Date
June 24, 2025, 12:47 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 27.950919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 27.733938] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 27.892612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 27.855454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 28.101419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 27.595231] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 27.552357] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 57.973910] ================================================================== [ 57.974022] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 57.974022] [ 57.974129] Use-after-free read at 0x000000004b7ca26e (in kfence-#190): [ 57.974195] test_krealloc+0x51c/0x830 [ 57.974252] kunit_try_run_case+0x170/0x3f0 [ 57.974313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.974371] kthread+0x328/0x630 [ 57.974462] ret_from_fork+0x10/0x20 [ 57.974517] [ 57.974546] kfence-#190: 0x000000004b7ca26e-0x0000000076ba313e, size=32, cache=kmalloc-32 [ 57.974546] [ 57.974615] allocated by task 339 on cpu 0 at 57.972939s (0.001672s ago): [ 57.974694] test_alloc+0x29c/0x628 [ 57.974746] test_krealloc+0xc0/0x830 [ 57.974793] kunit_try_run_case+0x170/0x3f0 [ 57.974844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.974901] kthread+0x328/0x630 [ 57.974951] ret_from_fork+0x10/0x20 [ 57.975003] [ 57.975031] freed by task 339 on cpu 0 at 57.973412s (0.001614s ago): [ 57.975104] krealloc_noprof+0x148/0x360 [ 57.975154] test_krealloc+0x1dc/0x830 [ 57.975202] kunit_try_run_case+0x170/0x3f0 [ 57.975252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.975311] kthread+0x328/0x630 [ 57.975361] ret_from_fork+0x10/0x20 [ 57.975431] [ 57.975484] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 57.975582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.975617] Hardware name: linux,dummy-virt (DT) [ 57.975659] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 57.812857] ================================================================== [ 57.812976] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 57.812976] [ 57.813097] Use-after-free read at 0x0000000071a7fb75 (in kfence-#188): [ 57.813161] test_memcache_typesafe_by_rcu+0x280/0x560 [ 57.813220] kunit_try_run_case+0x170/0x3f0 [ 57.813279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.813338] kthread+0x328/0x630 [ 57.813410] ret_from_fork+0x10/0x20 [ 57.813470] [ 57.813498] kfence-#188: 0x0000000071a7fb75-0x0000000062911616, size=32, cache=test [ 57.813498] [ 57.813561] allocated by task 337 on cpu 0 at 57.770012s (0.043544s ago): [ 57.813643] test_alloc+0x230/0x628 [ 57.813693] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 57.813743] kunit_try_run_case+0x170/0x3f0 [ 57.813795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.813850] kthread+0x328/0x630 [ 57.813897] ret_from_fork+0x10/0x20 [ 57.813951] [ 57.813979] freed by task 337 on cpu 0 at 57.770125s (0.043850s ago): [ 57.814047] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 57.814099] kunit_try_run_case+0x170/0x3f0 [ 57.814151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.814208] kthread+0x328/0x630 [ 57.814254] ret_from_fork+0x10/0x20 [ 57.814304] [ 57.814363] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 57.814476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.814515] Hardware name: linux,dummy-virt (DT) [ 57.814558] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 36.986611] ================================================================== [ 36.986822] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 36.986822] [ 36.987029] Invalid read at 0x000000005efe1114: [ 36.987336] test_invalid_access+0xdc/0x1f0 [ 36.987493] kunit_try_run_case+0x170/0x3f0 [ 36.987629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.987774] kthread+0x328/0x630 [ 36.987926] ret_from_fork+0x10/0x20 [ 36.988066] [ 36.988201] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 36.988775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.988954] Hardware name: linux,dummy-virt (DT) [ 36.989146] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 36.753169] ================================================================== [ 36.753266] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 36.753266] [ 36.753342] Corrupted memory at 0x000000006bc5f0f0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#184): [ 36.753730] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 36.753795] kunit_try_run_case+0x170/0x3f0 [ 36.753851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.753909] kthread+0x328/0x630 [ 36.753961] ret_from_fork+0x10/0x20 [ 36.754015] [ 36.754045] kfence-#184: 0x000000004fa7576b-0x00000000d68da643, size=73, cache=kmalloc-96 [ 36.754045] [ 36.754110] allocated by task 327 on cpu 1 at 36.752808s (0.001297s ago): [ 36.754185] test_alloc+0x29c/0x628 [ 36.754235] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 36.754287] kunit_try_run_case+0x170/0x3f0 [ 36.754342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.754416] kthread+0x328/0x630 [ 36.754468] ret_from_fork+0x10/0x20 [ 36.754520] [ 36.754548] freed by task 327 on cpu 1 at 36.753013s (0.001531s ago): [ 36.754623] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 36.754677] kunit_try_run_case+0x170/0x3f0 [ 36.754728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.754784] kthread+0x328/0x630 [ 36.754832] ret_from_fork+0x10/0x20 [ 36.754882] [ 36.754930] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 36.755029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.755066] Hardware name: linux,dummy-virt (DT) [ 36.755107] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 36.649164] ================================================================== [ 36.649243] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 36.649243] [ 36.649351] Out-of-bounds read at 0x000000007097966f (105B right of kfence-#183): [ 36.649457] test_kmalloc_aligned_oob_read+0x238/0x468 [ 36.649521] kunit_try_run_case+0x170/0x3f0 [ 36.649583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.649641] kthread+0x328/0x630 [ 36.649697] ret_from_fork+0x10/0x20 [ 36.649750] [ 36.649780] kfence-#183: 0x000000001df3060b-0x00000000ba9fac3c, size=73, cache=kmalloc-96 [ 36.649780] [ 36.649846] allocated by task 325 on cpu 1 at 36.648877s (0.000964s ago): [ 36.649931] test_alloc+0x29c/0x628 [ 36.649980] test_kmalloc_aligned_oob_read+0x100/0x468 [ 36.650033] kunit_try_run_case+0x170/0x3f0 [ 36.650085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.650142] kthread+0x328/0x630 [ 36.650191] ret_from_fork+0x10/0x20 [ 36.650242] [ 36.650294] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 36.650411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.650454] Hardware name: linux,dummy-virt (DT) [ 36.650495] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 31.738685] ================================================================== [ 31.739400] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 31.739400] [ 31.739840] Corrupted memory at 0x000000000dd203dc [ ! ] (in kfence-#136): [ 31.741480] test_corruption+0x284/0x378 [ 31.741905] kunit_try_run_case+0x170/0x3f0 [ 31.742789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.742983] kthread+0x328/0x630 [ 31.743091] ret_from_fork+0x10/0x20 [ 31.743254] [ 31.743368] kfence-#136: 0x0000000024e3674a-0x000000007bd5e26b, size=32, cache=kmalloc-32 [ 31.743368] [ 31.743539] allocated by task 313 on cpu 1 at 31.737353s (0.006167s ago): [ 31.743762] test_alloc+0x29c/0x628 [ 31.744042] test_corruption+0x198/0x378 [ 31.744151] kunit_try_run_case+0x170/0x3f0 [ 31.744252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.744367] kthread+0x328/0x630 [ 31.744503] ret_from_fork+0x10/0x20 [ 31.744624] [ 31.744825] freed by task 313 on cpu 1 at 31.738373s (0.006306s ago): [ 31.745487] test_corruption+0x284/0x378 [ 31.745920] kunit_try_run_case+0x170/0x3f0 [ 31.746272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.746413] kthread+0x328/0x630 [ 31.746578] ret_from_fork+0x10/0x20 [ 31.746675] [ 31.746762] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.747019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.747207] Hardware name: linux,dummy-virt (DT) [ 31.747293] ================================================================== [ 31.411417] ================================================================== [ 31.412013] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 31.412013] [ 31.412928] Corrupted memory at 0x0000000019eba481 [ ! . . . . . . . . . . . . . . . ] (in kfence-#133): [ 31.418748] test_corruption+0x278/0x378 [ 31.418892] kunit_try_run_case+0x170/0x3f0 [ 31.419321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.419474] kthread+0x328/0x630 [ 31.420225] ret_from_fork+0x10/0x20 [ 31.420406] [ 31.420504] kfence-#133: 0x000000007b2fad72-0x00000000e19224b4, size=32, cache=kmalloc-32 [ 31.420504] [ 31.420783] allocated by task 313 on cpu 1 at 31.409778s (0.010982s ago): [ 31.421096] test_alloc+0x29c/0x628 [ 31.421362] test_corruption+0xdc/0x378 [ 31.422208] kunit_try_run_case+0x170/0x3f0 [ 31.422959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.423443] kthread+0x328/0x630 [ 31.423681] ret_from_fork+0x10/0x20 [ 31.423811] [ 31.423875] freed by task 313 on cpu 1 at 31.410402s (0.013464s ago): [ 31.424788] test_corruption+0x278/0x378 [ 31.425533] kunit_try_run_case+0x170/0x3f0 [ 31.426905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.427031] kthread+0x328/0x630 [ 31.427157] ret_from_fork+0x10/0x20 [ 31.427296] [ 31.427417] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.427718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.427930] Hardware name: linux,dummy-virt (DT) [ 31.428021] ================================================================== [ 31.953933] ================================================================== [ 31.954129] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 31.954129] [ 31.954264] Corrupted memory at 0x000000008c326a35 [ ! . . . . . . . . . . . . . . . ] (in kfence-#138): [ 31.955194] test_corruption+0x120/0x378 [ 31.955373] kunit_try_run_case+0x170/0x3f0 [ 31.955612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.955833] kthread+0x328/0x630 [ 31.956053] ret_from_fork+0x10/0x20 [ 31.956253] [ 31.956314] kfence-#138: 0x000000002585f37a-0x00000000c9e26ec5, size=32, cache=test [ 31.956314] [ 31.956478] allocated by task 315 on cpu 1 at 31.953645s (0.002824s ago): [ 31.956655] test_alloc+0x230/0x628 [ 31.956779] test_corruption+0xdc/0x378 [ 31.956978] kunit_try_run_case+0x170/0x3f0 [ 31.957216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.957463] kthread+0x328/0x630 [ 31.957605] ret_from_fork+0x10/0x20 [ 31.957708] [ 31.957785] freed by task 315 on cpu 1 at 31.953766s (0.003995s ago): [ 31.958042] test_corruption+0x120/0x378 [ 31.958159] kunit_try_run_case+0x170/0x3f0 [ 31.958269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.958558] kthread+0x328/0x630 [ 31.958671] ret_from_fork+0x10/0x20 [ 31.958968] [ 31.959150] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.959495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.959569] Hardware name: linux,dummy-virt (DT) [ 31.959713] ================================================================== [ 32.058558] ================================================================== [ 32.058690] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 32.058690] [ 32.058811] Corrupted memory at 0x00000000afc655be [ ! ] (in kfence-#139): [ 32.059048] test_corruption+0x1d8/0x378 [ 32.059151] kunit_try_run_case+0x170/0x3f0 [ 32.059258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.059371] kthread+0x328/0x630 [ 32.059508] ret_from_fork+0x10/0x20 [ 32.059672] [ 32.060254] kfence-#139: 0x0000000037652066-0x000000006a0491b6, size=32, cache=test [ 32.060254] [ 32.060407] allocated by task 315 on cpu 1 at 32.058306s (0.002092s ago): [ 32.060571] test_alloc+0x230/0x628 [ 32.060668] test_corruption+0x198/0x378 [ 32.060761] kunit_try_run_case+0x170/0x3f0 [ 32.060985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.061110] kthread+0x328/0x630 [ 32.061470] ret_from_fork+0x10/0x20 [ 32.061624] [ 32.061718] freed by task 315 on cpu 1 at 32.058422s (0.003286s ago): [ 32.061945] test_corruption+0x1d8/0x378 [ 32.062163] kunit_try_run_case+0x170/0x3f0 [ 32.063094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.063646] kthread+0x328/0x630 [ 32.064051] ret_from_fork+0x10/0x20 [ 32.064324] [ 32.064453] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 32.064915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.065093] Hardware name: linux,dummy-virt (DT) [ 32.065238] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 31.193982] ================================================================== [ 31.194119] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 31.194119] [ 31.194243] Invalid free of 0x0000000094300254 (in kfence-#131): [ 31.194365] test_invalid_addr_free+0x1ac/0x238 [ 31.194498] kunit_try_run_case+0x170/0x3f0 [ 31.194605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.194710] kthread+0x328/0x630 [ 31.194816] ret_from_fork+0x10/0x20 [ 31.194915] [ 31.194969] kfence-#131: 0x000000007d9c16b7-0x000000000243442a, size=32, cache=kmalloc-32 [ 31.194969] [ 31.195098] allocated by task 309 on cpu 1 at 31.193681s (0.001409s ago): [ 31.195255] test_alloc+0x29c/0x628 [ 31.195449] test_invalid_addr_free+0xd4/0x238 [ 31.195564] kunit_try_run_case+0x170/0x3f0 [ 31.195689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.195871] kthread+0x328/0x630 [ 31.195997] ret_from_fork+0x10/0x20 [ 31.196108] [ 31.196244] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.196619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.196704] Hardware name: linux,dummy-virt (DT) [ 31.196789] ================================================================== [ 31.301587] ================================================================== [ 31.301728] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 31.301728] [ 31.301850] Invalid free of 0x0000000006ad0a83 (in kfence-#132): [ 31.301960] test_invalid_addr_free+0xec/0x238 [ 31.302068] kunit_try_run_case+0x170/0x3f0 [ 31.302172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.302286] kthread+0x328/0x630 [ 31.303163] ret_from_fork+0x10/0x20 [ 31.303317] [ 31.303401] kfence-#132: 0x0000000012e76533-0x0000000082ce78d4, size=32, cache=test [ 31.303401] [ 31.304248] allocated by task 311 on cpu 1 at 31.301371s (0.002164s ago): [ 31.304601] test_alloc+0x230/0x628 [ 31.305279] test_invalid_addr_free+0xd4/0x238 [ 31.305796] kunit_try_run_case+0x170/0x3f0 [ 31.305905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.306067] kthread+0x328/0x630 [ 31.306184] ret_from_fork+0x10/0x20 [ 31.306309] [ 31.306427] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.306875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.307102] Hardware name: linux,dummy-virt (DT) [ 31.307222] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 30.982804] ================================================================== [ 30.982978] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 30.982978] [ 30.983124] Invalid free of 0x00000000f0d86391 (in kfence-#129): [ 30.983268] test_double_free+0x1bc/0x238 [ 30.983399] kunit_try_run_case+0x170/0x3f0 [ 30.983516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.983621] kthread+0x328/0x630 [ 30.983723] ret_from_fork+0x10/0x20 [ 30.983821] [ 30.983879] kfence-#129: 0x00000000f0d86391-0x00000000f4efd677, size=32, cache=kmalloc-32 [ 30.983879] [ 30.984005] allocated by task 305 on cpu 1 at 30.982144s (0.001852s ago): [ 30.984172] test_alloc+0x29c/0x628 [ 30.984355] test_double_free+0xd4/0x238 [ 30.984550] kunit_try_run_case+0x170/0x3f0 [ 30.984679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.984807] kthread+0x328/0x630 [ 30.984912] ret_from_fork+0x10/0x20 [ 30.985022] [ 30.985089] freed by task 305 on cpu 1 at 30.982428s (0.002652s ago): [ 30.985531] test_double_free+0x1ac/0x238 [ 30.985721] kunit_try_run_case+0x170/0x3f0 [ 30.986051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.986230] kthread+0x328/0x630 [ 30.986336] ret_from_fork+0x10/0x20 [ 30.986641] [ 30.986857] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 30.987340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.987440] Hardware name: linux,dummy-virt (DT) [ 30.987539] ================================================================== [ 31.086092] ================================================================== [ 31.086202] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 31.086202] [ 31.086872] Invalid free of 0x00000000238c1879 (in kfence-#130): [ 31.087037] test_double_free+0x100/0x238 [ 31.087151] kunit_try_run_case+0x170/0x3f0 [ 31.087256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.087360] kthread+0x328/0x630 [ 31.088107] ret_from_fork+0x10/0x20 [ 31.088327] [ 31.088419] kfence-#130: 0x00000000238c1879-0x00000000b1fb4779, size=32, cache=test [ 31.088419] [ 31.088575] allocated by task 307 on cpu 1 at 31.085651s (0.002915s ago): [ 31.089141] test_alloc+0x230/0x628 [ 31.089271] test_double_free+0xd4/0x238 [ 31.089400] kunit_try_run_case+0x170/0x3f0 [ 31.090256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.090417] kthread+0x328/0x630 [ 31.090655] ret_from_fork+0x10/0x20 [ 31.091211] [ 31.091274] freed by task 307 on cpu 1 at 31.085800s (0.005465s ago): [ 31.091629] test_double_free+0xf0/0x238 [ 31.092171] kunit_try_run_case+0x170/0x3f0 [ 31.092291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.092443] kthread+0x328/0x630 [ 31.092913] ret_from_fork+0x10/0x20 [ 31.093099] [ 31.093304] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 31.093525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.093602] Hardware name: linux,dummy-virt (DT) [ 31.094971] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 30.457781] ================================================================== [ 30.458439] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 30.458439] [ 30.458617] Use-after-free read at 0x000000005daa90f8 (in kfence-#124): [ 30.458680] test_use_after_free_read+0x114/0x248 [ 30.458778] kunit_try_run_case+0x170/0x3f0 [ 30.458904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.459147] kthread+0x328/0x630 [ 30.459424] ret_from_fork+0x10/0x20 [ 30.460068] [ 30.460165] kfence-#124: 0x000000005daa90f8-0x00000000926a8755, size=32, cache=kmalloc-32 [ 30.460165] [ 30.460349] allocated by task 297 on cpu 1 at 30.457033s (0.003303s ago): [ 30.461013] test_alloc+0x29c/0x628 [ 30.461116] test_use_after_free_read+0xd0/0x248 [ 30.461659] kunit_try_run_case+0x170/0x3f0 [ 30.461858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.462414] kthread+0x328/0x630 [ 30.462517] ret_from_fork+0x10/0x20 [ 30.462960] [ 30.463017] freed by task 297 on cpu 1 at 30.457151s (0.005858s ago): [ 30.463600] test_use_after_free_read+0x1c0/0x248 [ 30.464322] kunit_try_run_case+0x170/0x3f0 [ 30.464494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.464656] kthread+0x328/0x630 [ 30.465020] ret_from_fork+0x10/0x20 [ 30.465427] [ 30.465764] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 30.466076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.466647] Hardware name: linux,dummy-virt (DT) [ 30.466779] ================================================================== [ 30.558224] ================================================================== [ 30.558555] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 30.558555] [ 30.558919] Use-after-free read at 0x0000000084f26998 (in kfence-#125): [ 30.559171] test_use_after_free_read+0x114/0x248 [ 30.559289] kunit_try_run_case+0x170/0x3f0 [ 30.559416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.559531] kthread+0x328/0x630 [ 30.559639] ret_from_fork+0x10/0x20 [ 30.559736] [ 30.559792] kfence-#125: 0x0000000084f26998-0x000000002ac581e2, size=32, cache=test [ 30.559792] [ 30.559921] allocated by task 299 on cpu 1 at 30.557587s (0.002315s ago): [ 30.560127] test_alloc+0x230/0x628 [ 30.560280] test_use_after_free_read+0xd0/0x248 [ 30.560425] kunit_try_run_case+0x170/0x3f0 [ 30.560920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.561527] kthread+0x328/0x630 [ 30.561722] ret_from_fork+0x10/0x20 [ 30.561842] [ 30.561901] freed by task 299 on cpu 1 at 30.557676s (0.004217s ago): [ 30.562824] test_use_after_free_read+0xf0/0x248 [ 30.563023] kunit_try_run_case+0x170/0x3f0 [ 30.563161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.563284] kthread+0x328/0x630 [ 30.563780] ret_from_fork+0x10/0x20 [ 30.563990] [ 30.564172] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 30.564584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.564681] Hardware name: linux,dummy-virt (DT) [ 30.564767] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 30.352747] ================================================================== [ 30.353169] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 30.353169] [ 30.353530] Out-of-bounds write at 0x0000000080ac6ea0 (1B left of kfence-#123): [ 30.353660] test_out_of_bounds_write+0x100/0x240 [ 30.353768] kunit_try_run_case+0x170/0x3f0 [ 30.355422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.355572] kthread+0x328/0x630 [ 30.355683] ret_from_fork+0x10/0x20 [ 30.355740] [ 30.355770] kfence-#123: 0x000000007130df1a-0x000000004259527e, size=32, cache=test [ 30.355770] [ 30.355876] allocated by task 295 on cpu 1 at 30.352283s (0.003583s ago): [ 30.356047] test_alloc+0x230/0x628 [ 30.356266] test_out_of_bounds_write+0xc8/0x240 [ 30.356717] kunit_try_run_case+0x170/0x3f0 [ 30.356890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.357008] kthread+0x328/0x630 [ 30.357118] ret_from_fork+0x10/0x20 [ 30.357591] [ 30.357705] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 30.358350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.358465] Hardware name: linux,dummy-virt (DT) [ 30.358952] ================================================================== [ 30.245775] ================================================================== [ 30.246333] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 30.246333] [ 30.246847] Out-of-bounds write at 0x0000000088e5dc6c (1B left of kfence-#122): [ 30.247200] test_out_of_bounds_write+0x100/0x240 [ 30.247452] kunit_try_run_case+0x170/0x3f0 [ 30.247677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.247995] kthread+0x328/0x630 [ 30.248408] ret_from_fork+0x10/0x20 [ 30.248853] [ 30.250023] kfence-#122: 0x0000000015eec71f-0x00000000dc769305, size=32, cache=kmalloc-32 [ 30.250023] [ 30.250238] allocated by task 293 on cpu 1 at 30.245477s (0.004749s ago): [ 30.250560] test_alloc+0x29c/0x628 [ 30.250681] test_out_of_bounds_write+0xc8/0x240 [ 30.250869] kunit_try_run_case+0x170/0x3f0 [ 30.251334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.252038] kthread+0x328/0x630 [ 30.252540] ret_from_fork+0x10/0x20 [ 30.252690] [ 30.252791] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 30.253338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.253694] Hardware name: linux,dummy-virt (DT) [ 30.254095] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 29.826000] ================================================================== [ 29.826138] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 29.826138] [ 29.826309] Out-of-bounds read at 0x000000002c9efc27 (1B left of kfence-#118): [ 29.826457] test_out_of_bounds_read+0x114/0x3e0 [ 29.826566] kunit_try_run_case+0x170/0x3f0 [ 29.826679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.826783] kthread+0x328/0x630 [ 29.827477] ret_from_fork+0x10/0x20 [ 29.827612] [ 29.827753] kfence-#118: 0x00000000ae692be5-0x0000000076fe19a1, size=32, cache=test [ 29.827753] [ 29.827892] allocated by task 291 on cpu 1 at 29.825854s (0.002029s ago): [ 29.828329] test_alloc+0x230/0x628 [ 29.828633] test_out_of_bounds_read+0xdc/0x3e0 [ 29.828749] kunit_try_run_case+0x170/0x3f0 [ 29.829040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.829601] kthread+0x328/0x630 [ 29.829709] ret_from_fork+0x10/0x20 [ 29.829813] [ 29.829907] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.830099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.830638] Hardware name: linux,dummy-virt (DT) [ 29.830737] ================================================================== [ 29.723084] ================================================================== [ 29.723505] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 29.723505] [ 29.723716] Out-of-bounds read at 0x0000000045db1a71 (32B right of kfence-#117): [ 29.724313] test_out_of_bounds_read+0x1c8/0x3e0 [ 29.724621] kunit_try_run_case+0x170/0x3f0 [ 29.725172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.725319] kthread+0x328/0x630 [ 29.725460] ret_from_fork+0x10/0x20 [ 29.726354] [ 29.726870] kfence-#117: 0x00000000f13a9a0e-0x00000000f1379710, size=32, cache=kmalloc-32 [ 29.726870] [ 29.727397] allocated by task 289 on cpu 1 at 29.722005s (0.005369s ago): [ 29.728031] test_alloc+0x29c/0x628 [ 29.728307] test_out_of_bounds_read+0x198/0x3e0 [ 29.728458] kunit_try_run_case+0x170/0x3f0 [ 29.729148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.729481] kthread+0x328/0x630 [ 29.729815] ret_from_fork+0x10/0x20 [ 29.729922] [ 29.730015] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.730203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.730276] Hardware name: linux,dummy-virt (DT) [ 29.731447] ================================================================== [ 29.931247] ================================================================== [ 29.931640] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 29.931640] [ 29.932139] Out-of-bounds read at 0x000000000f6458c2 (32B right of kfence-#119): [ 29.932285] test_out_of_bounds_read+0x1c8/0x3e0 [ 29.932482] kunit_try_run_case+0x170/0x3f0 [ 29.932610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.932841] kthread+0x328/0x630 [ 29.932965] ret_from_fork+0x10/0x20 [ 29.933094] [ 29.933155] kfence-#119: 0x0000000096529723-0x000000006f6682a5, size=32, cache=test [ 29.933155] [ 29.933282] allocated by task 291 on cpu 1 at 29.931044s (0.002228s ago): [ 29.933524] test_alloc+0x230/0x628 [ 29.933694] test_out_of_bounds_read+0x198/0x3e0 [ 29.933805] kunit_try_run_case+0x170/0x3f0 [ 29.933912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.934032] kthread+0x328/0x630 [ 29.934132] ret_from_fork+0x10/0x20 [ 29.934391] [ 29.934485] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.934839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.934919] Hardware name: linux,dummy-virt (DT) [ 29.935012] ================================================================== [ 29.618327] ================================================================== [ 29.618565] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 29.618565] [ 29.619035] Out-of-bounds read at 0x000000007c696316 (1B left of kfence-#116): [ 29.619443] test_out_of_bounds_read+0x114/0x3e0 [ 29.619632] kunit_try_run_case+0x170/0x3f0 [ 29.619768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.620128] kthread+0x328/0x630 [ 29.620397] ret_from_fork+0x10/0x20 [ 29.620616] [ 29.620686] kfence-#116: 0x000000007bec829e-0x00000000b7aa1386, size=32, cache=kmalloc-32 [ 29.620686] [ 29.620820] allocated by task 289 on cpu 1 at 29.617548s (0.003263s ago): [ 29.620979] test_alloc+0x29c/0x628 [ 29.621126] test_out_of_bounds_read+0xdc/0x3e0 [ 29.621289] kunit_try_run_case+0x170/0x3f0 [ 29.621416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.621549] kthread+0x328/0x630 [ 29.621656] ret_from_fork+0x10/0x20 [ 29.621988] [ 29.622146] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.622484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.622623] Hardware name: linux,dummy-virt (DT) [ 29.622755] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmalloc_uaf2
[ 24.142088] ================================================================== [ 24.142318] BUG: KFENCE: use-after-free read in kmalloc_uaf2+0x1dc/0x468 [ 24.142318] [ 24.142561] Use-after-free read at 0x0000000085ca8120 (in kfence-#81): [ 24.143506] kmalloc_uaf2+0x1dc/0x468 [ 24.143636] kunit_try_run_case+0x170/0x3f0 [ 24.143910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.144047] kthread+0x328/0x630 [ 24.144198] ret_from_fork+0x10/0x20 [ 24.144373] [ 24.144781] kfence-#81: 0x00000000872f2b7d-0x0000000033f75e13, size=43, cache=kmalloc-64 [ 24.144781] [ 24.145467] allocated by task 190 on cpu 0 at 24.138743s (0.006598s ago): [ 24.146896] kmalloc_uaf2+0xc4/0x468 [ 24.148303] kunit_try_run_case+0x170/0x3f0 [ 24.148606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.148731] kthread+0x328/0x630 [ 24.148833] ret_from_fork+0x10/0x20 [ 24.149027] [ 24.149264] freed by task 190 on cpu 0 at 24.138875s (0.010249s ago): [ 24.149727] kmalloc_uaf2+0x134/0x468 [ 24.149829] kunit_try_run_case+0x170/0x3f0 [ 24.149934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.150051] kthread+0x328/0x630 [ 24.150140] ret_from_fork+0x10/0x20 [ 24.150311] [ 24.150484] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.150719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.150798] Hardware name: linux,dummy-virt (DT) [ 24.150898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 29.029790] ================================================================== [ 29.029894] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 29.030000] Write of size 1 at addr fff00000c5a7bb78 by task kunit_try_catch/287 [ 29.030121] [ 29.030191] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.030414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.030639] Hardware name: linux,dummy-virt (DT) [ 29.030862] Call trace: [ 29.031033] show_stack+0x20/0x38 (C) [ 29.031160] dump_stack_lvl+0x8c/0xd0 [ 29.031281] print_report+0x118/0x608 [ 29.031411] kasan_report+0xdc/0x128 [ 29.031535] __asan_report_store1_noabort+0x20/0x30 [ 29.031687] strncpy_from_user+0x270/0x2a0 [ 29.031933] copy_user_test_oob+0x5c0/0xec8 [ 29.032083] kunit_try_run_case+0x170/0x3f0 [ 29.032338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.032631] kthread+0x328/0x630 [ 29.032770] ret_from_fork+0x10/0x20 [ 29.032892] [ 29.033330] Allocated by task 287: [ 29.033441] kasan_save_stack+0x3c/0x68 [ 29.033555] kasan_save_track+0x20/0x40 [ 29.034599] kasan_save_alloc_info+0x40/0x58 [ 29.035090] __kasan_kmalloc+0xd4/0xd8 [ 29.035339] __kmalloc_noprof+0x198/0x4c8 [ 29.035908] kunit_kmalloc_array+0x34/0x88 [ 29.036620] copy_user_test_oob+0xac/0xec8 [ 29.036891] kunit_try_run_case+0x170/0x3f0 [ 29.037000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.037115] kthread+0x328/0x630 [ 29.037206] ret_from_fork+0x10/0x20 [ 29.037306] [ 29.037365] The buggy address belongs to the object at fff00000c5a7bb00 [ 29.037365] which belongs to the cache kmalloc-128 of size 128 [ 29.037680] The buggy address is located 0 bytes to the right of [ 29.037680] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 29.038456] [ 29.038514] The buggy address belongs to the physical page: [ 29.038599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 29.038746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.039464] page_type: f5(slab) [ 29.039560] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.039833] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.040123] page dumped because: kasan: bad access detected [ 29.040210] [ 29.040268] Memory state around the buggy address: [ 29.040487] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.040779] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.040894] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.040997] ^ [ 29.041237] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.041407] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.041514] ================================================================== [ 29.016222] ================================================================== [ 29.016332] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 29.016509] Write of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 29.016767] [ 29.016898] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.017126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.017208] Hardware name: linux,dummy-virt (DT) [ 29.017289] Call trace: [ 29.017373] show_stack+0x20/0x38 (C) [ 29.017605] dump_stack_lvl+0x8c/0xd0 [ 29.017752] print_report+0x118/0x608 [ 29.017880] kasan_report+0xdc/0x128 [ 29.018079] kasan_check_range+0x100/0x1a8 [ 29.018215] __kasan_check_write+0x20/0x30 [ 29.018400] strncpy_from_user+0x3c/0x2a0 [ 29.018529] copy_user_test_oob+0x5c0/0xec8 [ 29.018778] kunit_try_run_case+0x170/0x3f0 [ 29.018938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.019214] kthread+0x328/0x630 [ 29.019418] ret_from_fork+0x10/0x20 [ 29.019555] [ 29.019605] Allocated by task 287: [ 29.019695] kasan_save_stack+0x3c/0x68 [ 29.020169] kasan_save_track+0x20/0x40 [ 29.020306] kasan_save_alloc_info+0x40/0x58 [ 29.021010] __kasan_kmalloc+0xd4/0xd8 [ 29.021119] __kmalloc_noprof+0x198/0x4c8 [ 29.021228] kunit_kmalloc_array+0x34/0x88 [ 29.021335] copy_user_test_oob+0xac/0xec8 [ 29.021455] kunit_try_run_case+0x170/0x3f0 [ 29.023019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.023686] kthread+0x328/0x630 [ 29.023981] ret_from_fork+0x10/0x20 [ 29.024576] [ 29.024637] The buggy address belongs to the object at fff00000c5a7bb00 [ 29.024637] which belongs to the cache kmalloc-128 of size 128 [ 29.024785] The buggy address is located 0 bytes inside of [ 29.024785] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 29.024950] [ 29.025003] The buggy address belongs to the physical page: [ 29.026023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 29.026179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.026318] page_type: f5(slab) [ 29.026439] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.026710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.027039] page dumped because: kasan: bad access detected [ 29.027201] [ 29.027281] Memory state around the buggy address: [ 29.027367] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.027536] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.027670] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.027787] ^ [ 29.028058] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.028485] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.028608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 28.956158] ================================================================== [ 28.956466] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 28.957220] Write of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 28.957588] [ 28.957679] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.957897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.958518] Hardware name: linux,dummy-virt (DT) [ 28.958617] Call trace: [ 28.958966] show_stack+0x20/0x38 (C) [ 28.959748] dump_stack_lvl+0x8c/0xd0 [ 28.960002] print_report+0x118/0x608 [ 28.960462] kasan_report+0xdc/0x128 [ 28.960588] kasan_check_range+0x100/0x1a8 [ 28.960709] __kasan_check_write+0x20/0x30 [ 28.960825] copy_user_test_oob+0x35c/0xec8 [ 28.961791] kunit_try_run_case+0x170/0x3f0 [ 28.962399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.962859] kthread+0x328/0x630 [ 28.963600] ret_from_fork+0x10/0x20 [ 28.964067] [ 28.964124] Allocated by task 287: [ 28.964206] kasan_save_stack+0x3c/0x68 [ 28.965211] kasan_save_track+0x20/0x40 [ 28.965321] kasan_save_alloc_info+0x40/0x58 [ 28.965548] __kasan_kmalloc+0xd4/0xd8 [ 28.965781] __kmalloc_noprof+0x198/0x4c8 [ 28.966371] kunit_kmalloc_array+0x34/0x88 [ 28.966760] copy_user_test_oob+0xac/0xec8 [ 28.967187] kunit_try_run_case+0x170/0x3f0 [ 28.967300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.968060] kthread+0x328/0x630 [ 28.968579] ret_from_fork+0x10/0x20 [ 28.968939] [ 28.968999] The buggy address belongs to the object at fff00000c5a7bb00 [ 28.968999] which belongs to the cache kmalloc-128 of size 128 [ 28.969142] The buggy address is located 0 bytes inside of [ 28.969142] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 28.969306] [ 28.969361] The buggy address belongs to the physical page: [ 28.970671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.971132] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.971734] page_type: f5(slab) [ 28.972027] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.972173] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.972876] page dumped because: kasan: bad access detected [ 28.973296] [ 28.973567] Memory state around the buggy address: [ 28.974423] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.975007] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.975375] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.975804] ^ [ 28.975964] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.976083] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.976198] ================================================================== [ 28.991943] ================================================================== [ 28.992232] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 28.992370] Write of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 28.992615] [ 28.992694] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.993336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.993518] Hardware name: linux,dummy-virt (DT) [ 28.993635] Call trace: [ 28.993748] show_stack+0x20/0x38 (C) [ 28.994270] dump_stack_lvl+0x8c/0xd0 [ 28.994495] print_report+0x118/0x608 [ 28.994981] kasan_report+0xdc/0x128 [ 28.995516] kasan_check_range+0x100/0x1a8 [ 28.995976] __kasan_check_write+0x20/0x30 [ 28.996675] copy_user_test_oob+0x434/0xec8 [ 28.997096] kunit_try_run_case+0x170/0x3f0 [ 28.997236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.998863] kthread+0x328/0x630 [ 28.999218] ret_from_fork+0x10/0x20 [ 28.999917] [ 29.000105] Allocated by task 287: [ 29.000331] kasan_save_stack+0x3c/0x68 [ 29.000480] kasan_save_track+0x20/0x40 [ 29.000794] kasan_save_alloc_info+0x40/0x58 [ 29.001077] __kasan_kmalloc+0xd4/0xd8 [ 29.001273] __kmalloc_noprof+0x198/0x4c8 [ 29.001709] kunit_kmalloc_array+0x34/0x88 [ 29.002158] copy_user_test_oob+0xac/0xec8 [ 29.002289] kunit_try_run_case+0x170/0x3f0 [ 29.002589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.002732] kthread+0x328/0x630 [ 29.002828] ret_from_fork+0x10/0x20 [ 29.003020] [ 29.003080] The buggy address belongs to the object at fff00000c5a7bb00 [ 29.003080] which belongs to the cache kmalloc-128 of size 128 [ 29.003358] The buggy address is located 0 bytes inside of [ 29.003358] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 29.003532] [ 29.003582] The buggy address belongs to the physical page: [ 29.003655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 29.003778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.003898] page_type: f5(slab) [ 29.004118] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.004266] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.004478] page dumped because: kasan: bad access detected [ 29.004608] [ 29.004669] Memory state around the buggy address: [ 29.004764] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.004927] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.005050] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.005201] ^ [ 29.005326] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.005479] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.005590] ================================================================== [ 29.006655] ================================================================== [ 29.006805] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 29.007016] Read of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 29.007391] [ 29.007465] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 29.007695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.007778] Hardware name: linux,dummy-virt (DT) [ 29.007912] Call trace: [ 29.007976] show_stack+0x20/0x38 (C) [ 29.008172] dump_stack_lvl+0x8c/0xd0 [ 29.008327] print_report+0x118/0x608 [ 29.008478] kasan_report+0xdc/0x128 [ 29.008657] kasan_check_range+0x100/0x1a8 [ 29.008912] __kasan_check_read+0x20/0x30 [ 29.009171] copy_user_test_oob+0x4a0/0xec8 [ 29.009302] kunit_try_run_case+0x170/0x3f0 [ 29.009461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.010100] kthread+0x328/0x630 [ 29.010174] ret_from_fork+0x10/0x20 [ 29.010278] [ 29.010361] Allocated by task 287: [ 29.010492] kasan_save_stack+0x3c/0x68 [ 29.010627] kasan_save_track+0x20/0x40 [ 29.010721] kasan_save_alloc_info+0x40/0x58 [ 29.010830] __kasan_kmalloc+0xd4/0xd8 [ 29.011065] __kmalloc_noprof+0x198/0x4c8 [ 29.011232] kunit_kmalloc_array+0x34/0x88 [ 29.011364] copy_user_test_oob+0xac/0xec8 [ 29.011543] kunit_try_run_case+0x170/0x3f0 [ 29.011819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.012050] kthread+0x328/0x630 [ 29.012171] ret_from_fork+0x10/0x20 [ 29.012283] [ 29.012349] The buggy address belongs to the object at fff00000c5a7bb00 [ 29.012349] which belongs to the cache kmalloc-128 of size 128 [ 29.012533] The buggy address is located 0 bytes inside of [ 29.012533] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 29.012740] [ 29.012809] The buggy address belongs to the physical page: [ 29.012902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 29.013026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.013166] page_type: f5(slab) [ 29.013327] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.013488] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.013600] page dumped because: kasan: bad access detected [ 29.013874] [ 29.013936] Memory state around the buggy address: [ 29.014021] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.014156] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.014269] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.014514] ^ [ 29.014715] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.014881] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.015165] ================================================================== [ 28.978465] ================================================================== [ 28.978760] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 28.979015] Read of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 28.979172] [ 28.979393] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.979634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.979715] Hardware name: linux,dummy-virt (DT) [ 28.979810] Call trace: [ 28.979880] show_stack+0x20/0x38 (C) [ 28.980163] dump_stack_lvl+0x8c/0xd0 [ 28.980439] print_report+0x118/0x608 [ 28.980745] kasan_report+0xdc/0x128 [ 28.980941] kasan_check_range+0x100/0x1a8 [ 28.981116] __kasan_check_read+0x20/0x30 [ 28.981393] copy_user_test_oob+0x3c8/0xec8 [ 28.981592] kunit_try_run_case+0x170/0x3f0 [ 28.981773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.981920] kthread+0x328/0x630 [ 28.982069] ret_from_fork+0x10/0x20 [ 28.982189] [ 28.982237] Allocated by task 287: [ 28.982399] kasan_save_stack+0x3c/0x68 [ 28.982614] kasan_save_track+0x20/0x40 [ 28.982846] kasan_save_alloc_info+0x40/0x58 [ 28.983071] __kasan_kmalloc+0xd4/0xd8 [ 28.983296] __kmalloc_noprof+0x198/0x4c8 [ 28.983433] kunit_kmalloc_array+0x34/0x88 [ 28.983597] copy_user_test_oob+0xac/0xec8 [ 28.983721] kunit_try_run_case+0x170/0x3f0 [ 28.984017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.984229] kthread+0x328/0x630 [ 28.984435] ret_from_fork+0x10/0x20 [ 28.984590] [ 28.984660] The buggy address belongs to the object at fff00000c5a7bb00 [ 28.984660] which belongs to the cache kmalloc-128 of size 128 [ 28.984892] The buggy address is located 0 bytes inside of [ 28.984892] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 28.985061] [ 28.985114] The buggy address belongs to the physical page: [ 28.985226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.985357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.985492] page_type: f5(slab) [ 28.985588] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.985716] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.985859] page dumped because: kasan: bad access detected [ 28.986084] [ 28.986134] Memory state around the buggy address: [ 28.986212] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.986326] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.986462] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.986621] ^ [ 28.986732] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.986877] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.987042] ================================================================== [ 28.918077] ================================================================== [ 28.918193] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 28.918493] Read of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 28.918676] [ 28.918752] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.919869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.919962] Hardware name: linux,dummy-virt (DT) [ 28.920088] Call trace: [ 28.920456] show_stack+0x20/0x38 (C) [ 28.921457] dump_stack_lvl+0x8c/0xd0 [ 28.922330] print_report+0x118/0x608 [ 28.922481] kasan_report+0xdc/0x128 [ 28.922593] kasan_check_range+0x100/0x1a8 [ 28.922717] __kasan_check_read+0x20/0x30 [ 28.924217] copy_user_test_oob+0x728/0xec8 [ 28.925187] kunit_try_run_case+0x170/0x3f0 [ 28.925326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.925933] kthread+0x328/0x630 [ 28.926567] ret_from_fork+0x10/0x20 [ 28.926957] [ 28.927156] Allocated by task 287: [ 28.927627] kasan_save_stack+0x3c/0x68 [ 28.928410] kasan_save_track+0x20/0x40 [ 28.928678] kasan_save_alloc_info+0x40/0x58 [ 28.928785] __kasan_kmalloc+0xd4/0xd8 [ 28.928878] __kmalloc_noprof+0x198/0x4c8 [ 28.928983] kunit_kmalloc_array+0x34/0x88 [ 28.929095] copy_user_test_oob+0xac/0xec8 [ 28.930412] kunit_try_run_case+0x170/0x3f0 [ 28.930941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.932162] kthread+0x328/0x630 [ 28.932567] ret_from_fork+0x10/0x20 [ 28.932755] [ 28.932890] The buggy address belongs to the object at fff00000c5a7bb00 [ 28.932890] which belongs to the cache kmalloc-128 of size 128 [ 28.933464] The buggy address is located 0 bytes inside of [ 28.933464] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 28.934446] [ 28.934645] The buggy address belongs to the physical page: [ 28.934786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.935438] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.936115] page_type: f5(slab) [ 28.937178] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.937476] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.937587] page dumped because: kasan: bad access detected [ 28.937674] [ 28.938679] Memory state around the buggy address: [ 28.939153] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.940409] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.940578] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.940799] ^ [ 28.941008] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.941137] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.941501] ================================================================== [ 28.898118] ================================================================== [ 28.898603] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 28.898768] Write of size 121 at addr fff00000c5a7bb00 by task kunit_try_catch/287 [ 28.898896] [ 28.898992] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.899203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.899277] Hardware name: linux,dummy-virt (DT) [ 28.899357] Call trace: [ 28.900223] show_stack+0x20/0x38 (C) [ 28.900496] dump_stack_lvl+0x8c/0xd0 [ 28.900761] print_report+0x118/0x608 [ 28.901305] kasan_report+0xdc/0x128 [ 28.901444] kasan_check_range+0x100/0x1a8 [ 28.902275] __kasan_check_write+0x20/0x30 [ 28.903531] copy_user_test_oob+0x234/0xec8 [ 28.904046] kunit_try_run_case+0x170/0x3f0 [ 28.904550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.904853] kthread+0x328/0x630 [ 28.905429] ret_from_fork+0x10/0x20 [ 28.905687] [ 28.905718] Allocated by task 287: [ 28.905763] kasan_save_stack+0x3c/0x68 [ 28.905819] kasan_save_track+0x20/0x40 [ 28.905868] kasan_save_alloc_info+0x40/0x58 [ 28.905918] __kasan_kmalloc+0xd4/0xd8 [ 28.905965] __kmalloc_noprof+0x198/0x4c8 [ 28.906013] kunit_kmalloc_array+0x34/0x88 [ 28.906064] copy_user_test_oob+0xac/0xec8 [ 28.906113] kunit_try_run_case+0x170/0x3f0 [ 28.906166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.906226] kthread+0x328/0x630 [ 28.906273] ret_from_fork+0x10/0x20 [ 28.906320] [ 28.906350] The buggy address belongs to the object at fff00000c5a7bb00 [ 28.906350] which belongs to the cache kmalloc-128 of size 128 [ 28.906493] The buggy address is located 0 bytes inside of [ 28.906493] allocated 120-byte region [fff00000c5a7bb00, fff00000c5a7bb78) [ 28.907015] [ 28.907083] The buggy address belongs to the physical page: [ 28.907161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.907299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.907447] page_type: f5(slab) [ 28.907555] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.907941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.908222] page dumped because: kasan: bad access detected [ 28.908351] [ 28.908429] Memory state around the buggy address: [ 28.908567] fff00000c5a7ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.908732] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.909037] >fff00000c5a7bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.909145] ^ [ 28.909304] fff00000c5a7bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.909510] fff00000c5a7bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.909675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 28.804294] ================================================================== [ 28.804460] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 28.804622] Read of size 8 at addr fff00000c5a7ba78 by task kunit_try_catch/283 [ 28.804764] [ 28.804861] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.805290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.805407] Hardware name: linux,dummy-virt (DT) [ 28.805505] Call trace: [ 28.805566] show_stack+0x20/0x38 (C) [ 28.806009] dump_stack_lvl+0x8c/0xd0 [ 28.806138] print_report+0x118/0x608 [ 28.806263] kasan_report+0xdc/0x128 [ 28.806425] __asan_report_load8_noabort+0x20/0x30 [ 28.806833] copy_to_kernel_nofault+0x204/0x250 [ 28.807814] copy_to_kernel_nofault_oob+0x158/0x418 [ 28.808399] kunit_try_run_case+0x170/0x3f0 [ 28.808972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.809220] kthread+0x328/0x630 [ 28.809569] ret_from_fork+0x10/0x20 [ 28.809803] [ 28.809869] Allocated by task 283: [ 28.809955] kasan_save_stack+0x3c/0x68 [ 28.810077] kasan_save_track+0x20/0x40 [ 28.810331] kasan_save_alloc_info+0x40/0x58 [ 28.810466] __kasan_kmalloc+0xd4/0xd8 [ 28.810787] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.810923] copy_to_kernel_nofault_oob+0xc8/0x418 [ 28.811129] kunit_try_run_case+0x170/0x3f0 [ 28.811484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.811840] kthread+0x328/0x630 [ 28.812463] ret_from_fork+0x10/0x20 [ 28.812719] [ 28.812811] The buggy address belongs to the object at fff00000c5a7ba00 [ 28.812811] which belongs to the cache kmalloc-128 of size 128 [ 28.812985] The buggy address is located 0 bytes to the right of [ 28.812985] allocated 120-byte region [fff00000c5a7ba00, fff00000c5a7ba78) [ 28.813181] [ 28.813236] The buggy address belongs to the physical page: [ 28.813312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.813456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.813625] page_type: f5(slab) [ 28.814833] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.815572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.815711] page dumped because: kasan: bad access detected [ 28.815807] [ 28.815865] Memory state around the buggy address: [ 28.816271] fff00000c5a7b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.816501] fff00000c5a7b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.816630] >fff00000c5a7ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.816859] ^ [ 28.817257] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.818090] fff00000c5a7bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.818307] ================================================================== [ 28.819362] ================================================================== [ 28.819495] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 28.820195] Write of size 8 at addr fff00000c5a7ba78 by task kunit_try_catch/283 [ 28.820716] [ 28.820799] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.821284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.821360] Hardware name: linux,dummy-virt (DT) [ 28.821460] Call trace: [ 28.821519] show_stack+0x20/0x38 (C) [ 28.821646] dump_stack_lvl+0x8c/0xd0 [ 28.821817] print_report+0x118/0x608 [ 28.823202] kasan_report+0xdc/0x128 [ 28.823346] kasan_check_range+0x100/0x1a8 [ 28.823508] __kasan_check_write+0x20/0x30 [ 28.823648] copy_to_kernel_nofault+0x8c/0x250 [ 28.824113] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 28.824270] kunit_try_run_case+0x170/0x3f0 [ 28.824656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.824872] kthread+0x328/0x630 [ 28.825052] ret_from_fork+0x10/0x20 [ 28.825362] [ 28.825459] Allocated by task 283: [ 28.825629] kasan_save_stack+0x3c/0x68 [ 28.825741] kasan_save_track+0x20/0x40 [ 28.825870] kasan_save_alloc_info+0x40/0x58 [ 28.826057] __kasan_kmalloc+0xd4/0xd8 [ 28.826183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.826432] copy_to_kernel_nofault_oob+0xc8/0x418 [ 28.826562] kunit_try_run_case+0x170/0x3f0 [ 28.827056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.827183] kthread+0x328/0x630 [ 28.827662] ret_from_fork+0x10/0x20 [ 28.827813] [ 28.828217] The buggy address belongs to the object at fff00000c5a7ba00 [ 28.828217] which belongs to the cache kmalloc-128 of size 128 [ 28.828370] The buggy address is located 0 bytes to the right of [ 28.828370] allocated 120-byte region [fff00000c5a7ba00, fff00000c5a7ba78) [ 28.828566] [ 28.828617] The buggy address belongs to the physical page: [ 28.828694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 28.828819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.828981] page_type: f5(slab) [ 28.829355] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.830194] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.830557] page dumped because: kasan: bad access detected [ 28.830656] [ 28.830709] Memory state around the buggy address: [ 28.830789] fff00000c5a7b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.831882] fff00000c5a7b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.832218] >fff00000c5a7ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.832358] ^ [ 28.832507] fff00000c5a7ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.833505] fff00000c5a7bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.833652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 28.709139] ================================================================== [ 28.709278] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 28.709427] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 28.709839] [ 28.710186] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.710303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.710368] Hardware name: linux,dummy-virt (DT) [ 28.710484] Call trace: [ 28.710547] show_stack+0x20/0x38 (C) [ 28.710690] dump_stack_lvl+0x8c/0xd0 [ 28.710810] print_report+0x310/0x608 [ 28.710923] kasan_report+0xdc/0x128 [ 28.711036] __asan_report_load1_noabort+0x20/0x30 [ 28.711164] vmalloc_oob+0x578/0x5d0 [ 28.711277] kunit_try_run_case+0x170/0x3f0 [ 28.711420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.711560] kthread+0x328/0x630 [ 28.711685] ret_from_fork+0x10/0x20 [ 28.711983] [ 28.712050] The buggy address belongs to the virtual mapping at [ 28.712050] [ffff80008010b000, ffff80008010d000) created by: [ 28.712050] vmalloc_oob+0x98/0x5d0 [ 28.712358] [ 28.712477] The buggy address belongs to the physical page: [ 28.712566] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a85 [ 28.712744] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.712975] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.713146] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.713271] page dumped because: kasan: bad access detected [ 28.713370] [ 28.713453] Memory state around the buggy address: [ 28.713545] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.713677] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.713879] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 28.714073] ^ [ 28.714186] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 28.714304] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 28.714425] ================================================================== [ 28.715633] ================================================================== [ 28.715942] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 28.716141] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 28.716271] [ 28.716356] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.717469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.717579] Hardware name: linux,dummy-virt (DT) [ 28.717708] Call trace: [ 28.717783] show_stack+0x20/0x38 (C) [ 28.717916] dump_stack_lvl+0x8c/0xd0 [ 28.718061] print_report+0x310/0x608 [ 28.718184] kasan_report+0xdc/0x128 [ 28.718299] __asan_report_load1_noabort+0x20/0x30 [ 28.718509] vmalloc_oob+0x51c/0x5d0 [ 28.718632] kunit_try_run_case+0x170/0x3f0 [ 28.718791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.719171] kthread+0x328/0x630 [ 28.719324] ret_from_fork+0x10/0x20 [ 28.719517] [ 28.719624] The buggy address belongs to the virtual mapping at [ 28.719624] [ffff80008010b000, ffff80008010d000) created by: [ 28.719624] vmalloc_oob+0x98/0x5d0 [ 28.719912] [ 28.719976] The buggy address belongs to the physical page: [ 28.720067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a85 [ 28.720253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.720440] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.720697] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.720815] page dumped because: kasan: bad access detected [ 28.720917] [ 28.721052] Memory state around the buggy address: [ 28.721221] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.721346] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.721523] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 28.721675] ^ [ 28.721798] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 28.721928] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 28.722033] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 28.251859] ================================================================== [ 28.251986] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 28.252253] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.252587] [ 28.253789] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.254103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.254176] Hardware name: linux,dummy-virt (DT) [ 28.254361] Call trace: [ 28.254452] show_stack+0x20/0x38 (C) [ 28.254592] dump_stack_lvl+0x8c/0xd0 [ 28.255303] print_report+0x118/0x608 [ 28.255887] kasan_report+0xdc/0x128 [ 28.256148] kasan_check_range+0x100/0x1a8 [ 28.256690] __kasan_check_read+0x20/0x30 [ 28.257050] kasan_atomics_helper+0xdd4/0x4858 [ 28.257560] kasan_atomics+0x198/0x2e0 [ 28.257678] kunit_try_run_case+0x170/0x3f0 [ 28.258015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.258816] kthread+0x328/0x630 [ 28.259540] ret_from_fork+0x10/0x20 [ 28.260143] [ 28.260610] Allocated by task 267: [ 28.260965] kasan_save_stack+0x3c/0x68 [ 28.261296] kasan_save_track+0x20/0x40 [ 28.261595] kasan_save_alloc_info+0x40/0x58 [ 28.261830] __kasan_kmalloc+0xd4/0xd8 [ 28.261939] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.262270] kasan_atomics+0xb8/0x2e0 [ 28.262627] kunit_try_run_case+0x170/0x3f0 [ 28.263030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.263162] kthread+0x328/0x630 [ 28.263258] ret_from_fork+0x10/0x20 [ 28.264335] [ 28.264417] The buggy address belongs to the object at fff00000c5a80800 [ 28.264417] which belongs to the cache kmalloc-64 of size 64 [ 28.265213] The buggy address is located 0 bytes to the right of [ 28.265213] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.265507] [ 28.265566] The buggy address belongs to the physical page: [ 28.265640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.265798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.265916] page_type: f5(slab) [ 28.266916] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.267113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.267415] page dumped because: kasan: bad access detected [ 28.267939] [ 28.267993] Memory state around the buggy address: [ 28.268280] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.268472] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.268607] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.269323] ^ [ 28.269736] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.269986] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.270208] ================================================================== [ 28.224714] ================================================================== [ 28.224817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 28.224925] Write of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.225049] [ 28.225114] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.225312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.225401] Hardware name: linux,dummy-virt (DT) [ 28.225485] Call trace: [ 28.225550] show_stack+0x20/0x38 (C) [ 28.225669] dump_stack_lvl+0x8c/0xd0 [ 28.225795] print_report+0x118/0x608 [ 28.225911] kasan_report+0xdc/0x128 [ 28.226024] kasan_check_range+0x100/0x1a8 [ 28.226144] __kasan_check_write+0x20/0x30 [ 28.226266] kasan_atomics_helper+0xd3c/0x4858 [ 28.228523] kasan_atomics+0x198/0x2e0 [ 28.228799] kunit_try_run_case+0x170/0x3f0 [ 28.229019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.229181] kthread+0x328/0x630 [ 28.229706] ret_from_fork+0x10/0x20 [ 28.229979] [ 28.230423] Allocated by task 267: [ 28.230561] kasan_save_stack+0x3c/0x68 [ 28.230794] kasan_save_track+0x20/0x40 [ 28.231278] kasan_save_alloc_info+0x40/0x58 [ 28.231548] __kasan_kmalloc+0xd4/0xd8 [ 28.231780] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.232310] kasan_atomics+0xb8/0x2e0 [ 28.232499] kunit_try_run_case+0x170/0x3f0 [ 28.232694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.233240] kthread+0x328/0x630 [ 28.233395] ret_from_fork+0x10/0x20 [ 28.233572] [ 28.233678] The buggy address belongs to the object at fff00000c5a80800 [ 28.233678] which belongs to the cache kmalloc-64 of size 64 [ 28.234222] The buggy address is located 0 bytes to the right of [ 28.234222] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.234576] [ 28.234887] The buggy address belongs to the physical page: [ 28.234981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.235192] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.235799] page_type: f5(slab) [ 28.235914] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.236043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.236661] page dumped because: kasan: bad access detected [ 28.237011] [ 28.237074] Memory state around the buggy address: [ 28.237366] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.237588] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.237800] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.237987] ^ [ 28.238537] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.238732] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.238927] ================================================================== [ 28.435801] ================================================================== [ 28.436063] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 28.436443] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.437058] [ 28.437161] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.437369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.437555] Hardware name: linux,dummy-virt (DT) [ 28.437737] Call trace: [ 28.437797] show_stack+0x20/0x38 (C) [ 28.437928] dump_stack_lvl+0x8c/0xd0 [ 28.438135] print_report+0x118/0x608 [ 28.438260] kasan_report+0xdc/0x128 [ 28.438394] kasan_check_range+0x100/0x1a8 [ 28.438520] __kasan_check_write+0x20/0x30 [ 28.439574] kasan_atomics_helper+0x126c/0x4858 [ 28.440464] kasan_atomics+0x198/0x2e0 [ 28.440615] kunit_try_run_case+0x170/0x3f0 [ 28.440767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.440941] kthread+0x328/0x630 [ 28.441273] ret_from_fork+0x10/0x20 [ 28.441552] [ 28.441674] Allocated by task 267: [ 28.442012] kasan_save_stack+0x3c/0x68 [ 28.442442] kasan_save_track+0x20/0x40 [ 28.442562] kasan_save_alloc_info+0x40/0x58 [ 28.442876] __kasan_kmalloc+0xd4/0xd8 [ 28.442988] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.443149] kasan_atomics+0xb8/0x2e0 [ 28.443367] kunit_try_run_case+0x170/0x3f0 [ 28.443503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.443621] kthread+0x328/0x630 [ 28.443717] ret_from_fork+0x10/0x20 [ 28.443835] [ 28.443889] The buggy address belongs to the object at fff00000c5a80800 [ 28.443889] which belongs to the cache kmalloc-64 of size 64 [ 28.444040] The buggy address is located 0 bytes to the right of [ 28.444040] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.444208] [ 28.444672] The buggy address belongs to the physical page: [ 28.444760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.444914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.445038] page_type: f5(slab) [ 28.447102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.447247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.447358] page dumped because: kasan: bad access detected [ 28.447461] [ 28.447806] Memory state around the buggy address: [ 28.448016] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.448360] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.449138] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.449405] ^ [ 28.449738] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.450117] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.450533] ================================================================== [ 28.451597] ================================================================== [ 28.452552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 28.453042] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.453171] [ 28.453248] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.455162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.455250] Hardware name: linux,dummy-virt (DT) [ 28.455334] Call trace: [ 28.455412] show_stack+0x20/0x38 (C) [ 28.455565] dump_stack_lvl+0x8c/0xd0 [ 28.455711] print_report+0x118/0x608 [ 28.455848] kasan_report+0xdc/0x128 [ 28.455968] kasan_check_range+0x100/0x1a8 [ 28.456103] __kasan_check_write+0x20/0x30 [ 28.456644] kasan_atomics_helper+0x12d8/0x4858 [ 28.456890] kasan_atomics+0x198/0x2e0 [ 28.457059] kunit_try_run_case+0x170/0x3f0 [ 28.457248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.457653] kthread+0x328/0x630 [ 28.457883] ret_from_fork+0x10/0x20 [ 28.458604] [ 28.458684] Allocated by task 267: [ 28.458767] kasan_save_stack+0x3c/0x68 [ 28.458906] kasan_save_track+0x20/0x40 [ 28.458999] kasan_save_alloc_info+0x40/0x58 [ 28.459099] __kasan_kmalloc+0xd4/0xd8 [ 28.459197] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.459912] kasan_atomics+0xb8/0x2e0 [ 28.460194] kunit_try_run_case+0x170/0x3f0 [ 28.460318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.460466] kthread+0x328/0x630 [ 28.460629] ret_from_fork+0x10/0x20 [ 28.460920] [ 28.461058] The buggy address belongs to the object at fff00000c5a80800 [ 28.461058] which belongs to the cache kmalloc-64 of size 64 [ 28.461215] The buggy address is located 0 bytes to the right of [ 28.461215] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.461458] [ 28.461523] The buggy address belongs to the physical page: [ 28.461614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.461761] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.461927] page_type: f5(slab) [ 28.462186] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.462558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.462985] page dumped because: kasan: bad access detected [ 28.463403] [ 28.463479] Memory state around the buggy address: [ 28.463566] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.463702] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.464053] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.464231] ^ [ 28.464346] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.465171] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.466075] ================================================================== [ 28.477280] ================================================================== [ 28.477464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 28.477632] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.477870] [ 28.478114] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.478438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.478942] Hardware name: linux,dummy-virt (DT) [ 28.479040] Call trace: [ 28.479103] show_stack+0x20/0x38 (C) [ 28.479286] dump_stack_lvl+0x8c/0xd0 [ 28.480349] print_report+0x118/0x608 [ 28.480885] kasan_report+0xdc/0x128 [ 28.481333] __asan_report_load8_noabort+0x20/0x30 [ 28.481489] kasan_atomics_helper+0x3f04/0x4858 [ 28.481616] kasan_atomics+0x198/0x2e0 [ 28.481754] kunit_try_run_case+0x170/0x3f0 [ 28.481890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.482030] kthread+0x328/0x630 [ 28.485777] ret_from_fork+0x10/0x20 [ 28.486163] [ 28.486556] Allocated by task 267: [ 28.486843] kasan_save_stack+0x3c/0x68 [ 28.486953] kasan_save_track+0x20/0x40 [ 28.487768] kasan_save_alloc_info+0x40/0x58 [ 28.487903] __kasan_kmalloc+0xd4/0xd8 [ 28.488535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.489078] kasan_atomics+0xb8/0x2e0 [ 28.489723] kunit_try_run_case+0x170/0x3f0 [ 28.490483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.491236] kthread+0x328/0x630 [ 28.491342] ret_from_fork+0x10/0x20 [ 28.491463] [ 28.493097] The buggy address belongs to the object at fff00000c5a80800 [ 28.493097] which belongs to the cache kmalloc-64 of size 64 [ 28.493668] The buggy address is located 0 bytes to the right of [ 28.493668] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.494305] [ 28.495105] The buggy address belongs to the physical page: [ 28.495444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.495716] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.496180] page_type: f5(slab) [ 28.496297] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.497188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.497661] page dumped because: kasan: bad access detected [ 28.497752] [ 28.497861] Memory state around the buggy address: [ 28.497952] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.498079] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.498196] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.499032] ^ [ 28.499271] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.499526] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.499633] ================================================================== [ 28.424839] ================================================================== [ 28.424954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 28.425084] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.425336] [ 28.425498] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.425771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.425851] Hardware name: linux,dummy-virt (DT) [ 28.425946] Call trace: [ 28.426005] show_stack+0x20/0x38 (C) [ 28.426130] dump_stack_lvl+0x8c/0xd0 [ 28.426251] print_report+0x118/0x608 [ 28.426368] kasan_report+0xdc/0x128 [ 28.426522] kasan_check_range+0x100/0x1a8 [ 28.426643] __kasan_check_write+0x20/0x30 [ 28.426770] kasan_atomics_helper+0x11f8/0x4858 [ 28.426888] kasan_atomics+0x198/0x2e0 [ 28.427005] kunit_try_run_case+0x170/0x3f0 [ 28.427129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.427265] kthread+0x328/0x630 [ 28.427845] ret_from_fork+0x10/0x20 [ 28.428076] [ 28.428219] Allocated by task 267: [ 28.428341] kasan_save_stack+0x3c/0x68 [ 28.428480] kasan_save_track+0x20/0x40 [ 28.428589] kasan_save_alloc_info+0x40/0x58 [ 28.428697] __kasan_kmalloc+0xd4/0xd8 [ 28.428794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.429819] kasan_atomics+0xb8/0x2e0 [ 28.429924] kunit_try_run_case+0x170/0x3f0 [ 28.430030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.430188] kthread+0x328/0x630 [ 28.430286] ret_from_fork+0x10/0x20 [ 28.430628] [ 28.430744] The buggy address belongs to the object at fff00000c5a80800 [ 28.430744] which belongs to the cache kmalloc-64 of size 64 [ 28.430912] The buggy address is located 0 bytes to the right of [ 28.430912] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.431195] [ 28.431277] The buggy address belongs to the physical page: [ 28.431430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.431593] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.431912] page_type: f5(slab) [ 28.432011] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.432253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.432369] page dumped because: kasan: bad access detected [ 28.432491] [ 28.432554] Memory state around the buggy address: [ 28.432854] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.432994] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.433198] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.434121] ^ [ 28.434234] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.434888] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.435076] ================================================================== [ 28.282212] ================================================================== [ 28.282335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 28.282485] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.283035] [ 28.283110] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.283314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.283401] Hardware name: linux,dummy-virt (DT) [ 28.283483] Call trace: [ 28.283537] show_stack+0x20/0x38 (C) [ 28.283656] dump_stack_lvl+0x8c/0xd0 [ 28.283780] print_report+0x118/0x608 [ 28.283894] kasan_report+0xdc/0x128 [ 28.284011] kasan_check_range+0x100/0x1a8 [ 28.284154] __kasan_check_write+0x20/0x30 [ 28.284534] kasan_atomics_helper+0xe44/0x4858 [ 28.285154] kasan_atomics+0x198/0x2e0 [ 28.285476] kunit_try_run_case+0x170/0x3f0 [ 28.285624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.285765] kthread+0x328/0x630 [ 28.285913] ret_from_fork+0x10/0x20 [ 28.286246] [ 28.286337] Allocated by task 267: [ 28.286433] kasan_save_stack+0x3c/0x68 [ 28.286640] kasan_save_track+0x20/0x40 [ 28.286900] kasan_save_alloc_info+0x40/0x58 [ 28.287071] __kasan_kmalloc+0xd4/0xd8 [ 28.287213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.287333] kasan_atomics+0xb8/0x2e0 [ 28.287493] kunit_try_run_case+0x170/0x3f0 [ 28.287883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.288026] kthread+0x328/0x630 [ 28.288356] ret_from_fork+0x10/0x20 [ 28.288489] [ 28.288538] The buggy address belongs to the object at fff00000c5a80800 [ 28.288538] which belongs to the cache kmalloc-64 of size 64 [ 28.288735] The buggy address is located 0 bytes to the right of [ 28.288735] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.289159] [ 28.289216] The buggy address belongs to the physical page: [ 28.289291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.289762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.289895] page_type: f5(slab) [ 28.290299] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.290855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.291012] page dumped because: kasan: bad access detected [ 28.291124] [ 28.291331] Memory state around the buggy address: [ 28.291436] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.291599] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.291721] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.291950] ^ [ 28.292041] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.292161] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.292671] ================================================================== [ 28.412045] ================================================================== [ 28.412468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 28.412583] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.412752] [ 28.412821] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.413148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.413519] Hardware name: linux,dummy-virt (DT) [ 28.413744] Call trace: [ 28.413871] show_stack+0x20/0x38 (C) [ 28.414064] dump_stack_lvl+0x8c/0xd0 [ 28.414441] print_report+0x118/0x608 [ 28.414641] kasan_report+0xdc/0x128 [ 28.414898] kasan_check_range+0x100/0x1a8 [ 28.415092] __kasan_check_write+0x20/0x30 [ 28.415248] kasan_atomics_helper+0x1190/0x4858 [ 28.415459] kasan_atomics+0x198/0x2e0 [ 28.415606] kunit_try_run_case+0x170/0x3f0 [ 28.415762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.416735] kthread+0x328/0x630 [ 28.416960] ret_from_fork+0x10/0x20 [ 28.417083] [ 28.417145] Allocated by task 267: [ 28.417367] kasan_save_stack+0x3c/0x68 [ 28.417505] kasan_save_track+0x20/0x40 [ 28.417646] kasan_save_alloc_info+0x40/0x58 [ 28.417789] __kasan_kmalloc+0xd4/0xd8 [ 28.417963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.418069] kasan_atomics+0xb8/0x2e0 [ 28.418236] kunit_try_run_case+0x170/0x3f0 [ 28.418343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.418513] kthread+0x328/0x630 [ 28.418749] ret_from_fork+0x10/0x20 [ 28.418855] [ 28.418992] The buggy address belongs to the object at fff00000c5a80800 [ 28.418992] which belongs to the cache kmalloc-64 of size 64 [ 28.419137] The buggy address is located 0 bytes to the right of [ 28.419137] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.419308] [ 28.419429] The buggy address belongs to the physical page: [ 28.419522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.419671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.419882] page_type: f5(slab) [ 28.419976] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.420653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.421235] page dumped because: kasan: bad access detected [ 28.421435] [ 28.421709] Memory state around the buggy address: [ 28.421829] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.421968] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.422097] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.422212] ^ [ 28.422309] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.422434] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.422947] ================================================================== [ 28.654639] ================================================================== [ 28.654811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 28.654925] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.655049] [ 28.655113] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.655311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.655394] Hardware name: linux,dummy-virt (DT) [ 28.655478] Call trace: [ 28.655531] show_stack+0x20/0x38 (C) [ 28.655653] dump_stack_lvl+0x8c/0xd0 [ 28.655773] print_report+0x118/0x608 [ 28.655893] kasan_report+0xdc/0x128 [ 28.656012] __asan_report_load8_noabort+0x20/0x30 [ 28.656231] kasan_atomics_helper+0x3e20/0x4858 [ 28.656494] kasan_atomics+0x198/0x2e0 [ 28.656669] kunit_try_run_case+0x170/0x3f0 [ 28.656823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.656979] kthread+0x328/0x630 [ 28.657169] ret_from_fork+0x10/0x20 [ 28.657306] [ 28.657358] Allocated by task 267: [ 28.657453] kasan_save_stack+0x3c/0x68 [ 28.657554] kasan_save_track+0x20/0x40 [ 28.657673] kasan_save_alloc_info+0x40/0x58 [ 28.657897] __kasan_kmalloc+0xd4/0xd8 [ 28.658023] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.658191] kasan_atomics+0xb8/0x2e0 [ 28.658403] kunit_try_run_case+0x170/0x3f0 [ 28.658608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.658857] kthread+0x328/0x630 [ 28.659034] ret_from_fork+0x10/0x20 [ 28.659191] [ 28.659496] The buggy address belongs to the object at fff00000c5a80800 [ 28.659496] which belongs to the cache kmalloc-64 of size 64 [ 28.659708] The buggy address is located 0 bytes to the right of [ 28.659708] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.659882] [ 28.659999] The buggy address belongs to the physical page: [ 28.660200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.660900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.661100] page_type: f5(slab) [ 28.661201] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.662176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.662412] page dumped because: kasan: bad access detected [ 28.663315] [ 28.663418] Memory state around the buggy address: [ 28.663500] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.663691] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.663904] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.664061] ^ [ 28.664714] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.665300] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.665457] ================================================================== [ 28.400398] ================================================================== [ 28.400539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 28.400676] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.400807] [ 28.400877] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.401084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.401926] Hardware name: linux,dummy-virt (DT) [ 28.402027] Call trace: [ 28.402087] show_stack+0x20/0x38 (C) [ 28.402217] dump_stack_lvl+0x8c/0xd0 [ 28.402401] print_report+0x118/0x608 [ 28.402698] kasan_report+0xdc/0x128 [ 28.402826] kasan_check_range+0x100/0x1a8 [ 28.403448] __kasan_check_write+0x20/0x30 [ 28.403723] kasan_atomics_helper+0x1128/0x4858 [ 28.403891] kasan_atomics+0x198/0x2e0 [ 28.404022] kunit_try_run_case+0x170/0x3f0 [ 28.404626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.404826] kthread+0x328/0x630 [ 28.404986] ret_from_fork+0x10/0x20 [ 28.405109] [ 28.405173] Allocated by task 267: [ 28.405406] kasan_save_stack+0x3c/0x68 [ 28.405520] kasan_save_track+0x20/0x40 [ 28.405625] kasan_save_alloc_info+0x40/0x58 [ 28.405795] __kasan_kmalloc+0xd4/0xd8 [ 28.405928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.406488] kasan_atomics+0xb8/0x2e0 [ 28.406715] kunit_try_run_case+0x170/0x3f0 [ 28.406859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.407210] kthread+0x328/0x630 [ 28.407368] ret_from_fork+0x10/0x20 [ 28.407486] [ 28.407537] The buggy address belongs to the object at fff00000c5a80800 [ 28.407537] which belongs to the cache kmalloc-64 of size 64 [ 28.407677] The buggy address is located 0 bytes to the right of [ 28.407677] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.407839] [ 28.407952] The buggy address belongs to the physical page: [ 28.408189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.408317] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.408483] page_type: f5(slab) [ 28.409218] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.409752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.409925] page dumped because: kasan: bad access detected [ 28.410105] [ 28.410163] Memory state around the buggy address: [ 28.410268] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.410405] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.410571] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.410681] ^ [ 28.411089] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.411221] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.411358] ================================================================== [ 27.993091] ================================================================== [ 27.994248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 27.995661] Call trace: [ 28.000332] kthread+0x328/0x630 [ 28.002599] kunit_try_run_case+0x170/0x3f0 [ 28.002915] kthread+0x328/0x630 [ 28.003648] [ 28.003720] The buggy address belongs to the physical page: [ 28.003807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.003955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.004098] page_type: f5(slab) [ 28.004242] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.004414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.004545] page dumped because: kasan: bad access detected [ 28.004646] [ 28.004760] Memory state around the buggy address: [ 28.004898] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.005161] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.005349] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.005625] ^ [ 28.005727] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005856] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005984] ================================================================== [ 28.466557] ================================================================== [ 28.466642] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 28.466740] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.466884] [ 28.467106] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.467501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.467892] Hardware name: linux,dummy-virt (DT) [ 28.468204] Call trace: [ 28.468317] show_stack+0x20/0x38 (C) [ 28.468512] dump_stack_lvl+0x8c/0xd0 [ 28.468884] print_report+0x118/0x608 [ 28.469044] kasan_report+0xdc/0x128 [ 28.469174] kasan_check_range+0x100/0x1a8 [ 28.469337] __kasan_check_write+0x20/0x30 [ 28.469638] kasan_atomics_helper+0x1384/0x4858 [ 28.469814] kasan_atomics+0x198/0x2e0 [ 28.469938] kunit_try_run_case+0x170/0x3f0 [ 28.470063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.470212] kthread+0x328/0x630 [ 28.470462] ret_from_fork+0x10/0x20 [ 28.470612] [ 28.470678] Allocated by task 267: [ 28.470809] kasan_save_stack+0x3c/0x68 [ 28.470933] kasan_save_track+0x20/0x40 [ 28.471041] kasan_save_alloc_info+0x40/0x58 [ 28.471355] __kasan_kmalloc+0xd4/0xd8 [ 28.471481] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.471649] kasan_atomics+0xb8/0x2e0 [ 28.471750] kunit_try_run_case+0x170/0x3f0 [ 28.471865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.472017] kthread+0x328/0x630 [ 28.472193] ret_from_fork+0x10/0x20 [ 28.472300] [ 28.472357] The buggy address belongs to the object at fff00000c5a80800 [ 28.472357] which belongs to the cache kmalloc-64 of size 64 [ 28.472552] The buggy address is located 0 bytes to the right of [ 28.472552] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.472816] [ 28.472879] The buggy address belongs to the physical page: [ 28.472989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.473331] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.473507] page_type: f5(slab) [ 28.473612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.473798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.473943] page dumped because: kasan: bad access detected [ 28.474068] [ 28.474126] Memory state around the buggy address: [ 28.474205] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.474328] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.474512] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.474747] ^ [ 28.474953] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.475443] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.475551] ================================================================== [ 28.543622] ================================================================== [ 28.543776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 28.543889] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.544161] [ 28.544290] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.544647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.545010] Hardware name: linux,dummy-virt (DT) [ 28.545133] Call trace: [ 28.545201] show_stack+0x20/0x38 (C) [ 28.545436] dump_stack_lvl+0x8c/0xd0 [ 28.545760] print_report+0x118/0x608 [ 28.545893] kasan_report+0xdc/0x128 [ 28.546059] kasan_check_range+0x100/0x1a8 [ 28.546331] __kasan_check_write+0x20/0x30 [ 28.546732] kasan_atomics_helper+0x154c/0x4858 [ 28.546866] kasan_atomics+0x198/0x2e0 [ 28.547056] kunit_try_run_case+0x170/0x3f0 [ 28.547194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.547485] kthread+0x328/0x630 [ 28.547630] ret_from_fork+0x10/0x20 [ 28.548173] [ 28.548274] Allocated by task 267: [ 28.548358] kasan_save_stack+0x3c/0x68 [ 28.548524] kasan_save_track+0x20/0x40 [ 28.548723] kasan_save_alloc_info+0x40/0x58 [ 28.548928] __kasan_kmalloc+0xd4/0xd8 [ 28.549031] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.549178] kasan_atomics+0xb8/0x2e0 [ 28.549457] kunit_try_run_case+0x170/0x3f0 [ 28.549571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.549915] kthread+0x328/0x630 [ 28.550049] ret_from_fork+0x10/0x20 [ 28.550148] [ 28.550208] The buggy address belongs to the object at fff00000c5a80800 [ 28.550208] which belongs to the cache kmalloc-64 of size 64 [ 28.550540] The buggy address is located 0 bytes to the right of [ 28.550540] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.551539] [ 28.551907] The buggy address belongs to the physical page: [ 28.552208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.552720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.553152] page_type: f5(slab) [ 28.553620] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.553761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.553913] page dumped because: kasan: bad access detected [ 28.554000] [ 28.554050] Memory state around the buggy address: [ 28.554129] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.554511] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.555179] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.556120] ^ [ 28.556635] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.556774] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.557016] ================================================================== [ 28.528519] ================================================================== [ 28.529904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 28.530443] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.530972] [ 28.531512] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.532628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.532678] Hardware name: linux,dummy-virt (DT) [ 28.532756] Call trace: [ 28.532830] show_stack+0x20/0x38 (C) [ 28.532978] dump_stack_lvl+0x8c/0xd0 [ 28.533253] print_report+0x118/0x608 [ 28.533830] kasan_report+0xdc/0x128 [ 28.534316] kasan_check_range+0x100/0x1a8 [ 28.534622] __kasan_check_write+0x20/0x30 [ 28.534770] kasan_atomics_helper+0x14e4/0x4858 [ 28.535142] kasan_atomics+0x198/0x2e0 [ 28.535276] kunit_try_run_case+0x170/0x3f0 [ 28.535626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.535773] kthread+0x328/0x630 [ 28.535950] ret_from_fork+0x10/0x20 [ 28.536237] [ 28.536298] Allocated by task 267: [ 28.536406] kasan_save_stack+0x3c/0x68 [ 28.537063] kasan_save_track+0x20/0x40 [ 28.537602] kasan_save_alloc_info+0x40/0x58 [ 28.537982] __kasan_kmalloc+0xd4/0xd8 [ 28.538245] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.538374] kasan_atomics+0xb8/0x2e0 [ 28.538507] kunit_try_run_case+0x170/0x3f0 [ 28.538813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.539212] kthread+0x328/0x630 [ 28.539709] ret_from_fork+0x10/0x20 [ 28.540200] [ 28.540261] The buggy address belongs to the object at fff00000c5a80800 [ 28.540261] which belongs to the cache kmalloc-64 of size 64 [ 28.540492] The buggy address is located 0 bytes to the right of [ 28.540492] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.540842] [ 28.540895] The buggy address belongs to the physical page: [ 28.540999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.541149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.541313] page_type: f5(slab) [ 28.541528] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.541921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.542059] page dumped because: kasan: bad access detected [ 28.542141] [ 28.542219] Memory state around the buggy address: [ 28.542304] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.542447] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.542581] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.542700] ^ [ 28.542799] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.542931] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.543073] ================================================================== [ 28.667452] ================================================================== [ 28.667632] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 28.667744] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.668597] [ 28.668922] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.669135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.669208] Hardware name: linux,dummy-virt (DT) [ 28.669294] Call trace: [ 28.669601] show_stack+0x20/0x38 (C) [ 28.669864] dump_stack_lvl+0x8c/0xd0 [ 28.670108] print_report+0x118/0x608 [ 28.670534] kasan_report+0xdc/0x128 [ 28.671002] kasan_check_range+0x100/0x1a8 [ 28.671343] __kasan_check_write+0x20/0x30 [ 28.671491] kasan_atomics_helper+0x17ec/0x4858 [ 28.672071] kasan_atomics+0x198/0x2e0 [ 28.672592] kunit_try_run_case+0x170/0x3f0 [ 28.672756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.672896] kthread+0x328/0x630 [ 28.673011] ret_from_fork+0x10/0x20 [ 28.673133] [ 28.673185] Allocated by task 267: [ 28.673645] kasan_save_stack+0x3c/0x68 [ 28.674167] kasan_save_track+0x20/0x40 [ 28.674868] kasan_save_alloc_info+0x40/0x58 [ 28.675631] __kasan_kmalloc+0xd4/0xd8 [ 28.675798] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.676466] kasan_atomics+0xb8/0x2e0 [ 28.676683] kunit_try_run_case+0x170/0x3f0 [ 28.676783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.676896] kthread+0x328/0x630 [ 28.676993] ret_from_fork+0x10/0x20 [ 28.677089] [ 28.677139] The buggy address belongs to the object at fff00000c5a80800 [ 28.677139] which belongs to the cache kmalloc-64 of size 64 [ 28.677281] The buggy address is located 0 bytes to the right of [ 28.677281] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.679451] [ 28.679536] The buggy address belongs to the physical page: [ 28.679625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.679773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.679914] page_type: f5(slab) [ 28.680023] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.680167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.681176] page dumped because: kasan: bad access detected [ 28.681351] [ 28.681565] Memory state around the buggy address: [ 28.682010] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.682129] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.682252] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.683683] ^ [ 28.684116] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.684253] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.684369] ================================================================== [ 28.311889] ================================================================== [ 28.311991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 28.312105] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.314590] [ 28.314669] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.314902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.314955] Hardware name: linux,dummy-virt (DT) [ 28.314995] Call trace: [ 28.315023] show_stack+0x20/0x38 (C) [ 28.315087] dump_stack_lvl+0x8c/0xd0 [ 28.315148] print_report+0x118/0x608 [ 28.315207] kasan_report+0xdc/0x128 [ 28.315263] kasan_check_range+0x100/0x1a8 [ 28.315326] __kasan_check_write+0x20/0x30 [ 28.315415] kasan_atomics_helper+0xeb8/0x4858 [ 28.315479] kasan_atomics+0x198/0x2e0 [ 28.315540] kunit_try_run_case+0x170/0x3f0 [ 28.315602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.315673] kthread+0x328/0x630 [ 28.315730] ret_from_fork+0x10/0x20 [ 28.315793] [ 28.315817] Allocated by task 267: [ 28.315851] kasan_save_stack+0x3c/0x68 [ 28.315904] kasan_save_track+0x20/0x40 [ 28.315949] kasan_save_alloc_info+0x40/0x58 [ 28.315996] __kasan_kmalloc+0xd4/0xd8 [ 28.316042] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.316122] kasan_atomics+0xb8/0x2e0 [ 28.316332] kunit_try_run_case+0x170/0x3f0 [ 28.316474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.316592] kthread+0x328/0x630 [ 28.316689] ret_from_fork+0x10/0x20 [ 28.316802] [ 28.316854] The buggy address belongs to the object at fff00000c5a80800 [ 28.316854] which belongs to the cache kmalloc-64 of size 64 [ 28.316993] The buggy address is located 0 bytes to the right of [ 28.316993] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.317167] [ 28.317244] The buggy address belongs to the physical page: [ 28.317339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.317488] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.317619] page_type: f5(slab) [ 28.317733] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.317870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.317988] page dumped because: kasan: bad access detected [ 28.318073] [ 28.318121] Memory state around the buggy address: [ 28.318200] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.318311] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.319314] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.319444] ^ [ 28.319550] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.319685] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.319807] ================================================================== [ 28.337147] ================================================================== [ 28.337501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 28.337627] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.337750] [ 28.337842] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.338058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.338129] Hardware name: linux,dummy-virt (DT) [ 28.338211] Call trace: [ 28.338265] show_stack+0x20/0x38 (C) [ 28.338406] dump_stack_lvl+0x8c/0xd0 [ 28.338563] print_report+0x118/0x608 [ 28.338713] kasan_report+0xdc/0x128 [ 28.338887] kasan_check_range+0x100/0x1a8 [ 28.339022] __kasan_check_write+0x20/0x30 [ 28.339159] kasan_atomics_helper+0xf88/0x4858 [ 28.339290] kasan_atomics+0x198/0x2e0 [ 28.339448] kunit_try_run_case+0x170/0x3f0 [ 28.339692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.340201] kthread+0x328/0x630 [ 28.340479] ret_from_fork+0x10/0x20 [ 28.340630] [ 28.340845] Allocated by task 267: [ 28.341032] kasan_save_stack+0x3c/0x68 [ 28.341299] kasan_save_track+0x20/0x40 [ 28.341426] kasan_save_alloc_info+0x40/0x58 [ 28.341548] __kasan_kmalloc+0xd4/0xd8 [ 28.341643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.341745] kasan_atomics+0xb8/0x2e0 [ 28.344192] kunit_try_run_case+0x170/0x3f0 [ 28.344327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.344548] kthread+0x328/0x630 [ 28.344719] ret_from_fork+0x10/0x20 [ 28.344832] [ 28.344883] The buggy address belongs to the object at fff00000c5a80800 [ 28.344883] which belongs to the cache kmalloc-64 of size 64 [ 28.346397] The buggy address is located 0 bytes to the right of [ 28.346397] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.346690] [ 28.347582] The buggy address belongs to the physical page: [ 28.348315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.349131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.349294] page_type: f5(slab) [ 28.350890] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.351501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.351617] page dumped because: kasan: bad access detected [ 28.351727] [ 28.351810] Memory state around the buggy address: [ 28.351894] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.352013] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.352127] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.352454] ^ [ 28.352634] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.352752] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.353025] ================================================================== [ 28.293466] ================================================================== [ 28.293566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 28.293685] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.293809] [ 28.293877] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.294072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.294151] Hardware name: linux,dummy-virt (DT) [ 28.294236] Call trace: [ 28.294295] show_stack+0x20/0x38 (C) [ 28.294439] dump_stack_lvl+0x8c/0xd0 [ 28.294566] print_report+0x118/0x608 [ 28.294680] kasan_report+0xdc/0x128 [ 28.294814] __asan_report_store8_noabort+0x20/0x30 [ 28.295301] kasan_atomics_helper+0x3e5c/0x4858 [ 28.296153] kasan_atomics+0x198/0x2e0 [ 28.296350] kunit_try_run_case+0x170/0x3f0 [ 28.296770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.296957] kthread+0x328/0x630 [ 28.297288] ret_from_fork+0x10/0x20 [ 28.297787] [ 28.297847] Allocated by task 267: [ 28.298060] kasan_save_stack+0x3c/0x68 [ 28.299039] kasan_save_track+0x20/0x40 [ 28.299418] kasan_save_alloc_info+0x40/0x58 [ 28.299667] __kasan_kmalloc+0xd4/0xd8 [ 28.299772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.300314] kasan_atomics+0xb8/0x2e0 [ 28.300479] kunit_try_run_case+0x170/0x3f0 [ 28.300645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.300770] kthread+0x328/0x630 [ 28.300872] ret_from_fork+0x10/0x20 [ 28.301599] [ 28.301678] The buggy address belongs to the object at fff00000c5a80800 [ 28.301678] which belongs to the cache kmalloc-64 of size 64 [ 28.301828] The buggy address is located 0 bytes to the right of [ 28.301828] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.302261] [ 28.302480] The buggy address belongs to the physical page: [ 28.303084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.303227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.303445] page_type: f5(slab) [ 28.303641] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.304219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.304338] page dumped because: kasan: bad access detected [ 28.304455] [ 28.305458] Memory state around the buggy address: [ 28.306052] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.306169] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.306282] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.306400] ^ [ 28.306489] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.306601] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.309237] ================================================================== [ 28.514710] ================================================================== [ 28.514812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 28.514929] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.515296] [ 28.515435] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.515670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.515758] Hardware name: linux,dummy-virt (DT) [ 28.515853] Call trace: [ 28.515922] show_stack+0x20/0x38 (C) [ 28.516069] dump_stack_lvl+0x8c/0xd0 [ 28.516263] print_report+0x118/0x608 [ 28.516520] kasan_report+0xdc/0x128 [ 28.516737] kasan_check_range+0x100/0x1a8 [ 28.517082] __kasan_check_write+0x20/0x30 [ 28.517304] kasan_atomics_helper+0x147c/0x4858 [ 28.517494] kasan_atomics+0x198/0x2e0 [ 28.517804] kunit_try_run_case+0x170/0x3f0 [ 28.517956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.518116] kthread+0x328/0x630 [ 28.518279] ret_from_fork+0x10/0x20 [ 28.518443] [ 28.518528] Allocated by task 267: [ 28.518761] kasan_save_stack+0x3c/0x68 [ 28.519687] kasan_save_track+0x20/0x40 [ 28.520026] kasan_save_alloc_info+0x40/0x58 [ 28.520232] __kasan_kmalloc+0xd4/0xd8 [ 28.520352] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.520567] kasan_atomics+0xb8/0x2e0 [ 28.520683] kunit_try_run_case+0x170/0x3f0 [ 28.520804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.521010] kthread+0x328/0x630 [ 28.521415] ret_from_fork+0x10/0x20 [ 28.521541] [ 28.521602] The buggy address belongs to the object at fff00000c5a80800 [ 28.521602] which belongs to the cache kmalloc-64 of size 64 [ 28.521790] The buggy address is located 0 bytes to the right of [ 28.521790] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.521964] [ 28.522017] The buggy address belongs to the physical page: [ 28.522094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.522218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.522352] page_type: f5(slab) [ 28.522468] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.522605] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.522714] page dumped because: kasan: bad access detected [ 28.522793] [ 28.523051] Memory state around the buggy address: [ 28.523151] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.523478] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.524078] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.526408] ^ [ 28.526584] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.526717] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.526833] ================================================================== [ 28.064456] ================================================================== [ 28.064595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 28.065292] Write of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.065571] [ 28.065651] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.065874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.065948] Hardware name: linux,dummy-virt (DT) [ 28.066030] Call trace: [ 28.066087] show_stack+0x20/0x38 (C) [ 28.066211] dump_stack_lvl+0x8c/0xd0 [ 28.067031] print_report+0x118/0x608 [ 28.067789] kasan_report+0xdc/0x128 [ 28.068056] kasan_check_range+0x100/0x1a8 [ 28.069515] __kasan_check_write+0x20/0x30 [ 28.069825] kasan_atomics_helper+0xa6c/0x4858 [ 28.070169] kasan_atomics+0x198/0x2e0 [ 28.070294] kunit_try_run_case+0x170/0x3f0 [ 28.070438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.070580] kthread+0x328/0x630 [ 28.071610] ret_from_fork+0x10/0x20 [ 28.071874] [ 28.072051] Allocated by task 267: [ 28.072733] kasan_save_stack+0x3c/0x68 [ 28.072873] kasan_save_track+0x20/0x40 [ 28.072972] kasan_save_alloc_info+0x40/0x58 [ 28.073078] __kasan_kmalloc+0xd4/0xd8 [ 28.073887] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.073976] kasan_atomics+0xb8/0x2e0 [ 28.074073] kunit_try_run_case+0x170/0x3f0 [ 28.074321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.074994] kthread+0x328/0x630 [ 28.075123] ret_from_fork+0x10/0x20 [ 28.075349] [ 28.075422] The buggy address belongs to the object at fff00000c5a80800 [ 28.075422] which belongs to the cache kmalloc-64 of size 64 [ 28.075574] The buggy address is located 0 bytes to the right of [ 28.075574] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.076005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.076203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.076906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.077040] page dumped because: kasan: bad access detected [ 28.077966] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.078080] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.078338] ^ [ 28.078711] ================================================================== [ 28.270765] ================================================================== [ 28.270861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 28.270973] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.271095] [ 28.271160] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.271357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.271450] Hardware name: linux,dummy-virt (DT) [ 28.272188] Call trace: [ 28.272278] show_stack+0x20/0x38 (C) [ 28.272443] dump_stack_lvl+0x8c/0xd0 [ 28.272684] print_report+0x118/0x608 [ 28.273022] kasan_report+0xdc/0x128 [ 28.273415] __asan_report_load8_noabort+0x20/0x30 [ 28.273715] kasan_atomics_helper+0x3f58/0x4858 [ 28.274067] kasan_atomics+0x198/0x2e0 [ 28.274193] kunit_try_run_case+0x170/0x3f0 [ 28.274317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.274478] kthread+0x328/0x630 [ 28.274596] ret_from_fork+0x10/0x20 [ 28.274758] [ 28.274867] Allocated by task 267: [ 28.274942] kasan_save_stack+0x3c/0x68 [ 28.275047] kasan_save_track+0x20/0x40 [ 28.275159] kasan_save_alloc_info+0x40/0x58 [ 28.275832] __kasan_kmalloc+0xd4/0xd8 [ 28.275960] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.276083] kasan_atomics+0xb8/0x2e0 [ 28.276763] kunit_try_run_case+0x170/0x3f0 [ 28.276973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.277301] kthread+0x328/0x630 [ 28.277436] ret_from_fork+0x10/0x20 [ 28.277831] [ 28.277945] The buggy address belongs to the object at fff00000c5a80800 [ 28.277945] which belongs to the cache kmalloc-64 of size 64 [ 28.278313] The buggy address is located 0 bytes to the right of [ 28.278313] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.278507] [ 28.278560] The buggy address belongs to the physical page: [ 28.278636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.278823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.278950] page_type: f5(slab) [ 28.279046] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.279268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.279400] page dumped because: kasan: bad access detected [ 28.279512] [ 28.279660] Memory state around the buggy address: [ 28.279815] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.280072] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.280209] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.280330] ^ [ 28.280461] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.281398] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.281503] ================================================================== [ 28.604784] ================================================================== [ 28.604882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 28.604990] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.605113] [ 28.605182] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.605401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.605475] Hardware name: linux,dummy-virt (DT) [ 28.605556] Call trace: [ 28.605608] show_stack+0x20/0x38 (C) [ 28.605734] dump_stack_lvl+0x8c/0xd0 [ 28.605856] print_report+0x118/0x608 [ 28.605971] kasan_report+0xdc/0x128 [ 28.606096] __asan_report_load8_noabort+0x20/0x30 [ 28.606239] kasan_atomics_helper+0x3df4/0x4858 [ 28.606366] kasan_atomics+0x198/0x2e0 [ 28.606771] kunit_try_run_case+0x170/0x3f0 [ 28.607315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.607534] kthread+0x328/0x630 [ 28.607682] ret_from_fork+0x10/0x20 [ 28.607809] [ 28.608182] Allocated by task 267: [ 28.608318] kasan_save_stack+0x3c/0x68 [ 28.608463] kasan_save_track+0x20/0x40 [ 28.608581] kasan_save_alloc_info+0x40/0x58 [ 28.608695] __kasan_kmalloc+0xd4/0xd8 [ 28.608799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.609038] kasan_atomics+0xb8/0x2e0 [ 28.609208] kunit_try_run_case+0x170/0x3f0 [ 28.609936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.610457] kthread+0x328/0x630 [ 28.610562] ret_from_fork+0x10/0x20 [ 28.610659] [ 28.611464] The buggy address belongs to the object at fff00000c5a80800 [ 28.611464] which belongs to the cache kmalloc-64 of size 64 [ 28.611635] The buggy address is located 0 bytes to the right of [ 28.611635] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.611824] [ 28.611887] The buggy address belongs to the physical page: [ 28.611973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.612823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.613603] page_type: f5(slab) [ 28.614037] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.614233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.614576] page dumped because: kasan: bad access detected [ 28.614766] [ 28.614873] Memory state around the buggy address: [ 28.614969] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.615147] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.615367] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.615500] ^ [ 28.615645] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.615777] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.616030] ================================================================== [ 28.353551] ================================================================== [ 28.353682] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 28.354401] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.354725] [ 28.354942] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.355271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.355430] Hardware name: linux,dummy-virt (DT) [ 28.355527] Call trace: [ 28.355589] show_stack+0x20/0x38 (C) [ 28.355717] dump_stack_lvl+0x8c/0xd0 [ 28.355860] print_report+0x118/0x608 [ 28.355983] kasan_report+0xdc/0x128 [ 28.356121] kasan_check_range+0x100/0x1a8 [ 28.356278] __kasan_check_write+0x20/0x30 [ 28.356773] kasan_atomics_helper+0xff0/0x4858 [ 28.356908] kasan_atomics+0x198/0x2e0 [ 28.357250] kunit_try_run_case+0x170/0x3f0 [ 28.357534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.357955] kthread+0x328/0x630 [ 28.358160] ret_from_fork+0x10/0x20 [ 28.358351] [ 28.358443] Allocated by task 267: [ 28.358942] kasan_save_stack+0x3c/0x68 [ 28.359053] kasan_save_track+0x20/0x40 [ 28.359151] kasan_save_alloc_info+0x40/0x58 [ 28.359255] __kasan_kmalloc+0xd4/0xd8 [ 28.359350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.359744] kasan_atomics+0xb8/0x2e0 [ 28.360063] kunit_try_run_case+0x170/0x3f0 [ 28.360235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.360633] kthread+0x328/0x630 [ 28.360751] ret_from_fork+0x10/0x20 [ 28.361071] [ 28.361136] The buggy address belongs to the object at fff00000c5a80800 [ 28.361136] which belongs to the cache kmalloc-64 of size 64 [ 28.361291] The buggy address is located 0 bytes to the right of [ 28.361291] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.361547] [ 28.361819] The buggy address belongs to the physical page: [ 28.362236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.362578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.363191] page_type: f5(slab) [ 28.363717] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.363860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.364986] page dumped because: kasan: bad access detected [ 28.365085] [ 28.365138] Memory state around the buggy address: [ 28.365225] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.365353] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.365492] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.365592] ^ [ 28.365678] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.365787] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.368985] ================================================================== [ 27.796762] ================================================================== [ 27.796883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 27.797005] Write of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 27.797133] [ 27.797420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.797494] Hardware name: linux,dummy-virt (DT) [ 27.797572] Call trace: [ 27.797718] show_stack+0x20/0x38 (C) [ 27.798358] __kasan_check_write+0x20/0x30 [ 27.798513] kasan_atomics_helper+0x32c/0x4858 [ 27.799482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.803354] kthread+0x328/0x630 [ 27.804240] [ 27.804598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 27.805855] page dumped because: kasan: bad access detected [ 27.807400] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.808556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 27.809339] Hardware name: linux,dummy-virt (DT) [ 27.810937] kunit_try_run_case+0x170/0x3f0 [ 27.813591] ret_from_fork+0x10/0x20 [ 27.815613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 27.818365] ================================================================== [ 28.501947] ================================================================== [ 28.502073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 28.502261] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.502676] [ 28.502762] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.503101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.503176] Hardware name: linux,dummy-virt (DT) [ 28.503256] Call trace: [ 28.503312] show_stack+0x20/0x38 (C) [ 28.503457] dump_stack_lvl+0x8c/0xd0 [ 28.503580] print_report+0x118/0x608 [ 28.503694] kasan_report+0xdc/0x128 [ 28.503810] kasan_check_range+0x100/0x1a8 [ 28.503927] __kasan_check_write+0x20/0x30 [ 28.504050] kasan_atomics_helper+0x1414/0x4858 [ 28.504186] kasan_atomics+0x198/0x2e0 [ 28.504305] kunit_try_run_case+0x170/0x3f0 [ 28.505235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.505437] kthread+0x328/0x630 [ 28.505916] ret_from_fork+0x10/0x20 [ 28.506369] [ 28.506486] Allocated by task 267: [ 28.506568] kasan_save_stack+0x3c/0x68 [ 28.506679] kasan_save_track+0x20/0x40 [ 28.506883] kasan_save_alloc_info+0x40/0x58 [ 28.507083] __kasan_kmalloc+0xd4/0xd8 [ 28.507193] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.507860] kasan_atomics+0xb8/0x2e0 [ 28.508423] kunit_try_run_case+0x170/0x3f0 [ 28.508603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.509224] kthread+0x328/0x630 [ 28.509434] ret_from_fork+0x10/0x20 [ 28.509551] [ 28.509605] The buggy address belongs to the object at fff00000c5a80800 [ 28.509605] which belongs to the cache kmalloc-64 of size 64 [ 28.510283] The buggy address is located 0 bytes to the right of [ 28.510283] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.510907] [ 28.511061] The buggy address belongs to the physical page: [ 28.511156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.511289] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.511741] page_type: f5(slab) [ 28.511899] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.512191] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.512424] page dumped because: kasan: bad access detected [ 28.513082] [ 28.513149] Memory state around the buggy address: [ 28.513239] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.513367] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.513506] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.513700] ^ [ 28.513788] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.513914] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.514205] ================================================================== [ 28.210741] ================================================================== [ 28.210851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 28.211145] Read of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.211342] [ 28.211464] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.211738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.211855] Hardware name: linux,dummy-virt (DT) [ 28.211935] Call trace: [ 28.211987] show_stack+0x20/0x38 (C) [ 28.212164] dump_stack_lvl+0x8c/0xd0 [ 28.212315] print_report+0x118/0x608 [ 28.212991] kasan_report+0xdc/0x128 [ 28.213225] __asan_report_load4_noabort+0x20/0x30 [ 28.213468] kasan_atomics_helper+0x3dd8/0x4858 [ 28.213623] kasan_atomics+0x198/0x2e0 [ 28.213945] kunit_try_run_case+0x170/0x3f0 [ 28.214197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.214352] kthread+0x328/0x630 [ 28.214711] ret_from_fork+0x10/0x20 [ 28.214878] [ 28.214999] Allocated by task 267: [ 28.215084] kasan_save_stack+0x3c/0x68 [ 28.215191] kasan_save_track+0x20/0x40 [ 28.215354] kasan_save_alloc_info+0x40/0x58 [ 28.215682] __kasan_kmalloc+0xd4/0xd8 [ 28.215908] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.216014] kasan_atomics+0xb8/0x2e0 [ 28.216162] kunit_try_run_case+0x170/0x3f0 [ 28.216292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.216756] kthread+0x328/0x630 [ 28.217066] ret_from_fork+0x10/0x20 [ 28.217264] [ 28.217363] The buggy address belongs to the object at fff00000c5a80800 [ 28.217363] which belongs to the cache kmalloc-64 of size 64 [ 28.217909] The buggy address is located 0 bytes to the right of [ 28.217909] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.218206] [ 28.218326] The buggy address belongs to the physical page: [ 28.218560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.218706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.218836] page_type: f5(slab) [ 28.218967] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.219167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.219469] page dumped because: kasan: bad access detected [ 28.219568] [ 28.219643] Memory state around the buggy address: [ 28.219727] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.219844] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.220013] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.220205] ^ [ 28.220959] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.221275] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.222619] ================================================================== [ 28.383341] ================================================================== [ 28.383629] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 28.383804] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.384068] [ 28.384253] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.384828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.385051] Hardware name: linux,dummy-virt (DT) [ 28.385136] Call trace: [ 28.385195] show_stack+0x20/0x38 (C) [ 28.385313] dump_stack_lvl+0x8c/0xd0 [ 28.385466] print_report+0x118/0x608 [ 28.385610] kasan_report+0xdc/0x128 [ 28.386316] kasan_check_range+0x100/0x1a8 [ 28.386478] __kasan_check_write+0x20/0x30 [ 28.386725] kasan_atomics_helper+0x10c0/0x4858 [ 28.386871] kasan_atomics+0x198/0x2e0 [ 28.387027] kunit_try_run_case+0x170/0x3f0 [ 28.387173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.387424] kthread+0x328/0x630 [ 28.387563] ret_from_fork+0x10/0x20 [ 28.388231] [ 28.388290] Allocated by task 267: [ 28.388481] kasan_save_stack+0x3c/0x68 [ 28.388592] kasan_save_track+0x20/0x40 [ 28.388732] kasan_save_alloc_info+0x40/0x58 [ 28.388839] __kasan_kmalloc+0xd4/0xd8 [ 28.389003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.389681] kasan_atomics+0xb8/0x2e0 [ 28.389847] kunit_try_run_case+0x170/0x3f0 [ 28.390065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.390283] kthread+0x328/0x630 [ 28.390421] ret_from_fork+0x10/0x20 [ 28.390775] [ 28.390890] The buggy address belongs to the object at fff00000c5a80800 [ 28.390890] which belongs to the cache kmalloc-64 of size 64 [ 28.391040] The buggy address is located 0 bytes to the right of [ 28.391040] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.391783] [ 28.392247] The buggy address belongs to the physical page: [ 28.392573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.393085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.393262] page_type: f5(slab) [ 28.393356] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.394409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.394558] page dumped because: kasan: bad access detected [ 28.394658] [ 28.395261] Memory state around the buggy address: [ 28.395393] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.396006] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.397292] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.397461] ^ [ 28.398105] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.398283] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.398565] ================================================================== [ 28.641929] ================================================================== [ 28.643875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 28.644007] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.644312] [ 28.644444] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.644849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.645185] Hardware name: linux,dummy-virt (DT) [ 28.645309] Call trace: [ 28.645633] show_stack+0x20/0x38 (C) [ 28.645976] dump_stack_lvl+0x8c/0xd0 [ 28.646105] print_report+0x118/0x608 [ 28.646259] kasan_report+0xdc/0x128 [ 28.646626] kasan_check_range+0x100/0x1a8 [ 28.646956] __kasan_check_write+0x20/0x30 [ 28.647088] kasan_atomics_helper+0x175c/0x4858 [ 28.647244] kasan_atomics+0x198/0x2e0 [ 28.647483] kunit_try_run_case+0x170/0x3f0 [ 28.647698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.647868] kthread+0x328/0x630 [ 28.648012] ret_from_fork+0x10/0x20 [ 28.648290] [ 28.648438] Allocated by task 267: [ 28.648535] kasan_save_stack+0x3c/0x68 [ 28.648694] kasan_save_track+0x20/0x40 [ 28.648813] kasan_save_alloc_info+0x40/0x58 [ 28.648981] __kasan_kmalloc+0xd4/0xd8 [ 28.649179] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.649392] kasan_atomics+0xb8/0x2e0 [ 28.649583] kunit_try_run_case+0x170/0x3f0 [ 28.649781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.649975] kthread+0x328/0x630 [ 28.650162] ret_from_fork+0x10/0x20 [ 28.650287] [ 28.650441] The buggy address belongs to the object at fff00000c5a80800 [ 28.650441] which belongs to the cache kmalloc-64 of size 64 [ 28.650643] The buggy address is located 0 bytes to the right of [ 28.650643] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.650863] [ 28.650935] The buggy address belongs to the physical page: [ 28.651026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.651159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.651334] page_type: f5(slab) [ 28.651558] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.651773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.651895] page dumped because: kasan: bad access detected [ 28.652139] [ 28.652195] Memory state around the buggy address: [ 28.652275] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.652410] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.652538] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.652642] ^ [ 28.652731] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.653528] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.653647] ================================================================== [ 28.239506] ================================================================== [ 28.239607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 28.239756] Read of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.239933] [ 28.240070] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.240585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.240667] Hardware name: linux,dummy-virt (DT) [ 28.240757] Call trace: [ 28.240931] show_stack+0x20/0x38 (C) [ 28.241521] dump_stack_lvl+0x8c/0xd0 [ 28.241838] print_report+0x118/0x608 [ 28.241976] kasan_report+0xdc/0x128 [ 28.242143] __asan_report_load4_noabort+0x20/0x30 [ 28.242445] kasan_atomics_helper+0x3e04/0x4858 [ 28.242809] kasan_atomics+0x198/0x2e0 [ 28.242938] kunit_try_run_case+0x170/0x3f0 [ 28.243091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.243289] kthread+0x328/0x630 [ 28.243435] ret_from_fork+0x10/0x20 [ 28.243653] [ 28.244047] Allocated by task 267: [ 28.244355] kasan_save_stack+0x3c/0x68 [ 28.244589] kasan_save_track+0x20/0x40 [ 28.244702] kasan_save_alloc_info+0x40/0x58 [ 28.245120] __kasan_kmalloc+0xd4/0xd8 [ 28.245326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.246008] kasan_atomics+0xb8/0x2e0 [ 28.246196] kunit_try_run_case+0x170/0x3f0 [ 28.246352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.246496] kthread+0x328/0x630 [ 28.246592] ret_from_fork+0x10/0x20 [ 28.246925] [ 28.246999] The buggy address belongs to the object at fff00000c5a80800 [ 28.246999] which belongs to the cache kmalloc-64 of size 64 [ 28.247210] The buggy address is located 0 bytes to the right of [ 28.247210] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.247371] [ 28.247444] The buggy address belongs to the physical page: [ 28.247517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.247672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.247794] page_type: f5(slab) [ 28.247891] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.248028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.248419] page dumped because: kasan: bad access detected [ 28.248545] [ 28.248604] Memory state around the buggy address: [ 28.248804] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.249309] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.249511] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.249755] ^ [ 28.249872] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.249998] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.250525] ================================================================== [ 28.616699] ================================================================== [ 28.616853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 28.616986] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.617460] [ 28.617549] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.617907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.618117] Hardware name: linux,dummy-virt (DT) [ 28.618262] Call trace: [ 28.618324] show_stack+0x20/0x38 (C) [ 28.618464] dump_stack_lvl+0x8c/0xd0 [ 28.618590] print_report+0x118/0x608 [ 28.618707] kasan_report+0xdc/0x128 [ 28.618818] kasan_check_range+0x100/0x1a8 [ 28.618939] __kasan_check_write+0x20/0x30 [ 28.619057] kasan_atomics_helper+0x16d0/0x4858 [ 28.619193] kasan_atomics+0x198/0x2e0 [ 28.619313] kunit_try_run_case+0x170/0x3f0 [ 28.619464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.619615] kthread+0x328/0x630 [ 28.619730] ret_from_fork+0x10/0x20 [ 28.619851] [ 28.619901] Allocated by task 267: [ 28.619972] kasan_save_stack+0x3c/0x68 [ 28.620093] kasan_save_track+0x20/0x40 [ 28.620217] kasan_save_alloc_info+0x40/0x58 [ 28.620419] __kasan_kmalloc+0xd4/0xd8 [ 28.620600] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.620721] kasan_atomics+0xb8/0x2e0 [ 28.620838] kunit_try_run_case+0x170/0x3f0 [ 28.620958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.621140] kthread+0x328/0x630 [ 28.621290] ret_from_fork+0x10/0x20 [ 28.621402] [ 28.621462] The buggy address belongs to the object at fff00000c5a80800 [ 28.621462] which belongs to the cache kmalloc-64 of size 64 [ 28.623106] The buggy address is located 0 bytes to the right of [ 28.623106] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.624615] [ 28.624682] The buggy address belongs to the physical page: [ 28.624768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.625447] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.625619] page_type: f5(slab) [ 28.625744] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.625886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.626006] page dumped because: kasan: bad access detected [ 28.626609] [ 28.626680] Memory state around the buggy address: [ 28.626872] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.627011] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.627187] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.627483] ^ [ 28.627577] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.627689] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.627790] ================================================================== [ 28.036813] ================================================================== [ 28.036955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 28.037106] Write of size 4 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.037253] [ 28.037322] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.037599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.037688] Hardware name: linux,dummy-virt (DT) [ 28.037921] Call trace: [ 28.037985] show_stack+0x20/0x38 (C) [ 28.038115] dump_stack_lvl+0x8c/0xd0 [ 28.038340] print_report+0x118/0x608 [ 28.038539] kasan_report+0xdc/0x128 [ 28.038794] kasan_check_range+0x100/0x1a8 [ 28.039143] __kasan_check_write+0x20/0x30 [ 28.039451] kasan_atomics_helper+0x99c/0x4858 [ 28.039604] kasan_atomics+0x198/0x2e0 [ 28.039720] kunit_try_run_case+0x170/0x3f0 [ 28.039861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.040212] kthread+0x328/0x630 [ 28.040823] ret_from_fork+0x10/0x20 [ 28.041004] [ 28.041067] Allocated by task 267: [ 28.041472] kasan_save_stack+0x3c/0x68 [ 28.041611] kasan_save_track+0x20/0x40 [ 28.041782] kasan_save_alloc_info+0x40/0x58 [ 28.041889] __kasan_kmalloc+0xd4/0xd8 [ 28.041989] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.042124] kasan_atomics+0xb8/0x2e0 [ 28.042424] kunit_try_run_case+0x170/0x3f0 [ 28.043139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.043453] kthread+0x328/0x630 [ 28.043612] ret_from_fork+0x10/0x20 [ 28.043835] [ 28.043892] The buggy address belongs to the object at fff00000c5a80800 [ 28.043892] which belongs to the cache kmalloc-64 of size 64 [ 28.044182] The buggy address is located 0 bytes to the right of [ 28.044182] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.044474] [ 28.044555] The buggy address belongs to the physical page: [ 28.044673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.045404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.046926] ================================================================== [ 28.558038] ================================================================== [ 28.558142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 28.558441] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.558805] [ 28.558991] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.559461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.559550] Hardware name: linux,dummy-virt (DT) [ 28.559646] Call trace: [ 28.560017] show_stack+0x20/0x38 (C) [ 28.560169] dump_stack_lvl+0x8c/0xd0 [ 28.560669] print_report+0x118/0x608 [ 28.560793] kasan_report+0xdc/0x128 [ 28.561306] kasan_check_range+0x100/0x1a8 [ 28.561814] __kasan_check_write+0x20/0x30 [ 28.562722] kasan_atomics_helper+0x15b4/0x4858 [ 28.562873] kasan_atomics+0x198/0x2e0 [ 28.563070] kunit_try_run_case+0x170/0x3f0 [ 28.563202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.563481] kthread+0x328/0x630 [ 28.563626] ret_from_fork+0x10/0x20 [ 28.564039] [ 28.564238] Allocated by task 267: [ 28.564699] kasan_save_stack+0x3c/0x68 [ 28.564951] kasan_save_track+0x20/0x40 [ 28.565091] kasan_save_alloc_info+0x40/0x58 [ 28.565196] __kasan_kmalloc+0xd4/0xd8 [ 28.565568] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.565693] kasan_atomics+0xb8/0x2e0 [ 28.565844] kunit_try_run_case+0x170/0x3f0 [ 28.565986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.566106] kthread+0x328/0x630 [ 28.566629] ret_from_fork+0x10/0x20 [ 28.566833] [ 28.566884] The buggy address belongs to the object at fff00000c5a80800 [ 28.566884] which belongs to the cache kmalloc-64 of size 64 [ 28.567704] The buggy address is located 0 bytes to the right of [ 28.567704] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.567891] [ 28.567948] The buggy address belongs to the physical page: [ 28.568782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.568983] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.569188] page_type: f5(slab) [ 28.569688] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.569830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.569938] page dumped because: kasan: bad access detected [ 28.570021] [ 28.570074] Memory state around the buggy address: [ 28.570152] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.571267] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.571555] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.571683] ^ [ 28.571771] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.571885] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.572148] ================================================================== [ 28.588891] ================================================================== [ 28.588995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 28.589104] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.589227] [ 28.589306] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.589882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.590088] Hardware name: linux,dummy-virt (DT) [ 28.590174] Call trace: [ 28.590230] show_stack+0x20/0x38 (C) [ 28.590650] dump_stack_lvl+0x8c/0xd0 [ 28.590801] print_report+0x118/0x608 [ 28.590924] kasan_report+0xdc/0x128 [ 28.591457] kasan_check_range+0x100/0x1a8 [ 28.592103] __kasan_check_write+0x20/0x30 [ 28.592309] kasan_atomics_helper+0x1644/0x4858 [ 28.592476] kasan_atomics+0x198/0x2e0 [ 28.592674] kunit_try_run_case+0x170/0x3f0 [ 28.592809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.593153] kthread+0x328/0x630 [ 28.593308] ret_from_fork+0x10/0x20 [ 28.594139] [ 28.594205] Allocated by task 267: [ 28.594308] kasan_save_stack+0x3c/0x68 [ 28.594966] kasan_save_track+0x20/0x40 [ 28.595234] kasan_save_alloc_info+0x40/0x58 [ 28.595483] __kasan_kmalloc+0xd4/0xd8 [ 28.595587] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.595930] kasan_atomics+0xb8/0x2e0 [ 28.596925] kunit_try_run_case+0x170/0x3f0 [ 28.597245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.597401] kthread+0x328/0x630 [ 28.597906] ret_from_fork+0x10/0x20 [ 28.598068] [ 28.598162] The buggy address belongs to the object at fff00000c5a80800 [ 28.598162] which belongs to the cache kmalloc-64 of size 64 [ 28.598308] The buggy address is located 0 bytes to the right of [ 28.598308] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.598487] [ 28.598729] The buggy address belongs to the physical page: [ 28.599217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.599441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.599649] page_type: f5(slab) [ 28.599786] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.600244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.600471] page dumped because: kasan: bad access detected [ 28.601291] [ 28.601465] Memory state around the buggy address: [ 28.601583] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602359] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602757] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.603348] ^ [ 28.603501] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.604171] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.604270] ================================================================== [ 28.572512] ================================================================== [ 28.572620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 28.572747] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.572898] [ 28.573008] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.573233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.573861] Hardware name: linux,dummy-virt (DT) [ 28.574748] Call trace: [ 28.574818] show_stack+0x20/0x38 (C) [ 28.575573] dump_stack_lvl+0x8c/0xd0 [ 28.575705] print_report+0x118/0x608 [ 28.575826] kasan_report+0xdc/0x128 [ 28.575941] __asan_report_load8_noabort+0x20/0x30 [ 28.576070] kasan_atomics_helper+0x3db0/0x4858 [ 28.576210] kasan_atomics+0x198/0x2e0 [ 28.576330] kunit_try_run_case+0x170/0x3f0 [ 28.576488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.576632] kthread+0x328/0x630 [ 28.576747] ret_from_fork+0x10/0x20 [ 28.576866] [ 28.576916] Allocated by task 267: [ 28.576984] kasan_save_stack+0x3c/0x68 [ 28.580121] kasan_save_track+0x20/0x40 [ 28.580250] kasan_save_alloc_info+0x40/0x58 [ 28.580427] __kasan_kmalloc+0xd4/0xd8 [ 28.580552] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.580674] kasan_atomics+0xb8/0x2e0 [ 28.580784] kunit_try_run_case+0x170/0x3f0 [ 28.580945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.581330] kthread+0x328/0x630 [ 28.581446] ret_from_fork+0x10/0x20 [ 28.582128] [ 28.583014] The buggy address belongs to the object at fff00000c5a80800 [ 28.583014] which belongs to the cache kmalloc-64 of size 64 [ 28.583433] The buggy address is located 0 bytes to the right of [ 28.583433] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.584808] [ 28.584900] The buggy address belongs to the physical page: [ 28.584982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.585289] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.585430] page_type: f5(slab) [ 28.585529] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.585673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.585907] page dumped because: kasan: bad access detected [ 28.585990] [ 28.586066] Memory state around the buggy address: [ 28.586252] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.586481] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.586618] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.586741] ^ [ 28.587361] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.587944] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.588058] ================================================================== [ 28.370357] ================================================================== [ 28.371643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 28.372138] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.372504] [ 28.376200] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.376459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.376542] Hardware name: linux,dummy-virt (DT) [ 28.376617] Call trace: [ 28.376647] show_stack+0x20/0x38 (C) [ 28.376711] dump_stack_lvl+0x8c/0xd0 [ 28.376773] print_report+0x118/0x608 [ 28.376832] kasan_report+0xdc/0x128 [ 28.376892] kasan_check_range+0x100/0x1a8 [ 28.376953] __kasan_check_write+0x20/0x30 [ 28.377012] kasan_atomics_helper+0x1058/0x4858 [ 28.377072] kasan_atomics+0x198/0x2e0 [ 28.377127] kunit_try_run_case+0x170/0x3f0 [ 28.377192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.377263] kthread+0x328/0x630 [ 28.377319] ret_from_fork+0x10/0x20 [ 28.377404] [ 28.377432] Allocated by task 267: [ 28.377467] kasan_save_stack+0x3c/0x68 [ 28.377522] kasan_save_track+0x20/0x40 [ 28.377569] kasan_save_alloc_info+0x40/0x58 [ 28.377620] __kasan_kmalloc+0xd4/0xd8 [ 28.377663] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.377713] kasan_atomics+0xb8/0x2e0 [ 28.377756] kunit_try_run_case+0x170/0x3f0 [ 28.377810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.377871] kthread+0x328/0x630 [ 28.377920] ret_from_fork+0x10/0x20 [ 28.377969] [ 28.377995] The buggy address belongs to the object at fff00000c5a80800 [ 28.377995] which belongs to the cache kmalloc-64 of size 64 [ 28.378067] The buggy address is located 0 bytes to the right of [ 28.378067] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.378146] [ 28.378171] The buggy address belongs to the physical page: [ 28.378209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.378271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.378331] page_type: f5(slab) [ 28.378422] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.378657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.379183] page dumped because: kasan: bad access detected [ 28.379294] [ 28.379346] Memory state around the buggy address: [ 28.379436] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.379931] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.380051] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.380158] ^ [ 28.380242] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.380355] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.382004] ================================================================== [ 28.007217] ================================================================== [ 28.007407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 28.013522] kthread+0x328/0x630 [ 28.014651] [ 28.015453] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.022334] show_stack+0x20/0x38 (C) [ 28.024375] dump_stack_lvl+0x8c/0xd0 [ 28.024582] print_report+0x118/0x608 [ 28.025598] kasan_report+0xdc/0x128 [ 28.025770] kasan_check_range+0x100/0x1a8 [ 28.025909] __kasan_check_write+0x20/0x30 [ 28.026088] kasan_atomics_helper+0x934/0x4858 [ 28.026179] kasan_atomics+0x198/0x2e0 [ 28.026310] kunit_try_run_case+0x170/0x3f0 [ 28.026469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.026609] kthread+0x328/0x630 [ 28.026740] ret_from_fork+0x10/0x20 [ 28.026884] [ 28.026937] Allocated by task 267: [ 28.027010] kasan_save_stack+0x3c/0x68 [ 28.027158] kasan_save_track+0x20/0x40 [ 28.027400] kasan_save_alloc_info+0x40/0x58 [ 28.028525] __kasan_kmalloc+0xd4/0xd8 [ 28.028632] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.029584] kasan_atomics+0xb8/0x2e0 [ 28.029890] kunit_try_run_case+0x170/0x3f0 [ 28.031013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.032190] kthread+0x328/0x630 [ 28.032481] ret_from_fork+0x10/0x20 [ 28.032598] [ 28.032666] The buggy address belongs to the object at fff00000c5a80800 [ 28.032666] which belongs to the cache kmalloc-64 of size 64 [ 28.033459] The buggy address is located 0 bytes to the right of [ 28.033459] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.033651] [ 28.033720] The buggy address belongs to the physical page: [ 28.033794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.033933] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.034061] page_type: f5(slab) [ 28.034169] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.034321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.034483] page dumped because: kasan: bad access detected [ 28.034578] [ 28.034634] Memory state around the buggy address: [ 28.034714] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.034833] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.034951] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.035065] ^ [ 28.035155] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.035270] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.035373] ================================================================== [ 28.320590] ================================================================== [ 28.320691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 28.320795] Write of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.320925] [ 28.321002] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.321221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.321454] Hardware name: linux,dummy-virt (DT) [ 28.323935] Call trace: [ 28.324500] show_stack+0x20/0x38 (C) [ 28.325021] dump_stack_lvl+0x8c/0xd0 [ 28.325347] print_report+0x118/0x608 [ 28.325771] kasan_report+0xdc/0x128 [ 28.325997] kasan_check_range+0x100/0x1a8 [ 28.326135] __kasan_check_write+0x20/0x30 [ 28.326344] kasan_atomics_helper+0xf20/0x4858 [ 28.326977] kasan_atomics+0x198/0x2e0 [ 28.327374] kunit_try_run_case+0x170/0x3f0 [ 28.328058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.328288] kthread+0x328/0x630 [ 28.328428] ret_from_fork+0x10/0x20 [ 28.328559] [ 28.328610] Allocated by task 267: [ 28.328712] kasan_save_stack+0x3c/0x68 [ 28.328989] kasan_save_track+0x20/0x40 [ 28.329101] kasan_save_alloc_info+0x40/0x58 [ 28.329445] __kasan_kmalloc+0xd4/0xd8 [ 28.329595] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.329704] kasan_atomics+0xb8/0x2e0 [ 28.331475] kunit_try_run_case+0x170/0x3f0 [ 28.331611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.331751] kthread+0x328/0x630 [ 28.331868] ret_from_fork+0x10/0x20 [ 28.331982] [ 28.332045] The buggy address belongs to the object at fff00000c5a80800 [ 28.332045] which belongs to the cache kmalloc-64 of size 64 [ 28.332222] The buggy address is located 0 bytes to the right of [ 28.332222] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.332405] [ 28.332473] The buggy address belongs to the physical page: [ 28.332578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.332766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.333071] page_type: f5(slab) [ 28.333234] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.333457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.333848] page dumped because: kasan: bad access detected [ 28.334159] [ 28.334216] Memory state around the buggy address: [ 28.334312] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.334628] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.334770] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.335012] ^ [ 28.335347] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.335495] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.335608] ================================================================== [ 28.628460] ================================================================== [ 28.628965] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 28.629082] Read of size 8 at addr fff00000c5a80830 by task kunit_try_catch/267 [ 28.629209] [ 28.629309] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 28.629586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.629849] Hardware name: linux,dummy-virt (DT) [ 28.629959] Call trace: [ 28.630019] show_stack+0x20/0x38 (C) [ 28.630141] dump_stack_lvl+0x8c/0xd0 [ 28.630266] print_report+0x118/0x608 [ 28.630402] kasan_report+0xdc/0x128 [ 28.631486] __asan_report_load8_noabort+0x20/0x30 [ 28.631675] kasan_atomics_helper+0x3e10/0x4858 [ 28.631777] kasan_atomics+0x198/0x2e0 [ 28.631840] kunit_try_run_case+0x170/0x3f0 [ 28.631903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.631975] kthread+0x328/0x630 [ 28.632034] ret_from_fork+0x10/0x20 [ 28.632106] [ 28.633237] Allocated by task 267: [ 28.633321] kasan_save_stack+0x3c/0x68 [ 28.633457] kasan_save_track+0x20/0x40 [ 28.633567] kasan_save_alloc_info+0x40/0x58 [ 28.633676] __kasan_kmalloc+0xd4/0xd8 [ 28.633804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.633867] kasan_atomics+0xb8/0x2e0 [ 28.633944] kunit_try_run_case+0x170/0x3f0 [ 28.634117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.634272] kthread+0x328/0x630 [ 28.634590] ret_from_fork+0x10/0x20 [ 28.634760] [ 28.634819] The buggy address belongs to the object at fff00000c5a80800 [ 28.634819] which belongs to the cache kmalloc-64 of size 64 [ 28.635225] The buggy address is located 0 bytes to the right of [ 28.635225] allocated 48-byte region [fff00000c5a80800, fff00000c5a80830) [ 28.635899] [ 28.635978] The buggy address belongs to the physical page: [ 28.636256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a80 [ 28.636427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.637325] page_type: f5(slab) [ 28.637468] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.637911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.638084] page dumped because: kasan: bad access detected [ 28.638693] [ 28.638772] Memory state around the buggy address: [ 28.639135] fff00000c5a80700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.639490] fff00000c5a80780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.639615] >fff00000c5a80800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.639948] ^ [ 28.640371] fff00000c5a80880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.640639] fff00000c5a80900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.640757] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 27.507442] ================================================================== [ 27.509212] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 27.510302] [ 27.510760] Call trace: [ 27.511765] __asan_report_load8_noabort+0x20/0x30 [ 27.512553] kunit_try_run_case+0x170/0x3f0 [ 27.513660] Allocated by task 263: [ 27.514310] __kasan_kmalloc+0xd4/0xd8 [ 27.516117] [ 27.516184] The buggy address belongs to the physical page: [ 27.516549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.517997] ^ [ 27.519686] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 27.428788] ================================================================== [ 27.428901] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 27.429207] Read of size 1 at addr fff00000c5a7ce50 by task kunit_try_catch/261 [ 27.429337] [ 27.429422] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.429662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.429733] Hardware name: linux,dummy-virt (DT) [ 27.429814] Call trace: [ 27.429874] show_stack+0x20/0x38 (C) [ 27.429993] dump_stack_lvl+0x8c/0xd0 [ 27.430141] print_report+0x118/0x608 [ 27.430274] kasan_report+0xdc/0x128 [ 27.430870] __asan_report_load1_noabort+0x20/0x30 [ 27.431285] strlen+0xa8/0xb0 [ 27.431434] kasan_strings+0x418/0xb00 [ 27.431565] kunit_try_run_case+0x170/0x3f0 [ 27.431686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.431824] kthread+0x328/0x630 [ 27.431947] ret_from_fork+0x10/0x20 [ 27.432067] [ 27.432176] Allocated by task 261: [ 27.432591] kasan_save_stack+0x3c/0x68 [ 27.432709] kasan_save_track+0x20/0x40 [ 27.432809] kasan_save_alloc_info+0x40/0x58 [ 27.432913] __kasan_kmalloc+0xd4/0xd8 [ 27.433002] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.433114] kasan_strings+0xc8/0xb00 [ 27.433258] kunit_try_run_case+0x170/0x3f0 [ 27.433399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.433719] kthread+0x328/0x630 [ 27.433834] ret_from_fork+0x10/0x20 [ 27.433991] [ 27.434346] Freed by task 261: [ 27.434447] kasan_save_stack+0x3c/0x68 [ 27.434613] kasan_save_track+0x20/0x40 [ 27.434941] kasan_save_free_info+0x4c/0x78 [ 27.435669] __kasan_slab_free+0x6c/0x98 [ 27.435778] kfree+0x214/0x3c8 [ 27.436142] kasan_strings+0x24c/0xb00 [ 27.436270] kunit_try_run_case+0x170/0x3f0 [ 27.436897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.437105] kthread+0x328/0x630 [ 27.437203] ret_from_fork+0x10/0x20 [ 27.437308] [ 27.437361] The buggy address belongs to the object at fff00000c5a7ce40 [ 27.437361] which belongs to the cache kmalloc-32 of size 32 [ 27.437931] [ 27.440787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 27.414153] ================================================================== [ 27.414256] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 27.414376] Read of size 1 at addr fff00000c5a7ce50 by task kunit_try_catch/261 [ 27.414734] [ 27.414833] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.415290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.415568] Hardware name: linux,dummy-virt (DT) [ 27.415949] Call trace: [ 27.416018] show_stack+0x20/0x38 (C) [ 27.416154] dump_stack_lvl+0x8c/0xd0 [ 27.416344] print_report+0x118/0x608 [ 27.416499] kasan_report+0xdc/0x128 [ 27.416806] __asan_report_load1_noabort+0x20/0x30 [ 27.416948] kasan_strings+0x95c/0xb00 [ 27.417097] kunit_try_run_case+0x170/0x3f0 [ 27.417454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.417700] kthread+0x328/0x630 [ 27.417818] ret_from_fork+0x10/0x20 [ 27.417996] [ 27.418159] Allocated by task 261: [ 27.418239] kasan_save_stack+0x3c/0x68 [ 27.418390] kasan_save_track+0x20/0x40 [ 27.418510] kasan_save_alloc_info+0x40/0x58 [ 27.418714] __kasan_kmalloc+0xd4/0xd8 [ 27.418860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.418984] kasan_strings+0xc8/0xb00 [ 27.419181] kunit_try_run_case+0x170/0x3f0 [ 27.419345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.419503] kthread+0x328/0x630 [ 27.419773] ret_from_fork+0x10/0x20 [ 27.419949] [ 27.420033] Freed by task 261: [ 27.420462] kasan_save_stack+0x3c/0x68 [ 27.420579] kasan_save_track+0x20/0x40 [ 27.420909] kasan_save_free_info+0x4c/0x78 [ 27.421495] __kasan_slab_free+0x6c/0x98 [ 27.421651] kfree+0x214/0x3c8 [ 27.421795] kasan_strings+0x24c/0xb00 [ 27.422059] kunit_try_run_case+0x170/0x3f0 [ 27.422405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.422761] kthread+0x328/0x630 [ 27.422983] ret_from_fork+0x10/0x20 [ 27.423231] [ 27.423310] The buggy address belongs to the object at fff00000c5a7ce40 [ 27.423310] which belongs to the cache kmalloc-32 of size 32 [ 27.423474] The buggy address is located 16 bytes inside of [ 27.423474] freed 32-byte region [fff00000c5a7ce40, fff00000c5a7ce60) [ 27.423630] [ 27.423685] The buggy address belongs to the physical page: [ 27.423818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7c [ 27.423968] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.424102] page_type: f5(slab) [ 27.424594] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 27.424838] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 27.424948] page dumped because: kasan: bad access detected [ 27.425246] [ 27.425348] Memory state around the buggy address: [ 27.425608] fff00000c5a7cd00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.425807] fff00000c5a7cd80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.426023] >fff00000c5a7ce00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.426270] ^ [ 27.426474] fff00000c5a7ce80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.426709] fff00000c5a7cf00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.426964] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 27.402897] ================================================================== [ 27.403015] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 27.403141] Read of size 1 at addr fff00000c5a7ce50 by task kunit_try_catch/261 [ 27.403276] [ 27.403620] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.403864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.403943] Hardware name: linux,dummy-virt (DT) [ 27.404042] Call trace: [ 27.404081] show_stack+0x20/0x38 (C) [ 27.404273] dump_stack_lvl+0x8c/0xd0 [ 27.404437] print_report+0x118/0x608 [ 27.404702] kasan_report+0xdc/0x128 [ 27.404978] __asan_report_load1_noabort+0x20/0x30 [ 27.405191] strcmp+0xc0/0xc8 [ 27.405319] kasan_strings+0x340/0xb00 [ 27.405603] kunit_try_run_case+0x170/0x3f0 [ 27.405981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.406133] kthread+0x328/0x630 [ 27.406304] ret_from_fork+0x10/0x20 [ 27.406648] [ 27.406709] Allocated by task 261: [ 27.406873] kasan_save_stack+0x3c/0x68 [ 27.407026] kasan_save_track+0x20/0x40 [ 27.407199] kasan_save_alloc_info+0x40/0x58 [ 27.407297] __kasan_kmalloc+0xd4/0xd8 [ 27.407412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.407536] kasan_strings+0xc8/0xb00 [ 27.407726] kunit_try_run_case+0x170/0x3f0 [ 27.407883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.408019] kthread+0x328/0x630 [ 27.408141] ret_from_fork+0x10/0x20 [ 27.408261] [ 27.408320] Freed by task 261: [ 27.408500] kasan_save_stack+0x3c/0x68 [ 27.408617] kasan_save_track+0x20/0x40 [ 27.408737] kasan_save_free_info+0x4c/0x78 [ 27.408902] __kasan_slab_free+0x6c/0x98 [ 27.409018] kfree+0x214/0x3c8 [ 27.409142] kasan_strings+0x24c/0xb00 [ 27.409261] kunit_try_run_case+0x170/0x3f0 [ 27.409417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.409608] kthread+0x328/0x630 [ 27.409767] ret_from_fork+0x10/0x20 [ 27.409892] [ 27.409950] The buggy address belongs to the object at fff00000c5a7ce40 [ 27.409950] which belongs to the cache kmalloc-32 of size 32 [ 27.410122] The buggy address is located 16 bytes inside of [ 27.410122] freed 32-byte region [fff00000c5a7ce40, fff00000c5a7ce60) [ 27.410478] [ 27.410554] The buggy address belongs to the physical page: [ 27.410677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7c [ 27.411018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.411167] page_type: f5(slab) [ 27.411360] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 27.411566] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 27.411688] page dumped because: kasan: bad access detected [ 27.411786] [ 27.411841] Memory state around the buggy address: [ 27.411923] fff00000c5a7cd00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.412042] fff00000c5a7cd80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.412161] >fff00000c5a7ce00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.412280] ^ [ 27.412603] fff00000c5a7ce80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.412831] fff00000c5a7cf00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.412943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 27.364556] ================================================================== [ 27.365975] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 27.366501] Read of size 1 at addr fff00000c5a7cc98 by task kunit_try_catch/259 [ 27.366654] [ 27.367582] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.368010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.368084] Hardware name: linux,dummy-virt (DT) [ 27.368648] Call trace: [ 27.368812] show_stack+0x20/0x38 (C) [ 27.369010] dump_stack_lvl+0x8c/0xd0 [ 27.369148] print_report+0x118/0x608 [ 27.369374] kasan_report+0xdc/0x128 [ 27.369581] __asan_report_load1_noabort+0x20/0x30 [ 27.369744] memcmp+0x198/0x1d8 [ 27.370053] kasan_memcmp+0x16c/0x300 [ 27.370453] kunit_try_run_case+0x170/0x3f0 [ 27.370622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.370766] kthread+0x328/0x630 [ 27.370886] ret_from_fork+0x10/0x20 [ 27.371016] [ 27.371063] Allocated by task 259: [ 27.371148] kasan_save_stack+0x3c/0x68 [ 27.371417] kasan_save_track+0x20/0x40 [ 27.371573] kasan_save_alloc_info+0x40/0x58 [ 27.371730] __kasan_kmalloc+0xd4/0xd8 [ 27.371843] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.371969] kasan_memcmp+0xbc/0x300 [ 27.372104] kunit_try_run_case+0x170/0x3f0 [ 27.372625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.372773] kthread+0x328/0x630 [ 27.372881] ret_from_fork+0x10/0x20 [ 27.373763] [ 27.374006] The buggy address belongs to the object at fff00000c5a7cc80 [ 27.374006] which belongs to the cache kmalloc-32 of size 32 [ 27.374472] The buggy address is located 0 bytes to the right of [ 27.374472] allocated 24-byte region [fff00000c5a7cc80, fff00000c5a7cc98) [ 27.375206] [ 27.375264] The buggy address belongs to the physical page: [ 27.375346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7c [ 27.376145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.376415] page_type: f5(slab) [ 27.376676] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 27.376817] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.376930] page dumped because: kasan: bad access detected [ 27.377025] [ 27.377076] Memory state around the buggy address: [ 27.377608] fff00000c5a7cb80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 27.378184] fff00000c5a7cc00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.378588] >fff00000c5a7cc80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.379299] ^ [ 27.379400] fff00000c5a7cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.379520] fff00000c5a7cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.380106] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 27.322943] ================================================================== [ 27.323065] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 27.323200] Read of size 1 at addr ffff800080a17b4a by task kunit_try_catch/255 [ 27.323317] [ 27.323418] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.323724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.323798] Hardware name: linux,dummy-virt (DT) [ 27.323889] Call trace: [ 27.323997] show_stack+0x20/0x38 (C) [ 27.324216] dump_stack_lvl+0x8c/0xd0 [ 27.324361] print_report+0x310/0x608 [ 27.324675] kasan_report+0xdc/0x128 [ 27.324940] __asan_report_load1_noabort+0x20/0x30 [ 27.325304] kasan_alloca_oob_right+0x2dc/0x340 [ 27.325502] kunit_try_run_case+0x170/0x3f0 [ 27.325652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.325850] kthread+0x328/0x630 [ 27.326055] ret_from_fork+0x10/0x20 [ 27.326254] [ 27.326516] The buggy address belongs to stack of task kunit_try_catch/255 [ 27.326950] [ 27.327021] The buggy address belongs to the virtual mapping at [ 27.327021] [ffff800080a10000, ffff800080a19000) created by: [ 27.327021] kernel_clone+0x150/0x7a8 [ 27.327664] [ 27.327743] The buggy address belongs to the physical page: [ 27.327839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a69 [ 27.328021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.328286] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.329515] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.329817] page dumped because: kasan: bad access detected [ 27.329915] [ 27.329986] Memory state around the buggy address: [ 27.330141] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.330261] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.330395] >ffff800080a17b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 27.330503] ^ [ 27.330606] ffff800080a17b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 27.330947] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 27.331081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 27.296367] ================================================================== [ 27.296571] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 27.296823] Read of size 1 at addr ffff800080a17b5f by task kunit_try_catch/253 [ 27.297035] [ 27.297140] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.297425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.297505] Hardware name: linux,dummy-virt (DT) [ 27.297585] Call trace: [ 27.297645] show_stack+0x20/0x38 (C) [ 27.297772] dump_stack_lvl+0x8c/0xd0 [ 27.297895] print_report+0x310/0x608 [ 27.298023] kasan_report+0xdc/0x128 [ 27.298139] __asan_report_load1_noabort+0x20/0x30 [ 27.298268] kasan_alloca_oob_left+0x2b8/0x310 [ 27.298406] kunit_try_run_case+0x170/0x3f0 [ 27.298552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.298763] kthread+0x328/0x630 [ 27.298972] ret_from_fork+0x10/0x20 [ 27.299110] [ 27.299251] The buggy address belongs to stack of task kunit_try_catch/253 [ 27.299559] [ 27.299664] The buggy address belongs to the virtual mapping at [ 27.299664] [ffff800080a10000, ffff800080a19000) created by: [ 27.299664] kernel_clone+0x150/0x7a8 [ 27.300087] [ 27.300196] The buggy address belongs to the physical page: [ 27.300478] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a69 [ 27.300808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.300967] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.301170] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.301314] page dumped because: kasan: bad access detected [ 27.301566] [ 27.301613] Memory state around the buggy address: [ 27.301691] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.301854] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.302048] >ffff800080a17b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 27.302149] ^ [ 27.302244] ffff800080a17b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 27.302351] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 27.302500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 27.263348] ================================================================== [ 27.263524] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 27.263681] Read of size 1 at addr ffff800080a17c2a by task kunit_try_catch/251 [ 27.263825] [ 27.263921] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.264436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.264572] Hardware name: linux,dummy-virt (DT) [ 27.264671] Call trace: [ 27.264731] show_stack+0x20/0x38 (C) [ 27.264870] dump_stack_lvl+0x8c/0xd0 [ 27.265729] print_report+0x310/0x608 [ 27.265910] kasan_report+0xdc/0x128 [ 27.266726] __asan_report_load1_noabort+0x20/0x30 [ 27.267220] kasan_stack_oob+0x238/0x270 [ 27.267344] kunit_try_run_case+0x170/0x3f0 [ 27.267485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.267618] kthread+0x328/0x630 [ 27.268197] ret_from_fork+0x10/0x20 [ 27.268472] [ 27.269369] The buggy address belongs to stack of task kunit_try_catch/251 [ 27.269978] and is located at offset 138 in frame: [ 27.270073] kasan_stack_oob+0x0/0x270 [ 27.270327] [ 27.270420] This frame has 4 objects: [ 27.272749] [48, 49) '__assertion' [ 27.273222] [64, 72) 'array' [ 27.273312] [96, 112) '__assertion' [ 27.274448] [128, 138) 'stack_array' [ 27.274575] [ 27.274675] The buggy address belongs to the virtual mapping at [ 27.274675] [ffff800080a10000, ffff800080a19000) created by: [ 27.274675] kernel_clone+0x150/0x7a8 [ 27.276165] [ 27.276224] The buggy address belongs to the physical page: [ 27.276314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a69 [ 27.276473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.276956] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.277703] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.277839] page dumped because: kasan: bad access detected [ 27.278566] [ 27.278623] Memory state around the buggy address: [ 27.278779] ffff800080a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.278905] ffff800080a17b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 27.279494] >ffff800080a17c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 27.280302] ^ [ 27.280471] ffff800080a17c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 27.281062] ffff800080a17d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 27.281174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 27.210950] ================================================================== [ 27.211119] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 27.211437] Read of size 1 at addr ffffad8ebc4035ad by task kunit_try_catch/247 [ 27.211578] [ 27.211685] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.212511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.212796] Hardware name: linux,dummy-virt (DT) [ 27.212908] Call trace: [ 27.212971] show_stack+0x20/0x38 (C) [ 27.213171] dump_stack_lvl+0x8c/0xd0 [ 27.213413] print_report+0x310/0x608 [ 27.214090] kasan_report+0xdc/0x128 [ 27.214323] __asan_report_load1_noabort+0x20/0x30 [ 27.214514] kasan_global_oob_right+0x230/0x270 [ 27.214660] kunit_try_run_case+0x170/0x3f0 [ 27.214799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.214982] kthread+0x328/0x630 [ 27.215101] ret_from_fork+0x10/0x20 [ 27.215234] [ 27.215363] The buggy address belongs to the variable: [ 27.215474] global_array+0xd/0x40 [ 27.215598] [ 27.215737] The buggy address belongs to the virtual mapping at [ 27.215737] [ffffad8eba620000, ffffad8ebc4c1000) created by: [ 27.215737] paging_init+0x66c/0x7d0 [ 27.215950] [ 27.216786] The buggy address belongs to the physical page: [ 27.216886] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c03 [ 27.217022] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 27.217452] raw: 03fffe0000002000 ffffc1ffc01f00c8 ffffc1ffc01f00c8 0000000000000000 [ 27.217715] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.217932] page dumped because: kasan: bad access detected [ 27.218094] [ 27.218228] Memory state around the buggy address: [ 27.218315] ffffad8ebc403480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.219004] ffffad8ebc403500: 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 [ 27.219127] >ffffad8ebc403580: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 27.219530] ^ [ 27.219615] ffffad8ebc403600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 27.219897] ffffad8ebc403680: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.220216] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 27.144066] ================================================================== [ 27.145173] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.145327] Free of addr fff00000c5a7b601 by task kunit_try_catch/243 [ 27.145782] [ 27.145904] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.147652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.147724] Hardware name: linux,dummy-virt (DT) [ 27.149641] Call trace: [ 27.149792] show_stack+0x20/0x38 (C) [ 27.149950] dump_stack_lvl+0x8c/0xd0 [ 27.150076] print_report+0x118/0x608 [ 27.150204] kasan_report_invalid_free+0xc0/0xe8 [ 27.150998] check_slab_allocation+0xfc/0x108 [ 27.152145] __kasan_mempool_poison_object+0x78/0x150 [ 27.152324] mempool_free+0x28c/0x328 [ 27.152488] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.152639] mempool_kmalloc_invalid_free+0xc0/0x118 [ 27.152777] kunit_try_run_case+0x170/0x3f0 [ 27.153788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.154502] kthread+0x328/0x630 [ 27.154642] ret_from_fork+0x10/0x20 [ 27.154948] [ 27.155118] Allocated by task 243: [ 27.155190] kasan_save_stack+0x3c/0x68 [ 27.155288] kasan_save_track+0x20/0x40 [ 27.156192] kasan_save_alloc_info+0x40/0x58 [ 27.156571] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.156684] remove_element+0x130/0x1f8 [ 27.157213] mempool_alloc_preallocated+0x58/0xc0 [ 27.157343] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 27.157463] mempool_kmalloc_invalid_free+0xc0/0x118 [ 27.157516] kunit_try_run_case+0x170/0x3f0 [ 27.157572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.157689] kthread+0x328/0x630 [ 27.157781] ret_from_fork+0x10/0x20 [ 27.158128] [ 27.158531] The buggy address belongs to the object at fff00000c5a7b600 [ 27.158531] which belongs to the cache kmalloc-128 of size 128 [ 27.158680] The buggy address is located 1 bytes inside of [ 27.158680] 128-byte region [fff00000c5a7b600, fff00000c5a7b680) [ 27.159495] [ 27.159569] The buggy address belongs to the physical page: [ 27.159650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 27.159846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.160044] page_type: f5(slab) [ 27.160847] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.161004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.161111] page dumped because: kasan: bad access detected [ 27.161186] [ 27.161231] Memory state around the buggy address: [ 27.161334] fff00000c5a7b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.161475] fff00000c5a7b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.161605] >fff00000c5a7b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.161729] ^ [ 27.161799] fff00000c5a7b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.161915] fff00000c5a7b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.162047] ================================================================== [ 27.179916] ================================================================== [ 27.180049] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.180329] Free of addr fff00000c78b0001 by task kunit_try_catch/245 [ 27.180562] [ 27.181239] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.181481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.181646] Hardware name: linux,dummy-virt (DT) [ 27.181731] Call trace: [ 27.181842] show_stack+0x20/0x38 (C) [ 27.181999] dump_stack_lvl+0x8c/0xd0 [ 27.182355] print_report+0x118/0x608 [ 27.182539] kasan_report_invalid_free+0xc0/0xe8 [ 27.182765] __kasan_mempool_poison_object+0xfc/0x150 [ 27.182893] mempool_free+0x28c/0x328 [ 27.183010] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.183146] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 27.183642] kunit_try_run_case+0x170/0x3f0 [ 27.183838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.184151] kthread+0x328/0x630 [ 27.184297] ret_from_fork+0x10/0x20 [ 27.184460] [ 27.184518] The buggy address belongs to the physical page: [ 27.184666] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 27.184840] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.185069] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.185224] page_type: f8(unknown) [ 27.185428] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.185647] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.185807] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.185935] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.186064] head: 0bfffe0000000002 ffffc1ffc31e2c01 00000000ffffffff 00000000ffffffff [ 27.186192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.186300] page dumped because: kasan: bad access detected [ 27.186413] [ 27.186467] Memory state around the buggy address: [ 27.186609] fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.186784] fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.187133] >fff00000c78b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.187269] ^ [ 27.187491] fff00000c78b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.187747] fff00000c78b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.187849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 27.057640] ================================================================== [ 27.057787] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.057927] Free of addr fff00000c5a7b200 by task kunit_try_catch/237 [ 27.058029] [ 27.058105] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.058301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.058371] Hardware name: linux,dummy-virt (DT) [ 27.058517] Call trace: [ 27.059302] show_stack+0x20/0x38 (C) [ 27.059721] dump_stack_lvl+0x8c/0xd0 [ 27.059982] print_report+0x118/0x608 [ 27.060186] kasan_report_invalid_free+0xc0/0xe8 [ 27.060813] check_slab_allocation+0xd4/0x108 [ 27.060971] __kasan_mempool_poison_object+0x78/0x150 [ 27.061194] mempool_free+0x28c/0x328 [ 27.061593] mempool_double_free_helper+0x150/0x2e8 [ 27.061810] mempool_kmalloc_double_free+0xc0/0x118 [ 27.061936] kunit_try_run_case+0x170/0x3f0 [ 27.062218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.062765] kthread+0x328/0x630 [ 27.062888] ret_from_fork+0x10/0x20 [ 27.063440] [ 27.063505] Allocated by task 237: [ 27.063736] kasan_save_stack+0x3c/0x68 [ 27.064185] kasan_save_track+0x20/0x40 [ 27.064403] kasan_save_alloc_info+0x40/0x58 [ 27.064530] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.065243] remove_element+0x130/0x1f8 [ 27.065453] mempool_alloc_preallocated+0x58/0xc0 [ 27.065684] mempool_double_free_helper+0x94/0x2e8 [ 27.066211] mempool_kmalloc_double_free+0xc0/0x118 [ 27.066325] kunit_try_run_case+0x170/0x3f0 [ 27.066441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.066551] kthread+0x328/0x630 [ 27.067114] ret_from_fork+0x10/0x20 [ 27.067620] [ 27.067690] Freed by task 237: [ 27.068209] kasan_save_stack+0x3c/0x68 [ 27.068360] kasan_save_track+0x20/0x40 [ 27.068489] kasan_save_free_info+0x4c/0x78 [ 27.068593] __kasan_mempool_poison_object+0xc0/0x150 [ 27.068768] mempool_free+0x28c/0x328 [ 27.069169] mempool_double_free_helper+0x100/0x2e8 [ 27.069287] mempool_kmalloc_double_free+0xc0/0x118 [ 27.069602] kunit_try_run_case+0x170/0x3f0 [ 27.069770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.069900] kthread+0x328/0x630 [ 27.070288] ret_from_fork+0x10/0x20 [ 27.070493] [ 27.070578] The buggy address belongs to the object at fff00000c5a7b200 [ 27.070578] which belongs to the cache kmalloc-128 of size 128 [ 27.071403] The buggy address is located 0 bytes inside of [ 27.071403] 128-byte region [fff00000c5a7b200, fff00000c5a7b280) [ 27.071568] [ 27.071618] The buggy address belongs to the physical page: [ 27.073023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7b [ 27.073170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.073331] page_type: f5(slab) [ 27.073544] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.073745] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.074036] page dumped because: kasan: bad access detected [ 27.074117] [ 27.074185] Memory state around the buggy address: [ 27.074266] fff00000c5a7b100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.074981] fff00000c5a7b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.075134] >fff00000c5a7b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.075292] ^ [ 27.075368] fff00000c5a7b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.075505] fff00000c5a7b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.075628] ================================================================== [ 27.092266] ================================================================== [ 27.092408] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.092566] Free of addr fff00000c78b0000 by task kunit_try_catch/239 [ 27.092685] [ 27.092775] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.093406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.093674] Hardware name: linux,dummy-virt (DT) [ 27.093871] Call trace: [ 27.093932] show_stack+0x20/0x38 (C) [ 27.094426] dump_stack_lvl+0x8c/0xd0 [ 27.094660] print_report+0x118/0x608 [ 27.094788] kasan_report_invalid_free+0xc0/0xe8 [ 27.094969] __kasan_mempool_poison_object+0x14c/0x150 [ 27.095106] mempool_free+0x28c/0x328 [ 27.095253] mempool_double_free_helper+0x150/0x2e8 [ 27.095641] mempool_kmalloc_large_double_free+0xc0/0x118 [ 27.095818] kunit_try_run_case+0x170/0x3f0 [ 27.096163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.096504] kthread+0x328/0x630 [ 27.096924] ret_from_fork+0x10/0x20 [ 27.097110] [ 27.097184] The buggy address belongs to the physical page: [ 27.097261] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 27.097414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.097580] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.097720] page_type: f8(unknown) [ 27.097819] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.098001] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.098252] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.098495] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.098867] head: 0bfffe0000000002 ffffc1ffc31e2c01 00000000ffffffff 00000000ffffffff [ 27.099297] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.099628] page dumped because: kasan: bad access detected [ 27.100039] [ 27.100133] Memory state around the buggy address: [ 27.100366] fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.100520] fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.100721] >fff00000c78b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.100994] ^ [ 27.101250] fff00000c78b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.101507] fff00000c78b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.101624] ================================================================== [ 27.120008] ================================================================== [ 27.120130] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.120327] Free of addr fff00000c78b0000 by task kunit_try_catch/241 [ 27.120561] [ 27.120687] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.120913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.120987] Hardware name: linux,dummy-virt (DT) [ 27.121248] Call trace: [ 27.121368] show_stack+0x20/0x38 (C) [ 27.121524] dump_stack_lvl+0x8c/0xd0 [ 27.121773] print_report+0x118/0x608 [ 27.121959] kasan_report_invalid_free+0xc0/0xe8 [ 27.122131] __kasan_mempool_poison_pages+0xe0/0xe8 [ 27.122308] mempool_free+0x24c/0x328 [ 27.122456] mempool_double_free_helper+0x150/0x2e8 [ 27.122589] mempool_page_alloc_double_free+0xbc/0x118 [ 27.122722] kunit_try_run_case+0x170/0x3f0 [ 27.123081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.123375] kthread+0x328/0x630 [ 27.123585] ret_from_fork+0x10/0x20 [ 27.123760] [ 27.123816] The buggy address belongs to the physical page: [ 27.123933] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 27.124072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.124234] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.124362] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.124512] page dumped because: kasan: bad access detected [ 27.124657] [ 27.124712] Memory state around the buggy address: [ 27.124802] fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.125009] fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.125131] >fff00000c78b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.125238] ^ [ 27.125311] fff00000c78b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.125501] fff00000c78b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.125696] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 26.918705] ================================================================== [ 26.918842] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 26.918979] Read of size 1 at addr fff00000c78ac000 by task kunit_try_catch/231 [ 26.921524] [ 26.921661] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.921897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.921970] Hardware name: linux,dummy-virt (DT) [ 26.922055] Call trace: [ 26.922118] show_stack+0x20/0x38 (C) [ 26.922307] dump_stack_lvl+0x8c/0xd0 [ 26.922456] print_report+0x118/0x608 [ 26.922586] kasan_report+0xdc/0x128 [ 26.922708] __asan_report_load1_noabort+0x20/0x30 [ 26.922839] mempool_uaf_helper+0x314/0x340 [ 26.922957] mempool_kmalloc_large_uaf+0xc4/0x120 [ 26.923145] kunit_try_run_case+0x170/0x3f0 [ 26.923400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.923777] kthread+0x328/0x630 [ 26.924433] ret_from_fork+0x10/0x20 [ 26.924610] [ 26.924663] The buggy address belongs to the physical page: [ 26.924896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ac [ 26.925029] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.925139] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.926302] page_type: f8(unknown) [ 26.926455] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.926780] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.926913] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.927040] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.928365] head: 0bfffe0000000002 ffffc1ffc31e2b01 00000000ffffffff 00000000ffffffff [ 26.929258] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.929468] page dumped because: kasan: bad access detected [ 26.929718] [ 26.929768] Memory state around the buggy address: [ 26.930090] fff00000c78abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.930565] fff00000c78abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.930694] >fff00000c78ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.930796] ^ [ 26.931041] fff00000c78ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.931666] fff00000c78ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.931932] ================================================================== [ 27.018829] ================================================================== [ 27.018992] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 27.019149] Read of size 1 at addr fff00000c78ac000 by task kunit_try_catch/235 [ 27.019266] [ 27.019352] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 27.021354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.021572] Hardware name: linux,dummy-virt (DT) [ 27.021666] Call trace: [ 27.021728] show_stack+0x20/0x38 (C) [ 27.021866] dump_stack_lvl+0x8c/0xd0 [ 27.021995] print_report+0x118/0x608 [ 27.022115] kasan_report+0xdc/0x128 [ 27.022229] __asan_report_load1_noabort+0x20/0x30 [ 27.022400] mempool_uaf_helper+0x314/0x340 [ 27.022606] mempool_page_alloc_uaf+0xc0/0x118 [ 27.022752] kunit_try_run_case+0x170/0x3f0 [ 27.022975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.023117] kthread+0x328/0x630 [ 27.023256] ret_from_fork+0x10/0x20 [ 27.023486] [ 27.023550] The buggy address belongs to the physical page: [ 27.023640] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ac [ 27.023897] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.024195] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.025468] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.025964] page dumped because: kasan: bad access detected [ 27.026043] [ 27.026275] Memory state around the buggy address: [ 27.027340] fff00000c78abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.027474] fff00000c78abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.028129] >fff00000c78ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.029526] ^ [ 27.029613] fff00000c78ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.029731] fff00000c78ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.029827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 26.957303] ================================================================== [ 26.957475] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 26.957621] Read of size 1 at addr fff00000c5a6e240 by task kunit_try_catch/233 [ 26.957738] [ 26.957814] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.958014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.958076] Hardware name: linux,dummy-virt (DT) [ 26.958150] Call trace: [ 26.958205] show_stack+0x20/0x38 (C) [ 26.958323] dump_stack_lvl+0x8c/0xd0 [ 26.958473] print_report+0x118/0x608 [ 26.958645] kasan_report+0xdc/0x128 [ 26.958856] __asan_report_load1_noabort+0x20/0x30 [ 26.959029] mempool_uaf_helper+0x314/0x340 [ 26.959173] mempool_slab_uaf+0xc0/0x118 [ 26.959295] kunit_try_run_case+0x170/0x3f0 [ 26.959529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.959670] kthread+0x328/0x630 [ 26.959807] ret_from_fork+0x10/0x20 [ 26.960085] [ 26.960171] Allocated by task 233: [ 26.960342] kasan_save_stack+0x3c/0x68 [ 26.960984] kasan_save_track+0x20/0x40 [ 26.961055] kasan_save_alloc_info+0x40/0x58 [ 26.961156] __kasan_mempool_unpoison_object+0xbc/0x180 [ 26.961281] remove_element+0x16c/0x1f8 [ 26.961409] mempool_alloc_preallocated+0x58/0xc0 [ 26.961598] mempool_uaf_helper+0xa4/0x340 [ 26.962067] mempool_slab_uaf+0xc0/0x118 [ 26.962573] kunit_try_run_case+0x170/0x3f0 [ 26.962678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.963662] kthread+0x328/0x630 [ 26.963830] ret_from_fork+0x10/0x20 [ 26.964623] [ 26.964684] Freed by task 233: [ 26.964768] kasan_save_stack+0x3c/0x68 [ 26.964870] kasan_save_track+0x20/0x40 [ 26.964974] kasan_save_free_info+0x4c/0x78 [ 26.965064] __kasan_mempool_poison_object+0xc0/0x150 [ 26.965166] mempool_free+0x28c/0x328 [ 26.965258] mempool_uaf_helper+0x104/0x340 [ 26.965363] mempool_slab_uaf+0xc0/0x118 [ 26.965474] kunit_try_run_case+0x170/0x3f0 [ 26.965573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.965737] kthread+0x328/0x630 [ 26.965874] ret_from_fork+0x10/0x20 [ 26.966123] [ 26.966238] The buggy address belongs to the object at fff00000c5a6e240 [ 26.966238] which belongs to the cache test_cache of size 123 [ 26.966411] The buggy address is located 0 bytes inside of [ 26.966411] freed 123-byte region [fff00000c5a6e240, fff00000c5a6e2bb) [ 26.966561] [ 26.966619] The buggy address belongs to the physical page: [ 26.966706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a6e [ 26.966849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.966986] page_type: f5(slab) [ 26.967100] raw: 0bfffe0000000000 fff00000c5a5d280 dead000000000122 0000000000000000 [ 26.967311] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.967450] page dumped because: kasan: bad access detected [ 26.967543] [ 26.967597] Memory state around the buggy address: [ 26.967689] fff00000c5a6e100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.967817] fff00000c5a6e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.967990] >fff00000c5a6e200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.968138] ^ [ 26.968248] fff00000c5a6e280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.968781] fff00000c5a6e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.968905] ================================================================== [ 26.882112] ================================================================== [ 26.882574] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 26.882759] Read of size 1 at addr fff00000c597ae00 by task kunit_try_catch/229 [ 26.883063] [ 26.883150] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.883353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.883434] Hardware name: linux,dummy-virt (DT) [ 26.883528] Call trace: [ 26.883597] show_stack+0x20/0x38 (C) [ 26.883830] dump_stack_lvl+0x8c/0xd0 [ 26.883999] print_report+0x118/0x608 [ 26.884273] kasan_report+0xdc/0x128 [ 26.884406] __asan_report_load1_noabort+0x20/0x30 [ 26.884564] mempool_uaf_helper+0x314/0x340 [ 26.884799] mempool_kmalloc_uaf+0xc4/0x120 [ 26.884931] kunit_try_run_case+0x170/0x3f0 [ 26.885100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.885277] kthread+0x328/0x630 [ 26.885528] ret_from_fork+0x10/0x20 [ 26.885783] [ 26.885866] Allocated by task 229: [ 26.886065] kasan_save_stack+0x3c/0x68 [ 26.886177] kasan_save_track+0x20/0x40 [ 26.886460] kasan_save_alloc_info+0x40/0x58 [ 26.886606] __kasan_mempool_unpoison_object+0x11c/0x180 [ 26.886760] remove_element+0x130/0x1f8 [ 26.886926] mempool_alloc_preallocated+0x58/0xc0 [ 26.888130] mempool_uaf_helper+0xa4/0x340 [ 26.888245] mempool_kmalloc_uaf+0xc4/0x120 [ 26.888357] kunit_try_run_case+0x170/0x3f0 [ 26.888486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.888600] kthread+0x328/0x630 [ 26.889349] ret_from_fork+0x10/0x20 [ 26.889913] [ 26.889963] Freed by task 229: [ 26.890036] kasan_save_stack+0x3c/0x68 [ 26.890842] kasan_save_track+0x20/0x40 [ 26.891036] kasan_save_free_info+0x4c/0x78 [ 26.891392] __kasan_mempool_poison_object+0xc0/0x150 [ 26.891573] mempool_free+0x28c/0x328 [ 26.892206] mempool_uaf_helper+0x104/0x340 [ 26.892729] mempool_kmalloc_uaf+0xc4/0x120 [ 26.892835] kunit_try_run_case+0x170/0x3f0 [ 26.894500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.894675] kthread+0x328/0x630 [ 26.894766] ret_from_fork+0x10/0x20 [ 26.894855] [ 26.894906] The buggy address belongs to the object at fff00000c597ae00 [ 26.894906] which belongs to the cache kmalloc-128 of size 128 [ 26.896847] The buggy address is located 0 bytes inside of [ 26.896847] freed 128-byte region [fff00000c597ae00, fff00000c597ae80) [ 26.898081] [ 26.898186] The buggy address belongs to the physical page: [ 26.898352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10597a [ 26.899625] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.899894] page_type: f5(slab) [ 26.900059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.900197] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.900404] page dumped because: kasan: bad access detected [ 26.901000] [ 26.901054] Memory state around the buggy address: [ 26.901132] fff00000c597ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.901912] fff00000c597ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.902128] >fff00000c597ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.902460] ^ [ 26.902547] fff00000c597ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.902720] fff00000c597af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.902827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 26.812601] ================================================================== [ 26.813062] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 26.813604] Read of size 1 at addr fff00000c5a6c2bb by task kunit_try_catch/227 [ 26.813939] [ 26.814773] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.815708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.815842] Hardware name: linux,dummy-virt (DT) [ 26.816034] Call trace: [ 26.816156] show_stack+0x20/0x38 (C) [ 26.816303] dump_stack_lvl+0x8c/0xd0 [ 26.816949] print_report+0x118/0x608 [ 26.817126] kasan_report+0xdc/0x128 [ 26.817242] __asan_report_load1_noabort+0x20/0x30 [ 26.817371] mempool_oob_right_helper+0x2ac/0x2f0 [ 26.817526] mempool_slab_oob_right+0xc0/0x118 [ 26.817827] kunit_try_run_case+0x170/0x3f0 [ 26.818232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.818445] kthread+0x328/0x630 [ 26.818585] ret_from_fork+0x10/0x20 [ 26.818947] [ 26.819066] Allocated by task 227: [ 26.819163] kasan_save_stack+0x3c/0x68 [ 26.819307] kasan_save_track+0x20/0x40 [ 26.819574] kasan_save_alloc_info+0x40/0x58 [ 26.819722] __kasan_mempool_unpoison_object+0xbc/0x180 [ 26.819829] remove_element+0x16c/0x1f8 [ 26.819928] mempool_alloc_preallocated+0x58/0xc0 [ 26.820061] mempool_oob_right_helper+0x98/0x2f0 [ 26.820222] mempool_slab_oob_right+0xc0/0x118 [ 26.820339] kunit_try_run_case+0x170/0x3f0 [ 26.820644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.821049] kthread+0x328/0x630 [ 26.821161] ret_from_fork+0x10/0x20 [ 26.821270] [ 26.821409] The buggy address belongs to the object at fff00000c5a6c240 [ 26.821409] which belongs to the cache test_cache of size 123 [ 26.821756] The buggy address is located 0 bytes to the right of [ 26.821756] allocated 123-byte region [fff00000c5a6c240, fff00000c5a6c2bb) [ 26.821967] [ 26.822033] The buggy address belongs to the physical page: [ 26.822355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a6c [ 26.822633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.822805] page_type: f5(slab) [ 26.822973] raw: 0bfffe0000000000 fff00000c5a5d140 dead000000000122 0000000000000000 [ 26.823244] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.823399] page dumped because: kasan: bad access detected [ 26.823558] [ 26.823605] Memory state around the buggy address: [ 26.823679] fff00000c5a6c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.823792] fff00000c5a6c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 26.823972] >fff00000c5a6c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 26.824073] ^ [ 26.824205] fff00000c5a6c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.824331] fff00000c5a6c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.824832] ================================================================== [ 26.779426] ================================================================== [ 26.779564] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 26.779708] Read of size 1 at addr fff00000c78ae001 by task kunit_try_catch/225 [ 26.779821] [ 26.779899] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.780107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.780177] Hardware name: linux,dummy-virt (DT) [ 26.780254] Call trace: [ 26.780310] show_stack+0x20/0x38 (C) [ 26.781673] dump_stack_lvl+0x8c/0xd0 [ 26.781802] print_report+0x118/0x608 [ 26.781914] kasan_report+0xdc/0x128 [ 26.782022] __asan_report_load1_noabort+0x20/0x30 [ 26.782227] mempool_oob_right_helper+0x2ac/0x2f0 [ 26.782369] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 26.782748] kunit_try_run_case+0x170/0x3f0 [ 26.782886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.783034] kthread+0x328/0x630 [ 26.783341] ret_from_fork+0x10/0x20 [ 26.783586] [ 26.783955] The buggy address belongs to the physical page: [ 26.784074] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ac [ 26.784217] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.784955] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 26.785129] page_type: f8(unknown) [ 26.785256] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.785464] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.785604] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.785736] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 26.785925] head: 0bfffe0000000002 ffffc1ffc31e2b01 00000000ffffffff 00000000ffffffff [ 26.786361] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.786540] page dumped because: kasan: bad access detected [ 26.786634] [ 26.786718] Memory state around the buggy address: [ 26.786801] fff00000c78adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.787060] fff00000c78adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.787338] >fff00000c78ae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.787456] ^ [ 26.787600] fff00000c78ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.787745] fff00000c78ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.787983] ================================================================== [ 26.759350] ================================================================== [ 26.759472] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 26.759571] Read of size 1 at addr fff00000c597aa73 by task kunit_try_catch/223 [ 26.759637] [ 26.759692] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.759801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.759837] Hardware name: linux,dummy-virt (DT) [ 26.759880] Call trace: [ 26.759910] show_stack+0x20/0x38 (C) [ 26.759977] dump_stack_lvl+0x8c/0xd0 [ 26.760044] print_report+0x118/0x608 [ 26.760161] kasan_report+0xdc/0x128 [ 26.760294] __asan_report_load1_noabort+0x20/0x30 [ 26.760445] mempool_oob_right_helper+0x2ac/0x2f0 [ 26.760587] mempool_kmalloc_oob_right+0xc4/0x120 [ 26.760689] kunit_try_run_case+0x170/0x3f0 [ 26.760761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.760831] kthread+0x328/0x630 [ 26.760892] ret_from_fork+0x10/0x20 [ 26.760958] [ 26.760981] Allocated by task 223: [ 26.761020] kasan_save_stack+0x3c/0x68 [ 26.761072] kasan_save_track+0x20/0x40 [ 26.761120] kasan_save_alloc_info+0x40/0x58 [ 26.761166] __kasan_mempool_unpoison_object+0x11c/0x180 [ 26.761216] remove_element+0x130/0x1f8 [ 26.761267] mempool_alloc_preallocated+0x58/0xc0 [ 26.761316] mempool_oob_right_helper+0x98/0x2f0 [ 26.761365] mempool_kmalloc_oob_right+0xc4/0x120 [ 26.761451] kunit_try_run_case+0x170/0x3f0 [ 26.761503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.761557] kthread+0x328/0x630 [ 26.761603] ret_from_fork+0x10/0x20 [ 26.761648] [ 26.761672] The buggy address belongs to the object at fff00000c597aa00 [ 26.761672] which belongs to the cache kmalloc-128 of size 128 [ 26.761746] The buggy address is located 0 bytes to the right of [ 26.761746] allocated 115-byte region [fff00000c597aa00, fff00000c597aa73) [ 26.761822] [ 26.761850] The buggy address belongs to the physical page: [ 26.761890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10597a [ 26.761959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.762025] page_type: f5(slab) [ 26.762074] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.762136] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.762187] page dumped because: kasan: bad access detected [ 26.762226] [ 26.762247] Memory state around the buggy address: [ 26.762286] fff00000c597a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.762340] fff00000c597a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.762420] >fff00000c597aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.762471] ^ [ 26.762519] fff00000c597aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.762571] fff00000c597ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.762619] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 26.154195] ================================================================== [ 26.154361] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 26.155242] Read of size 1 at addr fff00000c3f5ab40 by task kunit_try_catch/217 [ 26.155531] [ 26.155628] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 26.156920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.157059] Hardware name: linux,dummy-virt (DT) [ 26.157408] Call trace: [ 26.157506] show_stack+0x20/0x38 (C) [ 26.157856] dump_stack_lvl+0x8c/0xd0 [ 26.158139] print_report+0x118/0x608 [ 26.158348] kasan_report+0xdc/0x128 [ 26.158556] __kasan_check_byte+0x54/0x70 [ 26.158674] kmem_cache_destroy+0x34/0x218 [ 26.158806] kmem_cache_double_destroy+0x174/0x300 [ 26.158965] kunit_try_run_case+0x170/0x3f0 [ 26.159090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.159224] kthread+0x328/0x630 [ 26.159336] ret_from_fork+0x10/0x20 [ 26.159475] [ 26.159533] Allocated by task 217: [ 26.159616] kasan_save_stack+0x3c/0x68 [ 26.159799] kasan_save_track+0x20/0x40 [ 26.159973] kasan_save_alloc_info+0x40/0x58 [ 26.160114] __kasan_slab_alloc+0xa8/0xb0 [ 26.160219] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.160333] __kmem_cache_create_args+0x178/0x280 [ 26.160478] kmem_cache_double_destroy+0xc0/0x300 [ 26.160589] kunit_try_run_case+0x170/0x3f0 [ 26.160858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.161101] kthread+0x328/0x630 [ 26.161254] ret_from_fork+0x10/0x20 [ 26.161351] [ 26.161418] Freed by task 217: [ 26.161691] kasan_save_stack+0x3c/0x68 [ 26.161884] kasan_save_track+0x20/0x40 [ 26.162203] kasan_save_free_info+0x4c/0x78 [ 26.162485] __kasan_slab_free+0x6c/0x98 [ 26.162918] kmem_cache_free+0x260/0x468 [ 26.163561] slab_kmem_cache_release+0x38/0x50 [ 26.163828] kmem_cache_release+0x1c/0x30 [ 26.164490] kobject_put+0x17c/0x420 [ 26.164787] sysfs_slab_release+0x1c/0x30 [ 26.165091] kmem_cache_destroy+0x118/0x218 [ 26.165555] kmem_cache_double_destroy+0x128/0x300 [ 26.165712] kunit_try_run_case+0x170/0x3f0 [ 26.165817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.166432] kthread+0x328/0x630 [ 26.166898] ret_from_fork+0x10/0x20 [ 26.167162] [ 26.167212] The buggy address belongs to the object at fff00000c3f5ab40 [ 26.167212] which belongs to the cache kmem_cache of size 208 [ 26.167349] The buggy address is located 0 bytes inside of [ 26.167349] freed 208-byte region [fff00000c3f5ab40, fff00000c3f5ac10) [ 26.167519] [ 26.167574] The buggy address belongs to the physical page: [ 26.167651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f5a [ 26.167777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.167898] page_type: f5(slab) [ 26.168760] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 26.169414] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 26.169527] page dumped because: kasan: bad access detected [ 26.169611] [ 26.170091] Memory state around the buggy address: [ 26.170442] fff00000c3f5aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.171060] fff00000c3f5aa80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 26.171527] >fff00000c3f5ab00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.171630] ^ [ 26.172170] fff00000c3f5ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.172336] fff00000c3f5ac00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.172602] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 25.825963] ================================================================== [ 25.826153] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 25.826644] Read of size 1 at addr fff00000c414c000 by task kunit_try_catch/215 [ 25.826995] [ 25.827956] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 25.828321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.828422] Hardware name: linux,dummy-virt (DT) [ 25.828676] Call trace: [ 25.828774] show_stack+0x20/0x38 (C) [ 25.828910] dump_stack_lvl+0x8c/0xd0 [ 25.829077] print_report+0x118/0x608 [ 25.829236] kasan_report+0xdc/0x128 [ 25.829587] __asan_report_load1_noabort+0x20/0x30 [ 25.829971] kmem_cache_rcu_uaf+0x388/0x468 [ 25.830137] kunit_try_run_case+0x170/0x3f0 [ 25.830301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.830664] kthread+0x328/0x630 [ 25.830818] ret_from_fork+0x10/0x20 [ 25.830979] [ 25.831028] Allocated by task 215: [ 25.831120] kasan_save_stack+0x3c/0x68 [ 25.831673] kasan_save_track+0x20/0x40 [ 25.832155] kasan_save_alloc_info+0x40/0x58 [ 25.832394] __kasan_slab_alloc+0xa8/0xb0 [ 25.832821] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.833462] kmem_cache_rcu_uaf+0x12c/0x468 [ 25.833576] kunit_try_run_case+0x170/0x3f0 [ 25.834202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.834429] kthread+0x328/0x630 [ 25.834537] ret_from_fork+0x10/0x20 [ 25.834875] [ 25.834922] Freed by task 0: [ 25.835361] kasan_save_stack+0x3c/0x68 [ 25.835632] kasan_save_track+0x20/0x40 [ 25.835739] kasan_save_free_info+0x4c/0x78 [ 25.836029] __kasan_slab_free+0x6c/0x98 [ 25.836159] slab_free_after_rcu_debug+0xd4/0x2f8 [ 25.836425] rcu_core+0x9f4/0x1e20 [ 25.836654] rcu_core_si+0x18/0x30 [ 25.836750] handle_softirqs+0x374/0xb28 [ 25.837955] __do_softirq+0x1c/0x28 [ 25.838498] [ 25.839114] Last potentially related work creation: [ 25.839440] kasan_save_stack+0x3c/0x68 [ 25.839934] kasan_record_aux_stack+0xb4/0xc8 [ 25.840596] kmem_cache_free+0x120/0x468 [ 25.841005] kmem_cache_rcu_uaf+0x16c/0x468 [ 25.841141] kunit_try_run_case+0x170/0x3f0 [ 25.841946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.842431] kthread+0x328/0x630 [ 25.842522] ret_from_fork+0x10/0x20 [ 25.843060] [ 25.843113] The buggy address belongs to the object at fff00000c414c000 [ 25.843113] which belongs to the cache test_cache of size 200 [ 25.843255] The buggy address is located 0 bytes inside of [ 25.843255] freed 200-byte region [fff00000c414c000, fff00000c414c0c8) [ 25.843439] [ 25.843600] The buggy address belongs to the physical page: [ 25.843697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10414c [ 25.843838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.843968] page_type: f5(slab) [ 25.844511] raw: 0bfffe0000000000 fff00000c3f5aa00 dead000000000122 0000000000000000 [ 25.844812] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.845266] page dumped because: kasan: bad access detected [ 25.845394] [ 25.845446] Memory state around the buggy address: [ 25.845876] fff00000c414bf00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.846002] fff00000c414bf80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.846323] >fff00000c414c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.846491] ^ [ 25.846595] fff00000c414c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.846777] fff00000c414c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.847054] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 25.132173] ================================================================== [ 25.134407] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 25.136200] Free of addr fff00000c4150001 by task kunit_try_catch/213 [ 25.136322] [ 25.137730] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 25.137960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.138057] Hardware name: linux,dummy-virt (DT) [ 25.138174] Call trace: [ 25.138311] show_stack+0x20/0x38 (C) [ 25.138530] dump_stack_lvl+0x8c/0xd0 [ 25.138673] print_report+0x118/0x608 [ 25.138863] kasan_report_invalid_free+0xc0/0xe8 [ 25.139322] check_slab_allocation+0xfc/0x108 [ 25.139899] __kasan_slab_pre_free+0x2c/0x48 [ 25.140065] kmem_cache_free+0xf0/0x468 [ 25.140192] kmem_cache_invalid_free+0x184/0x3c8 [ 25.140944] kunit_try_run_case+0x170/0x3f0 [ 25.141234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.141565] kthread+0x328/0x630 [ 25.142017] ret_from_fork+0x10/0x20 [ 25.142721] [ 25.142775] Allocated by task 213: [ 25.143286] kasan_save_stack+0x3c/0x68 [ 25.143415] kasan_save_track+0x20/0x40 [ 25.143515] kasan_save_alloc_info+0x40/0x58 [ 25.143615] __kasan_slab_alloc+0xa8/0xb0 [ 25.144210] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.144392] kmem_cache_invalid_free+0x12c/0x3c8 [ 25.144533] kunit_try_run_case+0x170/0x3f0 [ 25.144654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.144780] kthread+0x328/0x630 [ 25.145791] ret_from_fork+0x10/0x20 [ 25.145902] [ 25.145950] The buggy address belongs to the object at fff00000c4150000 [ 25.145950] which belongs to the cache test_cache of size 200 [ 25.146678] The buggy address is located 1 bytes inside of [ 25.146678] 200-byte region [fff00000c4150000, fff00000c41500c8) [ 25.146824] [ 25.146876] The buggy address belongs to the physical page: [ 25.146950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104150 [ 25.147081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.147205] page_type: f5(slab) [ 25.147301] raw: 0bfffe0000000000 fff00000c3f5a8c0 dead000000000122 0000000000000000 [ 25.148502] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.148697] page dumped because: kasan: bad access detected [ 25.148796] [ 25.148991] Memory state around the buggy address: [ 25.149817] fff00000c414ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150009] fff00000c414ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.150107] >fff00000c4150000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.150278] ^ [ 25.151142] fff00000c4150080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.151270] fff00000c4150100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.151400] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 25.043648] ================================================================== [ 25.044021] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 25.044203] Free of addr fff00000c5a1a000 by task kunit_try_catch/211 [ 25.044609] [ 25.044730] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 25.045179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.045281] Hardware name: linux,dummy-virt (DT) [ 25.045368] Call trace: [ 25.045561] show_stack+0x20/0x38 (C) [ 25.045687] dump_stack_lvl+0x8c/0xd0 [ 25.045826] print_report+0x118/0x608 [ 25.045953] kasan_report_invalid_free+0xc0/0xe8 [ 25.046144] check_slab_allocation+0xd4/0x108 [ 25.046441] __kasan_slab_pre_free+0x2c/0x48 [ 25.046581] kmem_cache_free+0xf0/0x468 [ 25.046799] kmem_cache_double_free+0x190/0x3c8 [ 25.047006] kunit_try_run_case+0x170/0x3f0 [ 25.047148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.047297] kthread+0x328/0x630 [ 25.047537] ret_from_fork+0x10/0x20 [ 25.047676] [ 25.047742] Allocated by task 211: [ 25.048040] kasan_save_stack+0x3c/0x68 [ 25.048151] kasan_save_track+0x20/0x40 [ 25.048259] kasan_save_alloc_info+0x40/0x58 [ 25.048371] __kasan_slab_alloc+0xa8/0xb0 [ 25.048559] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.048704] kmem_cache_double_free+0x12c/0x3c8 [ 25.048818] kunit_try_run_case+0x170/0x3f0 [ 25.048942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.049080] kthread+0x328/0x630 [ 25.049183] ret_from_fork+0x10/0x20 [ 25.049422] [ 25.049472] Freed by task 211: [ 25.049540] kasan_save_stack+0x3c/0x68 [ 25.049640] kasan_save_track+0x20/0x40 [ 25.049735] kasan_save_free_info+0x4c/0x78 [ 25.049864] __kasan_slab_free+0x6c/0x98 [ 25.049970] kmem_cache_free+0x260/0x468 [ 25.050204] kmem_cache_double_free+0x140/0x3c8 [ 25.050394] kunit_try_run_case+0x170/0x3f0 [ 25.050640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.050752] kthread+0x328/0x630 [ 25.050878] ret_from_fork+0x10/0x20 [ 25.051033] [ 25.051125] The buggy address belongs to the object at fff00000c5a1a000 [ 25.051125] which belongs to the cache test_cache of size 200 [ 25.051267] The buggy address is located 0 bytes inside of [ 25.051267] 200-byte region [fff00000c5a1a000, fff00000c5a1a0c8) [ 25.051807] [ 25.052202] The buggy address belongs to the physical page: [ 25.052281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1a [ 25.052864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.052996] page_type: f5(slab) [ 25.053866] raw: 0bfffe0000000000 fff00000c3f5a780 dead000000000122 0000000000000000 [ 25.054168] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.054837] page dumped because: kasan: bad access detected [ 25.055144] [ 25.055195] Memory state around the buggy address: [ 25.055680] fff00000c5a19f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.055796] fff00000c5a19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.056142] >fff00000c5a1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.056586] ^ [ 25.056739] fff00000c5a1a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.056927] fff00000c5a1a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.057374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 24.706835] ================================================================== [ 24.707008] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 24.707395] Read of size 8 at addr fff00000c5a2ce80 by task kunit_try_catch/202 [ 24.707724] [ 24.707956] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.708172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.708250] Hardware name: linux,dummy-virt (DT) [ 24.708342] Call trace: [ 24.708428] show_stack+0x20/0x38 (C) [ 24.709152] dump_stack_lvl+0x8c/0xd0 [ 24.709590] print_report+0x118/0x608 [ 24.709834] kasan_report+0xdc/0x128 [ 24.709953] __asan_report_load8_noabort+0x20/0x30 [ 24.710104] workqueue_uaf+0x480/0x4a8 [ 24.710454] kunit_try_run_case+0x170/0x3f0 [ 24.710597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.710753] kthread+0x328/0x630 [ 24.710925] ret_from_fork+0x10/0x20 [ 24.711060] [ 24.711424] Allocated by task 202: [ 24.711552] kasan_save_stack+0x3c/0x68 [ 24.711824] kasan_save_track+0x20/0x40 [ 24.711921] kasan_save_alloc_info+0x40/0x58 [ 24.712046] __kasan_kmalloc+0xd4/0xd8 [ 24.712191] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.712297] workqueue_uaf+0x13c/0x4a8 [ 24.712593] kunit_try_run_case+0x170/0x3f0 [ 24.712767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.713023] kthread+0x328/0x630 [ 24.713140] ret_from_fork+0x10/0x20 [ 24.713245] [ 24.713365] Freed by task 10: [ 24.713454] kasan_save_stack+0x3c/0x68 [ 24.713567] kasan_save_track+0x20/0x40 [ 24.713988] kasan_save_free_info+0x4c/0x78 [ 24.714206] __kasan_slab_free+0x6c/0x98 [ 24.714445] kfree+0x214/0x3c8 [ 24.714542] workqueue_uaf_work+0x18/0x30 [ 24.714639] process_one_work+0x530/0xf98 [ 24.714735] worker_thread+0x618/0xf38 [ 24.714819] kthread+0x328/0x630 [ 24.714907] ret_from_fork+0x10/0x20 [ 24.715011] [ 24.715132] Last potentially related work creation: [ 24.715341] kasan_save_stack+0x3c/0x68 [ 24.715484] kasan_record_aux_stack+0xb4/0xc8 [ 24.715603] __queue_work+0x65c/0x1008 [ 24.716120] queue_work_on+0xbc/0xf8 [ 24.716222] workqueue_uaf+0x210/0x4a8 [ 24.716279] kunit_try_run_case+0x170/0x3f0 [ 24.716328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.716435] kthread+0x328/0x630 [ 24.716637] ret_from_fork+0x10/0x20 [ 24.716756] [ 24.716803] The buggy address belongs to the object at fff00000c5a2ce80 [ 24.716803] which belongs to the cache kmalloc-32 of size 32 [ 24.716943] The buggy address is located 0 bytes inside of [ 24.716943] freed 32-byte region [fff00000c5a2ce80, fff00000c5a2cea0) [ 24.717147] [ 24.717264] The buggy address belongs to the physical page: [ 24.717344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2c [ 24.717531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.717759] page_type: f5(slab) [ 24.717855] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 24.717979] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.718116] page dumped because: kasan: bad access detected [ 24.718199] [ 24.718243] Memory state around the buggy address: [ 24.718320] fff00000c5a2cd80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.718449] fff00000c5a2ce00: fa fb fb fb fc fc fc fc 00 00 00 07 fc fc fc fc [ 24.718568] >fff00000c5a2ce80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.718763] ^ [ 24.718871] fff00000c5a2cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.718992] fff00000c5a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.719136] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 24.610273] ================================================================== [ 24.612260] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 24.612519] Read of size 4 at addr fff00000c5a2cd00 by task swapper/0/0 [ 24.612642] [ 24.612748] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.613097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.613173] Hardware name: linux,dummy-virt (DT) [ 24.613811] Call trace: [ 24.613916] show_stack+0x20/0x38 (C) [ 24.614026] dump_stack_lvl+0x8c/0xd0 [ 24.614092] print_report+0x118/0x608 [ 24.614213] kasan_report+0xdc/0x128 [ 24.614339] __asan_report_load4_noabort+0x20/0x30 [ 24.614592] rcu_uaf_reclaim+0x64/0x70 [ 24.615190] rcu_core+0x9f4/0x1e20 [ 24.615316] rcu_core_si+0x18/0x30 [ 24.616425] handle_softirqs+0x374/0xb28 [ 24.616568] __do_softirq+0x1c/0x28 [ 24.616961] ____do_softirq+0x18/0x30 [ 24.617583] call_on_irq_stack+0x24/0x30 [ 24.617929] do_softirq_own_stack+0x24/0x38 [ 24.618555] __irq_exit_rcu+0x1fc/0x318 [ 24.618693] irq_exit_rcu+0x1c/0x80 [ 24.619529] el1_interrupt+0x38/0x58 [ 24.619684] el1h_64_irq_handler+0x18/0x28 [ 24.619933] el1h_64_irq+0x6c/0x70 [ 24.620231] arch_local_irq_enable+0x4/0x8 (P) [ 24.620363] do_idle+0x384/0x4e8 [ 24.621689] cpu_startup_entry+0x64/0x80 [ 24.622297] rest_init+0x160/0x188 [ 24.623064] start_kernel+0x308/0x3d0 [ 24.623973] __primary_switched+0x8c/0xa0 [ 24.624695] [ 24.624954] Allocated by task 200: [ 24.625038] kasan_save_stack+0x3c/0x68 [ 24.625945] kasan_save_track+0x20/0x40 [ 24.626142] kasan_save_alloc_info+0x40/0x58 [ 24.626247] __kasan_kmalloc+0xd4/0xd8 [ 24.627356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.627524] rcu_uaf+0xb0/0x2d8 [ 24.628317] kunit_try_run_case+0x170/0x3f0 [ 24.628465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.628580] kthread+0x328/0x630 [ 24.629702] ret_from_fork+0x10/0x20 [ 24.630679] [ 24.630917] Freed by task 0: [ 24.631121] kasan_save_stack+0x3c/0x68 [ 24.631223] kasan_save_track+0x20/0x40 [ 24.632076] kasan_save_free_info+0x4c/0x78 [ 24.633243] __kasan_slab_free+0x6c/0x98 [ 24.633504] kfree+0x214/0x3c8 [ 24.633623] rcu_uaf_reclaim+0x28/0x70 [ 24.634104] rcu_core+0x9f4/0x1e20 [ 24.634498] rcu_core_si+0x18/0x30 [ 24.634588] handle_softirqs+0x374/0xb28 [ 24.634673] __do_softirq+0x1c/0x28 [ 24.634759] [ 24.634820] Last potentially related work creation: [ 24.634902] kasan_save_stack+0x3c/0x68 [ 24.634997] kasan_record_aux_stack+0xb4/0xc8 [ 24.635093] __call_rcu_common.constprop.0+0x70/0x8b0 [ 24.635192] call_rcu+0x18/0x30 [ 24.637068] rcu_uaf+0x14c/0x2d8 [ 24.637686] kunit_try_run_case+0x170/0x3f0 [ 24.637993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.638123] kthread+0x328/0x630 [ 24.638223] ret_from_fork+0x10/0x20 [ 24.638332] [ 24.640200] The buggy address belongs to the object at fff00000c5a2cd00 [ 24.640200] which belongs to the cache kmalloc-32 of size 32 [ 24.640390] The buggy address is located 0 bytes inside of [ 24.640390] freed 32-byte region [fff00000c5a2cd00, fff00000c5a2cd20) [ 24.641419] [ 24.641550] The buggy address belongs to the physical page: [ 24.641710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2c [ 24.641852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.642468] page_type: f5(slab) [ 24.642586] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 24.643124] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.643610] page dumped because: kasan: bad access detected [ 24.644212] [ 24.644694] Memory state around the buggy address: [ 24.645025] fff00000c5a2cc00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.645263] fff00000c5a2cc80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.645391] >fff00000c5a2cd00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 24.646287] ^ [ 24.647016] fff00000c5a2cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.647519] fff00000c5a2ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.647625] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 24.357077] ================================================================== [ 24.357177] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 24.357293] Read of size 1 at addr fff00000c59ef578 by task kunit_try_catch/198 [ 24.357432] [ 24.357503] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.357697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.357758] Hardware name: linux,dummy-virt (DT) [ 24.357830] Call trace: [ 24.357878] show_stack+0x20/0x38 (C) [ 24.357996] dump_stack_lvl+0x8c/0xd0 [ 24.358113] print_report+0x118/0x608 [ 24.358238] kasan_report+0xdc/0x128 [ 24.358461] __asan_report_load1_noabort+0x20/0x30 [ 24.358605] ksize_uaf+0x544/0x5f8 [ 24.359299] kunit_try_run_case+0x170/0x3f0 [ 24.359491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.359725] kthread+0x328/0x630 [ 24.359931] ret_from_fork+0x10/0x20 [ 24.360135] [ 24.360180] Allocated by task 198: [ 24.360328] kasan_save_stack+0x3c/0x68 [ 24.360467] kasan_save_track+0x20/0x40 [ 24.361048] kasan_save_alloc_info+0x40/0x58 [ 24.361169] __kasan_kmalloc+0xd4/0xd8 [ 24.361421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.361624] ksize_uaf+0xb8/0x5f8 [ 24.361717] kunit_try_run_case+0x170/0x3f0 [ 24.361813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.361920] kthread+0x328/0x630 [ 24.363539] ret_from_fork+0x10/0x20 [ 24.363643] [ 24.364737] Freed by task 198: [ 24.364910] kasan_save_stack+0x3c/0x68 [ 24.365412] kasan_save_track+0x20/0x40 [ 24.365996] kasan_save_free_info+0x4c/0x78 [ 24.366121] __kasan_slab_free+0x6c/0x98 [ 24.366575] kfree+0x214/0x3c8 [ 24.366973] ksize_uaf+0x11c/0x5f8 [ 24.367276] kunit_try_run_case+0x170/0x3f0 [ 24.367814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.368144] kthread+0x328/0x630 [ 24.368252] ret_from_fork+0x10/0x20 [ 24.368364] [ 24.368435] The buggy address belongs to the object at fff00000c59ef500 [ 24.368435] which belongs to the cache kmalloc-128 of size 128 [ 24.368658] The buggy address is located 120 bytes inside of [ 24.368658] freed 128-byte region [fff00000c59ef500, fff00000c59ef580) [ 24.368819] [ 24.368871] The buggy address belongs to the physical page: [ 24.369106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.369254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.369410] page_type: f5(slab) [ 24.369589] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.369732] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.370326] page dumped because: kasan: bad access detected [ 24.370653] [ 24.370747] Memory state around the buggy address: [ 24.370832] fff00000c59ef400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.371168] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.372009] >fff00000c59ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.372602] ^ [ 24.372711] fff00000c59ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.372827] fff00000c59ef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.373128] ================================================================== [ 24.341669] ================================================================== [ 24.341770] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 24.341900] Read of size 1 at addr fff00000c59ef500 by task kunit_try_catch/198 [ 24.342144] [ 24.342226] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.343182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.343268] Hardware name: linux,dummy-virt (DT) [ 24.343548] Call trace: [ 24.343617] show_stack+0x20/0x38 (C) [ 24.344394] dump_stack_lvl+0x8c/0xd0 [ 24.344602] print_report+0x118/0x608 [ 24.344938] kasan_report+0xdc/0x128 [ 24.345177] __asan_report_load1_noabort+0x20/0x30 [ 24.345401] ksize_uaf+0x598/0x5f8 [ 24.345530] kunit_try_run_case+0x170/0x3f0 [ 24.345687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.345856] kthread+0x328/0x630 [ 24.346015] ret_from_fork+0x10/0x20 [ 24.346329] [ 24.346824] Allocated by task 198: [ 24.346910] kasan_save_stack+0x3c/0x68 [ 24.347014] kasan_save_track+0x20/0x40 [ 24.347106] kasan_save_alloc_info+0x40/0x58 [ 24.347202] __kasan_kmalloc+0xd4/0xd8 [ 24.347297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.347427] ksize_uaf+0xb8/0x5f8 [ 24.347543] kunit_try_run_case+0x170/0x3f0 [ 24.347792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.348236] kthread+0x328/0x630 [ 24.348421] ret_from_fork+0x10/0x20 [ 24.348963] [ 24.349189] Freed by task 198: [ 24.349376] kasan_save_stack+0x3c/0x68 [ 24.349751] kasan_save_track+0x20/0x40 [ 24.349970] kasan_save_free_info+0x4c/0x78 [ 24.350677] __kasan_slab_free+0x6c/0x98 [ 24.350799] kfree+0x214/0x3c8 [ 24.350896] ksize_uaf+0x11c/0x5f8 [ 24.351599] kunit_try_run_case+0x170/0x3f0 [ 24.351888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.352291] kthread+0x328/0x630 [ 24.352634] ret_from_fork+0x10/0x20 [ 24.352743] [ 24.352891] The buggy address belongs to the object at fff00000c59ef500 [ 24.352891] which belongs to the cache kmalloc-128 of size 128 [ 24.353059] The buggy address is located 0 bytes inside of [ 24.353059] freed 128-byte region [fff00000c59ef500, fff00000c59ef580) [ 24.353237] [ 24.353289] The buggy address belongs to the physical page: [ 24.353499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.353650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.353993] page_type: f5(slab) [ 24.354193] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.354326] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.354469] page dumped because: kasan: bad access detected [ 24.354588] [ 24.354641] Memory state around the buggy address: [ 24.354734] fff00000c59ef400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.354860] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355007] >fff00000c59ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.355144] ^ [ 24.355222] fff00000c59ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355345] fff00000c59ef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355459] ================================================================== [ 24.322895] ================================================================== [ 24.323035] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 24.323227] Read of size 1 at addr fff00000c59ef500 by task kunit_try_catch/198 [ 24.323536] [ 24.323613] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.324155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.324242] Hardware name: linux,dummy-virt (DT) [ 24.324339] Call trace: [ 24.324437] show_stack+0x20/0x38 (C) [ 24.324593] dump_stack_lvl+0x8c/0xd0 [ 24.324904] print_report+0x118/0x608 [ 24.325031] kasan_report+0xdc/0x128 [ 24.325147] __kasan_check_byte+0x54/0x70 [ 24.325309] ksize+0x30/0x88 [ 24.325533] ksize_uaf+0x168/0x5f8 [ 24.325654] kunit_try_run_case+0x170/0x3f0 [ 24.325786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.325965] kthread+0x328/0x630 [ 24.326300] ret_from_fork+0x10/0x20 [ 24.326677] [ 24.326931] Allocated by task 198: [ 24.327019] kasan_save_stack+0x3c/0x68 [ 24.327172] kasan_save_track+0x20/0x40 [ 24.327270] kasan_save_alloc_info+0x40/0x58 [ 24.327531] __kasan_kmalloc+0xd4/0xd8 [ 24.327626] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.327732] ksize_uaf+0xb8/0x5f8 [ 24.328006] kunit_try_run_case+0x170/0x3f0 [ 24.328249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.328435] kthread+0x328/0x630 [ 24.328623] ret_from_fork+0x10/0x20 [ 24.328729] [ 24.328787] Freed by task 198: [ 24.328867] kasan_save_stack+0x3c/0x68 [ 24.329005] kasan_save_track+0x20/0x40 [ 24.329190] kasan_save_free_info+0x4c/0x78 [ 24.329397] __kasan_slab_free+0x6c/0x98 [ 24.329558] kfree+0x214/0x3c8 [ 24.329721] ksize_uaf+0x11c/0x5f8 [ 24.329838] kunit_try_run_case+0x170/0x3f0 [ 24.329940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.330115] kthread+0x328/0x630 [ 24.330571] ret_from_fork+0x10/0x20 [ 24.330680] [ 24.330737] The buggy address belongs to the object at fff00000c59ef500 [ 24.330737] which belongs to the cache kmalloc-128 of size 128 [ 24.331872] The buggy address is located 0 bytes inside of [ 24.331872] freed 128-byte region [fff00000c59ef500, fff00000c59ef580) [ 24.332632] [ 24.332797] The buggy address belongs to the physical page: [ 24.333746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.334724] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.334845] page_type: f5(slab) [ 24.335193] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.336056] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.336455] page dumped because: kasan: bad access detected [ 24.336543] [ 24.336592] Memory state around the buggy address: [ 24.337375] fff00000c59ef400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.337698] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.337812] >fff00000c59ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.337938] ^ [ 24.338101] fff00000c59ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.338213] fff00000c59ef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.338325] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 24.273629] ================================================================== [ 24.273728] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 24.274491] Read of size 1 at addr fff00000c59ef478 by task kunit_try_catch/196 [ 24.275224] [ 24.276087] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.276971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.277057] Hardware name: linux,dummy-virt (DT) [ 24.277450] Call trace: [ 24.277688] show_stack+0x20/0x38 (C) [ 24.278100] dump_stack_lvl+0x8c/0xd0 [ 24.278560] print_report+0x118/0x608 [ 24.278699] kasan_report+0xdc/0x128 [ 24.279233] __asan_report_load1_noabort+0x20/0x30 [ 24.279819] ksize_unpoisons_memory+0x618/0x740 [ 24.280235] kunit_try_run_case+0x170/0x3f0 [ 24.280650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.280936] kthread+0x328/0x630 [ 24.281058] ret_from_fork+0x10/0x20 [ 24.281190] [ 24.281240] Allocated by task 196: [ 24.281308] kasan_save_stack+0x3c/0x68 [ 24.281863] kasan_save_track+0x20/0x40 [ 24.282707] kasan_save_alloc_info+0x40/0x58 [ 24.283273] __kasan_kmalloc+0xd4/0xd8 [ 24.283919] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.284236] ksize_unpoisons_memory+0xc0/0x740 [ 24.284344] kunit_try_run_case+0x170/0x3f0 [ 24.285171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.285572] kthread+0x328/0x630 [ 24.285668] ret_from_fork+0x10/0x20 [ 24.286289] [ 24.286341] The buggy address belongs to the object at fff00000c59ef400 [ 24.286341] which belongs to the cache kmalloc-128 of size 128 [ 24.286581] The buggy address is located 5 bytes to the right of [ 24.286581] allocated 115-byte region [fff00000c59ef400, fff00000c59ef473) [ 24.287287] [ 24.287343] The buggy address belongs to the physical page: [ 24.287704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.287989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.288164] page_type: f5(slab) [ 24.290181] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.291090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.291239] page dumped because: kasan: bad access detected [ 24.291332] [ 24.291398] Memory state around the buggy address: [ 24.291883] fff00000c59ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.291999] fff00000c59ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.292306] >fff00000c59ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.292443] ^ [ 24.292621] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.292866] fff00000c59ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.293153] ================================================================== [ 24.258822] ================================================================== [ 24.258893] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 24.258966] Read of size 1 at addr fff00000c59ef473 by task kunit_try_catch/196 [ 24.259027] [ 24.259067] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.259166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.259198] Hardware name: linux,dummy-virt (DT) [ 24.259238] Call trace: [ 24.259265] show_stack+0x20/0x38 (C) [ 24.259327] dump_stack_lvl+0x8c/0xd0 [ 24.259658] print_report+0x118/0x608 [ 24.259960] kasan_report+0xdc/0x128 [ 24.260082] __asan_report_load1_noabort+0x20/0x30 [ 24.260296] ksize_unpoisons_memory+0x628/0x740 [ 24.260768] kunit_try_run_case+0x170/0x3f0 [ 24.260913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.261151] kthread+0x328/0x630 [ 24.261412] ret_from_fork+0x10/0x20 [ 24.261547] [ 24.262054] Allocated by task 196: [ 24.262136] kasan_save_stack+0x3c/0x68 [ 24.262348] kasan_save_track+0x20/0x40 [ 24.262483] kasan_save_alloc_info+0x40/0x58 [ 24.262849] __kasan_kmalloc+0xd4/0xd8 [ 24.263489] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.263763] ksize_unpoisons_memory+0xc0/0x740 [ 24.263932] kunit_try_run_case+0x170/0x3f0 [ 24.264248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.264515] kthread+0x328/0x630 [ 24.265013] ret_from_fork+0x10/0x20 [ 24.265114] [ 24.265165] The buggy address belongs to the object at fff00000c59ef400 [ 24.265165] which belongs to the cache kmalloc-128 of size 128 [ 24.265527] The buggy address is located 0 bytes to the right of [ 24.265527] allocated 115-byte region [fff00000c59ef400, fff00000c59ef473) [ 24.266859] [ 24.266927] The buggy address belongs to the physical page: [ 24.267186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.267415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.267998] page_type: f5(slab) [ 24.268426] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.268873] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.269361] page dumped because: kasan: bad access detected [ 24.269487] [ 24.269553] Memory state around the buggy address: [ 24.269922] fff00000c59ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.270373] fff00000c59ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.270725] >fff00000c59ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.270885] ^ [ 24.271281] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.271831] fff00000c59ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.272239] ================================================================== [ 24.296409] ================================================================== [ 24.296573] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 24.296773] Read of size 1 at addr fff00000c59ef47f by task kunit_try_catch/196 [ 24.296910] [ 24.297012] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.297827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.297927] Hardware name: linux,dummy-virt (DT) [ 24.298007] Call trace: [ 24.298064] show_stack+0x20/0x38 (C) [ 24.298192] dump_stack_lvl+0x8c/0xd0 [ 24.298323] print_report+0x118/0x608 [ 24.298460] kasan_report+0xdc/0x128 [ 24.299189] __asan_report_load1_noabort+0x20/0x30 [ 24.299918] ksize_unpoisons_memory+0x690/0x740 [ 24.300191] kunit_try_run_case+0x170/0x3f0 [ 24.300794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.301049] kthread+0x328/0x630 [ 24.301536] ret_from_fork+0x10/0x20 [ 24.302437] [ 24.302566] Allocated by task 196: [ 24.302735] kasan_save_stack+0x3c/0x68 [ 24.303325] kasan_save_track+0x20/0x40 [ 24.303616] kasan_save_alloc_info+0x40/0x58 [ 24.304270] __kasan_kmalloc+0xd4/0xd8 [ 24.304530] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.304644] ksize_unpoisons_memory+0xc0/0x740 [ 24.304751] kunit_try_run_case+0x170/0x3f0 [ 24.304846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.304955] kthread+0x328/0x630 [ 24.305039] ret_from_fork+0x10/0x20 [ 24.305131] [ 24.305226] The buggy address belongs to the object at fff00000c59ef400 [ 24.305226] which belongs to the cache kmalloc-128 of size 128 [ 24.305608] The buggy address is located 12 bytes to the right of [ 24.305608] allocated 115-byte region [fff00000c59ef400, fff00000c59ef473) [ 24.305911] [ 24.306053] The buggy address belongs to the physical page: [ 24.306101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 24.306171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.306312] page_type: f5(slab) [ 24.306441] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.306732] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.306860] page dumped because: kasan: bad access detected [ 24.307391] [ 24.307487] Memory state around the buggy address: [ 24.307843] fff00000c59ef300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.308122] fff00000c59ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.308235] >fff00000c59ef400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.308330] ^ [ 24.308708] fff00000c59ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.309000] fff00000c59ef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.309673] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 24.205697] ================================================================== [ 24.205825] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 24.205934] Free of addr fff00000c3fab740 by task kunit_try_catch/194 [ 24.206031] [ 24.206094] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.206311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.206402] Hardware name: linux,dummy-virt (DT) [ 24.206481] Call trace: [ 24.206531] show_stack+0x20/0x38 (C) [ 24.206649] dump_stack_lvl+0x8c/0xd0 [ 24.206762] print_report+0x118/0x608 [ 24.206871] kasan_report_invalid_free+0xc0/0xe8 [ 24.207530] check_slab_allocation+0xd4/0x108 [ 24.207696] __kasan_slab_pre_free+0x2c/0x48 [ 24.207833] kfree+0xe8/0x3c8 [ 24.208160] kfree_sensitive+0x3c/0xb0 [ 24.208296] kmalloc_double_kzfree+0x168/0x308 [ 24.208463] kunit_try_run_case+0x170/0x3f0 [ 24.208958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.209363] kthread+0x328/0x630 [ 24.209548] ret_from_fork+0x10/0x20 [ 24.209670] [ 24.209717] Allocated by task 194: [ 24.209783] kasan_save_stack+0x3c/0x68 [ 24.209879] kasan_save_track+0x20/0x40 [ 24.209969] kasan_save_alloc_info+0x40/0x58 [ 24.210070] __kasan_kmalloc+0xd4/0xd8 [ 24.210356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.210605] kmalloc_double_kzfree+0xb8/0x308 [ 24.210741] kunit_try_run_case+0x170/0x3f0 [ 24.211211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.211747] kthread+0x328/0x630 [ 24.212163] ret_from_fork+0x10/0x20 [ 24.212281] [ 24.212333] Freed by task 194: [ 24.212462] kasan_save_stack+0x3c/0x68 [ 24.212840] kasan_save_track+0x20/0x40 [ 24.212972] kasan_save_free_info+0x4c/0x78 [ 24.213114] __kasan_slab_free+0x6c/0x98 [ 24.213428] kfree+0x214/0x3c8 [ 24.213598] kfree_sensitive+0x80/0xb0 [ 24.213710] kmalloc_double_kzfree+0x11c/0x308 [ 24.214347] kunit_try_run_case+0x170/0x3f0 [ 24.214475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.215267] kthread+0x328/0x630 [ 24.215444] ret_from_fork+0x10/0x20 [ 24.215553] [ 24.215604] The buggy address belongs to the object at fff00000c3fab740 [ 24.215604] which belongs to the cache kmalloc-16 of size 16 [ 24.215733] The buggy address is located 0 bytes inside of [ 24.215733] 16-byte region [fff00000c3fab740, fff00000c3fab750) [ 24.215876] [ 24.215921] The buggy address belongs to the physical page: [ 24.215993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 24.216604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.217017] page_type: f5(slab) [ 24.217118] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.217270] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.217894] page dumped because: kasan: bad access detected [ 24.218132] [ 24.218208] Memory state around the buggy address: [ 24.218525] fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 24.218700] fff00000c3fab680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.219317] >fff00000c3fab700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.219477] ^ [ 24.219716] fff00000c3fab780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.220176] fff00000c3fab800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.220280] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 24.188064] ================================================================== [ 24.188264] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 24.188440] Read of size 1 at addr fff00000c3fab740 by task kunit_try_catch/194 [ 24.188797] [ 24.188953] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.189155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.189222] Hardware name: linux,dummy-virt (DT) [ 24.189297] Call trace: [ 24.189364] show_stack+0x20/0x38 (C) [ 24.189602] dump_stack_lvl+0x8c/0xd0 [ 24.189854] print_report+0x118/0x608 [ 24.190103] kasan_report+0xdc/0x128 [ 24.190651] __kasan_check_byte+0x54/0x70 [ 24.190797] kfree_sensitive+0x30/0xb0 [ 24.190930] kmalloc_double_kzfree+0x168/0x308 [ 24.191072] kunit_try_run_case+0x170/0x3f0 [ 24.191322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.191492] kthread+0x328/0x630 [ 24.191622] ret_from_fork+0x10/0x20 [ 24.191788] [ 24.191873] Allocated by task 194: [ 24.191983] kasan_save_stack+0x3c/0x68 [ 24.192193] kasan_save_track+0x20/0x40 [ 24.192290] kasan_save_alloc_info+0x40/0x58 [ 24.192524] __kasan_kmalloc+0xd4/0xd8 [ 24.192625] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.192785] kmalloc_double_kzfree+0xb8/0x308 [ 24.192910] kunit_try_run_case+0x170/0x3f0 [ 24.193792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.193913] kthread+0x328/0x630 [ 24.194006] ret_from_fork+0x10/0x20 [ 24.195771] [ 24.196035] Freed by task 194: [ 24.196485] kasan_save_stack+0x3c/0x68 [ 24.196597] kasan_save_track+0x20/0x40 [ 24.196697] kasan_save_free_info+0x4c/0x78 [ 24.197814] __kasan_slab_free+0x6c/0x98 [ 24.198353] kfree+0x214/0x3c8 [ 24.198638] kfree_sensitive+0x80/0xb0 [ 24.198761] kmalloc_double_kzfree+0x11c/0x308 [ 24.198876] kunit_try_run_case+0x170/0x3f0 [ 24.199158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.199305] kthread+0x328/0x630 [ 24.199781] ret_from_fork+0x10/0x20 [ 24.200123] [ 24.200180] The buggy address belongs to the object at fff00000c3fab740 [ 24.200180] which belongs to the cache kmalloc-16 of size 16 [ 24.200662] The buggy address is located 0 bytes inside of [ 24.200662] freed 16-byte region [fff00000c3fab740, fff00000c3fab750) [ 24.200953] [ 24.201013] The buggy address belongs to the physical page: [ 24.201653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 24.202434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.202801] page_type: f5(slab) [ 24.203002] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.203139] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.203607] page dumped because: kasan: bad access detected [ 24.203732] [ 24.203852] Memory state around the buggy address: [ 24.203936] fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 24.204052] fff00000c3fab680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.204161] >fff00000c3fab700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.204262] ^ [ 24.204352] fff00000c3fab780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.204493] fff00000c3fab800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.204612] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 24.106991] ================================================================== [ 24.107109] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 24.107235] Write of size 33 at addr fff00000c5a25000 by task kunit_try_catch/188 [ 24.107358] [ 24.107536] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.108033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.108151] Hardware name: linux,dummy-virt (DT) [ 24.108243] Call trace: [ 24.108433] show_stack+0x20/0x38 (C) [ 24.108752] dump_stack_lvl+0x8c/0xd0 [ 24.108892] print_report+0x118/0x608 [ 24.109230] kasan_report+0xdc/0x128 [ 24.109526] kasan_check_range+0x100/0x1a8 [ 24.109728] __asan_memset+0x34/0x78 [ 24.109848] kmalloc_uaf_memset+0x170/0x310 [ 24.110199] kunit_try_run_case+0x170/0x3f0 [ 24.110395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.110554] kthread+0x328/0x630 [ 24.110691] ret_from_fork+0x10/0x20 [ 24.110917] [ 24.111056] Allocated by task 188: [ 24.111208] kasan_save_stack+0x3c/0x68 [ 24.111325] kasan_save_track+0x20/0x40 [ 24.111440] kasan_save_alloc_info+0x40/0x58 [ 24.111570] __kasan_kmalloc+0xd4/0xd8 [ 24.111807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.112077] kmalloc_uaf_memset+0xb8/0x310 [ 24.112186] kunit_try_run_case+0x170/0x3f0 [ 24.112284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.112410] kthread+0x328/0x630 [ 24.112532] ret_from_fork+0x10/0x20 [ 24.112767] [ 24.112826] Freed by task 188: [ 24.112902] kasan_save_stack+0x3c/0x68 [ 24.113255] kasan_save_track+0x20/0x40 [ 24.113459] kasan_save_free_info+0x4c/0x78 [ 24.113727] __kasan_slab_free+0x6c/0x98 [ 24.113891] kfree+0x214/0x3c8 [ 24.113980] kmalloc_uaf_memset+0x11c/0x310 [ 24.114072] kunit_try_run_case+0x170/0x3f0 [ 24.114169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.114291] kthread+0x328/0x630 [ 24.114404] ret_from_fork+0x10/0x20 [ 24.114495] [ 24.114569] The buggy address belongs to the object at fff00000c5a25000 [ 24.114569] which belongs to the cache kmalloc-64 of size 64 [ 24.114707] The buggy address is located 0 bytes inside of [ 24.114707] freed 64-byte region [fff00000c5a25000, fff00000c5a25040) [ 24.114902] [ 24.115018] The buggy address belongs to the physical page: [ 24.115132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a25 [ 24.115420] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.115554] page_type: f5(slab) [ 24.115864] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.116012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.116144] page dumped because: kasan: bad access detected [ 24.116270] [ 24.116321] Memory state around the buggy address: [ 24.116423] fff00000c5a24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.116560] fff00000c5a24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.116677] >fff00000c5a25000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.116783] ^ [ 24.117112] fff00000c5a25080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.117267] fff00000c5a25100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.117556] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 24.069185] ================================================================== [ 24.069341] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 24.070422] Read of size 1 at addr fff00000c3fab728 by task kunit_try_catch/186 [ 24.070544] [ 24.070611] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.070804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.070868] Hardware name: linux,dummy-virt (DT) [ 24.070940] Call trace: [ 24.070992] show_stack+0x20/0x38 (C) [ 24.071775] dump_stack_lvl+0x8c/0xd0 [ 24.072213] print_report+0x118/0x608 [ 24.072859] kasan_report+0xdc/0x128 [ 24.073318] __asan_report_load1_noabort+0x20/0x30 [ 24.073536] kmalloc_uaf+0x300/0x338 [ 24.073681] kunit_try_run_case+0x170/0x3f0 [ 24.074784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.074936] kthread+0x328/0x630 [ 24.075062] ret_from_fork+0x10/0x20 [ 24.075887] [ 24.076193] Allocated by task 186: [ 24.076274] kasan_save_stack+0x3c/0x68 [ 24.076432] kasan_save_track+0x20/0x40 [ 24.076540] kasan_save_alloc_info+0x40/0x58 [ 24.076639] __kasan_kmalloc+0xd4/0xd8 [ 24.076772] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.076877] kmalloc_uaf+0xb8/0x338 [ 24.076963] kunit_try_run_case+0x170/0x3f0 [ 24.077058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.077177] kthread+0x328/0x630 [ 24.077270] ret_from_fork+0x10/0x20 [ 24.077414] [ 24.077471] Freed by task 186: [ 24.077550] kasan_save_stack+0x3c/0x68 [ 24.078054] kasan_save_track+0x20/0x40 [ 24.078250] kasan_save_free_info+0x4c/0x78 [ 24.078474] __kasan_slab_free+0x6c/0x98 [ 24.078590] kfree+0x214/0x3c8 [ 24.078871] kmalloc_uaf+0x11c/0x338 [ 24.079006] kunit_try_run_case+0x170/0x3f0 [ 24.079330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.079471] kthread+0x328/0x630 [ 24.079582] ret_from_fork+0x10/0x20 [ 24.079764] [ 24.079824] The buggy address belongs to the object at fff00000c3fab720 [ 24.079824] which belongs to the cache kmalloc-16 of size 16 [ 24.080283] The buggy address is located 8 bytes inside of [ 24.080283] freed 16-byte region [fff00000c3fab720, fff00000c3fab730) [ 24.080651] [ 24.080704] The buggy address belongs to the physical page: [ 24.080810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 24.080976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.081148] page_type: f5(slab) [ 24.081347] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.081495] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.081602] page dumped because: kasan: bad access detected [ 24.081680] [ 24.081779] Memory state around the buggy address: [ 24.081928] fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 24.082082] fff00000c3fab680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.082187] >fff00000c3fab700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 24.082316] ^ [ 24.082898] fff00000c3fab780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.083131] fff00000c3fab800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.083242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 24.039508] ================================================================== [ 24.039691] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 24.039860] Read of size 64 at addr fff00000c59e9d04 by task kunit_try_catch/184 [ 24.040069] [ 24.040210] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.040532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.040736] Hardware name: linux,dummy-virt (DT) [ 24.040890] Call trace: [ 24.040950] show_stack+0x20/0x38 (C) [ 24.041080] dump_stack_lvl+0x8c/0xd0 [ 24.041207] print_report+0x118/0x608 [ 24.041431] kasan_report+0xdc/0x128 [ 24.041611] kasan_check_range+0x100/0x1a8 [ 24.041731] __asan_memmove+0x3c/0x98 [ 24.041878] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 24.042013] kunit_try_run_case+0x170/0x3f0 [ 24.042146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.042311] kthread+0x328/0x630 [ 24.042554] ret_from_fork+0x10/0x20 [ 24.042912] [ 24.043108] Allocated by task 184: [ 24.043194] kasan_save_stack+0x3c/0x68 [ 24.043418] kasan_save_track+0x20/0x40 [ 24.043557] kasan_save_alloc_info+0x40/0x58 [ 24.043848] __kasan_kmalloc+0xd4/0xd8 [ 24.043941] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.044086] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 24.044194] kunit_try_run_case+0x170/0x3f0 [ 24.044495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.044662] kthread+0x328/0x630 [ 24.044799] ret_from_fork+0x10/0x20 [ 24.044985] [ 24.045120] The buggy address belongs to the object at fff00000c59e9d00 [ 24.045120] which belongs to the cache kmalloc-64 of size 64 [ 24.045263] The buggy address is located 4 bytes inside of [ 24.045263] allocated 64-byte region [fff00000c59e9d00, fff00000c59e9d40) [ 24.045424] [ 24.045477] The buggy address belongs to the physical page: [ 24.045563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059e9 [ 24.045789] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.045951] page_type: f5(slab) [ 24.046058] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.046284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.046453] page dumped because: kasan: bad access detected [ 24.046698] [ 24.046746] Memory state around the buggy address: [ 24.046826] fff00000c59e9c00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.046940] fff00000c59e9c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.047055] >fff00000c59e9d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.047160] ^ [ 24.047243] fff00000c59e9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.047374] fff00000c59e9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.047553] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 24.015205] ================================================================== [ 24.015335] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 24.015495] Read of size 18446744073709551614 at addr fff00000c59e9b04 by task kunit_try_catch/182 [ 24.015691] [ 24.015772] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 24.016013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.016114] Hardware name: linux,dummy-virt (DT) [ 24.016199] Call trace: [ 24.016263] show_stack+0x20/0x38 (C) [ 24.016581] dump_stack_lvl+0x8c/0xd0 [ 24.016770] print_report+0x118/0x608 [ 24.016985] kasan_report+0xdc/0x128 [ 24.017223] kasan_check_range+0x100/0x1a8 [ 24.017347] __asan_memmove+0x3c/0x98 [ 24.017498] kmalloc_memmove_negative_size+0x154/0x2e0 [ 24.017690] kunit_try_run_case+0x170/0x3f0 [ 24.017831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.018025] kthread+0x328/0x630 [ 24.018157] ret_from_fork+0x10/0x20 [ 24.018289] [ 24.018334] Allocated by task 182: [ 24.018425] kasan_save_stack+0x3c/0x68 [ 24.018522] kasan_save_track+0x20/0x40 [ 24.018726] kasan_save_alloc_info+0x40/0x58 [ 24.018893] __kasan_kmalloc+0xd4/0xd8 [ 24.019168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.019270] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 24.019605] kunit_try_run_case+0x170/0x3f0 [ 24.020292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.020439] kthread+0x328/0x630 [ 24.020573] ret_from_fork+0x10/0x20 [ 24.020709] [ 24.020758] The buggy address belongs to the object at fff00000c59e9b00 [ 24.020758] which belongs to the cache kmalloc-64 of size 64 [ 24.020923] The buggy address is located 4 bytes inside of [ 24.020923] 64-byte region [fff00000c59e9b00, fff00000c59e9b40) [ 24.021076] [ 24.021191] The buggy address belongs to the physical page: [ 24.021272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059e9 [ 24.021411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.021573] page_type: f5(slab) [ 24.021670] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.022004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.022117] page dumped because: kasan: bad access detected [ 24.022298] [ 24.022346] Memory state around the buggy address: [ 24.022449] fff00000c59e9a00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 24.022575] fff00000c59e9a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.022719] >fff00000c59e9b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.022861] ^ [ 24.022940] fff00000c59e9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.023074] fff00000c59e9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.023184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 23.981128] ================================================================== [ 23.981252] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 23.981414] Write of size 16 at addr fff00000c59ef369 by task kunit_try_catch/180 [ 23.981543] [ 23.981627] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.981863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.982014] Hardware name: linux,dummy-virt (DT) [ 23.982133] Call trace: [ 23.982196] show_stack+0x20/0x38 (C) [ 23.982425] dump_stack_lvl+0x8c/0xd0 [ 23.982558] print_report+0x118/0x608 [ 23.982668] kasan_report+0xdc/0x128 [ 23.982775] kasan_check_range+0x100/0x1a8 [ 23.982886] __asan_memset+0x34/0x78 [ 23.982992] kmalloc_oob_memset_16+0x150/0x2f8 [ 23.983111] kunit_try_run_case+0x170/0x3f0 [ 23.983230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.983354] kthread+0x328/0x630 [ 23.983486] ret_from_fork+0x10/0x20 [ 23.983599] [ 23.983642] Allocated by task 180: [ 23.983707] kasan_save_stack+0x3c/0x68 [ 23.983796] kasan_save_track+0x20/0x40 [ 23.983881] kasan_save_alloc_info+0x40/0x58 [ 23.983973] __kasan_kmalloc+0xd4/0xd8 [ 23.984061] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.984734] kmalloc_oob_memset_16+0xb0/0x2f8 [ 23.984982] kunit_try_run_case+0x170/0x3f0 [ 23.985318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.985716] kthread+0x328/0x630 [ 23.986127] ret_from_fork+0x10/0x20 [ 23.986243] [ 23.986459] The buggy address belongs to the object at fff00000c59ef300 [ 23.986459] which belongs to the cache kmalloc-128 of size 128 [ 23.986775] The buggy address is located 105 bytes inside of [ 23.986775] allocated 120-byte region [fff00000c59ef300, fff00000c59ef378) [ 23.987284] [ 23.987407] The buggy address belongs to the physical page: [ 23.987877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 23.988724] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.988846] page_type: f5(slab) [ 23.989489] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.989766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.990210] page dumped because: kasan: bad access detected [ 23.990514] [ 23.990584] Memory state around the buggy address: [ 23.990691] fff00000c59ef200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.990872] fff00000c59ef280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.991148] >fff00000c59ef300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.991314] ^ [ 23.991487] fff00000c59ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.992192] fff00000c59ef400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.992654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 23.943790] ================================================================== [ 23.943911] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 23.944041] Write of size 8 at addr fff00000c59ef271 by task kunit_try_catch/178 [ 23.944156] [ 23.944237] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.944551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.944842] Hardware name: linux,dummy-virt (DT) [ 23.945146] Call trace: [ 23.945220] show_stack+0x20/0x38 (C) [ 23.945358] dump_stack_lvl+0x8c/0xd0 [ 23.945562] print_report+0x118/0x608 [ 23.945805] kasan_report+0xdc/0x128 [ 23.945943] kasan_check_range+0x100/0x1a8 [ 23.946069] __asan_memset+0x34/0x78 [ 23.947515] kmalloc_oob_memset_8+0x150/0x2f8 [ 23.947664] kunit_try_run_case+0x170/0x3f0 [ 23.947802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.948036] kthread+0x328/0x630 [ 23.948249] ret_from_fork+0x10/0x20 [ 23.948702] [ 23.949204] Allocated by task 178: [ 23.949320] kasan_save_stack+0x3c/0x68 [ 23.949985] kasan_save_track+0x20/0x40 [ 23.950822] kasan_save_alloc_info+0x40/0x58 [ 23.950991] __kasan_kmalloc+0xd4/0xd8 [ 23.951412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.951512] kmalloc_oob_memset_8+0xb0/0x2f8 [ 23.951606] kunit_try_run_case+0x170/0x3f0 [ 23.951699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.953701] kthread+0x328/0x630 [ 23.953807] ret_from_fork+0x10/0x20 [ 23.954164] [ 23.954215] The buggy address belongs to the object at fff00000c59ef200 [ 23.954215] which belongs to the cache kmalloc-128 of size 128 [ 23.954693] The buggy address is located 113 bytes inside of [ 23.954693] allocated 120-byte region [fff00000c59ef200, fff00000c59ef278) [ 23.954844] [ 23.955931] The buggy address belongs to the physical page: [ 23.957120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 23.957279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.957483] page_type: f5(slab) [ 23.957697] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.957919] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.958183] page dumped because: kasan: bad access detected [ 23.958322] [ 23.958365] Memory state around the buggy address: [ 23.958462] fff00000c59ef100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.958584] fff00000c59ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.959024] >fff00000c59ef200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.959395] ^ [ 23.959620] fff00000c59ef280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.959802] fff00000c59ef300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.959998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 23.910462] ================================================================== [ 23.910636] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 23.910788] Write of size 4 at addr fff00000c59ef175 by task kunit_try_catch/176 [ 23.910946] [ 23.911052] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.911272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.911340] Hardware name: linux,dummy-virt (DT) [ 23.911620] Call trace: [ 23.911797] show_stack+0x20/0x38 (C) [ 23.911923] dump_stack_lvl+0x8c/0xd0 [ 23.912043] print_report+0x118/0x608 [ 23.912222] kasan_report+0xdc/0x128 [ 23.912340] kasan_check_range+0x100/0x1a8 [ 23.912485] __asan_memset+0x34/0x78 [ 23.912600] kmalloc_oob_memset_4+0x150/0x300 [ 23.912733] kunit_try_run_case+0x170/0x3f0 [ 23.912865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.912993] kthread+0x328/0x630 [ 23.913107] ret_from_fork+0x10/0x20 [ 23.913239] [ 23.913297] Allocated by task 176: [ 23.913443] kasan_save_stack+0x3c/0x68 [ 23.913582] kasan_save_track+0x20/0x40 [ 23.913683] kasan_save_alloc_info+0x40/0x58 [ 23.913857] __kasan_kmalloc+0xd4/0xd8 [ 23.913995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.914223] kmalloc_oob_memset_4+0xb0/0x300 [ 23.914324] kunit_try_run_case+0x170/0x3f0 [ 23.914439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.914548] kthread+0x328/0x630 [ 23.914635] ret_from_fork+0x10/0x20 [ 23.914720] [ 23.915597] The buggy address belongs to the object at fff00000c59ef100 [ 23.915597] which belongs to the cache kmalloc-128 of size 128 [ 23.915993] The buggy address is located 117 bytes inside of [ 23.915993] allocated 120-byte region [fff00000c59ef100, fff00000c59ef178) [ 23.917069] [ 23.917127] The buggy address belongs to the physical page: [ 23.917440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 23.917709] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.918223] page_type: f5(slab) [ 23.918326] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.918755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.919355] page dumped because: kasan: bad access detected [ 23.919468] [ 23.919732] Memory state around the buggy address: [ 23.920032] fff00000c59ef000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.920192] fff00000c59ef080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.920791] >fff00000c59ef100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.921303] ^ [ 23.921995] fff00000c59ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.922367] fff00000c59ef200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.922791] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 23.877097] ================================================================== [ 23.877226] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 23.877366] Write of size 2 at addr fff00000c59ef077 by task kunit_try_catch/174 [ 23.877500] [ 23.877594] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.877792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.877855] Hardware name: linux,dummy-virt (DT) [ 23.877929] Call trace: [ 23.877982] show_stack+0x20/0x38 (C) [ 23.878111] dump_stack_lvl+0x8c/0xd0 [ 23.878237] print_report+0x118/0x608 [ 23.878348] kasan_report+0xdc/0x128 [ 23.879193] kasan_check_range+0x100/0x1a8 [ 23.879429] __asan_memset+0x34/0x78 [ 23.879624] kmalloc_oob_memset_2+0x150/0x2f8 [ 23.879751] kunit_try_run_case+0x170/0x3f0 [ 23.880619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.880765] kthread+0x328/0x630 [ 23.881124] ret_from_fork+0x10/0x20 [ 23.881609] [ 23.881773] Allocated by task 174: [ 23.881854] kasan_save_stack+0x3c/0x68 [ 23.882179] kasan_save_track+0x20/0x40 [ 23.882554] kasan_save_alloc_info+0x40/0x58 [ 23.882890] __kasan_kmalloc+0xd4/0xd8 [ 23.883077] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.883265] kmalloc_oob_memset_2+0xb0/0x2f8 [ 23.883448] kunit_try_run_case+0x170/0x3f0 [ 23.883562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.883762] kthread+0x328/0x630 [ 23.884089] ret_from_fork+0x10/0x20 [ 23.884249] [ 23.884491] The buggy address belongs to the object at fff00000c59ef000 [ 23.884491] which belongs to the cache kmalloc-128 of size 128 [ 23.884630] The buggy address is located 119 bytes inside of [ 23.884630] allocated 120-byte region [fff00000c59ef000, fff00000c59ef078) [ 23.884975] [ 23.885170] The buggy address belongs to the physical page: [ 23.885545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ef [ 23.885731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.886123] page_type: f5(slab) [ 23.886374] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.886632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.886731] page dumped because: kasan: bad access detected [ 23.886811] [ 23.886857] Memory state around the buggy address: [ 23.887603] fff00000c59eef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.887895] fff00000c59eef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888057] >fff00000c59ef000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.888168] ^ [ 23.888442] fff00000c59ef080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.888729] fff00000c59ef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.889074] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 23.843246] ================================================================== [ 23.843370] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 23.843524] Write of size 128 at addr fff00000c3fb3f00 by task kunit_try_catch/172 [ 23.843642] [ 23.843720] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.843913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.843976] Hardware name: linux,dummy-virt (DT) [ 23.844047] Call trace: [ 23.844098] show_stack+0x20/0x38 (C) [ 23.844213] dump_stack_lvl+0x8c/0xd0 [ 23.844329] print_report+0x118/0x608 [ 23.846148] kasan_report+0xdc/0x128 [ 23.846906] kasan_check_range+0x100/0x1a8 [ 23.847097] __asan_memset+0x34/0x78 [ 23.847342] kmalloc_oob_in_memset+0x144/0x2d0 [ 23.848145] kunit_try_run_case+0x170/0x3f0 [ 23.848294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.848733] kthread+0x328/0x630 [ 23.848879] ret_from_fork+0x10/0x20 [ 23.849056] [ 23.849107] Allocated by task 172: [ 23.849475] kasan_save_stack+0x3c/0x68 [ 23.850513] kasan_save_track+0x20/0x40 [ 23.850738] kasan_save_alloc_info+0x40/0x58 [ 23.851090] __kasan_kmalloc+0xd4/0xd8 [ 23.851794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.852730] kmalloc_oob_in_memset+0xb0/0x2d0 [ 23.852847] kunit_try_run_case+0x170/0x3f0 [ 23.853256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.853514] kthread+0x328/0x630 [ 23.853882] ret_from_fork+0x10/0x20 [ 23.854211] [ 23.854351] The buggy address belongs to the object at fff00000c3fb3f00 [ 23.854351] which belongs to the cache kmalloc-128 of size 128 [ 23.854735] The buggy address is located 0 bytes inside of [ 23.854735] allocated 120-byte region [fff00000c3fb3f00, fff00000c3fb3f78) [ 23.855225] [ 23.855323] The buggy address belongs to the physical page: [ 23.855419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.855545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.856020] page_type: f5(slab) [ 23.856282] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.857094] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.857738] page dumped because: kasan: bad access detected [ 23.857829] [ 23.858219] Memory state around the buggy address: [ 23.858302] fff00000c3fb3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.859363] fff00000c3fb3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.859489] >fff00000c3fb3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.859967] ^ [ 23.860078] fff00000c3fb3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.860616] fff00000c3fb4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.860716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 23.812256] ================================================================== [ 23.812414] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 23.812567] Read of size 16 at addr fff00000c3fab700 by task kunit_try_catch/170 [ 23.812785] [ 23.812934] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.813185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.813314] Hardware name: linux,dummy-virt (DT) [ 23.813420] Call trace: [ 23.813699] show_stack+0x20/0x38 (C) [ 23.813840] dump_stack_lvl+0x8c/0xd0 [ 23.814034] print_report+0x118/0x608 [ 23.814161] kasan_report+0xdc/0x128 [ 23.814297] __asan_report_load16_noabort+0x20/0x30 [ 23.814575] kmalloc_uaf_16+0x3bc/0x438 [ 23.814716] kunit_try_run_case+0x170/0x3f0 [ 23.815293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.815611] kthread+0x328/0x630 [ 23.815966] ret_from_fork+0x10/0x20 [ 23.816273] [ 23.816355] Allocated by task 170: [ 23.816475] kasan_save_stack+0x3c/0x68 [ 23.816580] kasan_save_track+0x20/0x40 [ 23.817042] kasan_save_alloc_info+0x40/0x58 [ 23.817333] __kasan_kmalloc+0xd4/0xd8 [ 23.817454] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.817683] kmalloc_uaf_16+0x140/0x438 [ 23.818097] kunit_try_run_case+0x170/0x3f0 [ 23.818219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.818355] kthread+0x328/0x630 [ 23.818465] ret_from_fork+0x10/0x20 [ 23.818611] [ 23.818691] Freed by task 170: [ 23.818882] kasan_save_stack+0x3c/0x68 [ 23.819048] kasan_save_track+0x20/0x40 [ 23.819289] kasan_save_free_info+0x4c/0x78 [ 23.819409] __kasan_slab_free+0x6c/0x98 [ 23.819516] kfree+0x214/0x3c8 [ 23.819679] kmalloc_uaf_16+0x190/0x438 [ 23.819802] kunit_try_run_case+0x170/0x3f0 [ 23.819893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.819997] kthread+0x328/0x630 [ 23.820081] ret_from_fork+0x10/0x20 [ 23.820175] [ 23.820228] The buggy address belongs to the object at fff00000c3fab700 [ 23.820228] which belongs to the cache kmalloc-16 of size 16 [ 23.820433] The buggy address is located 0 bytes inside of [ 23.820433] freed 16-byte region [fff00000c3fab700, fff00000c3fab710) [ 23.820600] [ 23.820658] The buggy address belongs to the physical page: [ 23.820839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 23.820977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.821099] page_type: f5(slab) [ 23.821217] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.821361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.821678] page dumped because: kasan: bad access detected [ 23.821785] [ 23.821837] Memory state around the buggy address: [ 23.822000] fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 23.822115] fff00000c3fab680: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 23.822275] >fff00000c3fab700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.822372] ^ [ 23.822459] fff00000c3fab780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.822638] fff00000c3fab800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.822874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 23.772858] ================================================================== [ 23.773310] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 23.773580] Write of size 16 at addr fff00000c3fab6a0 by task kunit_try_catch/168 [ 23.773906] [ 23.774102] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.774561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.774689] Hardware name: linux,dummy-virt (DT) [ 23.774779] Call trace: [ 23.774832] show_stack+0x20/0x38 (C) [ 23.774952] dump_stack_lvl+0x8c/0xd0 [ 23.775071] print_report+0x118/0x608 [ 23.775730] kasan_report+0xdc/0x128 [ 23.775860] __asan_report_store16_noabort+0x20/0x30 [ 23.775984] kmalloc_oob_16+0x3a0/0x3f8 [ 23.776298] kunit_try_run_case+0x170/0x3f0 [ 23.776516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.776830] kthread+0x328/0x630 [ 23.776956] ret_from_fork+0x10/0x20 [ 23.777121] [ 23.777171] Allocated by task 168: [ 23.777254] kasan_save_stack+0x3c/0x68 [ 23.777358] kasan_save_track+0x20/0x40 [ 23.777752] kasan_save_alloc_info+0x40/0x58 [ 23.777946] __kasan_kmalloc+0xd4/0xd8 [ 23.778215] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.778489] kmalloc_oob_16+0xb4/0x3f8 [ 23.778733] kunit_try_run_case+0x170/0x3f0 [ 23.778943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.779561] kthread+0x328/0x630 [ 23.779835] ret_from_fork+0x10/0x20 [ 23.779961] [ 23.780116] The buggy address belongs to the object at fff00000c3fab6a0 [ 23.780116] which belongs to the cache kmalloc-16 of size 16 [ 23.780306] The buggy address is located 0 bytes inside of [ 23.780306] allocated 13-byte region [fff00000c3fab6a0, fff00000c3fab6ad) [ 23.780552] [ 23.780647] The buggy address belongs to the physical page: [ 23.780757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 23.781102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.781225] page_type: f5(slab) [ 23.781443] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.781585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.781712] page dumped because: kasan: bad access detected [ 23.781822] [ 23.781869] Memory state around the buggy address: [ 23.781959] fff00000c3fab580: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 23.782111] fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 23.782237] >fff00000c3fab680: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 23.782347] ^ [ 23.782468] fff00000c3fab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.783091] fff00000c3fab780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.783188] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 23.721642] ================================================================== [ 23.721811] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 23.721929] Read of size 1 at addr fff00000c1921c00 by task kunit_try_catch/166 [ 23.722052] [ 23.722123] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.722317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.722399] Hardware name: linux,dummy-virt (DT) [ 23.722471] Call trace: [ 23.722523] show_stack+0x20/0x38 (C) [ 23.722638] dump_stack_lvl+0x8c/0xd0 [ 23.722755] print_report+0x118/0x608 [ 23.722862] kasan_report+0xdc/0x128 [ 23.722968] __kasan_check_byte+0x54/0x70 [ 23.723083] krealloc_noprof+0x44/0x360 [ 23.723196] krealloc_uaf+0x180/0x520 [ 23.723300] kunit_try_run_case+0x170/0x3f0 [ 23.723458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.723648] kthread+0x328/0x630 [ 23.723789] ret_from_fork+0x10/0x20 [ 23.723927] [ 23.723976] Allocated by task 166: [ 23.724375] kasan_save_stack+0x3c/0x68 [ 23.724557] kasan_save_track+0x20/0x40 [ 23.724710] kasan_save_alloc_info+0x40/0x58 [ 23.724799] __kasan_kmalloc+0xd4/0xd8 [ 23.724907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.725161] krealloc_uaf+0xc8/0x520 [ 23.725321] kunit_try_run_case+0x170/0x3f0 [ 23.725525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.725669] kthread+0x328/0x630 [ 23.725923] ret_from_fork+0x10/0x20 [ 23.726026] [ 23.726139] Freed by task 166: [ 23.726233] kasan_save_stack+0x3c/0x68 [ 23.726333] kasan_save_track+0x20/0x40 [ 23.726600] kasan_save_free_info+0x4c/0x78 [ 23.726699] __kasan_slab_free+0x6c/0x98 [ 23.726838] kfree+0x214/0x3c8 [ 23.727081] krealloc_uaf+0x12c/0x520 [ 23.727180] kunit_try_run_case+0x170/0x3f0 [ 23.727423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.727804] kthread+0x328/0x630 [ 23.728161] ret_from_fork+0x10/0x20 [ 23.728358] [ 23.728462] The buggy address belongs to the object at fff00000c1921c00 [ 23.728462] which belongs to the cache kmalloc-256 of size 256 [ 23.728871] The buggy address is located 0 bytes inside of [ 23.728871] freed 256-byte region [fff00000c1921c00, fff00000c1921d00) [ 23.729024] [ 23.729113] The buggy address belongs to the physical page: [ 23.729293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.729484] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.729912] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.730056] page_type: f5(slab) [ 23.730165] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.730304] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.730457] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.731110] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.731263] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.731407] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.731536] page dumped because: kasan: bad access detected [ 23.731616] [ 23.731658] Memory state around the buggy address: [ 23.732508] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.733035] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.733905] >fff00000c1921c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.734713] ^ [ 23.734841] fff00000c1921c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.734948] fff00000c1921d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.735106] ================================================================== [ 23.736599] ================================================================== [ 23.737254] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 23.738473] Read of size 1 at addr fff00000c1921c00 by task kunit_try_catch/166 [ 23.738589] [ 23.740007] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.741062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.741161] Hardware name: linux,dummy-virt (DT) [ 23.741240] Call trace: [ 23.741298] show_stack+0x20/0x38 (C) [ 23.741539] dump_stack_lvl+0x8c/0xd0 [ 23.741782] print_report+0x118/0x608 [ 23.741905] kasan_report+0xdc/0x128 [ 23.742025] __asan_report_load1_noabort+0x20/0x30 [ 23.742156] krealloc_uaf+0x4c8/0x520 [ 23.742273] kunit_try_run_case+0x170/0x3f0 [ 23.742418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.742561] kthread+0x328/0x630 [ 23.742695] ret_from_fork+0x10/0x20 [ 23.742831] [ 23.742876] Allocated by task 166: [ 23.742946] kasan_save_stack+0x3c/0x68 [ 23.743045] kasan_save_track+0x20/0x40 [ 23.743136] kasan_save_alloc_info+0x40/0x58 [ 23.743223] __kasan_kmalloc+0xd4/0xd8 [ 23.743316] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.745889] krealloc_uaf+0xc8/0x520 [ 23.746063] kunit_try_run_case+0x170/0x3f0 [ 23.746216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.746760] kthread+0x328/0x630 [ 23.746882] ret_from_fork+0x10/0x20 [ 23.746970] [ 23.747012] Freed by task 166: [ 23.747456] kasan_save_stack+0x3c/0x68 [ 23.747651] kasan_save_track+0x20/0x40 [ 23.748142] kasan_save_free_info+0x4c/0x78 [ 23.748361] __kasan_slab_free+0x6c/0x98 [ 23.748650] kfree+0x214/0x3c8 [ 23.748744] krealloc_uaf+0x12c/0x520 [ 23.749129] kunit_try_run_case+0x170/0x3f0 [ 23.749584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.749950] kthread+0x328/0x630 [ 23.750046] ret_from_fork+0x10/0x20 [ 23.750134] [ 23.751853] The buggy address belongs to the object at fff00000c1921c00 [ 23.751853] which belongs to the cache kmalloc-256 of size 256 [ 23.752156] The buggy address is located 0 bytes inside of [ 23.752156] freed 256-byte region [fff00000c1921c00, fff00000c1921d00) [ 23.752941] [ 23.753508] The buggy address belongs to the physical page: [ 23.753637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.753764] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.753875] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.753996] page_type: f5(slab) [ 23.754081] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.754201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.754322] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.754758] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.754945] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.755826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.755946] page dumped because: kasan: bad access detected [ 23.756022] [ 23.756130] Memory state around the buggy address: [ 23.756219] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.756540] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.756694] >fff00000c1921c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.756779] ^ [ 23.756843] fff00000c1921c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.756956] fff00000c1921d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.757053] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 23.702063] ================================================================== [ 23.702219] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 23.702327] Write of size 1 at addr fff00000c77e20eb by task kunit_try_catch/164 [ 23.702465] [ 23.702528] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.702729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.702809] Hardware name: linux,dummy-virt (DT) [ 23.702929] Call trace: [ 23.702990] show_stack+0x20/0x38 (C) [ 23.703127] dump_stack_lvl+0x8c/0xd0 [ 23.703455] print_report+0x118/0x608 [ 23.703573] kasan_report+0xdc/0x128 [ 23.703682] __asan_report_store1_noabort+0x20/0x30 [ 23.703809] krealloc_less_oob_helper+0xa58/0xc50 [ 23.703925] krealloc_large_less_oob+0x20/0x38 [ 23.704045] kunit_try_run_case+0x170/0x3f0 [ 23.704376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.704538] kthread+0x328/0x630 [ 23.704653] ret_from_fork+0x10/0x20 [ 23.704766] [ 23.704811] The buggy address belongs to the physical page: [ 23.704878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.704995] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.705103] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.705218] page_type: f8(unknown) [ 23.705304] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.705449] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.705635] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.705776] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.705979] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.706123] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.706237] page dumped because: kasan: bad access detected [ 23.706320] [ 23.706367] Memory state around the buggy address: [ 23.706537] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.706656] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.706820] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.706926] ^ [ 23.707026] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.707178] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.707277] ================================================================== [ 23.683774] ================================================================== [ 23.683872] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 23.683991] Write of size 1 at addr fff00000c77e20da by task kunit_try_catch/164 [ 23.684127] [ 23.684847] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.685061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.685135] Hardware name: linux,dummy-virt (DT) [ 23.685243] Call trace: [ 23.685301] show_stack+0x20/0x38 (C) [ 23.685568] dump_stack_lvl+0x8c/0xd0 [ 23.686144] print_report+0x118/0x608 [ 23.686680] kasan_report+0xdc/0x128 [ 23.686804] __asan_report_store1_noabort+0x20/0x30 [ 23.687114] krealloc_less_oob_helper+0xa80/0xc50 [ 23.687301] krealloc_large_less_oob+0x20/0x38 [ 23.687456] kunit_try_run_case+0x170/0x3f0 [ 23.687609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.687818] kthread+0x328/0x630 [ 23.688093] ret_from_fork+0x10/0x20 [ 23.688415] [ 23.688489] The buggy address belongs to the physical page: [ 23.688571] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.688707] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.688873] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.689011] page_type: f8(unknown) [ 23.689117] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.689976] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.690120] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.690255] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.690406] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.690832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.690993] page dumped because: kasan: bad access detected [ 23.691141] [ 23.691213] Memory state around the buggy address: [ 23.691360] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.691507] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.691906] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.692060] ^ [ 23.692174] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.692468] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.692684] ================================================================== [ 23.657960] ================================================================== [ 23.658067] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 23.658184] Write of size 1 at addr fff00000c77e20c9 by task kunit_try_catch/164 [ 23.658317] [ 23.658414] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.658809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.659005] Hardware name: linux,dummy-virt (DT) [ 23.659215] Call trace: [ 23.659271] show_stack+0x20/0x38 (C) [ 23.659404] dump_stack_lvl+0x8c/0xd0 [ 23.659528] print_report+0x118/0x608 [ 23.659641] kasan_report+0xdc/0x128 [ 23.659748] __asan_report_store1_noabort+0x20/0x30 [ 23.659866] krealloc_less_oob_helper+0xa48/0xc50 [ 23.659980] krealloc_large_less_oob+0x20/0x38 [ 23.660422] kunit_try_run_case+0x170/0x3f0 [ 23.660842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.661179] kthread+0x328/0x630 [ 23.661322] ret_from_fork+0x10/0x20 [ 23.661778] [ 23.662035] The buggy address belongs to the physical page: [ 23.662137] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.663075] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.663307] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.663448] page_type: f8(unknown) [ 23.664356] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.664846] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.665938] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.666133] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.666254] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.666374] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.667708] page dumped because: kasan: bad access detected [ 23.668092] [ 23.668142] Memory state around the buggy address: [ 23.668216] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.668321] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.668440] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.669059] ^ [ 23.669847] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.670803] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.670906] ================================================================== [ 23.561082] ================================================================== [ 23.561180] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 23.561282] Write of size 1 at addr fff00000c1921ada by task kunit_try_catch/160 [ 23.561414] [ 23.561482] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.561671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.561734] Hardware name: linux,dummy-virt (DT) [ 23.561805] Call trace: [ 23.561867] show_stack+0x20/0x38 (C) [ 23.562203] dump_stack_lvl+0x8c/0xd0 [ 23.562457] print_report+0x118/0x608 [ 23.562730] kasan_report+0xdc/0x128 [ 23.562844] __asan_report_store1_noabort+0x20/0x30 [ 23.562984] krealloc_less_oob_helper+0xa80/0xc50 [ 23.563121] krealloc_less_oob+0x20/0x38 [ 23.564520] kunit_try_run_case+0x170/0x3f0 [ 23.564761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.565133] kthread+0x328/0x630 [ 23.565288] ret_from_fork+0x10/0x20 [ 23.565632] [ 23.565760] Allocated by task 160: [ 23.565865] kasan_save_stack+0x3c/0x68 [ 23.565977] kasan_save_track+0x20/0x40 [ 23.566074] kasan_save_alloc_info+0x40/0x58 [ 23.566181] __kasan_krealloc+0x118/0x178 [ 23.566393] krealloc_noprof+0x128/0x360 [ 23.566506] krealloc_less_oob_helper+0x168/0xc50 [ 23.566620] krealloc_less_oob+0x20/0x38 [ 23.567183] kunit_try_run_case+0x170/0x3f0 [ 23.567295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.567839] kthread+0x328/0x630 [ 23.568132] ret_from_fork+0x10/0x20 [ 23.568393] [ 23.568463] The buggy address belongs to the object at fff00000c1921a00 [ 23.568463] which belongs to the cache kmalloc-256 of size 256 [ 23.568606] The buggy address is located 17 bytes to the right of [ 23.568606] allocated 201-byte region [fff00000c1921a00, fff00000c1921ac9) [ 23.568761] [ 23.568809] The buggy address belongs to the physical page: [ 23.569455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.569595] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.569720] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.569900] page_type: f5(slab) [ 23.570202] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.570333] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.571030] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.571168] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.571913] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.572037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.572830] page dumped because: kasan: bad access detected [ 23.573269] [ 23.573396] Memory state around the buggy address: [ 23.573482] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.574327] fff00000c1921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.575193] >fff00000c1921a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.575434] ^ [ 23.575524] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.575626] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.575720] ================================================================== [ 23.594807] ================================================================== [ 23.594904] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 23.595011] Write of size 1 at addr fff00000c1921aeb by task kunit_try_catch/160 [ 23.595126] [ 23.595189] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.595373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.595463] Hardware name: linux,dummy-virt (DT) [ 23.595534] Call trace: [ 23.595581] show_stack+0x20/0x38 (C) [ 23.595699] dump_stack_lvl+0x8c/0xd0 [ 23.595823] print_report+0x118/0x608 [ 23.595932] kasan_report+0xdc/0x128 [ 23.596039] __asan_report_store1_noabort+0x20/0x30 [ 23.596550] krealloc_less_oob_helper+0xa58/0xc50 [ 23.596705] krealloc_less_oob+0x20/0x38 [ 23.596953] kunit_try_run_case+0x170/0x3f0 [ 23.597122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.597521] kthread+0x328/0x630 [ 23.597701] ret_from_fork+0x10/0x20 [ 23.598027] [ 23.598091] Allocated by task 160: [ 23.598242] kasan_save_stack+0x3c/0x68 [ 23.598336] kasan_save_track+0x20/0x40 [ 23.598452] kasan_save_alloc_info+0x40/0x58 [ 23.598563] __kasan_krealloc+0x118/0x178 [ 23.598768] krealloc_noprof+0x128/0x360 [ 23.598980] krealloc_less_oob_helper+0x168/0xc50 [ 23.599091] krealloc_less_oob+0x20/0x38 [ 23.599192] kunit_try_run_case+0x170/0x3f0 [ 23.599313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.599657] kthread+0x328/0x630 [ 23.599776] ret_from_fork+0x10/0x20 [ 23.599880] [ 23.599932] The buggy address belongs to the object at fff00000c1921a00 [ 23.599932] which belongs to the cache kmalloc-256 of size 256 [ 23.600192] The buggy address is located 34 bytes to the right of [ 23.600192] allocated 201-byte region [fff00000c1921a00, fff00000c1921ac9) [ 23.600398] [ 23.600464] The buggy address belongs to the physical page: [ 23.600566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.600786] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.600938] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.601063] page_type: f5(slab) [ 23.601229] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.601357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.601501] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.601673] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.601884] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.602045] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.602184] page dumped because: kasan: bad access detected [ 23.602321] [ 23.602428] Memory state around the buggy address: [ 23.602504] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.602617] fff00000c1921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.602851] >fff00000c1921a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.602947] ^ [ 23.603035] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.603165] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.603263] ================================================================== [ 23.694609] ================================================================== [ 23.694699] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 23.694799] Write of size 1 at addr fff00000c77e20ea by task kunit_try_catch/164 [ 23.694911] [ 23.694972] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.695157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.695221] Hardware name: linux,dummy-virt (DT) [ 23.695290] Call trace: [ 23.695336] show_stack+0x20/0x38 (C) [ 23.695473] dump_stack_lvl+0x8c/0xd0 [ 23.696813] print_report+0x118/0x608 [ 23.696921] kasan_report+0xdc/0x128 [ 23.697050] __asan_report_store1_noabort+0x20/0x30 [ 23.697196] krealloc_less_oob_helper+0xae4/0xc50 [ 23.697332] krealloc_large_less_oob+0x20/0x38 [ 23.697564] kunit_try_run_case+0x170/0x3f0 [ 23.697701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.697833] kthread+0x328/0x630 [ 23.697962] ret_from_fork+0x10/0x20 [ 23.698148] [ 23.698198] The buggy address belongs to the physical page: [ 23.698352] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.698496] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.698605] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.698728] page_type: f8(unknown) [ 23.698814] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.699167] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.699315] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.699509] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.699719] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.699885] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.699996] page dumped because: kasan: bad access detected [ 23.700081] [ 23.700150] Memory state around the buggy address: [ 23.700234] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.700426] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.700650] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.700749] ^ [ 23.700842] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.700945] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.701039] ================================================================== [ 23.549563] ================================================================== [ 23.549674] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 23.549995] Write of size 1 at addr fff00000c1921ad0 by task kunit_try_catch/160 [ 23.550115] [ 23.550189] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.550398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.550475] Hardware name: linux,dummy-virt (DT) [ 23.550563] Call trace: [ 23.550620] show_stack+0x20/0x38 (C) [ 23.550742] dump_stack_lvl+0x8c/0xd0 [ 23.550862] print_report+0x118/0x608 [ 23.550972] kasan_report+0xdc/0x128 [ 23.551078] __asan_report_store1_noabort+0x20/0x30 [ 23.551197] krealloc_less_oob_helper+0xb9c/0xc50 [ 23.551310] krealloc_less_oob+0x20/0x38 [ 23.551696] kunit_try_run_case+0x170/0x3f0 [ 23.552511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.552728] kthread+0x328/0x630 [ 23.553086] ret_from_fork+0x10/0x20 [ 23.553242] [ 23.553336] Allocated by task 160: [ 23.553477] kasan_save_stack+0x3c/0x68 [ 23.553676] kasan_save_track+0x20/0x40 [ 23.553767] kasan_save_alloc_info+0x40/0x58 [ 23.553869] __kasan_krealloc+0x118/0x178 [ 23.554048] krealloc_noprof+0x128/0x360 [ 23.554173] krealloc_less_oob_helper+0x168/0xc50 [ 23.554264] krealloc_less_oob+0x20/0x38 [ 23.554357] kunit_try_run_case+0x170/0x3f0 [ 23.554620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.554800] kthread+0x328/0x630 [ 23.554919] ret_from_fork+0x10/0x20 [ 23.555011] [ 23.555105] The buggy address belongs to the object at fff00000c1921a00 [ 23.555105] which belongs to the cache kmalloc-256 of size 256 [ 23.555240] The buggy address is located 7 bytes to the right of [ 23.555240] allocated 201-byte region [fff00000c1921a00, fff00000c1921ac9) [ 23.555404] [ 23.555450] The buggy address belongs to the physical page: [ 23.555524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.555663] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.556194] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.556660] page_type: f5(slab) [ 23.556810] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.557073] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.557225] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.557400] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.557536] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.557672] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.558002] page dumped because: kasan: bad access detected [ 23.558113] [ 23.558154] Memory state around the buggy address: [ 23.558234] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.558338] fff00000c1921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.558487] >fff00000c1921a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.558600] ^ [ 23.558691] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.558797] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.558918] ================================================================== [ 23.580554] ================================================================== [ 23.580670] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 23.580784] Write of size 1 at addr fff00000c1921aea by task kunit_try_catch/160 [ 23.580909] [ 23.580983] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.581173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.581248] Hardware name: linux,dummy-virt (DT) [ 23.581467] Call trace: [ 23.581613] show_stack+0x20/0x38 (C) [ 23.581862] dump_stack_lvl+0x8c/0xd0 [ 23.582099] print_report+0x118/0x608 [ 23.582404] kasan_report+0xdc/0x128 [ 23.582537] __asan_report_store1_noabort+0x20/0x30 [ 23.582750] krealloc_less_oob_helper+0xae4/0xc50 [ 23.582950] krealloc_less_oob+0x20/0x38 [ 23.583636] kunit_try_run_case+0x170/0x3f0 [ 23.583850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.584125] kthread+0x328/0x630 [ 23.584399] ret_from_fork+0x10/0x20 [ 23.584971] [ 23.585028] Allocated by task 160: [ 23.585317] kasan_save_stack+0x3c/0x68 [ 23.585635] kasan_save_track+0x20/0x40 [ 23.586071] kasan_save_alloc_info+0x40/0x58 [ 23.586272] __kasan_krealloc+0x118/0x178 [ 23.586622] krealloc_noprof+0x128/0x360 [ 23.586720] krealloc_less_oob_helper+0x168/0xc50 [ 23.586815] krealloc_less_oob+0x20/0x38 [ 23.586899] kunit_try_run_case+0x170/0x3f0 [ 23.586990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.587092] kthread+0x328/0x630 [ 23.587176] ret_from_fork+0x10/0x20 [ 23.588904] [ 23.589059] The buggy address belongs to the object at fff00000c1921a00 [ 23.589059] which belongs to the cache kmalloc-256 of size 256 [ 23.589956] The buggy address is located 33 bytes to the right of [ 23.589956] allocated 201-byte region [fff00000c1921a00, fff00000c1921ac9) [ 23.590200] [ 23.590327] The buggy address belongs to the physical page: [ 23.590504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.590685] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.590799] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.590926] page_type: f5(slab) [ 23.591083] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.591321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.591599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.591961] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.592141] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.592283] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.592651] page dumped because: kasan: bad access detected [ 23.592740] [ 23.592789] Memory state around the buggy address: [ 23.592872] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.592994] fff00000c1921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.593156] >fff00000c1921a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.593254] ^ [ 23.593348] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.593524] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.593713] ================================================================== [ 23.533725] ================================================================== [ 23.533889] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 23.534030] Write of size 1 at addr fff00000c1921ac9 by task kunit_try_catch/160 [ 23.534149] [ 23.534341] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.534940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.535098] Hardware name: linux,dummy-virt (DT) [ 23.535178] Call trace: [ 23.535310] show_stack+0x20/0x38 (C) [ 23.535499] dump_stack_lvl+0x8c/0xd0 [ 23.535646] print_report+0x118/0x608 [ 23.535782] kasan_report+0xdc/0x128 [ 23.535964] __asan_report_store1_noabort+0x20/0x30 [ 23.536138] krealloc_less_oob_helper+0xa48/0xc50 [ 23.536294] krealloc_less_oob+0x20/0x38 [ 23.536541] kunit_try_run_case+0x170/0x3f0 [ 23.536880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.537021] kthread+0x328/0x630 [ 23.537145] ret_from_fork+0x10/0x20 [ 23.537263] [ 23.537324] Allocated by task 160: [ 23.537655] kasan_save_stack+0x3c/0x68 [ 23.537759] kasan_save_track+0x20/0x40 [ 23.537905] kasan_save_alloc_info+0x40/0x58 [ 23.538014] __kasan_krealloc+0x118/0x178 [ 23.538332] krealloc_noprof+0x128/0x360 [ 23.538809] krealloc_less_oob_helper+0x168/0xc50 [ 23.539304] krealloc_less_oob+0x20/0x38 [ 23.539706] kunit_try_run_case+0x170/0x3f0 [ 23.540402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.540546] kthread+0x328/0x630 [ 23.540939] ret_from_fork+0x10/0x20 [ 23.541166] [ 23.541286] The buggy address belongs to the object at fff00000c1921a00 [ 23.541286] which belongs to the cache kmalloc-256 of size 256 [ 23.541605] The buggy address is located 0 bytes to the right of [ 23.541605] allocated 201-byte region [fff00000c1921a00, fff00000c1921ac9) [ 23.541776] [ 23.541943] The buggy address belongs to the physical page: [ 23.542316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.542509] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.542821] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.543085] page_type: f5(slab) [ 23.543203] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.543484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.543721] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.543847] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.543990] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.544341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.544744] page dumped because: kasan: bad access detected [ 23.545041] [ 23.545091] Memory state around the buggy address: [ 23.545482] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.545857] fff00000c1921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.546038] >fff00000c1921a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.546441] ^ [ 23.546602] fff00000c1921b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.546853] fff00000c1921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.546966] ================================================================== [ 23.674780] ================================================================== [ 23.674871] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 23.674972] Write of size 1 at addr fff00000c77e20d0 by task kunit_try_catch/164 [ 23.675085] [ 23.675145] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.675328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.675421] Hardware name: linux,dummy-virt (DT) [ 23.675618] Call trace: [ 23.675762] show_stack+0x20/0x38 (C) [ 23.676136] dump_stack_lvl+0x8c/0xd0 [ 23.676282] print_report+0x118/0x608 [ 23.677063] kasan_report+0xdc/0x128 [ 23.677193] __asan_report_store1_noabort+0x20/0x30 [ 23.677466] krealloc_less_oob_helper+0xb9c/0xc50 [ 23.677596] krealloc_large_less_oob+0x20/0x38 [ 23.677829] kunit_try_run_case+0x170/0x3f0 [ 23.678089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.678242] kthread+0x328/0x630 [ 23.678355] ret_from_fork+0x10/0x20 [ 23.678782] [ 23.678858] The buggy address belongs to the physical page: [ 23.679285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.679428] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.679553] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.679685] page_type: f8(unknown) [ 23.679777] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.680307] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.680589] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.680865] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.681047] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.681169] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.681268] page dumped because: kasan: bad access detected [ 23.681349] [ 23.681413] Memory state around the buggy address: [ 23.681487] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.681670] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.681941] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.682080] ^ [ 23.682172] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.682425] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.682527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 23.455190] ================================================================== [ 23.455339] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 23.455511] Write of size 1 at addr fff00000c19218eb by task kunit_try_catch/158 [ 23.455755] [ 23.455991] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.456366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.456463] Hardware name: linux,dummy-virt (DT) [ 23.456614] Call trace: [ 23.456695] show_stack+0x20/0x38 (C) [ 23.456821] dump_stack_lvl+0x8c/0xd0 [ 23.456952] print_report+0x118/0x608 [ 23.457940] kasan_report+0xdc/0x128 [ 23.458062] __asan_report_store1_noabort+0x20/0x30 [ 23.458244] krealloc_more_oob_helper+0x60c/0x678 [ 23.458362] krealloc_more_oob+0x20/0x38 [ 23.458509] kunit_try_run_case+0x170/0x3f0 [ 23.458637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.458767] kthread+0x328/0x630 [ 23.458933] ret_from_fork+0x10/0x20 [ 23.459408] [ 23.460244] Allocated by task 158: [ 23.460673] kasan_save_stack+0x3c/0x68 [ 23.460807] kasan_save_track+0x20/0x40 [ 23.460899] kasan_save_alloc_info+0x40/0x58 [ 23.462139] __kasan_krealloc+0x118/0x178 [ 23.462240] krealloc_noprof+0x128/0x360 [ 23.463468] krealloc_more_oob_helper+0x168/0x678 [ 23.463578] krealloc_more_oob+0x20/0x38 [ 23.464500] kunit_try_run_case+0x170/0x3f0 [ 23.465399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.465523] kthread+0x328/0x630 [ 23.465609] ret_from_fork+0x10/0x20 [ 23.466725] [ 23.466803] The buggy address belongs to the object at fff00000c1921800 [ 23.466803] which belongs to the cache kmalloc-256 of size 256 [ 23.467353] The buggy address is located 0 bytes to the right of [ 23.467353] allocated 235-byte region [fff00000c1921800, fff00000c19218eb) [ 23.467792] [ 23.467898] The buggy address belongs to the physical page: [ 23.467977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.468129] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.468256] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.468490] page_type: f5(slab) [ 23.468872] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.469487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.469635] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.469859] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.470167] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.470825] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.471085] page dumped because: kasan: bad access detected [ 23.471800] [ 23.471852] Memory state around the buggy address: [ 23.471926] fff00000c1921780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.472781] fff00000c1921800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.472915] >fff00000c1921880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 23.473520] ^ [ 23.473638] fff00000c1921900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.473745] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.474611] ================================================================== [ 23.625752] ================================================================== [ 23.625840] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 23.625943] Write of size 1 at addr fff00000c77e20f0 by task kunit_try_catch/162 [ 23.626056] [ 23.626117] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.626309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.626407] Hardware name: linux,dummy-virt (DT) [ 23.626499] Call trace: [ 23.626621] show_stack+0x20/0x38 (C) [ 23.626760] dump_stack_lvl+0x8c/0xd0 [ 23.626889] print_report+0x118/0x608 [ 23.627107] kasan_report+0xdc/0x128 [ 23.627243] __asan_report_store1_noabort+0x20/0x30 [ 23.627474] krealloc_more_oob_helper+0x5c0/0x678 [ 23.627685] krealloc_large_more_oob+0x20/0x38 [ 23.627876] kunit_try_run_case+0x170/0x3f0 [ 23.628000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.628215] kthread+0x328/0x630 [ 23.628351] ret_from_fork+0x10/0x20 [ 23.628530] [ 23.628620] The buggy address belongs to the physical page: [ 23.628694] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.628814] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.628947] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.629211] page_type: f8(unknown) [ 23.629407] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.629679] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.629900] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.630402] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.630545] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.630669] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.630841] page dumped because: kasan: bad access detected [ 23.630921] [ 23.631167] Memory state around the buggy address: [ 23.631418] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.631666] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.631893] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.632268] ^ [ 23.632376] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.632519] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.632618] ================================================================== [ 23.617820] ================================================================== [ 23.618013] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 23.618229] Write of size 1 at addr fff00000c77e20eb by task kunit_try_catch/162 [ 23.618343] [ 23.618430] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.618620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.618683] Hardware name: linux,dummy-virt (DT) [ 23.618754] Call trace: [ 23.618803] show_stack+0x20/0x38 (C) [ 23.618924] dump_stack_lvl+0x8c/0xd0 [ 23.619046] print_report+0x118/0x608 [ 23.619156] kasan_report+0xdc/0x128 [ 23.619262] __asan_report_store1_noabort+0x20/0x30 [ 23.619395] krealloc_more_oob_helper+0x60c/0x678 [ 23.619514] krealloc_large_more_oob+0x20/0x38 [ 23.619626] kunit_try_run_case+0x170/0x3f0 [ 23.619750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.619878] kthread+0x328/0x630 [ 23.619993] ret_from_fork+0x10/0x20 [ 23.621830] [ 23.621862] The buggy address belongs to the physical page: [ 23.621902] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 23.622025] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.622179] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.622306] page_type: f8(unknown) [ 23.622498] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.622629] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.622759] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.622883] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.623013] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 23.623343] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.623605] page dumped because: kasan: bad access detected [ 23.623723] [ 23.623799] Memory state around the buggy address: [ 23.623869] fff00000c77e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.624051] fff00000c77e2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.624300] >fff00000c77e2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.624471] ^ [ 23.624575] fff00000c77e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.624755] fff00000c77e2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.624864] ================================================================== [ 23.477065] ================================================================== [ 23.477171] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 23.477515] Write of size 1 at addr fff00000c19218f0 by task kunit_try_catch/158 [ 23.477645] [ 23.477725] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.478019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.478286] Hardware name: linux,dummy-virt (DT) [ 23.478404] Call trace: [ 23.478474] show_stack+0x20/0x38 (C) [ 23.478739] dump_stack_lvl+0x8c/0xd0 [ 23.478864] print_report+0x118/0x608 [ 23.478987] kasan_report+0xdc/0x128 [ 23.479294] __asan_report_store1_noabort+0x20/0x30 [ 23.479672] krealloc_more_oob_helper+0x5c0/0x678 [ 23.480015] krealloc_more_oob+0x20/0x38 [ 23.480130] kunit_try_run_case+0x170/0x3f0 [ 23.480270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480849] kthread+0x328/0x630 [ 23.481068] ret_from_fork+0x10/0x20 [ 23.481198] [ 23.481260] Allocated by task 158: [ 23.481520] kasan_save_stack+0x3c/0x68 [ 23.481706] kasan_save_track+0x20/0x40 [ 23.481820] kasan_save_alloc_info+0x40/0x58 [ 23.482205] __kasan_krealloc+0x118/0x178 [ 23.482301] krealloc_noprof+0x128/0x360 [ 23.482829] krealloc_more_oob_helper+0x168/0x678 [ 23.483159] krealloc_more_oob+0x20/0x38 [ 23.483707] kunit_try_run_case+0x170/0x3f0 [ 23.483877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.484001] kthread+0x328/0x630 [ 23.484139] ret_from_fork+0x10/0x20 [ 23.484240] [ 23.484294] The buggy address belongs to the object at fff00000c1921800 [ 23.484294] which belongs to the cache kmalloc-256 of size 256 [ 23.484573] The buggy address is located 5 bytes to the right of [ 23.484573] allocated 235-byte region [fff00000c1921800, fff00000c19218eb) [ 23.485436] [ 23.485718] The buggy address belongs to the physical page: [ 23.486020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101920 [ 23.486279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.486498] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.486669] page_type: f5(slab) [ 23.486769] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.486892] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.487018] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 23.487137] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.487257] head: 0bfffe0000000001 ffffc1ffc3064801 00000000ffffffff 00000000ffffffff [ 23.487375] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 23.487493] page dumped because: kasan: bad access detected [ 23.487565] [ 23.487605] Memory state around the buggy address: [ 23.487703] fff00000c1921780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.487809] fff00000c1921800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.487914] >fff00000c1921880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 23.488005] ^ [ 23.488298] fff00000c1921900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.488632] fff00000c1921980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.488973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 23.417032] ================================================================== [ 23.417240] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 23.417445] Read of size 1 at addr fff00000c7810000 by task kunit_try_catch/156 [ 23.417572] [ 23.417667] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.418458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.418638] Hardware name: linux,dummy-virt (DT) [ 23.418716] Call trace: [ 23.418811] show_stack+0x20/0x38 (C) [ 23.418968] dump_stack_lvl+0x8c/0xd0 [ 23.419199] print_report+0x118/0x608 [ 23.419393] kasan_report+0xdc/0x128 [ 23.419583] __asan_report_load1_noabort+0x20/0x30 [ 23.419763] page_alloc_uaf+0x328/0x350 [ 23.420027] kunit_try_run_case+0x170/0x3f0 [ 23.420256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.420531] kthread+0x328/0x630 [ 23.420653] ret_from_fork+0x10/0x20 [ 23.420771] [ 23.420836] The buggy address belongs to the physical page: [ 23.420911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107810 [ 23.421036] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.421163] page_type: f0(buddy) [ 23.421264] raw: 0bfffe0000000000 fff00000ff616020 fff00000ff616020 0000000000000000 [ 23.421910] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 23.423975] page dumped because: kasan: bad access detected [ 23.424255] [ 23.424307] Memory state around the buggy address: [ 23.424411] fff00000c780ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.424710] fff00000c780ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.425417] >fff00000c7810000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.425585] ^ [ 23.425920] fff00000c7810080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.426222] fff00000c7810100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.426766] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 23.363425] ================================================================== [ 23.364008] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 23.364226] Free of addr fff00000c77dc001 by task kunit_try_catch/152 [ 23.364402] [ 23.364490] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.364864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.364987] Hardware name: linux,dummy-virt (DT) [ 23.365072] Call trace: [ 23.365137] show_stack+0x20/0x38 (C) [ 23.365777] dump_stack_lvl+0x8c/0xd0 [ 23.367427] print_report+0x118/0x608 [ 23.367601] kasan_report_invalid_free+0xc0/0xe8 [ 23.367747] __kasan_kfree_large+0x5c/0xa8 [ 23.367940] free_large_kmalloc+0x64/0x190 [ 23.368085] kfree+0x270/0x3c8 [ 23.368199] kmalloc_large_invalid_free+0x108/0x270 [ 23.369143] kunit_try_run_case+0x170/0x3f0 [ 23.370162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.370693] kthread+0x328/0x630 [ 23.370966] ret_from_fork+0x10/0x20 [ 23.371100] [ 23.371152] The buggy address belongs to the physical page: [ 23.371307] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dc [ 23.371675] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.371941] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.372070] page_type: f8(unknown) [ 23.372241] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.372464] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.372625] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.372765] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.372967] head: 0bfffe0000000002 ffffc1ffc31df701 00000000ffffffff 00000000ffffffff [ 23.373232] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.373345] page dumped because: kasan: bad access detected [ 23.373480] [ 23.373534] Memory state around the buggy address: [ 23.373619] fff00000c77dbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.374044] fff00000c77dbf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.374208] >fff00000c77dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.374323] ^ [ 23.374564] fff00000c77dc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.374679] fff00000c77dc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.374847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 23.335955] ================================================================== [ 23.336289] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 23.336519] Read of size 1 at addr fff00000c77dc000 by task kunit_try_catch/150 [ 23.336658] [ 23.336740] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.337171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.337240] Hardware name: linux,dummy-virt (DT) [ 23.337368] Call trace: [ 23.337715] show_stack+0x20/0x38 (C) [ 23.337845] dump_stack_lvl+0x8c/0xd0 [ 23.337966] print_report+0x118/0x608 [ 23.338094] kasan_report+0xdc/0x128 [ 23.338365] __asan_report_load1_noabort+0x20/0x30 [ 23.338702] kmalloc_large_uaf+0x2cc/0x2f8 [ 23.338824] kunit_try_run_case+0x170/0x3f0 [ 23.338948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.339149] kthread+0x328/0x630 [ 23.339268] ret_from_fork+0x10/0x20 [ 23.339465] [ 23.339610] The buggy address belongs to the physical page: [ 23.339693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dc [ 23.339884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.340043] raw: 0bfffe0000000000 ffffc1ffc31df808 fff00000da47ee00 0000000000000000 [ 23.340203] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 23.340313] page dumped because: kasan: bad access detected [ 23.340850] [ 23.340916] Memory state around the buggy address: [ 23.341207] fff00000c77dbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.341322] fff00000c77dbf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.341520] >fff00000c77dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.341949] ^ [ 23.342030] fff00000c77dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.342136] fff00000c77dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.342230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 23.307845] ================================================================== [ 23.307985] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 23.308115] Write of size 1 at addr fff00000c77de00a by task kunit_try_catch/148 [ 23.308332] [ 23.308858] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.309060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.309131] Hardware name: linux,dummy-virt (DT) [ 23.309207] Call trace: [ 23.309264] show_stack+0x20/0x38 (C) [ 23.309422] dump_stack_lvl+0x8c/0xd0 [ 23.309555] print_report+0x118/0x608 [ 23.309668] kasan_report+0xdc/0x128 [ 23.309765] __asan_report_store1_noabort+0x20/0x30 [ 23.309828] kmalloc_large_oob_right+0x278/0x2b8 [ 23.309888] kunit_try_run_case+0x170/0x3f0 [ 23.309949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.310014] kthread+0x328/0x630 [ 23.310072] ret_from_fork+0x10/0x20 [ 23.310131] [ 23.310176] The buggy address belongs to the physical page: [ 23.310217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dc [ 23.310281] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.310333] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.310467] page_type: f8(unknown) [ 23.310675] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.311203] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.311718] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.311844] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.311964] head: 0bfffe0000000002 ffffc1ffc31df701 00000000ffffffff 00000000ffffffff [ 23.312088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.312192] page dumped because: kasan: bad access detected [ 23.313061] [ 23.313112] Memory state around the buggy address: [ 23.313959] fff00000c77ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.314442] fff00000c77ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.314580] >fff00000c77de000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.314687] ^ [ 23.314766] fff00000c77de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.314883] fff00000c77de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.315395] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 23.282117] ================================================================== [ 23.282248] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 23.282405] Write of size 1 at addr fff00000c65adf00 by task kunit_try_catch/146 [ 23.282535] [ 23.282682] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.282935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.283015] Hardware name: linux,dummy-virt (DT) [ 23.283103] Call trace: [ 23.283162] show_stack+0x20/0x38 (C) [ 23.283370] dump_stack_lvl+0x8c/0xd0 [ 23.283519] print_report+0x118/0x608 [ 23.283648] kasan_report+0xdc/0x128 [ 23.283909] __asan_report_store1_noabort+0x20/0x30 [ 23.284072] kmalloc_big_oob_right+0x2a4/0x2f0 [ 23.284245] kunit_try_run_case+0x170/0x3f0 [ 23.284453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.284706] kthread+0x328/0x630 [ 23.284867] ret_from_fork+0x10/0x20 [ 23.285174] [ 23.285221] Allocated by task 146: [ 23.285290] kasan_save_stack+0x3c/0x68 [ 23.285401] kasan_save_track+0x20/0x40 [ 23.285519] kasan_save_alloc_info+0x40/0x58 [ 23.285622] __kasan_kmalloc+0xd4/0xd8 [ 23.285748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.285860] kmalloc_big_oob_right+0xb8/0x2f0 [ 23.286109] kunit_try_run_case+0x170/0x3f0 [ 23.286339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.286482] kthread+0x328/0x630 [ 23.286636] ret_from_fork+0x10/0x20 [ 23.286748] [ 23.286803] The buggy address belongs to the object at fff00000c65ac000 [ 23.286803] which belongs to the cache kmalloc-8k of size 8192 [ 23.286967] The buggy address is located 0 bytes to the right of [ 23.286967] allocated 7936-byte region [fff00000c65ac000, fff00000c65adf00) [ 23.287122] [ 23.287171] The buggy address belongs to the physical page: [ 23.287247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8 [ 23.287408] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.287568] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.287720] page_type: f5(slab) [ 23.287825] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 23.287950] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 23.288203] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 23.288355] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 23.288512] head: 0bfffe0000000003 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff [ 23.288633] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 23.288730] page dumped because: kasan: bad access detected [ 23.288803] [ 23.289306] Memory state around the buggy address: [ 23.289685] fff00000c65ade00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.289814] fff00000c65ade80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.290501] >fff00000c65adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.290802] ^ [ 23.291063] fff00000c65adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.291182] fff00000c65ae000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.291822] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 23.227138] ================================================================== [ 23.227394] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 23.229407] Write of size 1 at addr fff00000c3fb3d78 by task kunit_try_catch/144 [ 23.229551] [ 23.229645] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.229866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.229941] Hardware name: linux,dummy-virt (DT) [ 23.230028] Call trace: [ 23.230095] show_stack+0x20/0x38 (C) [ 23.230238] dump_stack_lvl+0x8c/0xd0 [ 23.230399] print_report+0x118/0x608 [ 23.230692] kasan_report+0xdc/0x128 [ 23.230815] __asan_report_store1_noabort+0x20/0x30 [ 23.230952] kmalloc_track_caller_oob_right+0x40c/0x488 [ 23.231081] kunit_try_run_case+0x170/0x3f0 [ 23.231212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.231347] kthread+0x328/0x630 [ 23.231482] ret_from_fork+0x10/0x20 [ 23.231599] [ 23.231641] Allocated by task 144: [ 23.232135] kasan_save_stack+0x3c/0x68 [ 23.232324] kasan_save_track+0x20/0x40 [ 23.232778] kasan_save_alloc_info+0x40/0x58 [ 23.233269] __kasan_kmalloc+0xd4/0xd8 [ 23.233856] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 23.234397] kmalloc_track_caller_oob_right+0xa8/0x488 [ 23.234519] kunit_try_run_case+0x170/0x3f0 [ 23.234630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.234756] kthread+0x328/0x630 [ 23.234857] ret_from_fork+0x10/0x20 [ 23.234946] [ 23.235294] The buggy address belongs to the object at fff00000c3fb3d00 [ 23.235294] which belongs to the cache kmalloc-128 of size 128 [ 23.235595] The buggy address is located 0 bytes to the right of [ 23.235595] allocated 120-byte region [fff00000c3fb3d00, fff00000c3fb3d78) [ 23.236486] [ 23.236549] The buggy address belongs to the physical page: [ 23.236647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.236779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.237452] page_type: f5(slab) [ 23.237724] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.238033] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.238331] page dumped because: kasan: bad access detected [ 23.238685] [ 23.238743] Memory state around the buggy address: [ 23.238829] fff00000c3fb3c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.239467] fff00000c3fb3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.239603] >fff00000c3fb3d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.239704] ^ [ 23.240197] fff00000c3fb3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.240845] fff00000c3fb3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.240973] ================================================================== [ 23.243088] ================================================================== [ 23.243354] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 23.243568] Write of size 1 at addr fff00000c3fb3e78 by task kunit_try_catch/144 [ 23.243708] [ 23.243790] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.244003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.244081] Hardware name: linux,dummy-virt (DT) [ 23.244262] Call trace: [ 23.244320] show_stack+0x20/0x38 (C) [ 23.244476] dump_stack_lvl+0x8c/0xd0 [ 23.244590] print_report+0x118/0x608 [ 23.244698] kasan_report+0xdc/0x128 [ 23.244884] __asan_report_store1_noabort+0x20/0x30 [ 23.245236] kmalloc_track_caller_oob_right+0x418/0x488 [ 23.245425] kunit_try_run_case+0x170/0x3f0 [ 23.245550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.245692] kthread+0x328/0x630 [ 23.245986] ret_from_fork+0x10/0x20 [ 23.246107] [ 23.246151] Allocated by task 144: [ 23.246271] kasan_save_stack+0x3c/0x68 [ 23.246367] kasan_save_track+0x20/0x40 [ 23.246489] kasan_save_alloc_info+0x40/0x58 [ 23.246599] __kasan_kmalloc+0xd4/0xd8 [ 23.246705] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 23.246844] kmalloc_track_caller_oob_right+0x184/0x488 [ 23.246990] kunit_try_run_case+0x170/0x3f0 [ 23.247101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.247224] kthread+0x328/0x630 [ 23.247393] ret_from_fork+0x10/0x20 [ 23.247512] [ 23.247562] The buggy address belongs to the object at fff00000c3fb3e00 [ 23.247562] which belongs to the cache kmalloc-128 of size 128 [ 23.247815] The buggy address is located 0 bytes to the right of [ 23.247815] allocated 120-byte region [fff00000c3fb3e00, fff00000c3fb3e78) [ 23.248013] [ 23.248061] The buggy address belongs to the physical page: [ 23.248151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.248290] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.248476] page_type: f5(slab) [ 23.248574] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.248860] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.249001] page dumped because: kasan: bad access detected [ 23.249126] [ 23.249183] Memory state around the buggy address: [ 23.249524] fff00000c3fb3d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.249697] fff00000c3fb3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.249809] >fff00000c3fb3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.249930] ^ [ 23.250037] fff00000c3fb3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.250211] fff00000c3fb3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.250948] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 23.188142] ================================================================== [ 23.188354] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 23.188557] Read of size 1 at addr fff00000c657b000 by task kunit_try_catch/142 [ 23.188791] [ 23.189046] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.189315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.189401] Hardware name: linux,dummy-virt (DT) [ 23.189547] Call trace: [ 23.189616] show_stack+0x20/0x38 (C) [ 23.189875] dump_stack_lvl+0x8c/0xd0 [ 23.190065] print_report+0x118/0x608 [ 23.190294] kasan_report+0xdc/0x128 [ 23.190524] __asan_report_load1_noabort+0x20/0x30 [ 23.190763] kmalloc_node_oob_right+0x2f4/0x330 [ 23.190981] kunit_try_run_case+0x170/0x3f0 [ 23.191130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.191366] kthread+0x328/0x630 [ 23.191550] ret_from_fork+0x10/0x20 [ 23.192201] [ 23.192252] Allocated by task 142: [ 23.192331] kasan_save_stack+0x3c/0x68 [ 23.192505] kasan_save_track+0x20/0x40 [ 23.192612] kasan_save_alloc_info+0x40/0x58 [ 23.192768] __kasan_kmalloc+0xd4/0xd8 [ 23.192918] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 23.193063] kmalloc_node_oob_right+0xbc/0x330 [ 23.193255] kunit_try_run_case+0x170/0x3f0 [ 23.193653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.193989] kthread+0x328/0x630 [ 23.194218] ret_from_fork+0x10/0x20 [ 23.194791] [ 23.194854] The buggy address belongs to the object at fff00000c657a000 [ 23.194854] which belongs to the cache kmalloc-4k of size 4096 [ 23.195649] The buggy address is located 0 bytes to the right of [ 23.195649] allocated 4096-byte region [fff00000c657a000, fff00000c657b000) [ 23.195809] [ 23.195898] The buggy address belongs to the physical page: [ 23.196056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106578 [ 23.196650] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.197456] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.198940] page_type: f5(slab) [ 23.199036] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 23.199151] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 23.200519] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 23.201009] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 23.201843] head: 0bfffe0000000003 ffffc1ffc3195e01 00000000ffffffff 00000000ffffffff [ 23.202024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 23.202158] page dumped because: kasan: bad access detected [ 23.202246] [ 23.202297] Memory state around the buggy address: [ 23.202407] fff00000c657af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.202551] fff00000c657af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.202670] >fff00000c657b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.202934] ^ [ 23.203115] fff00000c657b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.203222] fff00000c657b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.203318] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 23.156725] ================================================================== [ 23.156852] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 23.156987] Read of size 1 at addr fff00000c3fab67f by task kunit_try_catch/140 [ 23.157102] [ 23.157185] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.157683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.157795] Hardware name: linux,dummy-virt (DT) [ 23.157998] Call trace: [ 23.158960] show_stack+0x20/0x38 (C) [ 23.159786] dump_stack_lvl+0x8c/0xd0 [ 23.159942] print_report+0x118/0x608 [ 23.160076] kasan_report+0xdc/0x128 [ 23.160205] __asan_report_load1_noabort+0x20/0x30 [ 23.160372] kmalloc_oob_left+0x2ec/0x320 [ 23.160523] kunit_try_run_case+0x170/0x3f0 [ 23.160698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.160985] kthread+0x328/0x630 [ 23.161172] ret_from_fork+0x10/0x20 [ 23.161476] [ 23.161522] Allocated by task 10: [ 23.161593] kasan_save_stack+0x3c/0x68 [ 23.161740] kasan_save_track+0x20/0x40 [ 23.161961] kasan_save_alloc_info+0x40/0x58 [ 23.162119] __kasan_kmalloc+0xd4/0xd8 [ 23.162252] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 23.162457] kvasprintf+0xe0/0x180 [ 23.162549] __kthread_create_on_node+0x16c/0x350 [ 23.162644] kthread_create_on_node+0xe4/0x130 [ 23.162792] create_worker+0x380/0x6b8 [ 23.162885] worker_thread+0x808/0xf38 [ 23.162969] kthread+0x328/0x630 [ 23.163099] ret_from_fork+0x10/0x20 [ 23.163193] [ 23.163296] The buggy address belongs to the object at fff00000c3fab660 [ 23.163296] which belongs to the cache kmalloc-16 of size 16 [ 23.163503] The buggy address is located 19 bytes to the right of [ 23.163503] allocated 12-byte region [fff00000c3fab660, fff00000c3fab66c) [ 23.165125] [ 23.165227] The buggy address belongs to the physical page: [ 23.165339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fab [ 23.165562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.165684] page_type: f5(slab) [ 23.165776] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.165897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.165993] page dumped because: kasan: bad access detected [ 23.166066] [ 23.166109] Memory state around the buggy address: [ 23.166241] fff00000c3fab500: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 23.166405] fff00000c3fab580: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 23.166677] >fff00000c3fab600: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 23.166828] ^ [ 23.166926] fff00000c3fab680: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.167038] fff00000c3fab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.167294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 23.113665] ================================================================== [ 23.113756] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 23.113874] Read of size 1 at addr fff00000c3fb3c80 by task kunit_try_catch/138 [ 23.114189] [ 23.114557] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.114755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.114821] Hardware name: linux,dummy-virt (DT) [ 23.114894] Call trace: [ 23.114945] show_stack+0x20/0x38 (C) [ 23.115063] dump_stack_lvl+0x8c/0xd0 [ 23.115177] print_report+0x118/0x608 [ 23.115284] kasan_report+0xdc/0x128 [ 23.116195] __asan_report_load1_noabort+0x20/0x30 [ 23.116727] kmalloc_oob_right+0x5d0/0x660 [ 23.116889] kunit_try_run_case+0x170/0x3f0 [ 23.117031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.117176] kthread+0x328/0x630 [ 23.117298] ret_from_fork+0x10/0x20 [ 23.117453] [ 23.117499] Allocated by task 138: [ 23.118471] kasan_save_stack+0x3c/0x68 [ 23.118588] kasan_save_track+0x20/0x40 [ 23.118696] kasan_save_alloc_info+0x40/0x58 [ 23.118878] __kasan_kmalloc+0xd4/0xd8 [ 23.118989] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.119369] kmalloc_oob_right+0xb0/0x660 [ 23.119868] kunit_try_run_case+0x170/0x3f0 [ 23.120173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.120579] kthread+0x328/0x630 [ 23.120941] ret_from_fork+0x10/0x20 [ 23.121277] [ 23.121367] The buggy address belongs to the object at fff00000c3fb3c00 [ 23.121367] which belongs to the cache kmalloc-128 of size 128 [ 23.121876] The buggy address is located 13 bytes to the right of [ 23.121876] allocated 115-byte region [fff00000c3fb3c00, fff00000c3fb3c73) [ 23.122524] [ 23.122610] The buggy address belongs to the physical page: [ 23.122680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.122803] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.122919] page_type: f5(slab) [ 23.124303] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.124978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.125091] page dumped because: kasan: bad access detected [ 23.125168] [ 23.125209] Memory state around the buggy address: [ 23.125274] fff00000c3fb3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.125397] fff00000c3fb3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.125509] >fff00000c3fb3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.125672] ^ [ 23.125879] fff00000c3fb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.126086] fff00000c3fb3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.126179] ================================================================== [ 23.097213] ================================================================== [ 23.097987] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 23.098890] Write of size 1 at addr fff00000c3fb3c78 by task kunit_try_catch/138 [ 23.099426] [ 23.099511] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 23.100253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.100398] Hardware name: linux,dummy-virt (DT) [ 23.100496] Call trace: [ 23.100593] show_stack+0x20/0x38 (C) [ 23.100729] dump_stack_lvl+0x8c/0xd0 [ 23.101084] print_report+0x118/0x608 [ 23.101207] kasan_report+0xdc/0x128 [ 23.101412] __asan_report_store1_noabort+0x20/0x30 [ 23.101545] kmalloc_oob_right+0x538/0x660 [ 23.101662] kunit_try_run_case+0x170/0x3f0 [ 23.101777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.101910] kthread+0x328/0x630 [ 23.102432] ret_from_fork+0x10/0x20 [ 23.102947] [ 23.103026] Allocated by task 138: [ 23.103107] kasan_save_stack+0x3c/0x68 [ 23.103317] kasan_save_track+0x20/0x40 [ 23.103458] kasan_save_alloc_info+0x40/0x58 [ 23.103749] __kasan_kmalloc+0xd4/0xd8 [ 23.103913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.104316] kmalloc_oob_right+0xb0/0x660 [ 23.104469] kunit_try_run_case+0x170/0x3f0 [ 23.104582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.105243] kthread+0x328/0x630 [ 23.105358] ret_from_fork+0x10/0x20 [ 23.105483] [ 23.105533] The buggy address belongs to the object at fff00000c3fb3c00 [ 23.105533] which belongs to the cache kmalloc-128 of size 128 [ 23.105671] The buggy address is located 5 bytes to the right of [ 23.105671] allocated 115-byte region [fff00000c3fb3c00, fff00000c3fb3c73) [ 23.105860] [ 23.105916] The buggy address belongs to the physical page: [ 23.106243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.106373] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.106507] page_type: f5(slab) [ 23.107455] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.107601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.108009] page dumped because: kasan: bad access detected [ 23.108834] [ 23.108920] Memory state around the buggy address: [ 23.109184] fff00000c3fb3b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.109679] fff00000c3fb3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.109914] >fff00000c3fb3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.110025] ^ [ 23.110122] fff00000c3fb3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.110228] fff00000c3fb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.110969] ================================================================== [ 23.087411] ================================================================== [ 23.087816] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 23.089307] Write of size 1 at addr fff00000c3fb3c73 by task kunit_try_catch/138 [ 23.089477] [ 23.090435] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.4-rc2 #1 PREEMPT [ 23.090615] Tainted: [N]=TEST [ 23.090661] Hardware name: linux,dummy-virt (DT) [ 23.090922] Call trace: [ 23.091130] show_stack+0x20/0x38 (C) [ 23.091297] dump_stack_lvl+0x8c/0xd0 [ 23.091397] print_report+0x118/0x608 [ 23.091462] kasan_report+0xdc/0x128 [ 23.091516] __asan_report_store1_noabort+0x20/0x30 [ 23.091576] kmalloc_oob_right+0x5a4/0x660 [ 23.091633] kunit_try_run_case+0x170/0x3f0 [ 23.091696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.091763] kthread+0x328/0x630 [ 23.091821] ret_from_fork+0x10/0x20 [ 23.092014] [ 23.092065] Allocated by task 138: [ 23.092345] kasan_save_stack+0x3c/0x68 [ 23.092523] kasan_save_track+0x20/0x40 [ 23.092599] kasan_save_alloc_info+0x40/0x58 [ 23.092647] __kasan_kmalloc+0xd4/0xd8 [ 23.092689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.092738] kmalloc_oob_right+0xb0/0x660 [ 23.092784] kunit_try_run_case+0x170/0x3f0 [ 23.092834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.092888] kthread+0x328/0x630 [ 23.092931] ret_from_fork+0x10/0x20 [ 23.093006] [ 23.093085] The buggy address belongs to the object at fff00000c3fb3c00 [ 23.093085] which belongs to the cache kmalloc-128 of size 128 [ 23.093205] The buggy address is located 0 bytes to the right of [ 23.093205] allocated 115-byte region [fff00000c3fb3c00, fff00000c3fb3c73) [ 23.093289] [ 23.093411] The buggy address belongs to the physical page: [ 23.093653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fb3 [ 23.093973] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.094320] page_type: f5(slab) [ 23.094683] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.094768] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.094905] page dumped because: kasan: bad access detected [ 23.094960] [ 23.094992] Memory state around the buggy address: [ 23.095245] fff00000c3fb3b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.095335] fff00000c3fb3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.095428] >fff00000c3fb3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.095499] ^ [ 23.095601] fff00000c3fb3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.095655] fff00000c3fb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.095737] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 111.238829] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 111.241297] Modules linked in: [ 111.241751] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT [ 111.242692] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 111.243425] Hardware name: linux,dummy-virt (DT) [ 111.244034] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 111.244796] pc : intlog10+0x38/0x48 [ 111.245272] lr : intlog10_test+0xe4/0x200 [ 111.245797] sp : ffff800082327c10 [ 111.246205] x29: ffff800082327c90 x28: 0000000000000000 x27: 0000000000000000 [ 111.247209] x26: 1ffe000019314641 x25: 0000000000000000 x24: ffff800082327ce0 [ 111.248020] x23: ffff800082327d00 x22: 0000000000000000 x21: 1ffff00010464f82 [ 111.249113] x20: ffffad8eb8635180 x19: ffff800080087990 x18: 0000000046f86773 [ 111.250145] x17: 00000000b503a261 x16: fff00000c096e03c x15: fff00000ff616b08 [ 111.251061] x14: 00000000f1f1f1f1 x13: 1ffe00001b48f61d x12: ffff75b1d7879b71 [ 111.252229] x11: 1ffff5b1d7879b70 x10: ffff75b1d7879b70 x9 : ffffad8eb5c157e4 [ 111.253677] x8 : ffffad8ebc3cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 111.254525] x5 : ffff700010464f82 x4 : 1ffff00010010f3a x3 : 1ffff5b1d70c6a30 [ 111.255607] x2 : 1ffff5b1d70c6a30 x1 : 0000000000000003 x0 : 0000000000000000 [ 111.256752] Call trace: [ 111.257521] intlog10+0x38/0x48 (P) [ 111.257993] kunit_try_run_case+0x170/0x3f0 [ 111.258836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 111.259661] kthread+0x328/0x630 [ 111.260243] ret_from_fork+0x10/0x20 [ 111.260938] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 111.156699] WARNING: CPU: 1 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 111.158772] Modules linked in: [ 111.160394] CPU: 1 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.4-rc2 #1 PREEMPT [ 111.161749] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 111.162316] Hardware name: linux,dummy-virt (DT) [ 111.163008] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 111.163743] pc : intlog2+0xd8/0xf8 [ 111.164224] lr : intlog2_test+0xe4/0x200 [ 111.164860] sp : ffff800082267c10 [ 111.165364] x29: ffff800082267c90 x28: 0000000000000000 x27: 0000000000000000 [ 111.166142] x26: 1ffe000019316821 x25: 0000000000000000 x24: ffff800082267ce0 [ 111.167112] x23: ffff800082267d00 x22: 0000000000000000 x21: 1ffff0001044cf82 [ 111.168072] x20: ffffad8eb8635080 x19: ffff800080087990 x18: 00000000ec7623fd [ 111.169019] x17: 00000000deb0ea2a x16: fff00000c096e03c x15: fff00000ff616b08 [ 111.169958] x14: 00000000f1f1f1f1 x13: 1ffe00001b48f61d x12: ffff75b1d7879b71 [ 111.171060] x11: 1ffff5b1d7879b70 x10: ffff75b1d7879b70 x9 : ffffad8eb5c159e4 [ 111.171978] x8 : ffffad8ebc3cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 111.173410] x5 : ffff70001044cf82 x4 : 1ffff00010010f3a x3 : 1ffff5b1d70c6a10 [ 111.174333] x2 : 1ffff5b1d70c6a10 x1 : 0000000000000003 x0 : 0000000000000000 [ 111.175284] Call trace: [ 111.175646] intlog2+0xd8/0xf8 (P) [ 111.176153] kunit_try_run_case+0x170/0x3f0 [ 111.176982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 111.177630] kthread+0x328/0x630 [ 111.178101] ret_from_fork+0x10/0x20 [ 111.178709] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 109.863320] Internal error: Oops: 0000000096000005 [#1] SMP [ 109.876820] Modules linked in: [ 109.877609] CPU: 1 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT [ 109.878576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 109.879013] Hardware name: linux,dummy-virt (DT) [ 109.879708] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 109.880573] pc : kunit_test_null_dereference+0x70/0x170 [ 109.881257] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 109.881894] sp : ffff800081fb7d30 [ 109.882396] x29: ffff800081fb7d90 x28: 0000000000000000 x27: 0000000000000000 [ 109.883478] x26: 1ffe000018b44d21 x25: 0000000000000000 x24: 0000000000000004 [ 109.884574] x23: fff00000c5a2690c x22: ffffad8eb5c02dc0 x21: fff00000c113ad88 [ 109.885658] x20: 1ffff000103f6fa6 x19: ffff800080087990 x18: 00000000ff20cc64 [ 109.886600] x17: 000000000cfb9513 x16: 000000003792a7a7 x15: 0000000021d85efe [ 109.887531] x14: 00000000f1f1f1f1 x13: 1ffe00001b4939e0 x12: fffd8000196cfdc4 [ 109.888895] x11: 1ffe0000196cfdc3 x10: fffd8000196cfdc3 x9 : ffffad8eb5bfa228 [ 109.889813] x8 : ffff800081fb7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 109.890762] x5 : ffff7000103f6fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 109.891591] x2 : dfff800000000000 x1 : fff00000cb67e540 x0 : ffff800080087990 [ 109.892461] Call trace: [ 109.892793] kunit_test_null_dereference+0x70/0x170 (P) [ 109.893406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 109.894131] kthread+0x328/0x630 [ 109.894569] ret_from_fork+0x10/0x20 [ 109.895440] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 109.896409] ---[ end trace 0000000000000000 ]---