Date
June 7, 2025, 10:40 a.m.
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 26.209601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 26.358983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc08/0x4858 [ 26.203034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 25.847282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0
Failure - log-parser-boot - internal-error-oops-oops-smp
[ 105.484722] Internal error: Oops: 0000000096000005 [#1] SMP [ 105.494567] Modules linked in: [ 105.495609] CPU: 0 UID: 0 PID: 536 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 105.496622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 105.497110] Hardware name: linux,dummy-virt (DT) [ 105.498157] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 105.499253] pc : kunit_test_null_dereference+0x70/0x170 [ 105.499839] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 105.500354] sp : ffff800080fb7d30 [ 105.500828] x29: ffff800080fb7d90 x28: 0000000000000000 x27: 0000000000000000 [ 105.501687] x26: 1ffe0000188801e1 x25: 0000000000000000 x24: 0000000000000004 [ 105.502566] x23: fff00000c4400f0c x22: ffffa69f4adfd6f8 x21: fff00000c3db2388 [ 105.503289] x20: 1ffff000101f6fa6 x19: ffff800080087990 x18: 000000000202b1e5 [ 105.504163] x17: 000000006794b14d x16: 0000000000000100 x15: 0000000063bcbf21 [ 105.504820] x14: 00000000f1f1f1f1 x13: 1ffe00001b48fdd0 x12: fffd8000183a411c [ 105.505610] x11: 1ffe0000183a411b x10: fffd8000183a411b x9 : ffffa69f4adf4b60 [ 105.506623] x8 : ffff800080fb7c38 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 105.507511] x5 : ffff7000101f6fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 105.508304] x2 : dfff800000000000 x1 : fff00000c1d20000 x0 : ffff800080087990 [ 105.509282] Call trace: [ 105.509638] kunit_test_null_dereference+0x70/0x170 (P) [ 105.510127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 105.511023] kthread+0x328/0x630 [ 105.511520] ret_from_fork+0x10/0x20 [ 105.512084] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 105.512838] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 53.820167] ================================================================== [ 53.820300] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 53.820300] [ 53.820453] Use-after-free read at 0x00000000160ad8fc (in kfence-#197): [ 53.820525] test_krealloc+0x51c/0x830 [ 53.820587] kunit_try_run_case+0x170/0x3f0 [ 53.820645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.820700] kthread+0x328/0x630 [ 53.820753] ret_from_fork+0x10/0x20 [ 53.820800] [ 53.820829] kfence-#197: 0x00000000160ad8fc-0x0000000049f4a6dc, size=32, cache=kmalloc-32 [ 53.820829] [ 53.820896] allocated by task 341 on cpu 1 at 53.819276s (0.001616s ago): [ 53.820984] test_alloc+0x29c/0x628 [ 53.821033] test_krealloc+0xc0/0x830 [ 53.821077] kunit_try_run_case+0x170/0x3f0 [ 53.821127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.821182] kthread+0x328/0x630 [ 53.821229] ret_from_fork+0x10/0x20 [ 53.821274] [ 53.821301] freed by task 341 on cpu 1 at 53.819608s (0.001688s ago): [ 53.821376] krealloc_noprof+0x148/0x360 [ 53.821440] test_krealloc+0x1dc/0x830 [ 53.821488] kunit_try_run_case+0x170/0x3f0 [ 53.821537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.821589] kthread+0x328/0x630 [ 53.821636] ret_from_fork+0x10/0x20 [ 53.821680] [ 53.821739] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 53.821832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.821867] Hardware name: linux,dummy-virt (DT) [ 53.821908] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 53.635378] ================================================================== [ 53.635551] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.635551] [ 53.635683] Use-after-free read at 0x00000000c567f7e7 (in kfence-#195): [ 53.635751] test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.635817] kunit_try_run_case+0x170/0x3f0 [ 53.635874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.635928] kthread+0x328/0x630 [ 53.635976] ret_from_fork+0x10/0x20 [ 53.636023] [ 53.636053] kfence-#195: 0x00000000c567f7e7-0x00000000be6d22ef, size=32, cache=test [ 53.636053] [ 53.636119] allocated by task 339 on cpu 1 at 53.619210s (0.016904s ago): [ 53.636205] test_alloc+0x230/0x628 [ 53.636260] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 53.636310] kunit_try_run_case+0x170/0x3f0 [ 53.636358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.636423] kthread+0x328/0x630 [ 53.636485] ret_from_fork+0x10/0x20 [ 53.636533] [ 53.636560] freed by task 339 on cpu 1 at 53.619421s (0.017135s ago): [ 53.636630] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 53.636679] kunit_try_run_case+0x170/0x3f0 [ 53.636736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.636791] kthread+0x328/0x630 [ 53.636835] ret_from_fork+0x10/0x20 [ 53.636882] [ 53.636937] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 53.637032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.637068] Hardware name: linux,dummy-virt (DT) [ 53.637107] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 34.409166] ================================================================== [ 34.409455] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 34.409455] [ 34.409700] Invalid read at 0x000000005f850655: [ 34.409832] test_invalid_access+0xdc/0x1f0 [ 34.410082] kunit_try_run_case+0x170/0x3f0 [ 34.410286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.410496] kthread+0x328/0x630 [ 34.410619] ret_from_fork+0x10/0x20 [ 34.410816] [ 34.410940] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 34.411167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.411255] Hardware name: linux,dummy-virt (DT) [ 34.411358] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 34.159662] ================================================================== [ 34.159843] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.159843] [ 34.159987] Corrupted memory at 0x00000000077a4531 [ ! . . . . . . . . . . . . . . . ] (in kfence-#190): [ 34.160344] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.160434] kunit_try_run_case+0x170/0x3f0 [ 34.160496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.160551] kthread+0x328/0x630 [ 34.160601] ret_from_fork+0x10/0x20 [ 34.160649] [ 34.160678] kfence-#190: 0x000000006388906c-0x00000000a4d7bf5d, size=73, cache=kmalloc-96 [ 34.160678] [ 34.160745] allocated by task 329 on cpu 1 at 34.159240s (0.001500s ago): [ 34.160827] test_alloc+0x29c/0x628 [ 34.160876] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 34.160925] kunit_try_run_case+0x170/0x3f0 [ 34.160973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.161025] kthread+0x328/0x630 [ 34.161070] ret_from_fork+0x10/0x20 [ 34.161116] [ 34.161143] freed by task 329 on cpu 1 at 34.159479s (0.001660s ago): [ 34.161218] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.161270] kunit_try_run_case+0x170/0x3f0 [ 34.161316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.161369] kthread+0x328/0x630 [ 34.161424] ret_from_fork+0x10/0x20 [ 34.161476] [ 34.161534] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 34.161630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.161663] Hardware name: linux,dummy-virt (DT) [ 34.161703] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 33.847661] ================================================================== [ 33.847788] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 33.847788] [ 33.847917] Out-of-bounds read at 0x000000000ea4237d (105B right of kfence-#187): [ 33.847991] test_kmalloc_aligned_oob_read+0x238/0x468 [ 33.848057] kunit_try_run_case+0x170/0x3f0 [ 33.848114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.848168] kthread+0x328/0x630 [ 33.848218] ret_from_fork+0x10/0x20 [ 33.848264] [ 33.848295] kfence-#187: 0x00000000890881c1-0x00000000bac9e625, size=73, cache=kmalloc-96 [ 33.848295] [ 33.848361] allocated by task 327 on cpu 1 at 33.847250s (0.001107s ago): [ 33.848481] test_alloc+0x29c/0x628 [ 33.848532] test_kmalloc_aligned_oob_read+0x100/0x468 [ 33.848583] kunit_try_run_case+0x170/0x3f0 [ 33.848632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.848686] kthread+0x328/0x630 [ 33.848730] ret_from_fork+0x10/0x20 [ 33.848777] [ 33.848837] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 33.848935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.848971] Hardware name: linux,dummy-virt (DT) [ 33.849012] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 29.688947] ================================================================== [ 29.689157] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 29.689157] [ 29.689363] Corrupted memory at 0x00000000bc35e02c [ ! ] (in kfence-#147): [ 29.689764] test_corruption+0x284/0x378 [ 29.689886] kunit_try_run_case+0x170/0x3f0 [ 29.690003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.690171] kthread+0x328/0x630 [ 29.690338] ret_from_fork+0x10/0x20 [ 29.690506] [ 29.690588] kfence-#147: 0x00000000ab8de585-0x000000001bec32bb, size=32, cache=kmalloc-32 [ 29.690588] [ 29.690743] allocated by task 315 on cpu 1 at 29.688231s (0.002503s ago): [ 29.690929] test_alloc+0x29c/0x628 [ 29.691052] test_corruption+0x198/0x378 [ 29.691154] kunit_try_run_case+0x170/0x3f0 [ 29.691284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.691430] kthread+0x328/0x630 [ 29.691537] ret_from_fork+0x10/0x20 [ 29.691631] [ 29.691691] freed by task 315 on cpu 1 at 29.688500s (0.003182s ago): [ 29.691858] test_corruption+0x284/0x378 [ 29.691969] kunit_try_run_case+0x170/0x3f0 [ 29.692090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.692235] kthread+0x328/0x630 [ 29.692417] ret_from_fork+0x10/0x20 [ 29.692570] [ 29.692693] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.692848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.692904] Hardware name: linux,dummy-virt (DT) [ 29.693477] ================================================================== [ 29.793796] ================================================================== [ 29.793953] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 29.793953] [ 29.794085] Corrupted memory at 0x000000005c535158 [ ! . . . . . . . . . . . . . . . ] (in kfence-#148): [ 29.799126] test_corruption+0x120/0x378 [ 29.799820] kunit_try_run_case+0x170/0x3f0 [ 29.799933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.800032] kthread+0x328/0x630 [ 29.800785] ret_from_fork+0x10/0x20 [ 29.801360] [ 29.801431] kfence-#148: 0x000000008067dfa7-0x000000004be2cd57, size=32, cache=test [ 29.801431] [ 29.802168] allocated by task 317 on cpu 1 at 29.793528s (0.008596s ago): [ 29.802784] test_alloc+0x230/0x628 [ 29.802892] test_corruption+0xdc/0x378 [ 29.803772] kunit_try_run_case+0x170/0x3f0 [ 29.803915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.804136] kthread+0x328/0x630 [ 29.804264] ret_from_fork+0x10/0x20 [ 29.804901] [ 29.805096] freed by task 317 on cpu 1 at 29.793629s (0.011458s ago): [ 29.805469] test_corruption+0x120/0x378 [ 29.806086] kunit_try_run_case+0x170/0x3f0 [ 29.806369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.806809] kthread+0x328/0x630 [ 29.807117] ret_from_fork+0x10/0x20 [ 29.807449] [ 29.807982] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.808302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.808375] Hardware name: linux,dummy-virt (DT) [ 29.808467] ================================================================== [ 30.209081] ================================================================== [ 30.209239] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 30.209239] [ 30.209365] Corrupted memory at 0x00000000623d45dd [ ! ] (in kfence-#152): [ 30.209618] test_corruption+0x1d8/0x378 [ 30.209731] kunit_try_run_case+0x170/0x3f0 [ 30.209838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.209946] kthread+0x328/0x630 [ 30.210048] ret_from_fork+0x10/0x20 [ 30.210139] [ 30.210190] kfence-#152: 0x000000008e622d5c-0x0000000005ff74d6, size=32, cache=test [ 30.210190] [ 30.210334] allocated by task 317 on cpu 1 at 30.208813s (0.001512s ago): [ 30.213297] test_alloc+0x230/0x628 [ 30.213885] test_corruption+0x198/0x378 [ 30.214002] kunit_try_run_case+0x170/0x3f0 [ 30.214093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.214194] kthread+0x328/0x630 [ 30.214280] ret_from_fork+0x10/0x20 [ 30.215182] [ 30.215259] freed by task 317 on cpu 1 at 30.208914s (0.006334s ago): [ 30.215453] test_corruption+0x1d8/0x378 [ 30.215534] kunit_try_run_case+0x170/0x3f0 [ 30.215591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.215708] kthread+0x328/0x630 [ 30.215857] ret_from_fork+0x10/0x20 [ 30.216012] [ 30.216161] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 30.216452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.216581] Hardware name: linux,dummy-virt (DT) [ 30.216860] ================================================================== [ 29.585185] ================================================================== [ 29.585439] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 29.585439] [ 29.585979] Corrupted memory at 0x0000000023fe767c [ ! . . . . . . . . . . . . . . . ] (in kfence-#146): [ 29.587671] test_corruption+0x278/0x378 [ 29.587917] kunit_try_run_case+0x170/0x3f0 [ 29.588173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.588646] kthread+0x328/0x630 [ 29.589014] ret_from_fork+0x10/0x20 [ 29.589133] [ 29.589417] kfence-#146: 0x000000006faa87ef-0x00000000ab1c8154, size=32, cache=kmalloc-32 [ 29.589417] [ 29.589730] allocated by task 315 on cpu 1 at 29.584528s (0.005178s ago): [ 29.590037] test_alloc+0x29c/0x628 [ 29.590286] test_corruption+0xdc/0x378 [ 29.590413] kunit_try_run_case+0x170/0x3f0 [ 29.590527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.590650] kthread+0x328/0x630 [ 29.591364] ret_from_fork+0x10/0x20 [ 29.591591] [ 29.591655] freed by task 315 on cpu 1 at 29.584716s (0.006929s ago): [ 29.592270] test_corruption+0x278/0x378 [ 29.592679] kunit_try_run_case+0x170/0x3f0 [ 29.592799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.593067] kthread+0x328/0x630 [ 29.593282] ret_from_fork+0x10/0x20 [ 29.593564] [ 29.593816] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.594427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.594509] Hardware name: linux,dummy-virt (DT) [ 29.594665] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 29.268486] ================================================================== [ 29.268718] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 29.268718] [ 29.268877] Invalid free of 0x000000009772c407 (in kfence-#143): [ 29.269005] test_invalid_addr_free+0x1ac/0x238 [ 29.269118] kunit_try_run_case+0x170/0x3f0 [ 29.269516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.269712] kthread+0x328/0x630 [ 29.269828] ret_from_fork+0x10/0x20 [ 29.269975] [ 29.270065] kfence-#143: 0x000000003a157039-0x000000008d5e3dc3, size=32, cache=kmalloc-32 [ 29.270065] [ 29.270264] allocated by task 311 on cpu 1 at 29.267887s (0.002365s ago): [ 29.270485] test_alloc+0x29c/0x628 [ 29.270581] test_invalid_addr_free+0xd4/0x238 [ 29.270982] kunit_try_run_case+0x170/0x3f0 [ 29.271129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.271274] kthread+0x328/0x630 [ 29.272144] ret_from_fork+0x10/0x20 [ 29.272476] [ 29.272730] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.273030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.273137] Hardware name: linux,dummy-virt (DT) [ 29.273257] ================================================================== [ 29.378311] ================================================================== [ 29.379625] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 29.379625] [ 29.380780] Invalid free of 0x00000000a6e1fa04 (in kfence-#144): [ 29.381422] test_invalid_addr_free+0xec/0x238 [ 29.382123] kunit_try_run_case+0x170/0x3f0 [ 29.382852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.383600] kthread+0x328/0x630 [ 29.383928] ret_from_fork+0x10/0x20 [ 29.384039] [ 29.384101] kfence-#144: 0x0000000013889785-0x0000000080ace8aa, size=32, cache=test [ 29.384101] [ 29.384234] allocated by task 313 on cpu 1 at 29.378061s (0.006166s ago): [ 29.384369] test_alloc+0x230/0x628 [ 29.385414] test_invalid_addr_free+0xd4/0x238 [ 29.386095] kunit_try_run_case+0x170/0x3f0 [ 29.386366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.386948] kthread+0x328/0x630 [ 29.387116] ret_from_fork+0x10/0x20 [ 29.387772] [ 29.387940] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.388140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.389014] Hardware name: linux,dummy-virt (DT) [ 29.389257] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 28.956708] ================================================================== [ 28.957019] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 28.957019] [ 28.957198] Invalid free of 0x000000001aecb05f (in kfence-#140): [ 28.957384] test_double_free+0x1bc/0x238 [ 28.957559] kunit_try_run_case+0x170/0x3f0 [ 28.957687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.957802] kthread+0x328/0x630 [ 28.957910] ret_from_fork+0x10/0x20 [ 28.958014] [ 28.958080] kfence-#140: 0x000000001aecb05f-0x00000000f61a8c9e, size=32, cache=kmalloc-32 [ 28.958080] [ 28.958223] allocated by task 307 on cpu 1 at 28.956051s (0.002163s ago): [ 28.958449] test_alloc+0x29c/0x628 [ 28.958552] test_double_free+0xd4/0x238 [ 28.958768] kunit_try_run_case+0x170/0x3f0 [ 28.958880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.958985] kthread+0x328/0x630 [ 28.959126] ret_from_fork+0x10/0x20 [ 28.959386] [ 28.959543] freed by task 307 on cpu 1 at 28.956178s (0.003351s ago): [ 28.959918] test_double_free+0x1ac/0x238 [ 28.960043] kunit_try_run_case+0x170/0x3f0 [ 28.960452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.960620] kthread+0x328/0x630 [ 28.960744] ret_from_fork+0x10/0x20 [ 28.960902] [ 28.961074] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 28.961367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.961469] Hardware name: linux,dummy-virt (DT) [ 28.961558] ================================================================== [ 29.064594] ================================================================== [ 29.064778] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 29.064778] [ 29.064917] Invalid free of 0x00000000053415e1 (in kfence-#141): [ 29.065054] test_double_free+0x100/0x238 [ 29.065177] kunit_try_run_case+0x170/0x3f0 [ 29.065290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.065418] kthread+0x328/0x630 [ 29.065532] ret_from_fork+0x10/0x20 [ 29.065633] [ 29.065693] kfence-#141: 0x00000000053415e1-0x00000000d4d9795c, size=32, cache=test [ 29.065693] [ 29.065830] allocated by task 309 on cpu 1 at 29.063414s (0.002408s ago): [ 29.065993] test_alloc+0x230/0x628 [ 29.066093] test_double_free+0xd4/0x238 [ 29.066197] kunit_try_run_case+0x170/0x3f0 [ 29.066859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.067320] kthread+0x328/0x630 [ 29.067880] ret_from_fork+0x10/0x20 [ 29.068069] [ 29.068225] freed by task 309 on cpu 1 at 29.063522s (0.004693s ago): [ 29.068489] test_double_free+0xf0/0x238 [ 29.068603] kunit_try_run_case+0x170/0x3f0 [ 29.068727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.068854] kthread+0x328/0x630 [ 29.069319] ret_from_fork+0x10/0x20 [ 29.069615] [ 29.069882] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 29.070107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.070183] Hardware name: linux,dummy-virt (DT) [ 29.070261] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 28.647634] ================================================================== [ 28.647796] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 28.647796] [ 28.648002] Use-after-free read at 0x00000000a27834e6 (in kfence-#137): [ 28.648125] test_use_after_free_read+0x114/0x248 [ 28.648257] kunit_try_run_case+0x170/0x3f0 [ 28.648379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.648517] kthread+0x328/0x630 [ 28.648617] ret_from_fork+0x10/0x20 [ 28.648713] [ 28.648774] kfence-#137: 0x00000000a27834e6-0x00000000a2206f7a, size=32, cache=test [ 28.648774] [ 28.648902] allocated by task 301 on cpu 1 at 28.644161s (0.004733s ago): [ 28.649067] test_alloc+0x230/0x628 [ 28.649164] test_use_after_free_read+0xd0/0x248 [ 28.649269] kunit_try_run_case+0x170/0x3f0 [ 28.649373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.649483] kthread+0x328/0x630 [ 28.649568] ret_from_fork+0x10/0x20 [ 28.649656] [ 28.649711] freed by task 301 on cpu 1 at 28.644270s (0.005432s ago): [ 28.649863] test_use_after_free_read+0xf0/0x248 [ 28.650451] kunit_try_run_case+0x170/0x3f0 [ 28.650966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.651086] kthread+0x328/0x630 [ 28.651180] ret_from_fork+0x10/0x20 [ 28.651311] [ 28.651448] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 28.652273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.652500] Hardware name: linux,dummy-virt (DT) [ 28.652601] ================================================================== [ 28.543586] ================================================================== [ 28.543753] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 28.543753] [ 28.543963] Use-after-free read at 0x000000003deb452f (in kfence-#136): [ 28.544084] test_use_after_free_read+0x114/0x248 [ 28.544216] kunit_try_run_case+0x170/0x3f0 [ 28.544338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.544469] kthread+0x328/0x630 [ 28.544578] ret_from_fork+0x10/0x20 [ 28.544689] [ 28.544751] kfence-#136: 0x000000003deb452f-0x00000000a086436e, size=32, cache=kmalloc-32 [ 28.544751] [ 28.544950] allocated by task 299 on cpu 1 at 28.541824s (0.003117s ago): [ 28.545112] test_alloc+0x29c/0x628 [ 28.545214] test_use_after_free_read+0xd0/0x248 [ 28.545319] kunit_try_run_case+0x170/0x3f0 [ 28.547109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.547837] kthread+0x328/0x630 [ 28.548007] ret_from_fork+0x10/0x20 [ 28.548104] [ 28.548399] freed by task 299 on cpu 1 at 28.541957s (0.006429s ago): [ 28.548614] test_use_after_free_read+0x1c0/0x248 [ 28.549001] kunit_try_run_case+0x170/0x3f0 [ 28.549474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.549607] kthread+0x328/0x630 [ 28.550182] ret_from_fork+0x10/0x20 [ 28.550349] [ 28.550876] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 28.551358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.551449] Hardware name: linux,dummy-virt (DT) [ 28.551529] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 28.331964] ================================================================== [ 28.332131] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 28.332131] [ 28.332340] Out-of-bounds write at 0x0000000037b3ccd1 (1B left of kfence-#134): [ 28.332494] test_out_of_bounds_write+0x100/0x240 [ 28.332623] kunit_try_run_case+0x170/0x3f0 [ 28.332746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.332864] kthread+0x328/0x630 [ 28.332975] ret_from_fork+0x10/0x20 [ 28.333083] [ 28.333149] kfence-#134: 0x00000000be9b65e2-0x00000000eb54fbbf, size=32, cache=kmalloc-32 [ 28.333149] [ 28.333277] allocated by task 295 on cpu 1 at 28.331674s (0.001595s ago): [ 28.334775] test_alloc+0x29c/0x628 [ 28.336177] test_out_of_bounds_write+0xc8/0x240 [ 28.336766] kunit_try_run_case+0x170/0x3f0 [ 28.336896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.337010] kthread+0x328/0x630 [ 28.337107] ret_from_fork+0x10/0x20 [ 28.337203] [ 28.337312] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 28.337520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.340761] Hardware name: linux,dummy-virt (DT) [ 28.340879] ================================================================== [ 28.438458] ================================================================== [ 28.438640] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 28.438640] [ 28.439126] Out-of-bounds write at 0x00000000860add2d (1B left of kfence-#135): [ 28.439292] test_out_of_bounds_write+0x100/0x240 [ 28.439641] kunit_try_run_case+0x170/0x3f0 [ 28.440064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.440469] kthread+0x328/0x630 [ 28.440787] ret_from_fork+0x10/0x20 [ 28.441090] [ 28.441356] kfence-#135: 0x00000000631ec5e1-0x000000002a3b9cb9, size=32, cache=test [ 28.441356] [ 28.441727] allocated by task 297 on cpu 1 at 28.437388s (0.004322s ago): [ 28.442125] test_alloc+0x230/0x628 [ 28.442477] test_out_of_bounds_write+0xc8/0x240 [ 28.442776] kunit_try_run_case+0x170/0x3f0 [ 28.442940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.443300] kthread+0x328/0x630 [ 28.443446] ret_from_fork+0x10/0x20 [ 28.443546] [ 28.443881] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 28.444318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.444614] Hardware name: linux,dummy-virt (DT) [ 28.444822] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 27.399761] ================================================================== [ 27.399930] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 27.399930] [ 27.400182] Out-of-bounds read at 0x00000000d9c7a816 (1B left of kfence-#125): [ 27.400364] test_out_of_bounds_read+0x114/0x3e0 [ 27.401083] kunit_try_run_case+0x170/0x3f0 [ 27.401244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.401359] kthread+0x328/0x630 [ 27.401472] ret_from_fork+0x10/0x20 [ 27.401839] [ 27.402729] kfence-#125: 0x000000003cd9db34-0x00000000e7af69ee, size=32, cache=kmalloc-32 [ 27.402729] [ 27.402971] allocated by task 291 on cpu 1 at 27.399064s (0.003895s ago): [ 27.403335] test_alloc+0x29c/0x628 [ 27.403735] test_out_of_bounds_read+0xdc/0x3e0 [ 27.403907] kunit_try_run_case+0x170/0x3f0 [ 27.404024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.404144] kthread+0x328/0x630 [ 27.404242] ret_from_fork+0x10/0x20 [ 27.404358] [ 27.404479] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.404686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.404763] Hardware name: linux,dummy-virt (DT) [ 27.404845] ================================================================== [ 27.916952] ================================================================== [ 27.917131] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 27.917131] [ 27.917321] Out-of-bounds read at 0x00000000f9a09498 (32B right of kfence-#130): [ 27.917482] test_out_of_bounds_read+0x1c8/0x3e0 [ 27.917615] kunit_try_run_case+0x170/0x3f0 [ 27.917737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.917859] kthread+0x328/0x630 [ 27.917968] ret_from_fork+0x10/0x20 [ 27.918074] [ 27.918138] kfence-#130: 0x00000000a17af640-0x00000000510f8d1d, size=32, cache=test [ 27.918138] [ 27.918269] allocated by task 293 on cpu 1 at 27.916720s (0.001541s ago): [ 27.918459] test_alloc+0x230/0x628 [ 27.918559] test_out_of_bounds_read+0x198/0x3e0 [ 27.918745] kunit_try_run_case+0x170/0x3f0 [ 27.919001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.919117] kthread+0x328/0x630 [ 27.919549] ret_from_fork+0x10/0x20 [ 27.919713] [ 27.919859] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.920073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.920145] Hardware name: linux,dummy-virt (DT) [ 27.920227] ================================================================== [ 27.813378] ================================================================== [ 27.813571] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 27.813571] [ 27.813756] Out-of-bounds read at 0x00000000e402f2ef (1B left of kfence-#129): [ 27.813873] test_out_of_bounds_read+0x114/0x3e0 [ 27.813986] kunit_try_run_case+0x170/0x3f0 [ 27.814090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.814183] kthread+0x328/0x630 [ 27.814274] ret_from_fork+0x10/0x20 [ 27.817970] [ 27.818102] kfence-#129: 0x000000009be1b7fd-0x00000000c36ab069, size=32, cache=test [ 27.818102] [ 27.818242] allocated by task 293 on cpu 1 at 27.813070s (0.005162s ago): [ 27.818470] test_alloc+0x230/0x628 [ 27.818570] test_out_of_bounds_read+0xdc/0x3e0 [ 27.818660] kunit_try_run_case+0x170/0x3f0 [ 27.818739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.818823] kthread+0x328/0x630 [ 27.818905] ret_from_fork+0x10/0x20 [ 27.818985] [ 27.819079] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.819231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.819268] Hardware name: linux,dummy-virt (DT) [ 27.819306] ================================================================== [ 27.603945] ================================================================== [ 27.604117] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 27.604117] [ 27.604311] Out-of-bounds read at 0x00000000f97431a5 (32B right of kfence-#127): [ 27.604931] test_out_of_bounds_read+0x1c8/0x3e0 [ 27.605221] kunit_try_run_case+0x170/0x3f0 [ 27.605377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.605500] kthread+0x328/0x630 [ 27.605609] ret_from_fork+0x10/0x20 [ 27.605893] [ 27.605964] kfence-#127: 0x00000000fb4eb1b0-0x0000000008f8762a, size=32, cache=kmalloc-32 [ 27.605964] [ 27.606053] allocated by task 291 on cpu 1 at 27.603621s (0.002426s ago): [ 27.606162] test_alloc+0x29c/0x628 [ 27.606225] test_out_of_bounds_read+0x198/0x3e0 [ 27.606278] kunit_try_run_case+0x170/0x3f0 [ 27.606347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.606455] kthread+0x328/0x630 [ 27.606610] ret_from_fork+0x10/0x20 [ 27.606725] [ 27.606816] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.606993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.607095] Hardware name: linux,dummy-virt (DT) [ 27.607220] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy
[ 24.338615] ================================================================== [ 24.339581] BUG: KFENCE: use-after-free read in kmem_cache_destroy+0x50/0x218 [ 24.339581] [ 24.339853] Use-after-free read at 0x000000001cc6e260 (in kfence-#105): [ 24.339983] kmem_cache_destroy+0x50/0x218 [ 24.340099] kmem_cache_double_destroy+0x174/0x300 [ 24.340216] kunit_try_run_case+0x170/0x3f0 [ 24.340337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.340474] kthread+0x328/0x630 [ 24.340575] ret_from_fork+0x10/0x20 [ 24.340669] [ 24.340726] kfence-#105: 0x0000000092c46ec6-0x000000008ba0fe75, size=208, cache=kmem_cache [ 24.340726] [ 24.340882] allocated by task 219 on cpu 0 at 24.309253s (0.031620s ago): [ 24.341121] __kmem_cache_create_args+0x178/0x280 [ 24.341239] kmem_cache_double_destroy+0xc0/0x300 [ 24.341354] kunit_try_run_case+0x170/0x3f0 [ 24.341719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.342329] kthread+0x328/0x630 [ 24.342641] ret_from_fork+0x10/0x20 [ 24.342719] [ 24.342758] freed by task 219 on cpu 0 at 24.328686s (0.014065s ago): [ 24.342950] slab_kmem_cache_release+0x38/0x50 [ 24.343023] kmem_cache_release+0x1c/0x30 [ 24.343115] kobject_put+0x17c/0x420 [ 24.345367] sysfs_slab_release+0x1c/0x30 [ 24.346368] kmem_cache_destroy+0x118/0x218 [ 24.346891] kmem_cache_double_destroy+0x128/0x300 [ 24.347563] kunit_try_run_case+0x170/0x3f0 [ 24.348158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.348528] kthread+0x328/0x630 [ 24.348819] ret_from_fork+0x10/0x20 [ 24.349049] [ 24.349975] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 24.350528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.350725] Hardware name: linux,dummy-virt (DT) [ 24.350884] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_4
[ 22.589133] ================================================================== [ 22.589424] BUG: KFENCE: memory corruption in kmalloc_oob_memset_4+0x170/0x300 [ 22.589424] [ 22.589785] Corrupted memory at 0x0000000099e520c3 [ ! . . . . . . . ] (in kfence-#91): [ 22.597496] kmalloc_oob_memset_4+0x170/0x300 [ 22.597936] kunit_try_run_case+0x170/0x3f0 [ 22.598068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.598457] kthread+0x328/0x630 [ 22.598556] ret_from_fork+0x10/0x20 [ 22.598648] [ 22.598975] kfence-#91: 0x00000000a201e9df-0x00000000f8781c12, size=120, cache=kmalloc-128 [ 22.598975] [ 22.599394] allocated by task 178 on cpu 1 at 22.581619s (0.017764s ago): [ 22.599568] kmalloc_oob_memset_4+0xb0/0x300 [ 22.599810] kunit_try_run_case+0x170/0x3f0 [ 22.600020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.600278] kthread+0x328/0x630 [ 22.600822] ret_from_fork+0x10/0x20 [ 22.600987] [ 22.601747] freed by task 178 on cpu 1 at 22.587933s (0.013152s ago): [ 22.602349] kmalloc_oob_memset_4+0x170/0x300 [ 22.602603] kunit_try_run_case+0x170/0x3f0 [ 22.602928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.603044] kthread+0x328/0x630 [ 22.603126] ret_from_fork+0x10/0x20 [ 22.603530] [ 22.603652] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.603862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.603928] Hardware name: linux,dummy-virt (DT) [ 22.604004] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-kmalloc_node_oob_right
[ 21.833671] ================================================================== [ 21.833938] BUG: KFENCE: out-of-bounds read in kmalloc_node_oob_right+0x160/0x330 [ 21.833938] [ 21.834193] Out-of-bounds read at 0x00000000e3d29f6c (4096B right of kfence-#84): [ 21.836690] kmalloc_node_oob_right+0x160/0x330 [ 21.837264] kunit_try_run_case+0x170/0x3f0 [ 21.837381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.837519] kthread+0x328/0x630 [ 21.838067] ret_from_fork+0x10/0x20 [ 21.838641] [ 21.839106] kfence-#84: 0x00000000eb181073-0x00000000085ff4de, size=4096, cache=kmalloc-4k [ 21.839106] [ 21.839468] allocated by task 144 on cpu 1 at 21.829415s (0.009943s ago): [ 21.841848] kmalloc_node_oob_right+0xbc/0x330 [ 21.842779] kunit_try_run_case+0x170/0x3f0 [ 21.843012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.843424] kthread+0x328/0x630 [ 21.843552] ret_from_fork+0x10/0x20 [ 21.844040] [ 21.844189] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.844695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.844855] Hardware name: linux,dummy-virt (DT) [ 21.845155] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 27.218040] ================================================================== [ 27.218220] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 27.218688] Write of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.219107] [ 27.219458] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.219933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.220074] Hardware name: linux,dummy-virt (DT) [ 27.220143] Call trace: [ 27.220207] show_stack+0x20/0x38 (C) [ 27.220389] dump_stack_lvl+0x8c/0xd0 [ 27.220632] print_report+0x118/0x608 [ 27.220910] kasan_report+0xdc/0x128 [ 27.221550] kasan_check_range+0x100/0x1a8 [ 27.221739] __kasan_check_write+0x20/0x30 [ 27.221874] strncpy_from_user+0x3c/0x2a0 [ 27.222507] copy_user_test_oob+0x5c0/0xec8 [ 27.222692] kunit_try_run_case+0x170/0x3f0 [ 27.224484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.224641] kthread+0x328/0x630 [ 27.224754] ret_from_fork+0x10/0x20 [ 27.224872] [ 27.224916] Allocated by task 289: [ 27.225187] kasan_save_stack+0x3c/0x68 [ 27.225365] kasan_save_track+0x20/0x40 [ 27.225666] kasan_save_alloc_info+0x40/0x58 [ 27.225982] __kasan_kmalloc+0xd4/0xd8 [ 27.226203] __kmalloc_noprof+0x198/0x4c8 [ 27.226306] kunit_kmalloc_array+0x34/0x88 [ 27.226964] copy_user_test_oob+0xac/0xec8 [ 27.227554] kunit_try_run_case+0x170/0x3f0 [ 27.228064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.228191] kthread+0x328/0x630 [ 27.228591] ret_from_fork+0x10/0x20 [ 27.229223] [ 27.229420] The buggy address belongs to the object at fff00000c7732300 [ 27.229420] which belongs to the cache kmalloc-128 of size 128 [ 27.230011] The buggy address is located 0 bytes inside of [ 27.230011] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.230364] [ 27.230622] The buggy address belongs to the physical page: [ 27.231236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.231715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.232134] page_type: f5(slab) [ 27.232631] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.232831] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.233258] page dumped because: kasan: bad access detected [ 27.234169] [ 27.234250] Memory state around the buggy address: [ 27.234373] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.234961] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.235432] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.235542] ^ [ 27.235653] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.236099] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.236216] ================================================================== [ 27.239082] ================================================================== [ 27.239156] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 27.239230] Write of size 1 at addr fff00000c7732378 by task kunit_try_catch/289 [ 27.239287] [ 27.239335] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.239453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.239486] Hardware name: linux,dummy-virt (DT) [ 27.239524] Call trace: [ 27.239553] show_stack+0x20/0x38 (C) [ 27.239611] dump_stack_lvl+0x8c/0xd0 [ 27.239664] print_report+0x118/0x608 [ 27.239716] kasan_report+0xdc/0x128 [ 27.239765] __asan_report_store1_noabort+0x20/0x30 [ 27.239819] strncpy_from_user+0x270/0x2a0 [ 27.239869] copy_user_test_oob+0x5c0/0xec8 [ 27.239917] kunit_try_run_case+0x170/0x3f0 [ 27.239970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.240030] kthread+0x328/0x630 [ 27.240080] ret_from_fork+0x10/0x20 [ 27.240136] [ 27.240157] Allocated by task 289: [ 27.240190] kasan_save_stack+0x3c/0x68 [ 27.240236] kasan_save_track+0x20/0x40 [ 27.240278] kasan_save_alloc_info+0x40/0x58 [ 27.240321] __kasan_kmalloc+0xd4/0xd8 [ 27.240361] __kmalloc_noprof+0x198/0x4c8 [ 27.240424] kunit_kmalloc_array+0x34/0x88 [ 27.240509] copy_user_test_oob+0xac/0xec8 [ 27.240599] kunit_try_run_case+0x170/0x3f0 [ 27.240692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.240811] kthread+0x328/0x630 [ 27.240900] ret_from_fork+0x10/0x20 [ 27.240981] [ 27.241030] The buggy address belongs to the object at fff00000c7732300 [ 27.241030] which belongs to the cache kmalloc-128 of size 128 [ 27.241352] The buggy address is located 0 bytes to the right of [ 27.241352] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.241545] [ 27.241597] The buggy address belongs to the physical page: [ 27.241678] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.241808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.242119] page_type: f5(slab) [ 27.242223] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.242367] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.242470] page dumped because: kasan: bad access detected [ 27.242551] [ 27.242779] Memory state around the buggy address: [ 27.242872] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.242990] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.243101] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.243193] ^ [ 27.243468] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.243641] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.243761] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 27.188712] ================================================================== [ 27.188851] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 27.188985] Write of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.189115] [ 27.189204] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.189423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.190214] Hardware name: linux,dummy-virt (DT) [ 27.190353] Call trace: [ 27.190522] show_stack+0x20/0x38 (C) [ 27.190751] dump_stack_lvl+0x8c/0xd0 [ 27.191020] print_report+0x118/0x608 [ 27.191162] kasan_report+0xdc/0x128 [ 27.191269] kasan_check_range+0x100/0x1a8 [ 27.191630] __kasan_check_write+0x20/0x30 [ 27.191860] copy_user_test_oob+0x434/0xec8 [ 27.191978] kunit_try_run_case+0x170/0x3f0 [ 27.192132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.192541] kthread+0x328/0x630 [ 27.192681] ret_from_fork+0x10/0x20 [ 27.192899] [ 27.192963] Allocated by task 289: [ 27.193138] kasan_save_stack+0x3c/0x68 [ 27.193375] kasan_save_track+0x20/0x40 [ 27.193490] kasan_save_alloc_info+0x40/0x58 [ 27.193587] __kasan_kmalloc+0xd4/0xd8 [ 27.194081] __kmalloc_noprof+0x198/0x4c8 [ 27.194442] kunit_kmalloc_array+0x34/0x88 [ 27.194638] copy_user_test_oob+0xac/0xec8 [ 27.194824] kunit_try_run_case+0x170/0x3f0 [ 27.194993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.195256] kthread+0x328/0x630 [ 27.195349] ret_from_fork+0x10/0x20 [ 27.195447] [ 27.195501] The buggy address belongs to the object at fff00000c7732300 [ 27.195501] which belongs to the cache kmalloc-128 of size 128 [ 27.195651] The buggy address is located 0 bytes inside of [ 27.195651] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.196206] [ 27.196548] The buggy address belongs to the physical page: [ 27.196710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.197052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.197216] page_type: f5(slab) [ 27.197318] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.197451] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.197566] page dumped because: kasan: bad access detected [ 27.197654] [ 27.197704] Memory state around the buggy address: [ 27.198327] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.199059] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.199658] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.199863] ^ [ 27.199968] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.200529] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.200591] ================================================================== [ 27.170423] ================================================================== [ 27.170808] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 27.171382] Read of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.171614] [ 27.171714] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.172676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.172945] Hardware name: linux,dummy-virt (DT) [ 27.173515] Call trace: [ 27.173598] show_stack+0x20/0x38 (C) [ 27.174002] dump_stack_lvl+0x8c/0xd0 [ 27.174348] print_report+0x118/0x608 [ 27.174697] kasan_report+0xdc/0x128 [ 27.174984] kasan_check_range+0x100/0x1a8 [ 27.175109] __kasan_check_read+0x20/0x30 [ 27.175240] copy_user_test_oob+0x3c8/0xec8 [ 27.175472] kunit_try_run_case+0x170/0x3f0 [ 27.176205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.176840] kthread+0x328/0x630 [ 27.177008] ret_from_fork+0x10/0x20 [ 27.177314] [ 27.177435] Allocated by task 289: [ 27.177876] kasan_save_stack+0x3c/0x68 [ 27.178217] kasan_save_track+0x20/0x40 [ 27.178555] kasan_save_alloc_info+0x40/0x58 [ 27.178708] __kasan_kmalloc+0xd4/0xd8 [ 27.178809] __kmalloc_noprof+0x198/0x4c8 [ 27.179196] kunit_kmalloc_array+0x34/0x88 [ 27.179413] copy_user_test_oob+0xac/0xec8 [ 27.180021] kunit_try_run_case+0x170/0x3f0 [ 27.180145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.180275] kthread+0x328/0x630 [ 27.180377] ret_from_fork+0x10/0x20 [ 27.180790] [ 27.181493] The buggy address belongs to the object at fff00000c7732300 [ 27.181493] which belongs to the cache kmalloc-128 of size 128 [ 27.181752] The buggy address is located 0 bytes inside of [ 27.181752] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.182343] [ 27.182446] The buggy address belongs to the physical page: [ 27.182535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.182769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.182976] page_type: f5(slab) [ 27.183090] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.183197] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.183566] page dumped because: kasan: bad access detected [ 27.183858] [ 27.183978] Memory state around the buggy address: [ 27.184094] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.184312] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.184660] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.184800] ^ [ 27.185094] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.185276] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.185624] ================================================================== [ 27.109672] ================================================================== [ 27.110115] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 27.110842] Read of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.111083] [ 27.111184] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.111388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.112028] Hardware name: linux,dummy-virt (DT) [ 27.112157] Call trace: [ 27.112459] show_stack+0x20/0x38 (C) [ 27.112608] dump_stack_lvl+0x8c/0xd0 [ 27.112739] print_report+0x118/0x608 [ 27.112860] kasan_report+0xdc/0x128 [ 27.114355] kasan_check_range+0x100/0x1a8 [ 27.114814] __kasan_check_read+0x20/0x30 [ 27.115153] copy_user_test_oob+0x728/0xec8 [ 27.115359] kunit_try_run_case+0x170/0x3f0 [ 27.115822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.116044] kthread+0x328/0x630 [ 27.116414] ret_from_fork+0x10/0x20 [ 27.116553] [ 27.117103] Allocated by task 289: [ 27.117376] kasan_save_stack+0x3c/0x68 [ 27.117551] kasan_save_track+0x20/0x40 [ 27.118184] kasan_save_alloc_info+0x40/0x58 [ 27.118344] __kasan_kmalloc+0xd4/0xd8 [ 27.118474] __kmalloc_noprof+0x198/0x4c8 [ 27.118559] kunit_kmalloc_array+0x34/0x88 [ 27.118656] copy_user_test_oob+0xac/0xec8 [ 27.118751] kunit_try_run_case+0x170/0x3f0 [ 27.118866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.118995] kthread+0x328/0x630 [ 27.119092] ret_from_fork+0x10/0x20 [ 27.119921] [ 27.120003] The buggy address belongs to the object at fff00000c7732300 [ 27.120003] which belongs to the cache kmalloc-128 of size 128 [ 27.120655] The buggy address is located 0 bytes inside of [ 27.120655] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.120842] [ 27.120911] The buggy address belongs to the physical page: [ 27.121197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.121752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.121910] page_type: f5(slab) [ 27.122593] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.122850] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.123027] page dumped because: kasan: bad access detected [ 27.123114] [ 27.123378] Memory state around the buggy address: [ 27.123558] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.124057] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.124565] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.124982] ^ [ 27.125126] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.125240] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.125347] ================================================================== [ 27.150721] ================================================================== [ 27.151268] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 27.151611] Write of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.151950] [ 27.152061] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.152592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.152798] Hardware name: linux,dummy-virt (DT) [ 27.152884] Call trace: [ 27.152951] show_stack+0x20/0x38 (C) [ 27.153685] dump_stack_lvl+0x8c/0xd0 [ 27.153852] print_report+0x118/0x608 [ 27.153963] kasan_report+0xdc/0x128 [ 27.154086] kasan_check_range+0x100/0x1a8 [ 27.154665] __kasan_check_write+0x20/0x30 [ 27.155579] copy_user_test_oob+0x35c/0xec8 [ 27.155769] kunit_try_run_case+0x170/0x3f0 [ 27.156001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.156254] kthread+0x328/0x630 [ 27.156388] ret_from_fork+0x10/0x20 [ 27.156848] [ 27.156914] Allocated by task 289: [ 27.157251] kasan_save_stack+0x3c/0x68 [ 27.157386] kasan_save_track+0x20/0x40 [ 27.157491] kasan_save_alloc_info+0x40/0x58 [ 27.157855] __kasan_kmalloc+0xd4/0xd8 [ 27.158149] __kmalloc_noprof+0x198/0x4c8 [ 27.158510] kunit_kmalloc_array+0x34/0x88 [ 27.158610] copy_user_test_oob+0xac/0xec8 [ 27.158691] kunit_try_run_case+0x170/0x3f0 [ 27.158784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.159665] kthread+0x328/0x630 [ 27.159790] ret_from_fork+0x10/0x20 [ 27.159888] [ 27.159941] The buggy address belongs to the object at fff00000c7732300 [ 27.159941] which belongs to the cache kmalloc-128 of size 128 [ 27.160835] The buggy address is located 0 bytes inside of [ 27.160835] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.161097] [ 27.161164] The buggy address belongs to the physical page: [ 27.161298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.161535] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.161719] page_type: f5(slab) [ 27.161846] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.161990] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.162397] page dumped because: kasan: bad access detected [ 27.162774] [ 27.163144] Memory state around the buggy address: [ 27.163253] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.163632] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.163782] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.164396] ^ [ 27.164888] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.165065] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.165179] ================================================================== [ 27.204067] ================================================================== [ 27.204323] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 27.204831] Read of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.205094] [ 27.205285] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.206042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.206150] Hardware name: linux,dummy-virt (DT) [ 27.206237] Call trace: [ 27.206317] show_stack+0x20/0x38 (C) [ 27.206876] dump_stack_lvl+0x8c/0xd0 [ 27.207170] print_report+0x118/0x608 [ 27.207424] kasan_report+0xdc/0x128 [ 27.207761] kasan_check_range+0x100/0x1a8 [ 27.207901] __kasan_check_read+0x20/0x30 [ 27.208117] copy_user_test_oob+0x4a0/0xec8 [ 27.208357] kunit_try_run_case+0x170/0x3f0 [ 27.208668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.209147] kthread+0x328/0x630 [ 27.209287] ret_from_fork+0x10/0x20 [ 27.209617] [ 27.209744] Allocated by task 289: [ 27.209928] kasan_save_stack+0x3c/0x68 [ 27.210131] kasan_save_track+0x20/0x40 [ 27.210229] kasan_save_alloc_info+0x40/0x58 [ 27.210783] __kasan_kmalloc+0xd4/0xd8 [ 27.210964] __kmalloc_noprof+0x198/0x4c8 [ 27.211331] kunit_kmalloc_array+0x34/0x88 [ 27.211594] copy_user_test_oob+0xac/0xec8 [ 27.211833] kunit_try_run_case+0x170/0x3f0 [ 27.211950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.212061] kthread+0x328/0x630 [ 27.212142] ret_from_fork+0x10/0x20 [ 27.212228] [ 27.212279] The buggy address belongs to the object at fff00000c7732300 [ 27.212279] which belongs to the cache kmalloc-128 of size 128 [ 27.212450] The buggy address is located 0 bytes inside of [ 27.212450] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.212629] [ 27.212687] The buggy address belongs to the physical page: [ 27.212779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.212923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.213063] page_type: f5(slab) [ 27.213172] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.213437] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.213592] page dumped because: kasan: bad access detected [ 27.214032] [ 27.214095] Memory state around the buggy address: [ 27.214194] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.214828] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.215463] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.215594] ^ [ 27.215800] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.216115] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.216328] ================================================================== [ 27.078205] ================================================================== [ 27.078555] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 27.078820] Write of size 121 at addr fff00000c7732300 by task kunit_try_catch/289 [ 27.078954] [ 27.079057] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 27.079268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.079355] Hardware name: linux,dummy-virt (DT) [ 27.079445] Call trace: [ 27.079532] show_stack+0x20/0x38 (C) [ 27.079710] dump_stack_lvl+0x8c/0xd0 [ 27.079914] print_report+0x118/0x608 [ 27.080091] kasan_report+0xdc/0x128 [ 27.080210] kasan_check_range+0x100/0x1a8 [ 27.081332] __kasan_check_write+0x20/0x30 [ 27.081973] copy_user_test_oob+0x234/0xec8 [ 27.082228] kunit_try_run_case+0x170/0x3f0 [ 27.082468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.083102] kthread+0x328/0x630 [ 27.083313] ret_from_fork+0x10/0x20 [ 27.083859] [ 27.084266] Allocated by task 289: [ 27.084358] kasan_save_stack+0x3c/0x68 [ 27.084492] kasan_save_track+0x20/0x40 [ 27.085035] kasan_save_alloc_info+0x40/0x58 [ 27.085162] __kasan_kmalloc+0xd4/0xd8 [ 27.085669] __kmalloc_noprof+0x198/0x4c8 [ 27.085877] kunit_kmalloc_array+0x34/0x88 [ 27.086002] copy_user_test_oob+0xac/0xec8 [ 27.086097] kunit_try_run_case+0x170/0x3f0 [ 27.086597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.086731] kthread+0x328/0x630 [ 27.086827] ret_from_fork+0x10/0x20 [ 27.086961] [ 27.087022] The buggy address belongs to the object at fff00000c7732300 [ 27.087022] which belongs to the cache kmalloc-128 of size 128 [ 27.087703] The buggy address is located 0 bytes inside of [ 27.087703] allocated 120-byte region [fff00000c7732300, fff00000c7732378) [ 27.087989] [ 27.088292] The buggy address belongs to the physical page: [ 27.088530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 27.089351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.090071] page_type: f5(slab) [ 27.090217] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.090365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.090626] page dumped because: kasan: bad access detected [ 27.090722] [ 27.090784] Memory state around the buggy address: [ 27.091275] fff00000c7732200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.091495] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.091840] >fff00000c7732300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.092219] ^ [ 27.092870] fff00000c7732380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.093470] fff00000c7732400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.093577] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 26.987655] ================================================================== [ 26.987786] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 26.987925] Write of size 8 at addr fff00000c7732278 by task kunit_try_catch/285 [ 26.988059] [ 26.988147] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.988361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.988745] Hardware name: linux,dummy-virt (DT) [ 26.989037] Call trace: [ 26.989105] show_stack+0x20/0x38 (C) [ 26.989228] dump_stack_lvl+0x8c/0xd0 [ 26.989543] print_report+0x118/0x608 [ 26.989729] kasan_report+0xdc/0x128 [ 26.990416] kasan_check_range+0x100/0x1a8 [ 26.990909] __kasan_check_write+0x20/0x30 [ 26.991165] copy_to_kernel_nofault+0x8c/0x250 [ 26.991624] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 26.992077] kunit_try_run_case+0x170/0x3f0 [ 26.992339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.992781] kthread+0x328/0x630 [ 26.992907] ret_from_fork+0x10/0x20 [ 26.993044] [ 26.993097] Allocated by task 285: [ 26.993273] kasan_save_stack+0x3c/0x68 [ 26.993594] kasan_save_track+0x20/0x40 [ 26.993806] kasan_save_alloc_info+0x40/0x58 [ 26.994014] __kasan_kmalloc+0xd4/0xd8 [ 26.994188] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.994564] copy_to_kernel_nofault_oob+0xc8/0x418 [ 26.994961] kunit_try_run_case+0x170/0x3f0 [ 26.995064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.995171] kthread+0x328/0x630 [ 26.995256] ret_from_fork+0x10/0x20 [ 26.996291] [ 26.996372] The buggy address belongs to the object at fff00000c7732200 [ 26.996372] which belongs to the cache kmalloc-128 of size 128 [ 26.996657] The buggy address is located 0 bytes to the right of [ 26.996657] allocated 120-byte region [fff00000c7732200, fff00000c7732278) [ 26.997142] [ 26.997568] The buggy address belongs to the physical page: [ 26.997675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 26.997824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.998717] page_type: f5(slab) [ 26.999016] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.999811] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.000020] page dumped because: kasan: bad access detected [ 27.000295] [ 27.000579] Memory state around the buggy address: [ 27.000688] fff00000c7732100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.000872] fff00000c7732180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.001106] >fff00000c7732200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.001251] ^ [ 27.001371] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.001505] fff00000c7732300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.001616] ================================================================== [ 26.976953] ================================================================== [ 26.977468] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 26.977734] Read of size 8 at addr fff00000c7732278 by task kunit_try_catch/285 [ 26.977892] [ 26.977992] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.978316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.978466] Hardware name: linux,dummy-virt (DT) [ 26.978543] Call trace: [ 26.978606] show_stack+0x20/0x38 (C) [ 26.979027] dump_stack_lvl+0x8c/0xd0 [ 26.979175] print_report+0x118/0x608 [ 26.979310] kasan_report+0xdc/0x128 [ 26.979434] __asan_report_load8_noabort+0x20/0x30 [ 26.979573] copy_to_kernel_nofault+0x204/0x250 [ 26.979722] copy_to_kernel_nofault_oob+0x158/0x418 [ 26.980075] kunit_try_run_case+0x170/0x3f0 [ 26.980185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.980417] kthread+0x328/0x630 [ 26.980594] ret_from_fork+0x10/0x20 [ 26.980775] [ 26.980826] Allocated by task 285: [ 26.980920] kasan_save_stack+0x3c/0x68 [ 26.981066] kasan_save_track+0x20/0x40 [ 26.981195] kasan_save_alloc_info+0x40/0x58 [ 26.981348] __kasan_kmalloc+0xd4/0xd8 [ 26.981452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.981573] copy_to_kernel_nofault_oob+0xc8/0x418 [ 26.981729] kunit_try_run_case+0x170/0x3f0 [ 26.981862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.982021] kthread+0x328/0x630 [ 26.982116] ret_from_fork+0x10/0x20 [ 26.982223] [ 26.982313] The buggy address belongs to the object at fff00000c7732200 [ 26.982313] which belongs to the cache kmalloc-128 of size 128 [ 26.982520] The buggy address is located 0 bytes to the right of [ 26.982520] allocated 120-byte region [fff00000c7732200, fff00000c7732278) [ 26.982917] [ 26.982986] The buggy address belongs to the physical page: [ 26.983245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107732 [ 26.983413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.983553] page_type: f5(slab) [ 26.983671] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.983789] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.983899] page dumped because: kasan: bad access detected [ 26.983988] [ 26.984046] Memory state around the buggy address: [ 26.984166] fff00000c7732100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.984272] fff00000c7732180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.984379] >fff00000c7732200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.984522] ^ [ 26.984878] fff00000c7732280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.985027] fff00000c7732300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.985170] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 26.820658] ================================================================== [ 26.820796] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 26.820935] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/273 [ 26.821067] [ 26.821158] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.821380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.823767] Hardware name: linux,dummy-virt (DT) [ 26.823925] Call trace: [ 26.824131] show_stack+0x20/0x38 (C) [ 26.824440] dump_stack_lvl+0x8c/0xd0 [ 26.824682] print_report+0x310/0x608 [ 26.825611] kasan_report+0xdc/0x128 [ 26.826026] __asan_report_load1_noabort+0x20/0x30 [ 26.826758] vmalloc_oob+0x51c/0x5d0 [ 26.827014] kunit_try_run_case+0x170/0x3f0 [ 26.827160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.827275] kthread+0x328/0x630 [ 26.827378] ret_from_fork+0x10/0x20 [ 26.828232] [ 26.828426] The buggy address belongs to the virtual mapping at [ 26.828426] [ffff80008010b000, ffff80008010d000) created by: [ 26.828426] vmalloc_oob+0x98/0x5d0 [ 26.828727] [ 26.828795] The buggy address belongs to the physical page: [ 26.828887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777a [ 26.829032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.829208] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.829344] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.829465] page dumped because: kasan: bad access detected [ 26.829548] [ 26.829602] Memory state around the buggy address: [ 26.829688] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.831000] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.831813] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 26.831939] ^ [ 26.832626] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 26.832747] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 26.832843] ================================================================== [ 26.801049] ================================================================== [ 26.801266] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 26.801450] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/273 [ 26.801577] [ 26.801668] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.801879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.804572] Hardware name: linux,dummy-virt (DT) [ 26.805290] Call trace: [ 26.805501] show_stack+0x20/0x38 (C) [ 26.805726] dump_stack_lvl+0x8c/0xd0 [ 26.806325] print_report+0x310/0x608 [ 26.807335] kasan_report+0xdc/0x128 [ 26.807621] __asan_report_load1_noabort+0x20/0x30 [ 26.807901] vmalloc_oob+0x578/0x5d0 [ 26.808254] kunit_try_run_case+0x170/0x3f0 [ 26.808587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.808879] kthread+0x328/0x630 [ 26.809121] ret_from_fork+0x10/0x20 [ 26.809510] [ 26.809604] The buggy address belongs to the virtual mapping at [ 26.809604] [ffff80008010b000, ffff80008010d000) created by: [ 26.809604] vmalloc_oob+0x98/0x5d0 [ 26.810115] [ 26.810262] The buggy address belongs to the physical page: [ 26.810357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777a [ 26.811810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.812990] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.813150] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.813779] page dumped because: kasan: bad access detected [ 26.813904] [ 26.814061] Memory state around the buggy address: [ 26.814607] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.814894] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.815568] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 26.815701] ^ [ 26.815822] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 26.816642] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 26.816892] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 26.112901] ================================================================== [ 26.113025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 26.113709] [ 26.114117] Hardware name: linux,dummy-virt (DT) [ 26.114461] dump_stack_lvl+0x8c/0xd0 [ 26.114945] kasan_atomics_helper+0x3f94/0x4858 [ 26.115333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.116207] ret_from_fork+0x10/0x20 [ 26.117090] kasan_save_alloc_info+0x40/0x58 [ 26.117988] kasan_atomics+0xb8/0x2e0 [ 26.118936] [ 26.118981] The buggy address belongs to the physical page: [ 26.119056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.119210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.120225] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.120576] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.122749] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.125644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.129625] [ 26.129772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.129915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.131076] [ 26.131683] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.134598] [ 26.135238] Call trace: [ 26.137068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.139110] kasan_save_alloc_info+0x40/0x58 [ 26.139664] kasan_atomics+0xb8/0x2e0 [ 26.141847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.143597] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.145099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 26.148993] kasan_save_stack+0x3c/0x68 [ 26.151487] [ 26.151936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.152690] page_type: f5(slab) [ 26.153109] page dumped because: kasan: bad access detected [ 26.153605] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.154733] ================================================================== [ 26.732380] ================================================================== [ 26.732526] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 26.732657] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.732771] [ 26.732851] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.733051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.733119] Hardware name: linux,dummy-virt (DT) [ 26.733199] Call trace: [ 26.733256] show_stack+0x20/0x38 (C) [ 26.733378] dump_stack_lvl+0x8c/0xd0 [ 26.733516] print_report+0x118/0x608 [ 26.733959] kasan_report+0xdc/0x128 [ 26.734153] kasan_check_range+0x100/0x1a8 [ 26.734335] __kasan_check_write+0x20/0x30 [ 26.734495] kasan_atomics_helper+0x175c/0x4858 [ 26.734626] kasan_atomics+0x198/0x2e0 [ 26.734745] kunit_try_run_case+0x170/0x3f0 [ 26.734925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.735123] kthread+0x328/0x630 [ 26.735238] ret_from_fork+0x10/0x20 [ 26.735393] [ 26.735453] Allocated by task 269: [ 26.735526] kasan_save_stack+0x3c/0x68 [ 26.735627] kasan_save_track+0x20/0x40 [ 26.735726] kasan_save_alloc_info+0x40/0x58 [ 26.735825] __kasan_kmalloc+0xd4/0xd8 [ 26.735930] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.736105] kasan_atomics+0xb8/0x2e0 [ 26.736187] kunit_try_run_case+0x170/0x3f0 [ 26.736291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.736451] kthread+0x328/0x630 [ 26.736602] ret_from_fork+0x10/0x20 [ 26.736746] [ 26.736825] The buggy address belongs to the object at fff00000c7733980 [ 26.736825] which belongs to the cache kmalloc-64 of size 64 [ 26.737057] The buggy address is located 0 bytes to the right of [ 26.737057] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.737301] [ 26.737358] The buggy address belongs to the physical page: [ 26.737456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.737593] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.737732] page_type: f5(slab) [ 26.737837] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.737973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.738094] page dumped because: kasan: bad access detected [ 26.738186] [ 26.738238] Memory state around the buggy address: [ 26.738345] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.738533] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.738704] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.738806] ^ [ 26.738903] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.739032] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.739129] ================================================================== [ 26.440320] ================================================================== [ 26.440455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 26.440561] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.440679] [ 26.440756] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.440969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.441029] Hardware name: linux,dummy-virt (DT) [ 26.441116] Call trace: [ 26.441197] show_stack+0x20/0x38 (C) [ 26.441350] dump_stack_lvl+0x8c/0xd0 [ 26.441497] print_report+0x118/0x608 [ 26.441665] kasan_report+0xdc/0x128 [ 26.441766] kasan_check_range+0x100/0x1a8 [ 26.441877] __kasan_check_write+0x20/0x30 [ 26.441998] kasan_atomics_helper+0xe44/0x4858 [ 26.442119] kasan_atomics+0x198/0x2e0 [ 26.442230] kunit_try_run_case+0x170/0x3f0 [ 26.442373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.442527] kthread+0x328/0x630 [ 26.442640] ret_from_fork+0x10/0x20 [ 26.442757] [ 26.442820] Allocated by task 269: [ 26.442905] kasan_save_stack+0x3c/0x68 [ 26.443007] kasan_save_track+0x20/0x40 [ 26.443114] kasan_save_alloc_info+0x40/0x58 [ 26.443224] __kasan_kmalloc+0xd4/0xd8 [ 26.443305] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.443423] kasan_atomics+0xb8/0x2e0 [ 26.443542] kunit_try_run_case+0x170/0x3f0 [ 26.443639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.443750] kthread+0x328/0x630 [ 26.443876] ret_from_fork+0x10/0x20 [ 26.443978] [ 26.444059] The buggy address belongs to the object at fff00000c7733980 [ 26.444059] which belongs to the cache kmalloc-64 of size 64 [ 26.444263] The buggy address is located 0 bytes to the right of [ 26.444263] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.444489] [ 26.444582] The buggy address belongs to the physical page: [ 26.444665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.444808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.444925] page_type: f5(slab) [ 26.445006] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.445128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.445243] page dumped because: kasan: bad access detected [ 26.445322] [ 26.445369] Memory state around the buggy address: [ 26.445480] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.445586] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.445705] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.445821] ^ [ 26.445954] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.446123] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.446273] ================================================================== [ 26.676764] ================================================================== [ 26.676896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 26.677024] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.677153] [ 26.677243] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.677471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.677943] Hardware name: linux,dummy-virt (DT) [ 26.678035] Call trace: [ 26.678174] show_stack+0x20/0x38 (C) [ 26.678442] dump_stack_lvl+0x8c/0xd0 [ 26.678610] print_report+0x118/0x608 [ 26.678673] kasan_report+0xdc/0x128 [ 26.678754] __asan_report_load8_noabort+0x20/0x30 [ 26.678815] kasan_atomics_helper+0x3db0/0x4858 [ 26.678882] kasan_atomics+0x198/0x2e0 [ 26.679028] kunit_try_run_case+0x170/0x3f0 [ 26.679206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.679398] kthread+0x328/0x630 [ 26.679506] ret_from_fork+0x10/0x20 [ 26.679623] [ 26.679666] Allocated by task 269: [ 26.679738] kasan_save_stack+0x3c/0x68 [ 26.679840] kasan_save_track+0x20/0x40 [ 26.679929] kasan_save_alloc_info+0x40/0x58 [ 26.680020] __kasan_kmalloc+0xd4/0xd8 [ 26.680145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.680281] kasan_atomics+0xb8/0x2e0 [ 26.680389] kunit_try_run_case+0x170/0x3f0 [ 26.680536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.680683] kthread+0x328/0x630 [ 26.680801] ret_from_fork+0x10/0x20 [ 26.680938] [ 26.680987] The buggy address belongs to the object at fff00000c7733980 [ 26.680987] which belongs to the cache kmalloc-64 of size 64 [ 26.681124] The buggy address is located 0 bytes to the right of [ 26.681124] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.681281] [ 26.681327] The buggy address belongs to the physical page: [ 26.681766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.682091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.682220] page_type: f5(slab) [ 26.682601] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.682739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.683062] page dumped because: kasan: bad access detected [ 26.683187] [ 26.683235] Memory state around the buggy address: [ 26.683355] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.683547] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.683663] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.683747] ^ [ 26.684111] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.684232] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.684695] ================================================================== [ 26.283150] ================================================================== [ 26.283294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 26.283427] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.283566] [ 26.283660] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.283881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.283960] Hardware name: linux,dummy-virt (DT) [ 26.284498] Call trace: [ 26.284587] show_stack+0x20/0x38 (C) [ 26.285163] dump_stack_lvl+0x8c/0xd0 [ 26.285666] print_report+0x118/0x608 [ 26.285881] kasan_report+0xdc/0x128 [ 26.286009] kasan_check_range+0x100/0x1a8 [ 26.286141] __kasan_check_write+0x20/0x30 [ 26.286268] kasan_atomics_helper+0xa6c/0x4858 [ 26.286457] kasan_atomics+0x198/0x2e0 [ 26.286834] kunit_try_run_case+0x170/0x3f0 [ 26.287328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.287666] kthread+0x328/0x630 [ 26.287816] ret_from_fork+0x10/0x20 [ 26.288026] [ 26.288115] Allocated by task 269: [ 26.288514] kasan_save_stack+0x3c/0x68 [ 26.288757] kasan_save_track+0x20/0x40 [ 26.288972] kasan_save_alloc_info+0x40/0x58 [ 26.289106] __kasan_kmalloc+0xd4/0xd8 [ 26.289274] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.289717] kasan_atomics+0xb8/0x2e0 [ 26.289895] kunit_try_run_case+0x170/0x3f0 [ 26.290227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.290511] kthread+0x328/0x630 [ 26.290629] ret_from_fork+0x10/0x20 [ 26.291338] [ 26.291535] The buggy address belongs to the object at fff00000c7733980 [ 26.291535] which belongs to the cache kmalloc-64 of size 64 [ 26.291899] The buggy address is located 0 bytes to the right of [ 26.291899] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.292249] [ 26.292306] The buggy address belongs to the physical page: [ 26.292612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.293061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.293492] page_type: f5(slab) [ 26.293675] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.293980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.294208] page dumped because: kasan: bad access detected [ 26.294488] [ 26.294598] Memory state around the buggy address: [ 26.294694] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.294992] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.295424] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.295543] ^ [ 26.295657] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.296140] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.296242] ================================================================== [ 26.411534] ================================================================== [ 26.411674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 26.412249] Read of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.412497] [ 26.412647] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.412957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.413044] Hardware name: linux,dummy-virt (DT) [ 26.413135] Call trace: [ 26.413196] show_stack+0x20/0x38 (C) [ 26.413324] dump_stack_lvl+0x8c/0xd0 [ 26.413472] print_report+0x118/0x608 [ 26.413598] kasan_report+0xdc/0x128 [ 26.413721] __asan_report_load4_noabort+0x20/0x30 [ 26.413856] kasan_atomics_helper+0x3e04/0x4858 [ 26.413991] kasan_atomics+0x198/0x2e0 [ 26.414110] kunit_try_run_case+0x170/0x3f0 [ 26.414252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.414424] kthread+0x328/0x630 [ 26.414540] ret_from_fork+0x10/0x20 [ 26.415338] [ 26.415422] Allocated by task 269: [ 26.415521] kasan_save_stack+0x3c/0x68 [ 26.416178] kasan_save_track+0x20/0x40 [ 26.416398] kasan_save_alloc_info+0x40/0x58 [ 26.416569] __kasan_kmalloc+0xd4/0xd8 [ 26.416662] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.416934] kasan_atomics+0xb8/0x2e0 [ 26.417237] kunit_try_run_case+0x170/0x3f0 [ 26.417340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.417805] kthread+0x328/0x630 [ 26.417972] ret_from_fork+0x10/0x20 [ 26.418122] [ 26.418179] The buggy address belongs to the object at fff00000c7733980 [ 26.418179] which belongs to the cache kmalloc-64 of size 64 [ 26.418371] The buggy address is located 0 bytes to the right of [ 26.418371] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.418651] [ 26.418708] The buggy address belongs to the physical page: [ 26.418795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.418948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.419101] page_type: f5(slab) [ 26.419248] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.419390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.419505] page dumped because: kasan: bad access detected [ 26.419817] [ 26.420071] Memory state around the buggy address: [ 26.420254] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.420433] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.420556] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.420817] ^ [ 26.420944] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.421089] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.421185] ================================================================== [ 26.709123] ================================================================== [ 26.709299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 26.709488] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.709692] [ 26.709993] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.710251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.710644] Hardware name: linux,dummy-virt (DT) [ 26.710774] Call trace: [ 26.710904] show_stack+0x20/0x38 (C) [ 26.711312] dump_stack_lvl+0x8c/0xd0 [ 26.711662] print_report+0x118/0x608 [ 26.711940] kasan_report+0xdc/0x128 [ 26.712168] kasan_check_range+0x100/0x1a8 [ 26.712357] __kasan_check_write+0x20/0x30 [ 26.712746] kasan_atomics_helper+0x16d0/0x4858 [ 26.713164] kasan_atomics+0x198/0x2e0 [ 26.713421] kunit_try_run_case+0x170/0x3f0 [ 26.713580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.713728] kthread+0x328/0x630 [ 26.714261] ret_from_fork+0x10/0x20 [ 26.714464] [ 26.714522] Allocated by task 269: [ 26.714700] kasan_save_stack+0x3c/0x68 [ 26.714816] kasan_save_track+0x20/0x40 [ 26.714893] kasan_save_alloc_info+0x40/0x58 [ 26.715217] __kasan_kmalloc+0xd4/0xd8 [ 26.715503] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.715849] kasan_atomics+0xb8/0x2e0 [ 26.716188] kunit_try_run_case+0x170/0x3f0 [ 26.716331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.716879] kthread+0x328/0x630 [ 26.717536] ret_from_fork+0x10/0x20 [ 26.717647] [ 26.717870] The buggy address belongs to the object at fff00000c7733980 [ 26.717870] which belongs to the cache kmalloc-64 of size 64 [ 26.718279] The buggy address is located 0 bytes to the right of [ 26.718279] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.718860] [ 26.719202] The buggy address belongs to the physical page: [ 26.719345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.720069] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.720217] page_type: f5(slab) [ 26.720324] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.720467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.720879] page dumped because: kasan: bad access detected [ 26.721020] [ 26.721085] Memory state around the buggy address: [ 26.721641] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.721808] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.721934] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.722042] ^ [ 26.722315] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.722914] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.723320] ================================================================== [ 26.630241] ================================================================== [ 26.630378] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 26.630851] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.631144] [ 26.631304] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.631514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.631584] Hardware name: linux,dummy-virt (DT) [ 26.631674] Call trace: [ 26.631757] show_stack+0x20/0x38 (C) [ 26.631864] dump_stack_lvl+0x8c/0xd0 [ 26.632197] print_report+0x118/0x608 [ 26.632413] kasan_report+0xdc/0x128 [ 26.632632] kasan_check_range+0x100/0x1a8 [ 26.632989] __kasan_check_write+0x20/0x30 [ 26.633315] kasan_atomics_helper+0x147c/0x4858 [ 26.633477] kasan_atomics+0x198/0x2e0 [ 26.633607] kunit_try_run_case+0x170/0x3f0 [ 26.633742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.633891] kthread+0x328/0x630 [ 26.634006] ret_from_fork+0x10/0x20 [ 26.634137] [ 26.634190] Allocated by task 269: [ 26.634271] kasan_save_stack+0x3c/0x68 [ 26.634417] kasan_save_track+0x20/0x40 [ 26.634524] kasan_save_alloc_info+0x40/0x58 [ 26.634636] __kasan_kmalloc+0xd4/0xd8 [ 26.634732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.634854] kasan_atomics+0xb8/0x2e0 [ 26.634955] kunit_try_run_case+0x170/0x3f0 [ 26.635064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.635182] kthread+0x328/0x630 [ 26.635279] ret_from_fork+0x10/0x20 [ 26.636013] [ 26.636257] The buggy address belongs to the object at fff00000c7733980 [ 26.636257] which belongs to the cache kmalloc-64 of size 64 [ 26.636709] The buggy address is located 0 bytes to the right of [ 26.636709] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.636903] [ 26.636970] The buggy address belongs to the physical page: [ 26.637056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.637212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.637600] page_type: f5(slab) [ 26.638090] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.638338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.638492] page dumped because: kasan: bad access detected [ 26.638538] [ 26.638563] Memory state around the buggy address: [ 26.638608] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.638716] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.638813] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.638928] ^ [ 26.639025] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.639132] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.639233] ================================================================== [ 26.433497] ================================================================== [ 26.433676] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 26.433858] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.434045] [ 26.434172] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.434488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.434585] Hardware name: linux,dummy-virt (DT) [ 26.434660] Call trace: [ 26.434720] show_stack+0x20/0x38 (C) [ 26.434869] dump_stack_lvl+0x8c/0xd0 [ 26.435043] print_report+0x118/0x608 [ 26.435201] kasan_report+0xdc/0x128 [ 26.435360] __asan_report_load8_noabort+0x20/0x30 [ 26.435497] kasan_atomics_helper+0x3f58/0x4858 [ 26.435617] kasan_atomics+0x198/0x2e0 [ 26.435755] kunit_try_run_case+0x170/0x3f0 [ 26.435908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.436056] kthread+0x328/0x630 [ 26.436175] ret_from_fork+0x10/0x20 [ 26.436330] [ 26.436418] Allocated by task 269: [ 26.436514] kasan_save_stack+0x3c/0x68 [ 26.436643] kasan_save_track+0x20/0x40 [ 26.436771] kasan_save_alloc_info+0x40/0x58 [ 26.436880] __kasan_kmalloc+0xd4/0xd8 [ 26.436998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.437128] kasan_atomics+0xb8/0x2e0 [ 26.437285] kunit_try_run_case+0x170/0x3f0 [ 26.437379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.437484] kthread+0x328/0x630 [ 26.437550] ret_from_fork+0x10/0x20 [ 26.437626] [ 26.437673] The buggy address belongs to the object at fff00000c7733980 [ 26.437673] which belongs to the cache kmalloc-64 of size 64 [ 26.437813] The buggy address is located 0 bytes to the right of [ 26.437813] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.437978] [ 26.438034] The buggy address belongs to the physical page: [ 26.438111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.438254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.438396] page_type: f5(slab) [ 26.438512] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.438665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.438781] page dumped because: kasan: bad access detected [ 26.438859] [ 26.438915] Memory state around the buggy address: [ 26.438996] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.439098] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.439198] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.439312] ^ [ 26.439395] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.439517] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.439610] ================================================================== [ 26.545847] ================================================================== [ 26.545983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 26.546117] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.546252] [ 26.546358] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.546600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.546679] Hardware name: linux,dummy-virt (DT) [ 26.546765] Call trace: [ 26.546827] show_stack+0x20/0x38 (C) [ 26.546958] dump_stack_lvl+0x8c/0xd0 [ 26.547089] print_report+0x118/0x608 [ 26.547232] kasan_report+0xdc/0x128 [ 26.547354] kasan_check_range+0x100/0x1a8 [ 26.547488] __kasan_check_write+0x20/0x30 [ 26.547624] kasan_atomics_helper+0x1190/0x4858 [ 26.547829] kasan_atomics+0x198/0x2e0 [ 26.547946] kunit_try_run_case+0x170/0x3f0 [ 26.548087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.548236] kthread+0x328/0x630 [ 26.548364] ret_from_fork+0x10/0x20 [ 26.548492] [ 26.548552] Allocated by task 269: [ 26.548635] kasan_save_stack+0x3c/0x68 [ 26.548734] kasan_save_track+0x20/0x40 [ 26.548826] kasan_save_alloc_info+0x40/0x58 [ 26.548945] __kasan_kmalloc+0xd4/0xd8 [ 26.549088] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.549257] kasan_atomics+0xb8/0x2e0 [ 26.549387] kunit_try_run_case+0x170/0x3f0 [ 26.549491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.549585] kthread+0x328/0x630 [ 26.549920] ret_from_fork+0x10/0x20 [ 26.550032] [ 26.550084] The buggy address belongs to the object at fff00000c7733980 [ 26.550084] which belongs to the cache kmalloc-64 of size 64 [ 26.550244] The buggy address is located 0 bytes to the right of [ 26.550244] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.550456] [ 26.550511] The buggy address belongs to the physical page: [ 26.550593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.550788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.550929] page_type: f5(slab) [ 26.551025] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.551169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.551287] page dumped because: kasan: bad access detected [ 26.551376] [ 26.551439] Memory state around the buggy address: [ 26.551526] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.551627] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.551762] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.551868] ^ [ 26.551991] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.552153] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.552297] ================================================================== [ 26.698083] ================================================================== [ 26.698209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 26.698344] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.698975] [ 26.699141] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.699397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.699626] Hardware name: linux,dummy-virt (DT) [ 26.699927] Call trace: [ 26.700463] show_stack+0x20/0x38 (C) [ 26.700734] dump_stack_lvl+0x8c/0xd0 [ 26.700939] print_report+0x118/0x608 [ 26.701215] kasan_report+0xdc/0x128 [ 26.701704] __asan_report_load8_noabort+0x20/0x30 [ 26.701998] kasan_atomics_helper+0x3df4/0x4858 [ 26.702283] kasan_atomics+0x198/0x2e0 [ 26.702504] kunit_try_run_case+0x170/0x3f0 [ 26.702809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.703020] kthread+0x328/0x630 [ 26.703113] ret_from_fork+0x10/0x20 [ 26.703230] [ 26.703277] Allocated by task 269: [ 26.703688] kasan_save_stack+0x3c/0x68 [ 26.703894] kasan_save_track+0x20/0x40 [ 26.704109] kasan_save_alloc_info+0x40/0x58 [ 26.704454] __kasan_kmalloc+0xd4/0xd8 [ 26.704578] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.704721] kasan_atomics+0xb8/0x2e0 [ 26.704851] kunit_try_run_case+0x170/0x3f0 [ 26.704958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.705073] kthread+0x328/0x630 [ 26.705159] ret_from_fork+0x10/0x20 [ 26.705250] [ 26.705302] The buggy address belongs to the object at fff00000c7733980 [ 26.705302] which belongs to the cache kmalloc-64 of size 64 [ 26.705470] The buggy address is located 0 bytes to the right of [ 26.705470] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.705647] [ 26.705700] The buggy address belongs to the physical page: [ 26.705784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.705927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.706065] page_type: f5(slab) [ 26.706173] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.706351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.706569] page dumped because: kasan: bad access detected [ 26.706664] [ 26.706712] Memory state around the buggy address: [ 26.707224] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.707422] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.707562] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.707679] ^ [ 26.707780] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.708020] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.708268] ================================================================== [ 26.609679] ================================================================== [ 26.609968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 26.610234] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.610429] [ 26.610522] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.610728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.610791] Hardware name: linux,dummy-virt (DT) [ 26.610874] Call trace: [ 26.610931] show_stack+0x20/0x38 (C) [ 26.611060] dump_stack_lvl+0x8c/0xd0 [ 26.611892] print_report+0x118/0x608 [ 26.612102] kasan_report+0xdc/0x128 [ 26.612211] kasan_check_range+0x100/0x1a8 [ 26.612327] __kasan_check_write+0x20/0x30 [ 26.612458] kasan_atomics_helper+0x1414/0x4858 [ 26.612578] kasan_atomics+0x198/0x2e0 [ 26.612686] kunit_try_run_case+0x170/0x3f0 [ 26.612803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.612941] kthread+0x328/0x630 [ 26.614924] ret_from_fork+0x10/0x20 [ 26.615272] [ 26.615319] Allocated by task 269: [ 26.615397] kasan_save_stack+0x3c/0x68 [ 26.615507] kasan_save_track+0x20/0x40 [ 26.616606] kasan_save_alloc_info+0x40/0x58 [ 26.616711] __kasan_kmalloc+0xd4/0xd8 [ 26.617547] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.617802] kasan_atomics+0xb8/0x2e0 [ 26.617889] kunit_try_run_case+0x170/0x3f0 [ 26.618376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.618782] kthread+0x328/0x630 [ 26.618865] ret_from_fork+0x10/0x20 [ 26.618958] [ 26.619786] The buggy address belongs to the object at fff00000c7733980 [ 26.619786] which belongs to the cache kmalloc-64 of size 64 [ 26.620509] The buggy address is located 0 bytes to the right of [ 26.620509] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.621204] [ 26.621642] The buggy address belongs to the physical page: [ 26.622087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.622409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.623427] page_type: f5(slab) [ 26.624133] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.624666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.625120] page dumped because: kasan: bad access detected [ 26.625770] [ 26.626005] Memory state around the buggy address: [ 26.626113] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.626946] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.627083] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.627174] ^ [ 26.627253] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.627355] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.628998] ================================================================== [ 26.297643] ================================================================== [ 26.298188] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 26.298347] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.298759] [ 26.298875] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.299063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.299120] Hardware name: linux,dummy-virt (DT) [ 26.299181] Call trace: [ 26.299239] show_stack+0x20/0x38 (C) [ 26.299937] dump_stack_lvl+0x8c/0xd0 [ 26.300360] print_report+0x118/0x608 [ 26.300543] kasan_report+0xdc/0x128 [ 26.301015] kasan_check_range+0x100/0x1a8 [ 26.301511] __kasan_check_write+0x20/0x30 [ 26.301675] kasan_atomics_helper+0xad4/0x4858 [ 26.302242] kasan_atomics+0x198/0x2e0 [ 26.302673] kunit_try_run_case+0x170/0x3f0 [ 26.303752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.303927] kthread+0x328/0x630 [ 26.304052] ret_from_fork+0x10/0x20 [ 26.304351] [ 26.304419] Allocated by task 269: [ 26.304611] kasan_save_stack+0x3c/0x68 [ 26.304778] kasan_save_track+0x20/0x40 [ 26.304907] kasan_save_alloc_info+0x40/0x58 [ 26.305062] __kasan_kmalloc+0xd4/0xd8 [ 26.305196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.305335] kasan_atomics+0xb8/0x2e0 [ 26.305436] kunit_try_run_case+0x170/0x3f0 [ 26.305546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.305671] kthread+0x328/0x630 [ 26.305772] ret_from_fork+0x10/0x20 [ 26.305876] [ 26.305936] The buggy address belongs to the object at fff00000c7733980 [ 26.305936] which belongs to the cache kmalloc-64 of size 64 [ 26.306111] The buggy address is located 0 bytes to the right of [ 26.306111] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.306369] [ 26.306867] The buggy address belongs to the physical page: [ 26.307088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.307426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.307619] page_type: f5(slab) [ 26.307711] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.307830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.308255] page dumped because: kasan: bad access detected [ 26.308482] [ 26.308641] Memory state around the buggy address: [ 26.308848] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.309190] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.309386] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.309625] ^ [ 26.309815] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.310365] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.310508] ================================================================== [ 26.245477] ================================================================== [ 26.245604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 26.245728] Read of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.245870] [ 26.245982] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.246176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.246279] Hardware name: linux,dummy-virt (DT) [ 26.246451] Call trace: [ 26.246515] show_stack+0x20/0x38 (C) [ 26.246645] dump_stack_lvl+0x8c/0xd0 [ 26.246799] print_report+0x118/0x608 [ 26.246929] kasan_report+0xdc/0x128 [ 26.247108] __asan_report_load4_noabort+0x20/0x30 [ 26.247272] kasan_atomics_helper+0x42d8/0x4858 [ 26.247479] kasan_atomics+0x198/0x2e0 [ 26.247607] kunit_try_run_case+0x170/0x3f0 [ 26.247740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.247868] kthread+0x328/0x630 [ 26.248001] ret_from_fork+0x10/0x20 [ 26.248169] [ 26.248224] Allocated by task 269: [ 26.248308] kasan_save_stack+0x3c/0x68 [ 26.248427] kasan_save_track+0x20/0x40 [ 26.248522] kasan_save_alloc_info+0x40/0x58 [ 26.248628] __kasan_kmalloc+0xd4/0xd8 [ 26.248727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.248891] kasan_atomics+0xb8/0x2e0 [ 26.248982] kunit_try_run_case+0x170/0x3f0 [ 26.249087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.249218] kthread+0x328/0x630 [ 26.249314] ret_from_fork+0x10/0x20 [ 26.249468] [ 26.249610] The buggy address belongs to the object at fff00000c7733980 [ 26.249610] which belongs to the cache kmalloc-64 of size 64 [ 26.249840] The buggy address is located 0 bytes to the right of [ 26.249840] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.250023] [ 26.250081] The buggy address belongs to the physical page: [ 26.250227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.250452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.250646] page_type: f5(slab) [ 26.250787] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.250928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.251038] page dumped because: kasan: bad access detected [ 26.251149] [ 26.251193] Memory state around the buggy address: [ 26.251295] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.251420] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.251540] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.251972] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.253321] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 26.254250] Call trace: [ 26.254362] show_stack+0x20/0x38 (C) [ 26.254543] dump_stack_lvl+0x8c/0xd0 [ 26.254676] print_report+0x118/0x608 [ 26.254850] kasan_report+0xdc/0x128 [ 26.254960] kasan_check_range+0x100/0x1a8 [ 26.255101] __kasan_check_write+0x20/0x30 [ 26.255239] kasan_atomics_helper+0x934/0x4858 [ 26.255372] kasan_atomics+0x198/0x2e0 [ 26.255502] kunit_try_run_case+0x170/0x3f0 [ 26.255618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.255760] kthread+0x328/0x630 [ 26.255883] ret_from_fork+0x10/0x20 [ 26.256050] [ 26.256104] Allocated by task 269: [ 26.256181] kasan_save_stack+0x3c/0x68 [ 26.256319] kasan_save_track+0x20/0x40 [ 26.256429] kasan_save_alloc_info+0x40/0x58 [ 26.256562] __kasan_kmalloc+0xd4/0xd8 [ 26.256655] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.256825] kasan_atomics+0xb8/0x2e0 [ 26.256964] kunit_try_run_case+0x170/0x3f0 [ 26.257082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.257240] kthread+0x328/0x630 [ 26.257374] ret_from_fork+0x10/0x20 [ 26.257486] [ 26.257547] The buggy address belongs to the object at fff00000c7733980 [ 26.257547] which belongs to the cache kmalloc-64 of size 64 [ 26.257745] The buggy address is located 0 bytes to the right of [ 26.257745] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.257919] [ 26.257984] The buggy address belongs to the physical page: [ 26.258080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.258262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.258453] page_type: f5(slab) [ 26.258558] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.258724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.258829] page dumped because: kasan: bad access detected [ 26.258918] [ 26.258963] Memory state around the buggy address: [ 26.259074] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.259139] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.259194] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.259241] ^ [ 26.259286] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.259339] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.259385] ================================================================== [ 26.685890] ================================================================== [ 26.686018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 26.686132] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.686257] [ 26.686352] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.687255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.687332] Hardware name: linux,dummy-virt (DT) [ 26.687482] Call trace: [ 26.687667] show_stack+0x20/0x38 (C) [ 26.687956] dump_stack_lvl+0x8c/0xd0 [ 26.688479] print_report+0x118/0x608 [ 26.688611] kasan_report+0xdc/0x128 [ 26.688760] kasan_check_range+0x100/0x1a8 [ 26.689073] __kasan_check_write+0x20/0x30 [ 26.689305] kasan_atomics_helper+0x1644/0x4858 [ 26.689687] kasan_atomics+0x198/0x2e0 [ 26.689894] kunit_try_run_case+0x170/0x3f0 [ 26.690098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.690388] kthread+0x328/0x630 [ 26.691022] ret_from_fork+0x10/0x20 [ 26.691343] [ 26.691554] Allocated by task 269: [ 26.691769] kasan_save_stack+0x3c/0x68 [ 26.691993] kasan_save_track+0x20/0x40 [ 26.692112] kasan_save_alloc_info+0x40/0x58 [ 26.692207] __kasan_kmalloc+0xd4/0xd8 [ 26.692292] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.692395] kasan_atomics+0xb8/0x2e0 [ 26.692832] kunit_try_run_case+0x170/0x3f0 [ 26.693152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.693270] kthread+0x328/0x630 [ 26.693525] ret_from_fork+0x10/0x20 [ 26.693708] [ 26.693772] The buggy address belongs to the object at fff00000c7733980 [ 26.693772] which belongs to the cache kmalloc-64 of size 64 [ 26.693926] The buggy address is located 0 bytes to the right of [ 26.693926] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.694215] [ 26.694381] The buggy address belongs to the physical page: [ 26.694529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.694825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.695103] page_type: f5(slab) [ 26.695203] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.695558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.695668] page dumped because: kasan: bad access detected [ 26.695755] [ 26.695806] Memory state around the buggy address: [ 26.695994] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.696537] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.696662] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.696774] ^ [ 26.696994] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.697330] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.697634] ================================================================== [ 26.260206] ================================================================== [ 26.260331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 26.261157] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.261962] [ 26.262366] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.262664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.262735] Hardware name: linux,dummy-virt (DT) [ 26.262822] Call trace: [ 26.262887] show_stack+0x20/0x38 (C) [ 26.263021] dump_stack_lvl+0x8c/0xd0 [ 26.263141] print_report+0x118/0x608 [ 26.263260] kasan_report+0xdc/0x128 [ 26.263372] kasan_check_range+0x100/0x1a8 [ 26.263513] __kasan_check_write+0x20/0x30 [ 26.263645] kasan_atomics_helper+0x99c/0x4858 [ 26.263771] kasan_atomics+0x198/0x2e0 [ 26.263882] kunit_try_run_case+0x170/0x3f0 [ 26.264019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.264164] kthread+0x328/0x630 [ 26.264282] ret_from_fork+0x10/0x20 [ 26.264421] [ 26.264468] Allocated by task 269: [ 26.264546] kasan_save_stack+0x3c/0x68 [ 26.264693] kasan_save_track+0x20/0x40 [ 26.264811] kasan_save_alloc_info+0x40/0x58 [ 26.265628] __kasan_kmalloc+0xd4/0xd8 [ 26.265731] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.265834] kasan_atomics+0xb8/0x2e0 [ 26.265965] kunit_try_run_case+0x170/0x3f0 [ 26.266071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.266199] kthread+0x328/0x630 [ 26.266427] ret_from_fork+0x10/0x20 [ 26.266494] [ 26.266528] The buggy address belongs to the object at fff00000c7733980 [ 26.266528] which belongs to the cache kmalloc-64 of size 64 [ 26.266861] The buggy address is located 0 bytes to the right of [ 26.266861] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.267041] [ 26.267120] The buggy address belongs to the physical page: [ 26.267206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.267348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.267540] page_type: f5(slab) [ 26.267664] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.267899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.268040] page dumped because: kasan: bad access detected [ 26.268132] [ 26.268386] Memory state around the buggy address: [ 26.268502] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.268654] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.268872] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.269002] ^ [ 26.269102] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.269217] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.269325] ================================================================== [ 26.453637] ================================================================== [ 26.453777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 26.453896] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.454035] [ 26.454117] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.454329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.454418] Hardware name: linux,dummy-virt (DT) [ 26.454490] Call trace: [ 26.454550] show_stack+0x20/0x38 (C) [ 26.454674] dump_stack_lvl+0x8c/0xd0 [ 26.454810] print_report+0x118/0x608 [ 26.454937] kasan_report+0xdc/0x128 [ 26.455090] kasan_check_range+0x100/0x1a8 [ 26.455252] __kasan_check_write+0x20/0x30 [ 26.455495] kasan_atomics_helper+0xeb8/0x4858 [ 26.455623] kasan_atomics+0x198/0x2e0 [ 26.455734] kunit_try_run_case+0x170/0x3f0 [ 26.455888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.456054] kthread+0x328/0x630 [ 26.456190] ret_from_fork+0x10/0x20 [ 26.456319] [ 26.456377] Allocated by task 269: [ 26.456474] kasan_save_stack+0x3c/0x68 [ 26.456582] kasan_save_track+0x20/0x40 [ 26.456675] kasan_save_alloc_info+0x40/0x58 [ 26.456769] __kasan_kmalloc+0xd4/0xd8 [ 26.456846] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.456957] kasan_atomics+0xb8/0x2e0 [ 26.457045] kunit_try_run_case+0x170/0x3f0 [ 26.457149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.457278] kthread+0x328/0x630 [ 26.457365] ret_from_fork+0x10/0x20 [ 26.457463] [ 26.457518] The buggy address belongs to the object at fff00000c7733980 [ 26.457518] which belongs to the cache kmalloc-64 of size 64 [ 26.457688] The buggy address is located 0 bytes to the right of [ 26.457688] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.457859] [ 26.457939] The buggy address belongs to the physical page: [ 26.458239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.458431] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.458572] page_type: f5(slab) [ 26.458672] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.458812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.458936] page dumped because: kasan: bad access detected [ 26.459058] [ 26.459119] Memory state around the buggy address: [ 26.459248] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.459357] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.459465] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.459693] ^ [ 26.459803] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.459914] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.460009] ================================================================== [ 26.597387] ================================================================== [ 26.597583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 26.597822] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.597953] [ 26.598054] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.598560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.598642] Hardware name: linux,dummy-virt (DT) [ 26.598870] Call trace: [ 26.598967] show_stack+0x20/0x38 (C) [ 26.599113] dump_stack_lvl+0x8c/0xd0 [ 26.599238] print_report+0x118/0x608 [ 26.599351] kasan_report+0xdc/0x128 [ 26.599460] __asan_report_load8_noabort+0x20/0x30 [ 26.599570] kasan_atomics_helper+0x3f04/0x4858 [ 26.599689] kasan_atomics+0x198/0x2e0 [ 26.600584] kunit_try_run_case+0x170/0x3f0 [ 26.600857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.601004] kthread+0x328/0x630 [ 26.601104] ret_from_fork+0x10/0x20 [ 26.601567] [ 26.601617] Allocated by task 269: [ 26.601708] kasan_save_stack+0x3c/0x68 [ 26.601809] kasan_save_track+0x20/0x40 [ 26.602241] kasan_save_alloc_info+0x40/0x58 [ 26.602462] __kasan_kmalloc+0xd4/0xd8 [ 26.602577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.602760] kasan_atomics+0xb8/0x2e0 [ 26.602865] kunit_try_run_case+0x170/0x3f0 [ 26.603094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.603228] kthread+0x328/0x630 [ 26.603302] ret_from_fork+0x10/0x20 [ 26.603394] [ 26.603451] The buggy address belongs to the object at fff00000c7733980 [ 26.603451] which belongs to the cache kmalloc-64 of size 64 [ 26.603589] The buggy address is located 0 bytes to the right of [ 26.603589] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.604195] [ 26.604309] The buggy address belongs to the physical page: [ 26.604553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.604867] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.605385] page_type: f5(slab) [ 26.606125] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.606507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.606644] page dumped because: kasan: bad access detected [ 26.606745] [ 26.606796] Memory state around the buggy address: [ 26.606891] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.607054] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.607231] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.607576] ^ [ 26.607697] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.607970] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.608122] ================================================================== [ 26.398453] ================================================================== [ 26.398708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 26.398991] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.399450] [ 26.399675] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.400189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.400344] Hardware name: linux,dummy-virt (DT) [ 26.400620] Call trace: [ 26.400702] show_stack+0x20/0x38 (C) [ 26.400845] dump_stack_lvl+0x8c/0xd0 [ 26.401081] print_report+0x118/0x608 [ 26.401277] kasan_report+0xdc/0x128 [ 26.401533] kasan_check_range+0x100/0x1a8 [ 26.401899] __kasan_check_write+0x20/0x30 [ 26.402027] kasan_atomics_helper+0xd3c/0x4858 [ 26.402160] kasan_atomics+0x198/0x2e0 [ 26.402466] kunit_try_run_case+0x170/0x3f0 [ 26.402599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.402731] kthread+0x328/0x630 [ 26.403442] ret_from_fork+0x10/0x20 [ 26.403692] [ 26.403747] Allocated by task 269: [ 26.403831] kasan_save_stack+0x3c/0x68 [ 26.404283] kasan_save_track+0x20/0x40 [ 26.404546] kasan_save_alloc_info+0x40/0x58 [ 26.404746] __kasan_kmalloc+0xd4/0xd8 [ 26.404933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.405181] kasan_atomics+0xb8/0x2e0 [ 26.405479] kunit_try_run_case+0x170/0x3f0 [ 26.405709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.406014] kthread+0x328/0x630 [ 26.406113] ret_from_fork+0x10/0x20 [ 26.406337] [ 26.406556] The buggy address belongs to the object at fff00000c7733980 [ 26.406556] which belongs to the cache kmalloc-64 of size 64 [ 26.406734] The buggy address is located 0 bytes to the right of [ 26.406734] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.407249] [ 26.407336] The buggy address belongs to the physical page: [ 26.407480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.407889] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.408084] page_type: f5(slab) [ 26.408329] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.408656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.408816] page dumped because: kasan: bad access detected [ 26.409015] [ 26.409095] Memory state around the buggy address: [ 26.409326] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.409720] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.409975] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.410127] ^ [ 26.410220] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.410347] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.410507] ================================================================== [ 26.478368] ================================================================== [ 26.478700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 26.478826] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.478964] [ 26.479097] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.479276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.479360] Hardware name: linux,dummy-virt (DT) [ 26.479447] Call trace: [ 26.479505] show_stack+0x20/0x38 (C) [ 26.479640] dump_stack_lvl+0x8c/0xd0 [ 26.479757] print_report+0x118/0x608 [ 26.479854] kasan_report+0xdc/0x128 [ 26.479960] kasan_check_range+0x100/0x1a8 [ 26.480097] __kasan_check_write+0x20/0x30 [ 26.480304] kasan_atomics_helper+0xff0/0x4858 [ 26.480484] kasan_atomics+0x198/0x2e0 [ 26.480648] kunit_try_run_case+0x170/0x3f0 [ 26.480822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.482062] kthread+0x328/0x630 [ 26.482183] ret_from_fork+0x10/0x20 [ 26.482323] [ 26.484220] Allocated by task 269: [ 26.484317] kasan_save_stack+0x3c/0x68 [ 26.484458] kasan_save_track+0x20/0x40 [ 26.484557] kasan_save_alloc_info+0x40/0x58 [ 26.484663] __kasan_kmalloc+0xd4/0xd8 [ 26.484746] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.484849] kasan_atomics+0xb8/0x2e0 [ 26.486243] kunit_try_run_case+0x170/0x3f0 [ 26.486377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.486547] kthread+0x328/0x630 [ 26.486715] ret_from_fork+0x10/0x20 [ 26.487388] [ 26.488028] The buggy address belongs to the object at fff00000c7733980 [ 26.488028] which belongs to the cache kmalloc-64 of size 64 [ 26.488224] The buggy address is located 0 bytes to the right of [ 26.488224] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.488389] [ 26.490645] The buggy address belongs to the physical page: [ 26.490750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.490906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.491059] page_type: f5(slab) [ 26.491161] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.491275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.491379] page dumped because: kasan: bad access detected [ 26.491508] [ 26.491564] Memory state around the buggy address: [ 26.492579] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.492702] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.493200] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.493322] ^ [ 26.493413] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.493508] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.494212] ================================================================== [ 26.423430] ================================================================== [ 26.423547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 26.424002] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.424158] [ 26.424251] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.424678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.424763] Hardware name: linux,dummy-virt (DT) [ 26.424855] Call trace: [ 26.424921] show_stack+0x20/0x38 (C) [ 26.425056] dump_stack_lvl+0x8c/0xd0 [ 26.425183] print_report+0x118/0x608 [ 26.425304] kasan_report+0xdc/0x128 [ 26.425437] kasan_check_range+0x100/0x1a8 [ 26.425966] __kasan_check_read+0x20/0x30 [ 26.426142] kasan_atomics_helper+0xdd4/0x4858 [ 26.426267] kasan_atomics+0x198/0x2e0 [ 26.426888] kunit_try_run_case+0x170/0x3f0 [ 26.427041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.427195] kthread+0x328/0x630 [ 26.427304] ret_from_fork+0x10/0x20 [ 26.427451] [ 26.427500] Allocated by task 269: [ 26.427651] kasan_save_stack+0x3c/0x68 [ 26.427971] kasan_save_track+0x20/0x40 [ 26.428207] kasan_save_alloc_info+0x40/0x58 [ 26.428437] __kasan_kmalloc+0xd4/0xd8 [ 26.428643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.428879] kasan_atomics+0xb8/0x2e0 [ 26.428972] kunit_try_run_case+0x170/0x3f0 [ 26.429073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.429187] kthread+0x328/0x630 [ 26.429274] ret_from_fork+0x10/0x20 [ 26.429368] [ 26.429433] The buggy address belongs to the object at fff00000c7733980 [ 26.429433] which belongs to the cache kmalloc-64 of size 64 [ 26.429580] The buggy address is located 0 bytes to the right of [ 26.429580] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.430345] [ 26.430473] The buggy address belongs to the physical page: [ 26.430624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.430805] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.431015] page_type: f5(slab) [ 26.431154] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.431267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.431363] page dumped because: kasan: bad access detected [ 26.431458] [ 26.431507] Memory state around the buggy address: [ 26.432161] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.432480] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.432541] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.432622] ^ [ 26.432724] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.432829] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.432926] ================================================================== [ 26.460606] ================================================================== [ 26.460737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 26.460851] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.460983] [ 26.461063] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.461285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.461355] Hardware name: linux,dummy-virt (DT) [ 26.461451] Call trace: [ 26.461510] show_stack+0x20/0x38 (C) [ 26.461630] dump_stack_lvl+0x8c/0xd0 [ 26.461751] print_report+0x118/0x608 [ 26.461882] kasan_report+0xdc/0x128 [ 26.461988] kasan_check_range+0x100/0x1a8 [ 26.462110] __kasan_check_write+0x20/0x30 [ 26.462300] kasan_atomics_helper+0xf20/0x4858 [ 26.462575] kasan_atomics+0x198/0x2e0 [ 26.462659] kunit_try_run_case+0x170/0x3f0 [ 26.462812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.463012] kthread+0x328/0x630 [ 26.463128] ret_from_fork+0x10/0x20 [ 26.463257] [ 26.463318] Allocated by task 269: [ 26.463439] kasan_save_stack+0x3c/0x68 [ 26.463601] kasan_save_track+0x20/0x40 [ 26.463740] kasan_save_alloc_info+0x40/0x58 [ 26.463830] __kasan_kmalloc+0xd4/0xd8 [ 26.463909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.464008] kasan_atomics+0xb8/0x2e0 [ 26.464101] kunit_try_run_case+0x170/0x3f0 [ 26.464234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.464374] kthread+0x328/0x630 [ 26.464481] ret_from_fork+0x10/0x20 [ 26.464603] [ 26.464660] The buggy address belongs to the object at fff00000c7733980 [ 26.464660] which belongs to the cache kmalloc-64 of size 64 [ 26.465344] The buggy address is located 0 bytes to the right of [ 26.465344] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.465733] [ 26.465803] The buggy address belongs to the physical page: [ 26.465883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.466021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.466178] page_type: f5(slab) [ 26.466282] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.466454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.466558] page dumped because: kasan: bad access detected [ 26.466644] [ 26.466908] Memory state around the buggy address: [ 26.467211] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.467394] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.467533] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.467620] ^ [ 26.467699] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.468014] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.468118] ================================================================== [ 26.496514] ================================================================== [ 26.496652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 26.496788] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.496941] [ 26.497083] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.497264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.497321] Hardware name: linux,dummy-virt (DT) [ 26.497381] Call trace: [ 26.497444] show_stack+0x20/0x38 (C) [ 26.497570] dump_stack_lvl+0x8c/0xd0 [ 26.499273] print_report+0x118/0x608 [ 26.499612] kasan_report+0xdc/0x128 [ 26.499955] kasan_check_range+0x100/0x1a8 [ 26.500142] __kasan_check_write+0x20/0x30 [ 26.500585] kasan_atomics_helper+0x1058/0x4858 [ 26.501288] kasan_atomics+0x198/0x2e0 [ 26.501790] kunit_try_run_case+0x170/0x3f0 [ 26.502452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.502701] kthread+0x328/0x630 [ 26.503362] ret_from_fork+0x10/0x20 [ 26.503917] [ 26.504214] Allocated by task 269: [ 26.504478] kasan_save_stack+0x3c/0x68 [ 26.504706] kasan_save_track+0x20/0x40 [ 26.504814] kasan_save_alloc_info+0x40/0x58 [ 26.505315] __kasan_kmalloc+0xd4/0xd8 [ 26.505718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.505844] kasan_atomics+0xb8/0x2e0 [ 26.505933] kunit_try_run_case+0x170/0x3f0 [ 26.506035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.506162] kthread+0x328/0x630 [ 26.506262] ret_from_fork+0x10/0x20 [ 26.506384] [ 26.506452] The buggy address belongs to the object at fff00000c7733980 [ 26.506452] which belongs to the cache kmalloc-64 of size 64 [ 26.507092] The buggy address is located 0 bytes to the right of [ 26.507092] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.507516] [ 26.507608] The buggy address belongs to the physical page: [ 26.507730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.507872] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.508387] page_type: f5(slab) [ 26.508518] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.508728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.508838] page dumped because: kasan: bad access detected [ 26.508926] [ 26.508975] Memory state around the buggy address: [ 26.509070] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.509250] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.509540] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.509707] ^ [ 26.509801] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.509914] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.510052] ================================================================== [ 26.552954] ================================================================== [ 26.553128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 26.553252] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.553363] [ 26.553464] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.553677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.553734] Hardware name: linux,dummy-virt (DT) [ 26.553840] Call trace: [ 26.553925] show_stack+0x20/0x38 (C) [ 26.554105] dump_stack_lvl+0x8c/0xd0 [ 26.554299] print_report+0x118/0x608 [ 26.554501] kasan_report+0xdc/0x128 [ 26.554665] kasan_check_range+0x100/0x1a8 [ 26.554799] __kasan_check_write+0x20/0x30 [ 26.554932] kasan_atomics_helper+0x11f8/0x4858 [ 26.555057] kasan_atomics+0x198/0x2e0 [ 26.555177] kunit_try_run_case+0x170/0x3f0 [ 26.555325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.555475] kthread+0x328/0x630 [ 26.555602] ret_from_fork+0x10/0x20 [ 26.555731] [ 26.555804] Allocated by task 269: [ 26.555925] kasan_save_stack+0x3c/0x68 [ 26.556019] kasan_save_track+0x20/0x40 [ 26.556132] kasan_save_alloc_info+0x40/0x58 [ 26.556235] __kasan_kmalloc+0xd4/0xd8 [ 26.556379] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.556496] kasan_atomics+0xb8/0x2e0 [ 26.556581] kunit_try_run_case+0x170/0x3f0 [ 26.556687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.556860] kthread+0x328/0x630 [ 26.557002] ret_from_fork+0x10/0x20 [ 26.557147] [ 26.557232] The buggy address belongs to the object at fff00000c7733980 [ 26.557232] which belongs to the cache kmalloc-64 of size 64 [ 26.557482] The buggy address is located 0 bytes to the right of [ 26.557482] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.557752] [ 26.557812] The buggy address belongs to the physical page: [ 26.557903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.558120] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.558333] page_type: f5(slab) [ 26.558494] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.558622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.558793] page dumped because: kasan: bad access detected [ 26.558888] [ 26.558932] Memory state around the buggy address: [ 26.559011] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.559177] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.559283] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.559441] ^ [ 26.559721] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.559847] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.559900] ================================================================== [ 26.653028] ================================================================== [ 26.653473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 26.653826] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.654019] [ 26.654153] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.654483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.654589] Hardware name: linux,dummy-virt (DT) [ 26.654715] Call trace: [ 26.654810] show_stack+0x20/0x38 (C) [ 26.654924] dump_stack_lvl+0x8c/0xd0 [ 26.655059] print_report+0x118/0x608 [ 26.655163] kasan_report+0xdc/0x128 [ 26.655482] kasan_check_range+0x100/0x1a8 [ 26.655603] __kasan_check_write+0x20/0x30 [ 26.655783] kasan_atomics_helper+0x154c/0x4858 [ 26.655956] kasan_atomics+0x198/0x2e0 [ 26.656109] kunit_try_run_case+0x170/0x3f0 [ 26.656246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.656456] kthread+0x328/0x630 [ 26.656617] ret_from_fork+0x10/0x20 [ 26.656794] [ 26.656867] Allocated by task 269: [ 26.656975] kasan_save_stack+0x3c/0x68 [ 26.657081] kasan_save_track+0x20/0x40 [ 26.657170] kasan_save_alloc_info+0x40/0x58 [ 26.657274] __kasan_kmalloc+0xd4/0xd8 [ 26.657366] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.657477] kasan_atomics+0xb8/0x2e0 [ 26.657564] kunit_try_run_case+0x170/0x3f0 [ 26.657862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.658215] kthread+0x328/0x630 [ 26.658369] ret_from_fork+0x10/0x20 [ 26.658524] [ 26.658579] The buggy address belongs to the object at fff00000c7733980 [ 26.658579] which belongs to the cache kmalloc-64 of size 64 [ 26.658966] The buggy address is located 0 bytes to the right of [ 26.658966] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.659182] [ 26.659318] The buggy address belongs to the physical page: [ 26.659560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.659689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.659794] page_type: f5(slab) [ 26.659887] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.660011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.660541] page dumped because: kasan: bad access detected [ 26.660634] [ 26.660679] Memory state around the buggy address: [ 26.660770] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.661139] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.661374] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.661495] ^ [ 26.661570] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.661673] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.661765] ================================================================== [ 26.740429] ================================================================== [ 26.740551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 26.740681] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.740814] [ 26.740906] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.741121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.741191] Hardware name: linux,dummy-virt (DT) [ 26.741276] Call trace: [ 26.741334] show_stack+0x20/0x38 (C) [ 26.741472] dump_stack_lvl+0x8c/0xd0 [ 26.741603] print_report+0x118/0x608 [ 26.741722] kasan_report+0xdc/0x128 [ 26.741838] __asan_report_load8_noabort+0x20/0x30 [ 26.742602] kasan_atomics_helper+0x3e20/0x4858 [ 26.742973] kasan_atomics+0x198/0x2e0 [ 26.743481] kunit_try_run_case+0x170/0x3f0 [ 26.744388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.744807] kthread+0x328/0x630 [ 26.744944] ret_from_fork+0x10/0x20 [ 26.745839] [ 26.745972] Allocated by task 269: [ 26.746060] kasan_save_stack+0x3c/0x68 [ 26.746186] kasan_save_track+0x20/0x40 [ 26.746992] kasan_save_alloc_info+0x40/0x58 [ 26.748492] __kasan_kmalloc+0xd4/0xd8 [ 26.748620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.748776] kasan_atomics+0xb8/0x2e0 [ 26.748881] kunit_try_run_case+0x170/0x3f0 [ 26.749231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.749340] kthread+0x328/0x630 [ 26.749435] ret_from_fork+0x10/0x20 [ 26.749520] [ 26.749568] The buggy address belongs to the object at fff00000c7733980 [ 26.749568] which belongs to the cache kmalloc-64 of size 64 [ 26.749708] The buggy address is located 0 bytes to the right of [ 26.749708] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.749882] [ 26.749936] The buggy address belongs to the physical page: [ 26.750022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.750163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.751377] page_type: f5(slab) [ 26.751510] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.751637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.751743] page dumped because: kasan: bad access detected [ 26.751824] [ 26.751868] Memory state around the buggy address: [ 26.751954] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.752061] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.752170] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.752265] ^ [ 26.752345] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.753378] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.753508] ================================================================== [ 26.662300] ================================================================== [ 26.663435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 26.664003] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.664411] [ 26.664512] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.665279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.665389] Hardware name: linux,dummy-virt (DT) [ 26.665497] Call trace: [ 26.665824] show_stack+0x20/0x38 (C) [ 26.666158] dump_stack_lvl+0x8c/0xd0 [ 26.666383] print_report+0x118/0x608 [ 26.666510] kasan_report+0xdc/0x128 [ 26.666865] kasan_check_range+0x100/0x1a8 [ 26.667202] __kasan_check_write+0x20/0x30 [ 26.667580] kasan_atomics_helper+0x15b4/0x4858 [ 26.667868] kasan_atomics+0x198/0x2e0 [ 26.668023] kunit_try_run_case+0x170/0x3f0 [ 26.668287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.668446] kthread+0x328/0x630 [ 26.668574] ret_from_fork+0x10/0x20 [ 26.668712] [ 26.668766] Allocated by task 269: [ 26.668848] kasan_save_stack+0x3c/0x68 [ 26.668963] kasan_save_track+0x20/0x40 [ 26.669083] kasan_save_alloc_info+0x40/0x58 [ 26.669236] __kasan_kmalloc+0xd4/0xd8 [ 26.669368] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.669497] kasan_atomics+0xb8/0x2e0 [ 26.669593] kunit_try_run_case+0x170/0x3f0 [ 26.669703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.669843] kthread+0x328/0x630 [ 26.669979] ret_from_fork+0x10/0x20 [ 26.670119] [ 26.670191] The buggy address belongs to the object at fff00000c7733980 [ 26.670191] which belongs to the cache kmalloc-64 of size 64 [ 26.670366] The buggy address is located 0 bytes to the right of [ 26.670366] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.671551] [ 26.671669] The buggy address belongs to the physical page: [ 26.671928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.672213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.672512] page_type: f5(slab) [ 26.672649] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.672747] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.672839] page dumped because: kasan: bad access detected [ 26.672921] [ 26.672963] Memory state around the buggy address: [ 26.673843] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.674183] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.674310] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.674653] ^ [ 26.675505] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.675612] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.675723] ================================================================== [ 26.724505] ================================================================== [ 26.724641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 26.724782] Read of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.725246] [ 26.725585] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.725939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.726059] Hardware name: linux,dummy-virt (DT) [ 26.726149] Call trace: [ 26.726214] show_stack+0x20/0x38 (C) [ 26.726366] dump_stack_lvl+0x8c/0xd0 [ 26.726550] print_report+0x118/0x608 [ 26.726674] kasan_report+0xdc/0x128 [ 26.726988] __asan_report_load8_noabort+0x20/0x30 [ 26.727502] kasan_atomics_helper+0x3e10/0x4858 [ 26.727627] kasan_atomics+0x198/0x2e0 [ 26.727764] kunit_try_run_case+0x170/0x3f0 [ 26.727896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.728053] kthread+0x328/0x630 [ 26.728237] ret_from_fork+0x10/0x20 [ 26.728444] [ 26.728528] Allocated by task 269: [ 26.728651] kasan_save_stack+0x3c/0x68 [ 26.728810] kasan_save_track+0x20/0x40 [ 26.728960] kasan_save_alloc_info+0x40/0x58 [ 26.729113] __kasan_kmalloc+0xd4/0xd8 [ 26.729213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.729333] kasan_atomics+0xb8/0x2e0 [ 26.729437] kunit_try_run_case+0x170/0x3f0 [ 26.729540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.729662] kthread+0x328/0x630 [ 26.729800] ret_from_fork+0x10/0x20 [ 26.729902] [ 26.729955] The buggy address belongs to the object at fff00000c7733980 [ 26.729955] which belongs to the cache kmalloc-64 of size 64 [ 26.730109] The buggy address is located 0 bytes to the right of [ 26.730109] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.730318] [ 26.730486] The buggy address belongs to the physical page: [ 26.730566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.730641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.730744] page_type: f5(slab) [ 26.730804] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.730866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.730918] page dumped because: kasan: bad access detected [ 26.730959] [ 26.730982] Memory state around the buggy address: [ 26.731026] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.731081] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.731133] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.731180] ^ [ 26.731223] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.731277] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.731321] ================================================================== [ 26.313348] ================================================================== [ 26.313547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 26.314009] Read of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.314326] [ 26.314718] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.315178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.315268] Hardware name: linux,dummy-virt (DT) [ 26.315342] Call trace: [ 26.315706] show_stack+0x20/0x38 (C) [ 26.315995] dump_stack_lvl+0x8c/0xd0 [ 26.316150] print_report+0x118/0x608 [ 26.316274] kasan_report+0xdc/0x128 [ 26.316399] __asan_report_load4_noabort+0x20/0x30 [ 26.316535] kasan_atomics_helper+0x3dcc/0x4858 [ 26.316672] kasan_atomics+0x198/0x2e0 [ 26.316794] kunit_try_run_case+0x170/0x3f0 [ 26.316925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.317075] kthread+0x328/0x630 [ 26.317204] ret_from_fork+0x10/0x20 [ 26.317336] [ 26.318096] Allocated by task 269: [ 26.318227] kasan_save_stack+0x3c/0x68 [ 26.318323] kasan_save_track+0x20/0x40 [ 26.318376] kasan_save_alloc_info+0x40/0x58 [ 26.318486] __kasan_kmalloc+0xd4/0xd8 [ 26.318631] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.318795] kasan_atomics+0xb8/0x2e0 [ 26.318933] kunit_try_run_case+0x170/0x3f0 [ 26.319281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.319515] kthread+0x328/0x630 [ 26.319672] ret_from_fork+0x10/0x20 [ 26.319875] [ 26.320012] The buggy address belongs to the object at fff00000c7733980 [ 26.320012] which belongs to the cache kmalloc-64 of size 64 [ 26.320414] The buggy address is located 0 bytes to the right of [ 26.320414] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.320996] [ 26.321063] The buggy address belongs to the physical page: [ 26.321186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.321587] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.321975] page_type: f5(slab) [ 26.322184] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.322453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.322864] page dumped because: kasan: bad access detected [ 26.323236] [ 26.323301] Memory state around the buggy address: [ 26.323391] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.323766] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.323909] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.324015] ^ [ 26.324666] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.325236] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.325890] ================================================================== [ 26.468731] ================================================================== [ 26.468850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 26.468964] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.469092] [ 26.469204] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.469524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.469589] Hardware name: linux,dummy-virt (DT) [ 26.469671] Call trace: [ 26.469729] show_stack+0x20/0x38 (C) [ 26.469856] dump_stack_lvl+0x8c/0xd0 [ 26.470121] print_report+0x118/0x608 [ 26.470427] kasan_report+0xdc/0x128 [ 26.470547] kasan_check_range+0x100/0x1a8 [ 26.470666] __kasan_check_write+0x20/0x30 [ 26.470785] kasan_atomics_helper+0xf88/0x4858 [ 26.471162] kasan_atomics+0x198/0x2e0 [ 26.471355] kunit_try_run_case+0x170/0x3f0 [ 26.471502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.471641] kthread+0x328/0x630 [ 26.471737] ret_from_fork+0x10/0x20 [ 26.472046] [ 26.472110] Allocated by task 269: [ 26.472186] kasan_save_stack+0x3c/0x68 [ 26.472476] kasan_save_track+0x20/0x40 [ 26.472605] kasan_save_alloc_info+0x40/0x58 [ 26.472707] __kasan_kmalloc+0xd4/0xd8 [ 26.472857] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.473223] kasan_atomics+0xb8/0x2e0 [ 26.473330] kunit_try_run_case+0x170/0x3f0 [ 26.473488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.473636] kthread+0x328/0x630 [ 26.473726] ret_from_fork+0x10/0x20 [ 26.473844] [ 26.473974] The buggy address belongs to the object at fff00000c7733980 [ 26.473974] which belongs to the cache kmalloc-64 of size 64 [ 26.474122] The buggy address is located 0 bytes to the right of [ 26.474122] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.474277] [ 26.474643] The buggy address belongs to the physical page: [ 26.474746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.474912] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.475054] page_type: f5(slab) [ 26.475480] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.475799] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.476216] page dumped because: kasan: bad access detected [ 26.476451] [ 26.476503] Memory state around the buggy address: [ 26.476590] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.476717] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.476844] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.477010] ^ [ 26.477093] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.477458] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.477798] ================================================================== [ 26.581670] ================================================================== [ 26.581735] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 26.581804] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.581864] [ 26.581913] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.582014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.582046] Hardware name: linux,dummy-virt (DT) [ 26.582085] Call trace: [ 26.582115] show_stack+0x20/0x38 (C) [ 26.582175] dump_stack_lvl+0x8c/0xd0 [ 26.582232] print_report+0x118/0x608 [ 26.582286] kasan_report+0xdc/0x128 [ 26.582363] kasan_check_range+0x100/0x1a8 [ 26.582876] __kasan_check_write+0x20/0x30 [ 26.583216] kasan_atomics_helper+0x1384/0x4858 [ 26.583373] kasan_atomics+0x198/0x2e0 [ 26.583508] kunit_try_run_case+0x170/0x3f0 [ 26.583634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.584342] kthread+0x328/0x630 [ 26.585883] ret_from_fork+0x10/0x20 [ 26.586018] [ 26.586067] Allocated by task 269: [ 26.586148] kasan_save_stack+0x3c/0x68 [ 26.586254] kasan_save_track+0x20/0x40 [ 26.586367] kasan_save_alloc_info+0x40/0x58 [ 26.586481] __kasan_kmalloc+0xd4/0xd8 [ 26.586579] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.586692] kasan_atomics+0xb8/0x2e0 [ 26.586782] kunit_try_run_case+0x170/0x3f0 [ 26.588086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.588230] kthread+0x328/0x630 [ 26.588331] ret_from_fork+0x10/0x20 [ 26.588433] [ 26.588487] The buggy address belongs to the object at fff00000c7733980 [ 26.588487] which belongs to the cache kmalloc-64 of size 64 [ 26.588984] The buggy address is located 0 bytes to the right of [ 26.588984] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.589199] [ 26.589262] The buggy address belongs to the physical page: [ 26.589481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.589640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.589776] page_type: f5(slab) [ 26.589878] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.590784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.591181] page dumped because: kasan: bad access detected [ 26.591572] [ 26.591618] Memory state around the buggy address: [ 26.592217] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.592540] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.593145] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.593493] ^ [ 26.594145] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.594278] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.594861] ================================================================== [ 26.271070] ================================================================== [ 26.271215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 26.271340] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.271484] [ 26.271579] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.271804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.271877] Hardware name: linux,dummy-virt (DT) [ 26.271959] Call trace: [ 26.272025] show_stack+0x20/0x38 (C) [ 26.272158] dump_stack_lvl+0x8c/0xd0 [ 26.272282] print_report+0x118/0x608 [ 26.272409] kasan_report+0xdc/0x128 [ 26.272533] kasan_check_range+0x100/0x1a8 [ 26.273240] __kasan_check_write+0x20/0x30 [ 26.273432] kasan_atomics_helper+0xa04/0x4858 [ 26.273570] kasan_atomics+0x198/0x2e0 [ 26.273688] kunit_try_run_case+0x170/0x3f0 [ 26.273818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.273964] kthread+0x328/0x630 [ 26.274080] ret_from_fork+0x10/0x20 [ 26.274207] [ 26.274259] Allocated by task 269: [ 26.274356] kasan_save_stack+0x3c/0x68 [ 26.275081] kasan_save_track+0x20/0x40 [ 26.275203] kasan_save_alloc_info+0x40/0x58 [ 26.275303] __kasan_kmalloc+0xd4/0xd8 [ 26.275877] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.276014] kasan_atomics+0xb8/0x2e0 [ 26.276116] kunit_try_run_case+0x170/0x3f0 [ 26.276634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.278755] kthread+0x328/0x630 [ 26.278873] ret_from_fork+0x10/0x20 [ 26.278982] [ 26.279038] The buggy address belongs to the object at fff00000c7733980 [ 26.279038] which belongs to the cache kmalloc-64 of size 64 [ 26.279198] The buggy address is located 0 bytes to the right of [ 26.279198] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.279364] [ 26.279441] The buggy address belongs to the physical page: [ 26.279528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.279671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.279788] page_type: f5(slab) [ 26.279876] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.280003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.280111] page dumped because: kasan: bad access detected [ 26.280194] [ 26.280245] Memory state around the buggy address: [ 26.280325] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.280866] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.281017] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.281120] ^ [ 26.281200] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.281303] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.281414] ================================================================== [ 26.446812] ================================================================== [ 26.446975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 26.447091] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.447223] [ 26.447319] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.447531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.447612] Hardware name: linux,dummy-virt (DT) [ 26.447694] Call trace: [ 26.447764] show_stack+0x20/0x38 (C) [ 26.447959] dump_stack_lvl+0x8c/0xd0 [ 26.448128] print_report+0x118/0x608 [ 26.448300] kasan_report+0xdc/0x128 [ 26.448474] __asan_report_store8_noabort+0x20/0x30 [ 26.448666] kasan_atomics_helper+0x3e5c/0x4858 [ 26.448835] kasan_atomics+0x198/0x2e0 [ 26.449001] kunit_try_run_case+0x170/0x3f0 [ 26.449178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.449351] kthread+0x328/0x630 [ 26.449472] ret_from_fork+0x10/0x20 [ 26.449613] [ 26.449666] Allocated by task 269: [ 26.449748] kasan_save_stack+0x3c/0x68 [ 26.449868] kasan_save_track+0x20/0x40 [ 26.449976] kasan_save_alloc_info+0x40/0x58 [ 26.450092] __kasan_kmalloc+0xd4/0xd8 [ 26.450200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.450318] kasan_atomics+0xb8/0x2e0 [ 26.450425] kunit_try_run_case+0x170/0x3f0 [ 26.450521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.450633] kthread+0x328/0x630 [ 26.450730] ret_from_fork+0x10/0x20 [ 26.450824] [ 26.450873] The buggy address belongs to the object at fff00000c7733980 [ 26.450873] which belongs to the cache kmalloc-64 of size 64 [ 26.451078] The buggy address is located 0 bytes to the right of [ 26.451078] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.451293] [ 26.451358] The buggy address belongs to the physical page: [ 26.451470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.451614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.451747] page_type: f5(slab) [ 26.451849] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.451981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.452094] page dumped because: kasan: bad access detected [ 26.452180] [ 26.452233] Memory state around the buggy address: [ 26.452329] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.452452] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.452561] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.452684] ^ [ 26.452774] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.452894] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.453012] ================================================================== [ 26.530234] ================================================================== [ 26.530400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 26.530547] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.531796] [ 26.532055] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.532431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.532688] Hardware name: linux,dummy-virt (DT) [ 26.532783] Call trace: [ 26.533198] show_stack+0x20/0x38 (C) [ 26.533840] dump_stack_lvl+0x8c/0xd0 [ 26.534002] print_report+0x118/0x608 [ 26.534126] kasan_report+0xdc/0x128 [ 26.534231] kasan_check_range+0x100/0x1a8 [ 26.535197] __kasan_check_write+0x20/0x30 [ 26.535360] kasan_atomics_helper+0x1128/0x4858 [ 26.535567] kasan_atomics+0x198/0x2e0 [ 26.535976] kunit_try_run_case+0x170/0x3f0 [ 26.536478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.537180] kthread+0x328/0x630 [ 26.537365] ret_from_fork+0x10/0x20 [ 26.537770] [ 26.538005] Allocated by task 269: [ 26.538486] kasan_save_stack+0x3c/0x68 [ 26.538611] kasan_save_track+0x20/0x40 [ 26.538695] kasan_save_alloc_info+0x40/0x58 [ 26.538747] __kasan_kmalloc+0xd4/0xd8 [ 26.538795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.538887] kasan_atomics+0xb8/0x2e0 [ 26.538963] kunit_try_run_case+0x170/0x3f0 [ 26.539373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.539573] kthread+0x328/0x630 [ 26.539676] ret_from_fork+0x10/0x20 [ 26.539755] [ 26.539831] The buggy address belongs to the object at fff00000c7733980 [ 26.539831] which belongs to the cache kmalloc-64 of size 64 [ 26.539972] The buggy address is located 0 bytes to the right of [ 26.539972] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.540383] [ 26.540653] The buggy address belongs to the physical page: [ 26.540863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.541199] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.541869] page_type: f5(slab) [ 26.542308] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.542665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.542809] page dumped because: kasan: bad access detected [ 26.543594] [ 26.543684] Memory state around the buggy address: [ 26.543781] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.543912] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.544030] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.544798] ^ [ 26.544922] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.545031] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.545188] ================================================================== [ 26.326589] ================================================================== [ 26.326721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 26.326853] Write of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.326990] [ 26.327084] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.327315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.327393] Hardware name: linux,dummy-virt (DT) [ 26.330510] Call trace: [ 26.330708] show_stack+0x20/0x38 (C) [ 26.331527] dump_stack_lvl+0x8c/0xd0 [ 26.332190] print_report+0x118/0x608 [ 26.332446] kasan_report+0xdc/0x128 [ 26.332621] kasan_check_range+0x100/0x1a8 [ 26.332753] __kasan_check_write+0x20/0x30 [ 26.332879] kasan_atomics_helper+0xb70/0x4858 [ 26.333004] kasan_atomics+0x198/0x2e0 [ 26.333120] kunit_try_run_case+0x170/0x3f0 [ 26.333242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.333390] kthread+0x328/0x630 [ 26.335535] ret_from_fork+0x10/0x20 [ 26.335966] [ 26.336023] Allocated by task 269: [ 26.336235] kasan_save_stack+0x3c/0x68 [ 26.336644] kasan_save_track+0x20/0x40 [ 26.337545] kasan_save_alloc_info+0x40/0x58 [ 26.337668] __kasan_kmalloc+0xd4/0xd8 [ 26.338070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.338758] kasan_atomics+0xb8/0x2e0 [ 26.339137] kunit_try_run_case+0x170/0x3f0 [ 26.339504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.340057] kthread+0x328/0x630 [ 26.340388] ret_from_fork+0x10/0x20 [ 26.340523] [ 26.340584] The buggy address belongs to the object at fff00000c7733980 [ 26.340584] which belongs to the cache kmalloc-64 of size 64 [ 26.340760] The buggy address is located 0 bytes to the right of [ 26.340760] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.340935] [ 26.340991] The buggy address belongs to the physical page: [ 26.341080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.342529] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.343234] page_type: f5(slab) [ 26.343346] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.343713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.345655] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.347061] ================================================================== [ 26.571426] ================================================================== [ 26.571553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 26.571680] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.571815] [ 26.571906] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.572153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.572221] Hardware name: linux,dummy-virt (DT) [ 26.572303] Call trace: [ 26.572424] show_stack+0x20/0x38 (C) [ 26.572549] dump_stack_lvl+0x8c/0xd0 [ 26.572718] print_report+0x118/0x608 [ 26.572883] kasan_report+0xdc/0x128 [ 26.573041] kasan_check_range+0x100/0x1a8 [ 26.573161] __kasan_check_write+0x20/0x30 [ 26.573270] kasan_atomics_helper+0x12d8/0x4858 [ 26.573383] kasan_atomics+0x198/0x2e0 [ 26.573499] kunit_try_run_case+0x170/0x3f0 [ 26.573639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.573781] kthread+0x328/0x630 [ 26.573893] ret_from_fork+0x10/0x20 [ 26.574016] [ 26.574062] Allocated by task 269: [ 26.574134] kasan_save_stack+0x3c/0x68 [ 26.574299] kasan_save_track+0x20/0x40 [ 26.574441] kasan_save_alloc_info+0x40/0x58 [ 26.574621] __kasan_kmalloc+0xd4/0xd8 [ 26.574728] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.574845] kasan_atomics+0xb8/0x2e0 [ 26.575454] kunit_try_run_case+0x170/0x3f0 [ 26.575808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.576202] kthread+0x328/0x630 [ 26.576496] ret_from_fork+0x10/0x20 [ 26.576735] [ 26.576806] The buggy address belongs to the object at fff00000c7733980 [ 26.576806] which belongs to the cache kmalloc-64 of size 64 [ 26.576975] The buggy address is located 0 bytes to the right of [ 26.576975] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.577156] [ 26.577211] The buggy address belongs to the physical page: [ 26.577299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.577447] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.577583] page_type: f5(slab) [ 26.577686] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.578780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.578957] page dumped because: kasan: bad access detected [ 26.579082] [ 26.579147] Memory state around the buggy address: [ 26.579242] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.579336] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.579454] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.579555] ^ [ 26.580121] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.580249] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581211] ================================================================== [ 26.387395] ================================================================== [ 26.387608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 26.387788] Read of size 4 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.387977] [ 26.388099] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.388412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.388518] Hardware name: linux,dummy-virt (DT) [ 26.388641] Call trace: [ 26.388730] show_stack+0x20/0x38 (C) [ 26.388908] dump_stack_lvl+0x8c/0xd0 [ 26.389046] print_report+0x118/0x608 [ 26.389140] kasan_report+0xdc/0x128 [ 26.389626] __asan_report_load4_noabort+0x20/0x30 [ 26.389800] kasan_atomics_helper+0x3dd8/0x4858 [ 26.389964] kasan_atomics+0x198/0x2e0 [ 26.390155] kunit_try_run_case+0x170/0x3f0 [ 26.390302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.390520] kthread+0x328/0x630 [ 26.390667] ret_from_fork+0x10/0x20 [ 26.390905] [ 26.391087] Allocated by task 269: [ 26.391348] kasan_save_stack+0x3c/0x68 [ 26.391710] kasan_save_track+0x20/0x40 [ 26.391922] kasan_save_alloc_info+0x40/0x58 [ 26.392022] __kasan_kmalloc+0xd4/0xd8 [ 26.392272] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.392595] kasan_atomics+0xb8/0x2e0 [ 26.393130] kunit_try_run_case+0x170/0x3f0 [ 26.393418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.393635] kthread+0x328/0x630 [ 26.393811] ret_from_fork+0x10/0x20 [ 26.394143] [ 26.394438] The buggy address belongs to the object at fff00000c7733980 [ 26.394438] which belongs to the cache kmalloc-64 of size 64 [ 26.394765] The buggy address is located 0 bytes to the right of [ 26.394765] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.394962] [ 26.395231] The buggy address belongs to the physical page: [ 26.395381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.395742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.396045] page_type: f5(slab) [ 26.396307] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.396442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.397303] page dumped because: kasan: bad access detected [ 26.397529] [ 26.397561] Memory state around the buggy address: [ 26.397612] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.397671] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.397722] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.397768] ^ [ 26.397813] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.397866] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.397911] ================================================================== [ 26.512783] ================================================================== [ 26.513037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 26.513165] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.513299] [ 26.513396] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.513627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.513703] Hardware name: linux,dummy-virt (DT) [ 26.513787] Call trace: [ 26.513853] show_stack+0x20/0x38 (C) [ 26.513976] dump_stack_lvl+0x8c/0xd0 [ 26.516299] print_report+0x118/0x608 [ 26.516810] kasan_report+0xdc/0x128 [ 26.517123] kasan_check_range+0x100/0x1a8 [ 26.517264] __kasan_check_write+0x20/0x30 [ 26.517925] kasan_atomics_helper+0x10c0/0x4858 [ 26.518335] kasan_atomics+0x198/0x2e0 [ 26.518537] kunit_try_run_case+0x170/0x3f0 [ 26.518678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.518850] kthread+0x328/0x630 [ 26.518958] ret_from_fork+0x10/0x20 [ 26.519586] [ 26.519665] Allocated by task 269: [ 26.519770] kasan_save_stack+0x3c/0x68 [ 26.519886] kasan_save_track+0x20/0x40 [ 26.519984] kasan_save_alloc_info+0x40/0x58 [ 26.520083] __kasan_kmalloc+0xd4/0xd8 [ 26.520174] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.520273] kasan_atomics+0xb8/0x2e0 [ 26.520357] kunit_try_run_case+0x170/0x3f0 [ 26.520450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.520544] kthread+0x328/0x630 [ 26.520625] ret_from_fork+0x10/0x20 [ 26.520714] [ 26.520767] The buggy address belongs to the object at fff00000c7733980 [ 26.520767] which belongs to the cache kmalloc-64 of size 64 [ 26.520918] The buggy address is located 0 bytes to the right of [ 26.520918] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.521078] [ 26.521129] The buggy address belongs to the physical page: [ 26.522049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.522505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.523340] page_type: f5(slab) [ 26.523472] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.524303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.524769] page dumped because: kasan: bad access detected [ 26.525151] [ 26.525217] Memory state around the buggy address: [ 26.525310] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.525451] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.526167] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.526308] ^ [ 26.527065] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.527456] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.527963] ================================================================== [ 26.641757] ================================================================== [ 26.641887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 26.642028] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.642160] [ 26.642247] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.642497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.642576] Hardware name: linux,dummy-virt (DT) [ 26.642660] Call trace: [ 26.642727] show_stack+0x20/0x38 (C) [ 26.642864] dump_stack_lvl+0x8c/0xd0 [ 26.643948] print_report+0x118/0x608 [ 26.644343] kasan_report+0xdc/0x128 [ 26.645647] kasan_check_range+0x100/0x1a8 [ 26.645800] __kasan_check_write+0x20/0x30 [ 26.645902] kasan_atomics_helper+0x14e4/0x4858 [ 26.645963] kasan_atomics+0x198/0x2e0 [ 26.646014] kunit_try_run_case+0x170/0x3f0 [ 26.646078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.646140] kthread+0x328/0x630 [ 26.646193] ret_from_fork+0x10/0x20 [ 26.646254] [ 26.646279] Allocated by task 269: [ 26.646340] kasan_save_stack+0x3c/0x68 [ 26.646398] kasan_save_track+0x20/0x40 [ 26.646498] kasan_save_alloc_info+0x40/0x58 [ 26.646582] __kasan_kmalloc+0xd4/0xd8 [ 26.646680] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.646808] kasan_atomics+0xb8/0x2e0 [ 26.646906] kunit_try_run_case+0x170/0x3f0 [ 26.647013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.647131] kthread+0x328/0x630 [ 26.647225] ret_from_fork+0x10/0x20 [ 26.647323] [ 26.647382] The buggy address belongs to the object at fff00000c7733980 [ 26.647382] which belongs to the cache kmalloc-64 of size 64 [ 26.647563] The buggy address is located 0 bytes to the right of [ 26.647563] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.647760] [ 26.647822] The buggy address belongs to the physical page: [ 26.647926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.648079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.648224] page_type: f5(slab) [ 26.648348] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.648899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.650013] page dumped because: kasan: bad access detected [ 26.650245] [ 26.650914] Memory state around the buggy address: [ 26.651269] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.651658] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.651826] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.651973] ^ [ 26.652105] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.652264] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.652381] ================================================================== [ 26.756055] ================================================================== [ 26.756169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 26.756284] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.756396] [ 26.758048] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.758236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.758317] Hardware name: linux,dummy-virt (DT) [ 26.759971] Call trace: [ 26.760057] show_stack+0x20/0x38 (C) [ 26.760192] dump_stack_lvl+0x8c/0xd0 [ 26.760296] print_report+0x118/0x608 [ 26.760383] kasan_report+0xdc/0x128 [ 26.760490] kasan_check_range+0x100/0x1a8 [ 26.760578] __kasan_check_write+0x20/0x30 [ 26.760674] kasan_atomics_helper+0x17ec/0x4858 [ 26.762199] kasan_atomics+0x198/0x2e0 [ 26.762612] kunit_try_run_case+0x170/0x3f0 [ 26.762801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.763028] kthread+0x328/0x630 [ 26.763133] ret_from_fork+0x10/0x20 [ 26.763283] [ 26.763325] Allocated by task 269: [ 26.763395] kasan_save_stack+0x3c/0x68 [ 26.763508] kasan_save_track+0x20/0x40 [ 26.763624] kasan_save_alloc_info+0x40/0x58 [ 26.763754] __kasan_kmalloc+0xd4/0xd8 [ 26.763874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.764015] kasan_atomics+0xb8/0x2e0 [ 26.764129] kunit_try_run_case+0x170/0x3f0 [ 26.764221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.764327] kthread+0x328/0x630 [ 26.764441] ret_from_fork+0x10/0x20 [ 26.764539] [ 26.764588] The buggy address belongs to the object at fff00000c7733980 [ 26.764588] which belongs to the cache kmalloc-64 of size 64 [ 26.764723] The buggy address is located 0 bytes to the right of [ 26.764723] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.764882] [ 26.764950] The buggy address belongs to the physical page: [ 26.765065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.765241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.765420] page_type: f5(slab) [ 26.765501] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.765638] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.765757] page dumped because: kasan: bad access detected [ 26.765825] [ 26.765866] Memory state around the buggy address: [ 26.765940] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.766046] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.766161] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.766274] ^ [ 26.766449] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.766585] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.766700] ================================================================== [ 26.560295] ================================================================== [ 26.560521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 26.560769] Write of size 8 at addr fff00000c77339b0 by task kunit_try_catch/269 [ 26.561560] [ 26.561866] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 26.562369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.562470] Hardware name: linux,dummy-virt (DT) [ 26.562552] Call trace: [ 26.562613] show_stack+0x20/0x38 (C) [ 26.562751] dump_stack_lvl+0x8c/0xd0 [ 26.562878] print_report+0x118/0x608 [ 26.562998] kasan_report+0xdc/0x128 [ 26.563112] kasan_check_range+0x100/0x1a8 [ 26.563242] __kasan_check_write+0x20/0x30 [ 26.563370] kasan_atomics_helper+0x126c/0x4858 [ 26.563517] kasan_atomics+0x198/0x2e0 [ 26.563638] kunit_try_run_case+0x170/0x3f0 [ 26.563767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.563914] kthread+0x328/0x630 [ 26.564035] ret_from_fork+0x10/0x20 [ 26.564163] [ 26.564216] Allocated by task 269: [ 26.564300] kasan_save_stack+0x3c/0x68 [ 26.565415] kasan_save_track+0x20/0x40 [ 26.566180] kasan_save_alloc_info+0x40/0x58 [ 26.566296] __kasan_kmalloc+0xd4/0xd8 [ 26.566394] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.566507] kasan_atomics+0xb8/0x2e0 [ 26.566581] kunit_try_run_case+0x170/0x3f0 [ 26.566669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.566765] kthread+0x328/0x630 [ 26.566840] ret_from_fork+0x10/0x20 [ 26.566913] [ 26.566954] The buggy address belongs to the object at fff00000c7733980 [ 26.566954] which belongs to the cache kmalloc-64 of size 64 [ 26.567088] The buggy address is located 0 bytes to the right of [ 26.567088] allocated 48-byte region [fff00000c7733980, fff00000c77339b0) [ 26.567502] [ 26.567562] The buggy address belongs to the physical page: [ 26.567664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107733 [ 26.567868] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.568031] page_type: f5(slab) [ 26.568142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 26.568279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.568379] page dumped because: kasan: bad access detected [ 26.568473] [ 26.568522] Memory state around the buggy address: [ 26.568607] fff00000c7733880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.569654] fff00000c7733900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 26.569806] >fff00000c7733980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.569912] ^ [ 26.570233] fff00000c7733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.570458] fff00000c7733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.570557] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 25.790505] ================================================================== [ 25.790981] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 25.791148] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.791552] [ 25.791699] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.791933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.792014] Hardware name: linux,dummy-virt (DT) [ 25.792868] Call trace: [ 25.793005] show_stack+0x20/0x38 (C) [ 25.793143] dump_stack_lvl+0x8c/0xd0 [ 25.793269] print_report+0x118/0x608 [ 25.794086] kasan_report+0xdc/0x128 [ 25.794237] kasan_check_range+0x100/0x1a8 [ 25.794457] __kasan_check_write+0x20/0x30 [ 25.795003] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 25.795287] kasan_bitops_generic+0x110/0x1c8 [ 25.795470] kunit_try_run_case+0x170/0x3f0 [ 25.796028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.796173] kthread+0x328/0x630 [ 25.796690] ret_from_fork+0x10/0x20 [ 25.797044] [ 25.797262] Allocated by task 265: [ 25.797371] kasan_save_stack+0x3c/0x68 [ 25.797552] kasan_save_track+0x20/0x40 [ 25.797654] kasan_save_alloc_info+0x40/0x58 [ 25.798179] __kasan_kmalloc+0xd4/0xd8 [ 25.798297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.798655] kasan_bitops_generic+0xa0/0x1c8 [ 25.798773] kunit_try_run_case+0x170/0x3f0 [ 25.798883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.798990] kthread+0x328/0x630 [ 25.799066] ret_from_fork+0x10/0x20 [ 25.799155] [ 25.799208] The buggy address belongs to the object at fff00000c57223e0 [ 25.799208] which belongs to the cache kmalloc-16 of size 16 [ 25.800542] The buggy address is located 8 bytes inside of [ 25.800542] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.800800] [ 25.800859] The buggy address belongs to the physical page: [ 25.801338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.801888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.802055] page_type: f5(slab) [ 25.802159] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.802286] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.802841] page dumped because: kasan: bad access detected [ 25.803175] [ 25.803412] Memory state around the buggy address: [ 25.803549] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.803670] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.803861] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.804325] ^ [ 25.804662] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805027] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.805142] ================================================================== [ 25.724077] ================================================================== [ 25.724215] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 25.725308] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.725579] [ 25.725761] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.726056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.726140] Hardware name: linux,dummy-virt (DT) [ 25.726226] Call trace: [ 25.726706] show_stack+0x20/0x38 (C) [ 25.726888] dump_stack_lvl+0x8c/0xd0 [ 25.727194] print_report+0x118/0x608 [ 25.727337] kasan_report+0xdc/0x128 [ 25.727472] kasan_check_range+0x100/0x1a8 [ 25.727612] __kasan_check_write+0x20/0x30 [ 25.728706] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 25.729156] kasan_bitops_generic+0x110/0x1c8 [ 25.729298] kunit_try_run_case+0x170/0x3f0 [ 25.729448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.730555] kthread+0x328/0x630 [ 25.730705] ret_from_fork+0x10/0x20 [ 25.731158] [ 25.731213] Allocated by task 265: [ 25.731542] kasan_save_stack+0x3c/0x68 [ 25.732015] kasan_save_track+0x20/0x40 [ 25.732183] kasan_save_alloc_info+0x40/0x58 [ 25.732632] __kasan_kmalloc+0xd4/0xd8 [ 25.732776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.732898] kasan_bitops_generic+0xa0/0x1c8 [ 25.733053] kunit_try_run_case+0x170/0x3f0 [ 25.733212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.733333] kthread+0x328/0x630 [ 25.733665] ret_from_fork+0x10/0x20 [ 25.733947] [ 25.734054] The buggy address belongs to the object at fff00000c57223e0 [ 25.734054] which belongs to the cache kmalloc-16 of size 16 [ 25.734207] The buggy address is located 8 bytes inside of [ 25.734207] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.734758] [ 25.734836] The buggy address belongs to the physical page: [ 25.735302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.735585] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.736191] page_type: f5(slab) [ 25.736330] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.736603] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.737111] page dumped because: kasan: bad access detected [ 25.737207] [ 25.737263] Memory state around the buggy address: [ 25.737357] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.737484] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.737608] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.737718] ^ [ 25.738086] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.738632] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.739161] ================================================================== [ 25.808480] ================================================================== [ 25.808617] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 25.809585] Read of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.809964] [ 25.810078] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.810314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.810390] Hardware name: linux,dummy-virt (DT) [ 25.810483] Call trace: [ 25.811267] show_stack+0x20/0x38 (C) [ 25.811438] dump_stack_lvl+0x8c/0xd0 [ 25.811570] print_report+0x118/0x608 [ 25.811689] kasan_report+0xdc/0x128 [ 25.812356] __asan_report_load8_noabort+0x20/0x30 [ 25.812884] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 25.813373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.818731] [ 25.820720] page dumped because: kasan: bad access detected [ 25.825163] ================================================================== [ 25.741500] ================================================================== [ 25.741632] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 25.741763] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.741888] [ 25.741978] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.742186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.742880] Hardware name: linux,dummy-virt (DT) [ 25.743223] Call trace: [ 25.743305] show_stack+0x20/0x38 (C) [ 25.743871] dump_stack_lvl+0x8c/0xd0 [ 25.744002] print_report+0x118/0x608 [ 25.744913] kasan_report+0xdc/0x128 [ 25.745191] kasan_check_range+0x100/0x1a8 [ 25.745311] __kasan_check_write+0x20/0x30 [ 25.745874] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 25.746412] kasan_bitops_generic+0x110/0x1c8 [ 25.746695] kunit_try_run_case+0x170/0x3f0 [ 25.747045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.747212] kthread+0x328/0x630 [ 25.747332] ret_from_fork+0x10/0x20 [ 25.747477] [ 25.747531] Allocated by task 265: [ 25.747612] kasan_save_stack+0x3c/0x68 [ 25.747728] kasan_save_track+0x20/0x40 [ 25.747830] kasan_save_alloc_info+0x40/0x58 [ 25.747932] __kasan_kmalloc+0xd4/0xd8 [ 25.748358] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.749605] kasan_bitops_generic+0xa0/0x1c8 [ 25.749718] kunit_try_run_case+0x170/0x3f0 [ 25.749836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.749959] kthread+0x328/0x630 [ 25.750053] ret_from_fork+0x10/0x20 [ 25.750718] [ 25.750786] The buggy address belongs to the object at fff00000c57223e0 [ 25.750786] which belongs to the cache kmalloc-16 of size 16 [ 25.751137] The buggy address is located 8 bytes inside of [ 25.751137] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.751315] [ 25.751763] The buggy address belongs to the physical page: [ 25.751895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.752256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.752851] page_type: f5(slab) [ 25.752976] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.753109] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.753224] page dumped because: kasan: bad access detected [ 25.753315] [ 25.753366] Memory state around the buggy address: [ 25.754050] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.754637] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.754793] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.754973] ^ [ 25.755467] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.755619] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.755728] ================================================================== [ 25.670733] ================================================================== [ 25.671272] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 25.671963] Read of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.672124] [ 25.672225] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.672458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.673995] Hardware name: linux,dummy-virt (DT) [ 25.674742] Call trace: [ 25.675263] show_stack+0x20/0x38 (C) [ 25.675970] dump_stack_lvl+0x8c/0xd0 [ 25.676555] print_report+0x118/0x608 [ 25.677256] kasan_report+0xdc/0x128 [ 25.677639] __asan_report_load8_noabort+0x20/0x30 [ 25.678164] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 25.678327] kasan_bitops_generic+0x110/0x1c8 [ 25.679601] kunit_try_run_case+0x170/0x3f0 [ 25.680046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.680515] kthread+0x328/0x630 [ 25.680976] ret_from_fork+0x10/0x20 [ 25.681620] [ 25.681946] Allocated by task 265: [ 25.682071] kasan_save_stack+0x3c/0x68 [ 25.683046] kasan_save_track+0x20/0x40 [ 25.683515] kasan_save_alloc_info+0x40/0x58 [ 25.684495] __kasan_kmalloc+0xd4/0xd8 [ 25.684616] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.684734] kasan_bitops_generic+0xa0/0x1c8 [ 25.684835] kunit_try_run_case+0x170/0x3f0 [ 25.684942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.685067] kthread+0x328/0x630 [ 25.685166] ret_from_fork+0x10/0x20 [ 25.685263] [ 25.685318] The buggy address belongs to the object at fff00000c57223e0 [ 25.685318] which belongs to the cache kmalloc-16 of size 16 [ 25.687095] The buggy address is located 8 bytes inside of [ 25.687095] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.687281] [ 25.687336] The buggy address belongs to the physical page: [ 25.687819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.687978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.688104] page_type: f5(slab) [ 25.688195] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.688300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.688394] page dumped because: kasan: bad access detected [ 25.688798] [ 25.688943] Memory state around the buggy address: [ 25.689067] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.689198] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.689318] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.689668] ^ [ 25.689765] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.689943] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.690038] ================================================================== [ 25.641729] ================================================================== [ 25.642040] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 25.642228] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.642414] [ 25.642505] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.642736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.643231] Hardware name: linux,dummy-virt (DT) [ 25.643309] Call trace: [ 25.643368] show_stack+0x20/0x38 (C) [ 25.643502] dump_stack_lvl+0x8c/0xd0 [ 25.643621] print_report+0x118/0x608 [ 25.643734] kasan_report+0xdc/0x128 [ 25.643860] kasan_check_range+0x100/0x1a8 [ 25.643975] __kasan_check_write+0x20/0x30 [ 25.644394] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 25.644585] kasan_bitops_generic+0x110/0x1c8 [ 25.644728] kunit_try_run_case+0x170/0x3f0 [ 25.644856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.645000] kthread+0x328/0x630 [ 25.645110] ret_from_fork+0x10/0x20 [ 25.645240] [ 25.645288] Allocated by task 265: [ 25.645365] kasan_save_stack+0x3c/0x68 [ 25.645882] kasan_save_track+0x20/0x40 [ 25.646065] kasan_save_alloc_info+0x40/0x58 [ 25.646328] __kasan_kmalloc+0xd4/0xd8 [ 25.646535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.646652] kasan_bitops_generic+0xa0/0x1c8 [ 25.647244] kunit_try_run_case+0x170/0x3f0 [ 25.647614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.647800] kthread+0x328/0x630 [ 25.648342] ret_from_fork+0x10/0x20 [ 25.648499] [ 25.649076] The buggy address belongs to the object at fff00000c57223e0 [ 25.649076] which belongs to the cache kmalloc-16 of size 16 [ 25.649811] The buggy address is located 8 bytes inside of [ 25.649811] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.650218] [ 25.650531] The buggy address belongs to the physical page: [ 25.651095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.651298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.651432] page_type: f5(slab) [ 25.652199] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.652534] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.652676] page dumped because: kasan: bad access detected [ 25.652865] [ 25.653024] Memory state around the buggy address: [ 25.653398] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.653541] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.653664] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.653776] ^ [ 25.655470] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.656018] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.656256] ================================================================== [ 25.696270] ================================================================== [ 25.697489] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 25.697663] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.697772] [ 25.697858] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.698058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.698113] Hardware name: linux,dummy-virt (DT) [ 25.698177] Call trace: [ 25.699548] show_stack+0x20/0x38 (C) [ 25.699721] dump_stack_lvl+0x8c/0xd0 [ 25.699855] print_report+0x118/0x608 [ 25.699975] kasan_report+0xdc/0x128 [ 25.700100] kasan_check_range+0x100/0x1a8 [ 25.700228] __kasan_check_write+0x20/0x30 [ 25.701129] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 25.702575] kasan_bitops_generic+0x110/0x1c8 [ 25.702747] kunit_try_run_case+0x170/0x3f0 [ 25.702883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.703034] kthread+0x328/0x630 [ 25.703821] ret_from_fork+0x10/0x20 [ 25.703985] [ 25.704034] Allocated by task 265: [ 25.704108] kasan_save_stack+0x3c/0x68 [ 25.704194] kasan_save_track+0x20/0x40 [ 25.704282] kasan_save_alloc_info+0x40/0x58 [ 25.704386] __kasan_kmalloc+0xd4/0xd8 [ 25.704508] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.704663] kasan_bitops_generic+0xa0/0x1c8 [ 25.704801] kunit_try_run_case+0x170/0x3f0 [ 25.704917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.705078] kthread+0x328/0x630 [ 25.705202] ret_from_fork+0x10/0x20 [ 25.705296] [ 25.705372] The buggy address belongs to the object at fff00000c57223e0 [ 25.705372] which belongs to the cache kmalloc-16 of size 16 [ 25.705525] The buggy address is located 8 bytes inside of [ 25.705525] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.705675] [ 25.705737] The buggy address belongs to the physical page: [ 25.705890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.706083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.706538] page_type: f5(slab) [ 25.706754] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.707169] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.707335] page dumped because: kasan: bad access detected [ 25.707456] [ 25.707501] Memory state around the buggy address: [ 25.707586] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.707931] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.708082] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.708188] ^ [ 25.708301] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.708454] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.708710] ================================================================== [ 25.759419] ================================================================== [ 25.759634] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 25.760200] Read of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.760365] [ 25.760475] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.760696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.760771] Hardware name: linux,dummy-virt (DT) [ 25.760856] Call trace: [ 25.761425] show_stack+0x20/0x38 (C) [ 25.761966] dump_stack_lvl+0x8c/0xd0 [ 25.762124] print_report+0x118/0x608 [ 25.762255] kasan_report+0xdc/0x128 [ 25.762384] __asan_report_load8_noabort+0x20/0x30 [ 25.762712] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 25.763295] kasan_bitops_generic+0x110/0x1c8 [ 25.763422] kunit_try_run_case+0x170/0x3f0 [ 25.763588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.763813] kthread+0x328/0x630 [ 25.763965] ret_from_fork+0x10/0x20 [ 25.764168] [ 25.764231] Allocated by task 265: [ 25.764734] kasan_save_stack+0x3c/0x68 [ 25.764878] kasan_save_track+0x20/0x40 [ 25.764977] kasan_save_alloc_info+0x40/0x58 [ 25.765200] __kasan_kmalloc+0xd4/0xd8 [ 25.765535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.765656] kasan_bitops_generic+0xa0/0x1c8 [ 25.765764] kunit_try_run_case+0x170/0x3f0 [ 25.766373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.766715] kthread+0x328/0x630 [ 25.766827] ret_from_fork+0x10/0x20 [ 25.766922] [ 25.767219] The buggy address belongs to the object at fff00000c57223e0 [ 25.767219] which belongs to the cache kmalloc-16 of size 16 [ 25.767390] The buggy address is located 8 bytes inside of [ 25.767390] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.767576] [ 25.767632] The buggy address belongs to the physical page: [ 25.767726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.767864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.768031] page_type: f5(slab) [ 25.768147] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.768286] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.768396] page dumped because: kasan: bad access detected [ 25.768497] [ 25.768552] Memory state around the buggy address: [ 25.768633] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.768755] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.768877] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.768985] ^ [ 25.769097] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.769223] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.769349] ================================================================== [ 25.710543] ================================================================== [ 25.710679] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 25.710809] Read of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.710947] [ 25.711037] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.711252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.711327] Hardware name: linux,dummy-virt (DT) [ 25.713443] Call trace: [ 25.713589] show_stack+0x20/0x38 (C) [ 25.713792] dump_stack_lvl+0x8c/0xd0 [ 25.713935] print_report+0x118/0x608 [ 25.714082] kasan_report+0xdc/0x128 [ 25.714191] __asan_report_load8_noabort+0x20/0x30 [ 25.714451] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 25.714576] kasan_bitops_generic+0x110/0x1c8 [ 25.714752] kunit_try_run_case+0x170/0x3f0 [ 25.714999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.715362] kthread+0x328/0x630 [ 25.715576] ret_from_fork+0x10/0x20 [ 25.715856] [ 25.715929] Allocated by task 265: [ 25.716014] kasan_save_stack+0x3c/0x68 [ 25.716195] kasan_save_track+0x20/0x40 [ 25.716298] kasan_save_alloc_info+0x40/0x58 [ 25.716411] __kasan_kmalloc+0xd4/0xd8 [ 25.716512] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.716615] kasan_bitops_generic+0xa0/0x1c8 [ 25.716728] kunit_try_run_case+0x170/0x3f0 [ 25.716838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.716954] kthread+0x328/0x630 [ 25.717810] ret_from_fork+0x10/0x20 [ 25.717959] [ 25.718021] The buggy address belongs to the object at fff00000c57223e0 [ 25.718021] which belongs to the cache kmalloc-16 of size 16 [ 25.718176] The buggy address is located 8 bytes inside of [ 25.718176] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.718350] [ 25.718500] The buggy address belongs to the physical page: [ 25.718578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.719147] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.719294] page_type: f5(slab) [ 25.719491] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.719627] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.719733] page dumped because: kasan: bad access detected [ 25.719829] [ 25.719881] Memory state around the buggy address: [ 25.719966] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.720084] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.720227] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.720335] ^ [ 25.721202] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.721333] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.721499] ================================================================== [ 25.773205] ================================================================== [ 25.773341] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 25.773479] Write of size 8 at addr fff00000c57223e8 by task kunit_try_catch/265 [ 25.773601] [ 25.773695] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.773902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.773970] Hardware name: linux,dummy-virt (DT) [ 25.774050] Call trace: [ 25.774114] show_stack+0x20/0x38 (C) [ 25.774243] dump_stack_lvl+0x8c/0xd0 [ 25.774379] print_report+0x118/0x608 [ 25.775667] kasan_report+0xdc/0x128 [ 25.775883] kasan_check_range+0x100/0x1a8 [ 25.776085] __kasan_check_write+0x20/0x30 [ 25.776487] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 25.777014] kasan_bitops_generic+0x110/0x1c8 [ 25.777669] kunit_try_run_case+0x170/0x3f0 [ 25.778352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.778569] kthread+0x328/0x630 [ 25.778799] ret_from_fork+0x10/0x20 [ 25.779022] [ 25.779116] Allocated by task 265: [ 25.779199] kasan_save_stack+0x3c/0x68 [ 25.779764] kasan_save_track+0x20/0x40 [ 25.779976] kasan_save_alloc_info+0x40/0x58 [ 25.780086] __kasan_kmalloc+0xd4/0xd8 [ 25.780223] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.780435] kasan_bitops_generic+0xa0/0x1c8 [ 25.780558] kunit_try_run_case+0x170/0x3f0 [ 25.781097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.781421] kthread+0x328/0x630 [ 25.781621] ret_from_fork+0x10/0x20 [ 25.782002] [ 25.782086] The buggy address belongs to the object at fff00000c57223e0 [ 25.782086] which belongs to the cache kmalloc-16 of size 16 [ 25.782459] The buggy address is located 8 bytes inside of [ 25.782459] allocated 9-byte region [fff00000c57223e0, fff00000c57223e9) [ 25.782957] [ 25.783022] The buggy address belongs to the physical page: [ 25.783109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 25.783227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.783349] page_type: f5(slab) [ 25.784494] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.784894] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.785435] page dumped because: kasan: bad access detected [ 25.785770] [ 25.786113] Memory state around the buggy address: [ 25.786216] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 25.786749] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.786886] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 25.787046] ^ [ 25.787207] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.787393] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.787582] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 25.590410] ================================================================== [ 25.590564] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 25.590698] Read of size 1 at addr fff00000c772d090 by task kunit_try_catch/263 [ 25.590834] [ 25.590923] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.591148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.591220] Hardware name: linux,dummy-virt (DT) [ 25.591309] Call trace: [ 25.591372] show_stack+0x20/0x38 (C) [ 25.592134] dump_stack_lvl+0x8c/0xd0 [ 25.592255] print_report+0x118/0x608 [ 25.592360] kasan_report+0xdc/0x128 [ 25.592454] __asan_report_load1_noabort+0x20/0x30 [ 25.592557] strnlen+0x80/0x88 [ 25.593645] kasan_strings+0x478/0xb00 [ 25.593826] kunit_try_run_case+0x170/0x3f0 [ 25.593962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.594111] kthread+0x328/0x630 [ 25.594231] ret_from_fork+0x10/0x20 [ 25.594936] [ 25.594995] Allocated by task 263: [ 25.595078] kasan_save_stack+0x3c/0x68 [ 25.595194] kasan_save_track+0x20/0x40 [ 25.595316] kasan_save_alloc_info+0x40/0x58 [ 25.595437] __kasan_kmalloc+0xd4/0xd8 [ 25.595536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.595653] kasan_strings+0xc8/0xb00 [ 25.595753] kunit_try_run_case+0x170/0x3f0 [ 25.596341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.597083] kthread+0x328/0x630 [ 25.597284] ret_from_fork+0x10/0x20 [ 25.597486] [ 25.597544] Freed by task 263: [ 25.597831] kasan_save_stack+0x3c/0x68 [ 25.598234] kasan_save_track+0x20/0x40 [ 25.598466] kasan_save_free_info+0x4c/0x78 [ 25.599067] __kasan_slab_free+0x6c/0x98 [ 25.599195] kfree+0x214/0x3c8 [ 25.599528] kasan_strings+0x24c/0xb00 [ 25.599642] kunit_try_run_case+0x170/0x3f0 [ 25.599767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.600488] kthread+0x328/0x630 [ 25.600624] ret_from_fork+0x10/0x20 [ 25.600839] [ 25.600908] The buggy address belongs to the object at fff00000c772d080 [ 25.600908] which belongs to the cache kmalloc-32 of size 32 [ 25.601600] The buggy address is located 16 bytes inside of [ 25.601600] freed 32-byte region [fff00000c772d080, fff00000c772d0a0) [ 25.601962] [ 25.602029] The buggy address belongs to the physical page: [ 25.602578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772d [ 25.602825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.602986] page_type: f5(slab) [ 25.603094] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.603301] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.603660] page dumped because: kasan: bad access detected [ 25.603910] [ 25.604226] Memory state around the buggy address: [ 25.604343] fff00000c772cf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.604473] fff00000c772d000: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.604868] >fff00000c772d080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.605190] ^ [ 25.605312] fff00000c772d100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.605511] fff00000c772d180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.605600] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 25.576158] ================================================================== [ 25.576376] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 25.576646] Read of size 1 at addr fff00000c772d090 by task kunit_try_catch/263 [ 25.576883] [ 25.577047] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.577275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.577353] Hardware name: linux,dummy-virt (DT) [ 25.577453] Call trace: [ 25.577520] show_stack+0x20/0x38 (C) [ 25.577644] dump_stack_lvl+0x8c/0xd0 [ 25.577774] print_report+0x118/0x608 [ 25.577893] kasan_report+0xdc/0x128 [ 25.578011] __asan_report_load1_noabort+0x20/0x30 [ 25.578142] strlen+0xa8/0xb0 [ 25.578256] kasan_strings+0x418/0xb00 [ 25.578979] kunit_try_run_case+0x170/0x3f0 [ 25.579370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.579832] kthread+0x328/0x630 [ 25.579971] ret_from_fork+0x10/0x20 [ 25.580100] [ 25.580150] Allocated by task 263: [ 25.580228] kasan_save_stack+0x3c/0x68 [ 25.580336] kasan_save_track+0x20/0x40 [ 25.580440] kasan_save_alloc_info+0x40/0x58 [ 25.581003] __kasan_kmalloc+0xd4/0xd8 [ 25.581193] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.581322] kasan_strings+0xc8/0xb00 [ 25.581709] kunit_try_run_case+0x170/0x3f0 [ 25.582057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.582219] kthread+0x328/0x630 [ 25.582349] ret_from_fork+0x10/0x20 [ 25.582568] [ 25.582668] Freed by task 263: [ 25.582879] kasan_save_stack+0x3c/0x68 [ 25.583338] kasan_save_track+0x20/0x40 [ 25.583587] kasan_save_free_info+0x4c/0x78 [ 25.583708] __kasan_slab_free+0x6c/0x98 [ 25.583928] kfree+0x214/0x3c8 [ 25.584037] kasan_strings+0x24c/0xb00 [ 25.584504] kunit_try_run_case+0x170/0x3f0 [ 25.584641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.584844] kthread+0x328/0x630 [ 25.584928] ret_from_fork+0x10/0x20 [ 25.585013] [ 25.585070] The buggy address belongs to the object at fff00000c772d080 [ 25.585070] which belongs to the cache kmalloc-32 of size 32 [ 25.585231] The buggy address is located 16 bytes inside of [ 25.585231] freed 32-byte region [fff00000c772d080, fff00000c772d0a0) [ 25.585395] [ 25.585463] The buggy address belongs to the physical page: [ 25.585549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772d [ 25.585689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.585823] page_type: f5(slab) [ 25.586547] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.586845] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.586969] page dumped because: kasan: bad access detected [ 25.587037] [ 25.587079] Memory state around the buggy address: [ 25.587599] fff00000c772cf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.587726] fff00000c772d000: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.587863] >fff00000c772d080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.588066] ^ [ 25.588153] fff00000c772d100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.588822] fff00000c772d180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.588963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 25.559879] ================================================================== [ 25.560006] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 25.560128] Read of size 1 at addr fff00000c772d090 by task kunit_try_catch/263 [ 25.560246] [ 25.560326] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.560683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.560752] Hardware name: linux,dummy-virt (DT) [ 25.560863] Call trace: [ 25.560920] show_stack+0x20/0x38 (C) [ 25.561037] dump_stack_lvl+0x8c/0xd0 [ 25.561157] print_report+0x118/0x608 [ 25.561306] kasan_report+0xdc/0x128 [ 25.561439] __asan_report_load1_noabort+0x20/0x30 [ 25.561550] kasan_strings+0x95c/0xb00 [ 25.561703] kunit_try_run_case+0x170/0x3f0 [ 25.561836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.561961] kthread+0x328/0x630 [ 25.562353] ret_from_fork+0x10/0x20 [ 25.562877] [ 25.562975] Allocated by task 263: [ 25.563133] kasan_save_stack+0x3c/0x68 [ 25.563261] kasan_save_track+0x20/0x40 [ 25.563375] kasan_save_alloc_info+0x40/0x58 [ 25.563522] __kasan_kmalloc+0xd4/0xd8 [ 25.563611] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.563883] kasan_strings+0xc8/0xb00 [ 25.563989] kunit_try_run_case+0x170/0x3f0 [ 25.564122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.564279] kthread+0x328/0x630 [ 25.564464] ret_from_fork+0x10/0x20 [ 25.564619] [ 25.564725] Freed by task 263: [ 25.564880] kasan_save_stack+0x3c/0x68 [ 25.565255] kasan_save_track+0x20/0x40 [ 25.565620] kasan_save_free_info+0x4c/0x78 [ 25.565828] __kasan_slab_free+0x6c/0x98 [ 25.566041] kfree+0x214/0x3c8 [ 25.566153] kasan_strings+0x24c/0xb00 [ 25.566747] kunit_try_run_case+0x170/0x3f0 [ 25.566987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.567281] kthread+0x328/0x630 [ 25.567594] ret_from_fork+0x10/0x20 [ 25.567746] [ 25.567891] The buggy address belongs to the object at fff00000c772d080 [ 25.567891] which belongs to the cache kmalloc-32 of size 32 [ 25.568139] The buggy address is located 16 bytes inside of [ 25.568139] freed 32-byte region [fff00000c772d080, fff00000c772d0a0) [ 25.568424] [ 25.568514] The buggy address belongs to the physical page: [ 25.568692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772d [ 25.569466] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.569848] page_type: f5(slab) [ 25.570180] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.570687] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.570982] page dumped because: kasan: bad access detected [ 25.571258] [ 25.571325] Memory state around the buggy address: [ 25.571651] fff00000c772cf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.571824] fff00000c772d000: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.571979] >fff00000c772d080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.572161] ^ [ 25.572319] fff00000c772d100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.572599] fff00000c772d180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.573107] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 25.544842] ================================================================== [ 25.545269] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 25.545673] Read of size 1 at addr fff00000c772d090 by task kunit_try_catch/263 [ 25.546016] [ 25.546301] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.546686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.546813] Hardware name: linux,dummy-virt (DT) [ 25.546887] Call trace: [ 25.547175] show_stack+0x20/0x38 (C) [ 25.547330] dump_stack_lvl+0x8c/0xd0 [ 25.547514] print_report+0x118/0x608 [ 25.547681] kasan_report+0xdc/0x128 [ 25.547834] __asan_report_load1_noabort+0x20/0x30 [ 25.548015] strcmp+0xc0/0xc8 [ 25.548223] kasan_strings+0x340/0xb00 [ 25.548664] kunit_try_run_case+0x170/0x3f0 [ 25.548871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.549178] kthread+0x328/0x630 [ 25.549483] ret_from_fork+0x10/0x20 [ 25.549845] [ 25.549897] Allocated by task 263: [ 25.550037] kasan_save_stack+0x3c/0x68 [ 25.550138] kasan_save_track+0x20/0x40 [ 25.550515] kasan_save_alloc_info+0x40/0x58 [ 25.550660] __kasan_kmalloc+0xd4/0xd8 [ 25.550749] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.550839] kasan_strings+0xc8/0xb00 [ 25.550924] kunit_try_run_case+0x170/0x3f0 [ 25.551488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.551878] kthread+0x328/0x630 [ 25.552292] ret_from_fork+0x10/0x20 [ 25.552573] [ 25.552649] Freed by task 263: [ 25.552789] kasan_save_stack+0x3c/0x68 [ 25.552892] kasan_save_track+0x20/0x40 [ 25.553082] kasan_save_free_info+0x4c/0x78 [ 25.553194] __kasan_slab_free+0x6c/0x98 [ 25.553325] kfree+0x214/0x3c8 [ 25.553443] kasan_strings+0x24c/0xb00 [ 25.553556] kunit_try_run_case+0x170/0x3f0 [ 25.553687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.553801] kthread+0x328/0x630 [ 25.553886] ret_from_fork+0x10/0x20 [ 25.554020] [ 25.554093] The buggy address belongs to the object at fff00000c772d080 [ 25.554093] which belongs to the cache kmalloc-32 of size 32 [ 25.554310] The buggy address is located 16 bytes inside of [ 25.554310] freed 32-byte region [fff00000c772d080, fff00000c772d0a0) [ 25.554528] [ 25.554584] The buggy address belongs to the physical page: [ 25.554698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772d [ 25.554825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.554933] page_type: f5(slab) [ 25.555049] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.555171] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.555272] page dumped because: kasan: bad access detected [ 25.555347] [ 25.555387] Memory state around the buggy address: [ 25.555542] fff00000c772cf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.555726] fff00000c772d000: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.555900] >fff00000c772d080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.556055] ^ [ 25.556137] fff00000c772d100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.556314] fff00000c772d180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.556475] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 25.496578] ================================================================== [ 25.496771] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 25.496935] Read of size 1 at addr fff00000c7717f18 by task kunit_try_catch/261 [ 25.497069] [ 25.497163] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.497382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.497546] Hardware name: linux,dummy-virt (DT) [ 25.497628] Call trace: [ 25.498056] show_stack+0x20/0x38 (C) [ 25.498962] dump_stack_lvl+0x8c/0xd0 [ 25.499737] print_report+0x118/0x608 [ 25.499868] kasan_report+0xdc/0x128 [ 25.500605] __asan_report_load1_noabort+0x20/0x30 [ 25.500936] memcmp+0x198/0x1d8 [ 25.501047] kasan_memcmp+0x16c/0x300 [ 25.501169] kunit_try_run_case+0x170/0x3f0 [ 25.501304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.503193] kthread+0x328/0x630 [ 25.503562] ret_from_fork+0x10/0x20 [ 25.504306] [ 25.504438] Allocated by task 261: [ 25.504708] kasan_save_stack+0x3c/0x68 [ 25.504885] kasan_save_track+0x20/0x40 [ 25.504984] kasan_save_alloc_info+0x40/0x58 [ 25.505723] __kasan_kmalloc+0xd4/0xd8 [ 25.506365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.506932] kasan_memcmp+0xbc/0x300 [ 25.507374] kunit_try_run_case+0x170/0x3f0 [ 25.507503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.507998] kthread+0x328/0x630 [ 25.508128] ret_from_fork+0x10/0x20 [ 25.508373] [ 25.508549] The buggy address belongs to the object at fff00000c7717f00 [ 25.508549] which belongs to the cache kmalloc-32 of size 32 [ 25.508827] The buggy address is located 0 bytes to the right of [ 25.508827] allocated 24-byte region [fff00000c7717f00, fff00000c7717f18) [ 25.509326] [ 25.509394] The buggy address belongs to the physical page: [ 25.509496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107717 [ 25.509641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.509770] page_type: f5(slab) [ 25.509880] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.510347] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.510539] page dumped because: kasan: bad access detected [ 25.510704] [ 25.510782] Memory state around the buggy address: [ 25.511010] fff00000c7717e00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 25.511253] fff00000c7717e80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.511603] >fff00000c7717f00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.511710] ^ [ 25.511792] fff00000c7717f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.512138] fff00000c7718000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.512376] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 25.406246] ================================================================== [ 25.406928] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 25.407412] Read of size 1 at addr ffff8000809c7b4a by task kunit_try_catch/257 [ 25.407712] [ 25.407874] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.408527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.408887] Hardware name: linux,dummy-virt (DT) [ 25.409381] Call trace: [ 25.409509] show_stack+0x20/0x38 (C) [ 25.409649] dump_stack_lvl+0x8c/0xd0 [ 25.410166] print_report+0x310/0x608 [ 25.410533] kasan_report+0xdc/0x128 [ 25.410679] __asan_report_load1_noabort+0x20/0x30 [ 25.410809] kasan_alloca_oob_right+0x2dc/0x340 [ 25.410918] kunit_try_run_case+0x170/0x3f0 [ 25.411273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.411745] kthread+0x328/0x630 [ 25.411877] ret_from_fork+0x10/0x20 [ 25.412086] [ 25.412151] The buggy address belongs to stack of task kunit_try_catch/257 [ 25.412279] [ 25.412345] The buggy address belongs to the virtual mapping at [ 25.412345] [ffff8000809c0000, ffff8000809c9000) created by: [ 25.412345] kernel_clone+0x150/0x7a8 [ 25.412555] [ 25.413032] The buggy address belongs to the physical page: [ 25.413249] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063be [ 25.413412] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.414042] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.414324] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.414530] page dumped because: kasan: bad access detected [ 25.414639] [ 25.415064] Memory state around the buggy address: [ 25.415188] ffff8000809c7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.415412] ffff8000809c7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.415617] >ffff8000809c7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 25.415726] ^ [ 25.415842] ffff8000809c7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 25.416035] ffff8000809c7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.416144] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 25.344518] ================================================================== [ 25.344729] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 25.344900] Read of size 1 at addr ffff8000809c7b5f by task kunit_try_catch/255 [ 25.345033] [ 25.345127] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.345347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.346088] Hardware name: linux,dummy-virt (DT) [ 25.346273] Call trace: [ 25.346488] show_stack+0x20/0x38 (C) [ 25.346982] dump_stack_lvl+0x8c/0xd0 [ 25.347262] print_report+0x310/0x608 [ 25.347448] kasan_report+0xdc/0x128 [ 25.347542] __asan_report_load1_noabort+0x20/0x30 [ 25.347660] kasan_alloca_oob_left+0x2b8/0x310 [ 25.348320] kunit_try_run_case+0x170/0x3f0 [ 25.348477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.348612] kthread+0x328/0x630 [ 25.348779] ret_from_fork+0x10/0x20 [ 25.349119] [ 25.349282] The buggy address belongs to stack of task kunit_try_catch/255 [ 25.349482] [ 25.349929] The buggy address belongs to the virtual mapping at [ 25.349929] [ffff8000809c0000, ffff8000809c9000) created by: [ 25.349929] kernel_clone+0x150/0x7a8 [ 25.350425] [ 25.350654] The buggy address belongs to the physical page: [ 25.350794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063be [ 25.351200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.351476] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.351756] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.351945] page dumped because: kasan: bad access detected [ 25.352145] [ 25.352304] Memory state around the buggy address: [ 25.352458] ffff8000809c7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.352658] ffff8000809c7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.352864] >ffff8000809c7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 25.353101] ^ [ 25.353439] ffff8000809c7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 25.353664] ffff8000809c7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.353765] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 25.318495] ================================================================== [ 25.318930] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 25.319547] Read of size 1 at addr ffff8000809c7c2a by task kunit_try_catch/253 [ 25.319711] [ 25.319810] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.320073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.320176] Hardware name: linux,dummy-virt (DT) [ 25.320371] Call trace: [ 25.320720] show_stack+0x20/0x38 (C) [ 25.321096] dump_stack_lvl+0x8c/0xd0 [ 25.321309] print_report+0x310/0x608 [ 25.321540] kasan_report+0xdc/0x128 [ 25.321841] __asan_report_load1_noabort+0x20/0x30 [ 25.321966] kasan_stack_oob+0x238/0x270 [ 25.322083] kunit_try_run_case+0x170/0x3f0 [ 25.322542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.322746] kthread+0x328/0x630 [ 25.322857] ret_from_fork+0x10/0x20 [ 25.323127] [ 25.323480] The buggy address belongs to stack of task kunit_try_catch/253 [ 25.324015] and is located at offset 138 in frame: [ 25.324436] kasan_stack_oob+0x0/0x270 [ 25.325015] [ 25.325092] This frame has 4 objects: [ 25.325843] [48, 49) '__assertion' [ 25.326101] [64, 72) 'array' [ 25.326344] [96, 112) '__assertion' [ 25.326558] [128, 138) 'stack_array' [ 25.326657] [ 25.326734] The buggy address belongs to the virtual mapping at [ 25.326734] [ffff8000809c0000, ffff8000809c9000) created by: [ 25.326734] kernel_clone+0x150/0x7a8 [ 25.326940] [ 25.327001] The buggy address belongs to the physical page: [ 25.327721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063be [ 25.328504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.328764] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.328946] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.329078] page dumped because: kasan: bad access detected [ 25.329158] [ 25.329215] Memory state around the buggy address: [ 25.329328] ffff8000809c7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.329516] ffff8000809c7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 25.330100] >ffff8000809c7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 25.330354] ^ [ 25.330463] ffff8000809c7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 25.330961] ffff8000809c7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 25.331136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 25.274251] ================================================================== [ 25.274520] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 25.274660] Read of size 1 at addr ffffa69f515f14ed by task kunit_try_catch/249 [ 25.274743] [ 25.274814] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.275026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.275082] Hardware name: linux,dummy-virt (DT) [ 25.275123] Call trace: [ 25.275156] show_stack+0x20/0x38 (C) [ 25.275256] dump_stack_lvl+0x8c/0xd0 [ 25.275321] print_report+0x310/0x608 [ 25.275375] kasan_report+0xdc/0x128 [ 25.275445] __asan_report_load1_noabort+0x20/0x30 [ 25.275571] kasan_global_oob_right+0x230/0x270 [ 25.275636] kunit_try_run_case+0x170/0x3f0 [ 25.275696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.275759] kthread+0x328/0x630 [ 25.275813] ret_from_fork+0x10/0x20 [ 25.275927] [ 25.275990] The buggy address belongs to the variable: [ 25.276077] global_array+0xd/0x40 [ 25.276159] [ 25.276340] The buggy address belongs to the virtual mapping at [ 25.276340] [ffffa69f4f810000, ffffa69f516a1000) created by: [ 25.276340] paging_init+0x66c/0x7d0 [ 25.276457] [ 25.276543] The buggy address belongs to the physical page: [ 25.276587] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47bf1 [ 25.276653] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 25.276748] raw: 03fffe0000002000 ffffc1ffc01efc48 ffffc1ffc01efc48 0000000000000000 [ 25.276807] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.276855] page dumped because: kasan: bad access detected [ 25.276917] [ 25.276938] Memory state around the buggy address: [ 25.276994] ffffa69f515f1380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.277046] ffffa69f515f1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.277095] >ffffa69f515f1480: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 25.277137] ^ [ 25.277186] ffffa69f515f1500: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 25.277235] ffffa69f515f1580: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 25.277279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 25.233205] ================================================================== [ 25.233395] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 25.233587] Free of addr fff00000c76c5e01 by task kunit_try_catch/245 [ 25.233673] [ 25.233726] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.233868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.233919] Hardware name: linux,dummy-virt (DT) [ 25.233983] Call trace: [ 25.234013] show_stack+0x20/0x38 (C) [ 25.234109] dump_stack_lvl+0x8c/0xd0 [ 25.234215] print_report+0x118/0x608 [ 25.234343] kasan_report_invalid_free+0xc0/0xe8 [ 25.234430] check_slab_allocation+0xfc/0x108 [ 25.234536] __kasan_mempool_poison_object+0x78/0x150 [ 25.234643] mempool_free+0x28c/0x328 [ 25.234751] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 25.234864] mempool_kmalloc_invalid_free+0xc0/0x118 [ 25.234929] kunit_try_run_case+0x170/0x3f0 [ 25.235039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.235099] kthread+0x328/0x630 [ 25.235154] ret_from_fork+0x10/0x20 [ 25.235209] [ 25.235230] Allocated by task 245: [ 25.235264] kasan_save_stack+0x3c/0x68 [ 25.235317] kasan_save_track+0x20/0x40 [ 25.235362] kasan_save_alloc_info+0x40/0x58 [ 25.235422] __kasan_mempool_unpoison_object+0x11c/0x180 [ 25.235476] remove_element+0x130/0x1f8 [ 25.235519] mempool_alloc_preallocated+0x58/0xc0 [ 25.235635] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 25.235832] mempool_kmalloc_invalid_free+0xc0/0x118 [ 25.235902] kunit_try_run_case+0x170/0x3f0 [ 25.235949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.236002] kthread+0x328/0x630 [ 25.236042] ret_from_fork+0x10/0x20 [ 25.236084] [ 25.236108] The buggy address belongs to the object at fff00000c76c5e00 [ 25.236108] which belongs to the cache kmalloc-128 of size 128 [ 25.236178] The buggy address is located 1 bytes inside of [ 25.236178] 128-byte region [fff00000c76c5e00, fff00000c76c5e80) [ 25.236278] [ 25.236305] The buggy address belongs to the physical page: [ 25.236358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 25.236435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.236499] page_type: f5(slab) [ 25.236584] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.236779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.236853] page dumped because: kasan: bad access detected [ 25.236891] [ 25.236913] Memory state around the buggy address: [ 25.236958] fff00000c76c5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.237008] fff00000c76c5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.237087] >fff00000c76c5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.237181] ^ [ 25.237220] fff00000c76c5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.237501] fff00000c76c5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.237554] ================================================================== [ 25.252390] ================================================================== [ 25.252517] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 25.252626] Free of addr fff00000c7850001 by task kunit_try_catch/247 [ 25.252679] [ 25.252738] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.252845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.252878] Hardware name: linux,dummy-virt (DT) [ 25.252917] Call trace: [ 25.252952] show_stack+0x20/0x38 (C) [ 25.253022] dump_stack_lvl+0x8c/0xd0 [ 25.253081] print_report+0x118/0x608 [ 25.253135] kasan_report_invalid_free+0xc0/0xe8 [ 25.253195] __kasan_mempool_poison_object+0xfc/0x150 [ 25.253256] mempool_free+0x28c/0x328 [ 25.253314] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 25.253378] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 25.253983] kunit_try_run_case+0x170/0x3f0 [ 25.254074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.254159] kthread+0x328/0x630 [ 25.254217] ret_from_fork+0x10/0x20 [ 25.254373] [ 25.254430] The buggy address belongs to the physical page: [ 25.254475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 25.254912] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.254998] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.255085] page_type: f8(unknown) [ 25.255364] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.255569] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.255726] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.255995] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.256065] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 25.256234] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.256340] page dumped because: kasan: bad access detected [ 25.256436] [ 25.256516] Memory state around the buggy address: [ 25.256566] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.256620] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.256671] >fff00000c7850000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.256716] ^ [ 25.256757] fff00000c7850080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.256806] fff00000c7850100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.256852] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 25.205263] ================================================================== [ 25.205392] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 25.205579] Free of addr fff00000c7850000 by task kunit_try_catch/243 [ 25.205650] [ 25.205965] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.206105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.206141] Hardware name: linux,dummy-virt (DT) [ 25.206183] Call trace: [ 25.206219] show_stack+0x20/0x38 (C) [ 25.206297] dump_stack_lvl+0x8c/0xd0 [ 25.206365] print_report+0x118/0x608 [ 25.206442] kasan_report_invalid_free+0xc0/0xe8 [ 25.206778] __kasan_mempool_poison_pages+0xe0/0xe8 [ 25.206874] mempool_free+0x24c/0x328 [ 25.207085] mempool_double_free_helper+0x150/0x2e8 [ 25.207328] mempool_page_alloc_double_free+0xbc/0x118 [ 25.207464] kunit_try_run_case+0x170/0x3f0 [ 25.207595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.207721] kthread+0x328/0x630 [ 25.207856] ret_from_fork+0x10/0x20 [ 25.207995] [ 25.208044] The buggy address belongs to the physical page: [ 25.208118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 25.208192] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.208579] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.208744] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.208811] page dumped because: kasan: bad access detected [ 25.208941] [ 25.208969] Memory state around the buggy address: [ 25.209025] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.209084] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.209135] >fff00000c7850000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.209479] ^ [ 25.209594] fff00000c7850080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.209665] fff00000c7850100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.209714] ================================================================== [ 25.188469] ================================================================== [ 25.188584] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 25.188698] Free of addr fff00000c7850000 by task kunit_try_catch/241 [ 25.188756] [ 25.188828] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.189002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.189037] Hardware name: linux,dummy-virt (DT) [ 25.189104] Call trace: [ 25.189163] show_stack+0x20/0x38 (C) [ 25.189284] dump_stack_lvl+0x8c/0xd0 [ 25.189410] print_report+0x118/0x608 [ 25.189476] kasan_report_invalid_free+0xc0/0xe8 [ 25.189535] __kasan_mempool_poison_object+0x14c/0x150 [ 25.189596] mempool_free+0x28c/0x328 [ 25.189654] mempool_double_free_helper+0x150/0x2e8 [ 25.189770] mempool_kmalloc_large_double_free+0xc0/0x118 [ 25.189856] kunit_try_run_case+0x170/0x3f0 [ 25.189949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.190023] kthread+0x328/0x630 [ 25.190078] ret_from_fork+0x10/0x20 [ 25.190138] [ 25.190185] The buggy address belongs to the physical page: [ 25.190237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 25.190330] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.190449] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.190550] page_type: f8(unknown) [ 25.190621] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.190698] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.190762] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.190819] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.190879] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 25.190936] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.190983] page dumped because: kasan: bad access detected [ 25.191021] [ 25.191044] Memory state around the buggy address: [ 25.191086] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.191244] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.191345] >fff00000c7850000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.191442] ^ [ 25.191489] fff00000c7850080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.191541] fff00000c7850100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.191937] ================================================================== [ 25.168855] ================================================================== [ 25.169026] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 25.169184] Free of addr fff00000c76c5a00 by task kunit_try_catch/239 [ 25.169269] [ 25.169373] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.169508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.169541] Hardware name: linux,dummy-virt (DT) [ 25.169581] Call trace: [ 25.169612] show_stack+0x20/0x38 (C) [ 25.169676] dump_stack_lvl+0x8c/0xd0 [ 25.169734] print_report+0x118/0x608 [ 25.169787] kasan_report_invalid_free+0xc0/0xe8 [ 25.169846] check_slab_allocation+0xd4/0x108 [ 25.169901] __kasan_mempool_poison_object+0x78/0x150 [ 25.169960] mempool_free+0x28c/0x328 [ 25.170017] mempool_double_free_helper+0x150/0x2e8 [ 25.170077] mempool_kmalloc_double_free+0xc0/0x118 [ 25.170139] kunit_try_run_case+0x170/0x3f0 [ 25.170199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.170261] kthread+0x328/0x630 [ 25.170329] ret_from_fork+0x10/0x20 [ 25.170392] [ 25.170429] Allocated by task 239: [ 25.170469] kasan_save_stack+0x3c/0x68 [ 25.170524] kasan_save_track+0x20/0x40 [ 25.170570] kasan_save_alloc_info+0x40/0x58 [ 25.170617] __kasan_mempool_unpoison_object+0x11c/0x180 [ 25.170667] remove_element+0x130/0x1f8 [ 25.170711] mempool_alloc_preallocated+0x58/0xc0 [ 25.170761] mempool_double_free_helper+0x94/0x2e8 [ 25.170809] mempool_kmalloc_double_free+0xc0/0x118 [ 25.170859] kunit_try_run_case+0x170/0x3f0 [ 25.170904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.170957] kthread+0x328/0x630 [ 25.170996] ret_from_fork+0x10/0x20 [ 25.171040] [ 25.171061] Freed by task 239: [ 25.171092] kasan_save_stack+0x3c/0x68 [ 25.171137] kasan_save_track+0x20/0x40 [ 25.171178] kasan_save_free_info+0x4c/0x78 [ 25.171224] __kasan_mempool_poison_object+0xc0/0x150 [ 25.171872] mempool_free+0x28c/0x328 [ 25.172238] mempool_double_free_helper+0x100/0x2e8 [ 25.172367] mempool_kmalloc_double_free+0xc0/0x118 [ 25.172439] kunit_try_run_case+0x170/0x3f0 [ 25.172490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.172545] kthread+0x328/0x630 [ 25.172591] ret_from_fork+0x10/0x20 [ 25.172787] [ 25.172817] The buggy address belongs to the object at fff00000c76c5a00 [ 25.172817] which belongs to the cache kmalloc-128 of size 128 [ 25.172898] The buggy address is located 0 bytes inside of [ 25.172898] 128-byte region [fff00000c76c5a00, fff00000c76c5a80) [ 25.173043] [ 25.173077] The buggy address belongs to the physical page: [ 25.173121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 25.173194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.173313] page_type: f5(slab) [ 25.173375] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.173612] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.173823] page dumped because: kasan: bad access detected [ 25.174236] [ 25.174373] Memory state around the buggy address: [ 25.174498] fff00000c76c5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.174620] fff00000c76c5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.174677] >fff00000c76c5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.174728] ^ [ 25.174793] fff00000c76c5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.174850] fff00000c76c5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.174898] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 25.144459] ================================================================== [ 25.145042] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 25.145241] Read of size 1 at addr fff00000c784c000 by task kunit_try_catch/237 [ 25.145358] [ 25.145457] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.145688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.145726] Hardware name: linux,dummy-virt (DT) [ 25.145777] Call trace: [ 25.145831] show_stack+0x20/0x38 (C) [ 25.145936] dump_stack_lvl+0x8c/0xd0 [ 25.146021] print_report+0x118/0x608 [ 25.146079] kasan_report+0xdc/0x128 [ 25.146133] __asan_report_load1_noabort+0x20/0x30 [ 25.146193] mempool_uaf_helper+0x314/0x340 [ 25.146250] mempool_page_alloc_uaf+0xc0/0x118 [ 25.146733] kunit_try_run_case+0x170/0x3f0 [ 25.147145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.147551] kthread+0x328/0x630 [ 25.148209] ret_from_fork+0x10/0x20 [ 25.148766] [ 25.148964] The buggy address belongs to the physical page: [ 25.149481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 25.149678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.149791] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.149854] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.149907] page dumped because: kasan: bad access detected [ 25.149952] [ 25.149975] Memory state around the buggy address: [ 25.150044] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150120] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150175] >fff00000c784c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150221] ^ [ 25.150262] fff00000c784c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150339] fff00000c784c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150386] ================================================================== [ 25.071764] ================================================================== [ 25.072133] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 25.072256] Read of size 1 at addr fff00000c7848000 by task kunit_try_catch/233 [ 25.072499] [ 25.072584] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.072941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.072993] Hardware name: linux,dummy-virt (DT) [ 25.073038] Call trace: [ 25.073136] show_stack+0x20/0x38 (C) [ 25.073213] dump_stack_lvl+0x8c/0xd0 [ 25.073411] print_report+0x118/0x608 [ 25.073551] kasan_report+0xdc/0x128 [ 25.073616] __asan_report_load1_noabort+0x20/0x30 [ 25.073676] mempool_uaf_helper+0x314/0x340 [ 25.073732] mempool_kmalloc_large_uaf+0xc4/0x120 [ 25.073793] kunit_try_run_case+0x170/0x3f0 [ 25.073851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.074030] kthread+0x328/0x630 [ 25.074107] ret_from_fork+0x10/0x20 [ 25.074316] [ 25.074448] The buggy address belongs to the physical page: [ 25.074574] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 25.074655] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.074719] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.074799] page_type: f8(unknown) [ 25.074856] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.074914] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.074973] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.075030] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.075087] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff [ 25.075144] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.075193] page dumped because: kasan: bad access detected [ 25.075230] [ 25.075252] Memory state around the buggy address: [ 25.075296] fff00000c7847f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.075349] fff00000c7847f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.075395] >fff00000c7848000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.075461] ^ [ 25.075502] fff00000c7848080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.075552] fff00000c7848100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.075596] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 25.085728] ================================================================== [ 25.085824] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 25.085917] Read of size 1 at addr fff00000c7714240 by task kunit_try_catch/235 [ 25.085976] [ 25.086024] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.086125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.086154] Hardware name: linux,dummy-virt (DT) [ 25.086193] Call trace: [ 25.086223] show_stack+0x20/0x38 (C) [ 25.086283] dump_stack_lvl+0x8c/0xd0 [ 25.086368] print_report+0x118/0x608 [ 25.086565] kasan_report+0xdc/0x128 [ 25.086625] __asan_report_load1_noabort+0x20/0x30 [ 25.086685] mempool_uaf_helper+0x314/0x340 [ 25.086742] mempool_slab_uaf+0xc0/0x118 [ 25.086795] kunit_try_run_case+0x170/0x3f0 [ 25.086854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.086917] kthread+0x328/0x630 [ 25.086969] ret_from_fork+0x10/0x20 [ 25.087029] [ 25.087052] Allocated by task 235: [ 25.087091] kasan_save_stack+0x3c/0x68 [ 25.087147] kasan_save_track+0x20/0x40 [ 25.087190] kasan_save_alloc_info+0x40/0x58 [ 25.087236] __kasan_mempool_unpoison_object+0xbc/0x180 [ 25.087385] remove_element+0x16c/0x1f8 [ 25.087456] mempool_alloc_preallocated+0x58/0xc0 [ 25.087507] mempool_uaf_helper+0xa4/0x340 [ 25.087554] mempool_slab_uaf+0xc0/0x118 [ 25.087595] kunit_try_run_case+0x170/0x3f0 [ 25.087645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.087698] kthread+0x328/0x630 [ 25.087740] ret_from_fork+0x10/0x20 [ 25.087784] [ 25.087809] Freed by task 235: [ 25.087842] kasan_save_stack+0x3c/0x68 [ 25.087886] kasan_save_track+0x20/0x40 [ 25.087930] kasan_save_free_info+0x4c/0x78 [ 25.087975] __kasan_mempool_poison_object+0xc0/0x150 [ 25.088025] mempool_free+0x28c/0x328 [ 25.088070] mempool_uaf_helper+0x104/0x340 [ 25.088308] mempool_slab_uaf+0xc0/0x118 [ 25.088370] kunit_try_run_case+0x170/0x3f0 [ 25.088437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.088503] kthread+0x328/0x630 [ 25.088596] ret_from_fork+0x10/0x20 [ 25.088642] [ 25.088669] The buggy address belongs to the object at fff00000c7714240 [ 25.088669] which belongs to the cache test_cache of size 123 [ 25.088742] The buggy address is located 0 bytes inside of [ 25.088742] freed 123-byte region [fff00000c7714240, fff00000c77142bb) [ 25.088816] [ 25.088843] The buggy address belongs to the physical page: [ 25.088885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107714 [ 25.088952] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.089807] page_type: f5(slab) [ 25.089906] raw: 0bfffe0000000000 fff00000c56b58c0 dead000000000122 0000000000000000 [ 25.090023] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.090074] page dumped because: kasan: bad access detected [ 25.090119] [ 25.090153] Memory state around the buggy address: [ 25.090199] fff00000c7714100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.090252] fff00000c7714180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.090324] >fff00000c7714200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.090490] ^ [ 25.090584] fff00000c7714280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.090821] fff00000c7714300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.091070] ================================================================== [ 25.052471] ================================================================== [ 25.052596] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 25.052713] Read of size 1 at addr fff00000c76c5600 by task kunit_try_catch/231 [ 25.052777] [ 25.052834] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.052940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.052974] Hardware name: linux,dummy-virt (DT) [ 25.053015] Call trace: [ 25.053046] show_stack+0x20/0x38 (C) [ 25.053109] dump_stack_lvl+0x8c/0xd0 [ 25.053173] print_report+0x118/0x608 [ 25.053225] kasan_report+0xdc/0x128 [ 25.053276] __asan_report_load1_noabort+0x20/0x30 [ 25.053352] mempool_uaf_helper+0x314/0x340 [ 25.053429] mempool_kmalloc_uaf+0xc4/0x120 [ 25.053489] kunit_try_run_case+0x170/0x3f0 [ 25.053550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.053615] kthread+0x328/0x630 [ 25.053668] ret_from_fork+0x10/0x20 [ 25.053727] [ 25.053751] Allocated by task 231: [ 25.053846] kasan_save_stack+0x3c/0x68 [ 25.053950] kasan_save_track+0x20/0x40 [ 25.054046] kasan_save_alloc_info+0x40/0x58 [ 25.054098] __kasan_mempool_unpoison_object+0x11c/0x180 [ 25.054150] remove_element+0x130/0x1f8 [ 25.054201] mempool_alloc_preallocated+0x58/0xc0 [ 25.054251] mempool_uaf_helper+0xa4/0x340 [ 25.054353] mempool_kmalloc_uaf+0xc4/0x120 [ 25.054437] kunit_try_run_case+0x170/0x3f0 [ 25.054496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.054552] kthread+0x328/0x630 [ 25.054594] ret_from_fork+0x10/0x20 [ 25.054639] [ 25.054662] Freed by task 231: [ 25.054698] kasan_save_stack+0x3c/0x68 [ 25.054743] kasan_save_track+0x20/0x40 [ 25.054834] kasan_save_free_info+0x4c/0x78 [ 25.054923] __kasan_mempool_poison_object+0xc0/0x150 [ 25.054996] mempool_free+0x28c/0x328 [ 25.055044] mempool_uaf_helper+0x104/0x340 [ 25.055095] mempool_kmalloc_uaf+0xc4/0x120 [ 25.055143] kunit_try_run_case+0x170/0x3f0 [ 25.055192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.055328] kthread+0x328/0x630 [ 25.055379] ret_from_fork+0x10/0x20 [ 25.055539] [ 25.055567] The buggy address belongs to the object at fff00000c76c5600 [ 25.055567] which belongs to the cache kmalloc-128 of size 128 [ 25.055640] The buggy address is located 0 bytes inside of [ 25.055640] freed 128-byte region [fff00000c76c5600, fff00000c76c5680) [ 25.055711] [ 25.055742] The buggy address belongs to the physical page: [ 25.055833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 25.055905] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.055972] page_type: f5(slab) [ 25.056024] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.056256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.056379] page dumped because: kasan: bad access detected [ 25.056479] [ 25.056503] Memory state around the buggy address: [ 25.056547] fff00000c76c5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.056674] fff00000c76c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.056727] >fff00000c76c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.056772] ^ [ 25.056816] fff00000c76c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.056934] fff00000c76c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.056983] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 25.007551] ================================================================== [ 25.007653] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 25.007753] Read of size 1 at addr fff00000c770e2bb by task kunit_try_catch/229 [ 25.008712] [ 25.008793] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 25.009251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.009296] Hardware name: linux,dummy-virt (DT) [ 25.009338] Call trace: [ 25.009373] show_stack+0x20/0x38 (C) [ 25.009465] dump_stack_lvl+0x8c/0xd0 [ 25.009526] print_report+0x118/0x608 [ 25.009579] kasan_report+0xdc/0x128 [ 25.009629] __asan_report_load1_noabort+0x20/0x30 [ 25.009689] mempool_oob_right_helper+0x2ac/0x2f0 [ 25.009748] mempool_slab_oob_right+0xc0/0x118 [ 25.009803] kunit_try_run_case+0x170/0x3f0 [ 25.009874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.009994] kthread+0x328/0x630 [ 25.010094] ret_from_fork+0x10/0x20 [ 25.010213] [ 25.010237] Allocated by task 229: [ 25.010275] kasan_save_stack+0x3c/0x68 [ 25.010341] kasan_save_track+0x20/0x40 [ 25.010434] kasan_save_alloc_info+0x40/0x58 [ 25.010486] __kasan_mempool_unpoison_object+0xbc/0x180 [ 25.010539] remove_element+0x16c/0x1f8 [ 25.010592] mempool_alloc_preallocated+0x58/0xc0 [ 25.011020] mempool_oob_right_helper+0x98/0x2f0 [ 25.011127] mempool_slab_oob_right+0xc0/0x118 [ 25.011218] kunit_try_run_case+0x170/0x3f0 [ 25.011290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.011368] kthread+0x328/0x630 [ 25.011424] ret_from_fork+0x10/0x20 [ 25.011474] [ 25.011501] The buggy address belongs to the object at fff00000c770e240 [ 25.011501] which belongs to the cache test_cache of size 123 [ 25.011608] The buggy address is located 0 bytes to the right of [ 25.011608] allocated 123-byte region [fff00000c770e240, fff00000c770e2bb) [ 25.011689] [ 25.011877] The buggy address belongs to the physical page: [ 25.011965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770e [ 25.012052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.012125] page_type: f5(slab) [ 25.012184] raw: 0bfffe0000000000 fff00000c56b5780 dead000000000122 0000000000000000 [ 25.012536] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 25.012608] page dumped because: kasan: bad access detected [ 25.012664] [ 25.012723] Memory state around the buggy address: [ 25.012807] fff00000c770e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.012879] fff00000c770e200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 25.012928] >fff00000c770e280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 25.012972] ^ [ 25.013015] fff00000c770e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.013065] fff00000c770e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.013182] ================================================================== [ 24.992233] ================================================================== [ 24.992355] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.992484] Read of size 1 at addr fff00000c784a001 by task kunit_try_catch/227 [ 24.992548] [ 24.992604] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 24.992715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.992745] Hardware name: linux,dummy-virt (DT) [ 24.992790] Call trace: [ 24.992822] show_stack+0x20/0x38 (C) [ 24.992884] dump_stack_lvl+0x8c/0xd0 [ 24.992945] print_report+0x118/0x608 [ 24.992996] kasan_report+0xdc/0x128 [ 24.993048] __asan_report_load1_noabort+0x20/0x30 [ 24.993108] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.993178] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 24.993301] kunit_try_run_case+0x170/0x3f0 [ 24.993365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.993442] kthread+0x328/0x630 [ 24.993500] ret_from_fork+0x10/0x20 [ 24.993627] [ 24.993801] The buggy address belongs to the physical page: [ 24.993993] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 24.994081] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.994140] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.994787] page_type: f8(unknown) [ 24.994918] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.994984] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.995045] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.995102] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.995160] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff [ 24.995216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.995261] page dumped because: kasan: bad access detected [ 24.995301] [ 24.995322] Memory state around the buggy address: [ 24.995369] fff00000c7849f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.995441] fff00000c7849f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.995583] >fff00000c784a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.995645] ^ [ 24.995687] fff00000c784a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.995754] fff00000c784a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.995797] ================================================================== [ 24.959523] ================================================================== [ 24.959664] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.959782] Read of size 1 at addr fff00000c6a86a73 by task kunit_try_catch/225 [ 24.959846] [ 24.959906] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 24.960016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.960049] Hardware name: linux,dummy-virt (DT) [ 24.960094] Call trace: [ 24.960127] show_stack+0x20/0x38 (C) [ 24.960191] dump_stack_lvl+0x8c/0xd0 [ 24.960256] print_report+0x118/0x608 [ 24.960309] kasan_report+0xdc/0x128 [ 24.960361] __asan_report_load1_noabort+0x20/0x30 [ 24.960435] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.960500] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.960559] kunit_try_run_case+0x170/0x3f0 [ 24.960622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.960686] kthread+0x328/0x630 [ 24.960743] ret_from_fork+0x10/0x20 [ 24.960800] [ 24.960823] Allocated by task 225: [ 24.960861] kasan_save_stack+0x3c/0x68 [ 24.960914] kasan_save_track+0x20/0x40 [ 24.960960] kasan_save_alloc_info+0x40/0x58 [ 24.961007] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.961059] remove_element+0x130/0x1f8 [ 24.961106] mempool_alloc_preallocated+0x58/0xc0 [ 24.961158] mempool_oob_right_helper+0x98/0x2f0 [ 24.961209] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.961273] kunit_try_run_case+0x170/0x3f0 [ 24.961327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.961380] kthread+0x328/0x630 [ 24.961436] ret_from_fork+0x10/0x20 [ 24.961484] [ 24.961512] The buggy address belongs to the object at fff00000c6a86a00 [ 24.961512] which belongs to the cache kmalloc-128 of size 128 [ 24.961582] The buggy address is located 0 bytes to the right of [ 24.961582] allocated 115-byte region [fff00000c6a86a00, fff00000c6a86a73) [ 24.961658] [ 24.961687] The buggy address belongs to the physical page: [ 24.961730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a86 [ 24.961797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.961863] page_type: f5(slab) [ 24.961916] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.961979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.962028] page dumped because: kasan: bad access detected [ 24.962064] [ 24.962087] Memory state around the buggy address: [ 24.962128] fff00000c6a86900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.962180] fff00000c6a86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.962233] >fff00000c6a86a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.962277] ^ [ 24.962338] fff00000c6a86a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.962417] fff00000c6a86b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.962495] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 24.189296] ================================================================== [ 24.189443] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 24.189553] Read of size 1 at addr fff00000c7774000 by task kunit_try_catch/217 [ 24.189616] [ 24.189672] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 24.189778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.189810] Hardware name: linux,dummy-virt (DT) [ 24.189849] Call trace: [ 24.189883] show_stack+0x20/0x38 (C) [ 24.189948] dump_stack_lvl+0x8c/0xd0 [ 24.190011] print_report+0x118/0x608 [ 24.190063] kasan_report+0xdc/0x128 [ 24.190113] __asan_report_load1_noabort+0x20/0x30 [ 24.190171] kmem_cache_rcu_uaf+0x388/0x468 [ 24.190227] kunit_try_run_case+0x170/0x3f0 [ 24.190286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.190382] kthread+0x328/0x630 [ 24.191651] ret_from_fork+0x10/0x20 [ 24.191885] [ 24.191936] Allocated by task 217: [ 24.192035] kasan_save_stack+0x3c/0x68 [ 24.192159] kasan_save_track+0x20/0x40 [ 24.192315] kasan_save_alloc_info+0x40/0x58 [ 24.192424] __kasan_slab_alloc+0xa8/0xb0 [ 24.192759] kmem_cache_alloc_noprof+0x10c/0x398 [ 24.192939] kmem_cache_rcu_uaf+0x12c/0x468 [ 24.193036] kunit_try_run_case+0x170/0x3f0 [ 24.193462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.193587] kthread+0x328/0x630 [ 24.193687] ret_from_fork+0x10/0x20 [ 24.193879] [ 24.193958] Freed by task 0: [ 24.194344] kasan_save_stack+0x3c/0x68 [ 24.194470] kasan_save_track+0x20/0x40 [ 24.194685] kasan_save_free_info+0x4c/0x78 [ 24.195012] __kasan_slab_free+0x6c/0x98 [ 24.195115] slab_free_after_rcu_debug+0xd4/0x2f8 [ 24.195196] rcu_core+0x9f4/0x1e20 [ 24.195271] rcu_core_si+0x18/0x30 [ 24.195340] handle_softirqs+0x374/0xb28 [ 24.195436] __do_softirq+0x1c/0x28 [ 24.195520] [ 24.195564] Last potentially related work creation: [ 24.195618] kasan_save_stack+0x3c/0x68 [ 24.195700] kasan_record_aux_stack+0xb4/0xc8 [ 24.195778] kmem_cache_free+0x120/0x468 [ 24.195856] kmem_cache_rcu_uaf+0x16c/0x468 [ 24.195943] kunit_try_run_case+0x170/0x3f0 [ 24.196035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.196134] kthread+0x328/0x630 [ 24.196210] ret_from_fork+0x10/0x20 [ 24.196290] [ 24.196336] The buggy address belongs to the object at fff00000c7774000 [ 24.196336] which belongs to the cache test_cache of size 200 [ 24.196536] The buggy address is located 0 bytes inside of [ 24.196536] freed 200-byte region [fff00000c7774000, fff00000c77740c8) [ 24.196777] [ 24.196829] The buggy address belongs to the physical page: [ 24.196908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107774 [ 24.197043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.197161] page_type: f5(slab) [ 24.197259] raw: 0bfffe0000000000 fff00000c56b5500 dead000000000122 0000000000000000 [ 24.197359] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 24.197491] page dumped because: kasan: bad access detected [ 24.197573] [ 24.197616] Memory state around the buggy address: [ 24.197741] fff00000c7773f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.197885] fff00000c7773f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.198042] >fff00000c7774000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.198142] ^ [ 24.198691] fff00000c7774080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 24.198945] fff00000c7774100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.199071] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 23.656564] ================================================================== [ 23.656768] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 23.657383] Free of addr fff00000c7773001 by task kunit_try_catch/215 [ 23.657582] [ 23.657683] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.658062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.658285] Hardware name: linux,dummy-virt (DT) [ 23.658452] Call trace: [ 23.658556] show_stack+0x20/0x38 (C) [ 23.658727] dump_stack_lvl+0x8c/0xd0 [ 23.658859] print_report+0x118/0x608 [ 23.658960] kasan_report_invalid_free+0xc0/0xe8 [ 23.659055] check_slab_allocation+0xfc/0x108 [ 23.659167] __kasan_slab_pre_free+0x2c/0x48 [ 23.659288] kmem_cache_free+0xf0/0x468 [ 23.659423] kmem_cache_invalid_free+0x184/0x3c8 [ 23.659565] kunit_try_run_case+0x170/0x3f0 [ 23.659715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.659853] kthread+0x328/0x630 [ 23.660336] ret_from_fork+0x10/0x20 [ 23.660760] [ 23.660812] Allocated by task 215: [ 23.661000] kasan_save_stack+0x3c/0x68 [ 23.661466] kasan_save_track+0x20/0x40 [ 23.661867] kasan_save_alloc_info+0x40/0x58 [ 23.662030] __kasan_slab_alloc+0xa8/0xb0 [ 23.662122] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.662260] kmem_cache_invalid_free+0x12c/0x3c8 [ 23.662445] kunit_try_run_case+0x170/0x3f0 [ 23.662548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.662923] kthread+0x328/0x630 [ 23.663105] ret_from_fork+0x10/0x20 [ 23.663195] [ 23.663245] The buggy address belongs to the object at fff00000c7773000 [ 23.663245] which belongs to the cache test_cache of size 200 [ 23.663381] The buggy address is located 1 bytes inside of [ 23.663381] 200-byte region [fff00000c7773000, fff00000c77730c8) [ 23.663523] [ 23.663570] The buggy address belongs to the physical page: [ 23.663646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107773 [ 23.664113] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.664358] page_type: f5(slab) [ 23.664515] raw: 0bfffe0000000000 fff00000c56b53c0 dead000000000122 0000000000000000 [ 23.664638] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.665025] page dumped because: kasan: bad access detected [ 23.665169] [ 23.665217] Memory state around the buggy address: [ 23.665304] fff00000c7772f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.665436] fff00000c7772f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.665556] >fff00000c7773000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.665676] ^ [ 23.665750] fff00000c7773080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 23.666172] fff00000c7773100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.666330] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 23.576325] ================================================================== [ 23.576555] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 23.576758] Free of addr fff00000c7770000 by task kunit_try_catch/213 [ 23.576868] [ 23.576968] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.577388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.577501] Hardware name: linux,dummy-virt (DT) [ 23.577593] Call trace: [ 23.577662] show_stack+0x20/0x38 (C) [ 23.577807] dump_stack_lvl+0x8c/0xd0 [ 23.577983] print_report+0x118/0x608 [ 23.578108] kasan_report_invalid_free+0xc0/0xe8 [ 23.578231] check_slab_allocation+0xd4/0x108 [ 23.578651] __kasan_slab_pre_free+0x2c/0x48 [ 23.578829] kmem_cache_free+0xf0/0x468 [ 23.579005] kmem_cache_double_free+0x190/0x3c8 [ 23.579156] kunit_try_run_case+0x170/0x3f0 [ 23.579437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.579576] kthread+0x328/0x630 [ 23.579670] ret_from_fork+0x10/0x20 [ 23.580022] [ 23.580073] Allocated by task 213: [ 23.580161] kasan_save_stack+0x3c/0x68 [ 23.580273] kasan_save_track+0x20/0x40 [ 23.580366] kasan_save_alloc_info+0x40/0x58 [ 23.580477] __kasan_slab_alloc+0xa8/0xb0 [ 23.580569] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.580667] kmem_cache_double_free+0x12c/0x3c8 [ 23.581121] kunit_try_run_case+0x170/0x3f0 [ 23.581310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.581442] kthread+0x328/0x630 [ 23.581716] ret_from_fork+0x10/0x20 [ 23.582030] [ 23.582095] Freed by task 213: [ 23.582233] kasan_save_stack+0x3c/0x68 [ 23.582361] kasan_save_track+0x20/0x40 [ 23.582459] kasan_save_free_info+0x4c/0x78 [ 23.582559] __kasan_slab_free+0x6c/0x98 [ 23.582648] kmem_cache_free+0x260/0x468 [ 23.582777] kmem_cache_double_free+0x140/0x3c8 [ 23.583027] kunit_try_run_case+0x170/0x3f0 [ 23.583265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.583390] kthread+0x328/0x630 [ 23.583477] ret_from_fork+0x10/0x20 [ 23.583551] [ 23.583594] The buggy address belongs to the object at fff00000c7770000 [ 23.583594] which belongs to the cache test_cache of size 200 [ 23.583715] The buggy address is located 0 bytes inside of [ 23.583715] 200-byte region [fff00000c7770000, fff00000c77700c8) [ 23.583837] [ 23.583887] The buggy address belongs to the physical page: [ 23.584189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 23.584669] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.584860] page_type: f5(slab) [ 23.585174] raw: 0bfffe0000000000 fff00000c56b5280 dead000000000122 0000000000000000 [ 23.585392] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.585521] page dumped because: kasan: bad access detected [ 23.585620] [ 23.586382] Memory state around the buggy address: [ 23.586526] fff00000c776ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.587063] fff00000c776ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.587355] >fff00000c7770000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.587469] ^ [ 23.587671] fff00000c7770080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 23.587868] fff00000c7770100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.588528] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 23.355178] ================================================================== [ 23.355386] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 23.356587] Read of size 1 at addr fff00000c776e0c8 by task kunit_try_catch/211 [ 23.356705] [ 23.356795] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.357201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.357360] Hardware name: linux,dummy-virt (DT) [ 23.357472] Call trace: [ 23.357614] show_stack+0x20/0x38 (C) [ 23.357877] dump_stack_lvl+0x8c/0xd0 [ 23.358322] print_report+0x118/0x608 [ 23.358611] kasan_report+0xdc/0x128 [ 23.358756] __asan_report_load1_noabort+0x20/0x30 [ 23.358914] kmem_cache_oob+0x344/0x430 [ 23.359063] kunit_try_run_case+0x170/0x3f0 [ 23.359187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.359342] kthread+0x328/0x630 [ 23.359463] ret_from_fork+0x10/0x20 [ 23.359614] [ 23.359682] Allocated by task 211: [ 23.359786] kasan_save_stack+0x3c/0x68 [ 23.359911] kasan_save_track+0x20/0x40 [ 23.360007] kasan_save_alloc_info+0x40/0x58 [ 23.360101] __kasan_slab_alloc+0xa8/0xb0 [ 23.360208] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.360350] kmem_cache_oob+0x12c/0x430 [ 23.360502] kunit_try_run_case+0x170/0x3f0 [ 23.360638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.360758] kthread+0x328/0x630 [ 23.360878] ret_from_fork+0x10/0x20 [ 23.361007] [ 23.361060] The buggy address belongs to the object at fff00000c776e000 [ 23.361060] which belongs to the cache test_cache of size 200 [ 23.361262] The buggy address is located 0 bytes to the right of [ 23.361262] allocated 200-byte region [fff00000c776e000, fff00000c776e0c8) [ 23.361654] [ 23.361730] The buggy address belongs to the physical page: [ 23.361815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776e [ 23.362120] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.362561] page_type: f5(slab) [ 23.362789] raw: 0bfffe0000000000 fff00000c56b5140 dead000000000122 0000000000000000 [ 23.362956] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.363049] page dumped because: kasan: bad access detected [ 23.363110] [ 23.363143] Memory state around the buggy address: [ 23.363239] fff00000c776df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.363340] fff00000c776e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.363467] >fff00000c776e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 23.363570] ^ [ 23.363656] fff00000c776e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.363769] fff00000c776e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.363907] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 23.259259] ================================================================== [ 23.259382] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 23.259566] Read of size 8 at addr fff00000c7765ac0 by task kunit_try_catch/204 [ 23.259701] [ 23.259799] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.260027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.260097] Hardware name: linux,dummy-virt (DT) [ 23.260445] Call trace: [ 23.260540] show_stack+0x20/0x38 (C) [ 23.260667] dump_stack_lvl+0x8c/0xd0 [ 23.260775] print_report+0x118/0x608 [ 23.260875] kasan_report+0xdc/0x128 [ 23.260984] __asan_report_load8_noabort+0x20/0x30 [ 23.261108] workqueue_uaf+0x480/0x4a8 [ 23.261221] kunit_try_run_case+0x170/0x3f0 [ 23.261345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.261474] kthread+0x328/0x630 [ 23.261560] ret_from_fork+0x10/0x20 [ 23.261870] [ 23.261930] Allocated by task 204: [ 23.262003] kasan_save_stack+0x3c/0x68 [ 23.262102] kasan_save_track+0x20/0x40 [ 23.262185] kasan_save_alloc_info+0x40/0x58 [ 23.262558] __kasan_kmalloc+0xd4/0xd8 [ 23.262846] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.262994] workqueue_uaf+0x13c/0x4a8 [ 23.263090] kunit_try_run_case+0x170/0x3f0 [ 23.263503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.263636] kthread+0x328/0x630 [ 23.263750] ret_from_fork+0x10/0x20 [ 23.263888] [ 23.263933] Freed by task 32: [ 23.264014] kasan_save_stack+0x3c/0x68 [ 23.264157] kasan_save_track+0x20/0x40 [ 23.264246] kasan_save_free_info+0x4c/0x78 [ 23.264382] __kasan_slab_free+0x6c/0x98 [ 23.264496] kfree+0x214/0x3c8 [ 23.264612] workqueue_uaf_work+0x18/0x30 [ 23.264723] process_one_work+0x530/0xf98 [ 23.264814] worker_thread+0x618/0xf38 [ 23.264895] kthread+0x328/0x630 [ 23.264987] ret_from_fork+0x10/0x20 [ 23.265115] [ 23.265245] Last potentially related work creation: [ 23.265315] kasan_save_stack+0x3c/0x68 [ 23.265416] kasan_record_aux_stack+0xb4/0xc8 [ 23.265507] __queue_work+0x65c/0x1008 [ 23.265594] queue_work_on+0xbc/0xf8 [ 23.265721] workqueue_uaf+0x210/0x4a8 [ 23.265816] kunit_try_run_case+0x170/0x3f0 [ 23.265956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.266054] kthread+0x328/0x630 [ 23.266163] ret_from_fork+0x10/0x20 [ 23.266273] [ 23.266344] The buggy address belongs to the object at fff00000c7765ac0 [ 23.266344] which belongs to the cache kmalloc-32 of size 32 [ 23.266636] The buggy address is located 0 bytes inside of [ 23.266636] freed 32-byte region [fff00000c7765ac0, fff00000c7765ae0) [ 23.266812] [ 23.266872] The buggy address belongs to the physical page: [ 23.266955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107765 [ 23.267094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.267215] page_type: f5(slab) [ 23.267305] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 23.267451] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.267549] page dumped because: kasan: bad access detected [ 23.267620] [ 23.267668] Memory state around the buggy address: [ 23.267764] fff00000c7765980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 23.267901] fff00000c7765a00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 23.268009] >fff00000c7765a80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 23.268100] ^ [ 23.268208] fff00000c7765b00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.268346] fff00000c7765b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.268468] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 23.183996] ================================================================== [ 23.184281] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 23.184457] Read of size 4 at addr fff00000c7765900 by task swapper/1/0 [ 23.184580] [ 23.184674] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.184891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.184960] Hardware name: linux,dummy-virt (DT) [ 23.185039] Call trace: [ 23.185098] show_stack+0x20/0x38 (C) [ 23.186731] dump_stack_lvl+0x8c/0xd0 [ 23.187385] print_report+0x118/0x608 [ 23.187538] kasan_report+0xdc/0x128 [ 23.187653] __asan_report_load4_noabort+0x20/0x30 [ 23.187780] rcu_uaf_reclaim+0x64/0x70 [ 23.187870] rcu_core+0x9f4/0x1e20 [ 23.187958] rcu_core_si+0x18/0x30 [ 23.188077] handle_softirqs+0x374/0xb28 [ 23.188191] __do_softirq+0x1c/0x28 [ 23.188286] ____do_softirq+0x18/0x30 [ 23.188389] call_on_irq_stack+0x24/0x58 [ 23.188582] do_softirq_own_stack+0x24/0x38 [ 23.188713] __irq_exit_rcu+0x1fc/0x318 [ 23.188827] irq_exit_rcu+0x1c/0x80 [ 23.188947] el1_interrupt+0x38/0x58 [ 23.189142] el1h_64_irq_handler+0x18/0x28 [ 23.189257] el1h_64_irq+0x6c/0x70 [ 23.189794] arch_local_irq_enable+0x4/0x8 (P) [ 23.190038] do_idle+0x384/0x4e8 [ 23.190238] cpu_startup_entry+0x64/0x80 [ 23.190373] secondary_start_kernel+0x288/0x340 [ 23.190876] __secondary_switched+0xc0/0xc8 [ 23.191248] [ 23.191300] Allocated by task 202: [ 23.191486] kasan_save_stack+0x3c/0x68 [ 23.191600] kasan_save_track+0x20/0x40 [ 23.191680] kasan_save_alloc_info+0x40/0x58 [ 23.191754] __kasan_kmalloc+0xd4/0xd8 [ 23.191822] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.191913] rcu_uaf+0xb0/0x2d8 [ 23.191987] kunit_try_run_case+0x170/0x3f0 [ 23.192389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.192852] kthread+0x328/0x630 [ 23.193058] ret_from_fork+0x10/0x20 [ 23.193561] [ 23.193709] Freed by task 0: [ 23.193809] kasan_save_stack+0x3c/0x68 [ 23.193923] kasan_save_track+0x20/0x40 [ 23.194088] kasan_save_free_info+0x4c/0x78 [ 23.194196] __kasan_slab_free+0x6c/0x98 [ 23.194520] kfree+0x214/0x3c8 [ 23.194626] rcu_uaf_reclaim+0x28/0x70 [ 23.194735] rcu_core+0x9f4/0x1e20 [ 23.195202] rcu_core_si+0x18/0x30 [ 23.195365] handle_softirqs+0x374/0xb28 [ 23.195464] __do_softirq+0x1c/0x28 [ 23.195547] [ 23.195648] Last potentially related work creation: [ 23.196069] kasan_save_stack+0x3c/0x68 [ 23.196271] kasan_record_aux_stack+0xb4/0xc8 [ 23.196458] __call_rcu_common.constprop.0+0x70/0x8b0 [ 23.196585] call_rcu+0x18/0x30 [ 23.196664] rcu_uaf+0x14c/0x2d8 [ 23.196753] kunit_try_run_case+0x170/0x3f0 [ 23.196854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.197483] kthread+0x328/0x630 [ 23.197750] ret_from_fork+0x10/0x20 [ 23.198044] [ 23.198150] The buggy address belongs to the object at fff00000c7765900 [ 23.198150] which belongs to the cache kmalloc-32 of size 32 [ 23.198487] The buggy address is located 0 bytes inside of [ 23.198487] freed 32-byte region [fff00000c7765900, fff00000c7765920) [ 23.199070] [ 23.199123] The buggy address belongs to the physical page: [ 23.199196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107765 [ 23.199468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.199812] page_type: f5(slab) [ 23.200074] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 23.200384] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 23.200530] page dumped because: kasan: bad access detected [ 23.200729] [ 23.200773] Memory state around the buggy address: [ 23.200964] fff00000c7765800: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 23.201330] fff00000c7765880: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 23.201718] >fff00000c7765900: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 23.201827] ^ [ 23.201901] fff00000c7765980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.202012] fff00000c7765a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.202100] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 23.060785] ================================================================== [ 23.060944] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 23.061088] Read of size 1 at addr fff00000c76c5300 by task kunit_try_catch/200 [ 23.061200] [ 23.061280] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.061482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.061542] Hardware name: linux,dummy-virt (DT) [ 23.061603] Call trace: [ 23.061651] show_stack+0x20/0x38 (C) [ 23.061765] dump_stack_lvl+0x8c/0xd0 [ 23.061878] print_report+0x118/0x608 [ 23.062639] kasan_report+0xdc/0x128 [ 23.063114] __asan_report_load1_noabort+0x20/0x30 [ 23.063382] ksize_uaf+0x598/0x5f8 [ 23.065255] kunit_try_run_case+0x170/0x3f0 [ 23.066091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.066220] kthread+0x328/0x630 [ 23.066329] ret_from_fork+0x10/0x20 [ 23.067394] [ 23.067932] Allocated by task 200: [ 23.068021] kasan_save_stack+0x3c/0x68 [ 23.068120] kasan_save_track+0x20/0x40 [ 23.068195] kasan_save_alloc_info+0x40/0x58 [ 23.068269] __kasan_kmalloc+0xd4/0xd8 [ 23.068337] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.068442] ksize_uaf+0xb8/0x5f8 [ 23.068516] kunit_try_run_case+0x170/0x3f0 [ 23.068601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.068701] kthread+0x328/0x630 [ 23.068781] ret_from_fork+0x10/0x20 [ 23.068858] [ 23.068895] Freed by task 200: [ 23.068957] kasan_save_stack+0x3c/0x68 [ 23.069043] kasan_save_track+0x20/0x40 [ 23.069132] kasan_save_free_info+0x4c/0x78 [ 23.069231] __kasan_slab_free+0x6c/0x98 [ 23.069326] kfree+0x214/0x3c8 [ 23.069414] ksize_uaf+0x11c/0x5f8 [ 23.069505] kunit_try_run_case+0x170/0x3f0 [ 23.070181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.070367] kthread+0x328/0x630 [ 23.070541] ret_from_fork+0x10/0x20 [ 23.070631] [ 23.070683] The buggy address belongs to the object at fff00000c76c5300 [ 23.070683] which belongs to the cache kmalloc-128 of size 128 [ 23.070841] The buggy address is located 0 bytes inside of [ 23.070841] freed 128-byte region [fff00000c76c5300, fff00000c76c5380) [ 23.071645] [ 23.071770] The buggy address belongs to the physical page: [ 23.071864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 23.072054] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.072235] page_type: f5(slab) [ 23.072368] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.072641] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.072821] page dumped because: kasan: bad access detected [ 23.072930] [ 23.073348] Memory state around the buggy address: [ 23.073922] fff00000c76c5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.074323] fff00000c76c5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.074877] >fff00000c76c5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.074983] ^ [ 23.075062] fff00000c76c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.075115] fff00000c76c5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.075158] ================================================================== [ 23.077606] ================================================================== [ 23.077857] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 23.078001] Read of size 1 at addr fff00000c76c5378 by task kunit_try_catch/200 [ 23.078125] [ 23.078446] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.078737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.078895] Hardware name: linux,dummy-virt (DT) [ 23.079179] Call trace: [ 23.079261] show_stack+0x20/0x38 (C) [ 23.079578] dump_stack_lvl+0x8c/0xd0 [ 23.079766] print_report+0x118/0x608 [ 23.079924] kasan_report+0xdc/0x128 [ 23.080074] __asan_report_load1_noabort+0x20/0x30 [ 23.080194] ksize_uaf+0x544/0x5f8 [ 23.080305] kunit_try_run_case+0x170/0x3f0 [ 23.080445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.080645] kthread+0x328/0x630 [ 23.080753] ret_from_fork+0x10/0x20 [ 23.080869] [ 23.080911] Allocated by task 200: [ 23.080981] kasan_save_stack+0x3c/0x68 [ 23.081084] kasan_save_track+0x20/0x40 [ 23.081206] kasan_save_alloc_info+0x40/0x58 [ 23.081336] __kasan_kmalloc+0xd4/0xd8 [ 23.081763] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.082232] ksize_uaf+0xb8/0x5f8 [ 23.082453] kunit_try_run_case+0x170/0x3f0 [ 23.082575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.082710] kthread+0x328/0x630 [ 23.082798] ret_from_fork+0x10/0x20 [ 23.082893] [ 23.082951] Freed by task 200: [ 23.083018] kasan_save_stack+0x3c/0x68 [ 23.083163] kasan_save_track+0x20/0x40 [ 23.083266] kasan_save_free_info+0x4c/0x78 [ 23.083352] __kasan_slab_free+0x6c/0x98 [ 23.083455] kfree+0x214/0x3c8 [ 23.083526] ksize_uaf+0x11c/0x5f8 [ 23.083604] kunit_try_run_case+0x170/0x3f0 [ 23.083728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.083887] kthread+0x328/0x630 [ 23.083983] ret_from_fork+0x10/0x20 [ 23.084168] [ 23.084232] The buggy address belongs to the object at fff00000c76c5300 [ 23.084232] which belongs to the cache kmalloc-128 of size 128 [ 23.084486] The buggy address is located 120 bytes inside of [ 23.084486] freed 128-byte region [fff00000c76c5300, fff00000c76c5380) [ 23.084676] [ 23.084727] The buggy address belongs to the physical page: [ 23.084807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 23.084929] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.085173] page_type: f5(slab) [ 23.085255] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.085368] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.085512] page dumped because: kasan: bad access detected [ 23.085600] [ 23.085640] Memory state around the buggy address: [ 23.085741] fff00000c76c5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.085882] fff00000c76c5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.085983] >fff00000c76c5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.086073] ^ [ 23.086236] fff00000c76c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.086413] fff00000c76c5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.086524] ================================================================== [ 23.044230] ================================================================== [ 23.044741] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 23.044965] Read of size 1 at addr fff00000c76c5300 by task kunit_try_catch/200 [ 23.045275] [ 23.045553] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 23.046218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.046466] Hardware name: linux,dummy-virt (DT) [ 23.046568] Call trace: [ 23.046633] show_stack+0x20/0x38 (C) [ 23.046782] dump_stack_lvl+0x8c/0xd0 [ 23.047362] print_report+0x118/0x608 [ 23.047635] kasan_report+0xdc/0x128 [ 23.047744] __kasan_check_byte+0x54/0x70 [ 23.047835] ksize+0x30/0x88 [ 23.047917] ksize_uaf+0x168/0x5f8 [ 23.048022] kunit_try_run_case+0x170/0x3f0 [ 23.048189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.048374] kthread+0x328/0x630 [ 23.048509] ret_from_fork+0x10/0x20 [ 23.048643] [ 23.048693] Allocated by task 200: [ 23.048769] kasan_save_stack+0x3c/0x68 [ 23.048875] kasan_save_track+0x20/0x40 [ 23.048967] kasan_save_alloc_info+0x40/0x58 [ 23.049068] __kasan_kmalloc+0xd4/0xd8 [ 23.049161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.049270] ksize_uaf+0xb8/0x5f8 [ 23.049790] kunit_try_run_case+0x170/0x3f0 [ 23.050225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.050488] kthread+0x328/0x630 [ 23.050668] ret_from_fork+0x10/0x20 [ 23.050900] [ 23.051074] Freed by task 200: [ 23.051182] kasan_save_stack+0x3c/0x68 [ 23.051555] kasan_save_track+0x20/0x40 [ 23.051652] kasan_save_free_info+0x4c/0x78 [ 23.051740] __kasan_slab_free+0x6c/0x98 [ 23.051831] kfree+0x214/0x3c8 [ 23.051902] ksize_uaf+0x11c/0x5f8 [ 23.051973] kunit_try_run_case+0x170/0x3f0 [ 23.052062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.052158] kthread+0x328/0x630 [ 23.052236] ret_from_fork+0x10/0x20 [ 23.052311] [ 23.052352] The buggy address belongs to the object at fff00000c76c5300 [ 23.052352] which belongs to the cache kmalloc-128 of size 128 [ 23.052487] The buggy address is located 0 bytes inside of [ 23.052487] freed 128-byte region [fff00000c76c5300, fff00000c76c5380) [ 23.052613] [ 23.052662] The buggy address belongs to the physical page: [ 23.052729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 23.052845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.052963] page_type: f5(slab) [ 23.053058] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.053180] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.053279] page dumped because: kasan: bad access detected [ 23.053352] [ 23.053391] Memory state around the buggy address: [ 23.053594] fff00000c76c5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.054012] fff00000c76c5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.054311] >fff00000c76c5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.054680] ^ [ 23.054854] fff00000c76c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.054963] fff00000c76c5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.055045] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 22.975290] ================================================================== [ 22.975826] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 22.976221] Free of addr fff00000c57223c0 by task kunit_try_catch/196 [ 22.976556] [ 22.976646] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.976869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.976927] Hardware name: linux,dummy-virt (DT) [ 22.977123] Call trace: [ 22.977189] show_stack+0x20/0x38 (C) [ 22.977534] dump_stack_lvl+0x8c/0xd0 [ 22.977760] print_report+0x118/0x608 [ 22.977925] kasan_report_invalid_free+0xc0/0xe8 [ 22.978451] check_slab_allocation+0xd4/0x108 [ 22.978614] __kasan_slab_pre_free+0x2c/0x48 [ 22.978726] kfree+0xe8/0x3c8 [ 22.978836] kfree_sensitive+0x3c/0xb0 [ 22.978952] kmalloc_double_kzfree+0x168/0x308 [ 22.979078] kunit_try_run_case+0x170/0x3f0 [ 22.979206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.979344] kthread+0x328/0x630 [ 22.979464] ret_from_fork+0x10/0x20 [ 22.979586] [ 22.979633] Allocated by task 196: [ 22.979703] kasan_save_stack+0x3c/0x68 [ 22.979809] kasan_save_track+0x20/0x40 [ 22.979896] kasan_save_alloc_info+0x40/0x58 [ 22.980551] __kasan_kmalloc+0xd4/0xd8 [ 22.980924] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.981192] kmalloc_double_kzfree+0xb8/0x308 [ 22.981369] kunit_try_run_case+0x170/0x3f0 [ 22.981491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.981585] kthread+0x328/0x630 [ 22.981657] ret_from_fork+0x10/0x20 [ 22.981720] [ 22.981763] Freed by task 196: [ 22.981823] kasan_save_stack+0x3c/0x68 [ 22.981900] kasan_save_track+0x20/0x40 [ 22.981982] kasan_save_free_info+0x4c/0x78 [ 22.982068] __kasan_slab_free+0x6c/0x98 [ 22.982157] kfree+0x214/0x3c8 [ 22.982246] kfree_sensitive+0x80/0xb0 [ 22.982346] kmalloc_double_kzfree+0x11c/0x308 [ 22.982459] kunit_try_run_case+0x170/0x3f0 [ 22.982590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.982686] kthread+0x328/0x630 [ 22.982764] ret_from_fork+0x10/0x20 [ 22.982846] [ 22.982897] The buggy address belongs to the object at fff00000c57223c0 [ 22.982897] which belongs to the cache kmalloc-16 of size 16 [ 22.983025] The buggy address is located 0 bytes inside of [ 22.983025] 16-byte region [fff00000c57223c0, fff00000c57223d0) [ 22.983136] [ 22.983178] The buggy address belongs to the physical page: [ 22.983242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 22.983348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.983496] page_type: f5(slab) [ 22.983581] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.983672] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.983749] page dumped because: kasan: bad access detected [ 22.983803] [ 22.983841] Memory state around the buggy address: [ 22.983914] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.984056] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.984172] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 22.986530] ^ [ 22.986653] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.986762] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.986860] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 22.955413] ================================================================== [ 22.955666] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 22.955844] Read of size 1 at addr fff00000c57223c0 by task kunit_try_catch/196 [ 22.956017] [ 22.956110] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.956336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.956435] Hardware name: linux,dummy-virt (DT) [ 22.956532] Call trace: [ 22.956611] show_stack+0x20/0x38 (C) [ 22.956759] dump_stack_lvl+0x8c/0xd0 [ 22.956895] print_report+0x118/0x608 [ 22.956997] kasan_report+0xdc/0x128 [ 22.957109] __kasan_check_byte+0x54/0x70 [ 22.957229] kfree_sensitive+0x30/0xb0 [ 22.957351] kmalloc_double_kzfree+0x168/0x308 [ 22.957502] kunit_try_run_case+0x170/0x3f0 [ 22.957638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.957795] kthread+0x328/0x630 [ 22.958017] ret_from_fork+0x10/0x20 [ 22.958202] [ 22.958269] Allocated by task 196: [ 22.958662] kasan_save_stack+0x3c/0x68 [ 22.958773] kasan_save_track+0x20/0x40 [ 22.958860] kasan_save_alloc_info+0x40/0x58 [ 22.958951] __kasan_kmalloc+0xd4/0xd8 [ 22.959453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.959654] kmalloc_double_kzfree+0xb8/0x308 [ 22.959845] kunit_try_run_case+0x170/0x3f0 [ 22.960509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.961084] kthread+0x328/0x630 [ 22.961506] ret_from_fork+0x10/0x20 [ 22.961621] [ 22.961752] Freed by task 196: [ 22.961838] kasan_save_stack+0x3c/0x68 [ 22.962063] kasan_save_track+0x20/0x40 [ 22.962331] kasan_save_free_info+0x4c/0x78 [ 22.962441] __kasan_slab_free+0x6c/0x98 [ 22.962535] kfree+0x214/0x3c8 [ 22.962614] kfree_sensitive+0x80/0xb0 [ 22.962687] kmalloc_double_kzfree+0x11c/0x308 [ 22.962762] kunit_try_run_case+0x170/0x3f0 [ 22.962850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.962963] kthread+0x328/0x630 [ 22.963058] ret_from_fork+0x10/0x20 [ 22.963148] [ 22.963201] The buggy address belongs to the object at fff00000c57223c0 [ 22.963201] which belongs to the cache kmalloc-16 of size 16 [ 22.963359] The buggy address is located 0 bytes inside of [ 22.963359] freed 16-byte region [fff00000c57223c0, fff00000c57223d0) [ 22.965537] [ 22.965923] The buggy address belongs to the physical page: [ 22.966051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 22.966434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.966758] page_type: f5(slab) [ 22.966854] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.967362] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.968238] page dumped because: kasan: bad access detected [ 22.968504] [ 22.968552] Memory state around the buggy address: [ 22.968640] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.968749] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.968863] >fff00000c5722380: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 22.968959] ^ [ 22.969051] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.969158] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.969256] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 22.892259] ================================================================== [ 22.892811] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 22.893073] Read of size 1 at addr fff00000c76c4828 by task kunit_try_catch/192 [ 22.893286] [ 22.893451] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.894013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.894109] Hardware name: linux,dummy-virt (DT) [ 22.894283] Call trace: [ 22.894462] show_stack+0x20/0x38 (C) [ 22.894618] dump_stack_lvl+0x8c/0xd0 [ 22.894752] print_report+0x118/0x608 [ 22.894879] kasan_report+0xdc/0x128 [ 22.895004] __asan_report_load1_noabort+0x20/0x30 [ 22.895109] kmalloc_uaf2+0x3f4/0x468 [ 22.895197] kunit_try_run_case+0x170/0x3f0 [ 22.895307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.895452] kthread+0x328/0x630 [ 22.895573] ret_from_fork+0x10/0x20 [ 22.895708] [ 22.895753] Allocated by task 192: [ 22.895831] kasan_save_stack+0x3c/0x68 [ 22.895938] kasan_save_track+0x20/0x40 [ 22.896033] kasan_save_alloc_info+0x40/0x58 [ 22.896138] __kasan_kmalloc+0xd4/0xd8 [ 22.896232] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.896345] kmalloc_uaf2+0xc4/0x468 [ 22.897091] kunit_try_run_case+0x170/0x3f0 [ 22.897549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.897829] kthread+0x328/0x630 [ 22.898076] ret_from_fork+0x10/0x20 [ 22.898326] [ 22.898563] Freed by task 192: [ 22.898652] kasan_save_stack+0x3c/0x68 [ 22.898889] kasan_save_track+0x20/0x40 [ 22.899009] kasan_save_free_info+0x4c/0x78 [ 22.899148] __kasan_slab_free+0x6c/0x98 [ 22.899419] kfree+0x214/0x3c8 [ 22.899524] kmalloc_uaf2+0x134/0x468 [ 22.899772] kunit_try_run_case+0x170/0x3f0 [ 22.900025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.900507] kthread+0x328/0x630 [ 22.900604] ret_from_fork+0x10/0x20 [ 22.900698] [ 22.900809] The buggy address belongs to the object at fff00000c76c4800 [ 22.900809] which belongs to the cache kmalloc-64 of size 64 [ 22.901135] The buggy address is located 40 bytes inside of [ 22.901135] freed 64-byte region [fff00000c76c4800, fff00000c76c4840) [ 22.901507] [ 22.901575] The buggy address belongs to the physical page: [ 22.901660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 22.901797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.901933] page_type: f5(slab) [ 22.902036] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.902168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.902277] page dumped because: kasan: bad access detected [ 22.902369] [ 22.902499] Memory state around the buggy address: [ 22.902623] fff00000c76c4700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.902731] fff00000c76c4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.902817] >fff00000c76c4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.902913] ^ [ 22.902993] fff00000c76c4880: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 22.903129] fff00000c76c4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.903552] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 22.845622] ================================================================== [ 22.845811] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 22.846792] Write of size 33 at addr fff00000c76c4680 by task kunit_try_catch/190 [ 22.847664] [ 22.847876] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.848168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.848238] Hardware name: linux,dummy-virt (DT) [ 22.848326] Call trace: [ 22.848389] show_stack+0x20/0x38 (C) [ 22.849002] dump_stack_lvl+0x8c/0xd0 [ 22.849154] print_report+0x118/0x608 [ 22.849376] kasan_report+0xdc/0x128 [ 22.849934] kasan_check_range+0x100/0x1a8 [ 22.850154] __asan_memset+0x34/0x78 [ 22.850302] kmalloc_uaf_memset+0x170/0x310 [ 22.850438] kunit_try_run_case+0x170/0x3f0 [ 22.850577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.850706] kthread+0x328/0x630 [ 22.850798] ret_from_fork+0x10/0x20 [ 22.850914] [ 22.850953] Allocated by task 190: [ 22.851021] kasan_save_stack+0x3c/0x68 [ 22.851126] kasan_save_track+0x20/0x40 [ 22.851224] kasan_save_alloc_info+0x40/0x58 [ 22.851329] __kasan_kmalloc+0xd4/0xd8 [ 22.852038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.852643] kmalloc_uaf_memset+0xb8/0x310 [ 22.852844] kunit_try_run_case+0x170/0x3f0 [ 22.852955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.853069] kthread+0x328/0x630 [ 22.853157] ret_from_fork+0x10/0x20 [ 22.853241] [ 22.853289] Freed by task 190: [ 22.853363] kasan_save_stack+0x3c/0x68 [ 22.853848] kasan_save_track+0x20/0x40 [ 22.854311] kasan_save_free_info+0x4c/0x78 [ 22.854834] __kasan_slab_free+0x6c/0x98 [ 22.855125] kfree+0x214/0x3c8 [ 22.855222] kmalloc_uaf_memset+0x11c/0x310 [ 22.855315] kunit_try_run_case+0x170/0x3f0 [ 22.855736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.856091] kthread+0x328/0x630 [ 22.856211] ret_from_fork+0x10/0x20 [ 22.856314] [ 22.856462] The buggy address belongs to the object at fff00000c76c4680 [ 22.856462] which belongs to the cache kmalloc-64 of size 64 [ 22.857017] The buggy address is located 0 bytes inside of [ 22.857017] freed 64-byte region [fff00000c76c4680, fff00000c76c46c0) [ 22.857247] [ 22.857306] The buggy address belongs to the physical page: [ 22.857462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 22.857592] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.857986] page_type: f5(slab) [ 22.858332] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.858537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.858646] page dumped because: kasan: bad access detected [ 22.858972] [ 22.859017] Memory state around the buggy address: [ 22.859093] fff00000c76c4580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.859542] fff00000c76c4600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.859688] >fff00000c76c4680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.859854] ^ [ 22.860242] fff00000c76c4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.860599] fff00000c76c4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.860802] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 22.817730] ================================================================== [ 22.817961] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 22.818129] Read of size 1 at addr fff00000c57223a8 by task kunit_try_catch/188 [ 22.818266] [ 22.818371] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.818861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.818937] Hardware name: linux,dummy-virt (DT) [ 22.819009] Call trace: [ 22.819074] show_stack+0x20/0x38 (C) [ 22.819218] dump_stack_lvl+0x8c/0xd0 [ 22.819350] print_report+0x118/0x608 [ 22.819480] kasan_report+0xdc/0x128 [ 22.819574] __asan_report_load1_noabort+0x20/0x30 [ 22.819671] kmalloc_uaf+0x300/0x338 [ 22.819765] kunit_try_run_case+0x170/0x3f0 [ 22.819877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.820014] kthread+0x328/0x630 [ 22.820128] ret_from_fork+0x10/0x20 [ 22.820265] [ 22.820305] Allocated by task 188: [ 22.820377] kasan_save_stack+0x3c/0x68 [ 22.820515] kasan_save_track+0x20/0x40 [ 22.820600] kasan_save_alloc_info+0x40/0x58 [ 22.820694] __kasan_kmalloc+0xd4/0xd8 [ 22.820781] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.820908] kmalloc_uaf+0xb8/0x338 [ 22.821015] kunit_try_run_case+0x170/0x3f0 [ 22.821163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.821329] kthread+0x328/0x630 [ 22.821471] ret_from_fork+0x10/0x20 [ 22.821608] [ 22.821665] Freed by task 188: [ 22.821727] kasan_save_stack+0x3c/0x68 [ 22.821836] kasan_save_track+0x20/0x40 [ 22.821935] kasan_save_free_info+0x4c/0x78 [ 22.822044] __kasan_slab_free+0x6c/0x98 [ 22.822181] kfree+0x214/0x3c8 [ 22.822277] kmalloc_uaf+0x11c/0x338 [ 22.822414] kunit_try_run_case+0x170/0x3f0 [ 22.822506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.822670] kthread+0x328/0x630 [ 22.822756] ret_from_fork+0x10/0x20 [ 22.822848] [ 22.822901] The buggy address belongs to the object at fff00000c57223a0 [ 22.822901] which belongs to the cache kmalloc-16 of size 16 [ 22.823050] The buggy address is located 8 bytes inside of [ 22.823050] freed 16-byte region [fff00000c57223a0, fff00000c57223b0) [ 22.823203] [ 22.823281] The buggy address belongs to the physical page: [ 22.823377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 22.823531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.823645] page_type: f5(slab) [ 22.823730] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.824084] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.824188] page dumped because: kasan: bad access detected [ 22.824268] [ 22.824316] Memory state around the buggy address: [ 22.824441] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.824549] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.824659] >fff00000c5722380: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 22.824767] ^ [ 22.824887] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.825051] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.825163] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 22.772450] ================================================================== [ 22.772647] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 22.772817] Read of size 64 at addr fff00000c76c4404 by task kunit_try_catch/186 [ 22.772951] [ 22.773051] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.773271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.773339] Hardware name: linux,dummy-virt (DT) [ 22.774871] Call trace: [ 22.775668] show_stack+0x20/0x38 (C) [ 22.775928] dump_stack_lvl+0x8c/0xd0 [ 22.776488] print_report+0x118/0x608 [ 22.776838] kasan_report+0xdc/0x128 [ 22.777020] kasan_check_range+0x100/0x1a8 [ 22.777195] __asan_memmove+0x3c/0x98 [ 22.777356] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 22.777504] kunit_try_run_case+0x170/0x3f0 [ 22.777632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.778140] kthread+0x328/0x630 [ 22.778253] ret_from_fork+0x10/0x20 [ 22.778778] [ 22.778900] Allocated by task 186: [ 22.778998] kasan_save_stack+0x3c/0x68 [ 22.779114] kasan_save_track+0x20/0x40 [ 22.779189] kasan_save_alloc_info+0x40/0x58 [ 22.779864] __kasan_kmalloc+0xd4/0xd8 [ 22.780080] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.780765] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 22.781065] kunit_try_run_case+0x170/0x3f0 [ 22.781178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.781295] kthread+0x328/0x630 [ 22.781389] ret_from_fork+0x10/0x20 [ 22.781499] [ 22.781551] The buggy address belongs to the object at fff00000c76c4400 [ 22.781551] which belongs to the cache kmalloc-64 of size 64 [ 22.783294] The buggy address is located 4 bytes inside of [ 22.783294] allocated 64-byte region [fff00000c76c4400, fff00000c76c4440) [ 22.783457] [ 22.783507] The buggy address belongs to the physical page: [ 22.783578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 22.783706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.788138] page_type: f5(slab) [ 22.789523] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.790807] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.790932] page dumped because: kasan: bad access detected [ 22.791015] [ 22.791058] Memory state around the buggy address: [ 22.791129] fff00000c76c4300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.793049] fff00000c76c4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.793165] >fff00000c76c4400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.793252] ^ [ 22.793331] fff00000c76c4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.793443] fff00000c76c4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.795415] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 21.761397] ================================================================== [ 21.761523] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 21.761673] Read of size 1 at addr fff00000c3ebab80 by task kunit_try_catch/140 [ 21.761881] [ 21.761987] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.762198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.762859] Hardware name: linux,dummy-virt (DT) [ 21.763308] Call trace: [ 21.763442] show_stack+0x20/0x38 (C) [ 21.763667] dump_stack_lvl+0x8c/0xd0 [ 21.763837] print_report+0x118/0x608 [ 21.764053] kasan_report+0xdc/0x128 [ 21.764176] __asan_report_load1_noabort+0x20/0x30 [ 21.764364] kmalloc_oob_right+0x5d0/0x660 [ 21.764504] kunit_try_run_case+0x170/0x3f0 [ 21.764638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.764773] kthread+0x328/0x630 [ 21.764952] ret_from_fork+0x10/0x20 [ 21.765127] [ 21.765200] Allocated by task 140: [ 21.765274] kasan_save_stack+0x3c/0x68 [ 21.765373] kasan_save_track+0x20/0x40 [ 21.765486] kasan_save_alloc_info+0x40/0x58 [ 21.765588] __kasan_kmalloc+0xd4/0xd8 [ 21.765679] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.765794] kmalloc_oob_right+0xb0/0x660 [ 21.765928] kunit_try_run_case+0x170/0x3f0 [ 21.766029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.766194] kthread+0x328/0x630 [ 21.766335] ret_from_fork+0x10/0x20 [ 21.766442] [ 21.766487] The buggy address belongs to the object at fff00000c3ebab00 [ 21.766487] which belongs to the cache kmalloc-128 of size 128 [ 21.766658] The buggy address is located 13 bytes to the right of [ 21.766658] allocated 115-byte region [fff00000c3ebab00, fff00000c3ebab73) [ 21.766818] [ 21.766875] The buggy address belongs to the physical page: [ 21.766955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 21.767101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.767268] page_type: f5(slab) [ 21.767369] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.767949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.768108] page dumped because: kasan: bad access detected [ 21.768197] [ 21.768259] Memory state around the buggy address: [ 21.768463] fff00000c3ebaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.768755] fff00000c3ebab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.769054] >fff00000c3ebab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.769151] ^ [ 21.769296] fff00000c3ebac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.769716] fff00000c3ebac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.769922] ================================================================== [ 21.755491] ================================================================== [ 21.755584] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 21.755708] Write of size 1 at addr fff00000c3ebab78 by task kunit_try_catch/140 [ 21.755845] [ 21.755930] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.756142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.756235] Hardware name: linux,dummy-virt (DT) [ 21.756344] Call trace: [ 21.756442] show_stack+0x20/0x38 (C) [ 21.756570] dump_stack_lvl+0x8c/0xd0 [ 21.756702] print_report+0x118/0x608 [ 21.756859] kasan_report+0xdc/0x128 [ 21.757013] __asan_report_store1_noabort+0x20/0x30 [ 21.757184] kmalloc_oob_right+0x538/0x660 [ 21.757349] kunit_try_run_case+0x170/0x3f0 [ 21.757479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.757586] kthread+0x328/0x630 [ 21.757671] ret_from_fork+0x10/0x20 [ 21.757772] [ 21.757808] Allocated by task 140: [ 21.757863] kasan_save_stack+0x3c/0x68 [ 21.758038] kasan_save_track+0x20/0x40 [ 21.758137] kasan_save_alloc_info+0x40/0x58 [ 21.758218] __kasan_kmalloc+0xd4/0xd8 [ 21.758306] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.758481] kmalloc_oob_right+0xb0/0x660 [ 21.758579] kunit_try_run_case+0x170/0x3f0 [ 21.758662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.758767] kthread+0x328/0x630 [ 21.758867] ret_from_fork+0x10/0x20 [ 21.759002] [ 21.759065] The buggy address belongs to the object at fff00000c3ebab00 [ 21.759065] which belongs to the cache kmalloc-128 of size 128 [ 21.759190] The buggy address is located 5 bytes to the right of [ 21.759190] allocated 115-byte region [fff00000c3ebab00, fff00000c3ebab73) [ 21.759308] [ 21.759345] The buggy address belongs to the physical page: [ 21.759450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 21.759566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.759727] page_type: f5(slab) [ 21.759832] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.759946] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.760073] page dumped because: kasan: bad access detected [ 21.760146] [ 21.760181] Memory state around the buggy address: [ 21.760255] fff00000c3ebaa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.760354] fff00000c3ebaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.760456] >fff00000c3ebab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.760539] ^ [ 21.760630] fff00000c3ebab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.760771] fff00000c3ebac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.760871] ================================================================== [ 21.745517] ================================================================== [ 21.745994] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 21.747565] Write of size 1 at addr fff00000c3ebab73 by task kunit_try_catch/140 [ 21.747726] [ 21.748767] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G N 6.15.2-rc1 #1 PREEMPT [ 21.748956] Tainted: [N]=TEST [ 21.748999] Hardware name: linux,dummy-virt (DT) [ 21.749291] Call trace: [ 21.749495] show_stack+0x20/0x38 (C) [ 21.749678] dump_stack_lvl+0x8c/0xd0 [ 21.749758] print_report+0x118/0x608 [ 21.749814] kasan_report+0xdc/0x128 [ 21.749864] __asan_report_store1_noabort+0x20/0x30 [ 21.749922] kmalloc_oob_right+0x5a4/0x660 [ 21.749976] kunit_try_run_case+0x170/0x3f0 [ 21.750035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.750096] kthread+0x328/0x630 [ 21.750149] ret_from_fork+0x10/0x20 [ 21.750358] [ 21.750473] Allocated by task 140: [ 21.750702] kasan_save_stack+0x3c/0x68 [ 21.750837] kasan_save_track+0x20/0x40 [ 21.750922] kasan_save_alloc_info+0x40/0x58 [ 21.750996] __kasan_kmalloc+0xd4/0xd8 [ 21.751038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.751089] kmalloc_oob_right+0xb0/0x660 [ 21.751133] kunit_try_run_case+0x170/0x3f0 [ 21.751178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.751228] kthread+0x328/0x630 [ 21.751269] ret_from_fork+0x10/0x20 [ 21.751336] [ 21.751436] The buggy address belongs to the object at fff00000c3ebab00 [ 21.751436] which belongs to the cache kmalloc-128 of size 128 [ 21.751555] The buggy address is located 0 bytes to the right of [ 21.751555] allocated 115-byte region [fff00000c3ebab00, fff00000c3ebab73) [ 21.751633] [ 21.751738] The buggy address belongs to the physical page: [ 21.752026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 21.752382] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.752783] page_type: f5(slab) [ 21.753161] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.753235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.753372] page dumped because: kasan: bad access detected [ 21.753436] [ 21.753471] Memory state around the buggy address: [ 21.753757] fff00000c3ebaa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.753843] fff00000c3ebaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.753910] >fff00000c3ebab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.753984] ^ [ 21.754087] fff00000c3ebab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.754137] fff00000c3ebac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.754211] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 22.706124] ================================================================== [ 22.706399] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 22.706598] Read of size 18446744073709551614 at addr fff00000c76c4204 by task kunit_try_catch/184 [ 22.706796] [ 22.706892] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.707109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.707179] Hardware name: linux,dummy-virt (DT) [ 22.707259] Call trace: [ 22.707321] show_stack+0x20/0x38 (C) [ 22.708929] dump_stack_lvl+0x8c/0xd0 [ 22.709472] print_report+0x118/0x608 [ 22.709577] kasan_report+0xdc/0x128 [ 22.709677] kasan_check_range+0x100/0x1a8 [ 22.709866] __asan_memmove+0x3c/0x98 [ 22.710002] kmalloc_memmove_negative_size+0x154/0x2e0 [ 22.710142] kunit_try_run_case+0x170/0x3f0 [ 22.710268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.710430] kthread+0x328/0x630 [ 22.710552] ret_from_fork+0x10/0x20 [ 22.710683] [ 22.710731] Allocated by task 184: [ 22.711573] kasan_save_stack+0x3c/0x68 [ 22.712694] kasan_save_track+0x20/0x40 [ 22.712951] kasan_save_alloc_info+0x40/0x58 [ 22.713098] __kasan_kmalloc+0xd4/0xd8 [ 22.714083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.714326] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 22.714549] kunit_try_run_case+0x170/0x3f0 [ 22.714646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.714734] kthread+0x328/0x630 [ 22.714814] ret_from_fork+0x10/0x20 [ 22.714904] [ 22.715668] The buggy address belongs to the object at fff00000c76c4200 [ 22.715668] which belongs to the cache kmalloc-64 of size 64 [ 22.716098] The buggy address is located 4 bytes inside of [ 22.716098] 64-byte region [fff00000c76c4200, fff00000c76c4240) [ 22.716563] [ 22.716929] The buggy address belongs to the physical page: [ 22.717301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 22.717792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.717933] page_type: f5(slab) [ 22.718039] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.718171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.719168] page dumped because: kasan: bad access detected [ 22.719350] [ 22.719467] Memory state around the buggy address: [ 22.719613] fff00000c76c4100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 22.719732] fff00000c76c4180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.719847] >fff00000c76c4200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.719948] ^ [ 22.720022] fff00000c76c4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.720132] fff00000c76c4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.720235] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 22.661275] ================================================================== [ 22.661974] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 22.662166] Write of size 16 at addr fff00000c76c5269 by task kunit_try_catch/182 [ 22.662304] [ 22.662908] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.663137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.663625] Hardware name: linux,dummy-virt (DT) [ 22.663815] Call trace: [ 22.663908] show_stack+0x20/0x38 (C) [ 22.664307] dump_stack_lvl+0x8c/0xd0 [ 22.664853] print_report+0x118/0x608 [ 22.665298] kasan_report+0xdc/0x128 [ 22.665667] kasan_check_range+0x100/0x1a8 [ 22.666032] __asan_memset+0x34/0x78 [ 22.666345] kmalloc_oob_memset_16+0x150/0x2f8 [ 22.666708] kunit_try_run_case+0x170/0x3f0 [ 22.666942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.667099] kthread+0x328/0x630 [ 22.667195] ret_from_fork+0x10/0x20 [ 22.667292] [ 22.667589] Allocated by task 182: [ 22.667783] kasan_save_stack+0x3c/0x68 [ 22.668328] kasan_save_track+0x20/0x40 [ 22.668477] kasan_save_alloc_info+0x40/0x58 [ 22.668587] __kasan_kmalloc+0xd4/0xd8 [ 22.668682] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.669373] kmalloc_oob_memset_16+0xb0/0x2f8 [ 22.669518] kunit_try_run_case+0x170/0x3f0 [ 22.669870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.670134] kthread+0x328/0x630 [ 22.670833] ret_from_fork+0x10/0x20 [ 22.670966] [ 22.671014] The buggy address belongs to the object at fff00000c76c5200 [ 22.671014] which belongs to the cache kmalloc-128 of size 128 [ 22.671133] The buggy address is located 105 bytes inside of [ 22.671133] allocated 120-byte region [fff00000c76c5200, fff00000c76c5278) [ 22.671581] [ 22.671902] The buggy address belongs to the physical page: [ 22.672457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 22.672681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.673201] page_type: f5(slab) [ 22.673331] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.673540] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.673635] page dumped because: kasan: bad access detected [ 22.673950] [ 22.674170] Memory state around the buggy address: [ 22.674265] fff00000c76c5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.674487] fff00000c76c5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675060] >fff00000c76c5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.675237] ^ [ 22.675370] fff00000c76c5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675602] fff00000c76c5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675879] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 22.629774] ================================================================== [ 22.629970] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 22.630140] Write of size 8 at addr fff00000c76c5171 by task kunit_try_catch/180 [ 22.630267] [ 22.631831] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.632564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.632811] Hardware name: linux,dummy-virt (DT) [ 22.632940] Call trace: [ 22.633103] show_stack+0x20/0x38 (C) [ 22.633226] dump_stack_lvl+0x8c/0xd0 [ 22.633316] print_report+0x118/0x608 [ 22.633414] kasan_report+0xdc/0x128 [ 22.633519] kasan_check_range+0x100/0x1a8 [ 22.634129] __asan_memset+0x34/0x78 [ 22.634257] kmalloc_oob_memset_8+0x150/0x2f8 [ 22.634387] kunit_try_run_case+0x170/0x3f0 [ 22.634480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.634544] kthread+0x328/0x630 [ 22.634597] ret_from_fork+0x10/0x20 [ 22.634656] [ 22.634679] Allocated by task 180: [ 22.634716] kasan_save_stack+0x3c/0x68 [ 22.634771] kasan_save_track+0x20/0x40 [ 22.634815] kasan_save_alloc_info+0x40/0x58 [ 22.634859] __kasan_kmalloc+0xd4/0xd8 [ 22.634900] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.634950] kmalloc_oob_memset_8+0xb0/0x2f8 [ 22.634995] kunit_try_run_case+0x170/0x3f0 [ 22.635039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.635090] kthread+0x328/0x630 [ 22.635131] ret_from_fork+0x10/0x20 [ 22.635172] [ 22.635196] The buggy address belongs to the object at fff00000c76c5100 [ 22.635196] which belongs to the cache kmalloc-128 of size 128 [ 22.635262] The buggy address is located 113 bytes inside of [ 22.635262] allocated 120-byte region [fff00000c76c5100, fff00000c76c5178) [ 22.635331] [ 22.635355] The buggy address belongs to the physical page: [ 22.635394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 22.635578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.635760] page_type: f5(slab) [ 22.635909] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.636084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.636219] page dumped because: kasan: bad access detected [ 22.636285] [ 22.636320] Memory state around the buggy address: [ 22.636380] fff00000c76c5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.636474] fff00000c76c5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.636566] >fff00000c76c5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.636669] ^ [ 22.636776] fff00000c76c5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.636884] fff00000c76c5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.636980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 22.530469] ================================================================== [ 22.530647] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 22.530807] Write of size 2 at addr fff00000c76c5077 by task kunit_try_catch/176 [ 22.530923] [ 22.531568] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.533418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.533489] Hardware name: linux,dummy-virt (DT) [ 22.533547] Call trace: [ 22.533597] show_stack+0x20/0x38 (C) [ 22.533734] dump_stack_lvl+0x8c/0xd0 [ 22.533963] print_report+0x118/0x608 [ 22.534574] kasan_report+0xdc/0x128 [ 22.535112] kasan_check_range+0x100/0x1a8 [ 22.535379] __asan_memset+0x34/0x78 [ 22.535522] kmalloc_oob_memset_2+0x150/0x2f8 [ 22.535766] kunit_try_run_case+0x170/0x3f0 [ 22.536040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.536449] kthread+0x328/0x630 [ 22.536829] ret_from_fork+0x10/0x20 [ 22.537038] [ 22.537084] Allocated by task 176: [ 22.537546] kasan_save_stack+0x3c/0x68 [ 22.537788] kasan_save_track+0x20/0x40 [ 22.538032] kasan_save_alloc_info+0x40/0x58 [ 22.538434] __kasan_kmalloc+0xd4/0xd8 [ 22.538528] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.538660] kmalloc_oob_memset_2+0xb0/0x2f8 [ 22.538862] kunit_try_run_case+0x170/0x3f0 [ 22.539208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.539430] kthread+0x328/0x630 [ 22.539516] ret_from_fork+0x10/0x20 [ 22.539646] [ 22.539726] The buggy address belongs to the object at fff00000c76c5000 [ 22.539726] which belongs to the cache kmalloc-128 of size 128 [ 22.540026] The buggy address is located 119 bytes inside of [ 22.540026] allocated 120-byte region [fff00000c76c5000, fff00000c76c5078) [ 22.540251] [ 22.540309] The buggy address belongs to the physical page: [ 22.540393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 22.540547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.540676] page_type: f5(slab) [ 22.540776] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.540904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.541569] page dumped because: kasan: bad access detected [ 22.541739] [ 22.541881] Memory state around the buggy address: [ 22.542011] fff00000c76c4f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.542236] fff00000c76c4f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.542462] >fff00000c76c5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.542826] ^ [ 22.543017] fff00000c76c5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543222] fff00000c76c5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543337] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 22.484396] ================================================================== [ 22.484811] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 22.485394] Write of size 128 at addr fff00000c3ebaf00 by task kunit_try_catch/174 [ 22.485758] [ 22.486010] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.486684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.486823] Hardware name: linux,dummy-virt (DT) [ 22.486896] Call trace: [ 22.486954] show_stack+0x20/0x38 (C) [ 22.488899] dump_stack_lvl+0x8c/0xd0 [ 22.489071] print_report+0x118/0x608 [ 22.489374] kasan_report+0xdc/0x128 [ 22.489588] kasan_check_range+0x100/0x1a8 [ 22.489706] __asan_memset+0x34/0x78 [ 22.489807] kmalloc_oob_in_memset+0x144/0x2d0 [ 22.490237] kunit_try_run_case+0x170/0x3f0 [ 22.490554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.490720] kthread+0x328/0x630 [ 22.490839] ret_from_fork+0x10/0x20 [ 22.490969] [ 22.491017] Allocated by task 174: [ 22.491313] kasan_save_stack+0x3c/0x68 [ 22.491565] kasan_save_track+0x20/0x40 [ 22.491682] kasan_save_alloc_info+0x40/0x58 [ 22.491777] __kasan_kmalloc+0xd4/0xd8 [ 22.491927] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.492245] kmalloc_oob_in_memset+0xb0/0x2d0 [ 22.492522] kunit_try_run_case+0x170/0x3f0 [ 22.492644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.493020] kthread+0x328/0x630 [ 22.493259] ret_from_fork+0x10/0x20 [ 22.493713] [ 22.493904] The buggy address belongs to the object at fff00000c3ebaf00 [ 22.493904] which belongs to the cache kmalloc-128 of size 128 [ 22.494262] The buggy address is located 0 bytes inside of [ 22.494262] allocated 120-byte region [fff00000c3ebaf00, fff00000c3ebaf78) [ 22.494457] [ 22.494519] The buggy address belongs to the physical page: [ 22.494603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 22.494742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.494873] page_type: f5(slab) [ 22.495439] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.495723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.495811] page dumped because: kasan: bad access detected [ 22.495870] [ 22.495905] Memory state around the buggy address: [ 22.495967] fff00000c3ebae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.496311] fff00000c3ebae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.496614] >fff00000c3ebaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.496817] ^ [ 22.497065] fff00000c3ebaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.497181] fff00000c3ebb000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.497288] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 22.451857] ================================================================== [ 22.452046] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 22.452202] Read of size 16 at addr fff00000c5722380 by task kunit_try_catch/172 [ 22.452304] [ 22.452385] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.452597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.452665] Hardware name: linux,dummy-virt (DT) [ 22.452746] Call trace: [ 22.452803] show_stack+0x20/0x38 (C) [ 22.452929] dump_stack_lvl+0x8c/0xd0 [ 22.453048] print_report+0x118/0x608 [ 22.453166] kasan_report+0xdc/0x128 [ 22.453277] __asan_report_load16_noabort+0x20/0x30 [ 22.453425] kmalloc_uaf_16+0x3bc/0x438 [ 22.453531] kunit_try_run_case+0x170/0x3f0 [ 22.453920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.454109] kthread+0x328/0x630 [ 22.454271] ret_from_fork+0x10/0x20 [ 22.454442] [ 22.454487] Allocated by task 172: [ 22.454586] kasan_save_stack+0x3c/0x68 [ 22.454733] kasan_save_track+0x20/0x40 [ 22.454854] kasan_save_alloc_info+0x40/0x58 [ 22.454983] __kasan_kmalloc+0xd4/0xd8 [ 22.455097] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.455201] kmalloc_uaf_16+0x140/0x438 [ 22.455340] kunit_try_run_case+0x170/0x3f0 [ 22.455492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.455939] kthread+0x328/0x630 [ 22.456379] ret_from_fork+0x10/0x20 [ 22.456565] [ 22.456618] Freed by task 172: [ 22.456676] kasan_save_stack+0x3c/0x68 [ 22.456748] kasan_save_track+0x20/0x40 [ 22.456816] kasan_save_free_info+0x4c/0x78 [ 22.456901] __kasan_slab_free+0x6c/0x98 [ 22.457042] kfree+0x214/0x3c8 [ 22.457181] kmalloc_uaf_16+0x190/0x438 [ 22.457275] kunit_try_run_case+0x170/0x3f0 [ 22.457371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.457494] kthread+0x328/0x630 [ 22.457589] ret_from_fork+0x10/0x20 [ 22.457717] [ 22.457788] The buggy address belongs to the object at fff00000c5722380 [ 22.457788] which belongs to the cache kmalloc-16 of size 16 [ 22.457945] The buggy address is located 0 bytes inside of [ 22.457945] freed 16-byte region [fff00000c5722380, fff00000c5722390) [ 22.458114] [ 22.458182] The buggy address belongs to the physical page: [ 22.458264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 22.458442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.458556] page_type: f5(slab) [ 22.458650] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.458783] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.459352] page dumped because: kasan: bad access detected [ 22.459872] [ 22.459943] Memory state around the buggy address: [ 22.460079] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.460350] fff00000c5722300: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 22.460606] >fff00000c5722380: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.460711] ^ [ 22.460945] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.461310] fff00000c5722480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.461794] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 22.427466] ================================================================== [ 22.427588] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 22.427687] Write of size 16 at addr fff00000c5722320 by task kunit_try_catch/170 [ 22.427748] [ 22.427803] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.427905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.427935] Hardware name: linux,dummy-virt (DT) [ 22.427973] Call trace: [ 22.428002] show_stack+0x20/0x38 (C) [ 22.428063] dump_stack_lvl+0x8c/0xd0 [ 22.428120] print_report+0x118/0x608 [ 22.428171] kasan_report+0xdc/0x128 [ 22.428220] __asan_report_store16_noabort+0x20/0x30 [ 22.428278] kmalloc_oob_16+0x3a0/0x3f8 [ 22.428330] kunit_try_run_case+0x170/0x3f0 [ 22.428387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.428650] kthread+0x328/0x630 [ 22.428779] ret_from_fork+0x10/0x20 [ 22.428886] [ 22.428921] Allocated by task 170: [ 22.428978] kasan_save_stack+0x3c/0x68 [ 22.429060] kasan_save_track+0x20/0x40 [ 22.429138] kasan_save_alloc_info+0x40/0x58 [ 22.429206] __kasan_kmalloc+0xd4/0xd8 [ 22.429276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.429371] kmalloc_oob_16+0xb4/0x3f8 [ 22.429470] kunit_try_run_case+0x170/0x3f0 [ 22.429566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.429678] kthread+0x328/0x630 [ 22.429764] ret_from_fork+0x10/0x20 [ 22.429851] [ 22.429901] The buggy address belongs to the object at fff00000c5722320 [ 22.429901] which belongs to the cache kmalloc-16 of size 16 [ 22.430048] The buggy address is located 0 bytes inside of [ 22.430048] allocated 13-byte region [fff00000c5722320, fff00000c572232d) [ 22.431673] [ 22.431762] The buggy address belongs to the physical page: [ 22.431841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 22.431981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.432149] page_type: f5(slab) [ 22.432269] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.432387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.432504] page dumped because: kasan: bad access detected [ 22.433228] [ 22.433464] Memory state around the buggy address: [ 22.433957] fff00000c5722200: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 22.434222] fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.434332] >fff00000c5722300: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 22.434475] ^ [ 22.434558] fff00000c5722380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.434959] fff00000c5722400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.435108] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 22.390177] ================================================================== [ 22.390440] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 22.390585] Read of size 1 at addr fff00000c57b0e00 by task kunit_try_catch/168 [ 22.391002] [ 22.391221] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.391439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.391504] Hardware name: linux,dummy-virt (DT) [ 22.391614] Call trace: [ 22.391698] show_stack+0x20/0x38 (C) [ 22.391864] dump_stack_lvl+0x8c/0xd0 [ 22.392029] print_report+0x118/0x608 [ 22.392153] kasan_report+0xdc/0x128 [ 22.392264] __asan_report_load1_noabort+0x20/0x30 [ 22.392396] krealloc_uaf+0x4c8/0x520 [ 22.392525] kunit_try_run_case+0x170/0x3f0 [ 22.392662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.392854] kthread+0x328/0x630 [ 22.393012] ret_from_fork+0x10/0x20 [ 22.393132] [ 22.393179] Allocated by task 168: [ 22.393251] kasan_save_stack+0x3c/0x68 [ 22.393349] kasan_save_track+0x20/0x40 [ 22.393447] kasan_save_alloc_info+0x40/0x58 [ 22.393535] __kasan_kmalloc+0xd4/0xd8 [ 22.393619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.393759] krealloc_uaf+0xc8/0x520 [ 22.393920] kunit_try_run_case+0x170/0x3f0 [ 22.394462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.394610] kthread+0x328/0x630 [ 22.394753] ret_from_fork+0x10/0x20 [ 22.394947] [ 22.395130] Freed by task 168: [ 22.395224] kasan_save_stack+0x3c/0x68 [ 22.395335] kasan_save_track+0x20/0x40 [ 22.395440] kasan_save_free_info+0x4c/0x78 [ 22.395523] __kasan_slab_free+0x6c/0x98 [ 22.395602] kfree+0x214/0x3c8 [ 22.395831] krealloc_uaf+0x12c/0x520 [ 22.395917] kunit_try_run_case+0x170/0x3f0 [ 22.396032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.396136] kthread+0x328/0x630 [ 22.396246] ret_from_fork+0x10/0x20 [ 22.396345] [ 22.396395] The buggy address belongs to the object at fff00000c57b0e00 [ 22.396395] which belongs to the cache kmalloc-256 of size 256 [ 22.396558] The buggy address is located 0 bytes inside of [ 22.396558] freed 256-byte region [fff00000c57b0e00, fff00000c57b0f00) [ 22.396715] [ 22.396764] The buggy address belongs to the physical page: [ 22.396844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.396984] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.397115] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.397248] page_type: f5(slab) [ 22.397646] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.397839] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.398024] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.398190] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.398322] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.398494] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.398592] page dumped because: kasan: bad access detected [ 22.398672] [ 22.398757] Memory state around the buggy address: [ 22.399066] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.399362] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.399488] >fff00000c57b0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.399580] ^ [ 22.399639] fff00000c57b0e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.399722] fff00000c57b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.399789] ================================================================== [ 22.377093] ================================================================== [ 22.377513] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 22.377736] Read of size 1 at addr fff00000c57b0e00 by task kunit_try_catch/168 [ 22.377860] [ 22.377961] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.378225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.378309] Hardware name: linux,dummy-virt (DT) [ 22.378450] Call trace: [ 22.378514] show_stack+0x20/0x38 (C) [ 22.378623] dump_stack_lvl+0x8c/0xd0 [ 22.378941] print_report+0x118/0x608 [ 22.379133] kasan_report+0xdc/0x128 [ 22.379235] __kasan_check_byte+0x54/0x70 [ 22.379415] krealloc_noprof+0x44/0x360 [ 22.379629] krealloc_uaf+0x180/0x520 [ 22.379830] kunit_try_run_case+0x170/0x3f0 [ 22.380002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.380650] kthread+0x328/0x630 [ 22.380839] ret_from_fork+0x10/0x20 [ 22.381006] [ 22.381073] Allocated by task 168: [ 22.381187] kasan_save_stack+0x3c/0x68 [ 22.381291] kasan_save_track+0x20/0x40 [ 22.381385] kasan_save_alloc_info+0x40/0x58 [ 22.381501] __kasan_kmalloc+0xd4/0xd8 [ 22.381591] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.381697] krealloc_uaf+0xc8/0x520 [ 22.381788] kunit_try_run_case+0x170/0x3f0 [ 22.381890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.382006] kthread+0x328/0x630 [ 22.382094] ret_from_fork+0x10/0x20 [ 22.382183] [ 22.382280] Freed by task 168: [ 22.382444] kasan_save_stack+0x3c/0x68 [ 22.382536] kasan_save_track+0x20/0x40 [ 22.382621] kasan_save_free_info+0x4c/0x78 [ 22.382721] __kasan_slab_free+0x6c/0x98 [ 22.382819] kfree+0x214/0x3c8 [ 22.383113] krealloc_uaf+0x12c/0x520 [ 22.383371] kunit_try_run_case+0x170/0x3f0 [ 22.383797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.383899] kthread+0x328/0x630 [ 22.383967] ret_from_fork+0x10/0x20 [ 22.384066] [ 22.384307] The buggy address belongs to the object at fff00000c57b0e00 [ 22.384307] which belongs to the cache kmalloc-256 of size 256 [ 22.384610] The buggy address is located 0 bytes inside of [ 22.384610] freed 256-byte region [fff00000c57b0e00, fff00000c57b0f00) [ 22.384816] [ 22.384889] The buggy address belongs to the physical page: [ 22.384999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.385172] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.385318] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.385455] page_type: f5(slab) [ 22.385554] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.385920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.386115] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.386246] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.386479] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.386617] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.386709] page dumped because: kasan: bad access detected [ 22.386781] [ 22.386986] Memory state around the buggy address: [ 22.387061] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.387197] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.387323] >fff00000c57b0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.387456] ^ [ 22.387533] fff00000c57b0e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.387642] fff00000c57b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.387736] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 22.215132] ================================================================== [ 22.215260] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 22.215392] Write of size 1 at addr fff00000c57b0ceb by task kunit_try_catch/162 [ 22.215531] [ 22.215624] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.215837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.215906] Hardware name: linux,dummy-virt (DT) [ 22.215995] Call trace: [ 22.216080] show_stack+0x20/0x38 (C) [ 22.216254] dump_stack_lvl+0x8c/0xd0 [ 22.216424] print_report+0x118/0x608 [ 22.216527] kasan_report+0xdc/0x128 [ 22.216633] __asan_report_store1_noabort+0x20/0x30 [ 22.216762] krealloc_less_oob_helper+0xa58/0xc50 [ 22.216888] krealloc_less_oob+0x20/0x38 [ 22.217072] kunit_try_run_case+0x170/0x3f0 [ 22.217215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.217350] kthread+0x328/0x630 [ 22.217472] ret_from_fork+0x10/0x20 [ 22.217593] [ 22.217658] Allocated by task 162: [ 22.217770] kasan_save_stack+0x3c/0x68 [ 22.217868] kasan_save_track+0x20/0x40 [ 22.217964] kasan_save_alloc_info+0x40/0x58 [ 22.218073] __kasan_krealloc+0x118/0x178 [ 22.218200] krealloc_noprof+0x128/0x360 [ 22.218325] krealloc_less_oob_helper+0x168/0xc50 [ 22.218549] krealloc_less_oob+0x20/0x38 [ 22.218677] kunit_try_run_case+0x170/0x3f0 [ 22.218790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.218904] kthread+0x328/0x630 [ 22.218989] ret_from_fork+0x10/0x20 [ 22.219059] [ 22.219096] The buggy address belongs to the object at fff00000c57b0c00 [ 22.219096] which belongs to the cache kmalloc-256 of size 256 [ 22.219227] The buggy address is located 34 bytes to the right of [ 22.219227] allocated 201-byte region [fff00000c57b0c00, fff00000c57b0cc9) [ 22.219908] [ 22.219987] The buggy address belongs to the physical page: [ 22.220209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.220602] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.221291] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.221896] page_type: f5(slab) [ 22.222172] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.222597] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.222711] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.222804] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.222916] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.224420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.225499] page dumped because: kasan: bad access detected [ 22.225946] [ 22.226005] Memory state around the buggy address: [ 22.226298] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.227364] fff00000c57b0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.227493] >fff00000c57b0c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.227648] ^ [ 22.227912] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.228170] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.228281] ================================================================== [ 22.325019] ================================================================== [ 22.325128] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 22.325277] Write of size 1 at addr fff00000c777e0ea by task kunit_try_catch/166 [ 22.325419] [ 22.325501] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.325711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.325779] Hardware name: linux,dummy-virt (DT) [ 22.325857] Call trace: [ 22.325911] show_stack+0x20/0x38 (C) [ 22.326030] dump_stack_lvl+0x8c/0xd0 [ 22.326152] print_report+0x118/0x608 [ 22.326283] kasan_report+0xdc/0x128 [ 22.326410] __asan_report_store1_noabort+0x20/0x30 [ 22.326578] krealloc_less_oob_helper+0xae4/0xc50 [ 22.326706] krealloc_large_less_oob+0x20/0x38 [ 22.326845] kunit_try_run_case+0x170/0x3f0 [ 22.326981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.327127] kthread+0x328/0x630 [ 22.327292] ret_from_fork+0x10/0x20 [ 22.327447] [ 22.327518] The buggy address belongs to the physical page: [ 22.327609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.327818] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.327934] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.328043] page_type: f8(unknown) [ 22.328305] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.328455] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.328587] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.328715] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.328841] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.329822] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.330362] page dumped because: kasan: bad access detected [ 22.330466] [ 22.330699] Memory state around the buggy address: [ 22.330972] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.331092] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.331191] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.331277] ^ [ 22.331545] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.331780] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.331995] ================================================================== [ 22.333792] ================================================================== [ 22.333919] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 22.334057] Write of size 1 at addr fff00000c777e0eb by task kunit_try_catch/166 [ 22.334187] [ 22.334274] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.335269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.335479] Hardware name: linux,dummy-virt (DT) [ 22.335605] Call trace: [ 22.335748] show_stack+0x20/0x38 (C) [ 22.336076] dump_stack_lvl+0x8c/0xd0 [ 22.336320] print_report+0x118/0x608 [ 22.336548] kasan_report+0xdc/0x128 [ 22.336909] __asan_report_store1_noabort+0x20/0x30 [ 22.337431] krealloc_less_oob_helper+0xa58/0xc50 [ 22.337570] krealloc_large_less_oob+0x20/0x38 [ 22.338147] kunit_try_run_case+0x170/0x3f0 [ 22.338318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.338606] kthread+0x328/0x630 [ 22.338841] ret_from_fork+0x10/0x20 [ 22.338952] [ 22.338993] The buggy address belongs to the physical page: [ 22.339071] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.339885] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.340187] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.340964] page_type: f8(unknown) [ 22.341236] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.342156] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.342327] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.342537] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.342666] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.343194] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.343365] page dumped because: kasan: bad access detected [ 22.343441] [ 22.343475] Memory state around the buggy address: [ 22.343573] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.343676] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.343756] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.343821] ^ [ 22.343913] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.344068] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.344176] ================================================================== [ 22.195307] ================================================================== [ 22.195449] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 22.195584] Write of size 1 at addr fff00000c57b0cda by task kunit_try_catch/162 [ 22.195708] [ 22.195795] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.196002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.196069] Hardware name: linux,dummy-virt (DT) [ 22.196148] Call trace: [ 22.196241] show_stack+0x20/0x38 (C) [ 22.196356] dump_stack_lvl+0x8c/0xd0 [ 22.196486] print_report+0x118/0x608 [ 22.196608] kasan_report+0xdc/0x128 [ 22.196718] __asan_report_store1_noabort+0x20/0x30 [ 22.196916] krealloc_less_oob_helper+0xa80/0xc50 [ 22.197114] krealloc_less_oob+0x20/0x38 [ 22.197290] kunit_try_run_case+0x170/0x3f0 [ 22.197482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.197637] kthread+0x328/0x630 [ 22.197798] ret_from_fork+0x10/0x20 [ 22.197966] [ 22.198029] Allocated by task 162: [ 22.198124] kasan_save_stack+0x3c/0x68 [ 22.198257] kasan_save_track+0x20/0x40 [ 22.198423] kasan_save_alloc_info+0x40/0x58 [ 22.198514] __kasan_krealloc+0x118/0x178 [ 22.198602] krealloc_noprof+0x128/0x360 [ 22.198865] krealloc_less_oob_helper+0x168/0xc50 [ 22.199088] krealloc_less_oob+0x20/0x38 [ 22.199416] kunit_try_run_case+0x170/0x3f0 [ 22.199897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.200052] kthread+0x328/0x630 [ 22.200136] ret_from_fork+0x10/0x20 [ 22.200230] [ 22.200279] The buggy address belongs to the object at fff00000c57b0c00 [ 22.200279] which belongs to the cache kmalloc-256 of size 256 [ 22.200430] The buggy address is located 17 bytes to the right of [ 22.200430] allocated 201-byte region [fff00000c57b0c00, fff00000c57b0cc9) [ 22.200545] [ 22.200581] The buggy address belongs to the physical page: [ 22.200650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.200838] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.200960] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.201118] page_type: f5(slab) [ 22.201255] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.201434] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.201593] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.201709] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.202085] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.202793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.202941] page dumped because: kasan: bad access detected [ 22.203009] [ 22.203044] Memory state around the buggy address: [ 22.203141] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.203243] fff00000c57b0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.203372] >fff00000c57b0c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.203474] ^ [ 22.203779] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.203900] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.203989] ================================================================== [ 22.313277] ================================================================== [ 22.313423] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 22.313573] Write of size 1 at addr fff00000c777e0d0 by task kunit_try_catch/166 [ 22.313755] [ 22.313833] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.314037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.314130] Hardware name: linux,dummy-virt (DT) [ 22.314228] Call trace: [ 22.314306] show_stack+0x20/0x38 (C) [ 22.314481] dump_stack_lvl+0x8c/0xd0 [ 22.314718] print_report+0x118/0x608 [ 22.314910] kasan_report+0xdc/0x128 [ 22.315031] __asan_report_store1_noabort+0x20/0x30 [ 22.315160] krealloc_less_oob_helper+0xb9c/0xc50 [ 22.315269] krealloc_large_less_oob+0x20/0x38 [ 22.315597] kunit_try_run_case+0x170/0x3f0 [ 22.315745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.315892] kthread+0x328/0x630 [ 22.316010] ret_from_fork+0x10/0x20 [ 22.316139] [ 22.316194] The buggy address belongs to the physical page: [ 22.316277] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.316444] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.316627] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.316788] page_type: f8(unknown) [ 22.316893] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.317022] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.317150] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.317276] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.317411] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.317524] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.317624] page dumped because: kasan: bad access detected [ 22.317695] [ 22.317740] Memory state around the buggy address: [ 22.317895] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.318013] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.318123] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.318212] ^ [ 22.318355] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.318489] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.318572] ================================================================== [ 22.306748] ================================================================== [ 22.306859] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 22.306960] Write of size 1 at addr fff00000c777e0c9 by task kunit_try_catch/166 [ 22.307020] [ 22.307074] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.307174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.307205] Hardware name: linux,dummy-virt (DT) [ 22.307242] Call trace: [ 22.307271] show_stack+0x20/0x38 (C) [ 22.307331] dump_stack_lvl+0x8c/0xd0 [ 22.307388] print_report+0x118/0x608 [ 22.307541] kasan_report+0xdc/0x128 [ 22.307702] __asan_report_store1_noabort+0x20/0x30 [ 22.307883] krealloc_less_oob_helper+0xa48/0xc50 [ 22.308009] krealloc_large_less_oob+0x20/0x38 [ 22.308107] kunit_try_run_case+0x170/0x3f0 [ 22.308223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.308419] kthread+0x328/0x630 [ 22.308594] ret_from_fork+0x10/0x20 [ 22.308770] [ 22.308843] The buggy address belongs to the physical page: [ 22.308966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.309107] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.309229] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.309371] page_type: f8(unknown) [ 22.309476] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.309683] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.310106] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.310451] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.310632] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.310781] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.310900] page dumped because: kasan: bad access detected [ 22.310978] [ 22.311040] Memory state around the buggy address: [ 22.311158] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.311268] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.311365] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.311452] ^ [ 22.311540] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.311642] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.311752] ================================================================== [ 22.188150] ================================================================== [ 22.188251] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 22.188339] Write of size 1 at addr fff00000c57b0cd0 by task kunit_try_catch/162 [ 22.188398] [ 22.188514] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.188803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.188866] Hardware name: linux,dummy-virt (DT) [ 22.188929] Call trace: [ 22.188976] show_stack+0x20/0x38 (C) [ 22.189084] dump_stack_lvl+0x8c/0xd0 [ 22.189193] print_report+0x118/0x608 [ 22.189296] kasan_report+0xdc/0x128 [ 22.189838] __asan_report_store1_noabort+0x20/0x30 [ 22.190013] krealloc_less_oob_helper+0xb9c/0xc50 [ 22.190162] krealloc_less_oob+0x20/0x38 [ 22.190323] kunit_try_run_case+0x170/0x3f0 [ 22.190501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.190657] kthread+0x328/0x630 [ 22.190757] ret_from_fork+0x10/0x20 [ 22.190860] [ 22.190922] Allocated by task 162: [ 22.190995] kasan_save_stack+0x3c/0x68 [ 22.191097] kasan_save_track+0x20/0x40 [ 22.191151] kasan_save_alloc_info+0x40/0x58 [ 22.191196] __kasan_krealloc+0x118/0x178 [ 22.191238] krealloc_noprof+0x128/0x360 [ 22.191279] krealloc_less_oob_helper+0x168/0xc50 [ 22.191330] krealloc_less_oob+0x20/0x38 [ 22.191373] kunit_try_run_case+0x170/0x3f0 [ 22.191445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.191499] kthread+0x328/0x630 [ 22.191539] ret_from_fork+0x10/0x20 [ 22.191579] [ 22.191604] The buggy address belongs to the object at fff00000c57b0c00 [ 22.191604] which belongs to the cache kmalloc-256 of size 256 [ 22.191671] The buggy address is located 7 bytes to the right of [ 22.191671] allocated 201-byte region [fff00000c57b0c00, fff00000c57b0cc9) [ 22.191741] [ 22.191766] The buggy address belongs to the physical page: [ 22.191803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.191866] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.191920] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.191988] page_type: f5(slab) [ 22.192038] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.192093] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.192148] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.192201] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.192255] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.192307] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.192351] page dumped because: kasan: bad access detected [ 22.192386] [ 22.192416] Memory state around the buggy address: [ 22.192458] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192509] fff00000c57b0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.192556] >fff00000c57b0c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.192597] ^ [ 22.192638] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192685] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192727] ================================================================== [ 22.319632] ================================================================== [ 22.319753] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 22.319883] Write of size 1 at addr fff00000c777e0da by task kunit_try_catch/166 [ 22.320012] [ 22.320100] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.320311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.320378] Hardware name: linux,dummy-virt (DT) [ 22.320464] Call trace: [ 22.320512] show_stack+0x20/0x38 (C) [ 22.320628] dump_stack_lvl+0x8c/0xd0 [ 22.320828] print_report+0x118/0x608 [ 22.320935] kasan_report+0xdc/0x128 [ 22.321051] __asan_report_store1_noabort+0x20/0x30 [ 22.321175] krealloc_less_oob_helper+0xa80/0xc50 [ 22.321352] krealloc_large_less_oob+0x20/0x38 [ 22.321523] kunit_try_run_case+0x170/0x3f0 [ 22.321696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.321831] kthread+0x328/0x630 [ 22.321944] ret_from_fork+0x10/0x20 [ 22.322073] [ 22.322124] The buggy address belongs to the physical page: [ 22.322204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.322352] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.322486] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.322669] page_type: f8(unknown) [ 22.322757] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.322879] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.323050] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.323177] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.323330] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.323487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.323617] page dumped because: kasan: bad access detected [ 22.323722] [ 22.323787] Memory state around the buggy address: [ 22.323937] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.324050] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.324171] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 22.324268] ^ [ 22.324364] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.324467] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.324540] ================================================================== [ 22.178047] ================================================================== [ 22.178232] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 22.178475] Write of size 1 at addr fff00000c57b0cc9 by task kunit_try_catch/162 [ 22.178612] [ 22.178702] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.178929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.179002] Hardware name: linux,dummy-virt (DT) [ 22.179082] Call trace: [ 22.179147] show_stack+0x20/0x38 (C) [ 22.179321] dump_stack_lvl+0x8c/0xd0 [ 22.179438] print_report+0x118/0x608 [ 22.179529] kasan_report+0xdc/0x128 [ 22.179611] __asan_report_store1_noabort+0x20/0x30 [ 22.179749] krealloc_less_oob_helper+0xa48/0xc50 [ 22.179895] krealloc_less_oob+0x20/0x38 [ 22.180004] kunit_try_run_case+0x170/0x3f0 [ 22.180122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.180239] kthread+0x328/0x630 [ 22.180337] ret_from_fork+0x10/0x20 [ 22.180502] [ 22.180560] Allocated by task 162: [ 22.180635] kasan_save_stack+0x3c/0x68 [ 22.180739] kasan_save_track+0x20/0x40 [ 22.180838] kasan_save_alloc_info+0x40/0x58 [ 22.180970] __kasan_krealloc+0x118/0x178 [ 22.181099] krealloc_noprof+0x128/0x360 [ 22.181224] krealloc_less_oob_helper+0x168/0xc50 [ 22.181356] krealloc_less_oob+0x20/0x38 [ 22.181462] kunit_try_run_case+0x170/0x3f0 [ 22.181602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.181758] kthread+0x328/0x630 [ 22.181878] ret_from_fork+0x10/0x20 [ 22.182003] [ 22.182068] The buggy address belongs to the object at fff00000c57b0c00 [ 22.182068] which belongs to the cache kmalloc-256 of size 256 [ 22.182273] The buggy address is located 0 bytes to the right of [ 22.182273] allocated 201-byte region [fff00000c57b0c00, fff00000c57b0cc9) [ 22.182503] [ 22.182553] The buggy address belongs to the physical page: [ 22.182630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.182782] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.182898] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.183032] page_type: f5(slab) [ 22.183143] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.183267] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.183412] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.183590] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.183725] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.184201] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.184291] page dumped because: kasan: bad access detected [ 22.184388] [ 22.184445] Memory state around the buggy address: [ 22.184521] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.184619] fff00000c57b0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.184800] >fff00000c57b0c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.184897] ^ [ 22.184991] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.185099] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.185231] ================================================================== [ 22.205540] ================================================================== [ 22.205667] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 22.205795] Write of size 1 at addr fff00000c57b0cea by task kunit_try_catch/162 [ 22.205918] [ 22.206003] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.206207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.206274] Hardware name: linux,dummy-virt (DT) [ 22.206365] Call trace: [ 22.206476] show_stack+0x20/0x38 (C) [ 22.206591] dump_stack_lvl+0x8c/0xd0 [ 22.206752] print_report+0x118/0x608 [ 22.207048] kasan_report+0xdc/0x128 [ 22.207282] __asan_report_store1_noabort+0x20/0x30 [ 22.207613] krealloc_less_oob_helper+0xae4/0xc50 [ 22.207732] krealloc_less_oob+0x20/0x38 [ 22.207835] kunit_try_run_case+0x170/0x3f0 [ 22.207972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.208108] kthread+0x328/0x630 [ 22.208218] ret_from_fork+0x10/0x20 [ 22.208374] [ 22.208459] Allocated by task 162: [ 22.208538] kasan_save_stack+0x3c/0x68 [ 22.208664] kasan_save_track+0x20/0x40 [ 22.208756] kasan_save_alloc_info+0x40/0x58 [ 22.208871] __kasan_krealloc+0x118/0x178 [ 22.209004] krealloc_noprof+0x128/0x360 [ 22.209119] krealloc_less_oob_helper+0x168/0xc50 [ 22.209247] krealloc_less_oob+0x20/0x38 [ 22.209386] kunit_try_run_case+0x170/0x3f0 [ 22.209498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.209611] kthread+0x328/0x630 [ 22.209702] ret_from_fork+0x10/0x20 [ 22.209796] [ 22.209855] The buggy address belongs to the object at fff00000c57b0c00 [ 22.209855] which belongs to the cache kmalloc-256 of size 256 [ 22.210023] The buggy address is located 33 bytes to the right of [ 22.210023] allocated 201-byte region [fff00000c57b0c00, fff00000c57b0cc9) [ 22.210177] [ 22.210230] The buggy address belongs to the physical page: [ 22.210327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.210585] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.211190] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.211429] page_type: f5(slab) [ 22.211607] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.211850] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.211981] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.212131] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.212253] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.212368] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.212500] page dumped because: kasan: bad access detected [ 22.212580] [ 22.212624] Memory state around the buggy address: [ 22.212708] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.212854] fff00000c57b0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.212985] >fff00000c57b0c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.213090] ^ [ 22.213195] fff00000c57b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.213306] fff00000c57b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.213414] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 22.282979] ================================================================== [ 22.283097] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 22.283217] Write of size 1 at addr fff00000c777e0f0 by task kunit_try_catch/164 [ 22.283650] [ 22.283743] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.283950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.284011] Hardware name: linux,dummy-virt (DT) [ 22.284084] Call trace: [ 22.284139] show_stack+0x20/0x38 (C) [ 22.284505] dump_stack_lvl+0x8c/0xd0 [ 22.284634] print_report+0x118/0x608 [ 22.284773] kasan_report+0xdc/0x128 [ 22.284890] __asan_report_store1_noabort+0x20/0x30 [ 22.285015] krealloc_more_oob_helper+0x5c0/0x678 [ 22.285360] krealloc_large_more_oob+0x20/0x38 [ 22.285540] kunit_try_run_case+0x170/0x3f0 [ 22.285679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.285814] kthread+0x328/0x630 [ 22.286214] ret_from_fork+0x10/0x20 [ 22.286382] [ 22.286493] The buggy address belongs to the physical page: [ 22.286587] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.286728] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.286841] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.286971] page_type: f8(unknown) [ 22.287107] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.287461] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.287649] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.287787] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.287916] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.288044] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.288190] page dumped because: kasan: bad access detected [ 22.288280] [ 22.288345] Memory state around the buggy address: [ 22.288829] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.288951] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.289064] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.289523] ^ [ 22.289717] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.289833] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.289926] ================================================================== [ 22.138325] ================================================================== [ 22.138573] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 22.139072] Write of size 1 at addr fff00000c57b0aeb by task kunit_try_catch/160 [ 22.139241] [ 22.139361] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.139598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.139663] Hardware name: linux,dummy-virt (DT) [ 22.139971] Call trace: [ 22.140033] show_stack+0x20/0x38 (C) [ 22.140180] dump_stack_lvl+0x8c/0xd0 [ 22.140270] print_report+0x118/0x608 [ 22.140363] kasan_report+0xdc/0x128 [ 22.140482] __asan_report_store1_noabort+0x20/0x30 [ 22.140677] krealloc_more_oob_helper+0x60c/0x678 [ 22.140867] krealloc_more_oob+0x20/0x38 [ 22.141026] kunit_try_run_case+0x170/0x3f0 [ 22.141172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.141373] kthread+0x328/0x630 [ 22.141528] ret_from_fork+0x10/0x20 [ 22.141685] [ 22.141733] Allocated by task 160: [ 22.141838] kasan_save_stack+0x3c/0x68 [ 22.141947] kasan_save_track+0x20/0x40 [ 22.142042] kasan_save_alloc_info+0x40/0x58 [ 22.142176] __kasan_krealloc+0x118/0x178 [ 22.142286] krealloc_noprof+0x128/0x360 [ 22.142458] krealloc_more_oob_helper+0x168/0x678 [ 22.142559] krealloc_more_oob+0x20/0x38 [ 22.142652] kunit_try_run_case+0x170/0x3f0 [ 22.142756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.143124] kthread+0x328/0x630 [ 22.143457] ret_from_fork+0x10/0x20 [ 22.143706] [ 22.144082] The buggy address belongs to the object at fff00000c57b0a00 [ 22.144082] which belongs to the cache kmalloc-256 of size 256 [ 22.144433] The buggy address is located 0 bytes to the right of [ 22.144433] allocated 235-byte region [fff00000c57b0a00, fff00000c57b0aeb) [ 22.144614] [ 22.144669] The buggy address belongs to the physical page: [ 22.144774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.144892] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.145004] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.145127] page_type: f5(slab) [ 22.145206] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.145309] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.145780] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.145943] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.146072] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.146203] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.146331] page dumped because: kasan: bad access detected [ 22.146493] [ 22.146549] Memory state around the buggy address: [ 22.146680] fff00000c57b0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.146787] fff00000c57b0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.147123] >fff00000c57b0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.147335] ^ [ 22.147479] fff00000c57b0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.147595] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.147694] ================================================================== [ 22.273078] ================================================================== [ 22.273796] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 22.274348] Write of size 1 at addr fff00000c777e0eb by task kunit_try_catch/164 [ 22.274535] [ 22.274628] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.274805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.275072] Hardware name: linux,dummy-virt (DT) [ 22.275368] Call trace: [ 22.275452] show_stack+0x20/0x38 (C) [ 22.275616] dump_stack_lvl+0x8c/0xd0 [ 22.275800] print_report+0x118/0x608 [ 22.275921] kasan_report+0xdc/0x128 [ 22.276036] __asan_report_store1_noabort+0x20/0x30 [ 22.276156] krealloc_more_oob_helper+0x60c/0x678 [ 22.276290] krealloc_large_more_oob+0x20/0x38 [ 22.276421] kunit_try_run_case+0x170/0x3f0 [ 22.276874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.277025] kthread+0x328/0x630 [ 22.277499] ret_from_fork+0x10/0x20 [ 22.277675] [ 22.277727] The buggy address belongs to the physical page: [ 22.277804] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10777c [ 22.277936] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.278436] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.278657] page_type: f8(unknown) [ 22.278813] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.278960] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.279116] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.279290] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.279430] head: 0bfffe0000000002 ffffc1ffc31ddf01 00000000ffffffff 00000000ffffffff [ 22.279550] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.280051] page dumped because: kasan: bad access detected [ 22.280279] [ 22.280350] Memory state around the buggy address: [ 22.280479] fff00000c777df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.280628] fff00000c777e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.280819] >fff00000c777e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 22.280947] ^ [ 22.281139] fff00000c777e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.281253] fff00000c777e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.281377] ================================================================== [ 22.150219] ================================================================== [ 22.150374] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 22.150602] Write of size 1 at addr fff00000c57b0af0 by task kunit_try_catch/160 [ 22.150732] [ 22.151165] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.151534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.151596] Hardware name: linux,dummy-virt (DT) [ 22.151660] Call trace: [ 22.151705] show_stack+0x20/0x38 (C) [ 22.151854] dump_stack_lvl+0x8c/0xd0 [ 22.151964] print_report+0x118/0x608 [ 22.152114] kasan_report+0xdc/0x128 [ 22.152411] __asan_report_store1_noabort+0x20/0x30 [ 22.152531] krealloc_more_oob_helper+0x5c0/0x678 [ 22.152643] krealloc_more_oob+0x20/0x38 [ 22.152752] kunit_try_run_case+0x170/0x3f0 [ 22.152910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.153060] kthread+0x328/0x630 [ 22.153223] ret_from_fork+0x10/0x20 [ 22.153416] [ 22.153490] Allocated by task 160: [ 22.153605] kasan_save_stack+0x3c/0x68 [ 22.153718] kasan_save_track+0x20/0x40 [ 22.153833] kasan_save_alloc_info+0x40/0x58 [ 22.153939] __kasan_krealloc+0x118/0x178 [ 22.154077] krealloc_noprof+0x128/0x360 [ 22.154208] krealloc_more_oob_helper+0x168/0x678 [ 22.154331] krealloc_more_oob+0x20/0x38 [ 22.154450] kunit_try_run_case+0x170/0x3f0 [ 22.154535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.154642] kthread+0x328/0x630 [ 22.154733] ret_from_fork+0x10/0x20 [ 22.154824] [ 22.154873] The buggy address belongs to the object at fff00000c57b0a00 [ 22.154873] which belongs to the cache kmalloc-256 of size 256 [ 22.155022] The buggy address is located 5 bytes to the right of [ 22.155022] allocated 235-byte region [fff00000c57b0a00, fff00000c57b0aeb) [ 22.155195] [ 22.155247] The buggy address belongs to the physical page: [ 22.155328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b0 [ 22.155478] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.155605] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.155749] page_type: f5(slab) [ 22.155849] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.156043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.156187] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 22.156762] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.156903] head: 0bfffe0000000001 ffffc1ffc315ec01 00000000ffffffff 00000000ffffffff [ 22.157028] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 22.157121] page dumped because: kasan: bad access detected [ 22.157199] [ 22.157284] Memory state around the buggy address: [ 22.157370] fff00000c57b0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.157480] fff00000c57b0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.157564] >fff00000c57b0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.157829] ^ [ 22.157916] fff00000c57b0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.158006] fff00000c57b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.158094] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 22.097536] ================================================================== [ 22.097737] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 22.097900] Read of size 1 at addr fff00000c77b0000 by task kunit_try_catch/158 [ 22.098033] [ 22.098127] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.098338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.098422] Hardware name: linux,dummy-virt (DT) [ 22.098508] Call trace: [ 22.098567] show_stack+0x20/0x38 (C) [ 22.098696] dump_stack_lvl+0x8c/0xd0 [ 22.098819] print_report+0x118/0x608 [ 22.098932] kasan_report+0xdc/0x128 [ 22.099043] __asan_report_load1_noabort+0x20/0x30 [ 22.099177] page_alloc_uaf+0x328/0x350 [ 22.099299] kunit_try_run_case+0x170/0x3f0 [ 22.099433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.099553] kthread+0x328/0x630 [ 22.099657] ret_from_fork+0x10/0x20 [ 22.099801] [ 22.100389] The buggy address belongs to the physical page: [ 22.100489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 22.100617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.100721] page_type: f0(buddy) [ 22.100803] raw: 0bfffe0000000000 fff00000ff616020 fff00000ff616020 0000000000000000 [ 22.100913] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 22.101101] page dumped because: kasan: bad access detected [ 22.101237] [ 22.101455] Memory state around the buggy address: [ 22.101571] fff00000c77aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.101760] fff00000c77aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.101898] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.102079] ^ [ 22.102499] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.102772] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.103006] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 22.041764] ================================================================== [ 22.042008] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 22.042197] Free of addr fff00000c642c001 by task kunit_try_catch/154 [ 22.042321] [ 22.044504] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.045149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.045252] Hardware name: linux,dummy-virt (DT) [ 22.045481] Call trace: [ 22.046100] show_stack+0x20/0x38 (C) [ 22.046440] dump_stack_lvl+0x8c/0xd0 [ 22.046618] print_report+0x118/0x608 [ 22.046789] kasan_report_invalid_free+0xc0/0xe8 [ 22.046966] __kasan_kfree_large+0x5c/0xa8 [ 22.047129] free_large_kmalloc+0x64/0x190 [ 22.047238] kfree+0x270/0x3c8 [ 22.047327] kmalloc_large_invalid_free+0x108/0x270 [ 22.047458] kunit_try_run_case+0x170/0x3f0 [ 22.047592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.047732] kthread+0x328/0x630 [ 22.047874] ret_from_fork+0x10/0x20 [ 22.047988] [ 22.048043] The buggy address belongs to the physical page: [ 22.048304] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10642c [ 22.048456] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.048605] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 22.048781] page_type: f8(unknown) [ 22.048919] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.049064] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.049178] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.049295] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.049465] head: 0bfffe0000000002 ffffc1ffc3190b01 00000000ffffffff 00000000ffffffff [ 22.049579] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.049674] page dumped because: kasan: bad access detected [ 22.049764] [ 22.049829] Memory state around the buggy address: [ 22.049937] fff00000c642bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.050070] fff00000c642bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.050190] >fff00000c642c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.050288] ^ [ 22.050429] fff00000c642c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.050496] fff00000c642c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.050602] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 22.014968] ================================================================== [ 22.015162] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 22.015335] Read of size 1 at addr fff00000c642c000 by task kunit_try_catch/152 [ 22.015470] [ 22.015562] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 22.015771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.015866] Hardware name: linux,dummy-virt (DT) [ 22.016178] Call trace: [ 22.016306] show_stack+0x20/0x38 (C) [ 22.016457] dump_stack_lvl+0x8c/0xd0 [ 22.016927] print_report+0x118/0x608 [ 22.017103] kasan_report+0xdc/0x128 [ 22.017267] __asan_report_load1_noabort+0x20/0x30 [ 22.017417] kmalloc_large_uaf+0x2cc/0x2f8 [ 22.017535] kunit_try_run_case+0x170/0x3f0 [ 22.017754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.017916] kthread+0x328/0x630 [ 22.018212] ret_from_fork+0x10/0x20 [ 22.018359] [ 22.018469] The buggy address belongs to the physical page: [ 22.018524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10642c [ 22.018611] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.018831] raw: 0bfffe0000000000 fff00000da4a4d80 fff00000da4a4d80 0000000000000000 [ 22.018969] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.019046] page dumped because: kasan: bad access detected [ 22.019104] [ 22.019135] Memory state around the buggy address: [ 22.019200] fff00000c642bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.019288] fff00000c642bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.019381] >fff00000c642c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.019466] ^ [ 22.019522] fff00000c642c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.019602] fff00000c642c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.019689] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 21.973530] ================================================================== [ 21.973735] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 21.973897] Write of size 1 at addr fff00000c642e00a by task kunit_try_catch/150 [ 21.974026] [ 21.974118] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.974344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.974427] Hardware name: linux,dummy-virt (DT) [ 21.974498] Call trace: [ 21.974556] show_stack+0x20/0x38 (C) [ 21.974816] dump_stack_lvl+0x8c/0xd0 [ 21.975239] print_report+0x118/0x608 [ 21.975524] kasan_report+0xdc/0x128 [ 21.975749] __asan_report_store1_noabort+0x20/0x30 [ 21.975853] kmalloc_large_oob_right+0x278/0x2b8 [ 21.975963] kunit_try_run_case+0x170/0x3f0 [ 21.976313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.976478] kthread+0x328/0x630 [ 21.976594] ret_from_fork+0x10/0x20 [ 21.976716] [ 21.976809] The buggy address belongs to the physical page: [ 21.976917] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10642c [ 21.977113] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.977242] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.977420] page_type: f8(unknown) [ 21.977514] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.977662] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.978213] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.978386] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.978515] head: 0bfffe0000000002 ffffc1ffc3190b01 00000000ffffffff 00000000ffffffff [ 21.978745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.978829] page dumped because: kasan: bad access detected [ 21.979008] [ 21.979084] Memory state around the buggy address: [ 21.979199] fff00000c642df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.979323] fff00000c642df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.979476] >fff00000c642e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.979633] ^ [ 21.979736] fff00000c642e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.979867] fff00000c642e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.980015] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 21.946065] ================================================================== [ 21.946429] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.946635] Write of size 1 at addr fff00000c6435f00 by task kunit_try_catch/148 [ 21.946859] [ 21.946946] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.947578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.947695] Hardware name: linux,dummy-virt (DT) [ 21.947856] Call trace: [ 21.947957] show_stack+0x20/0x38 (C) [ 21.948100] dump_stack_lvl+0x8c/0xd0 [ 21.948218] print_report+0x118/0x608 [ 21.948330] kasan_report+0xdc/0x128 [ 21.948461] __asan_report_store1_noabort+0x20/0x30 [ 21.948601] kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.948753] kunit_try_run_case+0x170/0x3f0 [ 21.948927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.949114] kthread+0x328/0x630 [ 21.949277] ret_from_fork+0x10/0x20 [ 21.949416] [ 21.949460] Allocated by task 148: [ 21.949525] kasan_save_stack+0x3c/0x68 [ 21.949626] kasan_save_track+0x20/0x40 [ 21.949721] kasan_save_alloc_info+0x40/0x58 [ 21.949816] __kasan_kmalloc+0xd4/0xd8 [ 21.949905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.950014] kmalloc_big_oob_right+0xb8/0x2f0 [ 21.950115] kunit_try_run_case+0x170/0x3f0 [ 21.950212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.950338] kthread+0x328/0x630 [ 21.951180] ret_from_fork+0x10/0x20 [ 21.951340] [ 21.951430] The buggy address belongs to the object at fff00000c6434000 [ 21.951430] which belongs to the cache kmalloc-8k of size 8192 [ 21.951588] The buggy address is located 0 bytes to the right of [ 21.951588] allocated 7936-byte region [fff00000c6434000, fff00000c6435f00) [ 21.951859] [ 21.951940] The buggy address belongs to the physical page: [ 21.952141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106430 [ 21.952731] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.952856] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.953060] page_type: f5(slab) [ 21.953251] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.953448] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.953669] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.953809] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.953977] head: 0bfffe0000000003 ffffc1ffc3190c01 00000000ffffffff 00000000ffffffff [ 21.954122] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 21.954224] page dumped because: kasan: bad access detected [ 21.954314] [ 21.954362] Memory state around the buggy address: [ 21.954457] fff00000c6435e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.954571] fff00000c6435e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.954680] >fff00000c6435f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.954774] ^ [ 21.954847] fff00000c6435f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.954951] fff00000c6436000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.955049] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 21.909144] ================================================================== [ 21.909608] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 21.909938] Write of size 1 at addr fff00000c3ebae78 by task kunit_try_catch/146 [ 21.910283] [ 21.910391] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.911104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.911176] Hardware name: linux,dummy-virt (DT) [ 21.911255] Call trace: [ 21.911316] show_stack+0x20/0x38 (C) [ 21.911836] dump_stack_lvl+0x8c/0xd0 [ 21.912750] print_report+0x118/0x608 [ 21.912953] kasan_report+0xdc/0x128 [ 21.913090] __asan_report_store1_noabort+0x20/0x30 [ 21.913747] kmalloc_track_caller_oob_right+0x418/0x488 [ 21.913913] kunit_try_run_case+0x170/0x3f0 [ 21.914046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.914490] kthread+0x328/0x630 [ 21.914981] ret_from_fork+0x10/0x20 [ 21.915127] [ 21.915163] Allocated by task 146: [ 21.915447] kasan_save_stack+0x3c/0x68 [ 21.915941] kasan_save_track+0x20/0x40 [ 21.916069] kasan_save_alloc_info+0x40/0x58 [ 21.916219] __kasan_kmalloc+0xd4/0xd8 [ 21.916385] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.916569] kmalloc_track_caller_oob_right+0x184/0x488 [ 21.916690] kunit_try_run_case+0x170/0x3f0 [ 21.916849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.917002] kthread+0x328/0x630 [ 21.917311] ret_from_fork+0x10/0x20 [ 21.917432] [ 21.917482] The buggy address belongs to the object at fff00000c3ebae00 [ 21.917482] which belongs to the cache kmalloc-128 of size 128 [ 21.917884] The buggy address is located 0 bytes to the right of [ 21.917884] allocated 120-byte region [fff00000c3ebae00, fff00000c3ebae78) [ 21.918257] [ 21.918420] The buggy address belongs to the physical page: [ 21.918554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 21.918709] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.918890] page_type: f5(slab) [ 21.919055] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.919430] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.919548] page dumped because: kasan: bad access detected [ 21.919621] [ 21.919663] Memory state around the buggy address: [ 21.919925] fff00000c3ebad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.920045] fff00000c3ebad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.920226] >fff00000c3ebae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.920426] ^ [ 21.920779] fff00000c3ebae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.921049] fff00000c3ebaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.921205] ================================================================== [ 21.889112] ================================================================== [ 21.889228] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 21.889335] Write of size 1 at addr fff00000c3ebad78 by task kunit_try_catch/146 [ 21.889395] [ 21.889499] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.889682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.889740] Hardware name: linux,dummy-virt (DT) [ 21.889813] Call trace: [ 21.889864] show_stack+0x20/0x38 (C) [ 21.889993] dump_stack_lvl+0x8c/0xd0 [ 21.890112] print_report+0x118/0x608 [ 21.890229] kasan_report+0xdc/0x128 [ 21.890352] __asan_report_store1_noabort+0x20/0x30 [ 21.890833] kmalloc_track_caller_oob_right+0x40c/0x488 [ 21.890996] kunit_try_run_case+0x170/0x3f0 [ 21.891988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.892202] kthread+0x328/0x630 [ 21.892463] ret_from_fork+0x10/0x20 [ 21.892767] [ 21.892895] Allocated by task 146: [ 21.893057] kasan_save_stack+0x3c/0x68 [ 21.893182] kasan_save_track+0x20/0x40 [ 21.893803] kasan_save_alloc_info+0x40/0x58 [ 21.894626] __kasan_kmalloc+0xd4/0xd8 [ 21.894723] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.895321] kmalloc_track_caller_oob_right+0xa8/0x488 [ 21.895438] kunit_try_run_case+0x170/0x3f0 [ 21.895516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.895611] kthread+0x328/0x630 [ 21.895696] ret_from_fork+0x10/0x20 [ 21.896667] [ 21.896850] The buggy address belongs to the object at fff00000c3ebad00 [ 21.896850] which belongs to the cache kmalloc-128 of size 128 [ 21.897284] The buggy address is located 0 bytes to the right of [ 21.897284] allocated 120-byte region [fff00000c3ebad00, fff00000c3ebad78) [ 21.897671] [ 21.897805] The buggy address belongs to the physical page: [ 21.897895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eba [ 21.898093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.898254] page_type: f5(slab) [ 21.898372] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.899179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.899311] page dumped because: kasan: bad access detected [ 21.899394] [ 21.899452] Memory state around the buggy address: [ 21.899848] fff00000c3ebac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.900151] fff00000c3ebac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.900252] >fff00000c3ebad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.900338] ^ [ 21.900501] fff00000c3ebad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.900721] fff00000c3ebae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.900841] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 21.793318] ================================================================== [ 21.793520] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 21.793678] Read of size 1 at addr fff00000c57222ff by task kunit_try_catch/142 [ 21.793802] [ 21.793932] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT [ 21.794176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.794255] Hardware name: linux,dummy-virt (DT) [ 21.794415] Call trace: [ 21.794487] show_stack+0x20/0x38 (C) [ 21.794586] dump_stack_lvl+0x8c/0xd0 [ 21.794669] print_report+0x118/0x608 [ 21.794722] kasan_report+0xdc/0x128 [ 21.794783] __asan_report_load1_noabort+0x20/0x30 [ 21.794927] kmalloc_oob_left+0x2ec/0x320 [ 21.795154] kunit_try_run_case+0x170/0x3f0 [ 21.795653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.795789] kthread+0x328/0x630 [ 21.796026] ret_from_fork+0x10/0x20 [ 21.796317] [ 21.796369] Allocated by task 24: [ 21.796448] kasan_save_stack+0x3c/0x68 [ 21.796530] kasan_save_track+0x20/0x40 [ 21.796604] kasan_save_alloc_info+0x40/0x58 [ 21.796689] __kasan_kmalloc+0xd4/0xd8 [ 21.796768] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.796873] kvasprintf+0xe0/0x180 [ 21.796952] __kthread_create_on_node+0x16c/0x350 [ 21.797045] kthread_create_on_node+0xe4/0x130 [ 21.797643] create_worker+0x380/0x6b8 [ 21.797843] worker_thread+0x808/0xf38 [ 21.798017] kthread+0x328/0x630 [ 21.798155] ret_from_fork+0x10/0x20 [ 21.798300] [ 21.798472] The buggy address belongs to the object at fff00000c57222e0 [ 21.798472] which belongs to the cache kmalloc-16 of size 16 [ 21.799071] The buggy address is located 19 bytes to the right of [ 21.799071] allocated 12-byte region [fff00000c57222e0, fff00000c57222ec) [ 21.799314] [ 21.799411] The buggy address belongs to the physical page: [ 21.799533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105722 [ 21.799716] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.799824] page_type: f5(slab) [ 21.800134] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.800252] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.800340] page dumped because: kasan: bad access detected [ 21.800446] [ 21.800503] Memory state around the buggy address: [ 21.800584] fff00000c5722180: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 21.800701] fff00000c5722200: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 21.800846] >fff00000c5722280: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 21.800959] ^ [ 21.801161] fff00000c5722300: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.801361] fff00000c5722380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.801511] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 106.868597] WARNING: CPU: 1 PID: 660 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 106.869711] Modules linked in: [ 106.870219] CPU: 1 UID: 0 PID: 660 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT [ 106.871498] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 106.872187] Hardware name: linux,dummy-virt (DT) [ 106.872594] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 106.873308] pc : intlog10+0x38/0x48 [ 106.873840] lr : intlog10_test+0xe4/0x200 [ 106.874341] sp : ffff8000822f7c10 [ 106.874827] x29: ffff8000822f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 106.875365] x26: 1ffe000018f0a8a1 x25: 0000000000000000 x24: ffff8000822f7ce0 [ 106.876612] x23: ffff8000822f7d00 x22: 0000000000000000 x21: 1ffff0001045ef82 [ 106.877336] x20: ffffa69f4d824e80 x19: ffff800080087990 x18: 00000000b4e8b41c [ 106.878072] x17: 00000000b31da731 x16: 000000003b37fc49 x15: 0000000086fe618d [ 106.878952] x14: 0000000095f11c95 x13: 1ffe00001b4941d0 x12: ffff74d3ea2b7769 [ 106.879838] x11: 1ffff4d3ea2b7768 x10: ffff74d3ea2b7768 x9 : ffffa69f4ae1011c [ 106.880324] x8 : ffffa69f515bbb43 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 106.881211] x5 : ffff70001045ef82 x4 : 1ffff00010010f3a x3 : 1ffff4d3e9b049d0 [ 106.881954] x2 : 1ffff4d3e9b049d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 106.882744] Call trace: [ 106.882981] intlog10+0x38/0x48 (P) [ 106.883286] kunit_try_run_case+0x170/0x3f0 [ 106.883601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 106.883979] kthread+0x328/0x630 [ 106.884213] ret_from_fork+0x10/0x20 [ 106.884754] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 106.780769] WARNING: CPU: 1 PID: 642 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 106.785550] Modules linked in: [ 106.786489] CPU: 1 UID: 0 PID: 642 Comm: kunit_try_catch Tainted: G B D N 6.15.2-rc1 #1 PREEMPT [ 106.787369] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 106.787680] Hardware name: linux,dummy-virt (DT) [ 106.787973] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 106.788373] pc : intlog2+0xd8/0xf8 [ 106.789295] lr : intlog2_test+0xe4/0x200 [ 106.789836] sp : ffff800082247c10 [ 106.790191] x29: ffff800082247c90 x28: 0000000000000000 x27: 0000000000000000 [ 106.791161] x26: 1ffe000018c98581 x25: 0000000000000000 x24: ffff800082247ce0 [ 106.791965] x23: ffff800082247d00 x22: 0000000000000000 x21: 1ffff00010448f82 [ 106.792750] x20: ffffa69f4d824d80 x19: ffff800080087990 x18: 000000005c51f755 [ 106.793494] x17: 1ffe0000181300c2 x16: fff00000c096e03c x15: 0000000000000000 [ 106.794268] x14: 00000000f1f1f1f1 x13: 1ffe00001b48fe0d x12: ffff74d3ea2b7769 [ 106.795064] x11: 1ffff4d3ea2b7768 x10: ffff74d3ea2b7768 x9 : ffffa69f4ae1031c [ 106.796754] x8 : ffffa69f515bbb43 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 106.797464] x5 : ffff700010448f82 x4 : 1ffff00010010f3a x3 : 1ffff4d3e9b049b0 [ 106.798188] x2 : 1ffff4d3e9b049b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 106.798992] Call trace: [ 106.799293] intlog2+0xd8/0xf8 (P) [ 106.799674] kunit_try_run_case+0x170/0x3f0 [ 106.800146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 106.801252] kthread+0x328/0x630 [ 106.801678] ret_from_fork+0x10/0x20 [ 106.802116] ---[ end trace 0000000000000000 ]---