Date
June 17, 2025, 3:40 p.m.
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 28.974010] ================================================================== [ 28.974594] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 28.974594] [ 28.975373] Corrupted memory at 0x000000008f30e00a [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 28.977848] test_corruption+0x120/0x378 [ 28.977975] kunit_try_run_case+0x170/0x3f0 [ 28.978396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.979229] kthread+0x328/0x630 [ 28.979420] ret_from_fork+0x10/0x20 [ 28.979517] [ 28.980113] kfence-#139: 0x00000000a35c5cdd-0x000000000f1c2ca8, size=32, cache=test [ 28.980113] [ 28.980725] allocated by task 315 on cpu 0 at 28.971215s (0.009475s ago): [ 28.981264] test_alloc+0x230/0x628 [ 28.981696] test_corruption+0xdc/0x378 [ 28.982158] kunit_try_run_case+0x170/0x3f0 [ 28.982513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.982911] kthread+0x328/0x630 [ 28.983299] ret_from_fork+0x10/0x20 [ 28.983690] [ 28.983763] freed by task 315 on cpu 0 at 28.973164s (0.010589s ago): [ 28.983930] test_corruption+0x120/0x378 [ 28.984023] kunit_try_run_case+0x170/0x3f0 [ 28.984124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.984239] kthread+0x328/0x630 [ 28.984335] ret_from_fork+0x10/0x20 [ 28.984432] [ 28.984539] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.985916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.986285] Hardware name: linux,dummy-virt (DT) [ 28.986803] ================================================================== [ 28.868551] ================================================================== [ 28.869116] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 28.869116] [ 28.869307] Corrupted memory at 0x00000000983d17a8 [ ! ] (in kfence-#138): [ 28.870505] test_corruption+0x284/0x378 [ 28.870670] kunit_try_run_case+0x170/0x3f0 [ 28.870869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.871068] kthread+0x328/0x630 [ 28.871165] ret_from_fork+0x10/0x20 [ 28.871609] [ 28.872026] kfence-#138: 0x00000000ce57f6a6-0x00000000619f8880, size=32, cache=kmalloc-32 [ 28.872026] [ 28.872313] allocated by task 313 on cpu 0 at 28.866936s (0.005368s ago): [ 28.872895] test_alloc+0x29c/0x628 [ 28.873019] test_corruption+0x198/0x378 [ 28.873246] kunit_try_run_case+0x170/0x3f0 [ 28.873458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.873581] kthread+0x328/0x630 [ 28.873665] ret_from_fork+0x10/0x20 [ 28.873747] [ 28.873792] freed by task 313 on cpu 0 at 28.868018s (0.005767s ago): [ 28.873928] test_corruption+0x284/0x378 [ 28.874572] kunit_try_run_case+0x170/0x3f0 [ 28.874799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.875145] kthread+0x328/0x630 [ 28.875440] ret_from_fork+0x10/0x20 [ 28.875625] [ 28.875751] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.876025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.876430] Hardware name: linux,dummy-virt (DT) [ 28.876700] ================================================================== [ 29.188992] ================================================================== [ 29.189300] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 29.189300] [ 29.189440] Corrupted memory at 0x000000002cba1ec5 [ ! ] (in kfence-#141): [ 29.190041] test_corruption+0x1d8/0x378 [ 29.190221] kunit_try_run_case+0x170/0x3f0 [ 29.190344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.190437] kthread+0x328/0x630 [ 29.190510] ret_from_fork+0x10/0x20 [ 29.190619] [ 29.190677] kfence-#141: 0x000000008cacf00a-0x000000006a25f1d7, size=32, cache=test [ 29.190677] [ 29.190845] allocated by task 315 on cpu 0 at 29.188490s (0.002318s ago): [ 29.190994] test_alloc+0x230/0x628 [ 29.191091] test_corruption+0x198/0x378 [ 29.191197] kunit_try_run_case+0x170/0x3f0 [ 29.191290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.191446] kthread+0x328/0x630 [ 29.191556] ret_from_fork+0x10/0x20 [ 29.191688] [ 29.191757] freed by task 315 on cpu 0 at 29.188621s (0.003126s ago): [ 29.191904] test_corruption+0x1d8/0x378 [ 29.192013] kunit_try_run_case+0x170/0x3f0 [ 29.192131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.192229] kthread+0x328/0x630 [ 29.192316] ret_from_fork+0x10/0x20 [ 29.192444] [ 29.192572] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 29.192807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.192914] Hardware name: linux,dummy-virt (DT) [ 29.193039] ================================================================== [ 28.443515] ================================================================== [ 28.444157] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 28.444157] [ 28.444331] Corrupted memory at 0x000000000ccbc7dc [ ! . . . . . . . . . . . . . . . ] (in kfence-#134): [ 28.445468] test_corruption+0x278/0x378 [ 28.445593] kunit_try_run_case+0x170/0x3f0 [ 28.445703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.445836] kthread+0x328/0x630 [ 28.445936] ret_from_fork+0x10/0x20 [ 28.446250] [ 28.446318] kfence-#134: 0x00000000f8bcf4d0-0x00000000827f1e1a, size=32, cache=kmalloc-32 [ 28.446318] [ 28.446480] allocated by task 313 on cpu 0 at 28.443098s (0.003374s ago): [ 28.446618] test_alloc+0x29c/0x628 [ 28.446886] test_corruption+0xdc/0x378 [ 28.447036] kunit_try_run_case+0x170/0x3f0 [ 28.447176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.447311] kthread+0x328/0x630 [ 28.447568] ret_from_fork+0x10/0x20 [ 28.447663] [ 28.447724] freed by task 313 on cpu 0 at 28.443317s (0.004399s ago): [ 28.447909] test_corruption+0x278/0x378 [ 28.448255] kunit_try_run_case+0x170/0x3f0 [ 28.448369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.448615] kthread+0x328/0x630 [ 28.448908] ret_from_fork+0x10/0x20 [ 28.449099] [ 28.449247] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.449424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.449485] Hardware name: linux,dummy-virt (DT) [ 28.449710] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 25.151608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 25.043330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 25.175981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 24.731355] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 34.286560] ================================================================== [ 34.286687] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 34.286687] [ 34.286837] Out-of-bounds read at 0x00000000b7b04b45 (105B right of kfence-#190): [ 34.286912] test_kmalloc_aligned_oob_read+0x238/0x468 [ 34.286972] kunit_try_run_case+0x170/0x3f0 [ 34.287026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.287079] kthread+0x328/0x630 [ 34.287126] ret_from_fork+0x10/0x20 [ 34.287171] [ 34.287203] kfence-#190: 0x0000000042e8a69a-0x0000000054205025, size=73, cache=kmalloc-96 [ 34.287203] [ 34.287264] allocated by task 325 on cpu 0 at 34.286132s (0.001127s ago): [ 34.287347] test_alloc+0x29c/0x628 [ 34.287393] test_kmalloc_aligned_oob_read+0x100/0x468 [ 34.287441] kunit_try_run_case+0x170/0x3f0 [ 34.287487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.287536] kthread+0x328/0x630 [ 34.287580] ret_from_fork+0x10/0x20 [ 34.287625] [ 34.287687] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 34.287798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.287835] Hardware name: linux,dummy-virt (DT) [ 34.287877] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 55.511005] ================================================================== [ 55.511130] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 55.511130] [ 55.511245] Use-after-free read at 0x000000009f91b9fb (in kfence-#197): [ 55.511313] test_krealloc+0x51c/0x830 [ 55.511368] kunit_try_run_case+0x170/0x3f0 [ 55.511422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.511473] kthread+0x328/0x630 [ 55.511523] ret_from_fork+0x10/0x20 [ 55.511569] [ 55.511598] kfence-#197: 0x000000009f91b9fb-0x0000000015e61ba0, size=32, cache=kmalloc-32 [ 55.511598] [ 55.511662] allocated by task 339 on cpu 0 at 55.510062s (0.001595s ago): [ 55.511757] test_alloc+0x29c/0x628 [ 55.511808] test_krealloc+0xc0/0x830 [ 55.511852] kunit_try_run_case+0x170/0x3f0 [ 55.511897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.511946] kthread+0x328/0x630 [ 55.511989] ret_from_fork+0x10/0x20 [ 55.512031] [ 55.512057] freed by task 339 on cpu 0 at 55.510411s (0.001642s ago): [ 55.512142] krealloc_noprof+0x148/0x360 [ 55.512188] test_krealloc+0x1dc/0x830 [ 55.512232] kunit_try_run_case+0x170/0x3f0 [ 55.512275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.512324] kthread+0x328/0x630 [ 55.512368] ret_from_fork+0x10/0x20 [ 55.512412] [ 55.512469] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 55.512563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.512598] Hardware name: linux,dummy-virt (DT) [ 55.512639] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 55.418059] ================================================================== [ 55.418197] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 55.418197] [ 55.418320] Use-after-free read at 0x00000000cb4e8a56 (in kfence-#196): [ 55.418388] test_memcache_typesafe_by_rcu+0x280/0x560 [ 55.418447] kunit_try_run_case+0x170/0x3f0 [ 55.418501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.418553] kthread+0x328/0x630 [ 55.418601] ret_from_fork+0x10/0x20 [ 55.418647] [ 55.418677] kfence-#196: 0x00000000cb4e8a56-0x0000000029351205, size=32, cache=test [ 55.418677] [ 55.418751] allocated by task 337 on cpu 0 at 55.406467s (0.012278s ago): [ 55.418839] test_alloc+0x230/0x628 [ 55.418886] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 55.418931] kunit_try_run_case+0x170/0x3f0 [ 55.418978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.419028] kthread+0x328/0x630 [ 55.419070] ret_from_fork+0x10/0x20 [ 55.419112] [ 55.419141] freed by task 337 on cpu 0 at 55.406665s (0.012471s ago): [ 55.419203] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 55.419249] kunit_try_run_case+0x170/0x3f0 [ 55.419296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 55.419343] kthread+0x328/0x630 [ 55.419385] ret_from_fork+0x10/0x20 [ 55.419430] [ 55.419490] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 55.419585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.419623] Hardware name: linux,dummy-virt (DT) [ 55.419665] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 34.629161] ================================================================== [ 34.629693] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 34.629693] [ 34.629937] Invalid read at 0x00000000af3c8eb0: [ 34.630096] test_invalid_access+0xdc/0x1f0 [ 34.630331] kunit_try_run_case+0x170/0x3f0 [ 34.630547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.630684] kthread+0x328/0x630 [ 34.630830] ret_from_fork+0x10/0x20 [ 34.630965] [ 34.631540] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 34.631940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.632189] Hardware name: linux,dummy-virt (DT) [ 34.632836] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 34.390636] ================================================================== [ 34.390812] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.390812] [ 34.390894] Corrupted memory at 0x0000000051e7d182 [ ! . . . . . . . . . . . . . . . ] (in kfence-#191): [ 34.391244] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.391305] kunit_try_run_case+0x170/0x3f0 [ 34.391359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.391411] kthread+0x328/0x630 [ 34.391458] ret_from_fork+0x10/0x20 [ 34.391504] [ 34.391533] kfence-#191: 0x00000000d281e4f3-0x00000000f2c87577, size=73, cache=kmalloc-96 [ 34.391533] [ 34.391598] allocated by task 327 on cpu 1 at 34.390185s (0.001408s ago): [ 34.391673] test_alloc+0x29c/0x628 [ 34.391720] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 34.391782] kunit_try_run_case+0x170/0x3f0 [ 34.391830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.391880] kthread+0x328/0x630 [ 34.391922] ret_from_fork+0x10/0x20 [ 34.391965] [ 34.391992] freed by task 327 on cpu 1 at 34.390457s (0.001531s ago): [ 34.392060] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 34.392121] kunit_try_run_case+0x170/0x3f0 [ 34.392172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.392222] kthread+0x328/0x630 [ 34.392265] ret_from_fork+0x10/0x20 [ 34.392310] [ 34.392369] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 34.392466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.392501] Hardware name: linux,dummy-virt (DT) [ 34.392539] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 28.127928] ================================================================== [ 28.128098] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 28.128098] [ 28.128233] Invalid free of 0x00000000c398715c (in kfence-#131): [ 28.128847] test_invalid_addr_free+0x1ac/0x238 [ 28.129382] kunit_try_run_case+0x170/0x3f0 [ 28.129595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.129762] kthread+0x328/0x630 [ 28.129913] ret_from_fork+0x10/0x20 [ 28.130017] [ 28.130117] kfence-#131: 0x00000000fd021af8-0x000000009a410a8f, size=32, cache=kmalloc-32 [ 28.130117] [ 28.130274] allocated by task 309 on cpu 0 at 28.127629s (0.002636s ago): [ 28.130437] test_alloc+0x29c/0x628 [ 28.130523] test_invalid_addr_free+0xd4/0x238 [ 28.130599] kunit_try_run_case+0x170/0x3f0 [ 28.130675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.130785] kthread+0x328/0x630 [ 28.130884] ret_from_fork+0x10/0x20 [ 28.131038] [ 28.131206] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.131439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.131544] Hardware name: linux,dummy-virt (DT) [ 28.131677] ================================================================== [ 28.232900] ================================================================== [ 28.233385] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 28.233385] [ 28.233572] Invalid free of 0x0000000098118a45 (in kfence-#132): [ 28.233833] test_invalid_addr_free+0xec/0x238 [ 28.234052] kunit_try_run_case+0x170/0x3f0 [ 28.234166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.234297] kthread+0x328/0x630 [ 28.234449] ret_from_fork+0x10/0x20 [ 28.234552] [ 28.234616] kfence-#132: 0x000000001040e374-0x000000004358c0b4, size=32, cache=test [ 28.234616] [ 28.234815] allocated by task 311 on cpu 0 at 28.232638s (0.002163s ago): [ 28.235037] test_alloc+0x230/0x628 [ 28.235167] test_invalid_addr_free+0xd4/0x238 [ 28.235320] kunit_try_run_case+0x170/0x3f0 [ 28.235420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.235508] kthread+0x328/0x630 [ 28.235574] ret_from_fork+0x10/0x20 [ 28.235647] [ 28.236556] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.236952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.237043] Hardware name: linux,dummy-virt (DT) [ 28.237133] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 28.025156] ================================================================== [ 28.026320] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 28.026320] [ 28.026588] Invalid free of 0x000000004bf93b36 (in kfence-#130): [ 28.026760] test_double_free+0x100/0x238 [ 28.027327] kunit_try_run_case+0x170/0x3f0 [ 28.027500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.028025] kthread+0x328/0x630 [ 28.028251] ret_from_fork+0x10/0x20 [ 28.028362] [ 28.028428] kfence-#130: 0x000000004bf93b36-0x0000000086949a7f, size=32, cache=test [ 28.028428] [ 28.028965] allocated by task 307 on cpu 0 at 28.024548s (0.004407s ago): [ 28.029424] test_alloc+0x230/0x628 [ 28.029529] test_double_free+0xd4/0x238 [ 28.030030] kunit_try_run_case+0x170/0x3f0 [ 28.030451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.030799] kthread+0x328/0x630 [ 28.030903] ret_from_fork+0x10/0x20 [ 28.031058] [ 28.031121] freed by task 307 on cpu 0 at 28.024707s (0.006406s ago): [ 28.031332] test_double_free+0xf0/0x238 [ 28.031431] kunit_try_run_case+0x170/0x3f0 [ 28.031541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.033410] kthread+0x328/0x630 [ 28.033555] ret_from_fork+0x10/0x20 [ 28.033647] [ 28.033759] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 28.033934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.033995] Hardware name: linux,dummy-virt (DT) [ 28.034066] ================================================================== [ 27.917388] ================================================================== [ 27.917847] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 27.917847] [ 27.917990] Invalid free of 0x00000000e3c6d5dd (in kfence-#129): [ 27.918556] test_double_free+0x1bc/0x238 [ 27.918724] kunit_try_run_case+0x170/0x3f0 [ 27.918928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.919272] kthread+0x328/0x630 [ 27.919607] ret_from_fork+0x10/0x20 [ 27.919778] [ 27.919985] kfence-#129: 0x00000000e3c6d5dd-0x00000000652e3052, size=32, cache=kmalloc-32 [ 27.919985] [ 27.920374] allocated by task 305 on cpu 0 at 27.915315s (0.005048s ago): [ 27.920757] test_alloc+0x29c/0x628 [ 27.921115] test_double_free+0xd4/0x238 [ 27.921432] kunit_try_run_case+0x170/0x3f0 [ 27.921528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.921609] kthread+0x328/0x630 [ 27.922184] ret_from_fork+0x10/0x20 [ 27.922597] [ 27.922845] freed by task 305 on cpu 0 at 27.916317s (0.006517s ago): [ 27.923104] test_double_free+0x1ac/0x238 [ 27.923418] kunit_try_run_case+0x170/0x3f0 [ 27.923577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.923927] kthread+0x328/0x630 [ 27.924031] ret_from_fork+0x10/0x20 [ 27.924404] [ 27.924709] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.925074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.925439] Hardware name: linux,dummy-virt (DT) [ 27.925746] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.593367] ================================================================== [ 27.593535] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 27.593535] [ 27.594024] Use-after-free read at 0x000000004551e860 (in kfence-#126): [ 27.594388] test_use_after_free_read+0x114/0x248 [ 27.595003] kunit_try_run_case+0x170/0x3f0 [ 27.595509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.595678] kthread+0x328/0x630 [ 27.595870] ret_from_fork+0x10/0x20 [ 27.595974] [ 27.596500] kfence-#126: 0x000000004551e860-0x00000000abd9f729, size=32, cache=test [ 27.596500] [ 27.596894] allocated by task 299 on cpu 0 at 27.592398s (0.004485s ago): [ 27.597365] test_alloc+0x230/0x628 [ 27.597468] test_use_after_free_read+0xd0/0x248 [ 27.597564] kunit_try_run_case+0x170/0x3f0 [ 27.597660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.598045] kthread+0x328/0x630 [ 27.598266] ret_from_fork+0x10/0x20 [ 27.598371] [ 27.598841] freed by task 299 on cpu 0 at 27.592553s (0.006277s ago): [ 27.599616] test_use_after_free_read+0xf0/0x248 [ 27.600021] kunit_try_run_case+0x170/0x3f0 [ 27.600407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.600546] kthread+0x328/0x630 [ 27.601204] ret_from_fork+0x10/0x20 [ 27.601850] [ 27.602216] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.602534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.602713] Hardware name: linux,dummy-virt (DT) [ 27.603147] ================================================================== [ 27.486840] ================================================================== [ 27.487334] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 27.487334] [ 27.487868] Use-after-free read at 0x0000000064b1224c (in kfence-#125): [ 27.488460] test_use_after_free_read+0x114/0x248 [ 27.488616] kunit_try_run_case+0x170/0x3f0 [ 27.488742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.489322] kthread+0x328/0x630 [ 27.489886] ret_from_fork+0x10/0x20 [ 27.490045] [ 27.490108] kfence-#125: 0x0000000064b1224c-0x0000000099a3d578, size=32, cache=kmalloc-32 [ 27.490108] [ 27.490490] allocated by task 297 on cpu 0 at 27.485246s (0.005233s ago): [ 27.490949] test_alloc+0x29c/0x628 [ 27.491057] test_use_after_free_read+0xd0/0x248 [ 27.491161] kunit_try_run_case+0x170/0x3f0 [ 27.491267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.491852] kthread+0x328/0x630 [ 27.492071] ret_from_fork+0x10/0x20 [ 27.492191] [ 27.492678] freed by task 297 on cpu 0 at 27.486302s (0.006365s ago): [ 27.493108] test_use_after_free_read+0x1c0/0x248 [ 27.493222] kunit_try_run_case+0x170/0x3f0 [ 27.493327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.493849] kthread+0x328/0x630 [ 27.493951] ret_from_fork+0x10/0x20 [ 27.494027] [ 27.494400] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.494876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.495069] Hardware name: linux,dummy-virt (DT) [ 27.495424] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 27.375717] ================================================================== [ 27.375888] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 27.375888] [ 27.376062] Out-of-bounds write at 0x000000000d1e6d29 (1B left of kfence-#124): [ 27.376211] test_out_of_bounds_write+0x100/0x240 [ 27.376322] kunit_try_run_case+0x170/0x3f0 [ 27.376430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.376541] kthread+0x328/0x630 [ 27.376641] ret_from_fork+0x10/0x20 [ 27.377393] [ 27.377543] kfence-#124: 0x00000000bee10821-0x00000000b9521a59, size=32, cache=test [ 27.377543] [ 27.377770] allocated by task 295 on cpu 0 at 27.375527s (0.002234s ago): [ 27.378056] test_alloc+0x230/0x628 [ 27.378164] test_out_of_bounds_write+0xc8/0x240 [ 27.378588] kunit_try_run_case+0x170/0x3f0 [ 27.378686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.378787] kthread+0x328/0x630 [ 27.378876] ret_from_fork+0x10/0x20 [ 27.379000] [ 27.379198] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.379467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.379967] Hardware name: linux,dummy-virt (DT) [ 27.380290] ================================================================== [ 27.268279] ================================================================== [ 27.268434] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 27.268434] [ 27.269110] Out-of-bounds write at 0x000000009540b144 (1B left of kfence-#123): [ 27.269365] test_out_of_bounds_write+0x100/0x240 [ 27.269530] kunit_try_run_case+0x170/0x3f0 [ 27.270068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.270214] kthread+0x328/0x630 [ 27.270341] ret_from_fork+0x10/0x20 [ 27.270453] [ 27.270538] kfence-#123: 0x00000000badac655-0x00000000465b7c49, size=32, cache=kmalloc-32 [ 27.270538] [ 27.270720] allocated by task 293 on cpu 0 at 27.267854s (0.002856s ago): [ 27.270903] test_alloc+0x29c/0x628 [ 27.270996] test_out_of_bounds_write+0xc8/0x240 [ 27.271104] kunit_try_run_case+0x170/0x3f0 [ 27.271213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.271329] kthread+0x328/0x630 [ 27.271432] ret_from_fork+0x10/0x20 [ 27.271571] [ 27.271741] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.271926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.272003] Hardware name: linux,dummy-virt (DT) [ 27.272480] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 27.159517] ================================================================== [ 27.160045] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 27.160045] [ 27.160306] Out-of-bounds read at 0x000000004148bc67 (32B right of kfence-#122): [ 27.160471] test_out_of_bounds_read+0x1c8/0x3e0 [ 27.160575] kunit_try_run_case+0x170/0x3f0 [ 27.160670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.160788] kthread+0x328/0x630 [ 27.161098] ret_from_fork+0x10/0x20 [ 27.161222] [ 27.161399] kfence-#122: 0x0000000005562bf9-0x00000000c00f524a, size=32, cache=test [ 27.161399] [ 27.161554] allocated by task 291 on cpu 0 at 27.159319s (0.002226s ago): [ 27.161720] test_alloc+0x230/0x628 [ 27.161870] test_out_of_bounds_read+0x198/0x3e0 [ 27.161974] kunit_try_run_case+0x170/0x3f0 [ 27.162110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.162242] kthread+0x328/0x630 [ 27.162377] ret_from_fork+0x10/0x20 [ 27.162470] [ 27.162564] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 27.162960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.163005] Hardware name: linux,dummy-virt (DT) [ 27.163060] ================================================================== [ 26.731835] ================================================================== [ 26.732003] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 26.732003] [ 26.732219] Out-of-bounds read at 0x0000000021a92285 (32B right of kfence-#118): [ 26.732361] test_out_of_bounds_read+0x1c8/0x3e0 [ 26.732471] kunit_try_run_case+0x170/0x3f0 [ 26.732577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.732687] kthread+0x328/0x630 [ 26.732801] ret_from_fork+0x10/0x20 [ 26.732893] [ 26.732954] kfence-#118: 0x00000000d8c7a2a0-0x0000000053d1f23e, size=32, cache=kmalloc-32 [ 26.732954] [ 26.733081] allocated by task 289 on cpu 0 at 26.731458s (0.001615s ago): [ 26.733630] test_alloc+0x29c/0x628 [ 26.734189] test_out_of_bounds_read+0x198/0x3e0 [ 26.734432] kunit_try_run_case+0x170/0x3f0 [ 26.734536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.734679] kthread+0x328/0x630 [ 26.734869] ret_from_fork+0x10/0x20 [ 26.735005] [ 26.735564] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.735865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.736045] Hardware name: linux,dummy-virt (DT) [ 26.736160] ================================================================== [ 26.519367] ================================================================== [ 26.520023] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 26.520023] [ 26.520815] Out-of-bounds read at 0x00000000a65aa3b6 (1B left of kfence-#116): [ 26.521108] test_out_of_bounds_read+0x114/0x3e0 [ 26.521315] kunit_try_run_case+0x170/0x3f0 [ 26.521795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.522009] kthread+0x328/0x630 [ 26.522359] ret_from_fork+0x10/0x20 [ 26.522489] [ 26.522663] kfence-#116: 0x000000007a8c0138-0x00000000d10ecaa8, size=32, cache=kmalloc-32 [ 26.522663] [ 26.523226] allocated by task 289 on cpu 0 at 26.515600s (0.007478s ago): [ 26.523496] test_alloc+0x29c/0x628 [ 26.523899] test_out_of_bounds_read+0xdc/0x3e0 [ 26.524121] kunit_try_run_case+0x170/0x3f0 [ 26.524428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.524650] kthread+0x328/0x630 [ 26.524834] ret_from_fork+0x10/0x20 [ 26.525101] [ 26.525230] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.525971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.526070] Hardware name: linux,dummy-virt (DT) [ 26.526148] ================================================================== [ 26.948287] ================================================================== [ 26.948457] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 26.948457] [ 26.948633] Out-of-bounds read at 0x00000000561d4271 (1B left of kfence-#120): [ 26.948787] test_out_of_bounds_read+0x114/0x3e0 [ 26.948899] kunit_try_run_case+0x170/0x3f0 [ 26.949012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.949120] kthread+0x328/0x630 [ 26.949228] ret_from_fork+0x10/0x20 [ 26.949322] [ 26.949383] kfence-#120: 0x00000000b0aeba17-0x00000000bf4e8ba0, size=32, cache=test [ 26.949383] [ 26.949570] allocated by task 291 on cpu 0 at 26.947921s (0.001634s ago): [ 26.950153] test_alloc+0x230/0x628 [ 26.950558] test_out_of_bounds_read+0xdc/0x3e0 [ 26.950837] kunit_try_run_case+0x170/0x3f0 [ 26.951327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.951448] kthread+0x328/0x630 [ 26.951557] ret_from_fork+0x10/0x20 [ 26.951658] [ 26.951845] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.952061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.952140] Hardware name: linux,dummy-virt (DT) [ 26.952255] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_8
[ 21.809650] ================================================================== [ 21.810236] BUG: KFENCE: memory corruption in kmalloc_oob_memset_8+0x170/0x2f8 [ 21.810236] [ 21.811113] Corrupted memory at 0x000000008b8a4938 [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 21.813617] kmalloc_oob_memset_8+0x170/0x2f8 [ 21.813765] kunit_try_run_case+0x170/0x3f0 [ 21.813866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.814221] kthread+0x328/0x630 [ 21.814779] ret_from_fork+0x10/0x20 [ 21.815013] [ 21.815097] kfence-#84: 0x000000003ba2e116-0x000000004861314d, size=120, cache=kmalloc-128 [ 21.815097] [ 21.815285] allocated by task 178 on cpu 0 at 21.802848s (0.012429s ago): [ 21.815709] kmalloc_oob_memset_8+0xb0/0x2f8 [ 21.816352] kunit_try_run_case+0x170/0x3f0 [ 21.816847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.817157] kthread+0x328/0x630 [ 21.817572] ret_from_fork+0x10/0x20 [ 21.817674] [ 21.817714] freed by task 178 on cpu 0 at 21.808907s (0.008800s ago): [ 21.818162] kmalloc_oob_memset_8+0x170/0x2f8 [ 21.818441] kunit_try_run_case+0x170/0x3f0 [ 21.818890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.819031] kthread+0x328/0x630 [ 21.819208] ret_from_fork+0x10/0x20 [ 21.819373] [ 21.819685] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.820044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.820117] Hardware name: linux,dummy-virt (DT) [ 21.820192] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-krealloc_less_oob_helper
[ 21.399719] ================================================================== [ 21.400774] BUG: KFENCE: memory corruption in krealloc_less_oob_helper+0x4d0/0xc50 [ 21.400774] [ 21.401131] Corrupted memory at 0x0000000086bf710b [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 21.407724] krealloc_less_oob_helper+0x4d0/0xc50 [ 21.408137] krealloc_less_oob+0x20/0x38 [ 21.408580] kunit_try_run_case+0x170/0x3f0 [ 21.408716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.408832] kthread+0x328/0x630 [ 21.408926] ret_from_fork+0x10/0x20 [ 21.409039] [ 21.409402] kfence-#80: 0x00000000d4b349e7-0x0000000099c4d645, size=235, cache=kmalloc-256 [ 21.409402] [ 21.411143] allocated by task 160 on cpu 0 at 21.383363s (0.027315s ago): [ 21.411458] krealloc_less_oob_helper+0x108/0xc50 [ 21.411625] krealloc_less_oob+0x20/0x38 [ 21.411714] kunit_try_run_case+0x170/0x3f0 [ 21.412130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.412249] kthread+0x328/0x630 [ 21.412336] ret_from_fork+0x10/0x20 [ 21.412583] [ 21.413674] freed by task 160 on cpu 0 at 21.397081s (0.015639s ago): [ 21.413927] krealloc_less_oob_helper+0x4d0/0xc50 [ 21.414034] krealloc_less_oob+0x20/0x38 [ 21.414114] kunit_try_run_case+0x170/0x3f0 [ 21.414188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.414877] kthread+0x328/0x630 [ 21.415121] ret_from_fork+0x10/0x20 [ 21.416112] [ 21.416465] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.416944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.417233] Hardware name: linux,dummy-virt (DT) [ 21.417430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 26.276567] ================================================================== [ 26.276707] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 26.276841] Write of size 1 at addr fff00000c73ad978 by task kunit_try_catch/287 [ 26.276961] [ 26.277057] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.277266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.277380] Hardware name: linux,dummy-virt (DT) [ 26.277459] Call trace: [ 26.277517] show_stack+0x20/0x38 (C) [ 26.278135] dump_stack_lvl+0x8c/0xd0 [ 26.278454] print_report+0x118/0x608 [ 26.278613] kasan_report+0xdc/0x128 [ 26.278759] __asan_report_store1_noabort+0x20/0x30 [ 26.278940] strncpy_from_user+0x270/0x2a0 [ 26.279064] copy_user_test_oob+0x5c0/0xec8 [ 26.279169] kunit_try_run_case+0x170/0x3f0 [ 26.279597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.279831] kthread+0x328/0x630 [ 26.279999] ret_from_fork+0x10/0x20 [ 26.280186] [ 26.280233] Allocated by task 287: [ 26.280297] kasan_save_stack+0x3c/0x68 [ 26.280399] kasan_save_track+0x20/0x40 [ 26.280509] kasan_save_alloc_info+0x40/0x58 [ 26.280596] __kasan_kmalloc+0xd4/0xd8 [ 26.280913] __kmalloc_noprof+0x198/0x4c8 [ 26.281012] kunit_kmalloc_array+0x34/0x88 [ 26.281173] copy_user_test_oob+0xac/0xec8 [ 26.281303] kunit_try_run_case+0x170/0x3f0 [ 26.281434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.281567] kthread+0x328/0x630 [ 26.281664] ret_from_fork+0x10/0x20 [ 26.281829] [ 26.282140] The buggy address belongs to the object at fff00000c73ad900 [ 26.282140] which belongs to the cache kmalloc-128 of size 128 [ 26.282478] The buggy address is located 0 bytes to the right of [ 26.282478] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.282716] [ 26.282811] The buggy address belongs to the physical page: [ 26.282922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.283127] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.283278] page_type: f5(slab) [ 26.283368] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.283471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.283591] page dumped because: kasan: bad access detected [ 26.283672] [ 26.283718] Memory state around the buggy address: [ 26.283812] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.283924] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.284011] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.284122] ^ [ 26.284557] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.284697] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.284870] ================================================================== [ 26.266196] ================================================================== [ 26.266601] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 26.266748] Write of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.266857] [ 26.266938] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.267135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.267209] Hardware name: linux,dummy-virt (DT) [ 26.267293] Call trace: [ 26.267356] show_stack+0x20/0x38 (C) [ 26.267482] dump_stack_lvl+0x8c/0xd0 [ 26.267603] print_report+0x118/0x608 [ 26.267720] kasan_report+0xdc/0x128 [ 26.267854] kasan_check_range+0x100/0x1a8 [ 26.268716] __kasan_check_write+0x20/0x30 [ 26.268966] strncpy_from_user+0x3c/0x2a0 [ 26.269099] copy_user_test_oob+0x5c0/0xec8 [ 26.269221] kunit_try_run_case+0x170/0x3f0 [ 26.269872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.270034] kthread+0x328/0x630 [ 26.270149] ret_from_fork+0x10/0x20 [ 26.270327] [ 26.270383] Allocated by task 287: [ 26.270508] kasan_save_stack+0x3c/0x68 [ 26.270615] kasan_save_track+0x20/0x40 [ 26.270711] kasan_save_alloc_info+0x40/0x58 [ 26.270818] __kasan_kmalloc+0xd4/0xd8 [ 26.270913] __kmalloc_noprof+0x198/0x4c8 [ 26.271007] kunit_kmalloc_array+0x34/0x88 [ 26.271109] copy_user_test_oob+0xac/0xec8 [ 26.271204] kunit_try_run_case+0x170/0x3f0 [ 26.271300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.271413] kthread+0x328/0x630 [ 26.271513] ret_from_fork+0x10/0x20 [ 26.271646] [ 26.271722] The buggy address belongs to the object at fff00000c73ad900 [ 26.271722] which belongs to the cache kmalloc-128 of size 128 [ 26.271947] The buggy address is located 0 bytes inside of [ 26.271947] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.272151] [ 26.272206] The buggy address belongs to the physical page: [ 26.272311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.272515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.272650] page_type: f5(slab) [ 26.272764] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.272880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.272986] page dumped because: kasan: bad access detected [ 26.273074] [ 26.273127] Memory state around the buggy address: [ 26.273218] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.273934] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.274086] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.274212] ^ [ 26.274884] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.275105] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.275223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 26.200097] ================================================================== [ 26.200343] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 26.200693] Read of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.200862] [ 26.201060] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.201396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.201490] Hardware name: linux,dummy-virt (DT) [ 26.201570] Call trace: [ 26.201629] show_stack+0x20/0x38 (C) [ 26.201740] dump_stack_lvl+0x8c/0xd0 [ 26.201852] print_report+0x118/0x608 [ 26.201944] kasan_report+0xdc/0x128 [ 26.202044] kasan_check_range+0x100/0x1a8 [ 26.202166] __kasan_check_read+0x20/0x30 [ 26.202285] copy_user_test_oob+0x728/0xec8 [ 26.202404] kunit_try_run_case+0x170/0x3f0 [ 26.202553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.202671] kthread+0x328/0x630 [ 26.202793] ret_from_fork+0x10/0x20 [ 26.202970] [ 26.203021] Allocated by task 287: [ 26.203134] kasan_save_stack+0x3c/0x68 [ 26.203237] kasan_save_track+0x20/0x40 [ 26.203331] kasan_save_alloc_info+0x40/0x58 [ 26.203439] __kasan_kmalloc+0xd4/0xd8 [ 26.203567] __kmalloc_noprof+0x198/0x4c8 [ 26.203697] kunit_kmalloc_array+0x34/0x88 [ 26.203802] copy_user_test_oob+0xac/0xec8 [ 26.203911] kunit_try_run_case+0x170/0x3f0 [ 26.204054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.204225] kthread+0x328/0x630 [ 26.204318] ret_from_fork+0x10/0x20 [ 26.204408] [ 26.204464] The buggy address belongs to the object at fff00000c73ad900 [ 26.204464] which belongs to the cache kmalloc-128 of size 128 [ 26.204616] The buggy address is located 0 bytes inside of [ 26.204616] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.204788] [ 26.204839] The buggy address belongs to the physical page: [ 26.204921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.205110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.205229] page_type: f5(slab) [ 26.205403] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.205546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.205808] page dumped because: kasan: bad access detected [ 26.205905] [ 26.205958] Memory state around the buggy address: [ 26.206054] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.206228] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.206366] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.206448] ^ [ 26.206527] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.206607] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.206718] ================================================================== [ 26.229668] ================================================================== [ 26.229903] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 26.230037] Read of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.232205] [ 26.235002] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.235302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.235373] Hardware name: linux,dummy-virt (DT) [ 26.235457] Call trace: [ 26.235517] show_stack+0x20/0x38 (C) [ 26.235658] dump_stack_lvl+0x8c/0xd0 [ 26.235805] print_report+0x118/0x608 [ 26.235908] kasan_report+0xdc/0x128 [ 26.236009] kasan_check_range+0x100/0x1a8 [ 26.236121] __kasan_check_read+0x20/0x30 [ 26.236231] copy_user_test_oob+0x3c8/0xec8 [ 26.236342] kunit_try_run_case+0x170/0x3f0 [ 26.236451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.236578] kthread+0x328/0x630 [ 26.236695] ret_from_fork+0x10/0x20 [ 26.237449] [ 26.237507] Allocated by task 287: [ 26.237581] kasan_save_stack+0x3c/0x68 [ 26.237690] kasan_save_track+0x20/0x40 [ 26.237864] kasan_save_alloc_info+0x40/0x58 [ 26.237951] __kasan_kmalloc+0xd4/0xd8 [ 26.238025] __kmalloc_noprof+0x198/0x4c8 [ 26.238104] kunit_kmalloc_array+0x34/0x88 [ 26.238195] copy_user_test_oob+0xac/0xec8 [ 26.238276] kunit_try_run_case+0x170/0x3f0 [ 26.239949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.240127] kthread+0x328/0x630 [ 26.240228] ret_from_fork+0x10/0x20 [ 26.240337] [ 26.240394] The buggy address belongs to the object at fff00000c73ad900 [ 26.240394] which belongs to the cache kmalloc-128 of size 128 [ 26.240554] The buggy address is located 0 bytes inside of [ 26.240554] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.240718] [ 26.240784] The buggy address belongs to the physical page: [ 26.240854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.240961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.241083] page_type: f5(slab) [ 26.241178] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.241301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.241393] page dumped because: kasan: bad access detected [ 26.241461] [ 26.241502] Memory state around the buggy address: [ 26.241584] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.241697] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.241843] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.241944] ^ [ 26.242034] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.243289] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.243464] ================================================================== [ 26.256905] ================================================================== [ 26.257270] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 26.257515] Read of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.257586] [ 26.257640] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.257765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.257872] Hardware name: linux,dummy-virt (DT) [ 26.258151] Call trace: [ 26.258249] show_stack+0x20/0x38 (C) [ 26.258468] dump_stack_lvl+0x8c/0xd0 [ 26.258627] print_report+0x118/0x608 [ 26.258900] kasan_report+0xdc/0x128 [ 26.259020] kasan_check_range+0x100/0x1a8 [ 26.259156] __kasan_check_read+0x20/0x30 [ 26.259326] copy_user_test_oob+0x4a0/0xec8 [ 26.259490] kunit_try_run_case+0x170/0x3f0 [ 26.259656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.259864] kthread+0x328/0x630 [ 26.260017] ret_from_fork+0x10/0x20 [ 26.260148] [ 26.260199] Allocated by task 287: [ 26.260288] kasan_save_stack+0x3c/0x68 [ 26.260392] kasan_save_track+0x20/0x40 [ 26.260488] kasan_save_alloc_info+0x40/0x58 [ 26.260591] __kasan_kmalloc+0xd4/0xd8 [ 26.260718] __kmalloc_noprof+0x198/0x4c8 [ 26.260813] kunit_kmalloc_array+0x34/0x88 [ 26.261574] copy_user_test_oob+0xac/0xec8 [ 26.261795] kunit_try_run_case+0x170/0x3f0 [ 26.262003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.262128] kthread+0x328/0x630 [ 26.262230] ret_from_fork+0x10/0x20 [ 26.262326] [ 26.262381] The buggy address belongs to the object at fff00000c73ad900 [ 26.262381] which belongs to the cache kmalloc-128 of size 128 [ 26.262527] The buggy address is located 0 bytes inside of [ 26.262527] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.262645] [ 26.262690] The buggy address belongs to the physical page: [ 26.262794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.262925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.263102] page_type: f5(slab) [ 26.263256] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.263443] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.263595] page dumped because: kasan: bad access detected [ 26.263716] [ 26.263775] Memory state around the buggy address: [ 26.263848] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.264482] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.264631] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.264725] ^ [ 26.264845] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.265155] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.265264] ================================================================== [ 26.171630] ================================================================== [ 26.172085] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 26.172285] Write of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.172429] [ 26.172542] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.172778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.172859] Hardware name: linux,dummy-virt (DT) [ 26.172955] Call trace: [ 26.173020] show_stack+0x20/0x38 (C) [ 26.173149] dump_stack_lvl+0x8c/0xd0 [ 26.174064] print_report+0x118/0x608 [ 26.174268] kasan_report+0xdc/0x128 [ 26.174387] kasan_check_range+0x100/0x1a8 [ 26.174487] __kasan_check_write+0x20/0x30 [ 26.174581] copy_user_test_oob+0x234/0xec8 [ 26.174669] kunit_try_run_case+0x170/0x3f0 [ 26.174824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.174950] kthread+0x328/0x630 [ 26.175040] ret_from_fork+0x10/0x20 [ 26.175152] [ 26.175196] Allocated by task 287: [ 26.175262] kasan_save_stack+0x3c/0x68 [ 26.175357] kasan_save_track+0x20/0x40 [ 26.175426] kasan_save_alloc_info+0x40/0x58 [ 26.175516] __kasan_kmalloc+0xd4/0xd8 [ 26.175671] __kmalloc_noprof+0x198/0x4c8 [ 26.175947] kunit_kmalloc_array+0x34/0x88 [ 26.176196] copy_user_test_oob+0xac/0xec8 [ 26.176427] kunit_try_run_case+0x170/0x3f0 [ 26.176539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.176654] kthread+0x328/0x630 [ 26.176763] ret_from_fork+0x10/0x20 [ 26.177236] [ 26.177318] The buggy address belongs to the object at fff00000c73ad900 [ 26.177318] which belongs to the cache kmalloc-128 of size 128 [ 26.177686] The buggy address is located 0 bytes inside of [ 26.177686] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.177883] [ 26.178169] The buggy address belongs to the physical page: [ 26.178250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.178402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.178502] page_type: f5(slab) [ 26.178590] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.178685] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.178787] page dumped because: kasan: bad access detected [ 26.178859] [ 26.178907] Memory state around the buggy address: [ 26.179202] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.179742] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.180077] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.180476] ^ [ 26.180949] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.181218] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.181633] ================================================================== [ 26.219931] ================================================================== [ 26.220120] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 26.220298] Write of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.220467] [ 26.220605] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.220903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.220991] Hardware name: linux,dummy-virt (DT) [ 26.221083] Call trace: [ 26.221138] show_stack+0x20/0x38 (C) [ 26.221254] dump_stack_lvl+0x8c/0xd0 [ 26.221462] print_report+0x118/0x608 [ 26.221572] kasan_report+0xdc/0x128 [ 26.221663] kasan_check_range+0x100/0x1a8 [ 26.221799] __kasan_check_write+0x20/0x30 [ 26.221909] copy_user_test_oob+0x35c/0xec8 [ 26.222075] kunit_try_run_case+0x170/0x3f0 [ 26.222234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.222416] kthread+0x328/0x630 [ 26.222566] ret_from_fork+0x10/0x20 [ 26.222736] [ 26.222834] Allocated by task 287: [ 26.222910] kasan_save_stack+0x3c/0x68 [ 26.223014] kasan_save_track+0x20/0x40 [ 26.223112] kasan_save_alloc_info+0x40/0x58 [ 26.223209] __kasan_kmalloc+0xd4/0xd8 [ 26.223307] __kmalloc_noprof+0x198/0x4c8 [ 26.223410] kunit_kmalloc_array+0x34/0x88 [ 26.223509] copy_user_test_oob+0xac/0xec8 [ 26.223605] kunit_try_run_case+0x170/0x3f0 [ 26.223701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.223827] kthread+0x328/0x630 [ 26.223920] ret_from_fork+0x10/0x20 [ 26.224016] [ 26.224068] The buggy address belongs to the object at fff00000c73ad900 [ 26.224068] which belongs to the cache kmalloc-128 of size 128 [ 26.224245] The buggy address is located 0 bytes inside of [ 26.224245] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.224405] [ 26.224466] The buggy address belongs to the physical page: [ 26.224553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.224692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.226351] page_type: f5(slab) [ 26.226472] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.226583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.226676] page dumped because: kasan: bad access detected [ 26.226777] [ 26.226819] Memory state around the buggy address: [ 26.226900] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.227003] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227101] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.227183] ^ [ 26.227268] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227358] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227445] ================================================================== [ 26.244127] ================================================================== [ 26.244244] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 26.244761] Write of size 121 at addr fff00000c73ad900 by task kunit_try_catch/287 [ 26.245132] [ 26.245445] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.245961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.246039] Hardware name: linux,dummy-virt (DT) [ 26.246141] Call trace: [ 26.246194] show_stack+0x20/0x38 (C) [ 26.246312] dump_stack_lvl+0x8c/0xd0 [ 26.246431] print_report+0x118/0x608 [ 26.246679] kasan_report+0xdc/0x128 [ 26.246831] kasan_check_range+0x100/0x1a8 [ 26.247240] __kasan_check_write+0x20/0x30 [ 26.247615] copy_user_test_oob+0x434/0xec8 [ 26.247754] kunit_try_run_case+0x170/0x3f0 [ 26.247914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.248035] kthread+0x328/0x630 [ 26.248236] ret_from_fork+0x10/0x20 [ 26.248561] [ 26.248675] Allocated by task 287: [ 26.248826] kasan_save_stack+0x3c/0x68 [ 26.248955] kasan_save_track+0x20/0x40 [ 26.249345] kasan_save_alloc_info+0x40/0x58 [ 26.249459] __kasan_kmalloc+0xd4/0xd8 [ 26.249642] __kmalloc_noprof+0x198/0x4c8 [ 26.249939] kunit_kmalloc_array+0x34/0x88 [ 26.250144] copy_user_test_oob+0xac/0xec8 [ 26.250249] kunit_try_run_case+0x170/0x3f0 [ 26.250346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.250530] kthread+0x328/0x630 [ 26.250786] ret_from_fork+0x10/0x20 [ 26.251107] [ 26.251324] The buggy address belongs to the object at fff00000c73ad900 [ 26.251324] which belongs to the cache kmalloc-128 of size 128 [ 26.251480] The buggy address is located 0 bytes inside of [ 26.251480] allocated 120-byte region [fff00000c73ad900, fff00000c73ad978) [ 26.251757] [ 26.252072] The buggy address belongs to the physical page: [ 26.252173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.252464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.252912] page_type: f5(slab) [ 26.253119] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.253411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.253812] page dumped because: kasan: bad access detected [ 26.254007] [ 26.254168] Memory state around the buggy address: [ 26.254394] fff00000c73ad800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.254514] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.254833] >fff00000c73ad900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.255404] ^ [ 26.255517] fff00000c73ad980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.255605] fff00000c73ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.255679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 26.044356] ================================================================== [ 26.044552] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 26.045245] Write of size 8 at addr fff00000c73ad878 by task kunit_try_catch/283 [ 26.045579] [ 26.045836] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.046257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.046353] Hardware name: linux,dummy-virt (DT) [ 26.046606] Call trace: [ 26.046739] show_stack+0x20/0x38 (C) [ 26.047057] dump_stack_lvl+0x8c/0xd0 [ 26.047373] print_report+0x118/0x608 [ 26.047748] kasan_report+0xdc/0x128 [ 26.048065] kasan_check_range+0x100/0x1a8 [ 26.048472] __kasan_check_write+0x20/0x30 [ 26.048683] copy_to_kernel_nofault+0x8c/0x250 [ 26.048996] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 26.049270] kunit_try_run_case+0x170/0x3f0 [ 26.049449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.049786] kthread+0x328/0x630 [ 26.049965] ret_from_fork+0x10/0x20 [ 26.050080] [ 26.050129] Allocated by task 283: [ 26.050521] kasan_save_stack+0x3c/0x68 [ 26.050771] kasan_save_track+0x20/0x40 [ 26.050962] kasan_save_alloc_info+0x40/0x58 [ 26.051215] __kasan_kmalloc+0xd4/0xd8 [ 26.051374] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.051484] copy_to_kernel_nofault_oob+0xc8/0x418 [ 26.051589] kunit_try_run_case+0x170/0x3f0 [ 26.051701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.052301] kthread+0x328/0x630 [ 26.052448] ret_from_fork+0x10/0x20 [ 26.052544] [ 26.052603] The buggy address belongs to the object at fff00000c73ad800 [ 26.052603] which belongs to the cache kmalloc-128 of size 128 [ 26.052765] The buggy address is located 0 bytes to the right of [ 26.052765] allocated 120-byte region [fff00000c73ad800, fff00000c73ad878) [ 26.052928] [ 26.052984] The buggy address belongs to the physical page: [ 26.053068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.053206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.053373] page_type: f5(slab) [ 26.053897] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.054019] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.054103] page dumped because: kasan: bad access detected [ 26.054198] [ 26.054243] Memory state around the buggy address: [ 26.054316] fff00000c73ad700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.054426] fff00000c73ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.055303] >fff00000c73ad800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.055529] ^ [ 26.055647] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.055781] fff00000c73ad900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.055908] ================================================================== [ 26.028897] ================================================================== [ 26.029517] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 26.029787] Read of size 8 at addr fff00000c73ad878 by task kunit_try_catch/283 [ 26.029924] [ 26.030328] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 26.030789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.030936] Hardware name: linux,dummy-virt (DT) [ 26.031038] Call trace: [ 26.031183] show_stack+0x20/0x38 (C) [ 26.031740] dump_stack_lvl+0x8c/0xd0 [ 26.031990] print_report+0x118/0x608 [ 26.032153] kasan_report+0xdc/0x128 [ 26.032270] __asan_report_load8_noabort+0x20/0x30 [ 26.032856] copy_to_kernel_nofault+0x204/0x250 [ 26.033095] copy_to_kernel_nofault_oob+0x158/0x418 [ 26.033366] kunit_try_run_case+0x170/0x3f0 [ 26.033613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.033787] kthread+0x328/0x630 [ 26.033884] ret_from_fork+0x10/0x20 [ 26.033983] [ 26.034031] Allocated by task 283: [ 26.034108] kasan_save_stack+0x3c/0x68 [ 26.034738] kasan_save_track+0x20/0x40 [ 26.034968] kasan_save_alloc_info+0x40/0x58 [ 26.035163] __kasan_kmalloc+0xd4/0xd8 [ 26.035268] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.035464] copy_to_kernel_nofault_oob+0xc8/0x418 [ 26.035576] kunit_try_run_case+0x170/0x3f0 [ 26.036127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.036347] kthread+0x328/0x630 [ 26.036492] ret_from_fork+0x10/0x20 [ 26.036656] [ 26.036745] The buggy address belongs to the object at fff00000c73ad800 [ 26.036745] which belongs to the cache kmalloc-128 of size 128 [ 26.037168] The buggy address is located 0 bytes to the right of [ 26.037168] allocated 120-byte region [fff00000c73ad800, fff00000c73ad878) [ 26.037472] [ 26.037756] The buggy address belongs to the physical page: [ 26.037880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 26.038012] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.038132] page_type: f5(slab) [ 26.038374] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.038642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.038907] page dumped because: kasan: bad access detected [ 26.039148] [ 26.039235] Memory state around the buggy address: [ 26.039328] fff00000c73ad700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.039706] fff00000c73ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.039855] >fff00000c73ad800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.039969] ^ [ 26.040204] fff00000c73ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.040420] fff00000c73ad900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.040654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 25.864241] ================================================================== [ 25.864507] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 25.864669] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 25.864818] [ 25.864920] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.865139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.865209] Hardware name: linux,dummy-virt (DT) [ 25.865602] Call trace: [ 25.865771] show_stack+0x20/0x38 (C) [ 25.865906] dump_stack_lvl+0x8c/0xd0 [ 25.866237] print_report+0x310/0x608 [ 25.866345] kasan_report+0xdc/0x128 [ 25.866485] __asan_report_load1_noabort+0x20/0x30 [ 25.866800] vmalloc_oob+0x578/0x5d0 [ 25.866927] kunit_try_run_case+0x170/0x3f0 [ 25.867339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.867800] kthread+0x328/0x630 [ 25.868028] ret_from_fork+0x10/0x20 [ 25.868908] [ 25.869113] The buggy address belongs to the virtual mapping at [ 25.869113] [ffff80008010b000, ffff80008010d000) created by: [ 25.869113] vmalloc_oob+0x98/0x5d0 [ 25.869516] [ 25.869599] The buggy address belongs to the physical page: [ 25.869668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d4 [ 25.869788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.869950] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.870086] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.870178] page dumped because: kasan: bad access detected [ 25.870261] [ 25.870308] Memory state around the buggy address: [ 25.870386] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.870494] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.870590] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 25.870679] ^ [ 25.870826] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 25.870959] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 25.871104] ================================================================== [ 25.874491] ================================================================== [ 25.874872] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 25.875047] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 25.875181] [ 25.875272] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.875496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.875571] Hardware name: linux,dummy-virt (DT) [ 25.875654] Call trace: [ 25.875715] show_stack+0x20/0x38 (C) [ 25.875857] dump_stack_lvl+0x8c/0xd0 [ 25.875979] print_report+0x310/0x608 [ 25.876099] kasan_report+0xdc/0x128 [ 25.876233] __asan_report_load1_noabort+0x20/0x30 [ 25.876364] vmalloc_oob+0x51c/0x5d0 [ 25.876483] kunit_try_run_case+0x170/0x3f0 [ 25.878705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.880068] kthread+0x328/0x630 [ 25.880574] ret_from_fork+0x10/0x20 [ 25.881216] [ 25.881307] The buggy address belongs to the virtual mapping at [ 25.881307] [ffff80008010b000, ffff80008010d000) created by: [ 25.881307] vmalloc_oob+0x98/0x5d0 [ 25.881576] [ 25.881656] The buggy address belongs to the physical page: [ 25.882073] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d4 [ 25.882419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.882830] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 25.883183] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 25.883308] page dumped because: kasan: bad access detected [ 25.883483] [ 25.883548] Memory state around the buggy address: [ 25.884087] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.884261] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.884864] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 25.885048] ^ [ 25.886202] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 25.886882] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 25.887367] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 25.786671] ================================================================== [ 25.786811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 25.786917] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.787023] [ 25.787102] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.787300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.787361] Hardware name: linux,dummy-virt (DT) [ 25.787451] Call trace: [ 25.787744] show_stack+0x20/0x38 (C) [ 25.787890] dump_stack_lvl+0x8c/0xd0 [ 25.788001] print_report+0x118/0x608 [ 25.788314] kasan_report+0xdc/0x128 [ 25.788515] __asan_report_load8_noabort+0x20/0x30 [ 25.788648] kasan_atomics_helper+0x3e10/0x4858 [ 25.788814] kasan_atomics+0x198/0x2e0 [ 25.788935] kunit_try_run_case+0x170/0x3f0 [ 25.789112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.789516] kthread+0x328/0x630 [ 25.789988] ret_from_fork+0x10/0x20 [ 25.790187] [ 25.790279] Allocated by task 267: [ 25.790580] kasan_save_stack+0x3c/0x68 [ 25.790908] kasan_save_track+0x20/0x40 [ 25.791075] kasan_save_alloc_info+0x40/0x58 [ 25.791189] __kasan_kmalloc+0xd4/0xd8 [ 25.791491] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.791782] kasan_atomics+0xb8/0x2e0 [ 25.791886] kunit_try_run_case+0x170/0x3f0 [ 25.791988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.792103] kthread+0x328/0x630 [ 25.792281] ret_from_fork+0x10/0x20 [ 25.792382] [ 25.792451] The buggy address belongs to the object at fff00000c78d8480 [ 25.792451] which belongs to the cache kmalloc-64 of size 64 [ 25.792602] The buggy address is located 0 bytes to the right of [ 25.792602] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.792775] [ 25.792836] The buggy address belongs to the physical page: [ 25.792925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.793066] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.793200] page_type: f5(slab) [ 25.794217] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.794380] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.795033] page dumped because: kasan: bad access detected [ 25.795140] [ 25.795190] Memory state around the buggy address: [ 25.795276] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.795755] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.795880] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.795987] ^ [ 25.796449] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.796979] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.797093] ================================================================== [ 25.410427] ================================================================== [ 25.410598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 25.410798] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.410986] [ 25.411124] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.411414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.411523] Hardware name: linux,dummy-virt (DT) [ 25.411648] Call trace: [ 25.411712] show_stack+0x20/0x38 (C) [ 25.412359] dump_stack_lvl+0x8c/0xd0 [ 25.412975] print_report+0x118/0x608 [ 25.413360] kasan_report+0xdc/0x128 [ 25.413610] __asan_report_load4_noabort+0x20/0x30 [ 25.414032] kasan_atomics_helper+0x3e04/0x4858 [ 25.414372] kasan_atomics+0x198/0x2e0 [ 25.414794] kunit_try_run_case+0x170/0x3f0 [ 25.414962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.415106] kthread+0x328/0x630 [ 25.415263] ret_from_fork+0x10/0x20 [ 25.415551] [ 25.415611] Allocated by task 267: [ 25.415698] kasan_save_stack+0x3c/0x68 [ 25.415804] kasan_save_track+0x20/0x40 [ 25.415884] kasan_save_alloc_info+0x40/0x58 [ 25.415957] __kasan_kmalloc+0xd4/0xd8 [ 25.416032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.416149] kasan_atomics+0xb8/0x2e0 [ 25.416244] kunit_try_run_case+0x170/0x3f0 [ 25.416352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.416470] kthread+0x328/0x630 [ 25.417363] ret_from_fork+0x10/0x20 [ 25.418542] [ 25.418820] The buggy address belongs to the object at fff00000c78d8480 [ 25.418820] which belongs to the cache kmalloc-64 of size 64 [ 25.419011] The buggy address is located 0 bytes to the right of [ 25.419011] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.419425] [ 25.419491] The buggy address belongs to the physical page: [ 25.419580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.419721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.420350] page_type: f5(slab) [ 25.420627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.421056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.421158] page dumped because: kasan: bad access detected [ 25.421231] [ 25.421278] Memory state around the buggy address: [ 25.421351] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.421465] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.421558] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.421648] ^ [ 25.421742] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.424499] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.425034] ================================================================== [ 25.635606] ================================================================== [ 25.635761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 25.635900] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.636028] [ 25.636129] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.636350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.636425] Hardware name: linux,dummy-virt (DT) [ 25.636508] Call trace: [ 25.636574] show_stack+0x20/0x38 (C) [ 25.636697] dump_stack_lvl+0x8c/0xd0 [ 25.636838] print_report+0x118/0x608 [ 25.636961] kasan_report+0xdc/0x128 [ 25.637076] kasan_check_range+0x100/0x1a8 [ 25.637200] __kasan_check_write+0x20/0x30 [ 25.637311] kasan_atomics_helper+0x12d8/0x4858 [ 25.640581] kasan_atomics+0x198/0x2e0 [ 25.641449] kunit_try_run_case+0x170/0x3f0 [ 25.642178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.642433] kthread+0x328/0x630 [ 25.642890] ret_from_fork+0x10/0x20 [ 25.643535] [ 25.643597] Allocated by task 267: [ 25.643665] kasan_save_stack+0x3c/0x68 [ 25.643760] kasan_save_track+0x20/0x40 [ 25.643845] kasan_save_alloc_info+0x40/0x58 [ 25.643939] __kasan_kmalloc+0xd4/0xd8 [ 25.645281] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.645989] kasan_atomics+0xb8/0x2e0 [ 25.646162] kunit_try_run_case+0x170/0x3f0 [ 25.646491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.647235] kthread+0x328/0x630 [ 25.647720] ret_from_fork+0x10/0x20 [ 25.648214] [ 25.648277] The buggy address belongs to the object at fff00000c78d8480 [ 25.648277] which belongs to the cache kmalloc-64 of size 64 [ 25.648980] The buggy address is located 0 bytes to the right of [ 25.648980] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.649152] [ 25.649215] The buggy address belongs to the physical page: [ 25.649298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.649458] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.649595] page_type: f5(slab) [ 25.650577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.651642] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.651947] page dumped because: kasan: bad access detected [ 25.652592] [ 25.652952] Memory state around the buggy address: [ 25.653561] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.654397] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.654837] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.655034] ^ [ 25.655137] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.656090] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.656718] ================================================================== [ 25.524294] ================================================================== [ 25.524447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 25.524590] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.524723] [ 25.524830] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.525051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.525129] Hardware name: linux,dummy-virt (DT) [ 25.525212] Call trace: [ 25.525274] show_stack+0x20/0x38 (C) [ 25.526562] dump_stack_lvl+0x8c/0xd0 [ 25.527184] print_report+0x118/0x608 [ 25.527468] kasan_report+0xdc/0x128 [ 25.527722] kasan_check_range+0x100/0x1a8 [ 25.527997] __kasan_check_write+0x20/0x30 [ 25.528648] kasan_atomics_helper+0xff0/0x4858 [ 25.529373] kasan_atomics+0x198/0x2e0 [ 25.529516] kunit_try_run_case+0x170/0x3f0 [ 25.530261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.530570] kthread+0x328/0x630 [ 25.530721] ret_from_fork+0x10/0x20 [ 25.530994] [ 25.531115] Allocated by task 267: [ 25.531695] kasan_save_stack+0x3c/0x68 [ 25.531834] kasan_save_track+0x20/0x40 [ 25.531946] kasan_save_alloc_info+0x40/0x58 [ 25.532054] __kasan_kmalloc+0xd4/0xd8 [ 25.532654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.532797] kasan_atomics+0xb8/0x2e0 [ 25.532886] kunit_try_run_case+0x170/0x3f0 [ 25.533005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.533128] kthread+0x328/0x630 [ 25.534106] ret_from_fork+0x10/0x20 [ 25.534478] [ 25.534679] The buggy address belongs to the object at fff00000c78d8480 [ 25.534679] which belongs to the cache kmalloc-64 of size 64 [ 25.535070] The buggy address is located 0 bytes to the right of [ 25.535070] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.535408] [ 25.535466] The buggy address belongs to the physical page: [ 25.535830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.536176] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.536322] page_type: f5(slab) [ 25.536781] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.537670] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.537798] page dumped because: kasan: bad access detected [ 25.537871] [ 25.537912] Memory state around the buggy address: [ 25.537998] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.538109] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.539149] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.539302] ^ [ 25.539419] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.539831] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.539949] ================================================================== [ 25.274104] ================================================================== [ 25.274226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 25.274354] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.274462] [ 25.274547] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.274758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.274823] Hardware name: linux,dummy-virt (DT) [ 25.274893] Call trace: [ 25.274951] show_stack+0x20/0x38 (C) [ 25.275071] dump_stack_lvl+0x8c/0xd0 [ 25.275173] print_report+0x118/0x608 [ 25.276076] kasan_report+0xdc/0x128 [ 25.276298] kasan_check_range+0x100/0x1a8 [ 25.276412] __kasan_check_write+0x20/0x30 [ 25.276529] kasan_atomics_helper+0xad4/0x4858 [ 25.276647] kasan_atomics+0x198/0x2e0 [ 25.276747] kunit_try_run_case+0x170/0x3f0 [ 25.277042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.277176] kthread+0x328/0x630 [ 25.277286] ret_from_fork+0x10/0x20 [ 25.277389] [ 25.277436] Allocated by task 267: [ 25.277518] kasan_save_stack+0x3c/0x68 [ 25.277621] kasan_save_track+0x20/0x40 [ 25.277805] kasan_save_alloc_info+0x40/0x58 [ 25.278077] __kasan_kmalloc+0xd4/0xd8 [ 25.279146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.279272] kasan_atomics+0xb8/0x2e0 [ 25.279366] kunit_try_run_case+0x170/0x3f0 [ 25.279537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.279804] kthread+0x328/0x630 [ 25.279915] ret_from_fork+0x10/0x20 [ 25.280299] [ 25.280394] The buggy address belongs to the object at fff00000c78d8480 [ 25.280394] which belongs to the cache kmalloc-64 of size 64 [ 25.280860] The buggy address is located 0 bytes to the right of [ 25.280860] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.281665] [ 25.282019] The buggy address belongs to the physical page: [ 25.282239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.282477] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.282617] page_type: f5(slab) [ 25.282723] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.282877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.282991] page dumped because: kasan: bad access detected [ 25.283076] [ 25.283125] Memory state around the buggy address: [ 25.283208] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.283306] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.283397] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.283470] ^ [ 25.285854] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.286335] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.286906] ================================================================== [ 25.619796] ================================================================== [ 25.619942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 25.620081] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.620230] [ 25.620329] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.620552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.620627] Hardware name: linux,dummy-virt (DT) [ 25.620708] Call trace: [ 25.621759] show_stack+0x20/0x38 (C) [ 25.622639] dump_stack_lvl+0x8c/0xd0 [ 25.623078] print_report+0x118/0x608 [ 25.623414] kasan_report+0xdc/0x128 [ 25.623967] kasan_check_range+0x100/0x1a8 [ 25.624133] __kasan_check_write+0x20/0x30 [ 25.624607] kasan_atomics_helper+0x126c/0x4858 [ 25.625230] kasan_atomics+0x198/0x2e0 [ 25.625381] kunit_try_run_case+0x170/0x3f0 [ 25.625518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.626337] kthread+0x328/0x630 [ 25.626555] ret_from_fork+0x10/0x20 [ 25.626839] [ 25.626897] Allocated by task 267: [ 25.626983] kasan_save_stack+0x3c/0x68 [ 25.627090] kasan_save_track+0x20/0x40 [ 25.627189] kasan_save_alloc_info+0x40/0x58 [ 25.627287] __kasan_kmalloc+0xd4/0xd8 [ 25.627419] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.627531] kasan_atomics+0xb8/0x2e0 [ 25.627626] kunit_try_run_case+0x170/0x3f0 [ 25.627740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.627873] kthread+0x328/0x630 [ 25.628007] ret_from_fork+0x10/0x20 [ 25.628134] [ 25.628196] The buggy address belongs to the object at fff00000c78d8480 [ 25.628196] which belongs to the cache kmalloc-64 of size 64 [ 25.628362] The buggy address is located 0 bytes to the right of [ 25.628362] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.628549] [ 25.628629] The buggy address belongs to the physical page: [ 25.628720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.628878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.629931] page_type: f5(slab) [ 25.630685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.630836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.631265] page dumped because: kasan: bad access detected [ 25.631365] [ 25.631425] Memory state around the buggy address: [ 25.632139] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.632437] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.632859] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.633242] ^ [ 25.633354] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.634148] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.634354] ================================================================== [ 25.583802] ================================================================== [ 25.583952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 25.584086] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.584235] [ 25.584329] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.584544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.585588] Hardware name: linux,dummy-virt (DT) [ 25.585798] Call trace: [ 25.585891] show_stack+0x20/0x38 (C) [ 25.586098] dump_stack_lvl+0x8c/0xd0 [ 25.586450] print_report+0x118/0x608 [ 25.586580] kasan_report+0xdc/0x128 [ 25.587556] kasan_check_range+0x100/0x1a8 [ 25.588052] __kasan_check_write+0x20/0x30 [ 25.588287] kasan_atomics_helper+0x1190/0x4858 [ 25.588439] kasan_atomics+0x198/0x2e0 [ 25.588567] kunit_try_run_case+0x170/0x3f0 [ 25.588953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.589161] kthread+0x328/0x630 [ 25.589637] ret_from_fork+0x10/0x20 [ 25.590242] [ 25.590317] Allocated by task 267: [ 25.590409] kasan_save_stack+0x3c/0x68 [ 25.590533] kasan_save_track+0x20/0x40 [ 25.590631] kasan_save_alloc_info+0x40/0x58 [ 25.591190] __kasan_kmalloc+0xd4/0xd8 [ 25.591443] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.591696] kasan_atomics+0xb8/0x2e0 [ 25.591803] kunit_try_run_case+0x170/0x3f0 [ 25.591911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.592739] kthread+0x328/0x630 [ 25.592933] ret_from_fork+0x10/0x20 [ 25.593171] [ 25.593260] The buggy address belongs to the object at fff00000c78d8480 [ 25.593260] which belongs to the cache kmalloc-64 of size 64 [ 25.593449] The buggy address is located 0 bytes to the right of [ 25.593449] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.593915] [ 25.593989] The buggy address belongs to the physical page: [ 25.594077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.594219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.594352] page_type: f5(slab) [ 25.594457] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.594592] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.594710] page dumped because: kasan: bad access detected [ 25.594811] [ 25.597670] Memory state around the buggy address: [ 25.597912] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.598012] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.598099] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.598190] ^ [ 25.598283] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.599576] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.600136] ================================================================== [ 25.720554] ================================================================== [ 25.720702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 25.720844] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.720973] [ 25.721066] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.721275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.721591] Hardware name: linux,dummy-virt (DT) [ 25.721738] Call trace: [ 25.721808] show_stack+0x20/0x38 (C) [ 25.721993] dump_stack_lvl+0x8c/0xd0 [ 25.722337] print_report+0x118/0x608 [ 25.722525] kasan_report+0xdc/0x128 [ 25.722638] kasan_check_range+0x100/0x1a8 [ 25.722793] __kasan_check_write+0x20/0x30 [ 25.722979] kasan_atomics_helper+0x14e4/0x4858 [ 25.723130] kasan_atomics+0x198/0x2e0 [ 25.723674] kunit_try_run_case+0x170/0x3f0 [ 25.723868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.724100] kthread+0x328/0x630 [ 25.724303] ret_from_fork+0x10/0x20 [ 25.724906] [ 25.724975] Allocated by task 267: [ 25.725074] kasan_save_stack+0x3c/0x68 [ 25.725191] kasan_save_track+0x20/0x40 [ 25.725713] kasan_save_alloc_info+0x40/0x58 [ 25.725894] __kasan_kmalloc+0xd4/0xd8 [ 25.726003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.726185] kasan_atomics+0xb8/0x2e0 [ 25.726458] kunit_try_run_case+0x170/0x3f0 [ 25.726614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.726755] kthread+0x328/0x630 [ 25.726845] ret_from_fork+0x10/0x20 [ 25.727015] [ 25.727090] The buggy address belongs to the object at fff00000c78d8480 [ 25.727090] which belongs to the cache kmalloc-64 of size 64 [ 25.727297] The buggy address is located 0 bytes to the right of [ 25.727297] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.727713] [ 25.727797] The buggy address belongs to the physical page: [ 25.727954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.728098] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.728621] page_type: f5(slab) [ 25.728765] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.729139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.729369] page dumped because: kasan: bad access detected [ 25.729549] [ 25.729582] Memory state around the buggy address: [ 25.729630] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.729694] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.729838] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.729932] ^ [ 25.730008] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.730086] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.730172] ================================================================== [ 25.817317] ================================================================== [ 25.817512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 25.817642] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.817774] [ 25.817865] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.818107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.818243] Hardware name: linux,dummy-virt (DT) [ 25.818367] Call trace: [ 25.818455] show_stack+0x20/0x38 (C) [ 25.818595] dump_stack_lvl+0x8c/0xd0 [ 25.818780] print_report+0x118/0x608 [ 25.818958] kasan_report+0xdc/0x128 [ 25.819137] kasan_check_range+0x100/0x1a8 [ 25.819537] __kasan_check_write+0x20/0x30 [ 25.819905] kasan_atomics_helper+0x17ec/0x4858 [ 25.820015] kasan_atomics+0x198/0x2e0 [ 25.820115] kunit_try_run_case+0x170/0x3f0 [ 25.820445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.820604] kthread+0x328/0x630 [ 25.820699] ret_from_fork+0x10/0x20 [ 25.820804] [ 25.820866] Allocated by task 267: [ 25.820939] kasan_save_stack+0x3c/0x68 [ 25.821042] kasan_save_track+0x20/0x40 [ 25.821268] kasan_save_alloc_info+0x40/0x58 [ 25.821516] __kasan_kmalloc+0xd4/0xd8 [ 25.821806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.822120] kasan_atomics+0xb8/0x2e0 [ 25.822195] kunit_try_run_case+0x170/0x3f0 [ 25.822282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.822387] kthread+0x328/0x630 [ 25.822470] ret_from_fork+0x10/0x20 [ 25.822555] [ 25.822603] The buggy address belongs to the object at fff00000c78d8480 [ 25.822603] which belongs to the cache kmalloc-64 of size 64 [ 25.822724] The buggy address is located 0 bytes to the right of [ 25.822724] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.822880] [ 25.822935] The buggy address belongs to the physical page: [ 25.823006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.823122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.823235] page_type: f5(slab) [ 25.823456] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.823943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.824511] page dumped because: kasan: bad access detected [ 25.824720] [ 25.824827] Memory state around the buggy address: [ 25.825355] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.825502] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.825712] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.826024] ^ [ 25.826121] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.826320] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.826572] ================================================================== [ 25.570662] ================================================================== [ 25.570795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 25.570925] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.571052] [ 25.571143] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.571362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.571437] Hardware name: linux,dummy-virt (DT) [ 25.571520] Call trace: [ 25.571588] show_stack+0x20/0x38 (C) [ 25.571708] dump_stack_lvl+0x8c/0xd0 [ 25.572050] print_report+0x118/0x608 [ 25.572178] kasan_report+0xdc/0x128 [ 25.572295] kasan_check_range+0x100/0x1a8 [ 25.572419] __kasan_check_write+0x20/0x30 [ 25.572544] kasan_atomics_helper+0x1128/0x4858 [ 25.572669] kasan_atomics+0x198/0x2e0 [ 25.572778] kunit_try_run_case+0x170/0x3f0 [ 25.572883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.573671] kthread+0x328/0x630 [ 25.573949] ret_from_fork+0x10/0x20 [ 25.574133] [ 25.574192] Allocated by task 267: [ 25.574335] kasan_save_stack+0x3c/0x68 [ 25.574862] kasan_save_track+0x20/0x40 [ 25.574992] kasan_save_alloc_info+0x40/0x58 [ 25.575098] __kasan_kmalloc+0xd4/0xd8 [ 25.575281] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.575836] kasan_atomics+0xb8/0x2e0 [ 25.576005] kunit_try_run_case+0x170/0x3f0 [ 25.576142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.576658] kthread+0x328/0x630 [ 25.576846] ret_from_fork+0x10/0x20 [ 25.577295] [ 25.577373] The buggy address belongs to the object at fff00000c78d8480 [ 25.577373] which belongs to the cache kmalloc-64 of size 64 [ 25.577542] The buggy address is located 0 bytes to the right of [ 25.577542] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.578344] [ 25.578411] The buggy address belongs to the physical page: [ 25.578492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.578612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.578718] page_type: f5(slab) [ 25.578812] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.578937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.579864] page dumped because: kasan: bad access detected [ 25.579978] [ 25.580425] Memory state around the buggy address: [ 25.580706] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.581032] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.581154] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.581258] ^ [ 25.581353] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.582167] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.582346] ================================================================== [ 25.425891] ================================================================== [ 25.426089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 25.426210] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.426319] [ 25.426415] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.426720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.426801] Hardware name: linux,dummy-virt (DT) [ 25.426874] Call trace: [ 25.426934] show_stack+0x20/0x38 (C) [ 25.427047] dump_stack_lvl+0x8c/0xd0 [ 25.427160] print_report+0x118/0x608 [ 25.427265] kasan_report+0xdc/0x128 [ 25.427371] kasan_check_range+0x100/0x1a8 [ 25.427476] __kasan_check_read+0x20/0x30 [ 25.427587] kasan_atomics_helper+0xdd4/0x4858 [ 25.427697] kasan_atomics+0x198/0x2e0 [ 25.427819] kunit_try_run_case+0x170/0x3f0 [ 25.427963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.428102] kthread+0x328/0x630 [ 25.428233] ret_from_fork+0x10/0x20 [ 25.428346] [ 25.429637] Allocated by task 267: [ 25.429771] kasan_save_stack+0x3c/0x68 [ 25.429883] kasan_save_track+0x20/0x40 [ 25.429969] kasan_save_alloc_info+0x40/0x58 [ 25.430050] __kasan_kmalloc+0xd4/0xd8 [ 25.430135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.430229] kasan_atomics+0xb8/0x2e0 [ 25.430310] kunit_try_run_case+0x170/0x3f0 [ 25.430404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.430510] kthread+0x328/0x630 [ 25.430595] ret_from_fork+0x10/0x20 [ 25.430674] [ 25.430722] The buggy address belongs to the object at fff00000c78d8480 [ 25.430722] which belongs to the cache kmalloc-64 of size 64 [ 25.430884] The buggy address is located 0 bytes to the right of [ 25.430884] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.431033] [ 25.431083] The buggy address belongs to the physical page: [ 25.431153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.431266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.431389] page_type: f5(slab) [ 25.431477] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.431581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.431661] page dumped because: kasan: bad access detected [ 25.433295] [ 25.433372] Memory state around the buggy address: [ 25.433508] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.433697] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.434482] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.434678] ^ [ 25.434870] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.434986] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.435085] ================================================================== [ 25.218950] ================================================================== [ 25.219101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 25.219286] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.219451] [ 25.219570] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.219939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.220015] Hardware name: linux,dummy-virt (DT) [ 25.220102] Call trace: [ 25.220172] show_stack+0x20/0x38 (C) [ 25.220302] dump_stack_lvl+0x8c/0xd0 [ 25.220422] print_report+0x118/0x608 [ 25.220557] kasan_report+0xdc/0x128 [ 25.220715] __asan_report_load4_noabort+0x20/0x30 [ 25.220856] kasan_atomics_helper+0x42d8/0x4858 [ 25.220969] kasan_atomics+0x198/0x2e0 [ 25.221262] kunit_try_run_case+0x170/0x3f0 [ 25.221434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.221639] kthread+0x328/0x630 [ 25.221827] ret_from_fork+0x10/0x20 [ 25.221940] [ 25.221978] Allocated by task 267: [ 25.222037] kasan_save_stack+0x3c/0x68 [ 25.222123] kasan_save_track+0x20/0x40 [ 25.222207] kasan_save_alloc_info+0x40/0x58 [ 25.222299] __kasan_kmalloc+0xd4/0xd8 [ 25.222388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.222810] kthread+0x328/0x630 [ 25.223384] [ 25.223750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.223874] page_type: f5(slab) [ 25.224000] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.224132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.224529] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.225312] ================================================================== [ 25.742024] ================================================================== [ 25.742161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 25.742528] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.742716] [ 25.742835] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.743087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.743348] Hardware name: linux,dummy-virt (DT) [ 25.743441] Call trace: [ 25.743508] show_stack+0x20/0x38 (C) [ 25.743641] dump_stack_lvl+0x8c/0xd0 [ 25.743806] print_report+0x118/0x608 [ 25.743927] kasan_report+0xdc/0x128 [ 25.744086] kasan_check_range+0x100/0x1a8 [ 25.744286] __kasan_check_write+0x20/0x30 [ 25.744417] kasan_atomics_helper+0x15b4/0x4858 [ 25.744527] kasan_atomics+0x198/0x2e0 [ 25.744640] kunit_try_run_case+0x170/0x3f0 [ 25.744775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.744973] kthread+0x328/0x630 [ 25.745105] ret_from_fork+0x10/0x20 [ 25.745234] [ 25.745505] Allocated by task 267: [ 25.745603] kasan_save_stack+0x3c/0x68 [ 25.745883] kasan_save_track+0x20/0x40 [ 25.746248] kasan_save_alloc_info+0x40/0x58 [ 25.746453] __kasan_kmalloc+0xd4/0xd8 [ 25.746555] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.746670] kasan_atomics+0xb8/0x2e0 [ 25.746767] kunit_try_run_case+0x170/0x3f0 [ 25.746858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.746941] kthread+0x328/0x630 [ 25.747053] ret_from_fork+0x10/0x20 [ 25.747148] [ 25.747206] The buggy address belongs to the object at fff00000c78d8480 [ 25.747206] which belongs to the cache kmalloc-64 of size 64 [ 25.747365] The buggy address is located 0 bytes to the right of [ 25.747365] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.747536] [ 25.747590] The buggy address belongs to the physical page: [ 25.747677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.747813] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.747939] page_type: f5(slab) [ 25.748102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.748589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.748900] page dumped because: kasan: bad access detected [ 25.749048] [ 25.749140] Memory state around the buggy address: [ 25.749229] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.749422] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.749538] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.749646] ^ [ 25.749755] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.749869] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.749970] ================================================================== [ 25.678980] ================================================================== [ 25.679105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 25.679453] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.679617] [ 25.679717] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.679941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.680012] Hardware name: linux,dummy-virt (DT) [ 25.680098] Call trace: [ 25.680212] show_stack+0x20/0x38 (C) [ 25.680344] dump_stack_lvl+0x8c/0xd0 [ 25.680467] print_report+0x118/0x608 [ 25.680579] kasan_report+0xdc/0x128 [ 25.680694] __asan_report_load8_noabort+0x20/0x30 [ 25.680822] kasan_atomics_helper+0x3f04/0x4858 [ 25.680942] kasan_atomics+0x198/0x2e0 [ 25.681557] kunit_try_run_case+0x170/0x3f0 [ 25.681924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.682151] kthread+0x328/0x630 [ 25.682274] ret_from_fork+0x10/0x20 [ 25.682407] [ 25.682459] Allocated by task 267: [ 25.682539] kasan_save_stack+0x3c/0x68 [ 25.682631] kasan_save_track+0x20/0x40 [ 25.682706] kasan_save_alloc_info+0x40/0x58 [ 25.682798] __kasan_kmalloc+0xd4/0xd8 [ 25.682881] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.682983] kasan_atomics+0xb8/0x2e0 [ 25.683081] kunit_try_run_case+0x170/0x3f0 [ 25.683181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.683302] kthread+0x328/0x630 [ 25.683394] ret_from_fork+0x10/0x20 [ 25.683485] [ 25.684892] The buggy address belongs to the object at fff00000c78d8480 [ 25.684892] which belongs to the cache kmalloc-64 of size 64 [ 25.686200] The buggy address is located 0 bytes to the right of [ 25.686200] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.687270] [ 25.687339] The buggy address belongs to the physical page: [ 25.687417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.687544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.687653] page_type: f5(slab) [ 25.690130] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.690344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.690519] page dumped because: kasan: bad access detected [ 25.690597] [ 25.690644] Memory state around the buggy address: [ 25.690724] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.690832] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.690929] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.691012] ^ [ 25.691085] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.691179] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.691271] ================================================================== [ 25.387910] ================================================================== [ 25.388115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 25.388303] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.388740] [ 25.388979] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.389203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.389276] Hardware name: linux,dummy-virt (DT) [ 25.389769] Call trace: [ 25.389980] show_stack+0x20/0x38 (C) [ 25.390591] dump_stack_lvl+0x8c/0xd0 [ 25.390746] print_report+0x118/0x608 [ 25.390961] kasan_report+0xdc/0x128 [ 25.391296] __asan_report_load4_noabort+0x20/0x30 [ 25.391761] kasan_atomics_helper+0x3dd8/0x4858 [ 25.391902] kasan_atomics+0x198/0x2e0 [ 25.392402] kunit_try_run_case+0x170/0x3f0 [ 25.392788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.393231] kthread+0x328/0x630 [ 25.393465] ret_from_fork+0x10/0x20 [ 25.393720] [ 25.393862] Allocated by task 267: [ 25.394012] kasan_save_stack+0x3c/0x68 [ 25.394292] kasan_save_track+0x20/0x40 [ 25.394462] kasan_save_alloc_info+0x40/0x58 [ 25.394565] __kasan_kmalloc+0xd4/0xd8 [ 25.394782] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.395009] kasan_atomics+0xb8/0x2e0 [ 25.395308] kunit_try_run_case+0x170/0x3f0 [ 25.395856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.396000] kthread+0x328/0x630 [ 25.396101] ret_from_fork+0x10/0x20 [ 25.396213] [ 25.396273] The buggy address belongs to the object at fff00000c78d8480 [ 25.396273] which belongs to the cache kmalloc-64 of size 64 [ 25.396440] The buggy address is located 0 bytes to the right of [ 25.396440] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.397108] [ 25.397241] The buggy address belongs to the physical page: [ 25.397365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.397762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.398364] page_type: f5(slab) [ 25.398689] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.398833] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.398952] page dumped because: kasan: bad access detected [ 25.399045] [ 25.399082] Memory state around the buggy address: [ 25.399231] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.399344] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.399634] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.399942] ^ [ 25.400268] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.400441] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.400718] ================================================================== [ 25.289212] ================================================================== [ 25.290067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 25.290227] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.291000] [ 25.291115] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.291674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.291751] Hardware name: linux,dummy-virt (DT) [ 25.291834] Call trace: [ 25.291889] show_stack+0x20/0x38 (C) [ 25.292009] dump_stack_lvl+0x8c/0xd0 [ 25.292130] print_report+0x118/0x608 [ 25.292230] kasan_report+0xdc/0x128 [ 25.292332] __asan_report_load4_noabort+0x20/0x30 [ 25.292446] kasan_atomics_helper+0x3dcc/0x4858 [ 25.292554] kasan_atomics+0x198/0x2e0 [ 25.293939] kunit_try_run_case+0x170/0x3f0 [ 25.294189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.294738] kthread+0x328/0x630 [ 25.294884] ret_from_fork+0x10/0x20 [ 25.295391] [ 25.295620] Allocated by task 267: [ 25.295753] kasan_save_stack+0x3c/0x68 [ 25.296188] kasan_save_track+0x20/0x40 [ 25.296334] kasan_save_alloc_info+0x40/0x58 [ 25.296452] __kasan_kmalloc+0xd4/0xd8 [ 25.297123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.297342] kasan_atomics+0xb8/0x2e0 [ 25.297640] kunit_try_run_case+0x170/0x3f0 [ 25.297783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.297905] kthread+0x328/0x630 [ 25.298753] ret_from_fork+0x10/0x20 [ 25.298980] [ 25.299046] The buggy address belongs to the object at fff00000c78d8480 [ 25.299046] which belongs to the cache kmalloc-64 of size 64 [ 25.299848] The buggy address is located 0 bytes to the right of [ 25.299848] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.300068] [ 25.300136] The buggy address belongs to the physical page: [ 25.300217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.300361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.300497] page_type: f5(slab) [ 25.301019] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.302014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.302862] page dumped because: kasan: bad access detected [ 25.303109] [ 25.303195] Memory state around the buggy address: [ 25.303503] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.303694] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.304200] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.304591] ^ [ 25.304900] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.305451] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.305563] ================================================================== [ 25.548101] ================================================================== [ 25.548266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 25.548367] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.548428] [ 25.548480] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.548583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.548616] Hardware name: linux,dummy-virt (DT) [ 25.548660] Call trace: [ 25.548690] show_stack+0x20/0x38 (C) [ 25.548790] dump_stack_lvl+0x8c/0xd0 [ 25.548910] print_report+0x118/0x608 [ 25.549029] kasan_report+0xdc/0x128 [ 25.549510] kasan_check_range+0x100/0x1a8 [ 25.549693] __kasan_check_write+0x20/0x30 [ 25.549829] kasan_atomics_helper+0x1058/0x4858 [ 25.549926] kasan_atomics+0x198/0x2e0 [ 25.550052] kunit_try_run_case+0x170/0x3f0 [ 25.550173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.550556] kthread+0x328/0x630 [ 25.551131] ret_from_fork+0x10/0x20 [ 25.551643] [ 25.551846] Allocated by task 267: [ 25.551978] kasan_save_stack+0x3c/0x68 [ 25.552081] kasan_save_track+0x20/0x40 [ 25.552547] kasan_save_alloc_info+0x40/0x58 [ 25.552669] __kasan_kmalloc+0xd4/0xd8 [ 25.552780] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.553240] kasan_atomics+0xb8/0x2e0 [ 25.553506] kunit_try_run_case+0x170/0x3f0 [ 25.553761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.554149] kthread+0x328/0x630 [ 25.554457] ret_from_fork+0x10/0x20 [ 25.554541] [ 25.554591] The buggy address belongs to the object at fff00000c78d8480 [ 25.554591] which belongs to the cache kmalloc-64 of size 64 [ 25.554753] The buggy address is located 0 bytes to the right of [ 25.554753] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.555318] [ 25.555559] The buggy address belongs to the physical page: [ 25.555931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.556129] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.556258] page_type: f5(slab) [ 25.556711] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.556967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.557081] page dumped because: kasan: bad access detected [ 25.557164] [ 25.557216] Memory state around the buggy address: [ 25.557311] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.557432] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.557547] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.557654] ^ [ 25.558138] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.558357] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.558571] ================================================================== [ 25.439682] ================================================================== [ 25.439864] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 25.440075] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.440276] [ 25.440369] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.440650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.440758] Hardware name: linux,dummy-virt (DT) [ 25.440834] Call trace: [ 25.440897] show_stack+0x20/0x38 (C) [ 25.441258] dump_stack_lvl+0x8c/0xd0 [ 25.441812] print_report+0x118/0x608 [ 25.442037] kasan_report+0xdc/0x128 [ 25.442179] __asan_report_load8_noabort+0x20/0x30 [ 25.442317] kasan_atomics_helper+0x3f58/0x4858 [ 25.442444] kasan_atomics+0x198/0x2e0 [ 25.442749] kunit_try_run_case+0x170/0x3f0 [ 25.442879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.443076] kthread+0x328/0x630 [ 25.443250] ret_from_fork+0x10/0x20 [ 25.443434] [ 25.443509] Allocated by task 267: [ 25.443601] kasan_save_stack+0x3c/0x68 [ 25.443713] kasan_save_track+0x20/0x40 [ 25.443853] kasan_save_alloc_info+0x40/0x58 [ 25.444016] __kasan_kmalloc+0xd4/0xd8 [ 25.444122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.444237] kasan_atomics+0xb8/0x2e0 [ 25.444336] kunit_try_run_case+0x170/0x3f0 [ 25.444505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.444627] kthread+0x328/0x630 [ 25.444734] ret_from_fork+0x10/0x20 [ 25.444818] [ 25.444865] The buggy address belongs to the object at fff00000c78d8480 [ 25.444865] which belongs to the cache kmalloc-64 of size 64 [ 25.445009] The buggy address is located 0 bytes to the right of [ 25.445009] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.445186] [ 25.445593] The buggy address belongs to the physical page: [ 25.445725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.446001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.446267] page_type: f5(slab) [ 25.446370] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.446775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.446947] page dumped because: kasan: bad access detected [ 25.447073] [ 25.447119] Memory state around the buggy address: [ 25.447192] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.447279] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.447857] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.447970] ^ [ 25.448072] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.448201] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.448314] ================================================================== [ 25.807877] ================================================================== [ 25.808221] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 25.808355] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.808490] [ 25.808578] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.808751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.808817] Hardware name: linux,dummy-virt (DT) [ 25.808901] Call trace: [ 25.808958] show_stack+0x20/0x38 (C) [ 25.809076] dump_stack_lvl+0x8c/0xd0 [ 25.809196] print_report+0x118/0x608 [ 25.809347] kasan_report+0xdc/0x128 [ 25.809520] __asan_report_load8_noabort+0x20/0x30 [ 25.809701] kasan_atomics_helper+0x3e20/0x4858 [ 25.809827] kasan_atomics+0x198/0x2e0 [ 25.809937] kunit_try_run_case+0x170/0x3f0 [ 25.810051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.810262] kthread+0x328/0x630 [ 25.810377] ret_from_fork+0x10/0x20 [ 25.810486] [ 25.810529] Allocated by task 267: [ 25.810595] kasan_save_stack+0x3c/0x68 [ 25.810688] kasan_save_track+0x20/0x40 [ 25.810770] kasan_save_alloc_info+0x40/0x58 [ 25.810858] __kasan_kmalloc+0xd4/0xd8 [ 25.810939] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.811035] kasan_atomics+0xb8/0x2e0 [ 25.811112] kunit_try_run_case+0x170/0x3f0 [ 25.811202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.811304] kthread+0x328/0x630 [ 25.811385] ret_from_fork+0x10/0x20 [ 25.811467] [ 25.811516] The buggy address belongs to the object at fff00000c78d8480 [ 25.811516] which belongs to the cache kmalloc-64 of size 64 [ 25.811650] The buggy address is located 0 bytes to the right of [ 25.811650] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.811812] [ 25.811870] The buggy address belongs to the physical page: [ 25.811946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.812071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.812199] page_type: f5(slab) [ 25.812288] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.812419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.812516] page dumped because: kasan: bad access detected [ 25.812596] [ 25.812649] Memory state around the buggy address: [ 25.812725] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.815888] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.816015] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.816194] ^ [ 25.816334] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.816507] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.816634] ================================================================== [ 25.253324] ================================================================== [ 25.253632] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 25.253816] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.253917] [ 25.254001] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.254850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.254946] Hardware name: linux,dummy-virt (DT) [ 25.255043] Call trace: [ 25.255113] show_stack+0x20/0x38 (C) [ 25.255244] dump_stack_lvl+0x8c/0xd0 [ 25.255370] print_report+0x118/0x608 [ 25.255489] kasan_report+0xdc/0x128 [ 25.255612] kasan_check_range+0x100/0x1a8 [ 25.256826] __kasan_check_write+0x20/0x30 [ 25.257572] kasan_atomics_helper+0xa6c/0x4858 [ 25.257887] kasan_atomics+0x198/0x2e0 [ 25.257980] kunit_try_run_case+0x170/0x3f0 [ 25.258799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.259411] kthread+0x328/0x630 [ 25.260169] ret_from_fork+0x10/0x20 [ 25.260971] [ 25.261197] Allocated by task 267: [ 25.261623] kasan_save_stack+0x3c/0x68 [ 25.262125] kasan_save_track+0x20/0x40 [ 25.262217] kasan_save_alloc_info+0x40/0x58 [ 25.262544] __kasan_kmalloc+0xd4/0xd8 [ 25.262975] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.263539] kasan_atomics+0xb8/0x2e0 [ 25.264317] kunit_try_run_case+0x170/0x3f0 [ 25.264572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.264801] kthread+0x328/0x630 [ 25.265688] ret_from_fork+0x10/0x20 [ 25.266111] [ 25.266169] The buggy address belongs to the object at fff00000c78d8480 [ 25.266169] which belongs to the cache kmalloc-64 of size 64 [ 25.266525] The buggy address is located 0 bytes to the right of [ 25.266525] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.267176] [ 25.267324] The buggy address belongs to the physical page: [ 25.267635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.268031] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.268239] page_type: f5(slab) [ 25.268564] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.268987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.269132] page dumped because: kasan: bad access detected [ 25.269219] [ 25.269307] Memory state around the buggy address: [ 25.269412] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.269879] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.270248] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.271040] ^ [ 25.271490] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.272026] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.272432] ================================================================== [ 25.759505] ================================================================== [ 25.759668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 25.759791] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.759898] [ 25.759976] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.760162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.760238] Hardware name: linux,dummy-virt (DT) [ 25.760318] Call trace: [ 25.760415] show_stack+0x20/0x38 (C) [ 25.760529] dump_stack_lvl+0x8c/0xd0 [ 25.760705] print_report+0x118/0x608 [ 25.760824] kasan_report+0xdc/0x128 [ 25.760987] kasan_check_range+0x100/0x1a8 [ 25.761103] __kasan_check_write+0x20/0x30 [ 25.761300] kasan_atomics_helper+0x1644/0x4858 [ 25.761499] kasan_atomics+0x198/0x2e0 [ 25.761662] kunit_try_run_case+0x170/0x3f0 [ 25.761859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.762059] kthread+0x328/0x630 [ 25.762236] ret_from_fork+0x10/0x20 [ 25.762667] [ 25.762779] Allocated by task 267: [ 25.762885] kasan_save_stack+0x3c/0x68 [ 25.763005] kasan_save_track+0x20/0x40 [ 25.763222] kasan_save_alloc_info+0x40/0x58 [ 25.764110] __kasan_kmalloc+0xd4/0xd8 [ 25.766121] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.766289] kasan_atomics+0xb8/0x2e0 [ 25.766842] kunit_try_run_case+0x170/0x3f0 [ 25.766943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.767053] kthread+0x328/0x630 [ 25.767136] ret_from_fork+0x10/0x20 [ 25.767220] [ 25.767270] The buggy address belongs to the object at fff00000c78d8480 [ 25.767270] which belongs to the cache kmalloc-64 of size 64 [ 25.767400] The buggy address is located 0 bytes to the right of [ 25.767400] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.767537] [ 25.767588] The buggy address belongs to the physical page: [ 25.767660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.767801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.767950] page_type: f5(slab) [ 25.768050] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.768188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.768342] page dumped because: kasan: bad access detected [ 25.768475] [ 25.768556] Memory state around the buggy address: [ 25.768693] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.768827] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.768941] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.769047] ^ [ 25.769357] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.769459] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.769547] ================================================================== [ 25.559407] ================================================================== [ 25.559721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 25.560405] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.560601] [ 25.560698] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.561026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.561109] Hardware name: linux,dummy-virt (DT) [ 25.561199] Call trace: [ 25.561262] show_stack+0x20/0x38 (C) [ 25.561397] dump_stack_lvl+0x8c/0xd0 [ 25.561643] print_report+0x118/0x608 [ 25.562004] kasan_report+0xdc/0x128 [ 25.562493] kasan_check_range+0x100/0x1a8 [ 25.562639] __kasan_check_write+0x20/0x30 [ 25.562815] kasan_atomics_helper+0x10c0/0x4858 [ 25.562989] kasan_atomics+0x198/0x2e0 [ 25.563114] kunit_try_run_case+0x170/0x3f0 [ 25.563270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.563664] kthread+0x328/0x630 [ 25.563961] ret_from_fork+0x10/0x20 [ 25.564180] [ 25.564245] Allocated by task 267: [ 25.564552] kasan_save_stack+0x3c/0x68 [ 25.564674] kasan_save_track+0x20/0x40 [ 25.564838] kasan_save_alloc_info+0x40/0x58 [ 25.564942] __kasan_kmalloc+0xd4/0xd8 [ 25.565086] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.565266] kasan_atomics+0xb8/0x2e0 [ 25.565385] kunit_try_run_case+0x170/0x3f0 [ 25.565491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.565594] kthread+0x328/0x630 [ 25.565710] ret_from_fork+0x10/0x20 [ 25.565811] [ 25.565864] The buggy address belongs to the object at fff00000c78d8480 [ 25.565864] which belongs to the cache kmalloc-64 of size 64 [ 25.566036] The buggy address is located 0 bytes to the right of [ 25.566036] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.566229] [ 25.566551] The buggy address belongs to the physical page: [ 25.566660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.566955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.567619] page_type: f5(slab) [ 25.567737] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.567856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.567969] page dumped because: kasan: bad access detected [ 25.568059] [ 25.568124] Memory state around the buggy address: [ 25.568219] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.568333] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.568539] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.568692] ^ [ 25.569095] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.570178] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.570272] ================================================================== [ 25.402323] ================================================================== [ 25.402453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 25.402591] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.402709] [ 25.403020] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.403238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.403306] Hardware name: linux,dummy-virt (DT) [ 25.403389] Call trace: [ 25.403496] show_stack+0x20/0x38 (C) [ 25.403629] dump_stack_lvl+0x8c/0xd0 [ 25.403752] print_report+0x118/0x608 [ 25.404161] kasan_report+0xdc/0x128 [ 25.404298] kasan_check_range+0x100/0x1a8 [ 25.404423] __kasan_check_write+0x20/0x30 [ 25.404555] kasan_atomics_helper+0xd3c/0x4858 [ 25.404681] kasan_atomics+0x198/0x2e0 [ 25.404802] kunit_try_run_case+0x170/0x3f0 [ 25.404935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.405067] kthread+0x328/0x630 [ 25.405172] ret_from_fork+0x10/0x20 [ 25.405303] [ 25.405360] Allocated by task 267: [ 25.405438] kasan_save_stack+0x3c/0x68 [ 25.405543] kasan_save_track+0x20/0x40 [ 25.405641] kasan_save_alloc_info+0x40/0x58 [ 25.405752] __kasan_kmalloc+0xd4/0xd8 [ 25.405847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.405955] kasan_atomics+0xb8/0x2e0 [ 25.406048] kunit_try_run_case+0x170/0x3f0 [ 25.406152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.406267] kthread+0x328/0x630 [ 25.406357] ret_from_fork+0x10/0x20 [ 25.406450] [ 25.406501] The buggy address belongs to the object at fff00000c78d8480 [ 25.406501] which belongs to the cache kmalloc-64 of size 64 [ 25.406655] The buggy address is located 0 bytes to the right of [ 25.406655] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.406847] [ 25.406907] The buggy address belongs to the physical page: [ 25.407209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.407346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.407466] page_type: f5(slab) [ 25.408079] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.408261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.408554] page dumped because: kasan: bad access detected [ 25.408639] [ 25.408702] Memory state around the buggy address: [ 25.408944] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.409112] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.409203] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.409294] ^ [ 25.409549] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.409652] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.409751] ================================================================== [ 25.798428] ================================================================== [ 25.798558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 25.798686] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.799441] [ 25.799925] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.800244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.800322] Hardware name: linux,dummy-virt (DT) [ 25.800609] Call trace: [ 25.800677] show_stack+0x20/0x38 (C) [ 25.801171] dump_stack_lvl+0x8c/0xd0 [ 25.801528] print_report+0x118/0x608 [ 25.801710] kasan_report+0xdc/0x128 [ 25.802042] kasan_check_range+0x100/0x1a8 [ 25.802218] __kasan_check_write+0x20/0x30 [ 25.802582] kasan_atomics_helper+0x175c/0x4858 [ 25.802949] kasan_atomics+0x198/0x2e0 [ 25.803227] kunit_try_run_case+0x170/0x3f0 [ 25.803408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.803634] kthread+0x328/0x630 [ 25.804165] ret_from_fork+0x10/0x20 [ 25.804506] [ 25.804564] Allocated by task 267: [ 25.804717] kasan_save_stack+0x3c/0x68 [ 25.805044] kasan_save_track+0x20/0x40 [ 25.805162] kasan_save_alloc_info+0x40/0x58 [ 25.805266] __kasan_kmalloc+0xd4/0xd8 [ 25.805371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.805470] kasan_atomics+0xb8/0x2e0 [ 25.805563] kunit_try_run_case+0x170/0x3f0 [ 25.805922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.806056] kthread+0x328/0x630 [ 25.806155] ret_from_fork+0x10/0x20 [ 25.806209] [ 25.806258] The buggy address belongs to the object at fff00000c78d8480 [ 25.806258] which belongs to the cache kmalloc-64 of size 64 [ 25.806344] The buggy address is located 0 bytes to the right of [ 25.806344] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.806417] [ 25.806446] The buggy address belongs to the physical page: [ 25.806485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.806549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.806612] page_type: f5(slab) [ 25.806662] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.806722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.806808] page dumped because: kasan: bad access detected [ 25.806864] [ 25.806890] Memory state around the buggy address: [ 25.806931] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.806983] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.807034] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.807080] ^ [ 25.807121] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.807171] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.807216] ================================================================== [ 25.750601] ================================================================== [ 25.750977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 25.751208] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.751397] [ 25.751537] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.751966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.752364] Hardware name: linux,dummy-virt (DT) [ 25.752431] Call trace: [ 25.752464] show_stack+0x20/0x38 (C) [ 25.752538] dump_stack_lvl+0x8c/0xd0 [ 25.752660] print_report+0x118/0x608 [ 25.752865] kasan_report+0xdc/0x128 [ 25.752977] __asan_report_load8_noabort+0x20/0x30 [ 25.753103] kasan_atomics_helper+0x3db0/0x4858 [ 25.753231] kasan_atomics+0x198/0x2e0 [ 25.753445] kunit_try_run_case+0x170/0x3f0 [ 25.753847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.754254] kthread+0x328/0x630 [ 25.754412] ret_from_fork+0x10/0x20 [ 25.754560] [ 25.754636] Allocated by task 267: [ 25.754714] kasan_save_stack+0x3c/0x68 [ 25.754872] kasan_save_track+0x20/0x40 [ 25.754978] kasan_save_alloc_info+0x40/0x58 [ 25.755104] __kasan_kmalloc+0xd4/0xd8 [ 25.755214] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.755362] kasan_atomics+0xb8/0x2e0 [ 25.755442] kunit_try_run_case+0x170/0x3f0 [ 25.755518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.755604] kthread+0x328/0x630 [ 25.755710] ret_from_fork+0x10/0x20 [ 25.755813] [ 25.756098] The buggy address belongs to the object at fff00000c78d8480 [ 25.756098] which belongs to the cache kmalloc-64 of size 64 [ 25.756279] The buggy address is located 0 bytes to the right of [ 25.756279] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.756453] [ 25.756529] The buggy address belongs to the physical page: [ 25.756652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.756869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.757047] page_type: f5(slab) [ 25.757151] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.757345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.757452] page dumped because: kasan: bad access detected [ 25.757536] [ 25.757594] Memory state around the buggy address: [ 25.757903] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.758032] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.758193] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.758289] ^ [ 25.758389] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.758646] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.758815] ================================================================== [ 25.696652] ================================================================== [ 25.697539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 25.697698] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.697845] [ 25.698282] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.698507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.698573] Hardware name: linux,dummy-virt (DT) [ 25.698640] Call trace: [ 25.698693] show_stack+0x20/0x38 (C) [ 25.698828] dump_stack_lvl+0x8c/0xd0 [ 25.698947] print_report+0x118/0x608 [ 25.699044] kasan_report+0xdc/0x128 [ 25.699129] kasan_check_range+0x100/0x1a8 [ 25.699200] __kasan_check_write+0x20/0x30 [ 25.699253] kasan_atomics_helper+0x1414/0x4858 [ 25.699309] kasan_atomics+0x198/0x2e0 [ 25.699358] kunit_try_run_case+0x170/0x3f0 [ 25.699417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.699478] kthread+0x328/0x630 [ 25.699530] ret_from_fork+0x10/0x20 [ 25.699589] [ 25.699613] Allocated by task 267: [ 25.699650] kasan_save_stack+0x3c/0x68 [ 25.699701] kasan_save_track+0x20/0x40 [ 25.701066] kasan_save_alloc_info+0x40/0x58 [ 25.701181] __kasan_kmalloc+0xd4/0xd8 [ 25.701265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.701350] kasan_atomics+0xb8/0x2e0 [ 25.701427] kunit_try_run_case+0x170/0x3f0 [ 25.701519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.701627] kthread+0x328/0x630 [ 25.701699] ret_from_fork+0x10/0x20 [ 25.702892] [ 25.702953] The buggy address belongs to the object at fff00000c78d8480 [ 25.702953] which belongs to the cache kmalloc-64 of size 64 [ 25.704143] The buggy address is located 0 bytes to the right of [ 25.704143] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.705089] [ 25.705165] The buggy address belongs to the physical page: [ 25.705247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.705404] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.705579] page_type: f5(slab) [ 25.705689] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.706348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.706479] page dumped because: kasan: bad access detected [ 25.706564] [ 25.706620] Memory state around the buggy address: [ 25.706705] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.706841] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.706949] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.707386] ^ [ 25.707518] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.707626] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.707997] ================================================================== [ 25.730702] ================================================================== [ 25.730830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 25.730989] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.731363] [ 25.731523] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.732026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.732138] Hardware name: linux,dummy-virt (DT) [ 25.732270] Call trace: [ 25.732356] show_stack+0x20/0x38 (C) [ 25.732492] dump_stack_lvl+0x8c/0xd0 [ 25.732608] print_report+0x118/0x608 [ 25.732722] kasan_report+0xdc/0x128 [ 25.732999] kasan_check_range+0x100/0x1a8 [ 25.733423] __kasan_check_write+0x20/0x30 [ 25.733966] kasan_atomics_helper+0x154c/0x4858 [ 25.734189] kasan_atomics+0x198/0x2e0 [ 25.734379] kunit_try_run_case+0x170/0x3f0 [ 25.734587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.734907] kthread+0x328/0x630 [ 25.735155] ret_from_fork+0x10/0x20 [ 25.735356] [ 25.735597] Allocated by task 267: [ 25.735961] kasan_save_stack+0x3c/0x68 [ 25.736246] kasan_save_track+0x20/0x40 [ 25.736441] kasan_save_alloc_info+0x40/0x58 [ 25.736618] __kasan_kmalloc+0xd4/0xd8 [ 25.736716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.737033] kasan_atomics+0xb8/0x2e0 [ 25.737357] kunit_try_run_case+0x170/0x3f0 [ 25.737436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.737490] kthread+0x328/0x630 [ 25.737547] ret_from_fork+0x10/0x20 [ 25.737647] [ 25.737754] The buggy address belongs to the object at fff00000c78d8480 [ 25.737754] which belongs to the cache kmalloc-64 of size 64 [ 25.737928] The buggy address is located 0 bytes to the right of [ 25.737928] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.738080] [ 25.738126] The buggy address belongs to the physical page: [ 25.738192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.738311] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.738440] page_type: f5(slab) [ 25.738554] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.738771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.738960] page dumped because: kasan: bad access detected [ 25.739055] [ 25.739119] Memory state around the buggy address: [ 25.739261] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.739382] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.739501] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.739619] ^ [ 25.739755] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.739856] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.739987] ================================================================== [ 25.233100] ================================================================== [ 25.233285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 25.233444] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.233578] [ 25.233678] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.233932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.234023] Hardware name: linux,dummy-virt (DT) [ 25.234141] Call trace: [ 25.234465] show_stack+0x20/0x38 (C) [ 25.234794] dump_stack_lvl+0x8c/0xd0 [ 25.235022] print_report+0x118/0x608 [ 25.235159] kasan_report+0xdc/0x128 [ 25.235464] kasan_check_range+0x100/0x1a8 [ 25.235583] __kasan_check_write+0x20/0x30 [ 25.235815] kasan_atomics_helper+0x99c/0x4858 [ 25.236078] kasan_atomics+0x198/0x2e0 [ 25.236281] kunit_try_run_case+0x170/0x3f0 [ 25.236442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.236671] kthread+0x328/0x630 [ 25.237039] ret_from_fork+0x10/0x20 [ 25.237300] [ 25.237440] Allocated by task 267: [ 25.237523] kasan_save_stack+0x3c/0x68 [ 25.237648] kasan_save_track+0x20/0x40 [ 25.237750] kasan_save_alloc_info+0x40/0x58 [ 25.237835] __kasan_kmalloc+0xd4/0xd8 [ 25.237904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.238265] kasan_atomics+0xb8/0x2e0 [ 25.238460] kunit_try_run_case+0x170/0x3f0 [ 25.238583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.238694] kthread+0x328/0x630 [ 25.239273] ret_from_fork+0x10/0x20 [ 25.239426] [ 25.239490] The buggy address belongs to the object at fff00000c78d8480 [ 25.239490] which belongs to the cache kmalloc-64 of size 64 [ 25.239853] The buggy address is located 0 bytes to the right of [ 25.239853] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.240021] [ 25.240174] The buggy address belongs to the physical page: [ 25.240271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.240513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.240717] page_type: f5(slab) [ 25.240923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.241453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.241678] page dumped because: kasan: bad access detected [ 25.241820] [ 25.241994] Memory state around the buggy address: [ 25.242093] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.242232] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.242466] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.242569] ^ [ 25.242642] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.242754] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.242855] ================================================================== [ 25.708811] ================================================================== [ 25.708958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 25.709088] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.709223] [ 25.709445] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.709798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.709953] Hardware name: linux,dummy-virt (DT) [ 25.710134] Call trace: [ 25.710232] show_stack+0x20/0x38 (C) [ 25.710379] dump_stack_lvl+0x8c/0xd0 [ 25.710499] print_report+0x118/0x608 [ 25.710593] kasan_report+0xdc/0x128 [ 25.710677] kasan_check_range+0x100/0x1a8 [ 25.710788] __kasan_check_write+0x20/0x30 [ 25.710905] kasan_atomics_helper+0x147c/0x4858 [ 25.711387] kasan_atomics+0x198/0x2e0 [ 25.711825] kunit_try_run_case+0x170/0x3f0 [ 25.712154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.712538] kthread+0x328/0x630 [ 25.712790] ret_from_fork+0x10/0x20 [ 25.713120] [ 25.713285] Allocated by task 267: [ 25.713356] kasan_save_stack+0x3c/0x68 [ 25.713460] kasan_save_track+0x20/0x40 [ 25.713553] kasan_save_alloc_info+0x40/0x58 [ 25.713663] __kasan_kmalloc+0xd4/0xd8 [ 25.713774] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.713958] kasan_atomics+0xb8/0x2e0 [ 25.714169] kunit_try_run_case+0x170/0x3f0 [ 25.714368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.714683] kthread+0x328/0x630 [ 25.715010] ret_from_fork+0x10/0x20 [ 25.715111] [ 25.715592] The buggy address belongs to the object at fff00000c78d8480 [ 25.715592] which belongs to the cache kmalloc-64 of size 64 [ 25.715788] The buggy address is located 0 bytes to the right of [ 25.715788] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.715968] [ 25.716026] The buggy address belongs to the physical page: [ 25.716123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.716265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.716393] page_type: f5(slab) [ 25.716492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.716618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.717336] page dumped because: kasan: bad access detected [ 25.717550] [ 25.717609] Memory state around the buggy address: [ 25.717911] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.718375] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.718627] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.718813] ^ [ 25.719230] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.719549] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.719666] ================================================================== [ 25.770693] ================================================================== [ 25.770838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 25.770958] Read of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.771077] [ 25.771172] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.771371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.771439] Hardware name: linux,dummy-virt (DT) [ 25.771512] Call trace: [ 25.771567] show_stack+0x20/0x38 (C) [ 25.771676] dump_stack_lvl+0x8c/0xd0 [ 25.772217] print_report+0x118/0x608 [ 25.772400] kasan_report+0xdc/0x128 [ 25.772577] __asan_report_load8_noabort+0x20/0x30 [ 25.773133] kasan_atomics_helper+0x3df4/0x4858 [ 25.773327] kasan_atomics+0x198/0x2e0 [ 25.773426] kunit_try_run_case+0x170/0x3f0 [ 25.773521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.773663] kthread+0x328/0x630 [ 25.773787] ret_from_fork+0x10/0x20 [ 25.773930] [ 25.774004] Allocated by task 267: [ 25.774089] kasan_save_stack+0x3c/0x68 [ 25.774194] kasan_save_track+0x20/0x40 [ 25.774281] kasan_save_alloc_info+0x40/0x58 [ 25.774396] __kasan_kmalloc+0xd4/0xd8 [ 25.774529] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.774692] kasan_atomics+0xb8/0x2e0 [ 25.774798] kunit_try_run_case+0x170/0x3f0 [ 25.774905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.775024] kthread+0x328/0x630 [ 25.775118] ret_from_fork+0x10/0x20 [ 25.775228] [ 25.775298] The buggy address belongs to the object at fff00000c78d8480 [ 25.775298] which belongs to the cache kmalloc-64 of size 64 [ 25.775537] The buggy address is located 0 bytes to the right of [ 25.775537] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.775734] [ 25.775800] The buggy address belongs to the physical page: [ 25.775887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.776032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.776180] page_type: f5(slab) [ 25.776286] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.776423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.776538] page dumped because: kasan: bad access detected [ 25.776623] [ 25.776675] Memory state around the buggy address: [ 25.776777] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.776902] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.777827] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.777953] ^ [ 25.778043] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.778162] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.778267] ================================================================== [ 25.007154] ================================================================== [ 25.008795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 25.008999] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.009634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.009713] Hardware name: linux,dummy-virt (DT) [ 25.010037] dump_stack_lvl+0x8c/0xd0 [ 25.011369] kthread+0x328/0x630 [ 25.011546] [ 25.011763] kasan_save_track+0x20/0x40 [ 25.012002] __kasan_kmalloc+0xd4/0xd8 [ 25.012716] kthread+0x328/0x630 [ 25.013129] The buggy address is located 0 bytes to the right of [ 25.013129] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.013329] [ 25.013387] The buggy address belongs to the physical page: [ 25.013499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.013649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.013814] page_type: f5(slab) [ 25.013909] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.014118] page dumped because: kasan: bad access detected [ 25.014481] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.014583] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.014876] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.015087] ================================================================== [ 25.778975] ================================================================== [ 25.779161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 25.779285] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.779402] [ 25.779478] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.779694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.779843] Hardware name: linux,dummy-virt (DT) [ 25.779943] Call trace: [ 25.780008] show_stack+0x20/0x38 (C) [ 25.780137] dump_stack_lvl+0x8c/0xd0 [ 25.780254] print_report+0x118/0x608 [ 25.780383] kasan_report+0xdc/0x128 [ 25.780534] kasan_check_range+0x100/0x1a8 [ 25.780693] __kasan_check_write+0x20/0x30 [ 25.781051] kasan_atomics_helper+0x16d0/0x4858 [ 25.781219] kasan_atomics+0x198/0x2e0 [ 25.781424] kunit_try_run_case+0x170/0x3f0 [ 25.781562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.781738] kthread+0x328/0x630 [ 25.781877] ret_from_fork+0x10/0x20 [ 25.781995] [ 25.782040] Allocated by task 267: [ 25.782098] kasan_save_stack+0x3c/0x68 [ 25.782191] kasan_save_track+0x20/0x40 [ 25.782279] kasan_save_alloc_info+0x40/0x58 [ 25.782406] __kasan_kmalloc+0xd4/0xd8 [ 25.782522] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.782663] kasan_atomics+0xb8/0x2e0 [ 25.782794] kunit_try_run_case+0x170/0x3f0 [ 25.782932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.783107] kthread+0x328/0x630 [ 25.783198] ret_from_fork+0x10/0x20 [ 25.783324] [ 25.783392] The buggy address belongs to the object at fff00000c78d8480 [ 25.783392] which belongs to the cache kmalloc-64 of size 64 [ 25.783554] The buggy address is located 0 bytes to the right of [ 25.783554] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.783743] [ 25.783834] The buggy address belongs to the physical page: [ 25.783957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.784179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.784380] page_type: f5(slab) [ 25.784476] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.784607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.784755] page dumped because: kasan: bad access detected [ 25.784840] [ 25.784929] Memory state around the buggy address: [ 25.785029] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.785144] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.785392] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.785535] ^ [ 25.785640] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.785774] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.785874] ================================================================== [ 25.506485] ================================================================== [ 25.507268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 25.507576] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.507746] [ 25.507846] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.508068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.508153] Hardware name: linux,dummy-virt (DT) [ 25.508238] Call trace: [ 25.508307] show_stack+0x20/0x38 (C) [ 25.508432] dump_stack_lvl+0x8c/0xd0 [ 25.508557] print_report+0x118/0x608 [ 25.508671] kasan_report+0xdc/0x128 [ 25.508802] kasan_check_range+0x100/0x1a8 [ 25.508923] __kasan_check_write+0x20/0x30 [ 25.509046] kasan_atomics_helper+0xf88/0x4858 [ 25.509169] kasan_atomics+0x198/0x2e0 [ 25.509280] kunit_try_run_case+0x170/0x3f0 [ 25.511334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.511659] kthread+0x328/0x630 [ 25.511965] ret_from_fork+0x10/0x20 [ 25.512234] [ 25.512292] Allocated by task 267: [ 25.512380] kasan_save_stack+0x3c/0x68 [ 25.512491] kasan_save_track+0x20/0x40 [ 25.513088] kasan_save_alloc_info+0x40/0x58 [ 25.513544] __kasan_kmalloc+0xd4/0xd8 [ 25.513698] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.514407] kasan_atomics+0xb8/0x2e0 [ 25.514664] kunit_try_run_case+0x170/0x3f0 [ 25.515127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.515290] kthread+0x328/0x630 [ 25.515387] ret_from_fork+0x10/0x20 [ 25.515485] [ 25.515982] The buggy address belongs to the object at fff00000c78d8480 [ 25.515982] which belongs to the cache kmalloc-64 of size 64 [ 25.516188] The buggy address is located 0 bytes to the right of [ 25.516188] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.516991] [ 25.517522] The buggy address belongs to the physical page: [ 25.518054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.518198] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.518499] page_type: f5(slab) [ 25.519492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.519670] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.519798] page dumped because: kasan: bad access detected [ 25.520311] [ 25.520524] Memory state around the buggy address: [ 25.520792] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.521265] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.521387] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.521476] ^ [ 25.521843] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.522178] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.522631] ================================================================== [ 25.109620] ================================================================== [ 25.111781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 25.117113] [ 25.119092] kthread+0x328/0x630 [ 25.125096] ================================================================== [ 25.488830] ================================================================== [ 25.489313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 25.489947] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.490085] [ 25.490172] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.490372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.490777] Hardware name: linux,dummy-virt (DT) [ 25.491472] Call trace: [ 25.491567] show_stack+0x20/0x38 (C) [ 25.491976] dump_stack_lvl+0x8c/0xd0 [ 25.492337] print_report+0x118/0x608 [ 25.492907] kasan_report+0xdc/0x128 [ 25.493060] kasan_check_range+0x100/0x1a8 [ 25.493177] __kasan_check_write+0x20/0x30 [ 25.493605] kasan_atomics_helper+0xf20/0x4858 [ 25.493769] kasan_atomics+0x198/0x2e0 [ 25.493896] kunit_try_run_case+0x170/0x3f0 [ 25.494557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.494700] kthread+0x328/0x630 [ 25.494819] ret_from_fork+0x10/0x20 [ 25.494938] [ 25.495690] Allocated by task 267: [ 25.495969] kasan_save_stack+0x3c/0x68 [ 25.496264] kasan_save_track+0x20/0x40 [ 25.496378] kasan_save_alloc_info+0x40/0x58 [ 25.496481] __kasan_kmalloc+0xd4/0xd8 [ 25.497055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.497461] kasan_atomics+0xb8/0x2e0 [ 25.497709] kunit_try_run_case+0x170/0x3f0 [ 25.497837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.497952] kthread+0x328/0x630 [ 25.498049] ret_from_fork+0x10/0x20 [ 25.498851] [ 25.498926] The buggy address belongs to the object at fff00000c78d8480 [ 25.498926] which belongs to the cache kmalloc-64 of size 64 [ 25.499079] The buggy address is located 0 bytes to the right of [ 25.499079] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.499644] [ 25.499767] The buggy address belongs to the physical page: [ 25.500267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.500427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.501410] page_type: f5(slab) [ 25.501768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.502315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.502426] page dumped because: kasan: bad access detected [ 25.502508] [ 25.502557] Memory state around the buggy address: [ 25.502653] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.502812] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.503791] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.504158] ^ [ 25.504279] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.504403] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.504918] ================================================================== [ 25.600851] ================================================================== [ 25.601963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 25.602232] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.602374] [ 25.602722] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.603229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.603587] Hardware name: linux,dummy-virt (DT) [ 25.603686] Call trace: [ 25.604181] show_stack+0x20/0x38 (C) [ 25.604338] dump_stack_lvl+0x8c/0xd0 [ 25.604507] print_report+0x118/0x608 [ 25.605052] kasan_report+0xdc/0x128 [ 25.605339] kasan_check_range+0x100/0x1a8 [ 25.605489] __kasan_check_write+0x20/0x30 [ 25.605617] kasan_atomics_helper+0x11f8/0x4858 [ 25.606261] kasan_atomics+0x198/0x2e0 [ 25.606399] kunit_try_run_case+0x170/0x3f0 [ 25.606503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.606623] kthread+0x328/0x630 [ 25.606744] ret_from_fork+0x10/0x20 [ 25.607767] [ 25.607936] Allocated by task 267: [ 25.608037] kasan_save_stack+0x3c/0x68 [ 25.608168] kasan_save_track+0x20/0x40 [ 25.608693] kasan_save_alloc_info+0x40/0x58 [ 25.609030] __kasan_kmalloc+0xd4/0xd8 [ 25.609424] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.609559] kasan_atomics+0xb8/0x2e0 [ 25.609660] kunit_try_run_case+0x170/0x3f0 [ 25.609758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.609853] kthread+0x328/0x630 [ 25.609932] ret_from_fork+0x10/0x20 [ 25.610019] [ 25.610077] The buggy address belongs to the object at fff00000c78d8480 [ 25.610077] which belongs to the cache kmalloc-64 of size 64 [ 25.610841] The buggy address is located 0 bytes to the right of [ 25.610841] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.611043] [ 25.611105] The buggy address belongs to the physical page: [ 25.611190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.612583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.612987] page_type: f5(slab) [ 25.613124] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.613518] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.613960] page dumped because: kasan: bad access detected [ 25.614081] [ 25.614423] Memory state around the buggy address: [ 25.614523] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.614653] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.615210] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.615581] ^ [ 25.615681] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.615806] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.615917] ================================================================== [ 25.661167] ================================================================== [ 25.661546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 25.661950] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.662054] [ 25.662939] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.663191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.663263] Hardware name: linux,dummy-virt (DT) [ 25.663344] Call trace: [ 25.663415] show_stack+0x20/0x38 (C) [ 25.663549] dump_stack_lvl+0x8c/0xd0 [ 25.663677] print_report+0x118/0x608 [ 25.664704] kasan_report+0xdc/0x128 [ 25.665624] kasan_check_range+0x100/0x1a8 [ 25.666501] __kasan_check_write+0x20/0x30 [ 25.666743] kasan_atomics_helper+0x1384/0x4858 [ 25.667070] kasan_atomics+0x198/0x2e0 [ 25.667349] kunit_try_run_case+0x170/0x3f0 [ 25.667750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.668161] kthread+0x328/0x630 [ 25.668771] ret_from_fork+0x10/0x20 [ 25.669322] [ 25.669456] Allocated by task 267: [ 25.669678] kasan_save_stack+0x3c/0x68 [ 25.670520] kasan_save_track+0x20/0x40 [ 25.670776] kasan_save_alloc_info+0x40/0x58 [ 25.670879] __kasan_kmalloc+0xd4/0xd8 [ 25.670974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.671515] kasan_atomics+0xb8/0x2e0 [ 25.671620] kunit_try_run_case+0x170/0x3f0 [ 25.672780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.673450] kthread+0x328/0x630 [ 25.674046] ret_from_fork+0x10/0x20 [ 25.674180] [ 25.674239] The buggy address belongs to the object at fff00000c78d8480 [ 25.674239] which belongs to the cache kmalloc-64 of size 64 [ 25.674708] The buggy address is located 0 bytes to the right of [ 25.674708] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.676862] [ 25.676926] The buggy address belongs to the physical page: [ 25.677006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.677121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.677188] page_type: f5(slab) [ 25.677259] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.677393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.677530] page dumped because: kasan: bad access detected [ 25.677623] [ 25.677675] Memory state around the buggy address: [ 25.677779] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.677900] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.678012] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.678134] ^ [ 25.678228] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.678319] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.678395] ================================================================== [ 25.457211] ================================================================== [ 25.458437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 25.458643] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.458792] [ 25.458884] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.459053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.459109] Hardware name: linux,dummy-virt (DT) [ 25.459171] Call trace: [ 25.459220] show_stack+0x20/0x38 (C) [ 25.459342] dump_stack_lvl+0x8c/0xd0 [ 25.459496] print_report+0x118/0x608 [ 25.459671] kasan_report+0xdc/0x128 [ 25.459854] __asan_report_store8_noabort+0x20/0x30 [ 25.460046] kasan_atomics_helper+0x3e5c/0x4858 [ 25.460191] kasan_atomics+0x198/0x2e0 [ 25.460310] kunit_try_run_case+0x170/0x3f0 [ 25.460439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.460576] kthread+0x328/0x630 [ 25.460689] ret_from_fork+0x10/0x20 [ 25.460816] [ 25.460867] Allocated by task 267: [ 25.460941] kasan_save_stack+0x3c/0x68 [ 25.461067] kasan_save_track+0x20/0x40 [ 25.461616] kasan_save_alloc_info+0x40/0x58 [ 25.461811] __kasan_kmalloc+0xd4/0xd8 [ 25.461945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.462059] kasan_atomics+0xb8/0x2e0 [ 25.462153] kunit_try_run_case+0x170/0x3f0 [ 25.462257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.462367] kthread+0x328/0x630 [ 25.462442] ret_from_fork+0x10/0x20 [ 25.463109] [ 25.463180] The buggy address belongs to the object at fff00000c78d8480 [ 25.463180] which belongs to the cache kmalloc-64 of size 64 [ 25.463339] The buggy address is located 0 bytes to the right of [ 25.463339] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.463514] [ 25.463568] The buggy address belongs to the physical page: [ 25.463667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.463889] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.464087] page_type: f5(slab) [ 25.464221] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.464357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.464524] page dumped because: kasan: bad access detected [ 25.464650] [ 25.464725] Memory state around the buggy address: [ 25.464815] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.464934] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.465104] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.465203] ^ [ 25.465299] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.465610] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.465848] ================================================================== [ 25.245088] ================================================================== [ 25.245169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 25.245243] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.245835] [ 25.245960] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.246188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.246268] Hardware name: linux,dummy-virt (DT) [ 25.246354] Call trace: [ 25.246441] show_stack+0x20/0x38 (C) [ 25.246579] dump_stack_lvl+0x8c/0xd0 [ 25.246705] print_report+0x118/0x608 [ 25.246844] kasan_report+0xdc/0x128 [ 25.246964] kasan_check_range+0x100/0x1a8 [ 25.247101] __kasan_check_write+0x20/0x30 [ 25.247250] kasan_atomics_helper+0xa04/0x4858 [ 25.247382] kasan_atomics+0x198/0x2e0 [ 25.247498] kunit_try_run_case+0x170/0x3f0 [ 25.247649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.248515] kthread+0x328/0x630 [ 25.248787] ret_from_fork+0x10/0x20 [ 25.248982] [ 25.249041] Allocated by task 267: [ 25.249353] kasan_save_stack+0x3c/0x68 [ 25.249455] kasan_save_track+0x20/0x40 [ 25.249567] kasan_save_alloc_info+0x40/0x58 [ 25.249710] __kasan_kmalloc+0xd4/0xd8 [ 25.249837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.249947] kasan_atomics+0xb8/0x2e0 [ 25.250036] kunit_try_run_case+0x170/0x3f0 [ 25.250144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.250239] kthread+0x328/0x630 [ 25.250309] ret_from_fork+0x10/0x20 [ 25.250372] [ 25.250413] The buggy address belongs to the object at fff00000c78d8480 [ 25.250413] which belongs to the cache kmalloc-64 of size 64 [ 25.250547] The buggy address is located 0 bytes to the right of [ 25.250547] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.250720] [ 25.250787] The buggy address belongs to the physical page: [ 25.250867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.251108] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.251251] page_type: f5(slab) [ 25.251344] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.251461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.251575] page dumped because: kasan: bad access detected [ 25.251662] [ 25.251712] Memory state around the buggy address: [ 25.251814] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.251933] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.252045] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.252151] ^ [ 25.252237] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.252332] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.252439] ================================================================== [ 25.466707] ================================================================== [ 25.466849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 25.466975] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.467281] [ 25.467391] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.467626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.467703] Hardware name: linux,dummy-virt (DT) [ 25.467800] Call trace: [ 25.467868] show_stack+0x20/0x38 (C) [ 25.467988] dump_stack_lvl+0x8c/0xd0 [ 25.468121] print_report+0x118/0x608 [ 25.468243] kasan_report+0xdc/0x128 [ 25.468362] kasan_check_range+0x100/0x1a8 [ 25.468484] __kasan_check_write+0x20/0x30 [ 25.468609] kasan_atomics_helper+0xeb8/0x4858 [ 25.468743] kasan_atomics+0x198/0x2e0 [ 25.468863] kunit_try_run_case+0x170/0x3f0 [ 25.468994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.469134] kthread+0x328/0x630 [ 25.469249] ret_from_fork+0x10/0x20 [ 25.470276] [ 25.471037] Allocated by task 267: [ 25.472251] kasan_save_stack+0x3c/0x68 [ 25.472819] kasan_save_track+0x20/0x40 [ 25.473344] kasan_save_alloc_info+0x40/0x58 [ 25.473681] __kasan_kmalloc+0xd4/0xd8 [ 25.473779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.473868] kasan_atomics+0xb8/0x2e0 [ 25.473950] kunit_try_run_case+0x170/0x3f0 [ 25.474053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.475724] kthread+0x328/0x630 [ 25.476347] ret_from_fork+0x10/0x20 [ 25.476492] [ 25.477199] The buggy address belongs to the object at fff00000c78d8480 [ 25.477199] which belongs to the cache kmalloc-64 of size 64 [ 25.477705] The buggy address is located 0 bytes to the right of [ 25.477705] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.479165] [ 25.479566] The buggy address belongs to the physical page: [ 25.480236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.481360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.481518] page_type: f5(slab) [ 25.481630] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.481753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.481841] page dumped because: kasan: bad access detected [ 25.481919] [ 25.481967] Memory state around the buggy address: [ 25.482066] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.482188] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.482299] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.483078] ^ [ 25.483665] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.484158] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.484348] ================================================================== [ 25.307044] ================================================================== [ 25.308381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 25.308608] Write of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.309083] [ 25.309295] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.310103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.310231] Hardware name: linux,dummy-virt (DT) [ 25.310324] Call trace: [ 25.310952] show_stack+0x20/0x38 (C) [ 25.311399] dump_stack_lvl+0x8c/0xd0 [ 25.311703] print_report+0x118/0x608 [ 25.312170] kasan_report+0xdc/0x128 [ 25.312506] kasan_check_range+0x100/0x1a8 [ 25.312627] __kasan_check_write+0x20/0x30 [ 25.313891] kasan_atomics_helper+0xb70/0x4858 [ 25.314211] kasan_atomics+0x198/0x2e0 [ 25.314963] kunit_try_run_case+0x170/0x3f0 [ 25.315308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.315523] kthread+0x328/0x630 [ 25.315641] ret_from_fork+0x10/0x20 [ 25.315780] [ 25.315839] Allocated by task 267: [ 25.315918] kasan_save_stack+0x3c/0x68 [ 25.316024] kasan_save_track+0x20/0x40 [ 25.316795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.322129] The buggy address belongs to the physical page: [ 25.325170] page dumped because: kasan: bad access detected [ 25.327156] ^ [ 25.329788] Read of size 4 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.330820] Call trace: [ 25.333049] kasan_atomics+0x198/0x2e0 [ 25.338130] kasan_atomics+0xb8/0x2e0 [ 25.340871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.343635] [ 25.344453] ^ [ 25.350445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.354779] kasan_save_stack+0x3c/0x68 [ 25.358305] [ 25.358869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.359956] [ 25.361015] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.363204] [ 25.366159] kthread+0x328/0x630 [ 25.368613] kthread+0x328/0x630 [ 25.369501] The buggy address is located 0 bytes to the right of [ 25.369501] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.373364] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.381609] kasan_save_track+0x20/0x40 [ 25.382954] kthread+0x328/0x630 [ 25.383048] ret_from_fork+0x10/0x20 [ 25.383236] [ 25.383326] The buggy address belongs to the object at fff00000c78d8480 [ 25.383326] which belongs to the cache kmalloc-64 of size 64 [ 25.383894] The buggy address is located 0 bytes to the right of [ 25.383894] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.384141] [ 25.384460] The buggy address belongs to the physical page: [ 25.384592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.384862] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.385004] page_type: f5(slab) [ 25.385110] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.385244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.385348] page dumped because: kasan: bad access detected [ 25.385438] [ 25.385495] Memory state around the buggy address: [ 25.385582] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.386130] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.386316] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.386549] ^ [ 25.386763] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.387055] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.387380] ================================================================== [ 25.449269] ================================================================== [ 25.449496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 25.449686] Write of size 8 at addr fff00000c78d84b0 by task kunit_try_catch/267 [ 25.449852] [ 25.449935] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 25.450151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.450217] Hardware name: linux,dummy-virt (DT) [ 25.450299] Call trace: [ 25.450363] show_stack+0x20/0x38 (C) [ 25.450488] dump_stack_lvl+0x8c/0xd0 [ 25.450917] print_report+0x118/0x608 [ 25.451092] kasan_report+0xdc/0x128 [ 25.451212] kasan_check_range+0x100/0x1a8 [ 25.451358] __kasan_check_write+0x20/0x30 [ 25.451504] kasan_atomics_helper+0xe44/0x4858 [ 25.451672] kasan_atomics+0x198/0x2e0 [ 25.451857] kunit_try_run_case+0x170/0x3f0 [ 25.452035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.452207] kthread+0x328/0x630 [ 25.452341] ret_from_fork+0x10/0x20 [ 25.452478] [ 25.452530] Allocated by task 267: [ 25.452605] kasan_save_stack+0x3c/0x68 [ 25.452718] kasan_save_track+0x20/0x40 [ 25.452822] kasan_save_alloc_info+0x40/0x58 [ 25.452920] __kasan_kmalloc+0xd4/0xd8 [ 25.453018] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.453137] kasan_atomics+0xb8/0x2e0 [ 25.453765] kunit_try_run_case+0x170/0x3f0 [ 25.453908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.454051] kthread+0x328/0x630 [ 25.454175] ret_from_fork+0x10/0x20 [ 25.454302] [ 25.454373] The buggy address belongs to the object at fff00000c78d8480 [ 25.454373] which belongs to the cache kmalloc-64 of size 64 [ 25.454598] The buggy address is located 0 bytes to the right of [ 25.454598] allocated 48-byte region [fff00000c78d8480, fff00000c78d84b0) [ 25.454856] [ 25.454948] The buggy address belongs to the physical page: [ 25.455034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 25.455148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.455258] page_type: f5(slab) [ 25.455360] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.455492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.455608] page dumped because: kasan: bad access detected [ 25.455698] [ 25.455767] Memory state around the buggy address: [ 25.455893] fff00000c78d8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.456056] fff00000c78d8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.456226] >fff00000c78d8480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.456346] ^ [ 25.456455] fff00000c78d8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.456575] fff00000c78d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.456700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 24.872987] ================================================================== [ 24.876131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 24.879298] kasan_report+0xdc/0x128 [ 24.881399] ret_from_fork+0x10/0x20 [ 24.884145] kunit_try_run_case+0x170/0x3f0 [ 24.887104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 24.889492] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.890070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 24.746366] ================================================================== [ 24.746531] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 24.747219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.747750] kasan_report+0xdc/0x128 [ 24.749493] Allocated by task 263: [ 24.750284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.751194] The buggy address belongs to the physical page: [ 24.753009] >fff00000c58ac280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 24.755455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 24.669201] ================================================================== [ 24.669382] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 24.669615] Read of size 1 at addr fff00000c73a8610 by task kunit_try_catch/261 [ 24.669749] [ 24.669834] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.670021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.670124] Hardware name: linux,dummy-virt (DT) [ 24.670202] Call trace: [ 24.670269] show_stack+0x20/0x38 (C) [ 24.670512] dump_stack_lvl+0x8c/0xd0 [ 24.670671] print_report+0x118/0x608 [ 24.670801] kasan_report+0xdc/0x128 [ 24.670926] __asan_report_load1_noabort+0x20/0x30 [ 24.671060] strnlen+0x80/0x88 [ 24.671186] kasan_strings+0x478/0xb00 [ 24.671329] kunit_try_run_case+0x170/0x3f0 [ 24.671527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.671756] kthread+0x328/0x630 [ 24.671960] ret_from_fork+0x10/0x20 [ 24.672912] __kasan_kmalloc+0xd4/0xd8 [ 24.674265] __kasan_slab_free+0x6c/0x98 [ 24.675086] [ 24.675328] The buggy address is located 16 bytes inside of [ 24.675328] freed 32-byte region [fff00000c73a8600, fff00000c73a8620) [ 24.676245] >fff00000c73a8600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.676289] ^ [ 24.676373] fff00000c73a8700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.676417] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 24.653089] ================================================================== [ 24.653244] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 24.653441] Read of size 1 at addr fff00000c73a8610 by task kunit_try_catch/261 [ 24.653616] [ 24.653713] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.654139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.654256] Hardware name: linux,dummy-virt (DT) [ 24.654364] Call trace: [ 24.654601] show_stack+0x20/0x38 (C) [ 24.654908] dump_stack_lvl+0x8c/0xd0 [ 24.655055] print_report+0x118/0x608 [ 24.655179] kasan_report+0xdc/0x128 [ 24.655292] __asan_report_load1_noabort+0x20/0x30 [ 24.655416] strlen+0xa8/0xb0 [ 24.655531] kasan_strings+0x418/0xb00 [ 24.655655] kunit_try_run_case+0x170/0x3f0 [ 24.655784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.655916] kthread+0x328/0x630 [ 24.656081] ret_from_fork+0x10/0x20 [ 24.656231] [ 24.656278] Allocated by task 261: [ 24.656354] kasan_save_stack+0x3c/0x68 [ 24.656748] kasan_save_track+0x20/0x40 [ 24.657048] kasan_save_alloc_info+0x40/0x58 [ 24.657227] __kasan_kmalloc+0xd4/0xd8 [ 24.657317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.657417] kasan_strings+0xc8/0xb00 [ 24.657738] kunit_try_run_case+0x170/0x3f0 [ 24.657934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.658202] kthread+0x328/0x630 [ 24.658723] ret_from_fork+0x10/0x20 [ 24.658845] [ 24.658960] Freed by task 261: [ 24.659106] kasan_save_stack+0x3c/0x68 [ 24.659276] kasan_save_track+0x20/0x40 [ 24.659407] kasan_save_free_info+0x4c/0x78 [ 24.659865] __kasan_slab_free+0x6c/0x98 [ 24.659989] kfree+0x214/0x3c8 [ 24.660209] kasan_strings+0x24c/0xb00 [ 24.660588] kunit_try_run_case+0x170/0x3f0 [ 24.660863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.661048] kthread+0x328/0x630 [ 24.661173] ret_from_fork+0x10/0x20 [ 24.661328] [ 24.661392] The buggy address belongs to the object at fff00000c73a8600 [ 24.661392] which belongs to the cache kmalloc-32 of size 32 [ 24.661583] The buggy address is located 16 bytes inside of [ 24.661583] freed 32-byte region [fff00000c73a8600, fff00000c73a8620) [ 24.661750] [ 24.661999] The buggy address belongs to the physical page: [ 24.662318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073a8 [ 24.662527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.662654] page_type: f5(slab) [ 24.662750] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 24.662878] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.662986] page dumped because: kasan: bad access detected [ 24.663065] [ 24.663111] Memory state around the buggy address: [ 24.663241] fff00000c73a8500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.663409] fff00000c73a8580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.663516] >fff00000c73a8600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.663652] ^ [ 24.663781] fff00000c73a8680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.663961] fff00000c73a8700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.664101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 24.643024] ================================================================== [ 24.643198] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 24.643353] Read of size 1 at addr fff00000c73a8610 by task kunit_try_catch/261 [ 24.643494] [ 24.643600] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.643977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.644059] Hardware name: linux,dummy-virt (DT) [ 24.644177] Call trace: [ 24.644253] show_stack+0x20/0x38 (C) [ 24.644363] dump_stack_lvl+0x8c/0xd0 [ 24.644485] print_report+0x118/0x608 [ 24.644596] kasan_report+0xdc/0x128 [ 24.644704] __asan_report_load1_noabort+0x20/0x30 [ 24.644894] kasan_strings+0x95c/0xb00 [ 24.645007] kunit_try_run_case+0x170/0x3f0 [ 24.645123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.645255] kthread+0x328/0x630 [ 24.645359] ret_from_fork+0x10/0x20 [ 24.645476] [ 24.645520] Allocated by task 261: [ 24.645584] kasan_save_stack+0x3c/0x68 [ 24.645687] kasan_save_track+0x20/0x40 [ 24.645795] kasan_save_alloc_info+0x40/0x58 [ 24.645878] __kasan_kmalloc+0xd4/0xd8 [ 24.645962] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.646145] kasan_strings+0xc8/0xb00 [ 24.646224] kunit_try_run_case+0x170/0x3f0 [ 24.646306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.646410] kthread+0x328/0x630 [ 24.646503] ret_from_fork+0x10/0x20 [ 24.646594] [ 24.646646] Freed by task 261: [ 24.647753] kasan_save_stack+0x3c/0x68 [ 24.647882] kasan_save_track+0x20/0x40 [ 24.648045] kasan_save_free_info+0x4c/0x78 [ 24.648213] __kasan_slab_free+0x6c/0x98 [ 24.648359] kfree+0x214/0x3c8 [ 24.648449] kasan_strings+0x24c/0xb00 [ 24.648547] kunit_try_run_case+0x170/0x3f0 [ 24.648662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.648840] kthread+0x328/0x630 [ 24.648924] ret_from_fork+0x10/0x20 [ 24.649038] [ 24.649098] The buggy address belongs to the object at fff00000c73a8600 [ 24.649098] which belongs to the cache kmalloc-32 of size 32 [ 24.649252] The buggy address is located 16 bytes inside of [ 24.649252] freed 32-byte region [fff00000c73a8600, fff00000c73a8620) [ 24.649423] [ 24.649500] The buggy address belongs to the physical page: [ 24.649610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073a8 [ 24.649780] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.649899] page_type: f5(slab) [ 24.650021] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 24.650134] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.650258] page dumped because: kasan: bad access detected [ 24.650353] [ 24.650402] Memory state around the buggy address: [ 24.650497] fff00000c73a8500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.650608] fff00000c73a8580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.650739] >fff00000c73a8600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.651010] ^ [ 24.651122] fff00000c73a8680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.651217] fff00000c73a8700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.651434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 24.630133] ================================================================== [ 24.630489] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 24.632042] Read of size 1 at addr fff00000c73a8610 by task kunit_try_catch/261 [ 24.632279] [ 24.632371] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.632567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.632630] Hardware name: linux,dummy-virt (DT) [ 24.632697] Call trace: [ 24.632762] show_stack+0x20/0x38 (C) [ 24.632896] dump_stack_lvl+0x8c/0xd0 [ 24.633002] print_report+0x118/0x608 [ 24.633104] kasan_report+0xdc/0x128 [ 24.633192] __asan_report_load1_noabort+0x20/0x30 [ 24.633288] strcmp+0xc0/0xc8 [ 24.633377] kasan_strings+0x340/0xb00 [ 24.633484] kunit_try_run_case+0x170/0x3f0 [ 24.633580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.633684] kthread+0x328/0x630 [ 24.635878] ret_from_fork+0x10/0x20 [ 24.636000] [ 24.636044] Allocated by task 261: [ 24.636147] kasan_save_stack+0x3c/0x68 [ 24.636236] kasan_save_track+0x20/0x40 [ 24.636323] kasan_save_alloc_info+0x40/0x58 [ 24.636412] __kasan_kmalloc+0xd4/0xd8 [ 24.636496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.636589] kasan_strings+0xc8/0xb00 [ 24.636667] kunit_try_run_case+0x170/0x3f0 [ 24.636777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.636886] kthread+0x328/0x630 [ 24.636972] ret_from_fork+0x10/0x20 [ 24.637052] [ 24.637098] Freed by task 261: [ 24.637163] kasan_save_stack+0x3c/0x68 [ 24.637253] kasan_save_track+0x20/0x40 [ 24.637335] kasan_save_free_info+0x4c/0x78 [ 24.637435] __kasan_slab_free+0x6c/0x98 [ 24.637524] kfree+0x214/0x3c8 [ 24.637598] kasan_strings+0x24c/0xb00 [ 24.637686] kunit_try_run_case+0x170/0x3f0 [ 24.639138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.639277] kthread+0x328/0x630 [ 24.639371] ret_from_fork+0x10/0x20 [ 24.639503] [ 24.639552] The buggy address belongs to the object at fff00000c73a8600 [ 24.639552] which belongs to the cache kmalloc-32 of size 32 [ 24.639698] The buggy address is located 16 bytes inside of [ 24.639698] freed 32-byte region [fff00000c73a8600, fff00000c73a8620) [ 24.639945] [ 24.640024] The buggy address belongs to the physical page: [ 24.640148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073a8 [ 24.640344] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.640522] page_type: f5(slab) [ 24.640661] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 24.640802] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.640883] page dumped because: kasan: bad access detected [ 24.640951] [ 24.640989] Memory state around the buggy address: [ 24.641070] fff00000c73a8500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.641226] fff00000c73a8580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.641331] >fff00000c73a8600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.641414] ^ [ 24.641484] fff00000c73a8680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.641578] fff00000c73a8700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.641671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 24.591555] ================================================================== [ 24.591751] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 24.592291] Read of size 1 at addr fff00000c73a8458 by task kunit_try_catch/259 [ 24.592475] [ 24.592648] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.592967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.593068] Hardware name: linux,dummy-virt (DT) [ 24.593171] Call trace: [ 24.593223] show_stack+0x20/0x38 (C) [ 24.593359] dump_stack_lvl+0x8c/0xd0 [ 24.593473] print_report+0x118/0x608 [ 24.593938] kasan_report+0xdc/0x128 [ 24.594061] __asan_report_load1_noabort+0x20/0x30 [ 24.594186] memcmp+0x198/0x1d8 [ 24.594580] kasan_memcmp+0x16c/0x300 [ 24.594902] kunit_try_run_case+0x170/0x3f0 [ 24.595010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.595112] kthread+0x328/0x630 [ 24.595647] ret_from_fork+0x10/0x20 [ 24.596005] [ 24.596092] Allocated by task 259: [ 24.596248] kasan_save_stack+0x3c/0x68 [ 24.596380] kasan_save_track+0x20/0x40 [ 24.596494] kasan_save_alloc_info+0x40/0x58 [ 24.596685] __kasan_kmalloc+0xd4/0xd8 [ 24.596799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.596903] kasan_memcmp+0xbc/0x300 [ 24.596995] kunit_try_run_case+0x170/0x3f0 [ 24.597104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.597214] kthread+0x328/0x630 [ 24.597595] ret_from_fork+0x10/0x20 [ 24.597875] [ 24.597928] The buggy address belongs to the object at fff00000c73a8440 [ 24.597928] which belongs to the cache kmalloc-32 of size 32 [ 24.598081] The buggy address is located 0 bytes to the right of [ 24.598081] allocated 24-byte region [fff00000c73a8440, fff00000c73a8458) [ 24.598217] [ 24.598256] The buggy address belongs to the physical page: [ 24.598617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073a8 [ 24.598788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.598922] page_type: f5(slab) [ 24.599564] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 24.599767] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.599893] page dumped because: kasan: bad access detected [ 24.599976] [ 24.600017] Memory state around the buggy address: [ 24.600148] fff00000c73a8300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.600267] fff00000c73a8380: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.600379] >fff00000c73a8400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.600482] ^ [ 24.600583] fff00000c73a8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.600690] fff00000c73a8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.600802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 24.540657] ================================================================== [ 24.541641] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 24.542116] Read of size 1 at addr ffff800080a97b4a by task kunit_try_catch/255 [ 24.542298] [ 24.542380] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.542557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.542619] Hardware name: linux,dummy-virt (DT) [ 24.542693] Call trace: [ 24.542765] show_stack+0x20/0x38 (C) [ 24.542899] dump_stack_lvl+0x8c/0xd0 [ 24.543018] print_report+0x310/0x608 [ 24.543129] kasan_report+0xdc/0x128 [ 24.543236] __asan_report_load1_noabort+0x20/0x30 [ 24.543357] kasan_alloca_oob_right+0x2dc/0x340 [ 24.543480] kunit_try_run_case+0x170/0x3f0 [ 24.543995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.544611] kthread+0x328/0x630 [ 24.545354] ret_from_fork+0x10/0x20 [ 24.545672] [ 24.545749] The buggy address belongs to stack of task kunit_try_catch/255 [ 24.546091] [ 24.546202] The buggy address belongs to the virtual mapping at [ 24.546202] [ffff800080a90000, ffff800080a99000) created by: [ 24.546202] kernel_clone+0x150/0x7a8 [ 24.546464] [ 24.546542] The buggy address belongs to the physical page: [ 24.546624] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e1 [ 24.546771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.546928] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.547029] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.547108] page dumped because: kasan: bad access detected [ 24.547204] [ 24.547244] Memory state around the buggy address: [ 24.547348] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.547784] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.547911] >ffff800080a97b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 24.548002] ^ [ 24.548097] ffff800080a97b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 24.548222] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 24.548329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 24.523298] ================================================================== [ 24.523800] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 24.523979] Read of size 1 at addr ffff800080a97b5f by task kunit_try_catch/253 [ 24.524115] [ 24.524204] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.524418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.524487] Hardware name: linux,dummy-virt (DT) [ 24.524568] Call trace: [ 24.524626] show_stack+0x20/0x38 (C) [ 24.525301] dump_stack_lvl+0x8c/0xd0 [ 24.525752] print_report+0x310/0x608 [ 24.526031] kasan_report+0xdc/0x128 [ 24.526123] __asan_report_load1_noabort+0x20/0x30 [ 24.526224] kasan_alloca_oob_left+0x2b8/0x310 [ 24.526394] kunit_try_run_case+0x170/0x3f0 [ 24.526549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.526668] kthread+0x328/0x630 [ 24.526825] ret_from_fork+0x10/0x20 [ 24.526963] [ 24.527035] The buggy address belongs to stack of task kunit_try_catch/253 [ 24.527221] [ 24.527284] The buggy address belongs to the virtual mapping at [ 24.527284] [ffff800080a90000, ffff800080a99000) created by: [ 24.527284] kernel_clone+0x150/0x7a8 [ 24.527490] [ 24.527540] The buggy address belongs to the physical page: [ 24.527612] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e1 [ 24.527793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.528017] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.528213] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.528343] page dumped because: kasan: bad access detected [ 24.528415] [ 24.528456] Memory state around the buggy address: [ 24.528567] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.528680] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.528803] >ffff800080a97b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 24.528920] ^ [ 24.529018] ffff800080a97b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 24.529130] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 24.529264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 24.499996] ================================================================== [ 24.500273] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 24.500461] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/251 [ 24.500611] [ 24.500752] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.501052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.501140] Hardware name: linux,dummy-virt (DT) [ 24.501224] Call trace: [ 24.501306] show_stack+0x20/0x38 (C) [ 24.501445] dump_stack_lvl+0x8c/0xd0 [ 24.501593] print_report+0x310/0x608 [ 24.501739] kasan_report+0xdc/0x128 [ 24.501851] __asan_report_load1_noabort+0x20/0x30 [ 24.501975] kasan_stack_oob+0x238/0x270 [ 24.502086] kunit_try_run_case+0x170/0x3f0 [ 24.502292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.502471] kthread+0x328/0x630 [ 24.502624] ret_from_fork+0x10/0x20 [ 24.502811] [ 24.502987] The buggy address belongs to stack of task kunit_try_catch/251 [ 24.503191] and is located at offset 138 in frame: [ 24.503269] kasan_stack_oob+0x0/0x270 [ 24.503575] [ 24.503830] This frame has 4 objects: [ 24.504111] [48, 49) '__assertion' [ 24.504234] [64, 72) 'array' [ 24.504340] [96, 112) '__assertion' [ 24.504433] [128, 138) 'stack_array' [ 24.504528] [ 24.504608] The buggy address belongs to the virtual mapping at [ 24.504608] [ffff800080a90000, ffff800080a99000) created by: [ 24.504608] kernel_clone+0x150/0x7a8 [ 24.504826] [ 24.504886] The buggy address belongs to the physical page: [ 24.504973] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e1 [ 24.505121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.505355] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.505474] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.505627] page dumped because: kasan: bad access detected [ 24.505715] [ 24.505770] Memory state around the buggy address: [ 24.505862] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.505968] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 24.506108] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 24.506217] ^ [ 24.506337] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 24.506506] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 24.506604] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 24.452849] ================================================================== [ 24.453039] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 24.453601] Read of size 1 at addr ffffafe9ea2035ad by task kunit_try_catch/247 [ 24.453822] [ 24.453983] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.454209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.454307] Hardware name: linux,dummy-virt (DT) [ 24.454443] Call trace: [ 24.454524] show_stack+0x20/0x38 (C) [ 24.454967] dump_stack_lvl+0x8c/0xd0 [ 24.455125] print_report+0x310/0x608 [ 24.455245] kasan_report+0xdc/0x128 [ 24.455357] __asan_report_load1_noabort+0x20/0x30 [ 24.455484] kasan_global_oob_right+0x230/0x270 [ 24.455767] kunit_try_run_case+0x170/0x3f0 [ 24.456047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.456634] kthread+0x328/0x630 [ 24.456767] ret_from_fork+0x10/0x20 [ 24.456922] [ 24.457042] The buggy address belongs to the variable: [ 24.457118] global_array+0xd/0x40 [ 24.457233] [ 24.457400] The buggy address belongs to the virtual mapping at [ 24.457400] [ffffafe9e8420000, ffffafe9ea2c1000) created by: [ 24.457400] paging_init+0x66c/0x7d0 [ 24.458035] [ 24.458684] The buggy address belongs to the physical page: [ 24.458824] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c03 [ 24.458989] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 24.459330] raw: 03fffe0000002000 ffffc1ffc01f00c8 ffffc1ffc01f00c8 0000000000000000 [ 24.459635] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.459892] page dumped because: kasan: bad access detected [ 24.459986] [ 24.460040] Memory state around the buggy address: [ 24.460244] ffffafe9ea203480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.460363] ffffafe9ea203500: 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 [ 24.460796] >ffffafe9ea203580: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 24.460917] ^ [ 24.461131] ffffafe9ea203600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 24.461476] ffffafe9ea203680: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.461634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 24.424530] ================================================================== [ 24.424644] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 24.424769] Free of addr fff00000c7a4c001 by task kunit_try_catch/245 [ 24.424889] [ 24.425017] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.425711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.426026] Hardware name: linux,dummy-virt (DT) [ 24.426198] Call trace: [ 24.426246] show_stack+0x20/0x38 (C) [ 24.426363] dump_stack_lvl+0x8c/0xd0 [ 24.426475] print_report+0x118/0x608 [ 24.427840] kasan_report_invalid_free+0xc0/0xe8 [ 24.427986] __kasan_mempool_poison_object+0xfc/0x150 [ 24.428964] mempool_free+0x28c/0x328 [ 24.429899] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 24.430044] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 24.430170] kunit_try_run_case+0x170/0x3f0 [ 24.430986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.431567] kthread+0x328/0x630 [ 24.431930] ret_from_fork+0x10/0x20 [ 24.432555] [ 24.432721] The buggy address belongs to the physical page: [ 24.433135] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a4c [ 24.433783] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.433948] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.434179] page_type: f8(unknown) [ 24.434275] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.434367] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.434852] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.435030] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.435282] head: 0bfffe0000000002 ffffc1ffc31e9301 00000000ffffffff 00000000ffffffff [ 24.435806] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.436015] page dumped because: kasan: bad access detected [ 24.436125] [ 24.436170] Memory state around the buggy address: [ 24.436252] fff00000c7a4bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.436370] fff00000c7a4bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.436811] >fff00000c7a4c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.436975] ^ [ 24.437148] fff00000c7a4c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.437447] fff00000c7a4c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.437756] ================================================================== [ 24.397489] ================================================================== [ 24.397679] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 24.397865] Free of addr fff00000c73ad401 by task kunit_try_catch/243 [ 24.397980] [ 24.398065] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.398280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.398382] Hardware name: linux,dummy-virt (DT) [ 24.398471] Call trace: [ 24.398564] show_stack+0x20/0x38 (C) [ 24.398714] dump_stack_lvl+0x8c/0xd0 [ 24.398863] print_report+0x118/0x608 [ 24.399110] kasan_report_invalid_free+0xc0/0xe8 [ 24.399254] check_slab_allocation+0xfc/0x108 [ 24.399369] __kasan_mempool_poison_object+0x78/0x150 [ 24.399471] mempool_free+0x28c/0x328 [ 24.399558] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 24.399681] mempool_kmalloc_invalid_free+0xc0/0x118 [ 24.399825] kunit_try_run_case+0x170/0x3f0 [ 24.399957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.400175] kthread+0x328/0x630 [ 24.400343] ret_from_fork+0x10/0x20 [ 24.400471] [ 24.400516] Allocated by task 243: [ 24.400592] kasan_save_stack+0x3c/0x68 [ 24.400705] kasan_save_track+0x20/0x40 [ 24.400799] kasan_save_alloc_info+0x40/0x58 [ 24.400889] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.400995] remove_element+0x130/0x1f8 [ 24.401080] mempool_alloc_preallocated+0x58/0xc0 [ 24.401166] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 24.401263] mempool_kmalloc_invalid_free+0xc0/0x118 [ 24.401359] kunit_try_run_case+0x170/0x3f0 [ 24.401457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.401570] kthread+0x328/0x630 [ 24.401692] ret_from_fork+0x10/0x20 [ 24.401803] [ 24.401875] The buggy address belongs to the object at fff00000c73ad400 [ 24.401875] which belongs to the cache kmalloc-128 of size 128 [ 24.402060] The buggy address is located 1 bytes inside of [ 24.402060] 128-byte region [fff00000c73ad400, fff00000c73ad480) [ 24.402233] [ 24.402304] The buggy address belongs to the physical page: [ 24.402483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 24.402654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.402802] page_type: f5(slab) [ 24.402904] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.403032] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.403136] page dumped because: kasan: bad access detected [ 24.403209] [ 24.403250] Memory state around the buggy address: [ 24.403327] fff00000c73ad300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.403428] fff00000c73ad380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.403535] >fff00000c73ad400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.403609] ^ [ 24.403663] fff00000c73ad480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.403779] fff00000c73ad500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.403869] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 24.323465] ================================================================== [ 24.323649] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 24.323820] Free of addr fff00000c7a48000 by task kunit_try_catch/239 [ 24.323921] [ 24.324010] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.324210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.324277] Hardware name: linux,dummy-virt (DT) [ 24.324358] Call trace: [ 24.324412] show_stack+0x20/0x38 (C) [ 24.324532] dump_stack_lvl+0x8c/0xd0 [ 24.325141] print_report+0x118/0x608 [ 24.325621] kasan_report_invalid_free+0xc0/0xe8 [ 24.325757] __kasan_mempool_poison_object+0x14c/0x150 [ 24.325896] mempool_free+0x28c/0x328 [ 24.326021] mempool_double_free_helper+0x150/0x2e8 [ 24.326145] mempool_kmalloc_large_double_free+0xc0/0x118 [ 24.326282] kunit_try_run_case+0x170/0x3f0 [ 24.326463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.326644] kthread+0x328/0x630 [ 24.326822] ret_from_fork+0x10/0x20 [ 24.326936] [ 24.326979] The buggy address belongs to the physical page: [ 24.327039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a48 [ 24.327181] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.327286] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.327477] page_type: f8(unknown) [ 24.327631] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.327835] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.327989] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.328151] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.328321] head: 0bfffe0000000002 ffffc1ffc31e9201 00000000ffffffff 00000000ffffffff [ 24.328445] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.328597] page dumped because: kasan: bad access detected [ 24.328702] [ 24.328758] Memory state around the buggy address: [ 24.328849] fff00000c7a47f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.328960] fff00000c7a47f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.329065] >fff00000c7a48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.329159] ^ [ 24.329235] fff00000c7a48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.329360] fff00000c7a48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.329453] ================================================================== [ 24.295341] ================================================================== [ 24.295530] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 24.295683] Free of addr fff00000c73ad000 by task kunit_try_catch/237 [ 24.297600] [ 24.297703] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.298403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.298497] Hardware name: linux,dummy-virt (DT) [ 24.298577] Call trace: [ 24.298628] show_stack+0x20/0x38 (C) [ 24.298778] dump_stack_lvl+0x8c/0xd0 [ 24.298907] print_report+0x118/0x608 [ 24.299025] kasan_report_invalid_free+0xc0/0xe8 [ 24.299143] check_slab_allocation+0xd4/0x108 [ 24.299256] __kasan_mempool_poison_object+0x78/0x150 [ 24.299386] mempool_free+0x28c/0x328 [ 24.299512] mempool_double_free_helper+0x150/0x2e8 [ 24.299651] mempool_kmalloc_double_free+0xc0/0x118 [ 24.299794] kunit_try_run_case+0x170/0x3f0 [ 24.299968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.300116] kthread+0x328/0x630 [ 24.300236] ret_from_fork+0x10/0x20 [ 24.300362] [ 24.300439] Allocated by task 237: [ 24.300521] kasan_save_stack+0x3c/0x68 [ 24.300668] kasan_save_track+0x20/0x40 [ 24.300814] kasan_save_alloc_info+0x40/0x58 [ 24.300909] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.301288] remove_element+0x130/0x1f8 [ 24.301374] mempool_alloc_preallocated+0x58/0xc0 [ 24.301478] mempool_double_free_helper+0x94/0x2e8 [ 24.301589] mempool_kmalloc_double_free+0xc0/0x118 [ 24.301703] kunit_try_run_case+0x170/0x3f0 [ 24.301810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.301922] kthread+0x328/0x630 [ 24.302066] ret_from_fork+0x10/0x20 [ 24.302162] [ 24.302217] Freed by task 237: [ 24.302323] kasan_save_stack+0x3c/0x68 [ 24.302452] kasan_save_track+0x20/0x40 [ 24.302576] kasan_save_free_info+0x4c/0x78 [ 24.302666] __kasan_mempool_poison_object+0xc0/0x150 [ 24.302763] mempool_free+0x28c/0x328 [ 24.302838] mempool_double_free_helper+0x100/0x2e8 [ 24.302928] mempool_kmalloc_double_free+0xc0/0x118 [ 24.303059] kunit_try_run_case+0x170/0x3f0 [ 24.303200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.303348] kthread+0x328/0x630 [ 24.303476] ret_from_fork+0x10/0x20 [ 24.303597] [ 24.303659] The buggy address belongs to the object at fff00000c73ad000 [ 24.303659] which belongs to the cache kmalloc-128 of size 128 [ 24.303808] The buggy address is located 0 bytes inside of [ 24.303808] 128-byte region [fff00000c73ad000, fff00000c73ad080) [ 24.303989] [ 24.304118] The buggy address belongs to the physical page: [ 24.304191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1073ad [ 24.304327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.304457] page_type: f5(slab) [ 24.304581] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.304713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.304847] page dumped because: kasan: bad access detected [ 24.304964] [ 24.305019] Memory state around the buggy address: [ 24.305129] fff00000c73acf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.305253] fff00000c73acf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.305381] >fff00000c73ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.305475] ^ [ 24.305547] fff00000c73ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.305653] fff00000c73ad100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.305750] ================================================================== [ 24.372593] ================================================================== [ 24.374347] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 24.374525] Free of addr fff00000c7a48000 by task kunit_try_catch/241 [ 24.374620] [ 24.374761] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.375332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.375467] Hardware name: linux,dummy-virt (DT) [ 24.375564] Call trace: [ 24.375617] show_stack+0x20/0x38 (C) [ 24.375758] dump_stack_lvl+0x8c/0xd0 [ 24.375871] print_report+0x118/0x608 [ 24.376333] kasan_report_invalid_free+0xc0/0xe8 [ 24.376493] __kasan_mempool_poison_pages+0xe0/0xe8 [ 24.376630] mempool_free+0x24c/0x328 [ 24.376759] mempool_double_free_helper+0x150/0x2e8 [ 24.376877] mempool_page_alloc_double_free+0xbc/0x118 [ 24.377004] kunit_try_run_case+0x170/0x3f0 [ 24.377132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.377269] kthread+0x328/0x630 [ 24.377417] ret_from_fork+0x10/0x20 [ 24.377963] [ 24.378045] The buggy address belongs to the physical page: [ 24.378324] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a48 [ 24.378479] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.378613] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.378725] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.378868] page dumped because: kasan: bad access detected [ 24.378969] [ 24.379038] Memory state around the buggy address: [ 24.379119] fff00000c7a47f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.379249] fff00000c7a47f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.379384] >fff00000c7a48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.379493] ^ [ 24.379570] fff00000c7a48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.379681] fff00000c7a48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.379788] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 24.214530] ================================================================== [ 24.214652] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.214788] Read of size 1 at addr fff00000c7a14000 by task kunit_try_catch/231 [ 24.214856] [ 24.214914] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.215018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.215047] Hardware name: linux,dummy-virt (DT) [ 24.215089] Call trace: [ 24.215118] show_stack+0x20/0x38 (C) [ 24.215180] dump_stack_lvl+0x8c/0xd0 [ 24.215238] print_report+0x118/0x608 [ 24.215328] kasan_report+0xdc/0x128 [ 24.215377] __asan_report_load1_noabort+0x20/0x30 [ 24.215440] mempool_uaf_helper+0x314/0x340 [ 24.215493] mempool_kmalloc_large_uaf+0xc4/0x120 [ 24.215551] kunit_try_run_case+0x170/0x3f0 [ 24.215607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.215669] kthread+0x328/0x630 [ 24.215735] ret_from_fork+0x10/0x20 [ 24.215855] [ 24.215881] The buggy address belongs to the physical page: [ 24.215921] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a14 [ 24.215986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.216040] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.216158] page_type: f8(unknown) [ 24.216217] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.216275] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.216333] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.216396] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.216452] head: 0bfffe0000000002 ffffc1ffc31e8501 00000000ffffffff 00000000ffffffff [ 24.216505] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.216551] page dumped because: kasan: bad access detected [ 24.216588] [ 24.216609] Memory state around the buggy address: [ 24.216651] fff00000c7a13f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.216700] fff00000c7a13f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.216763] >fff00000c7a14000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.216808] ^ [ 24.216844] fff00000c7a14080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.216889] fff00000c7a14100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.216933] ================================================================== [ 24.273301] ================================================================== [ 24.273423] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.273517] Read of size 1 at addr fff00000c7a48000 by task kunit_try_catch/235 [ 24.273578] [ 24.273657] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.273775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.273878] Hardware name: linux,dummy-virt (DT) [ 24.274089] Call trace: [ 24.274127] show_stack+0x20/0x38 (C) [ 24.274222] dump_stack_lvl+0x8c/0xd0 [ 24.274280] print_report+0x118/0x608 [ 24.275035] kasan_report+0xdc/0x128 [ 24.275109] __asan_report_load1_noabort+0x20/0x30 [ 24.275175] mempool_uaf_helper+0x314/0x340 [ 24.275234] mempool_page_alloc_uaf+0xc0/0x118 [ 24.275289] kunit_try_run_case+0x170/0x3f0 [ 24.275998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.276088] kthread+0x328/0x630 [ 24.276343] ret_from_fork+0x10/0x20 [ 24.276870] [ 24.276985] The buggy address belongs to the physical page: [ 24.277034] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a48 [ 24.277108] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.277196] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.277256] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.277674] page dumped because: kasan: bad access detected [ 24.277797] [ 24.277825] Memory state around the buggy address: [ 24.277890] fff00000c7a47f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.278156] fff00000c7a47f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.278452] >fff00000c7a48000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.278523] ^ [ 24.278600] fff00000c7a48080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.278653] fff00000c7a48100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.278700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 24.187997] ================================================================== [ 24.188135] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.188237] Read of size 1 at addr fff00000c794bc00 by task kunit_try_catch/229 [ 24.188298] [ 24.188355] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.188459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.188489] Hardware name: linux,dummy-virt (DT) [ 24.188529] Call trace: [ 24.188559] show_stack+0x20/0x38 (C) [ 24.188619] dump_stack_lvl+0x8c/0xd0 [ 24.188679] print_report+0x118/0x608 [ 24.189226] kasan_report+0xdc/0x128 [ 24.189511] __asan_report_load1_noabort+0x20/0x30 [ 24.189789] mempool_uaf_helper+0x314/0x340 [ 24.189857] mempool_kmalloc_uaf+0xc4/0x120 [ 24.189920] kunit_try_run_case+0x170/0x3f0 [ 24.190012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.190131] kthread+0x328/0x630 [ 24.190196] ret_from_fork+0x10/0x20 [ 24.190259] [ 24.190282] Allocated by task 229: [ 24.190325] kasan_save_stack+0x3c/0x68 [ 24.190432] kasan_save_track+0x20/0x40 [ 24.190808] kasan_save_alloc_info+0x40/0x58 [ 24.190900] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.190967] remove_element+0x130/0x1f8 [ 24.191076] mempool_alloc_preallocated+0x58/0xc0 [ 24.191130] mempool_uaf_helper+0xa4/0x340 [ 24.191188] mempool_kmalloc_uaf+0xc4/0x120 [ 24.191486] kunit_try_run_case+0x170/0x3f0 [ 24.191554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.191611] kthread+0x328/0x630 [ 24.191724] ret_from_fork+0x10/0x20 [ 24.191813] [ 24.192157] Freed by task 229: [ 24.192298] kasan_save_stack+0x3c/0x68 [ 24.192454] kasan_save_track+0x20/0x40 [ 24.192527] kasan_save_free_info+0x4c/0x78 [ 24.192679] __kasan_mempool_poison_object+0xc0/0x150 [ 24.192803] mempool_free+0x28c/0x328 [ 24.192859] mempool_uaf_helper+0x104/0x340 [ 24.193073] mempool_kmalloc_uaf+0xc4/0x120 [ 24.193207] kunit_try_run_case+0x170/0x3f0 [ 24.193331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.193470] kthread+0x328/0x630 [ 24.193531] ret_from_fork+0x10/0x20 [ 24.193656] [ 24.193688] The buggy address belongs to the object at fff00000c794bc00 [ 24.193688] which belongs to the cache kmalloc-128 of size 128 [ 24.193811] The buggy address is located 0 bytes inside of [ 24.193811] freed 128-byte region [fff00000c794bc00, fff00000c794bc80) [ 24.194008] [ 24.194045] The buggy address belongs to the physical page: [ 24.194088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 24.194171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.194239] page_type: f5(slab) [ 24.194295] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.194357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.194889] page dumped because: kasan: bad access detected [ 24.195016] [ 24.195112] Memory state around the buggy address: [ 24.195171] fff00000c794bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.195232] fff00000c794bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.195292] >fff00000c794bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.195339] ^ [ 24.195701] fff00000c794bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.195945] fff00000c794bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.196247] ================================================================== [ 24.230937] ================================================================== [ 24.231058] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 24.231159] Read of size 1 at addr fff00000c78d9240 by task kunit_try_catch/233 [ 24.231220] [ 24.231273] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.231399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.231458] Hardware name: linux,dummy-virt (DT) [ 24.231506] Call trace: [ 24.231592] show_stack+0x20/0x38 (C) [ 24.231661] dump_stack_lvl+0x8c/0xd0 [ 24.231722] print_report+0x118/0x608 [ 24.232205] kasan_report+0xdc/0x128 [ 24.232300] __asan_report_load1_noabort+0x20/0x30 [ 24.232370] mempool_uaf_helper+0x314/0x340 [ 24.232429] mempool_slab_uaf+0xc0/0x118 [ 24.232484] kunit_try_run_case+0x170/0x3f0 [ 24.232544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.232606] kthread+0x328/0x630 [ 24.233109] ret_from_fork+0x10/0x20 [ 24.233213] [ 24.233237] Allocated by task 233: [ 24.233511] kasan_save_stack+0x3c/0x68 [ 24.233602] kasan_save_track+0x20/0x40 [ 24.234017] kasan_save_alloc_info+0x40/0x58 [ 24.234094] __kasan_mempool_unpoison_object+0xbc/0x180 [ 24.234158] remove_element+0x16c/0x1f8 [ 24.234284] mempool_alloc_preallocated+0x58/0xc0 [ 24.234351] mempool_uaf_helper+0xa4/0x340 [ 24.234629] mempool_slab_uaf+0xc0/0x118 [ 24.234814] kunit_try_run_case+0x170/0x3f0 [ 24.234898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.235024] kthread+0x328/0x630 [ 24.235162] ret_from_fork+0x10/0x20 [ 24.235421] [ 24.235591] Freed by task 233: [ 24.235653] kasan_save_stack+0x3c/0x68 [ 24.235711] kasan_save_track+0x20/0x40 [ 24.235897] kasan_save_free_info+0x4c/0x78 [ 24.235958] __kasan_mempool_poison_object+0xc0/0x150 [ 24.236252] mempool_free+0x28c/0x328 [ 24.236458] mempool_uaf_helper+0x104/0x340 [ 24.236540] mempool_slab_uaf+0xc0/0x118 [ 24.236793] kunit_try_run_case+0x170/0x3f0 [ 24.236995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.237062] kthread+0x328/0x630 [ 24.237226] ret_from_fork+0x10/0x20 [ 24.237399] [ 24.237457] The buggy address belongs to the object at fff00000c78d9240 [ 24.237457] which belongs to the cache test_cache of size 123 [ 24.237539] The buggy address is located 0 bytes inside of [ 24.237539] freed 123-byte region [fff00000c78d9240, fff00000c78d92bb) [ 24.237612] [ 24.237638] The buggy address belongs to the physical page: [ 24.237682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d9 [ 24.237812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.237888] page_type: f5(slab) [ 24.237945] raw: 0bfffe0000000000 fff00000c5918780 dead000000000122 0000000000000000 [ 24.238006] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 24.238055] page dumped because: kasan: bad access detected [ 24.238095] [ 24.238116] Memory state around the buggy address: [ 24.238182] fff00000c78d9100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.238301] fff00000c78d9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.238358] >fff00000c78d9200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 24.238400] ^ [ 24.238444] fff00000c78d9280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.238490] fff00000c78d9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.238986] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 24.159167] ================================================================== [ 24.159266] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.159359] Read of size 1 at addr fff00000c78de2bb by task kunit_try_catch/227 [ 24.159417] [ 24.159554] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.159657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.159688] Hardware name: linux,dummy-virt (DT) [ 24.159739] Call trace: [ 24.159772] show_stack+0x20/0x38 (C) [ 24.159831] dump_stack_lvl+0x8c/0xd0 [ 24.159887] print_report+0x118/0x608 [ 24.159937] kasan_report+0xdc/0x128 [ 24.159985] __asan_report_load1_noabort+0x20/0x30 [ 24.160042] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.160096] mempool_slab_oob_right+0xc0/0x118 [ 24.160185] kunit_try_run_case+0x170/0x3f0 [ 24.160242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.160301] kthread+0x328/0x630 [ 24.160353] ret_from_fork+0x10/0x20 [ 24.160407] [ 24.160427] Allocated by task 227: [ 24.160461] kasan_save_stack+0x3c/0x68 [ 24.160510] kasan_save_track+0x20/0x40 [ 24.160552] kasan_save_alloc_info+0x40/0x58 [ 24.160596] __kasan_mempool_unpoison_object+0xbc/0x180 [ 24.160642] remove_element+0x16c/0x1f8 [ 24.160687] mempool_alloc_preallocated+0x58/0xc0 [ 24.160745] mempool_oob_right_helper+0x98/0x2f0 [ 24.160795] mempool_slab_oob_right+0xc0/0x118 [ 24.160888] kunit_try_run_case+0x170/0x3f0 [ 24.160941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.161008] kthread+0x328/0x630 [ 24.161049] ret_from_fork+0x10/0x20 [ 24.161089] [ 24.161112] The buggy address belongs to the object at fff00000c78de240 [ 24.161112] which belongs to the cache test_cache of size 123 [ 24.161177] The buggy address is located 0 bytes to the right of [ 24.161177] allocated 123-byte region [fff00000c78de240, fff00000c78de2bb) [ 24.161268] [ 24.161318] The buggy address belongs to the physical page: [ 24.161362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078de [ 24.161465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.161555] page_type: f5(slab) [ 24.161718] raw: 0bfffe0000000000 fff00000c5918640 dead000000000122 0000000000000000 [ 24.161819] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 24.161875] page dumped because: kasan: bad access detected [ 24.162025] [ 24.162136] Memory state around the buggy address: [ 24.162432] fff00000c78de180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.162490] fff00000c78de200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 24.162540] >fff00000c78de280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 24.162583] ^ [ 24.162624] fff00000c78de300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.162672] fff00000c78de380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.163246] ================================================================== [ 24.135195] ================================================================== [ 24.135328] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.135434] Read of size 1 at addr fff00000c794b873 by task kunit_try_catch/223 [ 24.135496] [ 24.135556] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.135685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.135718] Hardware name: linux,dummy-virt (DT) [ 24.135776] Call trace: [ 24.135805] show_stack+0x20/0x38 (C) [ 24.135866] dump_stack_lvl+0x8c/0xd0 [ 24.135922] print_report+0x118/0x608 [ 24.135974] kasan_report+0xdc/0x128 [ 24.136024] __asan_report_load1_noabort+0x20/0x30 [ 24.136080] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.136175] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.136236] kunit_try_run_case+0x170/0x3f0 [ 24.136295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.136355] kthread+0x328/0x630 [ 24.136409] ret_from_fork+0x10/0x20 [ 24.136469] [ 24.136490] Allocated by task 223: [ 24.136523] kasan_save_stack+0x3c/0x68 [ 24.136575] kasan_save_track+0x20/0x40 [ 24.136617] kasan_save_alloc_info+0x40/0x58 [ 24.136662] __kasan_mempool_unpoison_object+0x11c/0x180 [ 24.136710] remove_element+0x130/0x1f8 [ 24.136776] mempool_alloc_preallocated+0x58/0xc0 [ 24.136822] mempool_oob_right_helper+0x98/0x2f0 [ 24.136870] mempool_kmalloc_oob_right+0xc4/0x120 [ 24.136917] kunit_try_run_case+0x170/0x3f0 [ 24.136959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.137010] kthread+0x328/0x630 [ 24.137051] ret_from_fork+0x10/0x20 [ 24.137091] [ 24.137115] The buggy address belongs to the object at fff00000c794b800 [ 24.137115] which belongs to the cache kmalloc-128 of size 128 [ 24.137182] The buggy address is located 0 bytes to the right of [ 24.137182] allocated 115-byte region [fff00000c794b800, fff00000c794b873) [ 24.137253] [ 24.137279] The buggy address belongs to the physical page: [ 24.137340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 24.137423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.137486] page_type: f5(slab) [ 24.137537] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.137595] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.137642] page dumped because: kasan: bad access detected [ 24.137679] [ 24.137699] Memory state around the buggy address: [ 24.137752] fff00000c794b700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.137806] fff00000c794b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.137853] >fff00000c794b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.137896] ^ [ 24.137941] fff00000c794b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.137988] fff00000c794b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.138031] ================================================================== [ 24.146151] ================================================================== [ 24.146248] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 24.146367] Read of size 1 at addr fff00000c7a12001 by task kunit_try_catch/225 [ 24.146426] [ 24.146477] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 24.146575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.146607] Hardware name: linux,dummy-virt (DT) [ 24.146646] Call trace: [ 24.146865] show_stack+0x20/0x38 (C) [ 24.147068] dump_stack_lvl+0x8c/0xd0 [ 24.147189] print_report+0x118/0x608 [ 24.147241] kasan_report+0xdc/0x128 [ 24.147307] __asan_report_load1_noabort+0x20/0x30 [ 24.147364] mempool_oob_right_helper+0x2ac/0x2f0 [ 24.147421] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 24.147478] kunit_try_run_case+0x170/0x3f0 [ 24.147537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.147597] kthread+0x328/0x630 [ 24.147647] ret_from_fork+0x10/0x20 [ 24.147704] [ 24.147741] The buggy address belongs to the physical page: [ 24.147792] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a10 [ 24.147882] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.147958] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.148088] page_type: f8(unknown) [ 24.148196] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.148305] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.148417] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.148518] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.148575] head: 0bfffe0000000002 ffffc1ffc31e8401 00000000ffffffff 00000000ffffffff [ 24.148687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.149510] page dumped because: kasan: bad access detected [ 24.149612] [ 24.149707] Memory state around the buggy address: [ 24.149867] fff00000c7a11f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.150052] fff00000c7a11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.150106] >fff00000c7a12000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.150148] ^ [ 24.150185] fff00000c7a12080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.150667] fff00000c7a12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.150848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 23.560213] ================================================================== [ 23.560368] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 23.560482] Read of size 1 at addr fff00000c3efa500 by task kunit_try_catch/217 [ 23.560545] [ 23.560604] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 23.560710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.560765] Hardware name: linux,dummy-virt (DT) [ 23.560810] Call trace: [ 23.560842] show_stack+0x20/0x38 (C) [ 23.560906] dump_stack_lvl+0x8c/0xd0 [ 23.560967] print_report+0x118/0x608 [ 23.561017] kasan_report+0xdc/0x128 [ 23.561069] __kasan_check_byte+0x54/0x70 [ 23.561119] kmem_cache_destroy+0x34/0x218 [ 23.561171] kmem_cache_double_destroy+0x174/0x300 [ 23.561230] kunit_try_run_case+0x170/0x3f0 [ 23.561287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.561397] kthread+0x328/0x630 [ 23.561457] ret_from_fork+0x10/0x20 [ 23.561513] [ 23.561536] Allocated by task 217: [ 23.561632] kasan_save_stack+0x3c/0x68 [ 23.561769] kasan_save_track+0x20/0x40 [ 23.561830] kasan_save_alloc_info+0x40/0x58 [ 23.561882] __kasan_slab_alloc+0xa8/0xb0 [ 23.561925] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.561973] __kmem_cache_create_args+0x178/0x280 [ 23.562024] kmem_cache_double_destroy+0xc0/0x300 [ 23.562072] kunit_try_run_case+0x170/0x3f0 [ 23.562118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.562170] kthread+0x328/0x630 [ 23.562211] ret_from_fork+0x10/0x20 [ 23.562254] [ 23.562279] Freed by task 217: [ 23.562315] kasan_save_stack+0x3c/0x68 [ 23.562361] kasan_save_track+0x20/0x40 [ 23.562403] kasan_save_free_info+0x4c/0x78 [ 23.562449] __kasan_slab_free+0x6c/0x98 [ 23.562502] kmem_cache_free+0x260/0x468 [ 23.562550] slab_kmem_cache_release+0x38/0x50 [ 23.562595] kmem_cache_release+0x1c/0x30 [ 23.562644] kobject_put+0x17c/0x420 [ 23.562687] sysfs_slab_release+0x1c/0x30 [ 23.562752] kmem_cache_destroy+0x118/0x218 [ 23.562808] kmem_cache_double_destroy+0x128/0x300 [ 23.562865] kunit_try_run_case+0x170/0x3f0 [ 23.562914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.562969] kthread+0x328/0x630 [ 23.563011] ret_from_fork+0x10/0x20 [ 23.563057] [ 23.563085] The buggy address belongs to the object at fff00000c3efa500 [ 23.563085] which belongs to the cache kmem_cache of size 208 [ 23.563155] The buggy address is located 0 bytes inside of [ 23.563155] freed 208-byte region [fff00000c3efa500, fff00000c3efa5d0) [ 23.563234] [ 23.563269] The buggy address belongs to the physical page: [ 23.563311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103efa [ 23.563383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.563448] page_type: f5(slab) [ 23.563511] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 23.563572] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 23.563624] page dumped because: kasan: bad access detected [ 23.563663] [ 23.563686] Memory state around the buggy address: [ 23.563738] fff00000c3efa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.563799] fff00000c3efa480: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.563853] >fff00000c3efa500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.563897] ^ [ 23.563935] fff00000c3efa580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 23.563987] fff00000c3efa600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.564029] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 23.450010] ================================================================== [ 23.450172] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 23.450279] Read of size 1 at addr fff00000c7926000 by task kunit_try_catch/215 [ 23.450341] [ 23.450400] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 23.450503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.450535] Hardware name: linux,dummy-virt (DT) [ 23.450576] Call trace: [ 23.450605] show_stack+0x20/0x38 (C) [ 23.450683] dump_stack_lvl+0x8c/0xd0 [ 23.450760] print_report+0x118/0x608 [ 23.450831] kasan_report+0xdc/0x128 [ 23.450897] __asan_report_load1_noabort+0x20/0x30 [ 23.450956] kmem_cache_rcu_uaf+0x388/0x468 [ 23.451012] kunit_try_run_case+0x170/0x3f0 [ 23.451072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.451135] kthread+0x328/0x630 [ 23.451188] ret_from_fork+0x10/0x20 [ 23.451246] [ 23.451268] Allocated by task 215: [ 23.451303] kasan_save_stack+0x3c/0x68 [ 23.451351] kasan_save_track+0x20/0x40 [ 23.451393] kasan_save_alloc_info+0x40/0x58 [ 23.451437] __kasan_slab_alloc+0xa8/0xb0 [ 23.451477] kmem_cache_alloc_noprof+0x10c/0x398 [ 23.451521] kmem_cache_rcu_uaf+0x12c/0x468 [ 23.451566] kunit_try_run_case+0x170/0x3f0 [ 23.451611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.451659] kthread+0x328/0x630 [ 23.451697] ret_from_fork+0x10/0x20 [ 23.451750] [ 23.451772] Freed by task 0: [ 23.451804] kasan_save_stack+0x3c/0x68 [ 23.451845] kasan_save_track+0x20/0x40 [ 23.451895] kasan_save_free_info+0x4c/0x78 [ 23.451941] __kasan_slab_free+0x6c/0x98 [ 23.451982] slab_free_after_rcu_debug+0xd4/0x2f8 [ 23.452024] rcu_core+0x9f4/0x1e20 [ 23.452065] rcu_core_si+0x18/0x30 [ 23.452101] handle_softirqs+0x374/0xb28 [ 23.452180] __do_softirq+0x1c/0x28 [ 23.452220] [ 23.452241] Last potentially related work creation: [ 23.452270] kasan_save_stack+0x3c/0x68 [ 23.452313] kasan_record_aux_stack+0xb4/0xc8 [ 23.452355] kmem_cache_free+0x120/0x468 [ 23.452396] kmem_cache_rcu_uaf+0x16c/0x468 [ 23.452441] kunit_try_run_case+0x170/0x3f0 [ 23.452483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.452532] kthread+0x328/0x630 [ 23.452571] ret_from_fork+0x10/0x20 [ 23.452609] [ 23.452630] The buggy address belongs to the object at fff00000c7926000 [ 23.452630] which belongs to the cache test_cache of size 200 [ 23.452697] The buggy address is located 0 bytes inside of [ 23.452697] freed 200-byte region [fff00000c7926000, fff00000c79260c8) [ 23.452775] [ 23.452802] The buggy address belongs to the physical page: [ 23.452840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107926 [ 23.452906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.452967] page_type: f5(slab) [ 23.453018] raw: 0bfffe0000000000 fff00000c5918500 dead000000000122 0000000000000000 [ 23.453076] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.453124] page dumped because: kasan: bad access detected [ 23.453158] [ 23.453177] Memory state around the buggy address: [ 23.453217] fff00000c7925f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.453270] fff00000c7925f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.453366] >fff00000c7926000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.453412] ^ [ 23.453446] fff00000c7926080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 23.453493] fff00000c7926100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.453536] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 22.984554] ================================================================== [ 22.984684] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 22.984808] Free of addr fff00000c7928001 by task kunit_try_catch/213 [ 22.984863] [ 22.984923] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.985029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.985063] Hardware name: linux,dummy-virt (DT) [ 22.985106] Call trace: [ 22.989001] show_stack+0x20/0x38 (C) [ 22.989770] dump_stack_lvl+0x8c/0xd0 [ 22.989847] print_report+0x118/0x608 [ 22.989905] kasan_report_invalid_free+0xc0/0xe8 [ 22.990748] check_slab_allocation+0xfc/0x108 [ 22.991192] __kasan_slab_pre_free+0x2c/0x48 [ 22.991596] kmem_cache_free+0xf0/0x468 [ 22.991856] kmem_cache_invalid_free+0x184/0x3c8 [ 22.991927] kunit_try_run_case+0x170/0x3f0 [ 22.991992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.992053] kthread+0x328/0x630 [ 22.992117] ret_from_fork+0x10/0x20 [ 22.992999] [ 22.993167] Allocated by task 213: [ 22.993693] kasan_save_stack+0x3c/0x68 [ 22.994081] kasan_save_track+0x20/0x40 [ 22.994139] kasan_save_alloc_info+0x40/0x58 [ 22.994289] __kasan_slab_alloc+0xa8/0xb0 [ 22.994371] kmem_cache_alloc_noprof+0x10c/0x398 [ 22.994416] kmem_cache_invalid_free+0x12c/0x3c8 [ 22.994465] kunit_try_run_case+0x170/0x3f0 [ 22.995151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.995519] kthread+0x328/0x630 [ 22.995574] ret_from_fork+0x10/0x20 [ 22.995635] [ 22.996093] The buggy address belongs to the object at fff00000c7928000 [ 22.996093] which belongs to the cache test_cache of size 200 [ 22.996235] The buggy address is located 1 bytes inside of [ 22.996235] 200-byte region [fff00000c7928000, fff00000c79280c8) [ 22.996309] [ 22.996339] The buggy address belongs to the physical page: [ 22.996376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107928 [ 22.996446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.996509] page_type: f5(slab) [ 22.996565] raw: 0bfffe0000000000 fff00000c59183c0 dead000000000122 0000000000000000 [ 22.996625] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 22.996676] page dumped because: kasan: bad access detected [ 22.996713] [ 22.997868] Memory state around the buggy address: [ 22.998096] fff00000c7927f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.998367] fff00000c7927f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.998602] >fff00000c7928000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.998848] ^ [ 22.998916] fff00000c7928080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 22.998993] fff00000c7928100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.999094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 22.907917] ================================================================== [ 22.908042] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 22.908167] Free of addr fff00000c792b000 by task kunit_try_catch/211 [ 22.908228] [ 22.908289] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.908393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.908424] Hardware name: linux,dummy-virt (DT) [ 22.908467] Call trace: [ 22.908495] show_stack+0x20/0x38 (C) [ 22.908557] dump_stack_lvl+0x8c/0xd0 [ 22.908749] print_report+0x118/0x608 [ 22.908813] kasan_report_invalid_free+0xc0/0xe8 [ 22.908870] check_slab_allocation+0xd4/0x108 [ 22.908925] __kasan_slab_pre_free+0x2c/0x48 [ 22.909045] kmem_cache_free+0xf0/0x468 [ 22.909110] kmem_cache_double_free+0x190/0x3c8 [ 22.909168] kunit_try_run_case+0x170/0x3f0 [ 22.909240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.909945] kthread+0x328/0x630 [ 22.910038] ret_from_fork+0x10/0x20 [ 22.910487] [ 22.910521] Allocated by task 211: [ 22.910566] kasan_save_stack+0x3c/0x68 [ 22.910628] kasan_save_track+0x20/0x40 [ 22.910672] kasan_save_alloc_info+0x40/0x58 [ 22.910779] __kasan_slab_alloc+0xa8/0xb0 [ 22.910830] kmem_cache_alloc_noprof+0x10c/0x398 [ 22.910878] kmem_cache_double_free+0x12c/0x3c8 [ 22.910926] kunit_try_run_case+0x170/0x3f0 [ 22.910975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.911024] kthread+0x328/0x630 [ 22.911066] ret_from_fork+0x10/0x20 [ 22.911111] [ 22.911133] Freed by task 211: [ 22.911165] kasan_save_stack+0x3c/0x68 [ 22.911207] kasan_save_track+0x20/0x40 [ 22.911250] kasan_save_free_info+0x4c/0x78 [ 22.911326] __kasan_slab_free+0x6c/0x98 [ 22.911426] kmem_cache_free+0x260/0x468 [ 22.911468] kmem_cache_double_free+0x140/0x3c8 [ 22.911540] kunit_try_run_case+0x170/0x3f0 [ 22.911587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.911642] kthread+0x328/0x630 [ 22.911683] ret_from_fork+0x10/0x20 [ 22.911766] [ 22.911793] The buggy address belongs to the object at fff00000c792b000 [ 22.911793] which belongs to the cache test_cache of size 200 [ 22.911867] The buggy address is located 0 bytes inside of [ 22.911867] 200-byte region [fff00000c792b000, fff00000c792b0c8) [ 22.911994] [ 22.912025] The buggy address belongs to the physical page: [ 22.912089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10792b [ 22.912220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.912288] page_type: f5(slab) [ 22.912341] raw: 0bfffe0000000000 fff00000c5918280 dead000000000122 0000000000000000 [ 22.912405] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 22.912455] page dumped because: kasan: bad access detected [ 22.912491] [ 22.912516] Memory state around the buggy address: [ 22.912601] fff00000c792af00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.912718] fff00000c792af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.912794] >fff00000c792b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.912843] ^ [ 22.912877] fff00000c792b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 22.912930] fff00000c792b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.912974] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 22.656840] ================================================================== [ 22.657081] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 22.657260] Read of size 1 at addr fff00000c792c0c8 by task kunit_try_catch/209 [ 22.657425] [ 22.657798] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.658182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.658238] Hardware name: linux,dummy-virt (DT) [ 22.658651] Call trace: [ 22.658832] show_stack+0x20/0x38 (C) [ 22.659157] dump_stack_lvl+0x8c/0xd0 [ 22.659426] print_report+0x118/0x608 [ 22.659835] kasan_report+0xdc/0x128 [ 22.660237] __asan_report_load1_noabort+0x20/0x30 [ 22.660526] kmem_cache_oob+0x344/0x430 [ 22.660699] kunit_try_run_case+0x170/0x3f0 [ 22.660831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.660968] kthread+0x328/0x630 [ 22.661818] ret_from_fork+0x10/0x20 [ 22.662172] [ 22.662419] Allocated by task 209: [ 22.662504] kasan_save_stack+0x3c/0x68 [ 22.662610] kasan_save_track+0x20/0x40 [ 22.662757] kasan_save_alloc_info+0x40/0x58 [ 22.662849] __kasan_slab_alloc+0xa8/0xb0 [ 22.664028] kmem_cache_alloc_noprof+0x10c/0x398 [ 22.664175] kmem_cache_oob+0x12c/0x430 [ 22.664223] kunit_try_run_case+0x170/0x3f0 [ 22.664271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.664319] kthread+0x328/0x630 [ 22.664361] ret_from_fork+0x10/0x20 [ 22.664401] [ 22.664426] The buggy address belongs to the object at fff00000c792c000 [ 22.664426] which belongs to the cache test_cache of size 200 [ 22.664496] The buggy address is located 0 bytes to the right of [ 22.664496] allocated 200-byte region [fff00000c792c000, fff00000c792c0c8) [ 22.664564] [ 22.664587] The buggy address belongs to the physical page: [ 22.664623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10792c [ 22.664690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.664773] page_type: f5(slab) [ 22.664829] raw: 0bfffe0000000000 fff00000c5918140 dead000000000122 0000000000000000 [ 22.664886] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 22.664933] page dumped because: kasan: bad access detected [ 22.664966] [ 22.664988] Memory state around the buggy address: [ 22.665024] fff00000c792bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.665073] fff00000c792c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.665122] >fff00000c792c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 22.665164] ^ [ 22.665204] fff00000c792c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.665250] fff00000c792c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.665411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 22.553014] ================================================================== [ 22.553218] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 22.555349] Read of size 8 at addr fff00000c58e1d00 by task kunit_try_catch/202 [ 22.555491] [ 22.555660] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.555952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.556363] Hardware name: linux,dummy-virt (DT) [ 22.556623] Call trace: [ 22.556744] show_stack+0x20/0x38 (C) [ 22.557077] dump_stack_lvl+0x8c/0xd0 [ 22.557445] print_report+0x118/0x608 [ 22.557584] kasan_report+0xdc/0x128 [ 22.557689] __asan_report_load8_noabort+0x20/0x30 [ 22.557893] workqueue_uaf+0x480/0x4a8 [ 22.558060] kunit_try_run_case+0x170/0x3f0 [ 22.558219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.558382] kthread+0x328/0x630 [ 22.558471] ret_from_fork+0x10/0x20 [ 22.558563] [ 22.558636] Allocated by task 202: [ 22.558706] kasan_save_stack+0x3c/0x68 [ 22.558971] kasan_save_track+0x20/0x40 [ 22.559151] kasan_save_alloc_info+0x40/0x58 [ 22.559267] __kasan_kmalloc+0xd4/0xd8 [ 22.559357] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.559445] workqueue_uaf+0x13c/0x4a8 [ 22.559534] kunit_try_run_case+0x170/0x3f0 [ 22.559626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.559742] kthread+0x328/0x630 [ 22.559839] ret_from_fork+0x10/0x20 [ 22.559981] [ 22.560053] Freed by task 9: [ 22.560165] kasan_save_stack+0x3c/0x68 [ 22.560261] kasan_save_track+0x20/0x40 [ 22.560350] kasan_save_free_info+0x4c/0x78 [ 22.560443] __kasan_slab_free+0x6c/0x98 [ 22.560540] kfree+0x214/0x3c8 [ 22.560647] workqueue_uaf_work+0x18/0x30 [ 22.560766] process_one_work+0x530/0xf98 [ 22.560882] worker_thread+0x618/0xf38 [ 22.560967] kthread+0x328/0x630 [ 22.561082] ret_from_fork+0x10/0x20 [ 22.561180] [ 22.561226] Last potentially related work creation: [ 22.561310] kasan_save_stack+0x3c/0x68 [ 22.561493] kasan_record_aux_stack+0xb4/0xc8 [ 22.561584] __queue_work+0x65c/0x1008 [ 22.561663] queue_work_on+0xbc/0xf8 [ 22.561751] workqueue_uaf+0x210/0x4a8 [ 22.561820] kunit_try_run_case+0x170/0x3f0 [ 22.561915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.562017] kthread+0x328/0x630 [ 22.562121] ret_from_fork+0x10/0x20 [ 22.562243] [ 22.562315] The buggy address belongs to the object at fff00000c58e1d00 [ 22.562315] which belongs to the cache kmalloc-32 of size 32 [ 22.562468] The buggy address is located 0 bytes inside of [ 22.562468] freed 32-byte region [fff00000c58e1d00, fff00000c58e1d20) [ 22.562625] [ 22.562671] The buggy address belongs to the physical page: [ 22.562760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e1 [ 22.562901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.563027] page_type: f5(slab) [ 22.563132] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.563458] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.563580] page dumped because: kasan: bad access detected [ 22.563666] [ 22.563710] Memory state around the buggy address: [ 22.563811] fff00000c58e1c00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 22.563922] fff00000c58e1c80: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 22.564025] >fff00000c58e1d00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 22.564129] ^ [ 22.564205] fff00000c58e1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.565355] fff00000c58e1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.565564] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 22.494285] ================================================================== [ 22.494573] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 22.494743] Read of size 4 at addr fff00000c58e1b00 by task swapper/0/0 [ 22.494866] [ 22.494959] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.495169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.495241] Hardware name: linux,dummy-virt (DT) [ 22.495325] Call trace: [ 22.495382] show_stack+0x20/0x38 (C) [ 22.495508] dump_stack_lvl+0x8c/0xd0 [ 22.495627] print_report+0x118/0x608 [ 22.495975] kasan_report+0xdc/0x128 [ 22.496511] __asan_report_load4_noabort+0x20/0x30 [ 22.496805] rcu_uaf_reclaim+0x64/0x70 [ 22.496927] rcu_core+0x9f4/0x1e20 [ 22.497559] rcu_core_si+0x18/0x30 [ 22.497979] handle_softirqs+0x374/0xb28 [ 22.498159] __do_softirq+0x1c/0x28 [ 22.498278] ____do_softirq+0x18/0x30 [ 22.498443] call_on_irq_stack+0x24/0x30 [ 22.498596] do_softirq_own_stack+0x24/0x38 [ 22.498708] __irq_exit_rcu+0x1fc/0x318 [ 22.498829] irq_exit_rcu+0x1c/0x80 [ 22.498940] el1_interrupt+0x38/0x58 [ 22.499047] el1h_64_irq_handler+0x18/0x28 [ 22.499163] el1h_64_irq+0x6c/0x70 [ 22.499399] arch_local_irq_enable+0x4/0x8 (P) [ 22.499537] do_idle+0x384/0x4e8 [ 22.499635] cpu_startup_entry+0x64/0x80 [ 22.499963] rest_init+0x160/0x188 [ 22.500073] start_kernel+0x308/0x3d0 [ 22.500215] __primary_switched+0x8c/0xa0 [ 22.500346] [ 22.500391] Allocated by task 200: [ 22.500480] kasan_save_stack+0x3c/0x68 [ 22.500620] kasan_save_track+0x20/0x40 [ 22.500748] kasan_save_alloc_info+0x40/0x58 [ 22.500838] __kasan_kmalloc+0xd4/0xd8 [ 22.500919] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.501020] rcu_uaf+0xb0/0x2d8 [ 22.501217] kunit_try_run_case+0x170/0x3f0 [ 22.501373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.501489] kthread+0x328/0x630 [ 22.501582] ret_from_fork+0x10/0x20 [ 22.501683] [ 22.501763] Freed by task 0: [ 22.501823] kasan_save_stack+0x3c/0x68 [ 22.501906] kasan_save_track+0x20/0x40 [ 22.502021] kasan_save_free_info+0x4c/0x78 [ 22.502114] __kasan_slab_free+0x6c/0x98 [ 22.502224] kfree+0x214/0x3c8 [ 22.502298] rcu_uaf_reclaim+0x28/0x70 [ 22.502389] rcu_core+0x9f4/0x1e20 [ 22.502528] rcu_core_si+0x18/0x30 [ 22.502618] handle_softirqs+0x374/0xb28 [ 22.502710] __do_softirq+0x1c/0x28 [ 22.502814] [ 22.502920] Last potentially related work creation: [ 22.502998] kasan_save_stack+0x3c/0x68 [ 22.503091] kasan_record_aux_stack+0xb4/0xc8 [ 22.503184] __call_rcu_common.constprop.0+0x70/0x8b0 [ 22.503393] call_rcu+0x18/0x30 [ 22.503519] rcu_uaf+0x14c/0x2d8 [ 22.503615] kunit_try_run_case+0x170/0x3f0 [ 22.503711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.503827] kthread+0x328/0x630 [ 22.503926] ret_from_fork+0x10/0x20 [ 22.504029] [ 22.504088] The buggy address belongs to the object at fff00000c58e1b00 [ 22.504088] which belongs to the cache kmalloc-32 of size 32 [ 22.504436] The buggy address is located 0 bytes inside of [ 22.504436] freed 32-byte region [fff00000c58e1b00, fff00000c58e1b20) [ 22.504590] [ 22.504643] The buggy address belongs to the physical page: [ 22.504722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058e1 [ 22.504875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.505001] page_type: f5(slab) [ 22.505098] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 22.505211] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.505328] page dumped because: kasan: bad access detected [ 22.505440] [ 22.505482] Memory state around the buggy address: [ 22.505559] fff00000c58e1a00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 22.505786] fff00000c58e1a80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.505901] >fff00000c58e1b00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 22.506008] ^ [ 22.506108] fff00000c58e1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.506246] fff00000c58e1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.506362] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 22.229378] ================================================================== [ 22.229514] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 22.229822] Read of size 1 at addr fff00000c794b578 by task kunit_try_catch/198 [ 22.230012] [ 22.230104] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.230289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.230352] Hardware name: linux,dummy-virt (DT) [ 22.230629] Call trace: [ 22.230687] show_stack+0x20/0x38 (C) [ 22.230815] dump_stack_lvl+0x8c/0xd0 [ 22.230926] print_report+0x118/0x608 [ 22.231031] kasan_report+0xdc/0x128 [ 22.231134] __asan_report_load1_noabort+0x20/0x30 [ 22.231332] ksize_uaf+0x544/0x5f8 [ 22.231520] kunit_try_run_case+0x170/0x3f0 [ 22.231715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.231865] kthread+0x328/0x630 [ 22.232009] ret_from_fork+0x10/0x20 [ 22.232187] [ 22.232309] Allocated by task 198: [ 22.232388] kasan_save_stack+0x3c/0x68 [ 22.232483] kasan_save_track+0x20/0x40 [ 22.232817] kasan_save_alloc_info+0x40/0x58 [ 22.232920] __kasan_kmalloc+0xd4/0xd8 [ 22.233180] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.233425] ksize_uaf+0xb8/0x5f8 [ 22.233704] kunit_try_run_case+0x170/0x3f0 [ 22.233874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.233992] kthread+0x328/0x630 [ 22.234075] ret_from_fork+0x10/0x20 [ 22.234147] [ 22.234182] Freed by task 198: [ 22.234241] kasan_save_stack+0x3c/0x68 [ 22.234330] kasan_save_track+0x20/0x40 [ 22.234422] kasan_save_free_info+0x4c/0x78 [ 22.234519] __kasan_slab_free+0x6c/0x98 [ 22.235248] kfree+0x214/0x3c8 [ 22.235551] ksize_uaf+0x11c/0x5f8 [ 22.236026] kunit_try_run_case+0x170/0x3f0 [ 22.236144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.236201] kthread+0x328/0x630 [ 22.236243] ret_from_fork+0x10/0x20 [ 22.236283] [ 22.236309] The buggy address belongs to the object at fff00000c794b500 [ 22.236309] which belongs to the cache kmalloc-128 of size 128 [ 22.236379] The buggy address is located 120 bytes inside of [ 22.236379] freed 128-byte region [fff00000c794b500, fff00000c794b580) [ 22.236447] [ 22.236471] The buggy address belongs to the physical page: [ 22.236508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.236565] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.236625] page_type: f5(slab) [ 22.236673] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.236747] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.236801] page dumped because: kasan: bad access detected [ 22.236836] [ 22.236861] Memory state around the buggy address: [ 22.236899] fff00000c794b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.236947] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.236992] >fff00000c794b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.237033] ^ [ 22.237080] fff00000c794b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.237125] fff00000c794b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.237166] ================================================================== [ 22.218516] ================================================================== [ 22.218752] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 22.218885] Read of size 1 at addr fff00000c794b500 by task kunit_try_catch/198 [ 22.218982] [ 22.219066] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.219325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.219412] Hardware name: linux,dummy-virt (DT) [ 22.219488] Call trace: [ 22.219547] show_stack+0x20/0x38 (C) [ 22.219661] dump_stack_lvl+0x8c/0xd0 [ 22.219792] print_report+0x118/0x608 [ 22.219914] kasan_report+0xdc/0x128 [ 22.220067] __asan_report_load1_noabort+0x20/0x30 [ 22.220194] ksize_uaf+0x598/0x5f8 [ 22.220314] kunit_try_run_case+0x170/0x3f0 [ 22.220473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.220653] kthread+0x328/0x630 [ 22.220782] ret_from_fork+0x10/0x20 [ 22.220883] [ 22.220928] Allocated by task 198: [ 22.220989] kasan_save_stack+0x3c/0x68 [ 22.221104] kasan_save_track+0x20/0x40 [ 22.221414] kasan_save_alloc_info+0x40/0x58 [ 22.221627] __kasan_kmalloc+0xd4/0xd8 [ 22.221933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.222147] ksize_uaf+0xb8/0x5f8 [ 22.222228] kunit_try_run_case+0x170/0x3f0 [ 22.222313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.222417] kthread+0x328/0x630 [ 22.222683] ret_from_fork+0x10/0x20 [ 22.222787] [ 22.222835] Freed by task 198: [ 22.222906] kasan_save_stack+0x3c/0x68 [ 22.223036] kasan_save_track+0x20/0x40 [ 22.223117] kasan_save_free_info+0x4c/0x78 [ 22.223211] __kasan_slab_free+0x6c/0x98 [ 22.223311] kfree+0x214/0x3c8 [ 22.223419] ksize_uaf+0x11c/0x5f8 [ 22.223518] kunit_try_run_case+0x170/0x3f0 [ 22.223637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.223763] kthread+0x328/0x630 [ 22.223885] ret_from_fork+0x10/0x20 [ 22.224057] [ 22.224191] The buggy address belongs to the object at fff00000c794b500 [ 22.224191] which belongs to the cache kmalloc-128 of size 128 [ 22.224337] The buggy address is located 0 bytes inside of [ 22.224337] freed 128-byte region [fff00000c794b500, fff00000c794b580) [ 22.224476] [ 22.224527] The buggy address belongs to the physical page: [ 22.224862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.225085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.225227] page_type: f5(slab) [ 22.225317] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.225431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.225774] page dumped because: kasan: bad access detected [ 22.225881] [ 22.226011] Memory state around the buggy address: [ 22.226096] fff00000c794b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.226278] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.226402] >fff00000c794b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.226546] ^ [ 22.226669] fff00000c794b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.226847] fff00000c794b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.227048] ================================================================== [ 22.202977] ================================================================== [ 22.203331] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 22.203797] Read of size 1 at addr fff00000c794b500 by task kunit_try_catch/198 [ 22.203927] [ 22.204293] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.204791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.205005] Hardware name: linux,dummy-virt (DT) [ 22.205089] Call trace: [ 22.205154] show_stack+0x20/0x38 (C) [ 22.205633] dump_stack_lvl+0x8c/0xd0 [ 22.205901] print_report+0x118/0x608 [ 22.206155] kasan_report+0xdc/0x128 [ 22.206426] __kasan_check_byte+0x54/0x70 [ 22.206560] ksize+0x30/0x88 [ 22.206670] ksize_uaf+0x168/0x5f8 [ 22.207235] kunit_try_run_case+0x170/0x3f0 [ 22.207454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.207919] kthread+0x328/0x630 [ 22.208063] ret_from_fork+0x10/0x20 [ 22.208287] [ 22.208336] Allocated by task 198: [ 22.208411] kasan_save_stack+0x3c/0x68 [ 22.208516] kasan_save_track+0x20/0x40 [ 22.208613] kasan_save_alloc_info+0x40/0x58 [ 22.208712] __kasan_kmalloc+0xd4/0xd8 [ 22.208804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.208900] ksize_uaf+0xb8/0x5f8 [ 22.208995] kunit_try_run_case+0x170/0x3f0 [ 22.209099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.209211] kthread+0x328/0x630 [ 22.210001] ret_from_fork+0x10/0x20 [ 22.210128] [ 22.210266] Freed by task 198: [ 22.210394] kasan_save_stack+0x3c/0x68 [ 22.210680] kasan_save_track+0x20/0x40 [ 22.210795] kasan_save_free_info+0x4c/0x78 [ 22.210892] __kasan_slab_free+0x6c/0x98 [ 22.210976] kfree+0x214/0x3c8 [ 22.211194] ksize_uaf+0x11c/0x5f8 [ 22.211423] kunit_try_run_case+0x170/0x3f0 [ 22.211665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.212057] kthread+0x328/0x630 [ 22.212209] ret_from_fork+0x10/0x20 [ 22.212297] [ 22.212355] The buggy address belongs to the object at fff00000c794b500 [ 22.212355] which belongs to the cache kmalloc-128 of size 128 [ 22.212510] The buggy address is located 0 bytes inside of [ 22.212510] freed 128-byte region [fff00000c794b500, fff00000c794b580) [ 22.212666] [ 22.212717] The buggy address belongs to the physical page: [ 22.212812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.212947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.213510] page_type: f5(slab) [ 22.213713] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.213994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.214135] page dumped because: kasan: bad access detected [ 22.214304] [ 22.214425] Memory state around the buggy address: [ 22.214642] fff00000c794b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.214936] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.215061] >fff00000c794b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.215163] ^ [ 22.215238] fff00000c794b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.215346] fff00000c794b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.215443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 22.139567] ================================================================== [ 22.139896] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 22.140095] Read of size 1 at addr fff00000c794b473 by task kunit_try_catch/196 [ 22.140640] [ 22.140743] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.141356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.141553] Hardware name: linux,dummy-virt (DT) [ 22.141643] Call trace: [ 22.141987] show_stack+0x20/0x38 (C) [ 22.142121] dump_stack_lvl+0x8c/0xd0 [ 22.142186] print_report+0x118/0x608 [ 22.142239] kasan_report+0xdc/0x128 [ 22.142289] __asan_report_load1_noabort+0x20/0x30 [ 22.142345] ksize_unpoisons_memory+0x628/0x740 [ 22.142401] kunit_try_run_case+0x170/0x3f0 [ 22.142457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.142517] kthread+0x328/0x630 [ 22.142569] ret_from_fork+0x10/0x20 [ 22.142625] [ 22.142647] Allocated by task 196: [ 22.142681] kasan_save_stack+0x3c/0x68 [ 22.142744] kasan_save_track+0x20/0x40 [ 22.142791] kasan_save_alloc_info+0x40/0x58 [ 22.142835] __kasan_kmalloc+0xd4/0xd8 [ 22.142874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.142921] ksize_unpoisons_memory+0xc0/0x740 [ 22.142967] kunit_try_run_case+0x170/0x3f0 [ 22.143007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.143056] kthread+0x328/0x630 [ 22.143094] ret_from_fork+0x10/0x20 [ 22.143133] [ 22.143157] The buggy address belongs to the object at fff00000c794b400 [ 22.143157] which belongs to the cache kmalloc-128 of size 128 [ 22.143224] The buggy address is located 0 bytes to the right of [ 22.143224] allocated 115-byte region [fff00000c794b400, fff00000c794b473) [ 22.143295] [ 22.143318] The buggy address belongs to the physical page: [ 22.143356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.143417] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.143475] page_type: f5(slab) [ 22.143525] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.143583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.143629] page dumped because: kasan: bad access detected [ 22.143664] [ 22.143683] Memory state around the buggy address: [ 22.143720] fff00000c794b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.143973] fff00000c794b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.144079] >fff00000c794b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.144190] ^ [ 22.144387] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.144686] fff00000c794b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.145003] ================================================================== [ 22.146702] ================================================================== [ 22.146845] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 22.146975] Read of size 1 at addr fff00000c794b478 by task kunit_try_catch/196 [ 22.147098] [ 22.147185] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.147398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.147470] Hardware name: linux,dummy-virt (DT) [ 22.147555] Call trace: [ 22.147613] show_stack+0x20/0x38 (C) [ 22.147960] dump_stack_lvl+0x8c/0xd0 [ 22.148118] print_report+0x118/0x608 [ 22.148240] kasan_report+0xdc/0x128 [ 22.148345] __asan_report_load1_noabort+0x20/0x30 [ 22.148471] ksize_unpoisons_memory+0x618/0x740 [ 22.148624] kunit_try_run_case+0x170/0x3f0 [ 22.148753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.149370] kthread+0x328/0x630 [ 22.149501] ret_from_fork+0x10/0x20 [ 22.149617] [ 22.149693] Allocated by task 196: [ 22.149775] kasan_save_stack+0x3c/0x68 [ 22.149866] kasan_save_track+0x20/0x40 [ 22.149947] kasan_save_alloc_info+0x40/0x58 [ 22.150039] __kasan_kmalloc+0xd4/0xd8 [ 22.150132] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.150241] ksize_unpoisons_memory+0xc0/0x740 [ 22.150531] kunit_try_run_case+0x170/0x3f0 [ 22.150645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.150809] kthread+0x328/0x630 [ 22.150914] ret_from_fork+0x10/0x20 [ 22.151051] [ 22.151223] The buggy address belongs to the object at fff00000c794b400 [ 22.151223] which belongs to the cache kmalloc-128 of size 128 [ 22.151379] The buggy address is located 5 bytes to the right of [ 22.151379] allocated 115-byte region [fff00000c794b400, fff00000c794b473) [ 22.151547] [ 22.152052] The buggy address belongs to the physical page: [ 22.152160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.152839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.153008] page_type: f5(slab) [ 22.153341] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.153788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.154101] page dumped because: kasan: bad access detected [ 22.154220] [ 22.154283] Memory state around the buggy address: [ 22.154874] fff00000c794b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.155271] fff00000c794b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.155422] >fff00000c794b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.155517] ^ [ 22.155625] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.155751] fff00000c794b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.156347] ================================================================== [ 22.159658] ================================================================== [ 22.159795] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 22.159940] Read of size 1 at addr fff00000c794b47f by task kunit_try_catch/196 [ 22.160071] [ 22.160538] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.161523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.161760] Hardware name: linux,dummy-virt (DT) [ 22.161857] Call trace: [ 22.161998] show_stack+0x20/0x38 (C) [ 22.162134] dump_stack_lvl+0x8c/0xd0 [ 22.162492] print_report+0x118/0x608 [ 22.162857] kasan_report+0xdc/0x128 [ 22.163079] __asan_report_load1_noabort+0x20/0x30 [ 22.163233] ksize_unpoisons_memory+0x690/0x740 [ 22.163442] kunit_try_run_case+0x170/0x3f0 [ 22.163800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.163970] kthread+0x328/0x630 [ 22.164400] ret_from_fork+0x10/0x20 [ 22.164545] [ 22.164593] Allocated by task 196: [ 22.164912] kasan_save_stack+0x3c/0x68 [ 22.165310] kasan_save_track+0x20/0x40 [ 22.165444] kasan_save_alloc_info+0x40/0x58 [ 22.165693] __kasan_kmalloc+0xd4/0xd8 [ 22.165807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.166143] ksize_unpoisons_memory+0xc0/0x740 [ 22.166253] kunit_try_run_case+0x170/0x3f0 [ 22.166650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.166994] kthread+0x328/0x630 [ 22.167197] ret_from_fork+0x10/0x20 [ 22.167327] [ 22.167387] The buggy address belongs to the object at fff00000c794b400 [ 22.167387] which belongs to the cache kmalloc-128 of size 128 [ 22.168013] The buggy address is located 12 bytes to the right of [ 22.168013] allocated 115-byte region [fff00000c794b400, fff00000c794b473) [ 22.168328] [ 22.168389] The buggy address belongs to the physical page: [ 22.168480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 22.169055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.169340] page_type: f5(slab) [ 22.169779] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.169911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.170257] page dumped because: kasan: bad access detected [ 22.170367] [ 22.170610] Memory state around the buggy address: [ 22.170875] fff00000c794b300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.171000] fff00000c794b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.171119] >fff00000c794b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.171218] ^ [ 22.171324] fff00000c794b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.171435] fff00000c794b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.171543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 22.107528] ================================================================== [ 22.107702] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 22.107845] Free of addr fff00000c58ac2a0 by task kunit_try_catch/194 [ 22.107952] [ 22.108040] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.108263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.108330] Hardware name: linux,dummy-virt (DT) [ 22.108414] Call trace: [ 22.108471] show_stack+0x20/0x38 (C) [ 22.108592] dump_stack_lvl+0x8c/0xd0 [ 22.108706] print_report+0x118/0x608 [ 22.109865] kasan_report_invalid_free+0xc0/0xe8 [ 22.110196] check_slab_allocation+0xd4/0x108 [ 22.110424] __kasan_slab_pre_free+0x2c/0x48 [ 22.110651] kfree+0xe8/0x3c8 [ 22.110845] kfree_sensitive+0x3c/0xb0 [ 22.111190] kmalloc_double_kzfree+0x168/0x308 [ 22.111580] kunit_try_run_case+0x170/0x3f0 [ 22.112320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.112580] kthread+0x328/0x630 [ 22.112765] ret_from_fork+0x10/0x20 [ 22.112895] [ 22.112943] Allocated by task 194: [ 22.113026] kasan_save_stack+0x3c/0x68 [ 22.113177] kasan_save_track+0x20/0x40 [ 22.113278] kasan_save_alloc_info+0x40/0x58 [ 22.113350] __kasan_kmalloc+0xd4/0xd8 [ 22.113409] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.113480] kmalloc_double_kzfree+0xb8/0x308 [ 22.113563] kunit_try_run_case+0x170/0x3f0 [ 22.113671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.113843] kthread+0x328/0x630 [ 22.113938] ret_from_fork+0x10/0x20 [ 22.114029] [ 22.114103] Freed by task 194: [ 22.114168] kasan_save_stack+0x3c/0x68 [ 22.114259] kasan_save_track+0x20/0x40 [ 22.114353] kasan_save_free_info+0x4c/0x78 [ 22.114483] __kasan_slab_free+0x6c/0x98 [ 22.114585] kfree+0x214/0x3c8 [ 22.114694] kfree_sensitive+0x80/0xb0 [ 22.114786] kmalloc_double_kzfree+0x11c/0x308 [ 22.114882] kunit_try_run_case+0x170/0x3f0 [ 22.115026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.115429] kthread+0x328/0x630 [ 22.115630] ret_from_fork+0x10/0x20 [ 22.115982] [ 22.116056] The buggy address belongs to the object at fff00000c58ac2a0 [ 22.116056] which belongs to the cache kmalloc-16 of size 16 [ 22.116297] The buggy address is located 0 bytes inside of [ 22.116297] 16-byte region [fff00000c58ac2a0, fff00000c58ac2b0) [ 22.116521] [ 22.116594] The buggy address belongs to the physical page: [ 22.116675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 22.116873] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.117055] page_type: f5(slab) [ 22.117202] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.117359] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.117459] page dumped because: kasan: bad access detected [ 22.117584] [ 22.117644] Memory state around the buggy address: [ 22.118134] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.118268] fff00000c58ac200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.118382] >fff00000c58ac280: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 22.118481] ^ [ 22.118562] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.118666] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.118791] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 22.090909] ================================================================== [ 22.091106] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 22.091260] Read of size 1 at addr fff00000c58ac2a0 by task kunit_try_catch/194 [ 22.091378] [ 22.091471] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.092041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.092267] Hardware name: linux,dummy-virt (DT) [ 22.092358] Call trace: [ 22.092755] show_stack+0x20/0x38 (C) [ 22.093058] dump_stack_lvl+0x8c/0xd0 [ 22.093360] print_report+0x118/0x608 [ 22.093472] kasan_report+0xdc/0x128 [ 22.093658] __kasan_check_byte+0x54/0x70 [ 22.093906] kfree_sensitive+0x30/0xb0 [ 22.094022] kmalloc_double_kzfree+0x168/0x308 [ 22.095423] kunit_try_run_case+0x170/0x3f0 [ 22.095569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.095704] kthread+0x328/0x630 [ 22.096357] ret_from_fork+0x10/0x20 [ 22.096827] [ 22.096885] Allocated by task 194: [ 22.097114] kasan_save_stack+0x3c/0x68 [ 22.097375] kasan_save_track+0x20/0x40 [ 22.097576] kasan_save_alloc_info+0x40/0x58 [ 22.097792] __kasan_kmalloc+0xd4/0xd8 [ 22.098036] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.098132] kmalloc_double_kzfree+0xb8/0x308 [ 22.098220] kunit_try_run_case+0x170/0x3f0 [ 22.098303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.098410] kthread+0x328/0x630 [ 22.099147] ret_from_fork+0x10/0x20 [ 22.099280] [ 22.099462] Freed by task 194: [ 22.099579] kasan_save_stack+0x3c/0x68 [ 22.099683] kasan_save_track+0x20/0x40 [ 22.100081] kasan_save_free_info+0x4c/0x78 [ 22.100394] __kasan_slab_free+0x6c/0x98 [ 22.100630] kfree+0x214/0x3c8 [ 22.100723] kfree_sensitive+0x80/0xb0 [ 22.101242] kmalloc_double_kzfree+0x11c/0x308 [ 22.101368] kunit_try_run_case+0x170/0x3f0 [ 22.101468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.101581] kthread+0x328/0x630 [ 22.101671] ret_from_fork+0x10/0x20 [ 22.101774] [ 22.102262] The buggy address belongs to the object at fff00000c58ac2a0 [ 22.102262] which belongs to the cache kmalloc-16 of size 16 [ 22.102523] The buggy address is located 0 bytes inside of [ 22.102523] freed 16-byte region [fff00000c58ac2a0, fff00000c58ac2b0) [ 22.103014] [ 22.103098] The buggy address belongs to the physical page: [ 22.103334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 22.103504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.104044] page_type: f5(slab) [ 22.104204] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.104533] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.104666] page dumped because: kasan: bad access detected [ 22.104956] [ 22.105091] Memory state around the buggy address: [ 22.105383] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.105441] fff00000c58ac200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.105490] >fff00000c58ac280: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 22.105533] ^ [ 22.105573] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105619] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 22.011717] ================================================================== [ 22.013528] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 22.013683] Read of size 1 at addr fff00000c58df328 by task kunit_try_catch/190 [ 22.013821] [ 22.013907] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 22.014070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.014129] Hardware name: linux,dummy-virt (DT) [ 22.014190] Call trace: [ 22.014237] show_stack+0x20/0x38 (C) [ 22.014351] dump_stack_lvl+0x8c/0xd0 [ 22.014460] print_report+0x118/0x608 [ 22.014557] kasan_report+0xdc/0x128 [ 22.014646] __asan_report_load1_noabort+0x20/0x30 [ 22.014770] kmalloc_uaf2+0x3f4/0x468 [ 22.014871] kunit_try_run_case+0x170/0x3f0 [ 22.014985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.015102] kthread+0x328/0x630 [ 22.015205] ret_from_fork+0x10/0x20 [ 22.015320] [ 22.015362] Allocated by task 190: [ 22.015427] kasan_save_stack+0x3c/0x68 [ 22.015519] kasan_save_track+0x20/0x40 [ 22.015602] kasan_save_alloc_info+0x40/0x58 [ 22.015687] __kasan_kmalloc+0xd4/0xd8 [ 22.017131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.017268] kmalloc_uaf2+0xc4/0x468 [ 22.017377] kunit_try_run_case+0x170/0x3f0 [ 22.017502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.017596] kthread+0x328/0x630 [ 22.017674] ret_from_fork+0x10/0x20 [ 22.017775] [ 22.017817] Freed by task 190: [ 22.017875] kasan_save_stack+0x3c/0x68 [ 22.017947] kasan_save_track+0x20/0x40 [ 22.018022] kasan_save_free_info+0x4c/0x78 [ 22.018105] __kasan_slab_free+0x6c/0x98 [ 22.018190] kfree+0x214/0x3c8 [ 22.018270] kmalloc_uaf2+0x134/0x468 [ 22.018364] kunit_try_run_case+0x170/0x3f0 [ 22.018457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.018550] kthread+0x328/0x630 [ 22.018628] ret_from_fork+0x10/0x20 [ 22.018710] [ 22.018775] The buggy address belongs to the object at fff00000c58df300 [ 22.018775] which belongs to the cache kmalloc-64 of size 64 [ 22.018930] The buggy address is located 40 bytes inside of [ 22.018930] freed 64-byte region [fff00000c58df300, fff00000c58df340) [ 22.019091] [ 22.019157] The buggy address belongs to the physical page: [ 22.019253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058df [ 22.019415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.019541] page_type: f5(slab) [ 22.019694] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.020040] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.020162] page dumped because: kasan: bad access detected [ 22.020225] [ 22.020269] Memory state around the buggy address: [ 22.020336] fff00000c58df200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020497] fff00000c58df280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020595] >fff00000c58df300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020681] ^ [ 22.020827] fff00000c58df380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 22.020941] fff00000c58df400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.021037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 21.980392] ================================================================== [ 21.980578] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 21.980789] Write of size 33 at addr fff00000c58df180 by task kunit_try_catch/188 [ 21.980916] [ 21.981019] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.981228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.981306] Hardware name: linux,dummy-virt (DT) [ 21.981388] Call trace: [ 21.981446] show_stack+0x20/0x38 (C) [ 21.981574] dump_stack_lvl+0x8c/0xd0 [ 21.981692] print_report+0x118/0x608 [ 21.981820] kasan_report+0xdc/0x128 [ 21.981930] kasan_check_range+0x100/0x1a8 [ 21.982045] __asan_memset+0x34/0x78 [ 21.982161] kmalloc_uaf_memset+0x170/0x310 [ 21.982282] kunit_try_run_case+0x170/0x3f0 [ 21.982403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.982538] kthread+0x328/0x630 [ 21.982655] ret_from_fork+0x10/0x20 [ 21.983968] [ 21.984092] Allocated by task 188: [ 21.984180] kasan_save_stack+0x3c/0x68 [ 21.984318] kasan_save_track+0x20/0x40 [ 21.984424] kasan_save_alloc_info+0x40/0x58 [ 21.984594] __kasan_kmalloc+0xd4/0xd8 [ 21.984688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.984812] kmalloc_uaf_memset+0xb8/0x310 [ 21.984908] kunit_try_run_case+0x170/0x3f0 [ 21.985008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.985944] kthread+0x328/0x630 [ 21.986081] ret_from_fork+0x10/0x20 [ 21.986193] [ 21.986234] Freed by task 188: [ 21.986287] kasan_save_stack+0x3c/0x68 [ 21.986512] kasan_save_track+0x20/0x40 [ 21.986655] kasan_save_free_info+0x4c/0x78 [ 21.987034] __kasan_slab_free+0x6c/0x98 [ 21.987223] kfree+0x214/0x3c8 [ 21.987439] kmalloc_uaf_memset+0x11c/0x310 [ 21.987631] kunit_try_run_case+0x170/0x3f0 [ 21.987723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.987821] kthread+0x328/0x630 [ 21.987904] ret_from_fork+0x10/0x20 [ 21.988470] [ 21.988557] The buggy address belongs to the object at fff00000c58df180 [ 21.988557] which belongs to the cache kmalloc-64 of size 64 [ 21.988947] The buggy address is located 0 bytes inside of [ 21.988947] freed 64-byte region [fff00000c58df180, fff00000c58df1c0) [ 21.989193] [ 21.989240] The buggy address belongs to the physical page: [ 21.989810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058df [ 21.990195] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.990325] page_type: f5(slab) [ 21.990629] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.990771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.990904] page dumped because: kasan: bad access detected [ 21.991098] [ 21.991144] Memory state around the buggy address: [ 21.991349] fff00000c58df080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.991561] fff00000c58df100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.992150] >fff00000c58df180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.992327] ^ [ 21.992406] fff00000c58df200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.992582] fff00000c58df280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.992923] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 21.952994] ================================================================== [ 21.953235] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 21.953463] Read of size 1 at addr fff00000c58ac288 by task kunit_try_catch/186 [ 21.953567] [ 21.953794] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.953949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.953981] Hardware name: linux,dummy-virt (DT) [ 21.954021] Call trace: [ 21.954073] show_stack+0x20/0x38 (C) [ 21.954150] dump_stack_lvl+0x8c/0xd0 [ 21.954203] print_report+0x118/0x608 [ 21.954253] kasan_report+0xdc/0x128 [ 21.954300] __asan_report_load1_noabort+0x20/0x30 [ 21.954353] kmalloc_uaf+0x300/0x338 [ 21.954402] kunit_try_run_case+0x170/0x3f0 [ 21.954456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.954513] kthread+0x328/0x630 [ 21.954563] ret_from_fork+0x10/0x20 [ 21.954617] [ 21.954638] Allocated by task 186: [ 21.954670] kasan_save_stack+0x3c/0x68 [ 21.954716] kasan_save_track+0x20/0x40 [ 21.954780] kasan_save_alloc_info+0x40/0x58 [ 21.954823] __kasan_kmalloc+0xd4/0xd8 [ 21.954861] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.954907] kmalloc_uaf+0xb8/0x338 [ 21.954946] kunit_try_run_case+0x170/0x3f0 [ 21.954987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.955034] kthread+0x328/0x630 [ 21.955072] ret_from_fork+0x10/0x20 [ 21.955110] [ 21.955132] Freed by task 186: [ 21.955161] kasan_save_stack+0x3c/0x68 [ 21.955200] kasan_save_track+0x20/0x40 [ 21.955238] kasan_save_free_info+0x4c/0x78 [ 21.955279] __kasan_slab_free+0x6c/0x98 [ 21.955317] kfree+0x214/0x3c8 [ 21.955351] kmalloc_uaf+0x11c/0x338 [ 21.955390] kunit_try_run_case+0x170/0x3f0 [ 21.955431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.955477] kthread+0x328/0x630 [ 21.955515] ret_from_fork+0x10/0x20 [ 21.955553] [ 21.955575] The buggy address belongs to the object at fff00000c58ac280 [ 21.955575] which belongs to the cache kmalloc-16 of size 16 [ 21.955637] The buggy address is located 8 bytes inside of [ 21.955637] freed 16-byte region [fff00000c58ac280, fff00000c58ac290) [ 21.955701] [ 21.955724] The buggy address belongs to the physical page: [ 21.955818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.955926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.956030] page_type: f5(slab) [ 21.956126] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.956340] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.956447] page dumped because: kasan: bad access detected [ 21.956490] [ 21.956511] Memory state around the buggy address: [ 21.956550] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.956598] fff00000c58ac200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.956642] >fff00000c58ac280: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.956681] ^ [ 21.956714] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.956781] fff00000c58ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.956823] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 21.923291] ================================================================== [ 21.923771] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 21.924134] Read of size 64 at addr fff00000c7950e84 by task kunit_try_catch/184 [ 21.924274] [ 21.924388] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.924663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.924763] Hardware name: linux,dummy-virt (DT) [ 21.924878] Call trace: [ 21.924965] show_stack+0x20/0x38 (C) [ 21.925080] dump_stack_lvl+0x8c/0xd0 [ 21.925428] print_report+0x118/0x608 [ 21.925575] kasan_report+0xdc/0x128 [ 21.925687] kasan_check_range+0x100/0x1a8 [ 21.925814] __asan_memmove+0x3c/0x98 [ 21.925923] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 21.926027] kunit_try_run_case+0x170/0x3f0 [ 21.926129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.926243] kthread+0x328/0x630 [ 21.926355] ret_from_fork+0x10/0x20 [ 21.926490] [ 21.926534] Allocated by task 184: [ 21.926604] kasan_save_stack+0x3c/0x68 [ 21.927025] kasan_save_track+0x20/0x40 [ 21.927148] kasan_save_alloc_info+0x40/0x58 [ 21.927240] __kasan_kmalloc+0xd4/0xd8 [ 21.927369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.927511] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 21.927659] kunit_try_run_case+0x170/0x3f0 [ 21.927779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.927883] kthread+0x328/0x630 [ 21.928203] ret_from_fork+0x10/0x20 [ 21.928290] [ 21.928339] The buggy address belongs to the object at fff00000c7950e80 [ 21.928339] which belongs to the cache kmalloc-64 of size 64 [ 21.928828] The buggy address is located 4 bytes inside of [ 21.928828] allocated 64-byte region [fff00000c7950e80, fff00000c7950ec0) [ 21.928992] [ 21.929079] The buggy address belongs to the physical page: [ 21.929233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107950 [ 21.929359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.929468] page_type: f5(slab) [ 21.929548] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.929658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.929778] page dumped because: kasan: bad access detected [ 21.929853] [ 21.929898] Memory state around the buggy address: [ 21.930283] fff00000c7950d80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.930489] fff00000c7950e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.930606] >fff00000c7950e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 21.930694] ^ [ 21.930789] fff00000c7950f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.931200] fff00000c7950f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.931313] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 21.877246] ================================================================== [ 21.878379] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.878914] Read of size 18446744073709551614 at addr fff00000c7950c84 by task kunit_try_catch/182 [ 21.879625] [ 21.879748] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.879951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.880017] Hardware name: linux,dummy-virt (DT) [ 21.880507] Call trace: [ 21.880581] show_stack+0x20/0x38 (C) [ 21.880954] dump_stack_lvl+0x8c/0xd0 [ 21.881425] print_report+0x118/0x608 [ 21.881671] kasan_report+0xdc/0x128 [ 21.881917] kasan_check_range+0x100/0x1a8 [ 21.882029] __asan_memmove+0x3c/0x98 [ 21.882120] kmalloc_memmove_negative_size+0x154/0x2e0 [ 21.882216] kunit_try_run_case+0x170/0x3f0 [ 21.882324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.882449] kthread+0x328/0x630 [ 21.882559] ret_from_fork+0x10/0x20 [ 21.882674] [ 21.883461] Allocated by task 182: [ 21.883771] kasan_save_stack+0x3c/0x68 [ 21.883928] kasan_save_track+0x20/0x40 [ 21.884480] kasan_save_alloc_info+0x40/0x58 [ 21.884591] __kasan_kmalloc+0xd4/0xd8 [ 21.885047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.885159] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 21.885320] kunit_try_run_case+0x170/0x3f0 [ 21.885422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.885596] kthread+0x328/0x630 [ 21.885893] ret_from_fork+0x10/0x20 [ 21.886251] [ 21.886320] The buggy address belongs to the object at fff00000c7950c80 [ 21.886320] which belongs to the cache kmalloc-64 of size 64 [ 21.886492] The buggy address is located 4 bytes inside of [ 21.886492] 64-byte region [fff00000c7950c80, fff00000c7950cc0) [ 21.886825] [ 21.887047] The buggy address belongs to the physical page: [ 21.887183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107950 [ 21.887332] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.887491] page_type: f5(slab) [ 21.887585] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.888052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.888164] page dumped because: kasan: bad access detected [ 21.888651] [ 21.888709] Memory state around the buggy address: [ 21.888833] fff00000c7950b80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 21.888943] fff00000c7950c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.889087] >fff00000c7950c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 21.889183] ^ [ 21.889445] fff00000c7950d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.889556] fff00000c7950d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.889650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 21.840577] ================================================================== [ 21.840767] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 21.840937] Write of size 16 at addr fff00000c794b369 by task kunit_try_catch/180 [ 21.841064] [ 21.841150] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.841365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.841683] Hardware name: linux,dummy-virt (DT) [ 21.841790] Call trace: [ 21.841848] show_stack+0x20/0x38 (C) [ 21.841974] dump_stack_lvl+0x8c/0xd0 [ 21.842100] print_report+0x118/0x608 [ 21.842193] kasan_report+0xdc/0x128 [ 21.842275] kasan_check_range+0x100/0x1a8 [ 21.842793] __asan_memset+0x34/0x78 [ 21.842930] kmalloc_oob_memset_16+0x150/0x2f8 [ 21.843089] kunit_try_run_case+0x170/0x3f0 [ 21.843361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.843623] kthread+0x328/0x630 [ 21.844004] ret_from_fork+0x10/0x20 [ 21.844313] [ 21.844440] Allocated by task 180: [ 21.844514] kasan_save_stack+0x3c/0x68 [ 21.844629] kasan_save_track+0x20/0x40 [ 21.844723] kasan_save_alloc_info+0x40/0x58 [ 21.844827] __kasan_kmalloc+0xd4/0xd8 [ 21.844916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.845017] kmalloc_oob_memset_16+0xb0/0x2f8 [ 21.845117] kunit_try_run_case+0x170/0x3f0 [ 21.845217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.845339] kthread+0x328/0x630 [ 21.845416] ret_from_fork+0x10/0x20 [ 21.845507] [ 21.845556] The buggy address belongs to the object at fff00000c794b300 [ 21.845556] which belongs to the cache kmalloc-128 of size 128 [ 21.845704] The buggy address is located 105 bytes inside of [ 21.845704] allocated 120-byte region [fff00000c794b300, fff00000c794b378) [ 21.845873] [ 21.845928] The buggy address belongs to the physical page: [ 21.846701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 21.847032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.847166] page_type: f5(slab) [ 21.847263] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.847391] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.847495] page dumped because: kasan: bad access detected [ 21.847579] [ 21.847630] Memory state around the buggy address: [ 21.847714] fff00000c794b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.847829] fff00000c794b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.848070] >fff00000c794b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.848298] ^ [ 21.848533] fff00000c794b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.848754] fff00000c794b400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.848966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 21.737150] ================================================================== [ 21.737628] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 21.737905] Write of size 4 at addr fff00000c794b275 by task kunit_try_catch/176 [ 21.738161] [ 21.738368] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.738620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.738671] Hardware name: linux,dummy-virt (DT) [ 21.739137] Call trace: [ 21.740776] show_stack+0x20/0x38 (C) [ 21.740955] dump_stack_lvl+0x8c/0xd0 [ 21.741057] print_report+0x118/0x608 [ 21.741152] kasan_report+0xdc/0x128 [ 21.741234] kasan_check_range+0x100/0x1a8 [ 21.742475] __asan_memset+0x34/0x78 [ 21.742619] kmalloc_oob_memset_4+0x150/0x300 [ 21.742722] kunit_try_run_case+0x170/0x3f0 [ 21.742862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.742984] kthread+0x328/0x630 [ 21.743089] ret_from_fork+0x10/0x20 [ 21.743197] [ 21.743240] Allocated by task 176: [ 21.743305] kasan_save_stack+0x3c/0x68 [ 21.743395] kasan_save_track+0x20/0x40 [ 21.743473] kasan_save_alloc_info+0x40/0x58 [ 21.743559] __kasan_kmalloc+0xd4/0xd8 [ 21.743638] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.743919] kmalloc_oob_memset_4+0xb0/0x300 [ 21.744021] kunit_try_run_case+0x170/0x3f0 [ 21.744558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.744678] kthread+0x328/0x630 [ 21.745439] ret_from_fork+0x10/0x20 [ 21.745528] [ 21.745631] The buggy address belongs to the object at fff00000c794b200 [ 21.745631] which belongs to the cache kmalloc-128 of size 128 [ 21.745772] The buggy address is located 117 bytes inside of [ 21.745772] allocated 120-byte region [fff00000c794b200, fff00000c794b278) [ 21.745904] [ 21.745952] The buggy address belongs to the physical page: [ 21.746190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 21.746318] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.746422] page_type: f5(slab) [ 21.746513] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.746618] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.746705] page dumped because: kasan: bad access detected [ 21.746778] [ 21.746814] Memory state around the buggy address: [ 21.746882] fff00000c794b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.746978] fff00000c794b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.747068] >fff00000c794b200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.747145] ^ [ 21.747230] fff00000c794b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.747320] fff00000c794b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.747398] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 21.703023] ================================================================== [ 21.703213] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 21.703367] Write of size 2 at addr fff00000c794b177 by task kunit_try_catch/174 [ 21.703490] [ 21.704963] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.705241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.705879] Hardware name: linux,dummy-virt (DT) [ 21.705977] Call trace: [ 21.706162] show_stack+0x20/0x38 (C) [ 21.706297] dump_stack_lvl+0x8c/0xd0 [ 21.706385] print_report+0x118/0x608 [ 21.706465] kasan_report+0xdc/0x128 [ 21.706593] kasan_check_range+0x100/0x1a8 [ 21.706695] __asan_memset+0x34/0x78 [ 21.706869] kmalloc_oob_memset_2+0x150/0x2f8 [ 21.706986] kunit_try_run_case+0x170/0x3f0 [ 21.707107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.707239] kthread+0x328/0x630 [ 21.707347] ret_from_fork+0x10/0x20 [ 21.707484] [ 21.707561] Allocated by task 174: [ 21.707648] kasan_save_stack+0x3c/0x68 [ 21.707769] kasan_save_track+0x20/0x40 [ 21.707877] kasan_save_alloc_info+0x40/0x58 [ 21.708008] __kasan_kmalloc+0xd4/0xd8 [ 21.708135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.708278] kmalloc_oob_memset_2+0xb0/0x2f8 [ 21.708390] kunit_try_run_case+0x170/0x3f0 [ 21.708483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.708589] kthread+0x328/0x630 [ 21.708673] ret_from_fork+0x10/0x20 [ 21.708986] [ 21.709043] The buggy address belongs to the object at fff00000c794b100 [ 21.709043] which belongs to the cache kmalloc-128 of size 128 [ 21.709167] The buggy address is located 119 bytes inside of [ 21.709167] allocated 120-byte region [fff00000c794b100, fff00000c794b178) [ 21.709878] [ 21.710274] The buggy address belongs to the physical page: [ 21.710537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 21.711077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.711525] page_type: f5(slab) [ 21.711719] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.711876] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.712312] page dumped because: kasan: bad access detected [ 21.712414] [ 21.712459] Memory state around the buggy address: [ 21.712543] fff00000c794b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.713162] fff00000c794b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713353] >fff00000c794b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.713466] ^ [ 21.713581] fff00000c794b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713904] fff00000c794b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.713953] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 21.672361] ================================================================== [ 21.672547] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 21.672695] Write of size 128 at addr fff00000c794b000 by task kunit_try_catch/172 [ 21.673483] [ 21.673606] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.673848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.673918] Hardware name: linux,dummy-virt (DT) [ 21.674037] Call trace: [ 21.674333] show_stack+0x20/0x38 (C) [ 21.674536] dump_stack_lvl+0x8c/0xd0 [ 21.674661] print_report+0x118/0x608 [ 21.674872] kasan_report+0xdc/0x128 [ 21.674987] kasan_check_range+0x100/0x1a8 [ 21.675370] __asan_memset+0x34/0x78 [ 21.675579] kmalloc_oob_in_memset+0x144/0x2d0 [ 21.675883] kunit_try_run_case+0x170/0x3f0 [ 21.676096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.676346] kthread+0x328/0x630 [ 21.676552] ret_from_fork+0x10/0x20 [ 21.676674] [ 21.676721] Allocated by task 172: [ 21.677076] kasan_save_stack+0x3c/0x68 [ 21.677306] kasan_save_track+0x20/0x40 [ 21.677460] kasan_save_alloc_info+0x40/0x58 [ 21.677561] __kasan_kmalloc+0xd4/0xd8 [ 21.677837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.677941] kmalloc_oob_in_memset+0xb0/0x2d0 [ 21.678119] kunit_try_run_case+0x170/0x3f0 [ 21.678206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.678379] kthread+0x328/0x630 [ 21.678582] ret_from_fork+0x10/0x20 [ 21.678693] [ 21.678755] The buggy address belongs to the object at fff00000c794b000 [ 21.678755] which belongs to the cache kmalloc-128 of size 128 [ 21.678897] The buggy address is located 0 bytes inside of [ 21.678897] allocated 120-byte region [fff00000c794b000, fff00000c794b078) [ 21.679337] [ 21.679391] The buggy address belongs to the physical page: [ 21.679464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10794b [ 21.679740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.679878] page_type: f5(slab) [ 21.679982] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.680207] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.680395] page dumped because: kasan: bad access detected [ 21.680549] [ 21.680592] Memory state around the buggy address: [ 21.680722] fff00000c794af00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.681089] fff00000c794af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.681253] >fff00000c794b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.681544] ^ [ 21.681645] fff00000c794b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.681852] fff00000c794b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 21.640002] ================================================================== [ 21.640130] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 21.640226] Read of size 16 at addr fff00000c58ac260 by task kunit_try_catch/170 [ 21.640284] [ 21.640333] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.640430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.640459] Hardware name: linux,dummy-virt (DT) [ 21.640495] Call trace: [ 21.640522] show_stack+0x20/0x38 (C) [ 21.640579] dump_stack_lvl+0x8c/0xd0 [ 21.640633] print_report+0x118/0x608 [ 21.640682] kasan_report+0xdc/0x128 [ 21.640911] __asan_report_load16_noabort+0x20/0x30 [ 21.641052] kmalloc_uaf_16+0x3bc/0x438 [ 21.641152] kunit_try_run_case+0x170/0x3f0 [ 21.641244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.641637] kthread+0x328/0x630 [ 21.641775] ret_from_fork+0x10/0x20 [ 21.642636] [ 21.642965] Allocated by task 170: [ 21.643167] kasan_save_stack+0x3c/0x68 [ 21.643649] kasan_save_track+0x20/0x40 [ 21.644136] kasan_save_alloc_info+0x40/0x58 [ 21.644632] __kasan_kmalloc+0xd4/0xd8 [ 21.644725] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.645207] kmalloc_uaf_16+0x140/0x438 [ 21.645442] kunit_try_run_case+0x170/0x3f0 [ 21.645986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.646277] kthread+0x328/0x630 [ 21.646418] ret_from_fork+0x10/0x20 [ 21.646505] [ 21.646550] Freed by task 170: [ 21.646615] kasan_save_stack+0x3c/0x68 [ 21.646706] kasan_save_track+0x20/0x40 [ 21.646856] kasan_save_free_info+0x4c/0x78 [ 21.647836] __kasan_slab_free+0x6c/0x98 [ 21.648207] kfree+0x214/0x3c8 [ 21.648471] kmalloc_uaf_16+0x190/0x438 [ 21.648584] kunit_try_run_case+0x170/0x3f0 [ 21.648675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.648790] kthread+0x328/0x630 [ 21.649512] ret_from_fork+0x10/0x20 [ 21.649886] [ 21.649930] The buggy address belongs to the object at fff00000c58ac260 [ 21.649930] which belongs to the cache kmalloc-16 of size 16 [ 21.650055] The buggy address is located 0 bytes inside of [ 21.650055] freed 16-byte region [fff00000c58ac260, fff00000c58ac270) [ 21.650602] [ 21.650898] The buggy address belongs to the physical page: [ 21.651122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.651432] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.651561] page_type: f5(slab) [ 21.651928] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.652379] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.653067] page dumped because: kasan: bad access detected [ 21.653187] [ 21.653283] Memory state around the buggy address: [ 21.653499] fff00000c58ac100: 00 00 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 21.653622] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.653739] >fff00000c58ac200: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 21.653830] ^ [ 21.653907] fff00000c58ac280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.653980] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.654045] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 21.596466] ================================================================== [ 21.596914] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 21.597091] Write of size 16 at addr fff00000c58ac200 by task kunit_try_catch/168 [ 21.597223] [ 21.597567] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.598064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.598129] Hardware name: linux,dummy-virt (DT) [ 21.598195] Call trace: [ 21.598242] show_stack+0x20/0x38 (C) [ 21.598773] dump_stack_lvl+0x8c/0xd0 [ 21.599144] print_report+0x118/0x608 [ 21.599408] kasan_report+0xdc/0x128 [ 21.599537] __asan_report_store16_noabort+0x20/0x30 [ 21.599655] kmalloc_oob_16+0x3a0/0x3f8 [ 21.599786] kunit_try_run_case+0x170/0x3f0 [ 21.599915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.600048] kthread+0x328/0x630 [ 21.600174] ret_from_fork+0x10/0x20 [ 21.600297] [ 21.600341] Allocated by task 168: [ 21.600890] kasan_save_stack+0x3c/0x68 [ 21.601256] kasan_save_track+0x20/0x40 [ 21.601339] kasan_save_alloc_info+0x40/0x58 [ 21.601503] __kasan_kmalloc+0xd4/0xd8 [ 21.601699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.602126] kmalloc_oob_16+0xb4/0x3f8 [ 21.602313] kunit_try_run_case+0x170/0x3f0 [ 21.602482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.602815] kthread+0x328/0x630 [ 21.602906] ret_from_fork+0x10/0x20 [ 21.603312] [ 21.603378] The buggy address belongs to the object at fff00000c58ac200 [ 21.603378] which belongs to the cache kmalloc-16 of size 16 [ 21.603711] The buggy address is located 0 bytes inside of [ 21.603711] allocated 13-byte region [fff00000c58ac200, fff00000c58ac20d) [ 21.604027] [ 21.604077] The buggy address belongs to the physical page: [ 21.604169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.604307] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.604432] page_type: f5(slab) [ 21.604531] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.604655] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.604769] page dumped because: kasan: bad access detected [ 21.605319] [ 21.605508] Memory state around the buggy address: [ 21.605738] fff00000c58ac100: 00 00 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 21.606004] fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.606993] >fff00000c58ac200: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.607624] ^ [ 21.607763] fff00000c58ac280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.608085] fff00000c58ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.608383] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 21.550943] ================================================================== [ 21.551058] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 21.551150] Read of size 1 at addr fff00000c4771c00 by task kunit_try_catch/166 [ 21.551206] [ 21.551261] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.551361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.551390] Hardware name: linux,dummy-virt (DT) [ 21.551427] Call trace: [ 21.551454] show_stack+0x20/0x38 (C) [ 21.551511] dump_stack_lvl+0x8c/0xd0 [ 21.551565] print_report+0x118/0x608 [ 21.551614] kasan_report+0xdc/0x128 [ 21.551662] __kasan_check_byte+0x54/0x70 [ 21.551711] krealloc_noprof+0x44/0x360 [ 21.551857] krealloc_uaf+0x180/0x520 [ 21.551972] kunit_try_run_case+0x170/0x3f0 [ 21.552086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.552198] kthread+0x328/0x630 [ 21.552284] ret_from_fork+0x10/0x20 [ 21.552385] [ 21.552426] Allocated by task 166: [ 21.552490] kasan_save_stack+0x3c/0x68 [ 21.552587] kasan_save_track+0x20/0x40 [ 21.552672] kasan_save_alloc_info+0x40/0x58 [ 21.552780] __kasan_kmalloc+0xd4/0xd8 [ 21.552868] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.552967] krealloc_uaf+0xc8/0x520 [ 21.553054] kunit_try_run_case+0x170/0x3f0 [ 21.553145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.553250] kthread+0x328/0x630 [ 21.553381] ret_from_fork+0x10/0x20 [ 21.553467] [ 21.553510] Freed by task 166: [ 21.554012] kasan_save_stack+0x3c/0x68 [ 21.554123] kasan_save_track+0x20/0x40 [ 21.554217] kasan_save_free_info+0x4c/0x78 [ 21.554318] __kasan_slab_free+0x6c/0x98 [ 21.554417] kfree+0x214/0x3c8 [ 21.554503] krealloc_uaf+0x12c/0x520 [ 21.554737] kunit_try_run_case+0x170/0x3f0 [ 21.554952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.555164] kthread+0x328/0x630 [ 21.555367] ret_from_fork+0x10/0x20 [ 21.555708] [ 21.555843] The buggy address belongs to the object at fff00000c4771c00 [ 21.555843] which belongs to the cache kmalloc-256 of size 256 [ 21.556227] The buggy address is located 0 bytes inside of [ 21.556227] freed 256-byte region [fff00000c4771c00, fff00000c4771d00) [ 21.556474] [ 21.556558] The buggy address belongs to the physical page: [ 21.556720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104770 [ 21.556977] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.557355] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.557831] page_type: f5(slab) [ 21.557957] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.558142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.558272] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.558367] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.558485] head: 0bfffe0000000001 ffffc1ffc311dc01 00000000ffffffff 00000000ffffffff [ 21.558603] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.558764] page dumped because: kasan: bad access detected [ 21.558850] [ 21.558896] Memory state around the buggy address: [ 21.558979] fff00000c4771b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.559085] fff00000c4771b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.559184] >fff00000c4771c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.559276] ^ [ 21.559347] fff00000c4771c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.559697] fff00000c4771d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.559809] ================================================================== [ 21.569161] ================================================================== [ 21.569563] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 21.569942] Read of size 1 at addr fff00000c4771c00 by task kunit_try_catch/166 [ 21.570055] [ 21.570133] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.570370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.570458] Hardware name: linux,dummy-virt (DT) [ 21.570540] Call trace: [ 21.570600] show_stack+0x20/0x38 (C) [ 21.570718] dump_stack_lvl+0x8c/0xd0 [ 21.570878] print_report+0x118/0x608 [ 21.571037] kasan_report+0xdc/0x128 [ 21.571147] __asan_report_load1_noabort+0x20/0x30 [ 21.571280] krealloc_uaf+0x4c8/0x520 [ 21.571433] kunit_try_run_case+0x170/0x3f0 [ 21.571598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.571800] kthread+0x328/0x630 [ 21.571919] ret_from_fork+0x10/0x20 [ 21.572036] [ 21.572076] Allocated by task 166: [ 21.572150] kasan_save_stack+0x3c/0x68 [ 21.572247] kasan_save_track+0x20/0x40 [ 21.572357] kasan_save_alloc_info+0x40/0x58 [ 21.572455] __kasan_kmalloc+0xd4/0xd8 [ 21.572572] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.572705] krealloc_uaf+0xc8/0x520 [ 21.572944] kunit_try_run_case+0x170/0x3f0 [ 21.573044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.573259] kthread+0x328/0x630 [ 21.573414] ret_from_fork+0x10/0x20 [ 21.573523] [ 21.573581] Freed by task 166: [ 21.573670] kasan_save_stack+0x3c/0x68 [ 21.573807] kasan_save_track+0x20/0x40 [ 21.573882] kasan_save_free_info+0x4c/0x78 [ 21.573951] __kasan_slab_free+0x6c/0x98 [ 21.574043] kfree+0x214/0x3c8 [ 21.574111] krealloc_uaf+0x12c/0x520 [ 21.574191] kunit_try_run_case+0x170/0x3f0 [ 21.574290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.574384] kthread+0x328/0x630 [ 21.574464] ret_from_fork+0x10/0x20 [ 21.574575] [ 21.574640] The buggy address belongs to the object at fff00000c4771c00 [ 21.574640] which belongs to the cache kmalloc-256 of size 256 [ 21.574788] The buggy address is located 0 bytes inside of [ 21.574788] freed 256-byte region [fff00000c4771c00, fff00000c4771d00) [ 21.574938] [ 21.575003] The buggy address belongs to the physical page: [ 21.575079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104770 [ 21.575221] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.575338] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.575461] page_type: f5(slab) [ 21.575552] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.575753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.575913] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.576041] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.576171] head: 0bfffe0000000001 ffffc1ffc311dc01 00000000ffffffff 00000000ffffffff [ 21.576283] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.576385] page dumped because: kasan: bad access detected [ 21.576460] [ 21.576512] Memory state around the buggy address: [ 21.576623] fff00000c4771b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.576764] fff00000c4771b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.576862] >fff00000c4771c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.576945] ^ [ 21.577014] fff00000c4771c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.577158] fff00000c4771d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.577269] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 21.487259] ================================================================== [ 21.487402] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 21.487544] Write of size 1 at addr fff00000c78920d0 by task kunit_try_catch/164 [ 21.487655] [ 21.487766] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.487971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.488035] Hardware name: linux,dummy-virt (DT) [ 21.488116] Call trace: [ 21.488175] show_stack+0x20/0x38 (C) [ 21.488292] dump_stack_lvl+0x8c/0xd0 [ 21.488404] print_report+0x118/0x608 [ 21.488511] kasan_report+0xdc/0x128 [ 21.488614] __asan_report_store1_noabort+0x20/0x30 [ 21.489451] krealloc_less_oob_helper+0xb9c/0xc50 [ 21.489697] krealloc_large_less_oob+0x20/0x38 [ 21.490024] kunit_try_run_case+0x170/0x3f0 [ 21.490212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.490557] kthread+0x328/0x630 [ 21.490691] ret_from_fork+0x10/0x20 [ 21.490856] [ 21.490903] The buggy address belongs to the physical page: [ 21.491052] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.491234] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.491582] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.491828] page_type: f8(unknown) [ 21.491968] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.492152] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.492688] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.493166] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.493392] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.493602] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.493819] page dumped because: kasan: bad access detected [ 21.493906] [ 21.494123] Memory state around the buggy address: [ 21.494209] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.494313] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.494408] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.494494] ^ [ 21.494710] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.494921] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.495084] ================================================================== [ 21.465691] ================================================================== [ 21.466470] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 21.466655] Write of size 1 at addr fff00000c78920c9 by task kunit_try_catch/164 [ 21.466774] [ 21.466870] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.467076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.467152] Hardware name: linux,dummy-virt (DT) [ 21.467264] Call trace: [ 21.467318] show_stack+0x20/0x38 (C) [ 21.467439] dump_stack_lvl+0x8c/0xd0 [ 21.467552] print_report+0x118/0x608 [ 21.467657] kasan_report+0xdc/0x128 [ 21.467775] __asan_report_store1_noabort+0x20/0x30 [ 21.467910] krealloc_less_oob_helper+0xa48/0xc50 [ 21.468080] krealloc_large_less_oob+0x20/0x38 [ 21.468259] kunit_try_run_case+0x170/0x3f0 [ 21.468398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.469105] kthread+0x328/0x630 [ 21.469286] ret_from_fork+0x10/0x20 [ 21.469427] [ 21.469492] The buggy address belongs to the physical page: [ 21.469590] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.469799] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.469913] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.470071] page_type: f8(unknown) [ 21.470789] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.470914] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.471032] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.471157] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.471280] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.473315] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.473952] page dumped because: kasan: bad access detected [ 21.474047] [ 21.474091] Memory state around the buggy address: [ 21.474172] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.474833] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.475398] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.477156] ^ [ 21.478003] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.478453] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.478537] ================================================================== [ 21.500321] ================================================================== [ 21.500458] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 21.500599] Write of size 1 at addr fff00000c78920da by task kunit_try_catch/164 [ 21.500723] [ 21.501498] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.501791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.501846] Hardware name: linux,dummy-virt (DT) [ 21.502162] Call trace: [ 21.502242] show_stack+0x20/0x38 (C) [ 21.502540] dump_stack_lvl+0x8c/0xd0 [ 21.502803] print_report+0x118/0x608 [ 21.503064] kasan_report+0xdc/0x128 [ 21.503305] __asan_report_store1_noabort+0x20/0x30 [ 21.503447] krealloc_less_oob_helper+0xa80/0xc50 [ 21.503832] krealloc_large_less_oob+0x20/0x38 [ 21.504338] kunit_try_run_case+0x170/0x3f0 [ 21.504615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.504847] kthread+0x328/0x630 [ 21.504952] ret_from_fork+0x10/0x20 [ 21.505441] [ 21.505509] The buggy address belongs to the physical page: [ 21.505700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.505987] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.506389] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.506557] page_type: f8(unknown) [ 21.506675] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.506795] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.507070] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.507320] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.507618] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.508132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.508244] page dumped because: kasan: bad access detected [ 21.508433] [ 21.508486] Memory state around the buggy address: [ 21.508876] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.508987] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.509203] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.509400] ^ [ 21.509605] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.509972] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.510087] ================================================================== [ 21.511744] ================================================================== [ 21.511862] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 21.511993] Write of size 1 at addr fff00000c78920ea by task kunit_try_catch/164 [ 21.512122] [ 21.512213] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.512412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.512475] Hardware name: linux,dummy-virt (DT) [ 21.512553] Call trace: [ 21.512608] show_stack+0x20/0x38 (C) [ 21.512723] dump_stack_lvl+0x8c/0xd0 [ 21.514530] print_report+0x118/0x608 [ 21.514760] kasan_report+0xdc/0x128 [ 21.515526] __asan_report_store1_noabort+0x20/0x30 [ 21.515672] krealloc_less_oob_helper+0xae4/0xc50 [ 21.515914] krealloc_large_less_oob+0x20/0x38 [ 21.516055] kunit_try_run_case+0x170/0x3f0 [ 21.516639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.516903] kthread+0x328/0x630 [ 21.517129] ret_from_fork+0x10/0x20 [ 21.517350] [ 21.517427] The buggy address belongs to the physical page: [ 21.517608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.517987] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.518102] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.518220] page_type: f8(unknown) [ 21.518402] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.518656] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.518888] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.519349] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.519644] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.519893] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.520218] page dumped because: kasan: bad access detected [ 21.520390] [ 21.520454] Memory state around the buggy address: [ 21.520634] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.520746] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.521079] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.521304] ^ [ 21.521507] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.521778] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.521915] ================================================================== [ 21.523828] ================================================================== [ 21.523955] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 21.524078] Write of size 1 at addr fff00000c78920eb by task kunit_try_catch/164 [ 21.524219] [ 21.524338] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.524566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.524633] Hardware name: linux,dummy-virt (DT) [ 21.524706] Call trace: [ 21.524772] show_stack+0x20/0x38 (C) [ 21.524897] dump_stack_lvl+0x8c/0xd0 [ 21.525011] print_report+0x118/0x608 [ 21.525121] kasan_report+0xdc/0x128 [ 21.525228] __asan_report_store1_noabort+0x20/0x30 [ 21.525369] krealloc_less_oob_helper+0xa58/0xc50 [ 21.525497] krealloc_large_less_oob+0x20/0x38 [ 21.526184] kunit_try_run_case+0x170/0x3f0 [ 21.526370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.526508] kthread+0x328/0x630 [ 21.526624] ret_from_fork+0x10/0x20 [ 21.526767] [ 21.526819] The buggy address belongs to the physical page: [ 21.526956] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.527070] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.527173] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.527392] page_type: f8(unknown) [ 21.527484] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.527848] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.527983] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.528114] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.528239] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.528356] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.528460] page dumped because: kasan: bad access detected [ 21.528537] [ 21.528580] Memory state around the buggy address: [ 21.528665] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.528785] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.528893] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.528991] ^ [ 21.529091] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.529203] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.529297] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 21.340021] ================================================================== [ 21.340470] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 21.340627] Write of size 1 at addr fff00000c4771aeb by task kunit_try_catch/158 [ 21.340756] [ 21.341336] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.341642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.341710] Hardware name: linux,dummy-virt (DT) [ 21.341796] Call trace: [ 21.341844] show_stack+0x20/0x38 (C) [ 21.341985] dump_stack_lvl+0x8c/0xd0 [ 21.342094] print_report+0x118/0x608 [ 21.342437] kasan_report+0xdc/0x128 [ 21.342586] __asan_report_store1_noabort+0x20/0x30 [ 21.342742] krealloc_more_oob_helper+0x60c/0x678 [ 21.342892] krealloc_more_oob+0x20/0x38 [ 21.343001] kunit_try_run_case+0x170/0x3f0 [ 21.343413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.343611] kthread+0x328/0x630 [ 21.343799] ret_from_fork+0x10/0x20 [ 21.343921] [ 21.343967] Allocated by task 158: [ 21.344039] kasan_save_stack+0x3c/0x68 [ 21.344160] kasan_save_track+0x20/0x40 [ 21.344294] kasan_save_alloc_info+0x40/0x58 [ 21.344423] __kasan_krealloc+0x118/0x178 [ 21.344557] krealloc_noprof+0x128/0x360 [ 21.344646] krealloc_more_oob_helper+0x168/0x678 [ 21.344746] krealloc_more_oob+0x20/0x38 [ 21.345093] kunit_try_run_case+0x170/0x3f0 [ 21.345345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.345479] kthread+0x328/0x630 [ 21.345560] ret_from_fork+0x10/0x20 [ 21.345637] [ 21.345680] The buggy address belongs to the object at fff00000c4771a00 [ 21.345680] which belongs to the cache kmalloc-256 of size 256 [ 21.346102] The buggy address is located 0 bytes to the right of [ 21.346102] allocated 235-byte region [fff00000c4771a00, fff00000c4771aeb) [ 21.346353] [ 21.346405] The buggy address belongs to the physical page: [ 21.346483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104770 [ 21.346619] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.346746] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.346888] page_type: f5(slab) [ 21.347013] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.347248] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.347368] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.347481] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.347686] head: 0bfffe0000000001 ffffc1ffc311dc01 00000000ffffffff 00000000ffffffff [ 21.348039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.348201] page dumped because: kasan: bad access detected [ 21.348317] [ 21.348377] Memory state around the buggy address: [ 21.348459] fff00000c4771980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.348568] fff00000c4771a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.348692] >fff00000c4771a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 21.348791] ^ [ 21.348924] fff00000c4771b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.349053] fff00000c4771b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.349188] ================================================================== [ 21.351824] ================================================================== [ 21.351958] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 21.352096] Write of size 1 at addr fff00000c4771af0 by task kunit_try_catch/158 [ 21.352230] [ 21.352320] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.352523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.352587] Hardware name: linux,dummy-virt (DT) [ 21.352667] Call trace: [ 21.352724] show_stack+0x20/0x38 (C) [ 21.353351] dump_stack_lvl+0x8c/0xd0 [ 21.353543] print_report+0x118/0x608 [ 21.353682] kasan_report+0xdc/0x128 [ 21.353826] __asan_report_store1_noabort+0x20/0x30 [ 21.354100] krealloc_more_oob_helper+0x5c0/0x678 [ 21.354247] krealloc_more_oob+0x20/0x38 [ 21.354364] kunit_try_run_case+0x170/0x3f0 [ 21.354456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.354573] kthread+0x328/0x630 [ 21.354709] ret_from_fork+0x10/0x20 [ 21.354905] [ 21.354972] Allocated by task 158: [ 21.355058] kasan_save_stack+0x3c/0x68 [ 21.355230] kasan_save_track+0x20/0x40 [ 21.355322] kasan_save_alloc_info+0x40/0x58 [ 21.355448] __kasan_krealloc+0x118/0x178 [ 21.355580] krealloc_noprof+0x128/0x360 [ 21.355682] krealloc_more_oob_helper+0x168/0x678 [ 21.356120] krealloc_more_oob+0x20/0x38 [ 21.356516] kunit_try_run_case+0x170/0x3f0 [ 21.356617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.356738] kthread+0x328/0x630 [ 21.357402] ret_from_fork+0x10/0x20 [ 21.357543] [ 21.357588] The buggy address belongs to the object at fff00000c4771a00 [ 21.357588] which belongs to the cache kmalloc-256 of size 256 [ 21.357712] The buggy address is located 5 bytes to the right of [ 21.357712] allocated 235-byte region [fff00000c4771a00, fff00000c4771aeb) [ 21.358070] [ 21.358124] The buggy address belongs to the physical page: [ 21.358209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104770 [ 21.358374] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.358492] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.358629] page_type: f5(slab) [ 21.358739] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.358885] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.359042] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 21.359156] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.359564] head: 0bfffe0000000001 ffffc1ffc311dc01 00000000ffffffff 00000000ffffffff [ 21.359682] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.360246] page dumped because: kasan: bad access detected [ 21.360378] [ 21.360452] Memory state around the buggy address: [ 21.360584] fff00000c4771980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.360703] fff00000c4771a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.360822] >fff00000c4771a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 21.360910] ^ [ 21.361012] fff00000c4771b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.361120] fff00000c4771b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.361219] ================================================================== [ 21.445606] ================================================================== [ 21.445972] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 21.446137] Write of size 1 at addr fff00000c78920f0 by task kunit_try_catch/162 [ 21.446251] [ 21.446369] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.446542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.446592] Hardware name: linux,dummy-virt (DT) [ 21.446661] Call trace: [ 21.446719] show_stack+0x20/0x38 (C) [ 21.447180] dump_stack_lvl+0x8c/0xd0 [ 21.447322] print_report+0x118/0x608 [ 21.447442] kasan_report+0xdc/0x128 [ 21.447543] __asan_report_store1_noabort+0x20/0x30 [ 21.447874] krealloc_more_oob_helper+0x5c0/0x678 [ 21.448073] krealloc_large_more_oob+0x20/0x38 [ 21.448291] kunit_try_run_case+0x170/0x3f0 [ 21.448420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.448555] kthread+0x328/0x630 [ 21.448666] ret_from_fork+0x10/0x20 [ 21.448799] [ 21.448848] The buggy address belongs to the physical page: [ 21.448924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.449058] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.449175] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.449463] page_type: f8(unknown) [ 21.449800] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.449947] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.450190] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.450507] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.450854] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.451103] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.451217] page dumped because: kasan: bad access detected [ 21.451373] [ 21.451453] Memory state around the buggy address: [ 21.451692] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.451922] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.452046] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 21.452297] ^ [ 21.452461] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.452672] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.452913] ================================================================== [ 21.435407] ================================================================== [ 21.435749] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 21.436037] Write of size 1 at addr fff00000c78920eb by task kunit_try_catch/162 [ 21.436195] [ 21.436293] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.436485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.436750] Hardware name: linux,dummy-virt (DT) [ 21.436990] Call trace: [ 21.437054] show_stack+0x20/0x38 (C) [ 21.437191] dump_stack_lvl+0x8c/0xd0 [ 21.437353] print_report+0x118/0x608 [ 21.437468] kasan_report+0xdc/0x128 [ 21.437583] __asan_report_store1_noabort+0x20/0x30 [ 21.437704] krealloc_more_oob_helper+0x60c/0x678 [ 21.437834] krealloc_large_more_oob+0x20/0x38 [ 21.437946] kunit_try_run_case+0x170/0x3f0 [ 21.438159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.438504] kthread+0x328/0x630 [ 21.438713] ret_from_fork+0x10/0x20 [ 21.438877] [ 21.438926] The buggy address belongs to the physical page: [ 21.439201] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 21.439541] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.439765] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.439897] page_type: f8(unknown) [ 21.440209] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.440442] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.440775] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.440908] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.441514] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 21.441671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.441880] page dumped because: kasan: bad access detected [ 21.441957] [ 21.442145] Memory state around the buggy address: [ 21.442367] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.442704] fff00000c7892000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.442888] >fff00000c7892080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 21.442987] ^ [ 21.443089] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.443195] fff00000c7892180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.443298] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 21.300002] ================================================================== [ 21.300199] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 21.300335] Read of size 1 at addr fff00000c79a0000 by task kunit_try_catch/156 [ 21.300458] [ 21.300545] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.301390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.302443] Hardware name: linux,dummy-virt (DT) [ 21.302560] Call trace: [ 21.302614] show_stack+0x20/0x38 (C) [ 21.303199] dump_stack_lvl+0x8c/0xd0 [ 21.303447] print_report+0x118/0x608 [ 21.303673] kasan_report+0xdc/0x128 [ 21.303792] __asan_report_load1_noabort+0x20/0x30 [ 21.303916] page_alloc_uaf+0x328/0x350 [ 21.304035] kunit_try_run_case+0x170/0x3f0 [ 21.304417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.304715] kthread+0x328/0x630 [ 21.305040] ret_from_fork+0x10/0x20 [ 21.305305] [ 21.305440] The buggy address belongs to the physical page: [ 21.305582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079a0 [ 21.305860] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.305988] page_type: f0(buddy) [ 21.306088] raw: 0bfffe0000000000 fff00000ff616088 fff00000ff616088 0000000000000000 [ 21.306211] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 21.306303] page dumped because: kasan: bad access detected [ 21.306362] [ 21.306395] Memory state around the buggy address: [ 21.306455] fff00000c799ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.306541] fff00000c799ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.306634] >fff00000c79a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.307074] ^ [ 21.307212] fff00000c79a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.307640] fff00000c79a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.307837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 21.248754] ================================================================== [ 21.249812] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 21.249987] Free of addr fff00000c788c001 by task kunit_try_catch/152 [ 21.250091] [ 21.250175] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.250432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.250508] Hardware name: linux,dummy-virt (DT) [ 21.250601] Call trace: [ 21.250677] show_stack+0x20/0x38 (C) [ 21.250857] dump_stack_lvl+0x8c/0xd0 [ 21.251014] print_report+0x118/0x608 [ 21.251159] kasan_report_invalid_free+0xc0/0xe8 [ 21.251316] __kasan_kfree_large+0x5c/0xa8 [ 21.251415] free_large_kmalloc+0x64/0x190 [ 21.251562] kfree+0x270/0x3c8 [ 21.251696] kmalloc_large_invalid_free+0x108/0x270 [ 21.251895] kunit_try_run_case+0x170/0x3f0 [ 21.252014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.252151] kthread+0x328/0x630 [ 21.252263] ret_from_fork+0x10/0x20 [ 21.252377] [ 21.252427] The buggy address belongs to the physical page: [ 21.252504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 21.252635] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.252758] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.252881] page_type: f8(unknown) [ 21.252978] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.253100] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.253221] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.253350] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.253470] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 21.253654] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.253780] page dumped because: kasan: bad access detected [ 21.253883] [ 21.253936] Memory state around the buggy address: [ 21.254030] fff00000c788bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.254138] fff00000c788bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.254247] >fff00000c788c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.254363] ^ [ 21.254455] fff00000c788c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.254634] fff00000c788c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.254850] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 21.230897] ================================================================== [ 21.231093] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 21.231240] Read of size 1 at addr fff00000c788c000 by task kunit_try_catch/150 [ 21.231359] [ 21.231444] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.231652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.231716] Hardware name: linux,dummy-virt (DT) [ 21.232036] Call trace: [ 21.232123] show_stack+0x20/0x38 (C) [ 21.232300] dump_stack_lvl+0x8c/0xd0 [ 21.232434] print_report+0x118/0x608 [ 21.232531] kasan_report+0xdc/0x128 [ 21.232684] __asan_report_load1_noabort+0x20/0x30 [ 21.232866] kmalloc_large_uaf+0x2cc/0x2f8 [ 21.233028] kunit_try_run_case+0x170/0x3f0 [ 21.233188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.233361] kthread+0x328/0x630 [ 21.233503] ret_from_fork+0x10/0x20 [ 21.233632] [ 21.233679] The buggy address belongs to the physical page: [ 21.233760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 21.233869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.234035] raw: 0bfffe0000000000 ffffc1ffc31e2408 fff00000da47ee00 0000000000000000 [ 21.234196] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.234316] page dumped because: kasan: bad access detected [ 21.234406] [ 21.234453] Memory state around the buggy address: [ 21.234533] fff00000c788bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.234642] fff00000c788bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.234761] >fff00000c788c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.234858] ^ [ 21.234931] fff00000c788c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.235034] fff00000c788c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.235127] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 21.200820] ================================================================== [ 21.201031] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 21.201531] Write of size 1 at addr fff00000c788e00a by task kunit_try_catch/148 [ 21.201648] [ 21.201746] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.202143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.202205] Hardware name: linux,dummy-virt (DT) [ 21.202279] Call trace: [ 21.202362] show_stack+0x20/0x38 (C) [ 21.202495] dump_stack_lvl+0x8c/0xd0 [ 21.202609] print_report+0x118/0x608 [ 21.202717] kasan_report+0xdc/0x128 [ 21.202825] __asan_report_store1_noabort+0x20/0x30 [ 21.202950] kmalloc_large_oob_right+0x278/0x2b8 [ 21.203066] kunit_try_run_case+0x170/0x3f0 [ 21.203189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.203321] kthread+0x328/0x630 [ 21.203441] ret_from_fork+0x10/0x20 [ 21.203557] [ 21.204083] The buggy address belongs to the physical page: [ 21.204196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 21.204480] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.204591] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.204749] page_type: f8(unknown) [ 21.204834] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.204934] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.205030] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.205134] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.205230] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 21.205344] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.205459] page dumped because: kasan: bad access detected [ 21.205534] [ 21.205578] Memory state around the buggy address: [ 21.205899] fff00000c788df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.206000] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.206084] >fff00000c788e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.206163] ^ [ 21.206228] fff00000c788e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.206315] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.206404] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 21.147354] ================================================================== [ 21.147547] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.147701] Write of size 1 at addr fff00000c7989f00 by task kunit_try_catch/146 [ 21.147827] [ 21.147912] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.148459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.148533] Hardware name: linux,dummy-virt (DT) [ 21.148609] Call trace: [ 21.148665] show_stack+0x20/0x38 (C) [ 21.149324] dump_stack_lvl+0x8c/0xd0 [ 21.149619] print_report+0x118/0x608 [ 21.149771] kasan_report+0xdc/0x128 [ 21.149897] __asan_report_store1_noabort+0x20/0x30 [ 21.150063] kmalloc_big_oob_right+0x2a4/0x2f0 [ 21.150198] kunit_try_run_case+0x170/0x3f0 [ 21.150314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.150446] kthread+0x328/0x630 [ 21.150557] ret_from_fork+0x10/0x20 [ 21.150685] [ 21.150741] Allocated by task 146: [ 21.150812] kasan_save_stack+0x3c/0x68 [ 21.151211] kasan_save_track+0x20/0x40 [ 21.151291] kasan_save_alloc_info+0x40/0x58 [ 21.151364] __kasan_kmalloc+0xd4/0xd8 [ 21.151837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.151966] kmalloc_big_oob_right+0xb8/0x2f0 [ 21.152146] kunit_try_run_case+0x170/0x3f0 [ 21.152293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.152445] kthread+0x328/0x630 [ 21.152537] ret_from_fork+0x10/0x20 [ 21.152662] [ 21.152747] The buggy address belongs to the object at fff00000c7988000 [ 21.152747] which belongs to the cache kmalloc-8k of size 8192 [ 21.152960] The buggy address is located 0 bytes to the right of [ 21.152960] allocated 7936-byte region [fff00000c7988000, fff00000c7989f00) [ 21.153120] [ 21.153183] The buggy address belongs to the physical page: [ 21.153294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107988 [ 21.153415] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.153526] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.153655] page_type: f5(slab) [ 21.154001] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.154119] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.154237] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 21.154598] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 21.155157] head: 0bfffe0000000003 ffffc1ffc31e6201 00000000ffffffff 00000000ffffffff [ 21.155536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 21.155724] page dumped because: kasan: bad access detected [ 21.155831] [ 21.155916] Memory state around the buggy address: [ 21.156000] fff00000c7989e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.156123] fff00000c7989e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.156794] >fff00000c7989f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.156941] ^ [ 21.157526] fff00000c7989f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.157656] fff00000c798a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.157765] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 21.076720] ================================================================== [ 21.077606] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 21.077862] Write of size 1 at addr fff00000c4799978 by task kunit_try_catch/144 [ 21.078374] [ 21.078527] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.079179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.079620] Hardware name: linux,dummy-virt (DT) [ 21.079737] Call trace: [ 21.079842] show_stack+0x20/0x38 (C) [ 21.079989] dump_stack_lvl+0x8c/0xd0 [ 21.080515] print_report+0x118/0x608 [ 21.080856] kasan_report+0xdc/0x128 [ 21.081237] __asan_report_store1_noabort+0x20/0x30 [ 21.081473] kmalloc_track_caller_oob_right+0x40c/0x488 [ 21.081790] kunit_try_run_case+0x170/0x3f0 [ 21.081937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.082076] kthread+0x328/0x630 [ 21.082797] ret_from_fork+0x10/0x20 [ 21.083022] [ 21.083084] Allocated by task 144: [ 21.083223] kasan_save_stack+0x3c/0x68 [ 21.083346] kasan_save_track+0x20/0x40 [ 21.083437] kasan_save_alloc_info+0x40/0x58 [ 21.083536] __kasan_kmalloc+0xd4/0xd8 [ 21.084336] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.084470] kmalloc_track_caller_oob_right+0xa8/0x488 [ 21.084571] kunit_try_run_case+0x170/0x3f0 [ 21.084664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.085427] kthread+0x328/0x630 [ 21.085922] ret_from_fork+0x10/0x20 [ 21.086159] [ 21.086288] The buggy address belongs to the object at fff00000c4799900 [ 21.086288] which belongs to the cache kmalloc-128 of size 128 [ 21.086457] The buggy address is located 0 bytes to the right of [ 21.086457] allocated 120-byte region [fff00000c4799900, fff00000c4799978) [ 21.086615] [ 21.086669] The buggy address belongs to the physical page: [ 21.086760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104799 [ 21.087460] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.087615] page_type: f5(slab) [ 21.087721] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.088529] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.088843] page dumped because: kasan: bad access detected [ 21.089197] [ 21.089252] Memory state around the buggy address: [ 21.089343] fff00000c4799800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.089433] fff00000c4799880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.089985] >fff00000c4799900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.090114] ^ [ 21.090269] fff00000c4799980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.090594] fff00000c4799a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.090917] ================================================================== [ 21.095790] ================================================================== [ 21.095926] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 21.096628] Write of size 1 at addr fff00000c4799a78 by task kunit_try_catch/144 [ 21.097256] [ 21.097467] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.097670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.097725] Hardware name: linux,dummy-virt (DT) [ 21.097817] Call trace: [ 21.097871] show_stack+0x20/0x38 (C) [ 21.098769] dump_stack_lvl+0x8c/0xd0 [ 21.098997] print_report+0x118/0x608 [ 21.099122] kasan_report+0xdc/0x128 [ 21.099643] __asan_report_store1_noabort+0x20/0x30 [ 21.099853] kmalloc_track_caller_oob_right+0x418/0x488 [ 21.100118] kunit_try_run_case+0x170/0x3f0 [ 21.100305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.100445] kthread+0x328/0x630 [ 21.100559] ret_from_fork+0x10/0x20 [ 21.100680] [ 21.100724] Allocated by task 144: [ 21.100807] kasan_save_stack+0x3c/0x68 [ 21.100906] kasan_save_track+0x20/0x40 [ 21.100994] kasan_save_alloc_info+0x40/0x58 [ 21.101107] __kasan_kmalloc+0xd4/0xd8 [ 21.101200] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.101503] kmalloc_track_caller_oob_right+0x184/0x488 [ 21.101601] kunit_try_run_case+0x170/0x3f0 [ 21.102051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.102496] kthread+0x328/0x630 [ 21.102803] ret_from_fork+0x10/0x20 [ 21.102922] [ 21.102969] The buggy address belongs to the object at fff00000c4799a00 [ 21.102969] which belongs to the cache kmalloc-128 of size 128 [ 21.103528] The buggy address is located 0 bytes to the right of [ 21.103528] allocated 120-byte region [fff00000c4799a00, fff00000c4799a78) [ 21.103828] [ 21.103997] The buggy address belongs to the physical page: [ 21.104117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104799 [ 21.104469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.104913] page_type: f5(slab) [ 21.105059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.105184] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.105949] page dumped because: kasan: bad access detected [ 21.106114] [ 21.106427] Memory state around the buggy address: [ 21.106579] fff00000c4799900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.106690] fff00000c4799980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107130] >fff00000c4799a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.107253] ^ [ 21.107436] fff00000c4799a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107625] fff00000c4799b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.107720] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 21.044578] ================================================================== [ 21.044694] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 21.044899] Read of size 1 at addr fff00000c5e93000 by task kunit_try_catch/142 [ 21.045096] [ 21.045339] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.045849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.046347] Hardware name: linux,dummy-virt (DT) [ 21.046565] Call trace: [ 21.046652] show_stack+0x20/0x38 (C) [ 21.046858] dump_stack_lvl+0x8c/0xd0 [ 21.047047] print_report+0x118/0x608 [ 21.047223] kasan_report+0xdc/0x128 [ 21.047559] __asan_report_load1_noabort+0x20/0x30 [ 21.047677] kmalloc_node_oob_right+0x2f4/0x330 [ 21.047800] kunit_try_run_case+0x170/0x3f0 [ 21.047896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.048084] kthread+0x328/0x630 [ 21.048291] ret_from_fork+0x10/0x20 [ 21.048683] [ 21.048800] Allocated by task 142: [ 21.048876] kasan_save_stack+0x3c/0x68 [ 21.049034] kasan_save_track+0x20/0x40 [ 21.049269] kasan_save_alloc_info+0x40/0x58 [ 21.049413] __kasan_kmalloc+0xd4/0xd8 [ 21.049744] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 21.049858] kmalloc_node_oob_right+0xbc/0x330 [ 21.049951] kunit_try_run_case+0x170/0x3f0 [ 21.050037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.050268] kthread+0x328/0x630 [ 21.050501] ret_from_fork+0x10/0x20 [ 21.050605] [ 21.050810] The buggy address belongs to the object at fff00000c5e92000 [ 21.050810] which belongs to the cache kmalloc-4k of size 4096 [ 21.051134] The buggy address is located 0 bytes to the right of [ 21.051134] allocated 4096-byte region [fff00000c5e92000, fff00000c5e93000) [ 21.051321] [ 21.051374] The buggy address belongs to the physical page: [ 21.051563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e90 [ 21.052296] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.052545] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.052828] page_type: f5(slab) [ 21.053137] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 21.053270] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.053510] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 21.053666] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 21.053865] head: 0bfffe0000000003 ffffc1ffc317a401 00000000ffffffff 00000000ffffffff [ 21.053998] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 21.054210] page dumped because: kasan: bad access detected [ 21.054374] [ 21.054423] Memory state around the buggy address: [ 21.054505] fff00000c5e92f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.054593] fff00000c5e92f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.054672] >fff00000c5e93000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.054783] ^ [ 21.054845] fff00000c5e93080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.054940] fff00000c5e93100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.055425] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 21.019680] ================================================================== [ 21.019862] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 21.019954] Read of size 1 at addr fff00000c58ac1df by task kunit_try_catch/140 [ 21.020011] [ 21.020063] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 21.020176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.020207] Hardware name: linux,dummy-virt (DT) [ 21.020243] Call trace: [ 21.020270] show_stack+0x20/0x38 (C) [ 21.020328] dump_stack_lvl+0x8c/0xd0 [ 21.020385] print_report+0x118/0x608 [ 21.020434] kasan_report+0xdc/0x128 [ 21.020482] __asan_report_load1_noabort+0x20/0x30 [ 21.020536] kmalloc_oob_left+0x2ec/0x320 [ 21.020587] kunit_try_run_case+0x170/0x3f0 [ 21.020642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.020700] kthread+0x328/0x630 [ 21.020827] ret_from_fork+0x10/0x20 [ 21.020957] [ 21.021003] Allocated by task 26: [ 21.021113] kasan_save_stack+0x3c/0x68 [ 21.021218] kasan_save_track+0x20/0x40 [ 21.021802] kasan_save_alloc_info+0x40/0x58 [ 21.022047] __kasan_kmalloc+0xd4/0xd8 [ 21.022122] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 21.022210] kstrdup+0x54/0xc8 [ 21.022281] devtmpfs_work_loop+0x6f8/0xa58 [ 21.022352] devtmpfsd+0x50/0x58 [ 21.022419] kthread+0x328/0x630 [ 21.022497] ret_from_fork+0x10/0x20 [ 21.022596] [ 21.022709] Freed by task 26: [ 21.022854] kasan_save_stack+0x3c/0x68 [ 21.022983] kasan_save_track+0x20/0x40 [ 21.023100] kasan_save_free_info+0x4c/0x78 [ 21.023186] __kasan_slab_free+0x6c/0x98 [ 21.023274] kfree+0x214/0x3c8 [ 21.023351] devtmpfs_work_loop+0x804/0xa58 [ 21.023439] devtmpfsd+0x50/0x58 [ 21.023518] kthread+0x328/0x630 [ 21.023599] ret_from_fork+0x10/0x20 [ 21.023697] [ 21.023757] The buggy address belongs to the object at fff00000c58ac1c0 [ 21.023757] which belongs to the cache kmalloc-16 of size 16 [ 21.023883] The buggy address is located 15 bytes to the right of [ 21.023883] allocated 16-byte region [fff00000c58ac1c0, fff00000c58ac1d0) [ 21.024013] [ 21.024062] The buggy address belongs to the physical page: [ 21.024148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ac [ 21.024283] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.024405] page_type: f5(slab) [ 21.024498] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.024624] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.024725] page dumped because: kasan: bad access detected [ 21.025129] [ 21.025180] Memory state around the buggy address: [ 21.025312] fff00000c58ac080: 00 05 fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 21.025432] fff00000c58ac100: 00 00 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 21.025861] >fff00000c58ac180: 00 04 fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 21.025983] ^ [ 21.026092] fff00000c58ac200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026193] fff00000c58ac280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026367] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 20.968298] ================================================================== [ 20.968444] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 20.968605] Read of size 1 at addr fff00000c4799880 by task kunit_try_catch/138 [ 20.968763] [ 20.968840] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 20.969018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.969087] Hardware name: linux,dummy-virt (DT) [ 20.969162] Call trace: [ 20.969206] show_stack+0x20/0x38 (C) [ 20.969324] dump_stack_lvl+0x8c/0xd0 [ 20.969433] print_report+0x118/0x608 [ 20.969550] kasan_report+0xdc/0x128 [ 20.969661] __asan_report_load1_noabort+0x20/0x30 [ 20.969880] kmalloc_oob_right+0x5d0/0x660 [ 20.969994] kunit_try_run_case+0x170/0x3f0 [ 20.970095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.970215] kthread+0x328/0x630 [ 20.970306] ret_from_fork+0x10/0x20 [ 20.970411] [ 20.970457] Allocated by task 138: [ 20.970516] kasan_save_stack+0x3c/0x68 [ 20.970591] kasan_save_track+0x20/0x40 [ 20.970703] kasan_save_alloc_info+0x40/0x58 [ 20.970802] __kasan_kmalloc+0xd4/0xd8 [ 20.970879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.970971] kmalloc_oob_right+0xb0/0x660 [ 20.971150] kunit_try_run_case+0x170/0x3f0 [ 20.971308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.971459] kthread+0x328/0x630 [ 20.971551] ret_from_fork+0x10/0x20 [ 20.971642] [ 20.971713] The buggy address belongs to the object at fff00000c4799800 [ 20.971713] which belongs to the cache kmalloc-128 of size 128 [ 20.971873] The buggy address is located 13 bytes to the right of [ 20.971873] allocated 115-byte region [fff00000c4799800, fff00000c4799873) [ 20.972036] [ 20.972088] The buggy address belongs to the physical page: [ 20.972175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104799 [ 20.972308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.972431] page_type: f5(slab) [ 20.972531] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.972658] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.972772] page dumped because: kasan: bad access detected [ 20.972852] [ 20.972896] Memory state around the buggy address: [ 20.972977] fff00000c4799780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.973088] fff00000c4799800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.973198] >fff00000c4799880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.973296] ^ [ 20.973367] fff00000c4799900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.973489] fff00000c4799980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.973590] ================================================================== [ 20.958634] ================================================================== [ 20.958782] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 20.958926] Write of size 1 at addr fff00000c4799878 by task kunit_try_catch/138 [ 20.959122] [ 20.959214] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 20.959567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.959652] Hardware name: linux,dummy-virt (DT) [ 20.959723] Call trace: [ 20.959784] show_stack+0x20/0x38 (C) [ 20.960388] dump_stack_lvl+0x8c/0xd0 [ 20.960830] print_report+0x118/0x608 [ 20.960963] kasan_report+0xdc/0x128 [ 20.961965] __asan_report_store1_noabort+0x20/0x30 [ 20.962136] kmalloc_oob_right+0x538/0x660 [ 20.962231] kunit_try_run_case+0x170/0x3f0 [ 20.962330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.962442] kthread+0x328/0x630 [ 20.962542] ret_from_fork+0x10/0x20 [ 20.962649] [ 20.962691] Allocated by task 138: [ 20.962770] kasan_save_stack+0x3c/0x68 [ 20.962857] kasan_save_track+0x20/0x40 [ 20.963494] kasan_save_alloc_info+0x40/0x58 [ 20.963609] __kasan_kmalloc+0xd4/0xd8 [ 20.963712] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.963828] kmalloc_oob_right+0xb0/0x660 [ 20.963914] kunit_try_run_case+0x170/0x3f0 [ 20.964004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.965060] kthread+0x328/0x630 [ 20.965197] ret_from_fork+0x10/0x20 [ 20.965391] [ 20.965443] The buggy address belongs to the object at fff00000c4799800 [ 20.965443] which belongs to the cache kmalloc-128 of size 128 [ 20.965584] The buggy address is located 5 bytes to the right of [ 20.965584] allocated 115-byte region [fff00000c4799800, fff00000c4799873) [ 20.965706] [ 20.965758] The buggy address belongs to the physical page: [ 20.965842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104799 [ 20.965957] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.966062] page_type: f5(slab) [ 20.966143] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.966251] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.966344] page dumped because: kasan: bad access detected [ 20.966408] [ 20.966441] Memory state around the buggy address: [ 20.966509] fff00000c4799700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.966642] fff00000c4799780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.966764] >fff00000c4799800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.966859] ^ [ 20.966966] fff00000c4799880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.967065] fff00000c4799900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.967191] ================================================================== [ 20.943413] ================================================================== [ 20.944102] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 20.946924] Write of size 1 at addr fff00000c4799873 by task kunit_try_catch/138 [ 20.947140] [ 20.948807] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.3-rc1 #1 PREEMPT [ 20.949133] Tainted: [N]=TEST [ 20.949210] Hardware name: linux,dummy-virt (DT) [ 20.949670] Call trace: [ 20.950040] show_stack+0x20/0x38 (C) [ 20.950331] dump_stack_lvl+0x8c/0xd0 [ 20.950475] print_report+0x118/0x608 [ 20.950575] kasan_report+0xdc/0x128 [ 20.950661] __asan_report_store1_noabort+0x20/0x30 [ 20.951094] kmalloc_oob_right+0x5a4/0x660 [ 20.951216] kunit_try_run_case+0x170/0x3f0 [ 20.951337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.951457] kthread+0x328/0x630 [ 20.951559] ret_from_fork+0x10/0x20 [ 20.952082] [ 20.952182] Allocated by task 138: [ 20.952428] kasan_save_stack+0x3c/0x68 [ 20.952575] kasan_save_track+0x20/0x40 [ 20.952659] kasan_save_alloc_info+0x40/0x58 [ 20.952764] __kasan_kmalloc+0xd4/0xd8 [ 20.952842] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.952940] kmalloc_oob_right+0xb0/0x660 [ 20.953028] kunit_try_run_case+0x170/0x3f0 [ 20.953156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.953263] kthread+0x328/0x630 [ 20.953395] ret_from_fork+0x10/0x20 [ 20.953570] [ 20.953748] The buggy address belongs to the object at fff00000c4799800 [ 20.953748] which belongs to the cache kmalloc-128 of size 128 [ 20.953997] The buggy address is located 0 bytes to the right of [ 20.953997] allocated 115-byte region [fff00000c4799800, fff00000c4799873) [ 20.954230] [ 20.954608] The buggy address belongs to the physical page: [ 20.955006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104799 [ 20.955378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.955769] page_type: f5(slab) [ 20.956187] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.956264] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.956401] page dumped because: kasan: bad access detected [ 20.956451] [ 20.956482] Memory state around the buggy address: [ 20.956773] fff00000c4799700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.956859] fff00000c4799780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.956924] >fff00000c4799800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.956986] ^ [ 20.957087] fff00000c4799880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.957135] fff00000c4799900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.957210] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.047205] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 107.048626] Modules linked in: [ 107.049219] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT [ 107.050021] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.050830] Hardware name: linux,dummy-virt (DT) [ 107.051631] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 107.052299] pc : intlog10+0x38/0x48 [ 107.052849] lr : intlog10_test+0xe4/0x200 [ 107.053240] sp : ffff8000824f7c10 [ 107.053973] x29: ffff8000824f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 107.054890] x26: 1ffe000019822361 x25: 0000000000000000 x24: ffff8000824f7ce0 [ 107.055751] x23: ffff8000824f7d00 x22: 0000000000000000 x21: 1ffff0001049ef82 [ 107.056571] x20: ffffafe9e6435040 x19: ffff800080087990 x18: 00000000c1d247e5 [ 107.057414] x17: 00000000a2d112da x16: fff00000c096dc3c x15: 000000009d0d47a0 [ 107.057916] x14: 000000008fb81af0 x13: 1ffe00001b493a1d x12: ffff75fd3d439b71 [ 107.058723] x11: 1ffff5fd3d439b70 x10: ffff75fd3d439b70 x9 : ffffafe9e3a13704 [ 107.059417] x8 : ffffafe9ea1cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 107.059988] x5 : ffff70001049ef82 x4 : 1ffff00010010f3a x3 : 1ffff5fd3cc86a08 [ 107.060864] x2 : 1ffff5fd3cc86a08 x1 : 0000000000000003 x0 : 0000000000000000 [ 107.061589] Call trace: [ 107.062125] intlog10+0x38/0x48 (P) [ 107.062664] kunit_try_run_case+0x170/0x3f0 [ 107.063138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 107.063621] kthread+0x328/0x630 [ 107.064107] ret_from_fork+0x10/0x20 [ 107.064531] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 106.955283] WARNING: CPU: 1 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 106.959237] Modules linked in: [ 106.960332] CPU: 1 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.3-rc1 #1 PREEMPT [ 106.961249] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 106.961772] Hardware name: linux,dummy-virt (DT) [ 106.962449] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 106.962886] pc : intlog2+0xd8/0xf8 [ 106.963200] lr : intlog2_test+0xe4/0x200 [ 106.963478] sp : ffff800082467c10 [ 106.963792] x29: ffff800082467c90 x28: 0000000000000000 x27: 0000000000000000 [ 106.964713] x26: 1ffe000019833261 x25: 0000000000000000 x24: ffff800082467ce0 [ 106.965873] x23: ffff800082467d00 x22: 0000000000000000 x21: 1ffff0001048cf82 [ 106.966407] x20: ffffafe9e6434f40 x19: ffff800080087990 x18: 000000003aab2abc [ 106.967058] x17: 00000000ebdbacc7 x16: fff00000c096e03c x15: fff00000ff616b08 [ 106.967915] x14: 00000000f1f1f1f1 x13: 1ffe00001b48f61d x12: ffff75fd3d439b71 [ 106.968799] x11: 1ffff5fd3d439b70 x10: ffff75fd3d439b70 x9 : ffffafe9e3a13904 [ 106.969682] x8 : ffffafe9ea1cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 106.970511] x5 : ffff70001048cf82 x4 : 1ffff00010010f3a x3 : 1ffff5fd3cc869e8 [ 106.971262] x2 : 1ffff5fd3cc869e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 106.971790] Call trace: [ 106.972028] intlog2+0xd8/0xf8 (P) [ 106.972380] kunit_try_run_case+0x170/0x3f0 [ 106.972653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 106.974850] kthread+0x328/0x630 [ 106.975215] ret_from_fork+0x10/0x20 [ 106.975744] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 105.573589] Internal error: Oops: 0000000096000005 [#1] SMP [ 105.582256] Modules linked in: [ 105.583217] CPU: 1 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT [ 105.584287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 105.584647] Hardware name: linux,dummy-virt (DT) [ 105.585114] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 105.585580] pc : kunit_test_null_dereference+0x70/0x170 [ 105.586008] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 105.586332] sp : ffff800082107d30 [ 105.587343] x29: ffff800082107d90 x28: 0000000000000000 x27: 0000000000000000 [ 105.588868] x26: 1ffe000018e754a1 x25: 0000000000000000 x24: 0000000000000004 [ 105.589563] x23: fff00000c73aa50c x22: ffffafe9e3a00ce0 x21: fff00000c43ec288 [ 105.590156] x20: 1ffff00010420fa6 x19: ffff800080087990 x18: 00000000c311032f [ 105.590723] x17: 000000003cb63f76 x16: 0000000000000100 x15: 0000000023110f51 [ 105.591340] x14: 00000000a4463987 x13: 1ffe00001b4939e0 x12: fffd80001980c8b4 [ 105.591938] x11: 1ffe00001980c8b3 x10: fffd80001980c8b3 x9 : ffffafe9e39f8148 [ 105.592648] x8 : ffff800082107c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 105.593539] x5 : ffff700010420fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 105.594425] x2 : dfff800000000000 x1 : fff00000cc063cc0 x0 : ffff800080087990 [ 105.595356] Call trace: [ 105.595801] kunit_test_null_dereference+0x70/0x170 (P) [ 105.596414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 105.596836] kthread+0x328/0x630 [ 105.597179] ret_from_fork+0x10/0x20 [ 105.597984] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 105.598899] ---[ end trace 0000000000000000 ]---