.868140] The buggy address is located 0 bytes inside of [ 23.868140] 200-byte region [fff00000c64be000, fff00000c64be0c8) [ 23.869232] [ 23.869580] The buggy address belongs to the physical page: [ 23.870699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064be [ 23.871503] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.872206] page_type: f5(slab) [ 23.872737] raw: 0bfffe0000000000 fff00000c5679b40 dead000000000122 0000000000000000 [ 23.874068] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.874956] page dumped because: kasan: bad access detected [ 23.875588] [ 23.875934] Memory state around the buggy address: [ 23.876482] fff00000c64bdf00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 23.877638] fff00000c64bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.878366] >fff00000c64be000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.879055] ^ [ 23.879919] fff00000c64be080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 23.880657] fff00000c64be100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.881707] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 23.743217] ================================================================== [ 23.744375] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x33c/0x428 [ 23.745117] Read of size 1 at addr fff00000c64f60c8 by task kunit_try_catch/196 [ 23.746442] [ 23.747013] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.747227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.747298] Hardware name: linux,dummy-virt (DT) [ 23.747433] Call trace: [ 23.747489] show_stack+0x20/0x38 (C) [ 23.747609] dump_stack_lvl+0x8c/0xd0 [ 23.747726] print_report+0x118/0x608 [ 23.747846] kasan_report+0xdc/0x128 [ 23.748021] __asan_report_load1_noabort+0x20/0x30 [ 23.748165] kmem_cache_oob+0x33c/0x428 [ 23.748285] kunit_try_run_case+0x170/0x3f0 [ 23.748355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.748421] kthread+0x318/0x620 [ 23.748478] ret_from_fork+0x10/0x20 [ 23.748539] [ 23.755354] Allocated by task 196: [ 23.755776] kasan_save_stack+0x3c/0x68 [ 23.756259] kasan_save_track+0x20/0x40 [ 23.756791] kasan_save_alloc_info+0x40/0x58 [ 23.757356] __kasan_slab_alloc+0xa8/0xb0 [ 23.757877] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.758463] kmem_cache_oob+0x12c/0x428 [ 23.758940] kunit_try_run_case+0x170/0x3f0 [ 23.759501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.760205] kthread+0x318/0x620 [ 23.760734] ret_from_fork+0x10/0x20 [ 23.761256] [ 23.761552] The buggy address belongs to the object at fff00000c64f6000 [ 23.761552] which belongs to the cache test_cache of size 200 [ 23.762723] The buggy address is located 0 bytes to the right of [ 23.762723] allocated 200-byte region [fff00000c64f6000, fff00000c64f60c8) [ 23.763732] [ 23.764059] The buggy address belongs to the physical page: [ 23.764658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f6 [ 23.765413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.766014] page_type: f5(slab) [ 23.766509] raw: 0bfffe0000000000 fff00000c1bcab40 dead000000000122 0000000000000000 [ 23.767303] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.768020] page dumped because: kasan: bad access detected [ 23.768544] [ 23.768832] Memory state around the buggy address: [ 23.769423] fff00000c64f5f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.770139] fff00000c64f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.770912] >fff00000c64f6080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 23.771698] ^ [ 23.772282] fff00000c64f6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.773050] fff00000c64f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.773807] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 23.668931] ================================================================== [ 23.670153] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 23.670987] Read of size 8 at addr fff00000c637b440 by task kunit_try_catch/189 [ 23.671775] [ 23.672061] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.672244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.672319] Hardware name: linux,dummy-virt (DT) [ 23.672397] Call trace: [ 23.672459] show_stack+0x20/0x38 (C) [ 23.672594] dump_stack_lvl+0x8c/0xd0 [ 23.672734] print_report+0x118/0x608 [ 23.672874] kasan_report+0xdc/0x128 [ 23.673034] __asan_report_load8_noabort+0x20/0x30 [ 23.673170] workqueue_uaf+0x480/0x4a8 [ 23.673295] kunit_try_run_case+0x170/0x3f0 [ 23.673431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.673636] kthread+0x318/0x620 [ 23.673770] ret_from_fork+0x10/0x20 [ 23.673926] [ 23.680055] Allocated by task 189: [ 23.680540] kasan_save_stack+0x3c/0x68 [ 23.681157] kasan_save_track+0x20/0x40 [ 23.681802] kasan_save_alloc_info+0x40/0x58 [ 23.682317] __kasan_kmalloc+0xd4/0xd8 [ 23.682829] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.683505] workqueue_uaf+0x13c/0x4a8 [ 23.685016] kunit_try_run_case+0x170/0x3f0 [ 23.685549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.686210] kthread+0x318/0x620 [ 23.686693] ret_from_fork+0x10/0x20 [ 23.687318] [ 23.687592] Freed by task 46: [ 23.688946] kasan_save_stack+0x3c/0x68 [ 23.689580] kasan_save_track+0x20/0x40 [ 23.689983] kasan_save_free_info+0x4c/0x78 [ 23.690425] __kasan_slab_free+0x6c/0x98 [ 23.690958] kfree+0x214/0x3c8 [ 23.691465] workqueue_uaf_work+0x18/0x30 [ 23.691990] process_one_work+0x530/0xf98 [ 23.692604] worker_thread+0x610/0xf18 [ 23.693218] kthread+0x318/0x620 [ 23.693757] ret_from_fork+0x10/0x20 [ 23.694451] [ 23.694819] Last potentially related work creation: [ 23.695422] kasan_save_stack+0x3c/0x68 [ 23.695954] kasan_record_aux_stack+0xb4/0xc8 [ 23.696572] __queue_work+0x65c/0x1008 [ 23.697223] queue_work_on+0xbc/0xf8 [ 23.697771] workqueue_uaf+0x210/0x4a8 [ 23.698429] kunit_try_run_case+0x170/0x3f0 [ 23.699679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.701529] kthread+0x318/0x620 [ 23.702215] ret_from_fork+0x10/0x20 [ 23.702717] [ 23.703104] The buggy address belongs to the object at fff00000c637b440 [ 23.703104] which belongs to the cache kmalloc-32 of size 32 [ 23.704289] The buggy address is located 0 bytes inside of [ 23.704289] freed 32-byte region [fff00000c637b440, fff00000c637b460) [ 23.705486] [ 23.705877] The buggy address belongs to the physical page: [ 23.706712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637b [ 23.707706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.708707] page_type: f5(slab) [ 23.709192] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 23.710139] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.711110] page dumped because: kasan: bad access detected [ 23.711749] [ 23.712128] Memory state around the buggy address: [ 23.712746] fff00000c637b300: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 23.714002] fff00000c637b380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.714668] >fff00000c637b400: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.715739] ^ [ 23.716373] fff00000c637b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.717076] fff00000c637b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.717977] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 23.593537] ================================================================== [ 23.594985] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 23.595776] Read of size 4 at addr fff00000c637b3c0 by task swapper/1/0 [ 23.596621] [ 23.597036] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.14.11-rc1 #1 [ 23.597244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.597323] Hardware name: linux,dummy-virt (DT) [ 23.597413] Call trace: [ 23.597481] show_stack+0x20/0x38 (C) [ 23.597622] dump_stack_lvl+0x8c/0xd0 [ 23.597764] print_report+0x118/0x608 [ 23.597901] kasan_report+0xdc/0x128 [ 23.598039] __asan_report_load4_noabort+0x20/0x30 [ 23.598238] rcu_uaf_reclaim+0x64/0x70 [ 23.598367] rcu_core+0x9f4/0x1e20 [ 23.598480] rcu_core_si+0x18/0x30 [ 23.598588] handle_softirqs+0x374/0xb28 [ 23.598700] __do_softirq+0x1c/0x28 [ 23.598807] ____do_softirq+0x18/0x30 [ 23.598937] call_on_irq_stack+0x24/0x58 [ 23.599055] do_softirq_own_stack+0x24/0x38 [ 23.599143] __irq_exit_rcu+0x1fc/0x318 [ 23.599198] irq_exit_rcu+0x1c/0x80 [ 23.599252] el1_interrupt+0x38/0x58 [ 23.599310] el1h_64_irq_handler+0x18/0x28 [ 23.599369] el1h_64_irq+0x6c/0x70 [ 23.599486] arch_local_irq_enable+0x4/0x8 (P) [ 23.599560] do_idle+0x384/0x4e8 [ 23.599612] cpu_startup_entry+0x64/0x80 [ 23.599668] secondary_start_kernel+0x288/0x340 [ 23.599727] __secondary_switched+0xc0/0xc8 [ 23.599793] [ 23.614363] Allocated by task 187: [ 23.614900] kasan_save_stack+0x3c/0x68 [ 23.615440] kasan_save_track+0x20/0x40 [ 23.615952] kasan_save_alloc_info+0x40/0x58 [ 23.616488] __kasan_kmalloc+0xd4/0xd8 [ 23.616959] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.617980] rcu_uaf+0xb0/0x2d0 [ 23.618435] kunit_try_run_case+0x170/0x3f0 [ 23.618962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.619570] kthread+0x318/0x620 [ 23.620070] ret_from_fork+0x10/0x20 [ 23.620551] [ 23.620856] Freed by task 0: [ 23.622378] kasan_save_stack+0x3c/0x68 [ 23.622877] kasan_save_track+0x20/0x40 [ 23.623385] kasan_save_free_info+0x4c/0x78 [ 23.623906] __kasan_slab_free+0x6c/0x98 [ 23.624442] kfree+0x214/0x3c8 [ 23.624923] rcu_uaf_reclaim+0x28/0x70 [ 23.625834] rcu_core+0x9f4/0x1e20 [ 23.626293] rcu_core_si+0x18/0x30 [ 23.626820] handle_softirqs+0x374/0xb28 [ 23.627393] __do_softirq+0x1c/0x28 [ 23.627862] [ 23.628208] Last potentially related work creation: [ 23.628846] kasan_save_stack+0x3c/0x68 [ 23.630073] kasan_record_aux_stack+0xb4/0xc8 [ 23.630601] __call_rcu_common.constprop.0+0x74/0xa10 [ 23.631232] call_rcu+0x18/0x30 [ 23.631700] rcu_uaf+0x14c/0x2d0 [ 23.632267] kunit_try_run_case+0x170/0x3f0 [ 23.632781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.633872] kthread+0x318/0x620 [ 23.634465] ret_from_fork+0x10/0x20 [ 23.635519] [ 23.635835] The buggy address belongs to the object at fff00000c637b3c0 [ 23.635835] which belongs to the cache kmalloc-32 of size 32 [ 23.638852] The buggy address is located 0 bytes inside of [ 23.638852] freed 32-byte region [fff00000c637b3c0, fff00000c637b3e0) [ 23.639862] [ 23.640232] The buggy address belongs to the physical page: [ 23.640924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637b [ 23.642099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.642729] page_type: f5(slab) [ 23.643247] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 23.644260] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.645875] page dumped because: kasan: bad access detected [ 23.646333] [ 23.646558] Memory state around the buggy address: [ 23.646973] fff00000c637b280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 23.647485] fff00000c637b300: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 23.648306] >fff00000c637b380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.651531] ^ [ 23.652845] fff00000c637b400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.654545] fff00000c637b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.655574] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 23.426807] ================================================================== [ 23.427850] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x600 [ 23.428670] Read of size 1 at addr fff00000c6331c00 by task kunit_try_catch/185 [ 23.429512] [ 23.430259] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.430451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.430525] Hardware name: linux,dummy-virt (DT) [ 23.430610] Call trace: [ 23.430664] show_stack+0x20/0x38 (C) [ 23.430779] dump_stack_lvl+0x8c/0xd0 [ 23.430932] print_report+0x118/0x608 [ 23.431069] kasan_report+0xdc/0x128 [ 23.431198] __kasan_check_byte+0x54/0x70 [ 23.431270] ksize+0x30/0x88 [ 23.431326] ksize_uaf+0x168/0x600 [ 23.431379] kunit_try_run_case+0x170/0x3f0 [ 23.431436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.431501] kthread+0x318/0x620 [ 23.431554] ret_from_fork+0x10/0x20 [ 23.431613] [ 23.439581] Allocated by task 185: [ 23.440726] kasan_save_stack+0x3c/0x68 [ 23.441784] kasan_save_track+0x20/0x40 [ 23.442339] kasan_save_alloc_info+0x40/0x58 [ 23.443070] __kasan_kmalloc+0xd4/0xd8 [ 23.443812] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.444486] ksize_uaf+0xb8/0x600 [ 23.445004] kunit_try_run_case+0x170/0x3f0 [ 23.446620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.447275] kthread+0x318/0x620 [ 23.447829] ret_from_fork+0x10/0x20 [ 23.448341] [ 23.448705] Freed by task 185: [ 23.449386] kasan_save_stack+0x3c/0x68 [ 23.449931] kasan_save_track+0x20/0x40 [ 23.450609] kasan_save_free_info+0x4c/0x78 [ 23.451210] __kasan_slab_free+0x6c/0x98 [ 23.451781] kfree+0x214/0x3c8 [ 23.452293] ksize_uaf+0x11c/0x600 [ 23.452810] kunit_try_run_case+0x170/0x3f0 [ 23.453546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.454722] kthread+0x318/0x620 [ 23.455335] ret_from_fork+0x10/0x20 [ 23.455796] [ 23.456097] The buggy address belongs to the object at fff00000c6331c00 [ 23.456097] which belongs to the cache kmalloc-128 of size 128 [ 23.457724] The buggy address is located 0 bytes inside of [ 23.457724] freed 128-byte region [fff00000c6331c00, fff00000c6331c80) [ 23.458807] [ 23.459805] The buggy address belongs to the physical page: [ 23.460271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 23.461165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.461770] page_type: f5(slab) [ 23.462193] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.462781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.463402] page dumped because: kasan: bad access detected [ 23.465121] [ 23.465451] Memory state around the buggy address: [ 23.466098] fff00000c6331b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.466690] fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.468427] >fff00000c6331c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.469429] ^ [ 23.470824] fff00000c6331c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.471587] fff00000c6331d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.472317] ================================================================== [ 23.518196] ================================================================== [ 23.519035] BUG: KASAN: slab-use-after-free in ksize_uaf+0x548/0x600 [ 23.519827] Read of size 1 at addr fff00000c6331c78 by task kunit_try_catch/185 [ 23.520742] [ 23.521673] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.521947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.522028] Hardware name: linux,dummy-virt (DT) [ 23.522115] Call trace: [ 23.522185] show_stack+0x20/0x38 (C) [ 23.522274] dump_stack_lvl+0x8c/0xd0 [ 23.522341] print_report+0x118/0x608 [ 23.522402] kasan_report+0xdc/0x128 [ 23.522459] __asan_report_load1_noabort+0x20/0x30 [ 23.522518] ksize_uaf+0x548/0x600 [ 23.522569] kunit_try_run_case+0x170/0x3f0 [ 23.522624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.522687] kthread+0x318/0x620 [ 23.522741] ret_from_fork+0x10/0x20 [ 23.522800] [ 23.529490] Allocated by task 185: [ 23.530220] kasan_save_stack+0x3c/0x68 [ 23.530832] kasan_save_track+0x20/0x40 [ 23.531307] kasan_save_alloc_info+0x40/0x58 [ 23.531945] __kasan_kmalloc+0xd4/0xd8 [ 23.532490] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.533094] ksize_uaf+0xb8/0x600 [ 23.534536] kunit_try_run_case+0x170/0x3f0 [ 23.535357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.535998] kthread+0x318/0x620 [ 23.536573] ret_from_fork+0x10/0x20 [ 23.537450] [ 23.537810] Freed by task 185: [ 23.538185] kasan_save_stack+0x3c/0x68 [ 23.538592] kasan_save_track+0x20/0x40 [ 23.539583] kasan_save_free_info+0x4c/0x78 [ 23.540147] __kasan_slab_free+0x6c/0x98 [ 23.540633] kfree+0x214/0x3c8 [ 23.541800] ksize_uaf+0x11c/0x600 [ 23.542297] kunit_try_run_case+0x170/0x3f0 [ 23.542823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.543491] kthread+0x318/0x620 [ 23.544053] ret_from_fork+0x10/0x20 [ 23.544714] [ 23.544975] The buggy address belongs to the object at fff00000c6331c00 [ 23.544975] which belongs to the cache kmalloc-128 of size 128 [ 23.546474] The buggy address is located 120 bytes inside of [ 23.546474] freed 128-byte region [fff00000c6331c00, fff00000c6331c80) [ 23.547614] [ 23.547944] The buggy address belongs to the physical page: [ 23.548583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 23.549405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.550571] page_type: f5(slab) [ 23.551447] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.552230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.553007] page dumped because: kasan: bad access detected [ 23.553844] [ 23.554152] Memory state around the buggy address: [ 23.554673] fff00000c6331b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.555410] fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.556193] >fff00000c6331c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.556915] ^ [ 23.558305] fff00000c6331c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.559039] fff00000c6331d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.559731] ================================================================== [ 23.474200] ================================================================== [ 23.475063] BUG: KASAN: slab-use-after-free in ksize_uaf+0x59c/0x600 [ 23.475596] Read of size 1 at addr fff00000c6331c00 by task kunit_try_catch/185 [ 23.476240] [ 23.476581] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.476766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.476837] Hardware name: linux,dummy-virt (DT) [ 23.476961] Call trace: [ 23.477116] show_stack+0x20/0x38 (C) [ 23.477265] dump_stack_lvl+0x8c/0xd0 [ 23.477424] print_report+0x118/0x608 [ 23.477591] kasan_report+0xdc/0x128 [ 23.477726] __asan_report_load1_noabort+0x20/0x30 [ 23.477866] ksize_uaf+0x59c/0x600 [ 23.478005] kunit_try_run_case+0x170/0x3f0 [ 23.478195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.478396] kthread+0x318/0x620 [ 23.478559] ret_from_fork+0x10/0x20 [ 23.478686] [ 23.484933] Allocated by task 185: [ 23.485516] kasan_save_stack+0x3c/0x68 [ 23.486074] kasan_save_track+0x20/0x40 [ 23.486465] kasan_save_alloc_info+0x40/0x58 [ 23.487877] __kasan_kmalloc+0xd4/0xd8 [ 23.488550] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.489046] ksize_uaf+0xb8/0x600 [ 23.489909] kunit_try_run_case+0x170/0x3f0 [ 23.490412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.491116] kthread+0x318/0x620 [ 23.491655] ret_from_fork+0x10/0x20 [ 23.492235] [ 23.492589] Freed by task 185: [ 23.493094] kasan_save_stack+0x3c/0x68 [ 23.493733] kasan_save_track+0x20/0x40 [ 23.494271] kasan_save_free_info+0x4c/0x78 [ 23.494817] __kasan_slab_free+0x6c/0x98 [ 23.495306] kfree+0x214/0x3c8 [ 23.495858] ksize_uaf+0x11c/0x600 [ 23.496332] kunit_try_run_case+0x170/0x3f0 [ 23.497075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.497691] kthread+0x318/0x620 [ 23.498502] ret_from_fork+0x10/0x20 [ 23.499252] [ 23.499613] The buggy address belongs to the object at fff00000c6331c00 [ 23.499613] which belongs to the cache kmalloc-128 of size 128 [ 23.500755] The buggy address is located 0 bytes inside of [ 23.500755] freed 128-byte region [fff00000c6331c00, fff00000c6331c80) [ 23.502979] [ 23.503219] The buggy address belongs to the physical page: [ 23.503652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 23.504467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.505690] page_type: f5(slab) [ 23.506591] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.507792] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.508867] page dumped because: kasan: bad access detected [ 23.510351] [ 23.510647] Memory state around the buggy address: [ 23.511128] fff00000c6331b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.511786] fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.512610] >fff00000c6331c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.513595] ^ [ 23.514192] fff00000c6331c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.514767] fff00000c6331d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.515509] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 23.349541] ================================================================== [ 23.350564] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x750 [ 23.351951] Read of size 1 at addr fff00000c6414278 by task kunit_try_catch/183 [ 23.352664] [ 23.353367] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.353706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.353790] Hardware name: linux,dummy-virt (DT) [ 23.353873] Call trace: [ 23.353943] show_stack+0x20/0x38 (C) [ 23.354009] dump_stack_lvl+0x8c/0xd0 [ 23.354094] print_report+0x118/0x608 [ 23.354196] kasan_report+0xdc/0x128 [ 23.354261] __asan_report_load1_noabort+0x20/0x30 [ 23.354320] ksize_unpoisons_memory+0x628/0x750 [ 23.354378] kunit_try_run_case+0x170/0x3f0 [ 23.354438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.354502] kthread+0x318/0x620 [ 23.354558] ret_from_fork+0x10/0x20 [ 23.354615] [ 23.361417] Allocated by task 183: [ 23.362235] kasan_save_stack+0x3c/0x68 [ 23.362779] kasan_save_track+0x20/0x40 [ 23.363456] kasan_save_alloc_info+0x40/0x58 [ 23.364000] __kasan_kmalloc+0xd4/0xd8 [ 23.364596] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.365281] ksize_unpoisons_memory+0xc0/0x750 [ 23.366253] kunit_try_run_case+0x170/0x3f0 [ 23.366807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.367474] kthread+0x318/0x620 [ 23.368038] ret_from_fork+0x10/0x20 [ 23.368582] [ 23.368944] The buggy address belongs to the object at fff00000c6414200 [ 23.368944] which belongs to the cache kmalloc-128 of size 128 [ 23.370085] The buggy address is located 5 bytes to the right of [ 23.370085] allocated 115-byte region [fff00000c6414200, fff00000c6414273) [ 23.372319] [ 23.372751] The buggy address belongs to the physical page: [ 23.373667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 23.374518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.375220] page_type: f5(slab) [ 23.375585] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.376435] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.377245] page dumped because: kasan: bad access detected [ 23.377934] [ 23.378239] Memory state around the buggy address: [ 23.378736] fff00000c6414100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.379706] fff00000c6414180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.380584] >fff00000c6414200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.381624] ^ [ 23.382308] fff00000c6414280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.382924] fff00000c6414300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.383633] ================================================================== [ 23.312585] ================================================================== [ 23.314283] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x638/0x750 [ 23.314994] Read of size 1 at addr fff00000c6414273 by task kunit_try_catch/183 [ 23.316399] [ 23.316729] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.316994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.317093] Hardware name: linux,dummy-virt (DT) [ 23.317184] Call trace: [ 23.317395] show_stack+0x20/0x38 (C) [ 23.317500] dump_stack_lvl+0x8c/0xd0 [ 23.317564] print_report+0x118/0x608 [ 23.317623] kasan_report+0xdc/0x128 [ 23.317679] __asan_report_load1_noabort+0x20/0x30 [ 23.317740] ksize_unpoisons_memory+0x638/0x750 [ 23.317800] kunit_try_run_case+0x170/0x3f0 [ 23.317861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.317960] kthread+0x318/0x620 [ 23.318020] ret_from_fork+0x10/0x20 [ 23.318082] [ 23.324196] Allocated by task 183: [ 23.324748] kasan_save_stack+0x3c/0x68 [ 23.325537] kasan_save_track+0x20/0x40 [ 23.326124] kasan_save_alloc_info+0x40/0x58 [ 23.326975] __kasan_kmalloc+0xd4/0xd8 [ 23.327997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.328635] ksize_unpoisons_memory+0xc0/0x750 [ 23.329275] kunit_try_run_case+0x170/0x3f0 [ 23.329873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.330778] kthread+0x318/0x620 [ 23.331304] ret_from_fork+0x10/0x20 [ 23.331841] [ 23.332234] The buggy address belongs to the object at fff00000c6414200 [ 23.332234] which belongs to the cache kmalloc-128 of size 128 [ 23.333566] The buggy address is located 0 bytes to the right of [ 23.333566] allocated 115-byte region [fff00000c6414200, fff00000c6414273) [ 23.334853] [ 23.335283] The buggy address belongs to the physical page: [ 23.336311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 23.337231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.337868] page_type: f5(slab) [ 23.338879] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.339673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.340488] page dumped because: kasan: bad access detected [ 23.341245] [ 23.341924] Memory state around the buggy address: [ 23.342553] fff00000c6414100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.343585] fff00000c6414180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.344398] >fff00000c6414200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.345357] ^ [ 23.346080] fff00000c6414280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.346867] fff00000c6414300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.347624] ================================================================== [ 23.385185] ================================================================== [ 23.386277] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x6a0/0x750 [ 23.387071] Read of size 1 at addr fff00000c641427f by task kunit_try_catch/183 [ 23.387825] [ 23.389237] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.389756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.389815] Hardware name: linux,dummy-virt (DT) [ 23.389859] Call trace: [ 23.389911] show_stack+0x20/0x38 (C) [ 23.389981] dump_stack_lvl+0x8c/0xd0 [ 23.390041] print_report+0x118/0x608 [ 23.390100] kasan_report+0xdc/0x128 [ 23.390159] __asan_report_load1_noabort+0x20/0x30 [ 23.390234] ksize_unpoisons_memory+0x6a0/0x750 [ 23.390294] kunit_try_run_case+0x170/0x3f0 [ 23.390353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.390420] kthread+0x318/0x620 [ 23.390477] ret_from_fork+0x10/0x20 [ 23.390537] [ 23.396482] Allocated by task 183: [ 23.397228] kasan_save_stack+0x3c/0x68 [ 23.397807] kasan_save_track+0x20/0x40 [ 23.399149] kasan_save_alloc_info+0x40/0x58 [ 23.399661] __kasan_kmalloc+0xd4/0xd8 [ 23.400194] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.400763] ksize_unpoisons_memory+0xc0/0x750 [ 23.401596] kunit_try_run_case+0x170/0x3f0 [ 23.402168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.402837] kthread+0x318/0x620 [ 23.403316] ret_from_fork+0x10/0x20 [ 23.403843] [ 23.404168] The buggy address belongs to the object at fff00000c6414200 [ 23.404168] which belongs to the cache kmalloc-128 of size 128 [ 23.405258] The buggy address is located 12 bytes to the right of [ 23.405258] allocated 115-byte region [fff00000c6414200, fff00000c6414273) [ 23.407082] [ 23.407415] The buggy address belongs to the physical page: [ 23.408000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 23.408706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.409595] page_type: f5(slab) [ 23.410312] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.411052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.411766] page dumped because: kasan: bad access detected [ 23.412354] [ 23.412632] Memory state around the buggy address: [ 23.413558] fff00000c6414100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.414322] fff00000c6414180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.415216] >fff00000c6414200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.415806] ^ [ 23.416577] fff00000c6414280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.417312] fff00000c6414300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.418019] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 23.251936] ================================================================== [ 23.253477] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 23.255272] Free of addr fff00000c596b720 by task kunit_try_catch/181 [ 23.255918] [ 23.256254] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.256383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.256417] Hardware name: linux,dummy-virt (DT) [ 23.256495] Call trace: [ 23.256556] show_stack+0x20/0x38 (C) [ 23.256699] dump_stack_lvl+0x8c/0xd0 [ 23.256830] print_report+0x118/0x608 [ 23.256938] kasan_report_invalid_free+0xc0/0xe8 [ 23.257052] check_slab_allocation+0xd4/0x108 [ 23.257182] __kasan_slab_pre_free+0x2c/0x48 [ 23.257307] kfree+0xe8/0x3c8 [ 23.257416] kfree_sensitive+0x3c/0xb0 [ 23.257538] kmalloc_double_kzfree+0x168/0x308 [ 23.257655] kunit_try_run_case+0x170/0x3f0 [ 23.257767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.257921] kthread+0x318/0x620 [ 23.257989] ret_from_fork+0x10/0x20 [ 23.258049] [ 23.266496] Allocated by task 181: [ 23.266965] kasan_save_stack+0x3c/0x68 [ 23.267535] kasan_save_track+0x20/0x40 [ 23.268147] kasan_save_alloc_info+0x40/0x58 [ 23.268737] __kasan_kmalloc+0xd4/0xd8 [ 23.269400] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.270263] kmalloc_double_kzfree+0xb8/0x308 [ 23.270992] kunit_try_run_case+0x170/0x3f0 [ 23.271561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272309] kthread+0x318/0x620 [ 23.272850] ret_from_fork+0x10/0x20 [ 23.273992] [ 23.274342] Freed by task 181: [ 23.274830] kasan_save_stack+0x3c/0x68 [ 23.275398] kasan_save_track+0x20/0x40 [ 23.275996] kasan_save_free_info+0x4c/0x78 [ 23.276570] __kasan_slab_free+0x6c/0x98 [ 23.277433] kfree+0x214/0x3c8 [ 23.278385] kfree_sensitive+0x80/0xb0 [ 23.279025] kmalloc_double_kzfree+0x11c/0x308 [ 23.279669] kunit_try_run_case+0x170/0x3f0 [ 23.280196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.280826] kthread+0x318/0x620 [ 23.281723] ret_from_fork+0x10/0x20 [ 23.282140] [ 23.282476] The buggy address belongs to the object at fff00000c596b720 [ 23.282476] which belongs to the cache kmalloc-16 of size 16 [ 23.283580] The buggy address is located 0 bytes inside of [ 23.283580] 16-byte region [fff00000c596b720, fff00000c596b730) [ 23.284626] [ 23.284962] The buggy address belongs to the physical page: [ 23.285541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 23.286444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.287848] page_type: f5(slab) [ 23.288340] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.289093] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.289859] page dumped because: kasan: bad access detected [ 23.290849] [ 23.291098] Memory state around the buggy address: [ 23.291535] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 23.292317] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 23.293475] >fff00000c596b700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 23.294369] ^ [ 23.295013] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.295817] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.296626] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 23.205637] ================================================================== [ 23.207001] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 23.207818] Read of size 1 at addr fff00000c596b720 by task kunit_try_catch/181 [ 23.208484] [ 23.208823] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.209846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.209929] Hardware name: linux,dummy-virt (DT) [ 23.209972] Call trace: [ 23.210001] show_stack+0x20/0x38 (C) [ 23.210065] dump_stack_lvl+0x8c/0xd0 [ 23.210124] print_report+0x118/0x608 [ 23.210193] kasan_report+0xdc/0x128 [ 23.210250] __kasan_check_byte+0x54/0x70 [ 23.210308] kfree_sensitive+0x30/0xb0 [ 23.210367] kmalloc_double_kzfree+0x168/0x308 [ 23.210423] kunit_try_run_case+0x170/0x3f0 [ 23.210480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.210543] kthread+0x318/0x620 [ 23.210596] ret_from_fork+0x10/0x20 [ 23.210656] [ 23.217804] Allocated by task 181: [ 23.218594] kasan_save_stack+0x3c/0x68 [ 23.219158] kasan_save_track+0x20/0x40 [ 23.219732] kasan_save_alloc_info+0x40/0x58 [ 23.220415] __kasan_kmalloc+0xd4/0xd8 [ 23.220958] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.222629] kmalloc_double_kzfree+0xb8/0x308 [ 23.223337] kunit_try_run_case+0x170/0x3f0 [ 23.224467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.225507] kthread+0x318/0x620 [ 23.226053] ret_from_fork+0x10/0x20 [ 23.226697] [ 23.226935] Freed by task 181: [ 23.227239] kasan_save_stack+0x3c/0x68 [ 23.227797] kasan_save_track+0x20/0x40 [ 23.228386] kasan_save_free_info+0x4c/0x78 [ 23.228956] __kasan_slab_free+0x6c/0x98 [ 23.230424] kfree+0x214/0x3c8 [ 23.230868] kfree_sensitive+0x80/0xb0 [ 23.231377] kmalloc_double_kzfree+0x11c/0x308 [ 23.232002] kunit_try_run_case+0x170/0x3f0 [ 23.232818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.233921] kthread+0x318/0x620 [ 23.234700] ret_from_fork+0x10/0x20 [ 23.235200] [ 23.235491] The buggy address belongs to the object at fff00000c596b720 [ 23.235491] which belongs to the cache kmalloc-16 of size 16 [ 23.236501] The buggy address is located 0 bytes inside of [ 23.236501] freed 16-byte region [fff00000c596b720, fff00000c596b730) [ 23.238246] [ 23.238545] The buggy address belongs to the physical page: [ 23.239131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 23.240247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.240993] page_type: f5(slab) [ 23.241467] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.242255] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.243608] page dumped because: kasan: bad access detected [ 23.244086] [ 23.244334] Memory state around the buggy address: [ 23.244792] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 23.245906] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 23.246554] >fff00000c596b700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 23.248337] ^ [ 23.248873] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.249593] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.250348] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 23.149070] ================================================================== [ 23.150015] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 23.150643] Read of size 1 at addr fff00000c637c1a8 by task kunit_try_catch/177 [ 23.151330] [ 23.151631] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.151841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.151936] Hardware name: linux,dummy-virt (DT) [ 23.152024] Call trace: [ 23.152085] show_stack+0x20/0x38 (C) [ 23.152224] dump_stack_lvl+0x8c/0xd0 [ 23.152369] print_report+0x118/0x608 [ 23.152504] kasan_report+0xdc/0x128 [ 23.152647] __asan_report_load1_noabort+0x20/0x30 [ 23.152794] kmalloc_uaf2+0x3f4/0x468 [ 23.152942] kunit_try_run_case+0x170/0x3f0 [ 23.153081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.153226] kthread+0x318/0x620 [ 23.153353] ret_from_fork+0x10/0x20 [ 23.153542] [ 23.159694] Allocated by task 177: [ 23.160099] kasan_save_stack+0x3c/0x68 [ 23.160730] kasan_save_track+0x20/0x40 [ 23.162188] kasan_save_alloc_info+0x40/0x58 [ 23.162795] __kasan_kmalloc+0xd4/0xd8 [ 23.163356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.164111] kmalloc_uaf2+0xc4/0x468 [ 23.164548] kunit_try_run_case+0x170/0x3f0 [ 23.165052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.165698] kthread+0x318/0x620 [ 23.166357] ret_from_fork+0x10/0x20 [ 23.167078] [ 23.167370] Freed by task 177: [ 23.167993] kasan_save_stack+0x3c/0x68 [ 23.168633] kasan_save_track+0x20/0x40 [ 23.169252] kasan_save_free_info+0x4c/0x78 [ 23.169991] __kasan_slab_free+0x6c/0x98 [ 23.170451] kfree+0x214/0x3c8 [ 23.170939] kmalloc_uaf2+0x134/0x468 [ 23.171534] kunit_try_run_case+0x170/0x3f0 [ 23.172101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.172790] kthread+0x318/0x620 [ 23.173438] ret_from_fork+0x10/0x20 [ 23.173853] [ 23.174296] The buggy address belongs to the object at fff00000c637c180 [ 23.174296] which belongs to the cache kmalloc-64 of size 64 [ 23.175954] The buggy address is located 40 bytes inside of [ 23.175954] freed 64-byte region [fff00000c637c180, fff00000c637c1c0) [ 23.177787] [ 23.178056] The buggy address belongs to the physical page: [ 23.179402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637c [ 23.180452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.181026] page_type: f5(slab) [ 23.181402] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.182308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.183023] page dumped because: kasan: bad access detected [ 23.183642] [ 23.184012] Memory state around the buggy address: [ 23.184600] fff00000c637c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.185345] fff00000c637c100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.186034] >fff00000c637c180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.186824] ^ [ 23.187540] fff00000c637c200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 23.188356] fff00000c637c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.189166] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 23.096582] ================================================================== [ 23.097545] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 23.098495] Write of size 33 at addr fff00000c637c080 by task kunit_try_catch/175 [ 23.099141] [ 23.099506] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.099730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.099811] Hardware name: linux,dummy-virt (DT) [ 23.099915] Call trace: [ 23.099982] show_stack+0x20/0x38 (C) [ 23.100124] dump_stack_lvl+0x8c/0xd0 [ 23.100266] print_report+0x118/0x608 [ 23.100403] kasan_report+0xdc/0x128 [ 23.100542] kasan_check_range+0x100/0x1a8 [ 23.100677] __asan_memset+0x34/0x78 [ 23.100807] kmalloc_uaf_memset+0x170/0x310 [ 23.100949] kunit_try_run_case+0x170/0x3f0 [ 23.101119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.101275] kthread+0x318/0x620 [ 23.101341] ret_from_fork+0x10/0x20 [ 23.101403] [ 23.109048] Allocated by task 175: [ 23.109525] kasan_save_stack+0x3c/0x68 [ 23.110058] kasan_save_track+0x20/0x40 [ 23.110544] kasan_save_alloc_info+0x40/0x58 [ 23.111044] __kasan_kmalloc+0xd4/0xd8 [ 23.111613] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.112090] kmalloc_uaf_memset+0xb8/0x310 [ 23.112631] kunit_try_run_case+0x170/0x3f0 [ 23.114004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.114606] kthread+0x318/0x620 [ 23.115095] ret_from_fork+0x10/0x20 [ 23.115550] [ 23.115850] Freed by task 175: [ 23.116925] kasan_save_stack+0x3c/0x68 [ 23.117897] kasan_save_track+0x20/0x40 [ 23.118756] kasan_save_free_info+0x4c/0x78 [ 23.119250] __kasan_slab_free+0x6c/0x98 [ 23.119675] kfree+0x214/0x3c8 [ 23.120048] kmalloc_uaf_memset+0x11c/0x310 [ 23.120503] kunit_try_run_case+0x170/0x3f0 [ 23.121042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.122058] kthread+0x318/0x620 [ 23.122501] ret_from_fork+0x10/0x20 [ 23.122918] [ 23.123155] The buggy address belongs to the object at fff00000c637c080 [ 23.123155] which belongs to the cache kmalloc-64 of size 64 [ 23.125132] The buggy address is located 0 bytes inside of [ 23.125132] freed 64-byte region [fff00000c637c080, fff00000c637c0c0) [ 23.127053] [ 23.127376] The buggy address belongs to the physical page: [ 23.127807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637c [ 23.128533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.129438] page_type: f5(slab) [ 23.131038] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.131912] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.132825] page dumped because: kasan: bad access detected [ 23.133575] [ 23.133789] Memory state around the buggy address: [ 23.134207] fff00000c637bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.134726] fff00000c637c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.135286] >fff00000c637c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.135787] ^ [ 23.136762] fff00000c637c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.138533] fff00000c637c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139374] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 23.048400] ================================================================== [ 23.049586] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 23.050857] Read of size 1 at addr fff00000c570be88 by task kunit_try_catch/173 [ 23.051780] [ 23.052295] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.052548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.052611] Hardware name: linux,dummy-virt (DT) [ 23.052654] Call trace: [ 23.052682] show_stack+0x20/0x38 (C) [ 23.052751] dump_stack_lvl+0x8c/0xd0 [ 23.052810] print_report+0x118/0x608 [ 23.052868] kasan_report+0xdc/0x128 [ 23.052965] __asan_report_load1_noabort+0x20/0x30 [ 23.053075] kmalloc_uaf+0x300/0x338 [ 23.053232] kunit_try_run_case+0x170/0x3f0 [ 23.053364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.053490] kthread+0x318/0x620 [ 23.053598] ret_from_fork+0x10/0x20 [ 23.053716] [ 23.059857] Allocated by task 173: [ 23.060407] kasan_save_stack+0x3c/0x68 [ 23.061341] kasan_save_track+0x20/0x40 [ 23.061897] kasan_save_alloc_info+0x40/0x58 [ 23.062534] __kasan_kmalloc+0xd4/0xd8 [ 23.063083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.063707] kmalloc_uaf+0xb8/0x338 [ 23.064289] kunit_try_run_case+0x170/0x3f0 [ 23.064797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.065833] kthread+0x318/0x620 [ 23.066364] ret_from_fork+0x10/0x20 [ 23.066965] [ 23.067270] Freed by task 173: [ 23.067761] kasan_save_stack+0x3c/0x68 [ 23.068186] kasan_save_track+0x20/0x40 [ 23.068744] kasan_save_free_info+0x4c/0x78 [ 23.070270] __kasan_slab_free+0x6c/0x98 [ 23.070871] kfree+0x214/0x3c8 [ 23.071370] kmalloc_uaf+0x11c/0x338 [ 23.071964] kunit_try_run_case+0x170/0x3f0 [ 23.072520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.073425] kthread+0x318/0x620 [ 23.073997] ret_from_fork+0x10/0x20 [ 23.074703] [ 23.075046] The buggy address belongs to the object at fff00000c570be80 [ 23.075046] which belongs to the cache kmalloc-16 of size 16 [ 23.076039] The buggy address is located 8 bytes inside of [ 23.076039] freed 16-byte region [fff00000c570be80, fff00000c570be90) [ 23.077395] [ 23.078027] The buggy address belongs to the physical page: [ 23.078603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10570b [ 23.079424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.080125] page_type: f5(slab) [ 23.080598] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.081793] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.082530] page dumped because: kasan: bad access detected [ 23.082992] [ 23.083336] Memory state around the buggy address: [ 23.083859] fff00000c570bd80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.084555] fff00000c570be00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.085440] >fff00000c570be80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.086548] ^ [ 23.086878] fff00000c570bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.087655] fff00000c570bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.088295] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 22.991068] ================================================================== [ 22.992176] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e8 [ 22.992997] Read of size 64 at addr fff00000c64c9f04 by task kunit_try_catch/171 [ 22.994454] [ 22.994698] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.994803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.994835] Hardware name: linux,dummy-virt (DT) [ 22.994873] Call trace: [ 22.994954] show_stack+0x20/0x38 (C) [ 22.995453] dump_stack_lvl+0x8c/0xd0 [ 22.995604] print_report+0x118/0x608 [ 22.995734] kasan_report+0xdc/0x128 [ 22.995872] kasan_check_range+0x100/0x1a8 [ 22.996012] __asan_memmove+0x3c/0x98 [ 22.996127] kmalloc_memmove_invalid_size+0x154/0x2e8 [ 22.996248] kunit_try_run_case+0x170/0x3f0 [ 22.996369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.996480] kthread+0x318/0x620 [ 22.996536] ret_from_fork+0x10/0x20 [ 22.996599] [ 23.004815] Allocated by task 171: [ 23.005289] kasan_save_stack+0x3c/0x68 [ 23.005709] kasan_save_track+0x20/0x40 [ 23.006954] kasan_save_alloc_info+0x40/0x58 [ 23.007574] __kasan_kmalloc+0xd4/0xd8 [ 23.008012] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.008447] kmalloc_memmove_invalid_size+0xb0/0x2e8 [ 23.009467] kunit_try_run_case+0x170/0x3f0 [ 23.010066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.010697] kthread+0x318/0x620 [ 23.011168] ret_from_fork+0x10/0x20 [ 23.011655] [ 23.011965] The buggy address belongs to the object at fff00000c64c9f00 [ 23.011965] which belongs to the cache kmalloc-64 of size 64 [ 23.013022] The buggy address is located 4 bytes inside of [ 23.013022] allocated 64-byte region [fff00000c64c9f00, fff00000c64c9f40) [ 23.014382] [ 23.015551] The buggy address belongs to the physical page: [ 23.016048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c9 [ 23.016638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.018668] page_type: f5(slab) [ 23.019359] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 23.019960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.021292] page dumped because: kasan: bad access detected [ 23.022140] [ 23.023027] Memory state around the buggy address: [ 23.023793] fff00000c64c9e00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.024594] fff00000c64c9e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.025814] >fff00000c64c9f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 23.026552] ^ [ 23.027210] fff00000c64c9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.027794] fff00000c64ca000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.028598] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 22.948406] ================================================================== [ 22.949472] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 22.950457] Read of size 18446744073709551614 at addr fff00000c645b604 by task kunit_try_catch/169 [ 22.951945] [ 22.952247] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.952497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.952571] Hardware name: linux,dummy-virt (DT) [ 22.952692] Call trace: [ 22.952764] show_stack+0x20/0x38 (C) [ 22.952928] dump_stack_lvl+0x8c/0xd0 [ 22.953008] print_report+0x118/0x608 [ 22.953131] kasan_report+0xdc/0x128 [ 22.953252] kasan_check_range+0x100/0x1a8 [ 22.953361] __asan_memmove+0x3c/0x98 [ 22.953467] kmalloc_memmove_negative_size+0x154/0x2e0 [ 22.953590] kunit_try_run_case+0x170/0x3f0 [ 22.953708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.953825] kthread+0x318/0x620 [ 22.953951] ret_from_fork+0x10/0x20 [ 22.954089] [ 22.960333] Allocated by task 169: [ 22.960923] kasan_save_stack+0x3c/0x68 [ 22.961566] kasan_save_track+0x20/0x40 [ 22.962176] kasan_save_alloc_info+0x40/0x58 [ 22.962854] __kasan_kmalloc+0xd4/0xd8 [ 22.963301] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.963981] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 22.964661] kunit_try_run_case+0x170/0x3f0 [ 22.965171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.965798] kthread+0x318/0x620 [ 22.966356] ret_from_fork+0x10/0x20 [ 22.966922] [ 22.967197] The buggy address belongs to the object at fff00000c645b600 [ 22.967197] which belongs to the cache kmalloc-64 of size 64 [ 22.968548] The buggy address is located 4 bytes inside of [ 22.968548] 64-byte region [fff00000c645b600, fff00000c645b640) [ 22.969627] [ 22.969998] The buggy address belongs to the physical page: [ 22.970656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10645b [ 22.971613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.972358] page_type: f5(slab) [ 22.972907] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.973678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.974350] page dumped because: kasan: bad access detected [ 22.975060] [ 22.976150] Memory state around the buggy address: [ 22.976605] fff00000c645b500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.977339] fff00000c645b580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.978300] >fff00000c645b600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.978988] ^ [ 22.979677] fff00000c645b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.980493] fff00000c645b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.981435] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 22.903344] ================================================================== [ 22.904382] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 22.905074] Write of size 16 at addr fff00000c6414169 by task kunit_try_catch/167 [ 22.906365] [ 22.906639] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.906819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.906898] Hardware name: linux,dummy-virt (DT) [ 22.906977] Call trace: [ 22.907039] show_stack+0x20/0x38 (C) [ 22.907160] dump_stack_lvl+0x8c/0xd0 [ 22.907282] print_report+0x118/0x608 [ 22.907410] kasan_report+0xdc/0x128 [ 22.907538] kasan_check_range+0x100/0x1a8 [ 22.907663] __asan_memset+0x34/0x78 [ 22.907785] kmalloc_oob_memset_16+0x150/0x2f8 [ 22.908012] kunit_try_run_case+0x170/0x3f0 [ 22.908156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.908381] kthread+0x318/0x620 [ 22.908489] ret_from_fork+0x10/0x20 [ 22.908552] [ 22.916242] Allocated by task 167: [ 22.916733] kasan_save_stack+0x3c/0x68 [ 22.917431] kasan_save_track+0x20/0x40 [ 22.917871] kasan_save_alloc_info+0x40/0x58 [ 22.919216] __kasan_kmalloc+0xd4/0xd8 [ 22.919685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.920452] kmalloc_oob_memset_16+0xb0/0x2f8 [ 22.921275] kunit_try_run_case+0x170/0x3f0 [ 22.922009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.922617] kthread+0x318/0x620 [ 22.923126] ret_from_fork+0x10/0x20 [ 22.923610] [ 22.923934] The buggy address belongs to the object at fff00000c6414100 [ 22.923934] which belongs to the cache kmalloc-128 of size 128 [ 22.925056] The buggy address is located 105 bytes inside of [ 22.925056] allocated 120-byte region [fff00000c6414100, fff00000c6414178) [ 22.926579] [ 22.926910] The buggy address belongs to the physical page: [ 22.927503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 22.928333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.929627] page_type: f5(slab) [ 22.929992] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.931102] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.931943] page dumped because: kasan: bad access detected [ 22.932540] [ 22.932876] Memory state around the buggy address: [ 22.933728] fff00000c6414000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.934429] fff00000c6414080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.935297] >fff00000c6414100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.936125] ^ [ 22.936823] fff00000c6414180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.937872] fff00000c6414200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.938610] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 22.860353] ================================================================== [ 22.861613] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 22.862274] Write of size 8 at addr fff00000c6414071 by task kunit_try_catch/165 [ 22.862930] [ 22.863314] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.863521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.863601] Hardware name: linux,dummy-virt (DT) [ 22.863687] Call trace: [ 22.863754] show_stack+0x20/0x38 (C) [ 22.863910] dump_stack_lvl+0x8c/0xd0 [ 22.864039] print_report+0x118/0x608 [ 22.864103] kasan_report+0xdc/0x128 [ 22.864158] kasan_check_range+0x100/0x1a8 [ 22.864279] __asan_memset+0x34/0x78 [ 22.864405] kmalloc_oob_memset_8+0x150/0x2f8 [ 22.864550] kunit_try_run_case+0x170/0x3f0 [ 22.864689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.864831] kthread+0x318/0x620 [ 22.864981] ret_from_fork+0x10/0x20 [ 22.865110] [ 22.871676] Allocated by task 165: [ 22.872198] kasan_save_stack+0x3c/0x68 [ 22.872741] kasan_save_track+0x20/0x40 [ 22.873270] kasan_save_alloc_info+0x40/0x58 [ 22.874622] __kasan_kmalloc+0xd4/0xd8 [ 22.875114] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.875685] kmalloc_oob_memset_8+0xb0/0x2f8 [ 22.876249] kunit_try_run_case+0x170/0x3f0 [ 22.876821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.878069] kthread+0x318/0x620 [ 22.878498] ret_from_fork+0x10/0x20 [ 22.879032] [ 22.879328] The buggy address belongs to the object at fff00000c6414000 [ 22.879328] which belongs to the cache kmalloc-128 of size 128 [ 22.880308] The buggy address is located 113 bytes inside of [ 22.880308] allocated 120-byte region [fff00000c6414000, fff00000c6414078) [ 22.881943] [ 22.882302] The buggy address belongs to the physical page: [ 22.882835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 22.883670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.884383] page_type: f5(slab) [ 22.884865] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.885959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.887148] page dumped because: kasan: bad access detected [ 22.887685] [ 22.888009] Memory state around the buggy address: [ 22.888569] fff00000c6413f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.889853] fff00000c6413f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.890556] >fff00000c6414000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.891231] ^ [ 22.892405] fff00000c6414080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.893014] fff00000c6414100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.893937] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 22.816097] ================================================================== [ 22.817246] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 22.818333] Write of size 4 at addr fff00000c614cf75 by task kunit_try_catch/163 [ 22.819180] [ 22.819527] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.819733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.819800] Hardware name: linux,dummy-virt (DT) [ 22.819878] Call trace: [ 22.819953] show_stack+0x20/0x38 (C) [ 22.820067] dump_stack_lvl+0x8c/0xd0 [ 22.820178] print_report+0x118/0x608 [ 22.820298] kasan_report+0xdc/0x128 [ 22.820429] kasan_check_range+0x100/0x1a8 [ 22.820555] __asan_memset+0x34/0x78 [ 22.820632] kmalloc_oob_memset_4+0x150/0x300 [ 22.820699] kunit_try_run_case+0x170/0x3f0 [ 22.820759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.820822] kthread+0x318/0x620 [ 22.820876] ret_from_fork+0x10/0x20 [ 22.821111] [ 22.829097] Allocated by task 163: [ 22.830114] kasan_save_stack+0x3c/0x68 [ 22.830860] kasan_save_track+0x20/0x40 [ 22.831515] kasan_save_alloc_info+0x40/0x58 [ 22.832012] __kasan_kmalloc+0xd4/0xd8 [ 22.832455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.833034] kmalloc_oob_memset_4+0xb0/0x300 [ 22.833587] kunit_try_run_case+0x170/0x3f0 [ 22.834376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.835166] kthread+0x318/0x620 [ 22.835911] ret_from_fork+0x10/0x20 [ 22.836835] [ 22.837164] The buggy address belongs to the object at fff00000c614cf00 [ 22.837164] which belongs to the cache kmalloc-128 of size 128 [ 22.838916] The buggy address is located 117 bytes inside of [ 22.838916] allocated 120-byte region [fff00000c614cf00, fff00000c614cf78) [ 22.840081] [ 22.840406] The buggy address belongs to the physical page: [ 22.841005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c [ 22.842586] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.843233] page_type: f5(slab) [ 22.843761] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.844568] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.845690] page dumped because: kasan: bad access detected [ 22.846224] [ 22.846796] Memory state around the buggy address: [ 22.847312] fff00000c614ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.847954] fff00000c614ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.848613] >fff00000c614cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.849322] ^ [ 22.850331] fff00000c614cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.851456] fff00000c614d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.852214] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 22.771951] ================================================================== [ 22.773460] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 22.774426] Write of size 2 at addr fff00000c614ce77 by task kunit_try_catch/161 [ 22.775799] [ 22.776195] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.776427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.776531] Hardware name: linux,dummy-virt (DT) [ 22.776613] Call trace: [ 22.776646] show_stack+0x20/0x38 (C) [ 22.776712] dump_stack_lvl+0x8c/0xd0 [ 22.776811] print_report+0x118/0x608 [ 22.776879] kasan_report+0xdc/0x128 [ 22.776971] kasan_check_range+0x100/0x1a8 [ 22.777075] __asan_memset+0x34/0x78 [ 22.777234] kmalloc_oob_memset_2+0x150/0x2f8 [ 22.777359] kunit_try_run_case+0x170/0x3f0 [ 22.777424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.777488] kthread+0x318/0x620 [ 22.777542] ret_from_fork+0x10/0x20 [ 22.777600] [ 22.784960] Allocated by task 161: [ 22.786052] kasan_save_stack+0x3c/0x68 [ 22.786988] kasan_save_track+0x20/0x40 [ 22.787462] kasan_save_alloc_info+0x40/0x58 [ 22.787850] __kasan_kmalloc+0xd4/0xd8 [ 22.788451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.789166] kmalloc_oob_memset_2+0xb0/0x2f8 [ 22.789688] kunit_try_run_case+0x170/0x3f0 [ 22.790337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.790988] kthread+0x318/0x620 [ 22.791540] ret_from_fork+0x10/0x20 [ 22.792088] [ 22.792458] The buggy address belongs to the object at fff00000c614ce00 [ 22.792458] which belongs to the cache kmalloc-128 of size 128 [ 22.793834] The buggy address is located 119 bytes inside of [ 22.793834] allocated 120-byte region [fff00000c614ce00, fff00000c614ce78) [ 22.795030] [ 22.795378] The buggy address belongs to the physical page: [ 22.796094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c [ 22.796953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.797831] page_type: f5(slab) [ 22.798333] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.799104] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.799969] page dumped because: kasan: bad access detected [ 22.800610] [ 22.800944] Memory state around the buggy address: [ 22.801642] fff00000c614cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.802437] fff00000c614cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.803239] >fff00000c614ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.804047] ^ [ 22.804802] fff00000c614ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.805775] fff00000c614cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.806777] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 22.721424] ================================================================== [ 22.722609] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 22.724208] Write of size 128 at addr fff00000c614cd00 by task kunit_try_catch/159 [ 22.724945] [ 22.725435] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.725699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.725767] Hardware name: linux,dummy-virt (DT) [ 22.725846] Call trace: [ 22.725923] show_stack+0x20/0x38 (C) [ 22.726044] dump_stack_lvl+0x8c/0xd0 [ 22.726177] print_report+0x118/0x608 [ 22.726290] kasan_report+0xdc/0x128 [ 22.726396] kasan_check_range+0x100/0x1a8 [ 22.726505] __asan_memset+0x34/0x78 [ 22.726620] kmalloc_oob_in_memset+0x144/0x2d0 [ 22.726754] kunit_try_run_case+0x170/0x3f0 [ 22.726911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.727059] kthread+0x318/0x620 [ 22.727168] ret_from_fork+0x10/0x20 [ 22.727232] [ 22.734939] Allocated by task 159: [ 22.735494] kasan_save_stack+0x3c/0x68 [ 22.736127] kasan_save_track+0x20/0x40 [ 22.736627] kasan_save_alloc_info+0x40/0x58 [ 22.737168] __kasan_kmalloc+0xd4/0xd8 [ 22.737659] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.738288] kmalloc_oob_in_memset+0xb0/0x2d0 [ 22.738974] kunit_try_run_case+0x170/0x3f0 [ 22.739474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.740101] kthread+0x318/0x620 [ 22.740604] ret_from_fork+0x10/0x20 [ 22.741100] [ 22.741464] The buggy address belongs to the object at fff00000c614cd00 [ 22.741464] which belongs to the cache kmalloc-128 of size 128 [ 22.742698] The buggy address is located 0 bytes inside of [ 22.742698] allocated 120-byte region [fff00000c614cd00, fff00000c614cd78) [ 22.744512] [ 22.744814] The buggy address belongs to the physical page: [ 22.745787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c [ 22.746554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.747581] page_type: f5(slab) [ 22.748053] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.748606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.750978] page dumped because: kasan: bad access detected [ 22.751417] [ 22.751729] Memory state around the buggy address: [ 22.753048] fff00000c614cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.755231] fff00000c614cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.757456] >fff00000c614cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.758103] ^ [ 22.758817] fff00000c614cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.760550] fff00000c614ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.762241] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 22.671160] ================================================================== [ 22.672107] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 22.672809] Read of size 16 at addr fff00000c570be60 by task kunit_try_catch/157 [ 22.673539] [ 22.673900] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.674114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.674199] Hardware name: linux,dummy-virt (DT) [ 22.674284] Call trace: [ 22.674347] show_stack+0x20/0x38 (C) [ 22.674489] dump_stack_lvl+0x8c/0xd0 [ 22.674625] print_report+0x118/0x608 [ 22.674763] kasan_report+0xdc/0x128 [ 22.674951] __asan_report_load16_noabort+0x20/0x30 [ 22.675081] kmalloc_uaf_16+0x3bc/0x438 [ 22.675234] kunit_try_run_case+0x170/0x3f0 [ 22.675354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.675478] kthread+0x318/0x620 [ 22.675572] ret_from_fork+0x10/0x20 [ 22.675636] [ 22.682904] Allocated by task 157: [ 22.683514] kasan_save_stack+0x3c/0x68 [ 22.684108] kasan_save_track+0x20/0x40 [ 22.684537] kasan_save_alloc_info+0x40/0x58 [ 22.685311] __kasan_kmalloc+0xd4/0xd8 [ 22.685859] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.686595] kmalloc_uaf_16+0x140/0x438 [ 22.687566] kunit_try_run_case+0x170/0x3f0 [ 22.688182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.688854] kthread+0x318/0x620 [ 22.689792] ret_from_fork+0x10/0x20 [ 22.690322] [ 22.690683] Freed by task 157: [ 22.691101] kasan_save_stack+0x3c/0x68 [ 22.691680] kasan_save_track+0x20/0x40 [ 22.692095] kasan_save_free_info+0x4c/0x78 [ 22.692634] __kasan_slab_free+0x6c/0x98 [ 22.693249] kfree+0x214/0x3c8 [ 22.694104] kmalloc_uaf_16+0x190/0x438 [ 22.694556] kunit_try_run_case+0x170/0x3f0 [ 22.695114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.695639] kthread+0x318/0x620 [ 22.696150] ret_from_fork+0x10/0x20 [ 22.696722] [ 22.697068] The buggy address belongs to the object at fff00000c570be60 [ 22.697068] which belongs to the cache kmalloc-16 of size 16 [ 22.698594] The buggy address is located 0 bytes inside of [ 22.698594] freed 16-byte region [fff00000c570be60, fff00000c570be70) [ 22.699662] [ 22.699978] The buggy address belongs to the physical page: [ 22.700613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10570b [ 22.701419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.702483] page_type: f5(slab) [ 22.702949] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.703695] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.704450] page dumped because: kasan: bad access detected [ 22.705378] [ 22.705650] Memory state around the buggy address: [ 22.706234] fff00000c570bd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.706958] fff00000c570bd80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.707642] >fff00000c570be00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 22.708384] ^ [ 22.709076] fff00000c570be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.709780] fff00000c570bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.710825] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 22.625590] ================================================================== [ 22.626600] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 22.628843] Write of size 16 at addr fff00000c570be00 by task kunit_try_catch/155 [ 22.629506] [ 22.629818] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.630036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.630111] Hardware name: linux,dummy-virt (DT) [ 22.630211] Call trace: [ 22.630278] show_stack+0x20/0x38 (C) [ 22.630423] dump_stack_lvl+0x8c/0xd0 [ 22.630548] print_report+0x118/0x608 [ 22.630675] kasan_report+0xdc/0x128 [ 22.630811] __asan_report_store16_noabort+0x20/0x30 [ 22.631743] kmalloc_oob_16+0x3a0/0x3f8 [ 22.631810] kunit_try_run_case+0x170/0x3f0 [ 22.631872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.631970] kthread+0x318/0x620 [ 22.632027] ret_from_fork+0x10/0x20 [ 22.632086] [ 22.640413] Allocated by task 155: [ 22.640926] kasan_save_stack+0x3c/0x68 [ 22.641483] kasan_save_track+0x20/0x40 [ 22.642464] kasan_save_alloc_info+0x40/0x58 [ 22.643287] __kasan_kmalloc+0xd4/0xd8 [ 22.643947] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.644604] kmalloc_oob_16+0xb4/0x3f8 [ 22.645497] kunit_try_run_case+0x170/0x3f0 [ 22.646225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.647028] kthread+0x318/0x620 [ 22.647498] ret_from_fork+0x10/0x20 [ 22.648046] [ 22.648357] The buggy address belongs to the object at fff00000c570be00 [ 22.648357] which belongs to the cache kmalloc-16 of size 16 [ 22.649452] The buggy address is located 0 bytes inside of [ 22.649452] allocated 13-byte region [fff00000c570be00, fff00000c570be0d) [ 22.651233] [ 22.651502] The buggy address belongs to the physical page: [ 22.651964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10570b [ 22.652751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.654066] page_type: f5(slab) [ 22.654501] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.655273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.656086] page dumped because: kasan: bad access detected [ 22.656634] [ 22.656973] Memory state around the buggy address: [ 22.658277] fff00000c570bd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.659023] fff00000c570bd80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.659769] >fff00000c570be00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.660954] ^ [ 22.661740] fff00000c570be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.662472] fff00000c570bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.663202] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 22.519765] ================================================================== [ 22.520899] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 22.521940] Read of size 1 at addr fff00000c44c0200 by task kunit_try_catch/153 [ 22.523195] [ 22.523551] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.523757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.523832] Hardware name: linux,dummy-virt (DT) [ 22.523934] Call trace: [ 22.524002] show_stack+0x20/0x38 (C) [ 22.524134] dump_stack_lvl+0x8c/0xd0 [ 22.524211] print_report+0x118/0x608 [ 22.524269] kasan_report+0xdc/0x128 [ 22.524323] __kasan_check_byte+0x54/0x70 [ 22.524378] krealloc_noprof+0x44/0x360 [ 22.524434] krealloc_uaf+0x180/0x520 [ 22.524486] kunit_try_run_case+0x170/0x3f0 [ 22.524540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.524600] kthread+0x318/0x620 [ 22.524653] ret_from_fork+0x10/0x20 [ 22.524710] [ 22.531830] Allocated by task 153: [ 22.532297] kasan_save_stack+0x3c/0x68 [ 22.532808] kasan_save_track+0x20/0x40 [ 22.533402] kasan_save_alloc_info+0x40/0x58 [ 22.534930] __kasan_kmalloc+0xd4/0xd8 [ 22.535515] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.536091] krealloc_uaf+0xc8/0x520 [ 22.536620] kunit_try_run_case+0x170/0x3f0 [ 22.537941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.538496] kthread+0x318/0x620 [ 22.539476] ret_from_fork+0x10/0x20 [ 22.539934] [ 22.540243] Freed by task 153: [ 22.540638] kasan_save_stack+0x3c/0x68 [ 22.541383] kasan_save_track+0x20/0x40 [ 22.541941] kasan_save_free_info+0x4c/0x78 [ 22.542538] __kasan_slab_free+0x6c/0x98 [ 22.543180] kfree+0x214/0x3c8 [ 22.543736] krealloc_uaf+0x12c/0x520 [ 22.544318] kunit_try_run_case+0x170/0x3f0 [ 22.544943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.545942] kthread+0x318/0x620 [ 22.546428] ret_from_fork+0x10/0x20 [ 22.547015] [ 22.547359] The buggy address belongs to the object at fff00000c44c0200 [ 22.547359] which belongs to the cache kmalloc-256 of size 256 [ 22.548714] The buggy address is located 0 bytes inside of [ 22.548714] freed 256-byte region [fff00000c44c0200, fff00000c44c0300) [ 22.550138] [ 22.550470] The buggy address belongs to the physical page: [ 22.551113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044c0 [ 22.551989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.552375] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.552696] page_type: f5(slab) [ 22.552945] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.554005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.554852] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.555717] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.556481] head: 0bfffe0000000001 ffffc1ffc3113001 ffffffffffffffff 0000000000000000 [ 22.557520] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.559159] page dumped because: kasan: bad access detected [ 22.559749] [ 22.560070] Memory state around the buggy address: [ 22.560654] fff00000c44c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.561545] fff00000c44c0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.562354] >fff00000c44c0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.563552] ^ [ 22.564235] fff00000c44c0280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.564963] fff00000c44c0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.566302] ================================================================== [ 22.568613] ================================================================== [ 22.569741] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 22.571429] Read of size 1 at addr fff00000c44c0200 by task kunit_try_catch/153 [ 22.572407] [ 22.572811] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.573058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.573135] Hardware name: linux,dummy-virt (DT) [ 22.573241] Call trace: [ 22.573308] show_stack+0x20/0x38 (C) [ 22.573455] dump_stack_lvl+0x8c/0xd0 [ 22.573523] print_report+0x118/0x608 [ 22.573581] kasan_report+0xdc/0x128 [ 22.573637] __asan_report_load1_noabort+0x20/0x30 [ 22.573693] krealloc_uaf+0x4c8/0x520 [ 22.573746] kunit_try_run_case+0x170/0x3f0 [ 22.573802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.573863] kthread+0x318/0x620 [ 22.573949] ret_from_fork+0x10/0x20 [ 22.574009] [ 22.579951] Allocated by task 153: [ 22.580345] kasan_save_stack+0x3c/0x68 [ 22.580964] kasan_save_track+0x20/0x40 [ 22.581758] kasan_save_alloc_info+0x40/0x58 [ 22.582381] __kasan_kmalloc+0xd4/0xd8 [ 22.582824] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.583461] krealloc_uaf+0xc8/0x520 [ 22.583963] kunit_try_run_case+0x170/0x3f0 [ 22.584492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.585382] kthread+0x318/0x620 [ 22.585857] ret_from_fork+0x10/0x20 [ 22.586456] [ 22.586751] Freed by task 153: [ 22.587160] kasan_save_stack+0x3c/0x68 [ 22.587679] kasan_save_track+0x20/0x40 [ 22.588236] kasan_save_free_info+0x4c/0x78 [ 22.588804] __kasan_slab_free+0x6c/0x98 [ 22.590757] kfree+0x214/0x3c8 [ 22.591256] krealloc_uaf+0x12c/0x520 [ 22.591747] kunit_try_run_case+0x170/0x3f0 [ 22.592270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.592873] kthread+0x318/0x620 [ 22.593671] ret_from_fork+0x10/0x20 [ 22.594271] [ 22.594567] The buggy address belongs to the object at fff00000c44c0200 [ 22.594567] which belongs to the cache kmalloc-256 of size 256 [ 22.595647] The buggy address is located 0 bytes inside of [ 22.595647] freed 256-byte region [fff00000c44c0200, fff00000c44c0300) [ 22.596693] [ 22.597318] The buggy address belongs to the physical page: [ 22.598685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044c0 [ 22.599365] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.600074] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.600866] page_type: f5(slab) [ 22.601598] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.602331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.603113] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.603914] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.604633] head: 0bfffe0000000001 ffffc1ffc3113001 ffffffffffffffff 0000000000000000 [ 22.605489] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.606505] page dumped because: kasan: bad access detected [ 22.607156] [ 22.607464] Memory state around the buggy address: [ 22.608020] fff00000c44c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.608673] fff00000c44c0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.609746] >fff00000c44c0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.610462] ^ [ 22.610846] fff00000c44c0280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.612182] fff00000c44c0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.612693] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 22.383086] ================================================================== [ 22.383786] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 22.384767] Write of size 1 at addr fff00000c64a60d0 by task kunit_try_catch/151 [ 22.385914] [ 22.386284] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.386502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.386579] Hardware name: linux,dummy-virt (DT) [ 22.386664] Call trace: [ 22.386732] show_stack+0x20/0x38 (C) [ 22.386868] dump_stack_lvl+0x8c/0xd0 [ 22.386972] print_report+0x118/0x608 [ 22.387031] kasan_report+0xdc/0x128 [ 22.387088] __asan_report_store1_noabort+0x20/0x30 [ 22.387147] krealloc_less_oob_helper+0xb9c/0xc50 [ 22.387206] krealloc_large_less_oob+0x20/0x38 [ 22.387264] kunit_try_run_case+0x170/0x3f0 [ 22.387326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.387389] kthread+0x318/0x620 [ 22.387446] ret_from_fork+0x10/0x20 [ 22.387505] [ 22.394844] The buggy address belongs to the physical page: [ 22.395508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.396286] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.397934] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.398693] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.399480] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.400257] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.401315] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.402070] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.402858] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.404154] page dumped because: kasan: bad access detected [ 22.404736] [ 22.405978] Memory state around the buggy address: [ 22.406523] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.407311] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.408139] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.408827] ^ [ 22.409487] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.410776] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.411468] ================================================================== [ 22.187112] ================================================================== [ 22.187910] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 22.188726] Write of size 1 at addr fff00000c4755cea by task kunit_try_catch/147 [ 22.189416] [ 22.190962] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.191175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.191242] Hardware name: linux,dummy-virt (DT) [ 22.191282] Call trace: [ 22.191311] show_stack+0x20/0x38 (C) [ 22.191377] dump_stack_lvl+0x8c/0xd0 [ 22.191435] print_report+0x118/0x608 [ 22.191493] kasan_report+0xdc/0x128 [ 22.191548] __asan_report_store1_noabort+0x20/0x30 [ 22.191605] krealloc_less_oob_helper+0xae4/0xc50 [ 22.191663] krealloc_less_oob+0x20/0x38 [ 22.191718] kunit_try_run_case+0x170/0x3f0 [ 22.191774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.191836] kthread+0x318/0x620 [ 22.191917] ret_from_fork+0x10/0x20 [ 22.191983] [ 22.200182] Allocated by task 147: [ 22.200674] kasan_save_stack+0x3c/0x68 [ 22.202109] kasan_save_track+0x20/0x40 [ 22.202610] kasan_save_alloc_info+0x40/0x58 [ 22.203155] __kasan_krealloc+0x118/0x178 [ 22.203669] krealloc_noprof+0x128/0x360 [ 22.204204] krealloc_less_oob_helper+0x168/0xc50 [ 22.204749] krealloc_less_oob+0x20/0x38 [ 22.205791] kunit_try_run_case+0x170/0x3f0 [ 22.206351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.207034] kthread+0x318/0x620 [ 22.207504] ret_from_fork+0x10/0x20 [ 22.208056] [ 22.208383] The buggy address belongs to the object at fff00000c4755c00 [ 22.208383] which belongs to the cache kmalloc-256 of size 256 [ 22.209772] The buggy address is located 33 bytes to the right of [ 22.209772] allocated 201-byte region [fff00000c4755c00, fff00000c4755cc9) [ 22.211740] [ 22.211908] The buggy address belongs to the physical page: [ 22.212166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104754 [ 22.212511] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.212834] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.214077] page_type: f5(slab) [ 22.214603] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.215462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.216372] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.217106] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.217989] head: 0bfffe0000000001 ffffc1ffc311d501 ffffffffffffffff 0000000000000000 [ 22.218603] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.220594] page dumped because: kasan: bad access detected [ 22.223007] [ 22.223465] Memory state around the buggy address: [ 22.225081] fff00000c4755b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.225872] fff00000c4755c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.228269] >fff00000c4755c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.228765] ^ [ 22.230227] fff00000c4755d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.230753] fff00000c4755d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.232680] ================================================================== [ 22.056523] ================================================================== [ 22.057728] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 22.058481] Write of size 1 at addr fff00000c4755cc9 by task kunit_try_catch/147 [ 22.059227] [ 22.059546] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.059761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.059838] Hardware name: linux,dummy-virt (DT) [ 22.059946] Call trace: [ 22.060016] show_stack+0x20/0x38 (C) [ 22.060153] dump_stack_lvl+0x8c/0xd0 [ 22.060271] print_report+0x118/0x608 [ 22.060382] kasan_report+0xdc/0x128 [ 22.060512] __asan_report_store1_noabort+0x20/0x30 [ 22.060652] krealloc_less_oob_helper+0xa48/0xc50 [ 22.060770] krealloc_less_oob+0x20/0x38 [ 22.060919] kunit_try_run_case+0x170/0x3f0 [ 22.061109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.061253] kthread+0x318/0x620 [ 22.061388] ret_from_fork+0x10/0x20 [ 22.061524] [ 22.068109] Allocated by task 147: [ 22.068592] kasan_save_stack+0x3c/0x68 [ 22.069551] kasan_save_track+0x20/0x40 [ 22.070132] kasan_save_alloc_info+0x40/0x58 [ 22.070757] __kasan_krealloc+0x118/0x178 [ 22.071234] krealloc_noprof+0x128/0x360 [ 22.071813] krealloc_less_oob_helper+0x168/0xc50 [ 22.072435] krealloc_less_oob+0x20/0x38 [ 22.072972] kunit_try_run_case+0x170/0x3f0 [ 22.074403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.075005] kthread+0x318/0x620 [ 22.075468] ret_from_fork+0x10/0x20 [ 22.075977] [ 22.076277] The buggy address belongs to the object at fff00000c4755c00 [ 22.076277] which belongs to the cache kmalloc-256 of size 256 [ 22.077787] The buggy address is located 0 bytes to the right of [ 22.077787] allocated 201-byte region [fff00000c4755c00, fff00000c4755cc9) [ 22.078998] [ 22.079329] The buggy address belongs to the physical page: [ 22.079910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104754 [ 22.080800] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.081952] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.082675] page_type: f5(slab) [ 22.083183] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.083957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.084721] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.085950] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.086692] head: 0bfffe0000000001 ffffc1ffc311d501 ffffffffffffffff 0000000000000000 [ 22.087423] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.088078] page dumped because: kasan: bad access detected [ 22.088680] [ 22.088982] Memory state around the buggy address: [ 22.089604] fff00000c4755b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.090286] fff00000c4755c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.091099] >fff00000c4755c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.091970] ^ [ 22.092545] fff00000c4755d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.093255] fff00000c4755d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.094099] ================================================================== [ 22.095828] ================================================================== [ 22.096679] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 22.097526] Write of size 1 at addr fff00000c4755cd0 by task kunit_try_catch/147 [ 22.098533] [ 22.098849] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.099070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.099146] Hardware name: linux,dummy-virt (DT) [ 22.099230] Call trace: [ 22.099293] show_stack+0x20/0x38 (C) [ 22.099421] dump_stack_lvl+0x8c/0xd0 [ 22.099540] print_report+0x118/0x608 [ 22.099707] kasan_report+0xdc/0x128 [ 22.099847] __asan_report_store1_noabort+0x20/0x30 [ 22.100017] krealloc_less_oob_helper+0xb9c/0xc50 [ 22.100160] krealloc_less_oob+0x20/0x38 [ 22.100290] kunit_try_run_case+0x170/0x3f0 [ 22.100406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.100524] kthread+0x318/0x620 [ 22.100629] ret_from_fork+0x10/0x20 [ 22.100747] [ 22.111560] Allocated by task 147: [ 22.114263] kasan_save_stack+0x3c/0x68 [ 22.114637] kasan_save_track+0x20/0x40 [ 22.114985] kasan_save_alloc_info+0x40/0x58 [ 22.115863] __kasan_krealloc+0x118/0x178 [ 22.116778] krealloc_noprof+0x128/0x360 [ 22.118252] krealloc_less_oob_helper+0x168/0xc50 [ 22.118720] krealloc_less_oob+0x20/0x38 [ 22.119531] kunit_try_run_case+0x170/0x3f0 [ 22.120205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.120985] kthread+0x318/0x620 [ 22.121742] ret_from_fork+0x10/0x20 [ 22.122298] [ 22.122631] The buggy address belongs to the object at fff00000c4755c00 [ 22.122631] which belongs to the cache kmalloc-256 of size 256 [ 22.123770] The buggy address is located 7 bytes to the right of [ 22.123770] allocated 201-byte region [fff00000c4755c00, fff00000c4755cc9) [ 22.124851] [ 22.125262] The buggy address belongs to the physical page: [ 22.126421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104754 [ 22.127291] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.127990] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.129306] page_type: f5(slab) [ 22.129764] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.130569] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.131461] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.132436] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.133766] head: 0bfffe0000000001 ffffc1ffc311d501 ffffffffffffffff 0000000000000000 [ 22.134488] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.135270] page dumped because: kasan: bad access detected [ 22.135859] [ 22.136167] Memory state around the buggy address: [ 22.136711] fff00000c4755b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.138185] fff00000c4755c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.139116] >fff00000c4755c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.139811] ^ [ 22.140397] fff00000c4755d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.141415] fff00000c4755d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.142633] ================================================================== [ 22.234422] ================================================================== [ 22.235165] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 22.236047] Write of size 1 at addr fff00000c4755ceb by task kunit_try_catch/147 [ 22.236798] [ 22.238102] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.238326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.238402] Hardware name: linux,dummy-virt (DT) [ 22.238484] Call trace: [ 22.238549] show_stack+0x20/0x38 (C) [ 22.238687] dump_stack_lvl+0x8c/0xd0 [ 22.238859] print_report+0x118/0x608 [ 22.239027] kasan_report+0xdc/0x128 [ 22.239122] __asan_report_store1_noabort+0x20/0x30 [ 22.239184] krealloc_less_oob_helper+0xa58/0xc50 [ 22.239243] krealloc_less_oob+0x20/0x38 [ 22.239298] kunit_try_run_case+0x170/0x3f0 [ 22.239355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.239416] kthread+0x318/0x620 [ 22.239469] ret_from_fork+0x10/0x20 [ 22.239526] [ 22.247283] Allocated by task 147: [ 22.247825] kasan_save_stack+0x3c/0x68 [ 22.248810] kasan_save_track+0x20/0x40 [ 22.249330] kasan_save_alloc_info+0x40/0x58 [ 22.250222] __kasan_krealloc+0x118/0x178 [ 22.250653] krealloc_noprof+0x128/0x360 [ 22.251253] krealloc_less_oob_helper+0x168/0xc50 [ 22.251785] krealloc_less_oob+0x20/0x38 [ 22.252329] kunit_try_run_case+0x170/0x3f0 [ 22.252808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.254123] kthread+0x318/0x620 [ 22.254678] ret_from_fork+0x10/0x20 [ 22.255131] [ 22.255452] The buggy address belongs to the object at fff00000c4755c00 [ 22.255452] which belongs to the cache kmalloc-256 of size 256 [ 22.256550] The buggy address is located 34 bytes to the right of [ 22.256550] allocated 201-byte region [fff00000c4755c00, fff00000c4755cc9) [ 22.258430] [ 22.258743] The buggy address belongs to the physical page: [ 22.259332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104754 [ 22.260332] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.261049] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.261796] page_type: f5(slab) [ 22.262979] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.263693] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.264480] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.265333] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.266395] head: 0bfffe0000000001 ffffc1ffc311d501 ffffffffffffffff 0000000000000000 [ 22.267188] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.268171] page dumped because: kasan: bad access detected [ 22.268895] [ 22.269459] Memory state around the buggy address: [ 22.270015] fff00000c4755b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.270935] fff00000c4755c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.271667] >fff00000c4755c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.272658] ^ [ 22.273827] fff00000c4755d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274790] fff00000c4755d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.275619] ================================================================== [ 22.443928] ================================================================== [ 22.444500] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 22.445413] Write of size 1 at addr fff00000c64a60ea by task kunit_try_catch/151 [ 22.446080] [ 22.446536] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.446755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.446976] Hardware name: linux,dummy-virt (DT) [ 22.447061] Call trace: [ 22.447125] show_stack+0x20/0x38 (C) [ 22.447262] dump_stack_lvl+0x8c/0xd0 [ 22.447398] print_report+0x118/0x608 [ 22.447485] kasan_report+0xdc/0x128 [ 22.447545] __asan_report_store1_noabort+0x20/0x30 [ 22.447606] krealloc_less_oob_helper+0xae4/0xc50 [ 22.447667] krealloc_large_less_oob+0x20/0x38 [ 22.447726] kunit_try_run_case+0x170/0x3f0 [ 22.447786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.447849] kthread+0x318/0x620 [ 22.447935] ret_from_fork+0x10/0x20 [ 22.447999] [ 22.456019] The buggy address belongs to the physical page: [ 22.456650] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.457650] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.458787] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.459615] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.460434] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.461231] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.463101] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.463911] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.464645] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.466214] page dumped because: kasan: bad access detected [ 22.466822] [ 22.467181] Memory state around the buggy address: [ 22.467762] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.468503] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.469551] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.470248] ^ [ 22.471613] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.472411] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.473232] ================================================================== [ 22.144740] ================================================================== [ 22.145777] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 22.146578] Write of size 1 at addr fff00000c4755cda by task kunit_try_catch/147 [ 22.147203] [ 22.147530] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.147761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.147828] Hardware name: linux,dummy-virt (DT) [ 22.148531] Call trace: [ 22.148567] show_stack+0x20/0x38 (C) [ 22.148634] dump_stack_lvl+0x8c/0xd0 [ 22.148693] print_report+0x118/0x608 [ 22.148750] kasan_report+0xdc/0x128 [ 22.148807] __asan_report_store1_noabort+0x20/0x30 [ 22.148865] krealloc_less_oob_helper+0xa80/0xc50 [ 22.148959] krealloc_less_oob+0x20/0x38 [ 22.149085] kunit_try_run_case+0x170/0x3f0 [ 22.149215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.149344] kthread+0x318/0x620 [ 22.149459] ret_from_fork+0x10/0x20 [ 22.149580] [ 22.155728] Allocated by task 147: [ 22.156096] kasan_save_stack+0x3c/0x68 [ 22.156539] kasan_save_track+0x20/0x40 [ 22.158174] kasan_save_alloc_info+0x40/0x58 [ 22.158774] __kasan_krealloc+0x118/0x178 [ 22.159450] krealloc_noprof+0x128/0x360 [ 22.160098] krealloc_less_oob_helper+0x168/0xc50 [ 22.160723] krealloc_less_oob+0x20/0x38 [ 22.161464] kunit_try_run_case+0x170/0x3f0 [ 22.162367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.162990] kthread+0x318/0x620 [ 22.163436] ret_from_fork+0x10/0x20 [ 22.163958] [ 22.164262] The buggy address belongs to the object at fff00000c4755c00 [ 22.164262] which belongs to the cache kmalloc-256 of size 256 [ 22.165377] The buggy address is located 17 bytes to the right of [ 22.165377] allocated 201-byte region [fff00000c4755c00, fff00000c4755cc9) [ 22.166527] [ 22.166855] The buggy address belongs to the physical page: [ 22.168812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104754 [ 22.169816] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.170556] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.171506] page_type: f5(slab) [ 22.171850] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.172677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.173942] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.174790] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.176150] head: 0bfffe0000000001 ffffc1ffc311d501 ffffffffffffffff 0000000000000000 [ 22.176940] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.177698] page dumped because: kasan: bad access detected [ 22.178454] [ 22.178776] Memory state around the buggy address: [ 22.179650] fff00000c4755b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.180594] fff00000c4755c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.181452] >fff00000c4755c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.182106] ^ [ 22.183235] fff00000c4755d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.184381] fff00000c4755d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.185442] ================================================================== [ 22.412726] ================================================================== [ 22.413339] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 22.413999] Write of size 1 at addr fff00000c64a60da by task kunit_try_catch/151 [ 22.415228] [ 22.415562] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.415775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.415851] Hardware name: linux,dummy-virt (DT) [ 22.415954] Call trace: [ 22.416020] show_stack+0x20/0x38 (C) [ 22.416161] dump_stack_lvl+0x8c/0xd0 [ 22.416306] print_report+0x118/0x608 [ 22.416444] kasan_report+0xdc/0x128 [ 22.416578] __asan_report_store1_noabort+0x20/0x30 [ 22.416722] krealloc_less_oob_helper+0xa80/0xc50 [ 22.416866] krealloc_large_less_oob+0x20/0x38 [ 22.417634] kunit_try_run_case+0x170/0x3f0 [ 22.417763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.417922] kthread+0x318/0x620 [ 22.418033] ret_from_fork+0x10/0x20 [ 22.418146] [ 22.424877] The buggy address belongs to the physical page: [ 22.425916] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.426681] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.427676] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.428476] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.430136] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.430911] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.431763] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.432602] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.433558] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.434384] page dumped because: kasan: bad access detected [ 22.435079] [ 22.435406] Memory state around the buggy address: [ 22.436039] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.436753] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.438316] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.439225] ^ [ 22.439953] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.440734] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.441541] ================================================================== [ 22.474765] ================================================================== [ 22.476127] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 22.476942] Write of size 1 at addr fff00000c64a60eb by task kunit_try_catch/151 [ 22.478660] [ 22.479083] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.479190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.479224] Hardware name: linux,dummy-virt (DT) [ 22.479262] Call trace: [ 22.479291] show_stack+0x20/0x38 (C) [ 22.479358] dump_stack_lvl+0x8c/0xd0 [ 22.479418] print_report+0x118/0x608 [ 22.479476] kasan_report+0xdc/0x128 [ 22.479533] __asan_report_store1_noabort+0x20/0x30 [ 22.479592] krealloc_less_oob_helper+0xa58/0xc50 [ 22.479652] krealloc_large_less_oob+0x20/0x38 [ 22.479711] kunit_try_run_case+0x170/0x3f0 [ 22.479768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.479830] kthread+0x318/0x620 [ 22.479912] ret_from_fork+0x10/0x20 [ 22.480090] [ 22.492816] The buggy address belongs to the physical page: [ 22.493862] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.495717] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.497756] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.498404] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.499501] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.500359] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.501448] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.502575] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.503387] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.504225] page dumped because: kasan: bad access detected [ 22.504801] [ 22.505171] Memory state around the buggy address: [ 22.506239] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.507587] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.508322] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.509796] ^ [ 22.510422] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.511121] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.511869] ================================================================== [ 22.350480] ================================================================== [ 22.351435] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 22.352218] Write of size 1 at addr fff00000c64a60c9 by task kunit_try_catch/151 [ 22.353281] [ 22.354044] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.354295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.354374] Hardware name: linux,dummy-virt (DT) [ 22.354451] Call trace: [ 22.354486] show_stack+0x20/0x38 (C) [ 22.354553] dump_stack_lvl+0x8c/0xd0 [ 22.354612] print_report+0x118/0x608 [ 22.354670] kasan_report+0xdc/0x128 [ 22.354727] __asan_report_store1_noabort+0x20/0x30 [ 22.354785] krealloc_less_oob_helper+0xa48/0xc50 [ 22.354844] krealloc_large_less_oob+0x20/0x38 [ 22.354934] kunit_try_run_case+0x170/0x3f0 [ 22.355000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.355064] kthread+0x318/0x620 [ 22.355119] ret_from_fork+0x10/0x20 [ 22.355177] [ 22.363409] The buggy address belongs to the physical page: [ 22.364142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.365023] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.366005] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.367546] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.367918] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.368953] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.370246] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.371208] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.372062] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.372856] page dumped because: kasan: bad access detected [ 22.373664] [ 22.373962] Memory state around the buggy address: [ 22.374559] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.375602] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.376812] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.377705] ^ [ 22.378519] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.379397] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.380180] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 22.011589] ================================================================== [ 22.012917] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 22.013847] Write of size 1 at addr fff00000c44c00f0 by task kunit_try_catch/145 [ 22.014527] [ 22.014950] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.015159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.015233] Hardware name: linux,dummy-virt (DT) [ 22.015316] Call trace: [ 22.015385] show_stack+0x20/0x38 (C) [ 22.015523] dump_stack_lvl+0x8c/0xd0 [ 22.015666] print_report+0x118/0x608 [ 22.015803] kasan_report+0xdc/0x128 [ 22.015961] __asan_report_store1_noabort+0x20/0x30 [ 22.016079] krealloc_more_oob_helper+0x5c8/0x680 [ 22.016224] krealloc_more_oob+0x20/0x38 [ 22.016360] kunit_try_run_case+0x170/0x3f0 [ 22.016500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.016650] kthread+0x318/0x620 [ 22.016789] ret_from_fork+0x10/0x20 [ 22.016947] [ 22.023197] Allocated by task 145: [ 22.023733] kasan_save_stack+0x3c/0x68 [ 22.024273] kasan_save_track+0x20/0x40 [ 22.024778] kasan_save_alloc_info+0x40/0x58 [ 22.025213] __kasan_krealloc+0x118/0x178 [ 22.025745] krealloc_noprof+0x128/0x360 [ 22.026214] krealloc_more_oob_helper+0x168/0x680 [ 22.026933] krealloc_more_oob+0x20/0x38 [ 22.027515] kunit_try_run_case+0x170/0x3f0 [ 22.028123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.028715] kthread+0x318/0x620 [ 22.029242] ret_from_fork+0x10/0x20 [ 22.029786] [ 22.030101] The buggy address belongs to the object at fff00000c44c0000 [ 22.030101] which belongs to the cache kmalloc-256 of size 256 [ 22.031794] The buggy address is located 5 bytes to the right of [ 22.031794] allocated 235-byte region [fff00000c44c0000, fff00000c44c00eb) [ 22.033212] [ 22.033600] The buggy address belongs to the physical page: [ 22.034318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044c0 [ 22.035220] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.035966] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.036673] page_type: f5(slab) [ 22.037171] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.038020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.038735] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.039571] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.040406] head: 0bfffe0000000001 ffffc1ffc3113001 ffffffffffffffff 0000000000000000 [ 22.041226] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.042028] page dumped because: kasan: bad access detected [ 22.042577] [ 22.042917] Memory state around the buggy address: [ 22.044040] fff00000c44bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.044699] fff00000c44c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.045454] >fff00000c44c0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.046364] ^ [ 22.047037] fff00000c44c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.047788] fff00000c44c0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.048465] ================================================================== [ 21.970825] ================================================================== [ 21.971895] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 21.972601] Write of size 1 at addr fff00000c44c00eb by task kunit_try_catch/145 [ 21.974210] [ 21.974549] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.974764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.974841] Hardware name: linux,dummy-virt (DT) [ 21.974943] Call trace: [ 21.975015] show_stack+0x20/0x38 (C) [ 21.975155] dump_stack_lvl+0x8c/0xd0 [ 21.975257] print_report+0x118/0x608 [ 21.975318] kasan_report+0xdc/0x128 [ 21.975375] __asan_report_store1_noabort+0x20/0x30 [ 21.975432] krealloc_more_oob_helper+0x614/0x680 [ 21.975491] krealloc_more_oob+0x20/0x38 [ 21.975547] kunit_try_run_case+0x170/0x3f0 [ 21.975607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.975670] kthread+0x318/0x620 [ 21.975725] ret_from_fork+0x10/0x20 [ 21.975784] [ 21.984238] Allocated by task 145: [ 21.984680] kasan_save_stack+0x3c/0x68 [ 21.985322] kasan_save_track+0x20/0x40 [ 21.985913] kasan_save_alloc_info+0x40/0x58 [ 21.986555] __kasan_krealloc+0x118/0x178 [ 21.987112] krealloc_noprof+0x128/0x360 [ 21.987723] krealloc_more_oob_helper+0x168/0x680 [ 21.988324] krealloc_more_oob+0x20/0x38 [ 21.988941] kunit_try_run_case+0x170/0x3f0 [ 21.989513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.990209] kthread+0x318/0x620 [ 21.990700] ret_from_fork+0x10/0x20 [ 21.991251] [ 21.991605] The buggy address belongs to the object at fff00000c44c0000 [ 21.991605] which belongs to the cache kmalloc-256 of size 256 [ 21.992833] The buggy address is located 0 bytes to the right of [ 21.992833] allocated 235-byte region [fff00000c44c0000, fff00000c44c00eb) [ 21.994410] [ 21.994827] The buggy address belongs to the physical page: [ 21.995421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044c0 [ 21.996184] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.997041] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.997814] page_type: f5(slab) [ 21.998335] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.999196] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.000107] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.000824] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.001630] head: 0bfffe0000000001 ffffc1ffc3113001 ffffffffffffffff 0000000000000000 [ 22.002408] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.003176] page dumped because: kasan: bad access detected [ 22.003751] [ 22.004093] Memory state around the buggy address: [ 22.004625] fff00000c44bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.005266] fff00000c44c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.005966] >fff00000c44c0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.006755] ^ [ 22.007469] fff00000c44c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.008165] fff00000c44c0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.008803] ================================================================== [ 22.315170] ================================================================== [ 22.315851] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 22.317002] Write of size 1 at addr fff00000c64a60f0 by task kunit_try_catch/149 [ 22.318175] [ 22.318520] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.318738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.318814] Hardware name: linux,dummy-virt (DT) [ 22.318912] Call trace: [ 22.318980] show_stack+0x20/0x38 (C) [ 22.319121] dump_stack_lvl+0x8c/0xd0 [ 22.319252] print_report+0x118/0x608 [ 22.319326] kasan_report+0xdc/0x128 [ 22.319384] __asan_report_store1_noabort+0x20/0x30 [ 22.319441] krealloc_more_oob_helper+0x5c8/0x680 [ 22.319499] krealloc_large_more_oob+0x20/0x38 [ 22.319556] kunit_try_run_case+0x170/0x3f0 [ 22.319616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.319677] kthread+0x318/0x620 [ 22.319731] ret_from_fork+0x10/0x20 [ 22.319790] [ 22.327554] The buggy address belongs to the physical page: [ 22.328174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.328954] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.330276] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.330869] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.332053] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.332954] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.334054] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.334780] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.335402] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.336025] page dumped because: kasan: bad access detected [ 22.336502] [ 22.336738] Memory state around the buggy address: [ 22.338528] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.339336] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.339936] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.340661] ^ [ 22.341799] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.342623] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.343295] ================================================================== [ 22.284352] ================================================================== [ 22.286062] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 22.286804] Write of size 1 at addr fff00000c64a60eb by task kunit_try_catch/149 [ 22.287533] [ 22.287922] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.288138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.288214] Hardware name: linux,dummy-virt (DT) [ 22.288303] Call trace: [ 22.288371] show_stack+0x20/0x38 (C) [ 22.288513] dump_stack_lvl+0x8c/0xd0 [ 22.288652] print_report+0x118/0x608 [ 22.288783] kasan_report+0xdc/0x128 [ 22.288918] __asan_report_store1_noabort+0x20/0x30 [ 22.289368] krealloc_more_oob_helper+0x614/0x680 [ 22.289497] krealloc_large_more_oob+0x20/0x38 [ 22.289616] kunit_try_run_case+0x170/0x3f0 [ 22.289731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.289849] kthread+0x318/0x620 [ 22.289985] ret_from_fork+0x10/0x20 [ 22.290101] [ 22.296491] The buggy address belongs to the physical page: [ 22.296996] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 22.297935] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.299788] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.300752] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.301799] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.302847] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.303971] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.304937] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 22.305743] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.306480] page dumped because: kasan: bad access detected [ 22.307621] [ 22.307937] Memory state around the buggy address: [ 22.308543] fff00000c64a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.309561] fff00000c64a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.310377] >fff00000c64a6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.311106] ^ [ 22.311801] fff00000c64a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.312511] fff00000c64a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.313963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 21.928757] ================================================================== [ 21.930087] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 21.930641] Read of size 1 at addr fff00000c6510000 by task kunit_try_catch/143 [ 21.932326] [ 21.932589] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.932799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.932874] Hardware name: linux,dummy-virt (DT) [ 21.932979] Call trace: [ 21.933044] show_stack+0x20/0x38 (C) [ 21.933492] dump_stack_lvl+0x8c/0xd0 [ 21.933629] print_report+0x118/0x608 [ 21.933743] kasan_report+0xdc/0x128 [ 21.933854] __asan_report_load1_noabort+0x20/0x30 [ 21.933993] page_alloc_uaf+0x328/0x350 [ 21.934100] kunit_try_run_case+0x170/0x3f0 [ 21.934231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.934355] kthread+0x318/0x620 [ 21.934468] ret_from_fork+0x10/0x20 [ 21.934579] [ 21.941929] The buggy address belongs to the physical page: [ 21.942578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106510 [ 21.943417] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.944137] page_type: f0(buddy) [ 21.944626] raw: 0bfffe0000000000 fff00000ff6150e0 fff00000ff6150e0 0000000000000000 [ 21.945444] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 21.946154] page dumped because: kasan: bad access detected [ 21.946816] [ 21.947970] Memory state around the buggy address: [ 21.948500] fff00000c650ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.949713] fff00000c650ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.950468] >fff00000c6510000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.951439] ^ [ 21.951852] fff00000c6510080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.952563] fff00000c6510100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.953517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 21.884856] ================================================================== [ 21.886332] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 21.887011] Free of addr fff00000c64a4001 by task kunit_try_catch/139 [ 21.888444] [ 21.888815] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.889329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.889376] Hardware name: linux,dummy-virt (DT) [ 21.889415] Call trace: [ 21.889446] show_stack+0x20/0x38 (C) [ 21.889514] dump_stack_lvl+0x8c/0xd0 [ 21.889574] print_report+0x118/0x608 [ 21.889634] kasan_report_invalid_free+0xc0/0xe8 [ 21.889694] __kasan_kfree_large+0x5c/0xa8 [ 21.889751] free_large_kmalloc+0x58/0x140 [ 21.889807] kfree+0x270/0x3c8 [ 21.889859] kmalloc_large_invalid_free+0x108/0x270 [ 21.889952] kunit_try_run_case+0x170/0x3f0 [ 21.890014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.890079] kthread+0x318/0x620 [ 21.890134] ret_from_fork+0x10/0x20 [ 21.890210] [ 21.897691] The buggy address belongs to the physical page: [ 21.898253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 21.899165] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.900019] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.900938] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.902911] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.903853] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.904688] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.905910] head: 0bfffe0000000002 ffffc1ffc3192901 ffffffffffffffff 0000000000000000 [ 21.906693] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.907509] page dumped because: kasan: bad access detected [ 21.908094] [ 21.908378] Memory state around the buggy address: [ 21.908968] fff00000c64a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.909936] fff00000c64a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.910703] >fff00000c64a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.911406] ^ [ 21.911867] fff00000c64a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.912552] fff00000c64a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.913379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 21.854547] ================================================================== [ 21.855634] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 21.856273] Read of size 1 at addr fff00000c64a4000 by task kunit_try_catch/137 [ 21.857087] [ 21.858001] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.858221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.858297] Hardware name: linux,dummy-virt (DT) [ 21.858516] Call trace: [ 21.858569] show_stack+0x20/0x38 (C) [ 21.858636] dump_stack_lvl+0x8c/0xd0 [ 21.858697] print_report+0x118/0x608 [ 21.858754] kasan_report+0xdc/0x128 [ 21.858809] __asan_report_load1_noabort+0x20/0x30 [ 21.858864] kmalloc_large_uaf+0x2cc/0x2f8 [ 21.858952] kunit_try_run_case+0x170/0x3f0 [ 21.859013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.859076] kthread+0x318/0x620 [ 21.859129] ret_from_fork+0x10/0x20 [ 21.859186] [ 21.865953] The buggy address belongs to the physical page: [ 21.866516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064a4 [ 21.867249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.868185] raw: 0bfffe0000000000 ffffc1ffc3192a08 fff00000da4d3040 0000000000000000 [ 21.869293] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.870073] page dumped because: kasan: bad access detected [ 21.870742] [ 21.871136] Memory state around the buggy address: [ 21.871696] fff00000c64a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.872515] fff00000c64a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.873587] >fff00000c64a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.874461] ^ [ 21.874786] fff00000c64a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.875426] fff00000c64a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.876644] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 21.816914] ================================================================== [ 21.818469] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 21.819239] Write of size 1 at addr fff00000c63ea00a by task kunit_try_catch/135 [ 21.820524] [ 21.820877] CPU: 0 UID: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.821336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.821405] Hardware name: linux,dummy-virt (DT) [ 21.821480] Call trace: [ 21.821537] show_stack+0x20/0x38 (C) [ 21.821656] dump_stack_lvl+0x8c/0xd0 [ 21.821766] print_report+0x118/0x608 [ 21.821906] kasan_report+0xdc/0x128 [ 21.822029] __asan_report_store1_noabort+0x20/0x30 [ 21.822093] kmalloc_large_oob_right+0x278/0x2b8 [ 21.822151] kunit_try_run_case+0x170/0x3f0 [ 21.822223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.822284] kthread+0x318/0x620 [ 21.822337] ret_from_fork+0x10/0x20 [ 21.822395] [ 21.830197] The buggy address belongs to the physical page: [ 21.831512] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063e8 [ 21.832267] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.833255] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.834446] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.835401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.836282] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.837637] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.838592] head: 0bfffe0000000002 ffffc1ffc318fa01 ffffffffffffffff 0000000000000000 [ 21.839282] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 21.839872] page dumped because: kasan: bad access detected [ 21.840481] [ 21.840808] Memory state around the buggy address: [ 21.841522] fff00000c63e9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.842583] fff00000c63e9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.843446] >fff00000c63ea000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.844143] ^ [ 21.844563] fff00000c63ea080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.845711] fff00000c63ea100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.846319] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 21.769988] ================================================================== [ 21.771361] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.772092] Write of size 1 at addr fff00000c45c5f00 by task kunit_try_catch/133 [ 21.772732] [ 21.773223] CPU: 0 UID: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.773774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.773849] Hardware name: linux,dummy-virt (DT) [ 21.773946] Call trace: [ 21.773980] show_stack+0x20/0x38 (C) [ 21.774042] dump_stack_lvl+0x8c/0xd0 [ 21.774100] print_report+0x118/0x608 [ 21.774155] kasan_report+0xdc/0x128 [ 21.774226] __asan_report_store1_noabort+0x20/0x30 [ 21.774284] kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.774339] kunit_try_run_case+0x170/0x3f0 [ 21.774395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.774459] kthread+0x318/0x620 [ 21.774513] ret_from_fork+0x10/0x20 [ 21.774569] [ 21.781023] Allocated by task 133: [ 21.782011] kasan_save_stack+0x3c/0x68 [ 21.782551] kasan_save_track+0x20/0x40 [ 21.783056] kasan_save_alloc_info+0x40/0x58 [ 21.783605] __kasan_kmalloc+0xd4/0xd8 [ 21.784128] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.784716] kmalloc_big_oob_right+0xb8/0x2f0 [ 21.786220] kunit_try_run_case+0x170/0x3f0 [ 21.786941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.787504] kthread+0x318/0x620 [ 21.788328] ret_from_fork+0x10/0x20 [ 21.789035] [ 21.789328] The buggy address belongs to the object at fff00000c45c4000 [ 21.789328] which belongs to the cache kmalloc-8k of size 8192 [ 21.790691] The buggy address is located 0 bytes to the right of [ 21.790691] allocated 7936-byte region [fff00000c45c4000, fff00000c45c5f00) [ 21.791906] [ 21.792156] The buggy address belongs to the physical page: [ 21.792759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045c0 [ 21.793635] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.794421] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.796142] page_type: f5(slab) [ 21.796602] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.797347] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.798322] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.799330] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.800122] head: 0bfffe0000000003 ffffc1ffc3117001 ffffffffffffffff 0000000000000000 [ 21.800839] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 21.801839] page dumped because: kasan: bad access detected [ 21.802671] [ 21.803122] Memory state around the buggy address: [ 21.804225] fff00000c45c5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.804934] fff00000c45c5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.805628] >fff00000c45c5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.806682] ^ [ 21.807316] fff00000c45c5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.808007] fff00000c45c6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.808725] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 21.687826] ================================================================== [ 21.690695] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x414/0x490 [ 21.691360] Write of size 1 at addr fff00000c614cb78 by task kunit_try_catch/131 [ 21.692082] [ 21.692441] CPU: 1 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.692659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.692737] Hardware name: linux,dummy-virt (DT) [ 21.692828] Call trace: [ 21.692908] show_stack+0x20/0x38 (C) [ 21.693989] dump_stack_lvl+0x8c/0xd0 [ 21.694132] print_report+0x118/0x608 [ 21.694276] kasan_report+0xdc/0x128 [ 21.694398] __asan_report_store1_noabort+0x20/0x30 [ 21.694516] kmalloc_track_caller_oob_right+0x414/0x490 [ 21.694637] kunit_try_run_case+0x170/0x3f0 [ 21.694755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.694900] kthread+0x318/0x620 [ 21.695045] ret_from_fork+0x10/0x20 [ 21.695177] [ 21.701756] Allocated by task 131: [ 21.702114] kasan_save_stack+0x3c/0x68 [ 21.702571] kasan_save_track+0x20/0x40 [ 21.702979] kasan_save_alloc_info+0x40/0x58 [ 21.704311] __kasan_kmalloc+0xd4/0xd8 [ 21.704842] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.706376] kmalloc_track_caller_oob_right+0xa8/0x490 [ 21.707509] kunit_try_run_case+0x170/0x3f0 [ 21.708246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.708842] kthread+0x318/0x620 [ 21.709787] ret_from_fork+0x10/0x20 [ 21.710301] [ 21.710620] The buggy address belongs to the object at fff00000c614cb00 [ 21.710620] which belongs to the cache kmalloc-128 of size 128 [ 21.712014] The buggy address is located 0 bytes to the right of [ 21.712014] allocated 120-byte region [fff00000c614cb00, fff00000c614cb78) [ 21.713105] [ 21.713427] The buggy address belongs to the physical page: [ 21.714097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c [ 21.715033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.715654] page_type: f5(slab) [ 21.716127] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.716994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.717774] page dumped because: kasan: bad access detected [ 21.718454] [ 21.718742] Memory state around the buggy address: [ 21.719271] fff00000c614ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.720112] fff00000c614ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.720902] >fff00000c614cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.721632] ^ [ 21.722326] fff00000c614cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.723180] fff00000c614cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.724210] ================================================================== [ 21.726932] ================================================================== [ 21.727496] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x420/0x490 [ 21.728273] Write of size 1 at addr fff00000c614cc78 by task kunit_try_catch/131 [ 21.729236] [ 21.729564] CPU: 1 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.729802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.729872] Hardware name: linux,dummy-virt (DT) [ 21.729975] Call trace: [ 21.730041] show_stack+0x20/0x38 (C) [ 21.730184] dump_stack_lvl+0x8c/0xd0 [ 21.730321] print_report+0x118/0x608 [ 21.730452] kasan_report+0xdc/0x128 [ 21.730577] __asan_report_store1_noabort+0x20/0x30 [ 21.730694] kmalloc_track_caller_oob_right+0x420/0x490 [ 21.730822] kunit_try_run_case+0x170/0x3f0 [ 21.730954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.731090] kthread+0x318/0x620 [ 21.731167] ret_from_fork+0x10/0x20 [ 21.731227] [ 21.736995] Allocated by task 131: [ 21.737524] kasan_save_stack+0x3c/0x68 [ 21.738048] kasan_save_track+0x20/0x40 [ 21.738816] kasan_save_alloc_info+0x40/0x58 [ 21.739429] __kasan_kmalloc+0xd4/0xd8 [ 21.739869] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.740576] kmalloc_track_caller_oob_right+0x184/0x490 [ 21.741456] kunit_try_run_case+0x170/0x3f0 [ 21.741926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.742616] kthread+0x318/0x620 [ 21.743133] ret_from_fork+0x10/0x20 [ 21.743692] [ 21.744034] The buggy address belongs to the object at fff00000c614cc00 [ 21.744034] which belongs to the cache kmalloc-128 of size 128 [ 21.745908] The buggy address is located 0 bytes to the right of [ 21.745908] allocated 120-byte region [fff00000c614cc00, fff00000c614cc78) [ 21.748102] [ 21.748452] The buggy address belongs to the physical page: [ 21.749150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10614c [ 21.750593] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.751290] page_type: f5(slab) [ 21.751746] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.752509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.753350] page dumped because: kasan: bad access detected [ 21.754212] [ 21.754513] Memory state around the buggy address: [ 21.755097] fff00000c614cb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.755764] fff00000c614cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.756541] >fff00000c614cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.757500] ^ [ 21.758259] fff00000c614cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.759051] fff00000c614cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.759644] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 21.639681] ================================================================== [ 21.640546] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 21.641402] Read of size 1 at addr fff00000c639d000 by task kunit_try_catch/129 [ 21.643269] [ 21.643638] CPU: 0 UID: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.643823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.643903] Hardware name: linux,dummy-virt (DT) [ 21.643979] Call trace: [ 21.644090] show_stack+0x20/0x38 (C) [ 21.644261] dump_stack_lvl+0x8c/0xd0 [ 21.644452] print_report+0x118/0x608 [ 21.644691] kasan_report+0xdc/0x128 [ 21.644827] __asan_report_load1_noabort+0x20/0x30 [ 21.644962] kmalloc_node_oob_right+0x2f4/0x330 [ 21.645028] kunit_try_run_case+0x170/0x3f0 [ 21.645134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645268] kthread+0x318/0x620 [ 21.645409] ret_from_fork+0x10/0x20 [ 21.645477] [ 21.652619] Allocated by task 129: [ 21.653839] kasan_save_stack+0x3c/0x68 [ 21.654394] kasan_save_track+0x20/0x40 [ 21.654898] kasan_save_alloc_info+0x40/0x58 [ 21.655458] __kasan_kmalloc+0xd4/0xd8 [ 21.655996] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 21.656639] kmalloc_node_oob_right+0xbc/0x330 [ 21.657180] kunit_try_run_case+0x170/0x3f0 [ 21.658219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.658958] kthread+0x318/0x620 [ 21.659462] ret_from_fork+0x10/0x20 [ 21.660018] [ 21.660344] The buggy address belongs to the object at fff00000c639c000 [ 21.660344] which belongs to the cache kmalloc-4k of size 4096 [ 21.661587] The buggy address is located 0 bytes to the right of [ 21.661587] allocated 4096-byte region [fff00000c639c000, fff00000c639d000) [ 21.663571] [ 21.663826] The buggy address belongs to the physical page: [ 21.664380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.665574] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.666499] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.667290] page_type: f5(slab) [ 21.667754] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 21.668541] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.669663] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 21.670344] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.671133] head: 0bfffe0000000003 ffffc1ffc318e601 ffffffffffffffff 0000000000000000 [ 21.671918] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 21.672620] page dumped because: kasan: bad access detected [ 21.673349] [ 21.673688] Memory state around the buggy address: [ 21.674576] fff00000c639cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.675423] fff00000c639cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.676142] >fff00000c639d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.676909] ^ [ 21.677456] fff00000c639d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.678204] fff00000c639d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.679134] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 21.587858] ================================================================== [ 21.588878] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 21.589512] Read of size 1 at addr fff00000c596b6ff by task kunit_try_catch/127 [ 21.590119] [ 21.590402] CPU: 0 UID: 0 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.590581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.590644] Hardware name: linux,dummy-virt (DT) [ 21.590717] Call trace: [ 21.590766] show_stack+0x20/0x38 (C) [ 21.591038] dump_stack_lvl+0x8c/0xd0 [ 21.593124] print_report+0x118/0x608 [ 21.593251] kasan_report+0xdc/0x128 [ 21.593414] __asan_report_load1_noabort+0x20/0x30 [ 21.593532] kmalloc_oob_left+0x2ec/0x320 [ 21.593647] kunit_try_run_case+0x170/0x3f0 [ 21.593771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.593913] kthread+0x318/0x620 [ 21.594029] ret_from_fork+0x10/0x20 [ 21.594150] [ 21.605615] Allocated by task 10: [ 21.606038] kasan_save_stack+0x3c/0x68 [ 21.606768] kasan_save_track+0x20/0x40 [ 21.607759] kasan_save_alloc_info+0x40/0x58 [ 21.609285] __kasan_kmalloc+0xd4/0xd8 [ 21.609868] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.610614] kvasprintf+0xe0/0x180 [ 21.611216] __kthread_create_on_node+0x16c/0x350 [ 21.611753] kthread_create_on_node+0xe4/0x130 [ 21.612293] create_worker+0x380/0x6b8 [ 21.612912] worker_thread+0x71c/0xf18 [ 21.613362] kthread+0x318/0x620 [ 21.613872] ret_from_fork+0x10/0x20 [ 21.614426] [ 21.614794] The buggy address belongs to the object at fff00000c596b6e0 [ 21.614794] which belongs to the cache kmalloc-16 of size 16 [ 21.617367] The buggy address is located 19 bytes to the right of [ 21.617367] allocated 12-byte region [fff00000c596b6e0, fff00000c596b6ec) [ 21.618522] [ 21.618806] The buggy address belongs to the physical page: [ 21.619439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 21.620372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.621063] page_type: f5(slab) [ 21.621996] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.622822] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.623748] page dumped because: kasan: bad access detected [ 21.624357] [ 21.624669] Memory state around the buggy address: [ 21.625756] fff00000c596b580: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 21.626571] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 21.627319] >fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 21.628076] ^ [ 21.628865] fff00000c596b700: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.629658] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.630682] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 21.545045] ================================================================== [ 21.546507] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 21.548015] Read of size 1 at addr fff00000c6331b80 by task kunit_try_catch/125 [ 21.548804] [ 21.549321] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.549580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.549656] Hardware name: linux,dummy-virt (DT) [ 21.549741] Call trace: [ 21.549793] show_stack+0x20/0x38 (C) [ 21.549864] dump_stack_lvl+0x8c/0xd0 [ 21.549958] print_report+0x118/0x608 [ 21.550016] kasan_report+0xdc/0x128 [ 21.550071] __asan_report_load1_noabort+0x20/0x30 [ 21.550128] kmalloc_oob_right+0x5d0/0x660 [ 21.550209] kunit_try_run_case+0x170/0x3f0 [ 21.550268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.550331] kthread+0x318/0x620 [ 21.550384] ret_from_fork+0x10/0x20 [ 21.550441] [ 21.556841] Allocated by task 125: [ 21.557479] kasan_save_stack+0x3c/0x68 [ 21.557935] kasan_save_track+0x20/0x40 [ 21.558465] kasan_save_alloc_info+0x40/0x58 [ 21.559189] __kasan_kmalloc+0xd4/0xd8 [ 21.560034] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.560949] kmalloc_oob_right+0xb0/0x660 [ 21.561637] kunit_try_run_case+0x170/0x3f0 [ 21.562465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.563123] kthread+0x318/0x620 [ 21.563486] ret_from_fork+0x10/0x20 [ 21.564021] [ 21.564443] The buggy address belongs to the object at fff00000c6331b00 [ 21.564443] which belongs to the cache kmalloc-128 of size 128 [ 21.565754] The buggy address is located 13 bytes to the right of [ 21.565754] allocated 115-byte region [fff00000c6331b00, fff00000c6331b73) [ 21.567171] [ 21.567439] The buggy address belongs to the physical page: [ 21.567946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 21.568757] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.569604] page_type: f5(slab) [ 21.570129] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.571149] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.571798] page dumped because: kasan: bad access detected [ 21.573073] [ 21.573465] Memory state around the buggy address: [ 21.574638] fff00000c6331a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.575493] fff00000c6331b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.576247] >fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.576991] ^ [ 21.577556] fff00000c6331c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.578364] fff00000c6331c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.579119] ================================================================== [ 21.447266] ================================================================== [ 21.448652] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 21.450607] Write of size 1 at addr fff00000c6331b73 by task kunit_try_catch/125 [ 21.451278] [ 21.452591] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G N 6.14.11-rc1 #1 [ 21.454476] Tainted: [N]=TEST [ 21.454567] Hardware name: linux,dummy-virt (DT) [ 21.455034] Call trace: [ 21.455302] show_stack+0x20/0x38 (C) [ 21.455513] dump_stack_lvl+0x8c/0xd0 [ 21.455668] print_report+0x118/0x608 [ 21.455739] kasan_report+0xdc/0x128 [ 21.455796] __asan_report_store1_noabort+0x20/0x30 [ 21.455853] kmalloc_oob_right+0x5a4/0x660 [ 21.455945] kunit_try_run_case+0x170/0x3f0 [ 21.456017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.456105] kthread+0x318/0x620 [ 21.456165] ret_from_fork+0x10/0x20 [ 21.456364] [ 21.466347] Allocated by task 125: [ 21.467003] kasan_save_stack+0x3c/0x68 [ 21.467486] kasan_save_track+0x20/0x40 [ 21.468331] kasan_save_alloc_info+0x40/0x58 [ 21.469566] __kasan_kmalloc+0xd4/0xd8 [ 21.470195] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.470632] kmalloc_oob_right+0xb0/0x660 [ 21.471516] kunit_try_run_case+0x170/0x3f0 [ 21.475136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.475928] kthread+0x318/0x620 [ 21.476519] ret_from_fork+0x10/0x20 [ 21.478069] [ 21.478645] The buggy address belongs to the object at fff00000c6331b00 [ 21.478645] which belongs to the cache kmalloc-128 of size 128 [ 21.480493] The buggy address is located 0 bytes to the right of [ 21.480493] allocated 115-byte region [fff00000c6331b00, fff00000c6331b73) [ 21.482565] [ 21.483059] The buggy address belongs to the physical page: [ 21.484905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 21.487366] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.488787] page_type: f5(slab) [ 21.491170] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.492062] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.492706] page dumped because: kasan: bad access detected [ 21.493846] [ 21.494179] Memory state around the buggy address: [ 21.495392] fff00000c6331a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.496159] fff00000c6331a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.497911] >fff00000c6331b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.498733] ^ [ 21.499531] fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.500460] fff00000c6331c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.501078] ================================================================== [ 21.506095] ================================================================== [ 21.506727] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 21.507326] Write of size 1 at addr fff00000c6331b78 by task kunit_try_catch/125 [ 21.508540] [ 21.509777] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.510046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.510119] Hardware name: linux,dummy-virt (DT) [ 21.510195] Call trace: [ 21.510224] show_stack+0x20/0x38 (C) [ 21.510289] dump_stack_lvl+0x8c/0xd0 [ 21.510346] print_report+0x118/0x608 [ 21.510402] kasan_report+0xdc/0x128 [ 21.510461] __asan_report_store1_noabort+0x20/0x30 [ 21.510520] kmalloc_oob_right+0x538/0x660 [ 21.510575] kunit_try_run_case+0x170/0x3f0 [ 21.510630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.510691] kthread+0x318/0x620 [ 21.510744] ret_from_fork+0x10/0x20 [ 21.510802] [ 21.518984] Allocated by task 125: [ 21.519736] kasan_save_stack+0x3c/0x68 [ 21.520223] kasan_save_track+0x20/0x40 [ 21.520860] kasan_save_alloc_info+0x40/0x58 [ 21.521506] __kasan_kmalloc+0xd4/0xd8 [ 21.522452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.522962] kmalloc_oob_right+0xb0/0x660 [ 21.523709] kunit_try_run_case+0x170/0x3f0 [ 21.524305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.525380] kthread+0x318/0x620 [ 21.526002] ret_from_fork+0x10/0x20 [ 21.526407] [ 21.526824] The buggy address belongs to the object at fff00000c6331b00 [ 21.526824] which belongs to the cache kmalloc-128 of size 128 [ 21.528117] The buggy address is located 5 bytes to the right of [ 21.528117] allocated 115-byte region [fff00000c6331b00, fff00000c6331b73) [ 21.529592] [ 21.530069] The buggy address belongs to the physical page: [ 21.531159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 21.531866] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.532647] page_type: f5(slab) [ 21.533555] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.534424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.535246] page dumped because: kasan: bad access detected [ 21.535915] [ 21.536282] Memory state around the buggy address: [ 21.537428] fff00000c6331a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.538804] fff00000c6331a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.539986] >fff00000c6331b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.540716] ^ [ 21.541864] fff00000c6331b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.542615] fff00000c6331c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.543496] ==================================================================