Date
June 23, 2025, 1:39 p.m.
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 33.176584] ================================================================== [ 33.176754] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 33.176754] [ 33.177380] Corrupted memory at 0x00000000ed258c3a [ ! . . . . . . . . . . . . . . . ] (in kfence-#143): [ 33.181302] test_corruption+0x120/0x378 [ 33.181826] kunit_try_run_case+0x170/0x3f0 [ 33.182829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.183853] kthread+0x328/0x630 [ 33.184010] ret_from_fork+0x10/0x20 [ 33.184122] [ 33.184456] kfence-#143: 0x0000000089e5031e-0x00000000bf50bdac, size=32, cache=test [ 33.184456] [ 33.185341] allocated by task 315 on cpu 0 at 33.175857s (0.009474s ago): [ 33.185736] test_alloc+0x230/0x628 [ 33.186056] test_corruption+0xdc/0x378 [ 33.186543] kunit_try_run_case+0x170/0x3f0 [ 33.186673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.186803] kthread+0x328/0x630 [ 33.186914] ret_from_fork+0x10/0x20 [ 33.187480] [ 33.187812] freed by task 315 on cpu 0 at 33.176056s (0.011729s ago): [ 33.188057] test_corruption+0x120/0x378 [ 33.188162] kunit_try_run_case+0x170/0x3f0 [ 33.188884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.189008] kthread+0x328/0x630 [ 33.189109] ret_from_fork+0x10/0x20 [ 33.189214] [ 33.189306] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 33.189502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.190054] Hardware name: linux,dummy-virt (DT) [ 33.190455] ================================================================== [ 32.856209] ================================================================== [ 32.856359] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 32.856359] [ 32.856515] Corrupted memory at 0x00000000295ad55b [ ! ] (in kfence-#140): [ 32.857037] test_corruption+0x284/0x378 [ 32.857150] kunit_try_run_case+0x170/0x3f0 [ 32.857288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.857567] kthread+0x328/0x630 [ 32.857729] ret_from_fork+0x10/0x20 [ 32.857854] [ 32.857915] kfence-#140: 0x00000000a2ef2e6d-0x00000000ef0dbeea, size=32, cache=kmalloc-32 [ 32.857915] [ 32.858444] allocated by task 313 on cpu 0 at 32.855431s (0.002990s ago): [ 32.858734] test_alloc+0x29c/0x628 [ 32.858944] test_corruption+0x198/0x378 [ 32.859050] kunit_try_run_case+0x170/0x3f0 [ 32.859191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.859506] kthread+0x328/0x630 [ 32.859771] ret_from_fork+0x10/0x20 [ 32.859895] [ 32.859955] freed by task 313 on cpu 0 at 32.855629s (0.004317s ago): [ 32.860217] test_corruption+0x284/0x378 [ 32.860649] kunit_try_run_case+0x170/0x3f0 [ 32.861090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.861233] kthread+0x328/0x630 [ 32.861531] ret_from_fork+0x10/0x20 [ 32.861648] [ 32.861802] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.862574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.863082] Hardware name: linux,dummy-virt (DT) [ 32.863230] ================================================================== [ 33.388508] ================================================================== [ 33.388668] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 33.388668] [ 33.388788] Corrupted memory at 0x00000000ea82804b [ ! ] (in kfence-#145): [ 33.389025] test_corruption+0x1d8/0x378 [ 33.389128] kunit_try_run_case+0x170/0x3f0 [ 33.389251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.389360] kthread+0x328/0x630 [ 33.389478] ret_from_fork+0x10/0x20 [ 33.389572] [ 33.389629] kfence-#145: 0x00000000d252c9f9-0x000000006236bbad, size=32, cache=test [ 33.389629] [ 33.389749] allocated by task 315 on cpu 0 at 33.387996s (0.001745s ago): [ 33.389889] test_alloc+0x230/0x628 [ 33.389978] test_corruption+0x198/0x378 [ 33.390070] kunit_try_run_case+0x170/0x3f0 [ 33.390166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.390265] kthread+0x328/0x630 [ 33.390362] ret_from_fork+0x10/0x20 [ 33.392517] [ 33.392606] freed by task 315 on cpu 0 at 33.388145s (0.004451s ago): [ 33.392773] test_corruption+0x1d8/0x378 [ 33.392887] kunit_try_run_case+0x170/0x3f0 [ 33.393001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.393654] kthread+0x328/0x630 [ 33.393832] ret_from_fork+0x10/0x20 [ 33.394090] [ 33.394460] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 33.395060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.395142] Hardware name: linux,dummy-virt (DT) [ 33.395468] ================================================================== [ 32.751622] ================================================================== [ 32.751760] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 32.751760] [ 32.751884] Corrupted memory at 0x00000000ab047d50 [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 32.753172] test_corruption+0x278/0x378 [ 32.753289] kunit_try_run_case+0x170/0x3f0 [ 32.753421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.753535] kthread+0x328/0x630 [ 32.753633] ret_from_fork+0x10/0x20 [ 32.753732] [ 32.754262] kfence-#139: 0x00000000fa507992-0x000000000f70f1bb, size=32, cache=kmalloc-32 [ 32.754262] [ 32.754586] allocated by task 313 on cpu 0 at 32.750016s (0.004558s ago): [ 32.754783] test_alloc+0x29c/0x628 [ 32.754916] test_corruption+0xdc/0x378 [ 32.755031] kunit_try_run_case+0x170/0x3f0 [ 32.755497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.755752] kthread+0x328/0x630 [ 32.755959] ret_from_fork+0x10/0x20 [ 32.756080] [ 32.756180] freed by task 313 on cpu 0 at 32.750592s (0.005577s ago): [ 32.756446] test_corruption+0x278/0x378 [ 32.756580] kunit_try_run_case+0x170/0x3f0 [ 32.756694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.756914] kthread+0x328/0x630 [ 32.757082] ret_from_fork+0x10/0x20 [ 32.757292] [ 32.757580] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.757892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.757973] Hardware name: linux,dummy-virt (DT) [ 32.758209] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 28.513617] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 28.345467] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 28.285339] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 28.257202] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 38.999709] ================================================================== [ 38.999861] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 38.999861] [ 38.999975] Out-of-bounds read at 0x0000000086a268d7 (105B right of kfence-#199): [ 39.000048] test_kmalloc_aligned_oob_read+0x238/0x468 [ 39.000109] kunit_try_run_case+0x170/0x3f0 [ 39.000166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.000221] kthread+0x328/0x630 [ 39.000275] ret_from_fork+0x10/0x20 [ 39.000323] [ 39.000355] kfence-#199: 0x000000007fcaac4e-0x0000000018baeb0d, size=73, cache=kmalloc-96 [ 39.000355] [ 39.000457] allocated by task 325 on cpu 1 at 38.999279s (0.001173s ago): [ 39.000545] test_alloc+0x29c/0x628 [ 39.000596] test_kmalloc_aligned_oob_read+0x100/0x468 [ 39.000648] kunit_try_run_case+0x170/0x3f0 [ 39.000699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.000753] kthread+0x328/0x630 [ 39.000802] ret_from_fork+0x10/0x20 [ 39.000851] [ 39.000903] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 39.001002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.001040] Hardware name: linux,dummy-virt (DT) [ 39.001080] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 60.324257] ================================================================== [ 60.324357] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 60.324357] [ 60.324490] Use-after-free read at 0x0000000064e335f1 (in kfence-#209): [ 60.324554] test_krealloc+0x51c/0x830 [ 60.324612] kunit_try_run_case+0x170/0x3f0 [ 60.324670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.324726] kthread+0x328/0x630 [ 60.324777] ret_from_fork+0x10/0x20 [ 60.324827] [ 60.324857] kfence-#209: 0x0000000064e335f1-0x00000000b6901fda, size=32, cache=kmalloc-32 [ 60.324857] [ 60.324924] allocated by task 339 on cpu 1 at 60.323512s (0.001407s ago): [ 60.325004] test_alloc+0x29c/0x628 [ 60.325056] test_krealloc+0xc0/0x830 [ 60.325107] kunit_try_run_case+0x170/0x3f0 [ 60.325160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.325226] kthread+0x328/0x630 [ 60.325273] ret_from_fork+0x10/0x20 [ 60.325321] [ 60.325348] freed by task 339 on cpu 1 at 60.323769s (0.001575s ago): [ 60.325463] krealloc_noprof+0x148/0x360 [ 60.325531] test_krealloc+0x1dc/0x830 [ 60.325580] kunit_try_run_case+0x170/0x3f0 [ 60.325632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.325685] kthread+0x328/0x630 [ 60.325733] ret_from_fork+0x10/0x20 [ 60.325779] [ 60.325831] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 60.325926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.325963] Hardware name: linux,dummy-virt (DT) [ 60.326007] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 60.235258] ================================================================== [ 60.235365] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 60.235365] [ 60.235493] Use-after-free read at 0x000000008e2ac5d3 (in kfence-#208): [ 60.235558] test_memcache_typesafe_by_rcu+0x280/0x560 [ 60.235616] kunit_try_run_case+0x170/0x3f0 [ 60.235669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.235725] kthread+0x328/0x630 [ 60.235775] ret_from_fork+0x10/0x20 [ 60.235825] [ 60.235852] kfence-#208: 0x000000008e2ac5d3-0x0000000032bbebf0, size=32, cache=test [ 60.235852] [ 60.235913] allocated by task 337 on cpu 0 at 60.219966s (0.015943s ago): [ 60.235994] test_alloc+0x230/0x628 [ 60.236043] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 60.236094] kunit_try_run_case+0x170/0x3f0 [ 60.236142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.236196] kthread+0x328/0x630 [ 60.236243] ret_from_fork+0x10/0x20 [ 60.236290] [ 60.236318] freed by task 337 on cpu 0 at 60.220152s (0.016162s ago): [ 60.236384] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 60.236468] kunit_try_run_case+0x170/0x3f0 [ 60.236518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.236575] kthread+0x328/0x630 [ 60.236621] ret_from_fork+0x10/0x20 [ 60.236667] [ 60.236715] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 60.236809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.236845] Hardware name: linux,dummy-virt (DT) [ 60.236887] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 39.758132] ================================================================== [ 39.758412] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 39.758412] [ 39.758641] Invalid read at 0x00000000afedc09d: [ 39.759457] test_invalid_access+0xdc/0x1f0 [ 39.759604] kunit_try_run_case+0x170/0x3f0 [ 39.760220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.760443] kthread+0x328/0x630 [ 39.760569] ret_from_fork+0x10/0x20 [ 39.760701] [ 39.760816] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 39.761022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.761108] Hardware name: linux,dummy-virt (DT) [ 39.761223] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.519794] ================================================================== [ 39.519962] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.519962] [ 39.520043] Corrupted memory at 0x000000003997e9b0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#204): [ 39.520434] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.520496] kunit_try_run_case+0x170/0x3f0 [ 39.520552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.520608] kthread+0x328/0x630 [ 39.520660] ret_from_fork+0x10/0x20 [ 39.520710] [ 39.520738] kfence-#204: 0x00000000f8a3295c-0x000000006502d97b, size=73, cache=kmalloc-96 [ 39.520738] [ 39.520803] allocated by task 327 on cpu 1 at 39.519413s (0.001386s ago): [ 39.520877] test_alloc+0x29c/0x628 [ 39.520924] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 39.520977] kunit_try_run_case+0x170/0x3f0 [ 39.521029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.521083] kthread+0x328/0x630 [ 39.521131] ret_from_fork+0x10/0x20 [ 39.521191] [ 39.521222] freed by task 327 on cpu 1 at 39.519634s (0.001584s ago): [ 39.521295] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 39.521345] kunit_try_run_case+0x170/0x3f0 [ 39.521412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.521473] kthread+0x328/0x630 [ 39.521520] ret_from_fork+0x10/0x20 [ 39.521567] [ 39.521620] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 39.521715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.521751] Hardware name: linux,dummy-virt (DT) [ 39.521792] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 32.641194] ================================================================== [ 32.641857] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 32.641857] [ 32.642166] Invalid free of 0x000000002071106e (in kfence-#138): [ 32.642466] test_invalid_addr_free+0xec/0x238 [ 32.642800] kunit_try_run_case+0x170/0x3f0 [ 32.643201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.643508] kthread+0x328/0x630 [ 32.643668] ret_from_fork+0x10/0x20 [ 32.643779] [ 32.643838] kfence-#138: 0x00000000edaeafae-0x0000000060b1015a, size=32, cache=test [ 32.643838] [ 32.644965] allocated by task 311 on cpu 0 at 32.640976s (0.003979s ago): [ 32.645132] test_alloc+0x230/0x628 [ 32.645265] test_invalid_addr_free+0xd4/0x238 [ 32.645521] kunit_try_run_case+0x170/0x3f0 [ 32.645703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.645817] kthread+0x328/0x630 [ 32.645921] ret_from_fork+0x10/0x20 [ 32.646014] [ 32.646173] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.646518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.646693] Hardware name: linux,dummy-virt (DT) [ 32.646807] ================================================================== [ 32.536433] ================================================================== [ 32.536576] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 32.536576] [ 32.536696] Invalid free of 0x00000000875873b5 (in kfence-#137): [ 32.536808] test_invalid_addr_free+0x1ac/0x238 [ 32.536913] kunit_try_run_case+0x170/0x3f0 [ 32.537015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.537121] kthread+0x328/0x630 [ 32.537240] ret_from_fork+0x10/0x20 [ 32.537338] [ 32.537415] kfence-#137: 0x0000000040bde360-0x000000000effbf91, size=32, cache=kmalloc-32 [ 32.537415] [ 32.537563] allocated by task 309 on cpu 0 at 32.535796s (0.001757s ago): [ 32.537788] test_alloc+0x29c/0x628 [ 32.537917] test_invalid_addr_free+0xd4/0x238 [ 32.538062] kunit_try_run_case+0x170/0x3f0 [ 32.538184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.538313] kthread+0x328/0x630 [ 32.538502] ret_from_fork+0x10/0x20 [ 32.538745] [ 32.538858] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.539072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.539161] Hardware name: linux,dummy-virt (DT) [ 32.539280] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 32.325863] ================================================================== [ 32.326061] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 32.326061] [ 32.326206] Invalid free of 0x00000000b41ae17e (in kfence-#135): [ 32.326346] test_double_free+0x1bc/0x238 [ 32.326472] kunit_try_run_case+0x170/0x3f0 [ 32.326606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.326740] kthread+0x328/0x630 [ 32.326879] ret_from_fork+0x10/0x20 [ 32.327031] [ 32.327096] kfence-#135: 0x00000000b41ae17e-0x00000000a3a14edd, size=32, cache=kmalloc-32 [ 32.327096] [ 32.327238] allocated by task 305 on cpu 0 at 32.325172s (0.002057s ago): [ 32.327417] test_alloc+0x29c/0x628 [ 32.327519] test_double_free+0xd4/0x238 [ 32.327826] kunit_try_run_case+0x170/0x3f0 [ 32.328251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.328848] kthread+0x328/0x630 [ 32.329036] ret_from_fork+0x10/0x20 [ 32.329751] [ 32.329957] freed by task 305 on cpu 0 at 32.325553s (0.004325s ago): [ 32.330768] test_double_free+0x1ac/0x238 [ 32.330902] kunit_try_run_case+0x170/0x3f0 [ 32.331015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.331114] kthread+0x328/0x630 [ 32.331212] ret_from_fork+0x10/0x20 [ 32.332117] [ 32.332285] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.332493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.333221] Hardware name: linux,dummy-virt (DT) [ 32.333548] ================================================================== [ 32.429165] ================================================================== [ 32.429667] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 32.429667] [ 32.429932] Invalid free of 0x0000000025387e77 (in kfence-#136): [ 32.430075] test_double_free+0x100/0x238 [ 32.430180] kunit_try_run_case+0x170/0x3f0 [ 32.430282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.430401] kthread+0x328/0x630 [ 32.430500] ret_from_fork+0x10/0x20 [ 32.430661] [ 32.430729] kfence-#136: 0x0000000025387e77-0x000000002184f291, size=32, cache=test [ 32.430729] [ 32.432166] allocated by task 307 on cpu 0 at 32.428816s (0.003340s ago): [ 32.432323] test_alloc+0x230/0x628 [ 32.432444] test_double_free+0xd4/0x238 [ 32.432946] kunit_try_run_case+0x170/0x3f0 [ 32.433341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.433977] kthread+0x328/0x630 [ 32.434362] ret_from_fork+0x10/0x20 [ 32.434626] [ 32.434696] freed by task 307 on cpu 0 at 32.428911s (0.005776s ago): [ 32.434861] test_double_free+0xf0/0x238 [ 32.435193] kunit_try_run_case+0x170/0x3f0 [ 32.435363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.435504] kthread+0x328/0x630 [ 32.435603] ret_from_fork+0x10/0x20 [ 32.435698] [ 32.435865] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.436147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.436223] Hardware name: linux,dummy-virt (DT) [ 32.436321] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 32.004191] ================================================================== [ 32.004339] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 32.004339] [ 32.004538] Use-after-free read at 0x00000000a39c1eed (in kfence-#132): [ 32.004660] test_use_after_free_read+0x114/0x248 [ 32.004814] kunit_try_run_case+0x170/0x3f0 [ 32.004940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.005057] kthread+0x328/0x630 [ 32.005197] ret_from_fork+0x10/0x20 [ 32.005363] [ 32.005447] kfence-#132: 0x00000000a39c1eed-0x00000000998054fb, size=32, cache=test [ 32.005447] [ 32.005608] allocated by task 299 on cpu 0 at 32.003847s (0.001734s ago): [ 32.005779] test_alloc+0x230/0x628 [ 32.005883] test_use_after_free_read+0xd0/0x248 [ 32.005991] kunit_try_run_case+0x170/0x3f0 [ 32.006101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.006218] kthread+0x328/0x630 [ 32.006322] ret_from_fork+0x10/0x20 [ 32.006507] [ 32.006601] freed by task 299 on cpu 0 at 32.003958s (0.002611s ago): [ 32.007187] test_use_after_free_read+0xf0/0x248 [ 32.008010] kunit_try_run_case+0x170/0x3f0 [ 32.008689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.008779] kthread+0x328/0x630 [ 32.008828] ret_from_fork+0x10/0x20 [ 32.008893] [ 32.009028] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 32.009328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.009419] Hardware name: linux,dummy-virt (DT) [ 32.009551] ================================================================== [ 31.897559] ================================================================== [ 31.897740] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 31.897740] [ 31.897930] Use-after-free read at 0x000000002d1d4567 (in kfence-#131): [ 31.898042] test_use_after_free_read+0x114/0x248 [ 31.898152] kunit_try_run_case+0x170/0x3f0 [ 31.898254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.898358] kthread+0x328/0x630 [ 31.898480] ret_from_fork+0x10/0x20 [ 31.898597] [ 31.898668] kfence-#131: 0x000000002d1d4567-0x000000000e0aff95, size=32, cache=kmalloc-32 [ 31.898668] [ 31.898959] allocated by task 297 on cpu 0 at 31.896292s (0.002658s ago): [ 31.899511] test_alloc+0x29c/0x628 [ 31.900104] test_use_after_free_read+0xd0/0x248 [ 31.900413] kunit_try_run_case+0x170/0x3f0 [ 31.900523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.901262] kthread+0x328/0x630 [ 31.901577] ret_from_fork+0x10/0x20 [ 31.901735] [ 31.901800] freed by task 297 on cpu 0 at 31.897005s (0.004785s ago): [ 31.902448] test_use_after_free_read+0x1c0/0x248 [ 31.902653] kunit_try_run_case+0x170/0x3f0 [ 31.902778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.902959] kthread+0x328/0x630 [ 31.903524] ret_from_fork+0x10/0x20 [ 31.903782] [ 31.904169] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 31.904517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.904710] Hardware name: linux,dummy-virt (DT) [ 31.904799] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 31.470210] ================================================================== [ 31.470352] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 31.470352] [ 31.471304] Out-of-bounds write at 0x0000000074c348ff (1B left of kfence-#127): [ 31.471558] test_out_of_bounds_write+0x100/0x240 [ 31.471734] kunit_try_run_case+0x170/0x3f0 [ 31.471954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.472063] kthread+0x328/0x630 [ 31.472220] ret_from_fork+0x10/0x20 [ 31.472377] [ 31.472571] kfence-#127: 0x0000000067855c12-0x0000000084f49174, size=32, cache=kmalloc-32 [ 31.472571] [ 31.472920] allocated by task 293 on cpu 0 at 31.469852s (0.003040s ago): [ 31.473082] test_alloc+0x29c/0x628 [ 31.473658] test_out_of_bounds_write+0xc8/0x240 [ 31.473778] kunit_try_run_case+0x170/0x3f0 [ 31.473907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.474007] kthread+0x328/0x630 [ 31.474059] ret_from_fork+0x10/0x20 [ 31.474108] [ 31.474162] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 31.474256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.474293] Hardware name: linux,dummy-virt (DT) [ 31.474333] ================================================================== [ 31.791987] ================================================================== [ 31.792128] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 31.792128] [ 31.792456] Out-of-bounds write at 0x000000003c5ea7d8 (1B left of kfence-#130): [ 31.792723] test_out_of_bounds_write+0x100/0x240 [ 31.793209] kunit_try_run_case+0x170/0x3f0 [ 31.793334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.793461] kthread+0x328/0x630 [ 31.793578] ret_from_fork+0x10/0x20 [ 31.793738] [ 31.793798] kfence-#130: 0x0000000034e8a307-0x00000000c155a5a0, size=32, cache=test [ 31.793798] [ 31.794502] allocated by task 295 on cpu 0 at 31.791827s (0.002081s ago): [ 31.794995] test_alloc+0x230/0x628 [ 31.795321] test_out_of_bounds_write+0xc8/0x240 [ 31.795545] kunit_try_run_case+0x170/0x3f0 [ 31.795654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.795793] kthread+0x328/0x630 [ 31.795915] ret_from_fork+0x10/0x20 [ 31.796246] [ 31.796463] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 31.797054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.797190] Hardware name: linux,dummy-virt (DT) [ 31.797741] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 30.093101] ================================================================== [ 30.093327] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 30.093327] [ 30.093669] Out-of-bounds read at 0x000000003585782c (1B left of kfence-#114): [ 30.093957] test_out_of_bounds_read+0x114/0x3e0 [ 30.094124] kunit_try_run_case+0x170/0x3f0 [ 30.094257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.094385] kthread+0x328/0x630 [ 30.094546] ret_from_fork+0x10/0x20 [ 30.094944] [ 30.095236] kfence-#114: 0x000000005f9e9fe3-0x0000000091339b0d, size=32, cache=kmalloc-32 [ 30.095236] [ 30.095466] allocated by task 289 on cpu 0 at 30.091821s (0.003557s ago): [ 30.095803] test_alloc+0x29c/0x628 [ 30.095933] test_out_of_bounds_read+0xdc/0x3e0 [ 30.096139] kunit_try_run_case+0x170/0x3f0 [ 30.096275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.096547] kthread+0x328/0x630 [ 30.096671] ret_from_fork+0x10/0x20 [ 30.096866] [ 30.097075] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 30.097276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.098637] Hardware name: linux,dummy-virt (DT) [ 30.098767] ================================================================== [ 30.832109] ================================================================== [ 30.832257] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 30.832257] [ 30.832657] Out-of-bounds read at 0x00000000ce9913d5 (1B left of kfence-#121): [ 30.832893] test_out_of_bounds_read+0x114/0x3e0 [ 30.833092] kunit_try_run_case+0x170/0x3f0 [ 30.833298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.833741] kthread+0x328/0x630 [ 30.833987] ret_from_fork+0x10/0x20 [ 30.834159] [ 30.834483] kfence-#121: 0x00000000d7956eca-0x0000000063b6ff27, size=32, cache=test [ 30.834483] [ 30.834731] allocated by task 291 on cpu 0 at 30.831843s (0.002864s ago): [ 30.835073] test_alloc+0x230/0x628 [ 30.835290] test_out_of_bounds_read+0xdc/0x3e0 [ 30.836039] kunit_try_run_case+0x170/0x3f0 [ 30.836224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.836379] kthread+0x328/0x630 [ 30.836538] ret_from_fork+0x10/0x20 [ 30.836776] [ 30.836876] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 30.838008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.838724] Hardware name: linux,dummy-virt (DT) [ 30.838825] ================================================================== [ 30.936197] ================================================================== [ 30.936603] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 30.936603] [ 30.936768] Out-of-bounds read at 0x0000000081d68520 (32B right of kfence-#122): [ 30.937022] test_out_of_bounds_read+0x1c8/0x3e0 [ 30.937139] kunit_try_run_case+0x170/0x3f0 [ 30.937378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.937529] kthread+0x328/0x630 [ 30.937627] ret_from_fork+0x10/0x20 [ 30.937729] [ 30.937786] kfence-#122: 0x00000000b252c9d4-0x000000002798d1c1, size=32, cache=test [ 30.937786] [ 30.937900] allocated by task 291 on cpu 0 at 30.936033s (0.001859s ago): [ 30.938047] test_alloc+0x230/0x628 [ 30.938143] test_out_of_bounds_read+0x198/0x3e0 [ 30.938242] kunit_try_run_case+0x170/0x3f0 [ 30.938339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.938464] kthread+0x328/0x630 [ 30.939459] ret_from_fork+0x10/0x20 [ 30.939576] [ 30.940359] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 30.940738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.941130] Hardware name: linux,dummy-virt (DT) [ 30.941230] ================================================================== [ 30.306591] ================================================================== [ 30.307138] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 30.307138] [ 30.307413] Out-of-bounds read at 0x0000000030b014c4 (32B right of kfence-#116): [ 30.308082] test_out_of_bounds_read+0x1c8/0x3e0 [ 30.308481] kunit_try_run_case+0x170/0x3f0 [ 30.308838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.309620] kthread+0x328/0x630 [ 30.310329] ret_from_fork+0x10/0x20 [ 30.310571] [ 30.310668] kfence-#116: 0x00000000dc6c95e8-0x0000000063a653f2, size=32, cache=kmalloc-32 [ 30.310668] [ 30.310799] allocated by task 289 on cpu 0 at 30.304958s (0.005831s ago): [ 30.310969] test_alloc+0x29c/0x628 [ 30.311070] test_out_of_bounds_read+0x198/0x3e0 [ 30.311742] kunit_try_run_case+0x170/0x3f0 [ 30.311967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.312827] kthread+0x328/0x630 [ 30.313077] ret_from_fork+0x10/0x20 [ 30.313270] [ 30.313770] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 30.314060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.314134] Hardware name: linux,dummy-virt (DT) [ 30.314703] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_in_memset
[ 24.676200] ================================================================== [ 24.676507] BUG: KFENCE: memory corruption in kmalloc_oob_in_memset+0x160/0x2d0 [ 24.676507] [ 24.677059] Corrupted memory at 0x00000000cf850dbf [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#81): [ 24.678517] kmalloc_oob_in_memset+0x160/0x2d0 [ 24.678989] kunit_try_run_case+0x170/0x3f0 [ 24.679427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.679542] kthread+0x328/0x630 [ 24.679645] ret_from_fork+0x10/0x20 [ 24.680174] [ 24.680234] kfence-#81: 0x000000007120a54b-0x00000000366a8a1d, size=120, cache=kmalloc-128 [ 24.680234] [ 24.680725] allocated by task 172 on cpu 0 at 24.670509s (0.010206s ago): [ 24.681612] kmalloc_oob_in_memset+0xb0/0x2d0 [ 24.681759] kunit_try_run_case+0x170/0x3f0 [ 24.682449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.682758] kthread+0x328/0x630 [ 24.682871] ret_from_fork+0x10/0x20 [ 24.683079] [ 24.683134] freed by task 172 on cpu 0 at 24.675799s (0.007325s ago): [ 24.683446] kmalloc_oob_in_memset+0x160/0x2d0 [ 24.683584] kunit_try_run_case+0x170/0x3f0 [ 24.683673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.684220] kthread+0x328/0x630 [ 24.684341] ret_from_fork+0x10/0x20 [ 24.684846] [ 24.684924] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.685382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.685640] Hardware name: linux,dummy-virt (DT) [ 24.686112] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-krealloc_less_oob_helper
[ 24.357725] ================================================================== [ 24.357825] BUG: KFENCE: memory corruption in krealloc_less_oob_helper+0x4d0/0xc50 [ 24.357825] [ 24.357947] Corrupted memory at 0x00000000aa102d2c [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 24.359551] krealloc_less_oob_helper+0x4d0/0xc50 [ 24.359661] krealloc_less_oob+0x20/0x38 [ 24.359925] kunit_try_run_case+0x170/0x3f0 [ 24.360026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.360134] kthread+0x328/0x630 [ 24.360230] ret_from_fork+0x10/0x20 [ 24.360323] [ 24.360381] kfence-#78: 0x0000000032e0c8e6-0x0000000088398e65, size=235, cache=kmalloc-256 [ 24.360381] [ 24.360725] allocated by task 160 on cpu 0 at 24.343610s (0.017106s ago): [ 24.360865] krealloc_less_oob_helper+0x108/0xc50 [ 24.361013] krealloc_less_oob+0x20/0x38 [ 24.361281] kunit_try_run_case+0x170/0x3f0 [ 24.361378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.361503] kthread+0x328/0x630 [ 24.361645] ret_from_fork+0x10/0x20 [ 24.361810] [ 24.361861] freed by task 160 on cpu 0 at 24.357593s (0.004259s ago): [ 24.362067] krealloc_less_oob_helper+0x4d0/0xc50 [ 24.362447] krealloc_less_oob+0x20/0x38 [ 24.362857] kunit_try_run_case+0x170/0x3f0 [ 24.363053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.363164] kthread+0x328/0x630 [ 24.363257] ret_from_fork+0x10/0x20 [ 24.363342] [ 24.363438] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.363625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.363709] Hardware name: linux,dummy-virt (DT) [ 24.363797] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 24.025158] ================================================================== [ 24.025362] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 24.025362] [ 24.025547] Corrupted memory at 0x000000000a0b7aef [ ! . . . . . . . . . . . . . . . ] (in kfence-#75): [ 24.030342] kmalloc_track_caller_oob_right+0x224/0x488 [ 24.030479] kunit_try_run_case+0x170/0x3f0 [ 24.030591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.030721] kthread+0x328/0x630 [ 24.030831] ret_from_fork+0x10/0x20 [ 24.031486] [ 24.032191] kfence-#75: 0x00000000def622ba-0x0000000049842942, size=120, cache=kmalloc-128 [ 24.032191] [ 24.032595] allocated by task 144 on cpu 0 at 24.015423s (0.017057s ago): [ 24.033566] kmalloc_track_caller_oob_right+0x184/0x488 [ 24.034119] kunit_try_run_case+0x170/0x3f0 [ 24.034579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.034729] kthread+0x328/0x630 [ 24.035086] ret_from_fork+0x10/0x20 [ 24.035281] [ 24.036162] freed by task 144 on cpu 0 at 24.023812s (0.011569s ago): [ 24.037093] kmalloc_track_caller_oob_right+0x224/0x488 [ 24.037301] kunit_try_run_case+0x170/0x3f0 [ 24.037442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.037604] kthread+0x328/0x630 [ 24.037873] ret_from_fork+0x10/0x20 [ 24.038004] [ 24.038133] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.038406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.038480] Hardware name: linux,dummy-virt (DT) [ 24.038578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 29.815499] ================================================================== [ 29.815603] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 29.815717] Write of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.815845] [ 29.815923] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.816113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.816413] Hardware name: linux,dummy-virt (DT) [ 29.816533] Call trace: [ 29.816617] show_stack+0x20/0x38 (C) [ 29.817090] dump_stack_lvl+0x8c/0xd0 [ 29.817356] print_report+0x118/0x608 [ 29.817505] kasan_report+0xdc/0x128 [ 29.817630] kasan_check_range+0x100/0x1a8 [ 29.817757] __kasan_check_write+0x20/0x30 [ 29.817885] strncpy_from_user+0x3c/0x2a0 [ 29.818060] copy_user_test_oob+0x5c0/0xec8 [ 29.818483] kunit_try_run_case+0x170/0x3f0 [ 29.818665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.818824] kthread+0x328/0x630 [ 29.819622] ret_from_fork+0x10/0x20 [ 29.819815] [ 29.820168] Allocated by task 287: [ 29.820406] kasan_save_stack+0x3c/0x68 [ 29.820645] kasan_save_track+0x20/0x40 [ 29.820841] kasan_save_alloc_info+0x40/0x58 [ 29.821203] __kasan_kmalloc+0xd4/0xd8 [ 29.821662] __kmalloc_noprof+0x198/0x4c8 [ 29.822069] kunit_kmalloc_array+0x34/0x88 [ 29.822575] copy_user_test_oob+0xac/0xec8 [ 29.822710] kunit_try_run_case+0x170/0x3f0 [ 29.823270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.823448] kthread+0x328/0x630 [ 29.823579] ret_from_fork+0x10/0x20 [ 29.823837] [ 29.823909] The buggy address belongs to the object at fff00000c7065800 [ 29.823909] which belongs to the cache kmalloc-128 of size 128 [ 29.824110] The buggy address is located 0 bytes inside of [ 29.824110] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.824305] [ 29.824375] The buggy address belongs to the physical page: [ 29.824613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.824743] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.824865] page_type: f5(slab) [ 29.825052] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.825363] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.825492] page dumped because: kasan: bad access detected [ 29.825588] [ 29.825651] Memory state around the buggy address: [ 29.825798] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.825924] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.826054] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.826238] ^ [ 29.826384] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.826708] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.826810] ================================================================== [ 29.828093] ================================================================== [ 29.828193] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 29.828353] Write of size 1 at addr fff00000c7065878 by task kunit_try_catch/287 [ 29.828502] [ 29.828587] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.828961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.829050] Hardware name: linux,dummy-virt (DT) [ 29.829142] Call trace: [ 29.829229] show_stack+0x20/0x38 (C) [ 29.829430] dump_stack_lvl+0x8c/0xd0 [ 29.829576] print_report+0x118/0x608 [ 29.829831] kasan_report+0xdc/0x128 [ 29.830192] __asan_report_store1_noabort+0x20/0x30 [ 29.830328] strncpy_from_user+0x270/0x2a0 [ 29.830509] copy_user_test_oob+0x5c0/0xec8 [ 29.830822] kunit_try_run_case+0x170/0x3f0 [ 29.831141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.831330] kthread+0x328/0x630 [ 29.831633] ret_from_fork+0x10/0x20 [ 29.831735] [ 29.831760] Allocated by task 287: [ 29.831798] kasan_save_stack+0x3c/0x68 [ 29.831879] kasan_save_track+0x20/0x40 [ 29.832028] kasan_save_alloc_info+0x40/0x58 [ 29.832143] __kasan_kmalloc+0xd4/0xd8 [ 29.832373] __kmalloc_noprof+0x198/0x4c8 [ 29.832493] kunit_kmalloc_array+0x34/0x88 [ 29.832589] copy_user_test_oob+0xac/0xec8 [ 29.832696] kunit_try_run_case+0x170/0x3f0 [ 29.832834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.832969] kthread+0x328/0x630 [ 29.833143] ret_from_fork+0x10/0x20 [ 29.833422] [ 29.833560] The buggy address belongs to the object at fff00000c7065800 [ 29.833560] which belongs to the cache kmalloc-128 of size 128 [ 29.833758] The buggy address is located 0 bytes to the right of [ 29.833758] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.834214] [ 29.834272] The buggy address belongs to the physical page: [ 29.834348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.834501] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.834778] page_type: f5(slab) [ 29.834885] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.835031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.835212] page dumped because: kasan: bad access detected [ 29.835313] [ 29.835417] Memory state around the buggy address: [ 29.835514] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.835634] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.835779] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.835877] ^ [ 29.836088] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.836230] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.836514] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 29.758262] ================================================================== [ 29.758594] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 29.758831] Write of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.759224] [ 29.759402] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.759640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.759713] Hardware name: linux,dummy-virt (DT) [ 29.759813] Call trace: [ 29.759877] show_stack+0x20/0x38 (C) [ 29.760004] dump_stack_lvl+0x8c/0xd0 [ 29.760151] print_report+0x118/0x608 [ 29.760280] kasan_report+0xdc/0x128 [ 29.760633] kasan_check_range+0x100/0x1a8 [ 29.760818] __kasan_check_write+0x20/0x30 [ 29.760968] copy_user_test_oob+0x35c/0xec8 [ 29.761131] kunit_try_run_case+0x170/0x3f0 [ 29.761477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.761716] kthread+0x328/0x630 [ 29.761926] ret_from_fork+0x10/0x20 [ 29.762058] [ 29.762358] Allocated by task 287: [ 29.762555] kasan_save_stack+0x3c/0x68 [ 29.763279] kasan_save_track+0x20/0x40 [ 29.763533] kasan_save_alloc_info+0x40/0x58 [ 29.763651] __kasan_kmalloc+0xd4/0xd8 [ 29.763742] __kmalloc_noprof+0x198/0x4c8 [ 29.763836] kunit_kmalloc_array+0x34/0x88 [ 29.764053] copy_user_test_oob+0xac/0xec8 [ 29.764819] kunit_try_run_case+0x170/0x3f0 [ 29.765623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.766057] kthread+0x328/0x630 [ 29.766162] ret_from_fork+0x10/0x20 [ 29.766720] [ 29.766788] The buggy address belongs to the object at fff00000c7065800 [ 29.766788] which belongs to the cache kmalloc-128 of size 128 [ 29.767426] The buggy address is located 0 bytes inside of [ 29.767426] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.767585] [ 29.767642] The buggy address belongs to the physical page: [ 29.767725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.767850] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.769266] page_type: f5(slab) [ 29.769500] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.769634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.770605] page dumped because: kasan: bad access detected [ 29.770881] [ 29.770989] Memory state around the buggy address: [ 29.771358] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.771491] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.771608] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.772599] ^ [ 29.772798] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.772994] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.773098] ================================================================== [ 29.776064] ================================================================== [ 29.776199] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 29.776524] Read of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.776677] [ 29.776766] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.776965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.777030] Hardware name: linux,dummy-virt (DT) [ 29.777117] Call trace: [ 29.777302] show_stack+0x20/0x38 (C) [ 29.777444] dump_stack_lvl+0x8c/0xd0 [ 29.777594] print_report+0x118/0x608 [ 29.777765] kasan_report+0xdc/0x128 [ 29.777954] kasan_check_range+0x100/0x1a8 [ 29.778123] __kasan_check_read+0x20/0x30 [ 29.778266] copy_user_test_oob+0x3c8/0xec8 [ 29.778413] kunit_try_run_case+0x170/0x3f0 [ 29.778657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.778802] kthread+0x328/0x630 [ 29.778957] ret_from_fork+0x10/0x20 [ 29.779326] [ 29.779457] Allocated by task 287: [ 29.779539] kasan_save_stack+0x3c/0x68 [ 29.779647] kasan_save_track+0x20/0x40 [ 29.779785] kasan_save_alloc_info+0x40/0x58 [ 29.779989] __kasan_kmalloc+0xd4/0xd8 [ 29.780165] __kmalloc_noprof+0x198/0x4c8 [ 29.780431] kunit_kmalloc_array+0x34/0x88 [ 29.780550] copy_user_test_oob+0xac/0xec8 [ 29.780666] kunit_try_run_case+0x170/0x3f0 [ 29.780801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.780962] kthread+0x328/0x630 [ 29.781078] ret_from_fork+0x10/0x20 [ 29.781198] [ 29.781260] The buggy address belongs to the object at fff00000c7065800 [ 29.781260] which belongs to the cache kmalloc-128 of size 128 [ 29.781495] The buggy address is located 0 bytes inside of [ 29.781495] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.781670] [ 29.781821] The buggy address belongs to the physical page: [ 29.781929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.782067] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.782189] page_type: f5(slab) [ 29.782338] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.782591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.782707] page dumped because: kasan: bad access detected [ 29.782800] [ 29.782883] Memory state around the buggy address: [ 29.783006] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.783119] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.783232] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.783334] ^ [ 29.783504] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.783700] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.783941] ================================================================== [ 29.799209] ================================================================== [ 29.799315] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 29.799438] Read of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.799564] [ 29.799644] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.800365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.802419] Hardware name: linux,dummy-virt (DT) [ 29.802508] Call trace: [ 29.802740] show_stack+0x20/0x38 (C) [ 29.803331] dump_stack_lvl+0x8c/0xd0 [ 29.803631] print_report+0x118/0x608 [ 29.803771] kasan_report+0xdc/0x128 [ 29.804514] kasan_check_range+0x100/0x1a8 [ 29.804722] __kasan_check_read+0x20/0x30 [ 29.804976] copy_user_test_oob+0x4a0/0xec8 [ 29.805611] kunit_try_run_case+0x170/0x3f0 [ 29.805807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.806367] kthread+0x328/0x630 [ 29.806593] ret_from_fork+0x10/0x20 [ 29.806982] [ 29.807078] Allocated by task 287: [ 29.807258] kasan_save_stack+0x3c/0x68 [ 29.807447] kasan_save_track+0x20/0x40 [ 29.807582] kasan_save_alloc_info+0x40/0x58 [ 29.807722] __kasan_kmalloc+0xd4/0xd8 [ 29.807821] __kmalloc_noprof+0x198/0x4c8 [ 29.807918] kunit_kmalloc_array+0x34/0x88 [ 29.808122] copy_user_test_oob+0xac/0xec8 [ 29.808340] kunit_try_run_case+0x170/0x3f0 [ 29.808782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.808982] kthread+0x328/0x630 [ 29.809093] ret_from_fork+0x10/0x20 [ 29.809215] [ 29.809298] The buggy address belongs to the object at fff00000c7065800 [ 29.809298] which belongs to the cache kmalloc-128 of size 128 [ 29.809590] The buggy address is located 0 bytes inside of [ 29.809590] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.809762] [ 29.809885] The buggy address belongs to the physical page: [ 29.809970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.810119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.810261] page_type: f5(slab) [ 29.810437] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.810688] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.811029] page dumped because: kasan: bad access detected [ 29.811465] [ 29.811530] Memory state around the buggy address: [ 29.811961] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.812083] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.812225] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.812338] ^ [ 29.812462] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.812581] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.812854] ================================================================== [ 29.645113] ================================================================== [ 29.645491] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 29.646167] Write of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.646460] [ 29.646568] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.647462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.647734] Hardware name: linux,dummy-virt (DT) [ 29.648304] Call trace: [ 29.648537] show_stack+0x20/0x38 (C) [ 29.648788] dump_stack_lvl+0x8c/0xd0 [ 29.649350] print_report+0x118/0x608 [ 29.649497] kasan_report+0xdc/0x128 [ 29.649677] kasan_check_range+0x100/0x1a8 [ 29.650289] __kasan_check_write+0x20/0x30 [ 29.650504] copy_user_test_oob+0x234/0xec8 [ 29.650729] kunit_try_run_case+0x170/0x3f0 [ 29.651307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.651532] kthread+0x328/0x630 [ 29.651748] ret_from_fork+0x10/0x20 [ 29.652017] [ 29.652476] Allocated by task 287: [ 29.652575] kasan_save_stack+0x3c/0x68 [ 29.652733] kasan_save_track+0x20/0x40 [ 29.652979] kasan_save_alloc_info+0x40/0x58 [ 29.653254] __kasan_kmalloc+0xd4/0xd8 [ 29.653814] __kmalloc_noprof+0x198/0x4c8 [ 29.653988] kunit_kmalloc_array+0x34/0x88 [ 29.654110] copy_user_test_oob+0xac/0xec8 [ 29.654304] kunit_try_run_case+0x170/0x3f0 [ 29.654796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.655344] kthread+0x328/0x630 [ 29.655729] ret_from_fork+0x10/0x20 [ 29.656682] [ 29.656743] The buggy address belongs to the object at fff00000c7065800 [ 29.656743] which belongs to the cache kmalloc-128 of size 128 [ 29.657590] The buggy address is located 0 bytes inside of [ 29.657590] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.657762] [ 29.657825] The buggy address belongs to the physical page: [ 29.657911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.658607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.659072] page_type: f5(slab) [ 29.659634] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.660147] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.660715] page dumped because: kasan: bad access detected [ 29.660810] [ 29.660862] Memory state around the buggy address: [ 29.660961] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.661357] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.661510] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.661673] ^ [ 29.661805] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.661990] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.662141] ================================================================== [ 29.712198] ================================================================== [ 29.712364] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 29.712517] Read of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.712641] [ 29.712727] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.712928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.716789] Hardware name: linux,dummy-virt (DT) [ 29.717120] Call trace: [ 29.717497] show_stack+0x20/0x38 (C) [ 29.717695] dump_stack_lvl+0x8c/0xd0 [ 29.718466] print_report+0x118/0x608 [ 29.720125] kasan_report+0xdc/0x128 [ 29.720830] kasan_check_range+0x100/0x1a8 [ 29.721417] __kasan_check_read+0x20/0x30 [ 29.721794] copy_user_test_oob+0x728/0xec8 [ 29.722298] kunit_try_run_case+0x170/0x3f0 [ 29.723852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.724927] kthread+0x328/0x630 [ 29.725453] ret_from_fork+0x10/0x20 [ 29.725596] [ 29.726455] Allocated by task 287: [ 29.726612] kasan_save_stack+0x3c/0x68 [ 29.726950] kasan_save_track+0x20/0x40 [ 29.727197] kasan_save_alloc_info+0x40/0x58 [ 29.727846] __kasan_kmalloc+0xd4/0xd8 [ 29.728012] __kmalloc_noprof+0x198/0x4c8 [ 29.728943] kunit_kmalloc_array+0x34/0x88 [ 29.729184] copy_user_test_oob+0xac/0xec8 [ 29.729286] kunit_try_run_case+0x170/0x3f0 [ 29.730041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.731011] kthread+0x328/0x630 [ 29.731164] ret_from_fork+0x10/0x20 [ 29.731263] [ 29.731319] The buggy address belongs to the object at fff00000c7065800 [ 29.731319] which belongs to the cache kmalloc-128 of size 128 [ 29.731484] The buggy address is located 0 bytes inside of [ 29.731484] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.731637] [ 29.733141] The buggy address belongs to the physical page: [ 29.733482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.733955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.734301] page_type: f5(slab) [ 29.734583] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.734718] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.735287] page dumped because: kasan: bad access detected [ 29.735419] [ 29.735475] Memory state around the buggy address: [ 29.736035] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.736196] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.736357] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.736480] ^ [ 29.736589] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.736701] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.736810] ================================================================== [ 29.784486] ================================================================== [ 29.784593] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 29.784701] Write of size 121 at addr fff00000c7065800 by task kunit_try_catch/287 [ 29.784828] [ 29.784906] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.785151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.785333] Hardware name: linux,dummy-virt (DT) [ 29.785580] Call trace: [ 29.785640] show_stack+0x20/0x38 (C) [ 29.785756] dump_stack_lvl+0x8c/0xd0 [ 29.785880] print_report+0x118/0x608 [ 29.785990] kasan_report+0xdc/0x128 [ 29.786112] kasan_check_range+0x100/0x1a8 [ 29.786469] __kasan_check_write+0x20/0x30 [ 29.786667] copy_user_test_oob+0x434/0xec8 [ 29.786817] kunit_try_run_case+0x170/0x3f0 [ 29.786984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.787177] kthread+0x328/0x630 [ 29.787313] ret_from_fork+0x10/0x20 [ 29.787482] [ 29.787685] Allocated by task 287: [ 29.787763] kasan_save_stack+0x3c/0x68 [ 29.788470] kasan_save_track+0x20/0x40 [ 29.788625] kasan_save_alloc_info+0x40/0x58 [ 29.788766] __kasan_kmalloc+0xd4/0xd8 [ 29.789163] __kmalloc_noprof+0x198/0x4c8 [ 29.789706] kunit_kmalloc_array+0x34/0x88 [ 29.790180] copy_user_test_oob+0xac/0xec8 [ 29.790283] kunit_try_run_case+0x170/0x3f0 [ 29.790672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.790734] kthread+0x328/0x630 [ 29.790812] ret_from_fork+0x10/0x20 [ 29.791284] [ 29.791350] The buggy address belongs to the object at fff00000c7065800 [ 29.791350] which belongs to the cache kmalloc-128 of size 128 [ 29.791885] The buggy address is located 0 bytes inside of [ 29.791885] allocated 120-byte region [fff00000c7065800, fff00000c7065878) [ 29.792050] [ 29.792102] The buggy address belongs to the physical page: [ 29.792177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.792300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.792768] page_type: f5(slab) [ 29.793229] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.793917] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.794493] page dumped because: kasan: bad access detected [ 29.795174] [ 29.795323] Memory state around the buggy address: [ 29.795431] fff00000c7065700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.795680] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.795804] >fff00000c7065800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.796630] ^ [ 29.796905] fff00000c7065880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.797018] fff00000c7065900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.797303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 29.560118] ================================================================== [ 29.560293] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 29.560464] Read of size 8 at addr fff00000c7065778 by task kunit_try_catch/283 [ 29.560586] [ 29.560674] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.560875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.560947] Hardware name: linux,dummy-virt (DT) [ 29.561026] Call trace: [ 29.561085] show_stack+0x20/0x38 (C) [ 29.561228] dump_stack_lvl+0x8c/0xd0 [ 29.561352] print_report+0x118/0x608 [ 29.561494] kasan_report+0xdc/0x128 [ 29.561605] __asan_report_load8_noabort+0x20/0x30 [ 29.561726] copy_to_kernel_nofault+0x204/0x250 [ 29.561872] copy_to_kernel_nofault_oob+0x158/0x418 [ 29.562004] kunit_try_run_case+0x170/0x3f0 [ 29.562131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.562263] kthread+0x328/0x630 [ 29.562379] ret_from_fork+0x10/0x20 [ 29.562519] [ 29.562580] Allocated by task 283: [ 29.563180] kasan_save_stack+0x3c/0x68 [ 29.563624] kasan_save_track+0x20/0x40 [ 29.565364] kasan_save_alloc_info+0x40/0x58 [ 29.565622] __kasan_kmalloc+0xd4/0xd8 [ 29.565743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.566603] copy_to_kernel_nofault_oob+0xc8/0x418 [ 29.566996] kunit_try_run_case+0x170/0x3f0 [ 29.567100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.567220] kthread+0x328/0x630 [ 29.567513] ret_from_fork+0x10/0x20 [ 29.567752] [ 29.567810] The buggy address belongs to the object at fff00000c7065700 [ 29.567810] which belongs to the cache kmalloc-128 of size 128 [ 29.568006] The buggy address is located 0 bytes to the right of [ 29.568006] allocated 120-byte region [fff00000c7065700, fff00000c7065778) [ 29.568181] [ 29.568248] The buggy address belongs to the physical page: [ 29.568344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.568497] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.568625] page_type: f5(slab) [ 29.568985] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.569646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.569772] page dumped because: kasan: bad access detected [ 29.570305] [ 29.570406] Memory state around the buggy address: [ 29.570854] fff00000c7065600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.571435] fff00000c7065680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.571659] >fff00000c7065700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.571779] ^ [ 29.571891] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.572566] fff00000c7065800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.572872] ================================================================== [ 29.574467] ================================================================== [ 29.574593] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 29.575282] Write of size 8 at addr fff00000c7065778 by task kunit_try_catch/283 [ 29.575516] [ 29.575665] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.575926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.576340] Hardware name: linux,dummy-virt (DT) [ 29.576602] Call trace: [ 29.576770] show_stack+0x20/0x38 (C) [ 29.576987] dump_stack_lvl+0x8c/0xd0 [ 29.577533] print_report+0x118/0x608 [ 29.577675] kasan_report+0xdc/0x128 [ 29.577797] kasan_check_range+0x100/0x1a8 [ 29.578176] __kasan_check_write+0x20/0x30 [ 29.578880] copy_to_kernel_nofault+0x8c/0x250 [ 29.579298] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 29.579509] kunit_try_run_case+0x170/0x3f0 [ 29.579715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.580246] kthread+0x328/0x630 [ 29.581196] ret_from_fork+0x10/0x20 [ 29.581336] [ 29.582205] Allocated by task 283: [ 29.582706] kasan_save_stack+0x3c/0x68 [ 29.582815] kasan_save_track+0x20/0x40 [ 29.583555] kasan_save_alloc_info+0x40/0x58 [ 29.583848] __kasan_kmalloc+0xd4/0xd8 [ 29.583963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.585381] copy_to_kernel_nofault_oob+0xc8/0x418 [ 29.585551] kunit_try_run_case+0x170/0x3f0 [ 29.586475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.586761] kthread+0x328/0x630 [ 29.586855] ret_from_fork+0x10/0x20 [ 29.588781] [ 29.588894] The buggy address belongs to the object at fff00000c7065700 [ 29.588894] which belongs to the cache kmalloc-128 of size 128 [ 29.589407] The buggy address is located 0 bytes to the right of [ 29.589407] allocated 120-byte region [fff00000c7065700, fff00000c7065778) [ 29.589894] [ 29.589951] The buggy address belongs to the physical page: [ 29.590039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 29.590181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.590947] page_type: f5(slab) [ 29.591052] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 29.591249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.591715] page dumped because: kasan: bad access detected [ 29.591823] [ 29.591931] Memory state around the buggy address: [ 29.592025] fff00000c7065600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.592139] fff00000c7065680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.592261] >fff00000c7065700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.592379] ^ [ 29.592914] fff00000c7065780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.593136] fff00000c7065800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.593364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 29.428316] ================================================================== [ 29.428438] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 29.428518] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 29.428583] [ 29.428630] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.428734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.428769] Hardware name: linux,dummy-virt (DT) [ 29.428811] Call trace: [ 29.428842] show_stack+0x20/0x38 (C) [ 29.428906] dump_stack_lvl+0x8c/0xd0 [ 29.428966] print_report+0x310/0x608 [ 29.429024] kasan_report+0xdc/0x128 [ 29.429079] __asan_report_load1_noabort+0x20/0x30 [ 29.429141] vmalloc_oob+0x578/0x5d0 [ 29.429212] kunit_try_run_case+0x170/0x3f0 [ 29.429276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.429344] kthread+0x328/0x630 [ 29.429695] ret_from_fork+0x10/0x20 [ 29.430016] [ 29.430086] The buggy address belongs to the virtual mapping at [ 29.430086] [ffff80008010b000, ffff80008010d000) created by: [ 29.430086] vmalloc_oob+0x98/0x5d0 [ 29.430628] [ 29.430714] The buggy address belongs to the physical page: [ 29.430799] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10703f [ 29.430933] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.431100] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 29.431214] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 29.431313] page dumped because: kasan: bad access detected [ 29.431417] [ 29.431468] Memory state around the buggy address: [ 29.431865] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.431989] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.432114] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 29.432928] ^ [ 29.433205] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 29.433332] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 29.433452] ================================================================== [ 29.435585] ================================================================== [ 29.435687] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 29.435798] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 29.435927] [ 29.436021] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.436224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.436290] Hardware name: linux,dummy-virt (DT) [ 29.436362] Call trace: [ 29.436443] show_stack+0x20/0x38 (C) [ 29.436561] dump_stack_lvl+0x8c/0xd0 [ 29.436692] print_report+0x310/0x608 [ 29.436851] kasan_report+0xdc/0x128 [ 29.436972] __asan_report_load1_noabort+0x20/0x30 [ 29.437098] vmalloc_oob+0x51c/0x5d0 [ 29.437239] kunit_try_run_case+0x170/0x3f0 [ 29.437385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.437561] kthread+0x328/0x630 [ 29.438045] ret_from_fork+0x10/0x20 [ 29.438190] [ 29.438260] The buggy address belongs to the virtual mapping at [ 29.438260] [ffff80008010b000, ffff80008010d000) created by: [ 29.438260] vmalloc_oob+0x98/0x5d0 [ 29.438468] [ 29.438531] The buggy address belongs to the physical page: [ 29.438621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10703f [ 29.438879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.439530] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 29.439905] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 29.440312] page dumped because: kasan: bad access detected [ 29.440444] [ 29.440723] Memory state around the buggy address: [ 29.441083] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.441528] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 29.441845] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 29.442276] ^ [ 29.442404] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 29.442516] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 29.443754] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 29.002152] ================================================================== [ 29.002713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 29.002982] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.003436] [ 29.003513] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.003704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.003744] Hardware name: linux,dummy-virt (DT) [ 29.003786] Call trace: [ 29.003837] show_stack+0x20/0x38 (C) [ 29.003960] dump_stack_lvl+0x8c/0xd0 [ 29.004099] print_report+0x118/0x608 [ 29.004220] kasan_report+0xdc/0x128 [ 29.004555] __asan_report_store8_noabort+0x20/0x30 [ 29.004846] kasan_atomics_helper+0x3e5c/0x4858 [ 29.005435] kasan_atomics+0x198/0x2e0 [ 29.005580] kunit_try_run_case+0x170/0x3f0 [ 29.005718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.005871] kthread+0x328/0x630 [ 29.005992] ret_from_fork+0x10/0x20 [ 29.006119] [ 29.006168] Allocated by task 267: [ 29.006284] kasan_save_stack+0x3c/0x68 [ 29.006495] kasan_save_track+0x20/0x40 [ 29.006638] kasan_save_alloc_info+0x40/0x58 [ 29.006757] __kasan_kmalloc+0xd4/0xd8 [ 29.006950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.007092] kasan_atomics+0xb8/0x2e0 [ 29.007190] kunit_try_run_case+0x170/0x3f0 [ 29.007308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.007547] kthread+0x328/0x630 [ 29.007656] ret_from_fork+0x10/0x20 [ 29.007932] [ 29.008049] The buggy address belongs to the object at fff00000c7054a00 [ 29.008049] which belongs to the cache kmalloc-64 of size 64 [ 29.008222] The buggy address is located 0 bytes to the right of [ 29.008222] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.008376] [ 29.008445] The buggy address belongs to the physical page: [ 29.008520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.008688] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.008808] page_type: f5(slab) [ 29.009070] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.009419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.009528] page dumped because: kasan: bad access detected [ 29.009657] [ 29.009744] Memory state around the buggy address: [ 29.009882] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.010003] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.010134] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.010329] ^ [ 29.010452] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.010646] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.010754] ================================================================== [ 29.329988] ================================================================== [ 29.330127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 29.330306] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.330490] [ 29.330578] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.330799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.330870] Hardware name: linux,dummy-virt (DT) [ 29.331042] Call trace: [ 29.331106] show_stack+0x20/0x38 (C) [ 29.331273] dump_stack_lvl+0x8c/0xd0 [ 29.331626] print_report+0x118/0x608 [ 29.331815] kasan_report+0xdc/0x128 [ 29.332160] __asan_report_load8_noabort+0x20/0x30 [ 29.332295] kasan_atomics_helper+0x3df4/0x4858 [ 29.332440] kasan_atomics+0x198/0x2e0 [ 29.332660] kunit_try_run_case+0x170/0x3f0 [ 29.332873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.333282] kthread+0x328/0x630 [ 29.333750] ret_from_fork+0x10/0x20 [ 29.333907] [ 29.333965] Allocated by task 267: [ 29.334053] kasan_save_stack+0x3c/0x68 [ 29.334277] kasan_save_track+0x20/0x40 [ 29.334493] kasan_save_alloc_info+0x40/0x58 [ 29.334606] __kasan_kmalloc+0xd4/0xd8 [ 29.334706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.334807] kasan_atomics+0xb8/0x2e0 [ 29.334908] kunit_try_run_case+0x170/0x3f0 [ 29.335017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.335137] kthread+0x328/0x630 [ 29.335228] ret_from_fork+0x10/0x20 [ 29.335342] [ 29.335426] The buggy address belongs to the object at fff00000c7054a00 [ 29.335426] which belongs to the cache kmalloc-64 of size 64 [ 29.335743] The buggy address is located 0 bytes to the right of [ 29.335743] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.335924] [ 29.336014] The buggy address belongs to the physical page: [ 29.336134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.336432] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.336574] page_type: f5(slab) [ 29.336777] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.336906] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.337115] page dumped because: kasan: bad access detected [ 29.337271] [ 29.337404] Memory state around the buggy address: [ 29.337570] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.337687] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.337796] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.337906] ^ [ 29.338138] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.338248] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.338352] ================================================================== [ 29.177609] ================================================================== [ 29.177711] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 29.177816] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.177932] [ 29.178004] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.178198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.178262] Hardware name: linux,dummy-virt (DT) [ 29.178338] Call trace: [ 29.178410] show_stack+0x20/0x38 (C) [ 29.178592] dump_stack_lvl+0x8c/0xd0 [ 29.178739] print_report+0x118/0x608 [ 29.178881] kasan_report+0xdc/0x128 [ 29.179018] kasan_check_range+0x100/0x1a8 [ 29.179165] __kasan_check_write+0x20/0x30 [ 29.179302] kasan_atomics_helper+0x12d8/0x4858 [ 29.179555] kasan_atomics+0x198/0x2e0 [ 29.179860] kunit_try_run_case+0x170/0x3f0 [ 29.180408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.180613] kthread+0x328/0x630 [ 29.180822] ret_from_fork+0x10/0x20 [ 29.181032] [ 29.181092] Allocated by task 267: [ 29.181655] kasan_save_stack+0x3c/0x68 [ 29.181831] kasan_save_track+0x20/0x40 [ 29.182213] kasan_save_alloc_info+0x40/0x58 [ 29.182603] __kasan_kmalloc+0xd4/0xd8 [ 29.182845] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.183073] kasan_atomics+0xb8/0x2e0 [ 29.183218] kunit_try_run_case+0x170/0x3f0 [ 29.183419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.183608] kthread+0x328/0x630 [ 29.183710] ret_from_fork+0x10/0x20 [ 29.183834] [ 29.183886] The buggy address belongs to the object at fff00000c7054a00 [ 29.183886] which belongs to the cache kmalloc-64 of size 64 [ 29.184030] The buggy address is located 0 bytes to the right of [ 29.184030] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.184774] [ 29.185151] The buggy address belongs to the physical page: [ 29.185436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.186160] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.186929] page_type: f5(slab) [ 29.187107] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.187861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.188124] page dumped because: kasan: bad access detected [ 29.189514] [ 29.189991] Memory state around the buggy address: [ 29.190269] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.190625] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.191141] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.191265] ^ [ 29.191754] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.192085] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.192188] ================================================================== [ 29.075794] ================================================================== [ 29.075946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 29.076060] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.076245] [ 29.076411] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.076620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.077429] Hardware name: linux,dummy-virt (DT) [ 29.077542] Call trace: [ 29.077620] show_stack+0x20/0x38 (C) [ 29.078170] dump_stack_lvl+0x8c/0xd0 [ 29.078303] print_report+0x118/0x608 [ 29.078994] kasan_report+0xdc/0x128 [ 29.079551] kasan_check_range+0x100/0x1a8 [ 29.079726] __kasan_check_write+0x20/0x30 [ 29.079853] kasan_atomics_helper+0x10c0/0x4858 [ 29.080074] kasan_atomics+0x198/0x2e0 [ 29.080199] kunit_try_run_case+0x170/0x3f0 [ 29.080337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.080876] kthread+0x328/0x630 [ 29.081140] ret_from_fork+0x10/0x20 [ 29.081569] [ 29.081656] Allocated by task 267: [ 29.081915] kasan_save_stack+0x3c/0x68 [ 29.082148] kasan_save_track+0x20/0x40 [ 29.082268] kasan_save_alloc_info+0x40/0x58 [ 29.082367] __kasan_kmalloc+0xd4/0xd8 [ 29.082852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.082967] kasan_atomics+0xb8/0x2e0 [ 29.083631] kunit_try_run_case+0x170/0x3f0 [ 29.084109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.084222] kthread+0x328/0x630 [ 29.084314] ret_from_fork+0x10/0x20 [ 29.085582] [ 29.085638] The buggy address belongs to the object at fff00000c7054a00 [ 29.085638] which belongs to the cache kmalloc-64 of size 64 [ 29.086438] The buggy address is located 0 bytes to the right of [ 29.086438] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.086596] [ 29.086655] The buggy address belongs to the physical page: [ 29.088476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.088608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.088723] page_type: f5(slab) [ 29.088826] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.089523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.089634] page dumped because: kasan: bad access detected [ 29.089715] [ 29.089764] Memory state around the buggy address: [ 29.089849] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.091656] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.092640] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.092895] ^ [ 29.093380] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.094360] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.094951] ================================================================== [ 29.043788] ================================================================== [ 29.043891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 29.044011] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.044461] [ 29.044675] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.045005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.045079] Hardware name: linux,dummy-virt (DT) [ 29.045165] Call trace: [ 29.045235] show_stack+0x20/0x38 (C) [ 29.045458] dump_stack_lvl+0x8c/0xd0 [ 29.046089] print_report+0x118/0x608 [ 29.046230] kasan_report+0xdc/0x128 [ 29.046355] kasan_check_range+0x100/0x1a8 [ 29.046497] __kasan_check_write+0x20/0x30 [ 29.046689] kasan_atomics_helper+0xf88/0x4858 [ 29.047336] kasan_atomics+0x198/0x2e0 [ 29.047512] kunit_try_run_case+0x170/0x3f0 [ 29.047645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.047838] kthread+0x328/0x630 [ 29.048202] ret_from_fork+0x10/0x20 [ 29.048774] [ 29.048838] Allocated by task 267: [ 29.048902] kasan_save_stack+0x3c/0x68 [ 29.048959] kasan_save_track+0x20/0x40 [ 29.049005] kasan_save_alloc_info+0x40/0x58 [ 29.049364] __kasan_kmalloc+0xd4/0xd8 [ 29.049537] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.049670] kasan_atomics+0xb8/0x2e0 [ 29.049762] kunit_try_run_case+0x170/0x3f0 [ 29.049857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.050513] kthread+0x328/0x630 [ 29.050730] ret_from_fork+0x10/0x20 [ 29.051073] [ 29.051214] The buggy address belongs to the object at fff00000c7054a00 [ 29.051214] which belongs to the cache kmalloc-64 of size 64 [ 29.051692] The buggy address is located 0 bytes to the right of [ 29.051692] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.051808] [ 29.051835] The buggy address belongs to the physical page: [ 29.051874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.051939] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.052000] page_type: f5(slab) [ 29.052050] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.052113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.052164] page dumped because: kasan: bad access detected [ 29.052206] [ 29.052229] Memory state around the buggy address: [ 29.052269] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.052324] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.052378] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.052619] ^ [ 29.052718] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.052833] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.053030] ================================================================== [ 28.924935] ================================================================== [ 28.925042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 28.925167] Read of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.925753] [ 28.925842] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.926605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.926739] Hardware name: linux,dummy-virt (DT) [ 28.926974] Call trace: [ 28.927038] show_stack+0x20/0x38 (C) [ 28.927171] dump_stack_lvl+0x8c/0xd0 [ 28.927293] print_report+0x118/0x608 [ 28.927439] kasan_report+0xdc/0x128 [ 28.927709] __asan_report_load4_noabort+0x20/0x30 [ 28.927887] kasan_atomics_helper+0x3dd8/0x4858 [ 28.928038] kasan_atomics+0x198/0x2e0 [ 28.928161] kunit_try_run_case+0x170/0x3f0 [ 28.928506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.928647] kthread+0x328/0x630 [ 28.928808] ret_from_fork+0x10/0x20 [ 28.929171] [ 28.929337] Allocated by task 267: [ 28.929430] kasan_save_stack+0x3c/0x68 [ 28.929543] kasan_save_track+0x20/0x40 [ 28.929650] kasan_save_alloc_info+0x40/0x58 [ 28.929801] __kasan_kmalloc+0xd4/0xd8 [ 28.930069] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.930186] kasan_atomics+0xb8/0x2e0 [ 28.930298] kunit_try_run_case+0x170/0x3f0 [ 28.931518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.931648] kthread+0x328/0x630 [ 28.932235] ret_from_fork+0x10/0x20 [ 28.932620] [ 28.932675] The buggy address belongs to the object at fff00000c7054a00 [ 28.932675] which belongs to the cache kmalloc-64 of size 64 [ 28.932848] The buggy address is located 0 bytes to the right of [ 28.932848] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.933040] [ 28.933152] The buggy address belongs to the physical page: [ 28.933341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.933494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.933618] page_type: f5(slab) [ 28.933819] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.933952] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.934057] page dumped because: kasan: bad access detected [ 28.934136] [ 28.934182] Memory state around the buggy address: [ 28.934273] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.935058] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.935374] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.936114] ^ [ 28.936241] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.936358] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.936627] ================================================================== [ 29.226779] ================================================================== [ 29.227513] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 29.227657] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.227789] [ 29.227998] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.228205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.228282] Hardware name: linux,dummy-virt (DT) [ 29.228361] Call trace: [ 29.228442] show_stack+0x20/0x38 (C) [ 29.228564] dump_stack_lvl+0x8c/0xd0 [ 29.228685] print_report+0x118/0x608 [ 29.228798] kasan_report+0xdc/0x128 [ 29.228913] __asan_report_load8_noabort+0x20/0x30 [ 29.229038] kasan_atomics_helper+0x3f04/0x4858 [ 29.229153] kasan_atomics+0x198/0x2e0 [ 29.229281] kunit_try_run_case+0x170/0x3f0 [ 29.229426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.229561] kthread+0x328/0x630 [ 29.229678] ret_from_fork+0x10/0x20 [ 29.229796] [ 29.229847] Allocated by task 267: [ 29.229914] kasan_save_stack+0x3c/0x68 [ 29.230009] kasan_save_track+0x20/0x40 [ 29.231071] kasan_save_alloc_info+0x40/0x58 [ 29.231253] __kasan_kmalloc+0xd4/0xd8 [ 29.231355] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.231608] kasan_atomics+0xb8/0x2e0 [ 29.231708] kunit_try_run_case+0x170/0x3f0 [ 29.232437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.232590] kthread+0x328/0x630 [ 29.232817] ret_from_fork+0x10/0x20 [ 29.233090] [ 29.233262] The buggy address belongs to the object at fff00000c7054a00 [ 29.233262] which belongs to the cache kmalloc-64 of size 64 [ 29.233547] The buggy address is located 0 bytes to the right of [ 29.233547] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.233730] [ 29.233788] The buggy address belongs to the physical page: [ 29.233833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.233901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.235284] page_type: f5(slab) [ 29.235521] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.236217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.236356] page dumped because: kasan: bad access detected [ 29.236468] [ 29.236524] Memory state around the buggy address: [ 29.236612] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.236867] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.237020] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.237130] ^ [ 29.237232] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.237415] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.237671] ================================================================== [ 29.011936] ================================================================== [ 29.012054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 29.012165] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.012282] [ 29.012350] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.012563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.012635] Hardware name: linux,dummy-virt (DT) [ 29.012711] Call trace: [ 29.012763] show_stack+0x20/0x38 (C) [ 29.012879] dump_stack_lvl+0x8c/0xd0 [ 29.013001] print_report+0x118/0x608 [ 29.013113] kasan_report+0xdc/0x128 [ 29.013236] kasan_check_range+0x100/0x1a8 [ 29.013356] __kasan_check_write+0x20/0x30 [ 29.013499] kasan_atomics_helper+0xeb8/0x4858 [ 29.013640] kasan_atomics+0x198/0x2e0 [ 29.015006] kunit_try_run_case+0x170/0x3f0 [ 29.015233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.015406] kthread+0x328/0x630 [ 29.016223] ret_from_fork+0x10/0x20 [ 29.016638] [ 29.017349] Allocated by task 267: [ 29.017468] kasan_save_stack+0x3c/0x68 [ 29.017654] kasan_save_track+0x20/0x40 [ 29.017910] kasan_save_alloc_info+0x40/0x58 [ 29.018064] __kasan_kmalloc+0xd4/0xd8 [ 29.018167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.018270] kasan_atomics+0xb8/0x2e0 [ 29.018360] kunit_try_run_case+0x170/0x3f0 [ 29.018483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.018597] kthread+0x328/0x630 [ 29.018695] ret_from_fork+0x10/0x20 [ 29.018787] [ 29.018837] The buggy address belongs to the object at fff00000c7054a00 [ 29.018837] which belongs to the cache kmalloc-64 of size 64 [ 29.018979] The buggy address is located 0 bytes to the right of [ 29.018979] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.021845] [ 29.022267] The buggy address belongs to the physical page: [ 29.023221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.023587] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.023797] page_type: f5(slab) [ 29.024929] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.025063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.026226] page dumped because: kasan: bad access detected [ 29.026318] [ 29.026368] Memory state around the buggy address: [ 29.027204] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.027648] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.027772] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.027863] ^ [ 29.027947] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.028054] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.029556] ================================================================== [ 29.277535] ================================================================== [ 29.277639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 29.278029] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.278403] [ 29.279011] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.279260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.279882] Hardware name: linux,dummy-virt (DT) [ 29.279969] Call trace: [ 29.280038] show_stack+0x20/0x38 (C) [ 29.280335] dump_stack_lvl+0x8c/0xd0 [ 29.280508] print_report+0x118/0x608 [ 29.280621] kasan_report+0xdc/0x128 [ 29.280745] kasan_check_range+0x100/0x1a8 [ 29.281022] __kasan_check_write+0x20/0x30 [ 29.281167] kasan_atomics_helper+0x154c/0x4858 [ 29.281309] kasan_atomics+0x198/0x2e0 [ 29.281444] kunit_try_run_case+0x170/0x3f0 [ 29.281566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.281757] kthread+0x328/0x630 [ 29.282088] ret_from_fork+0x10/0x20 [ 29.282218] [ 29.282268] Allocated by task 267: [ 29.282372] kasan_save_stack+0x3c/0x68 [ 29.282503] kasan_save_track+0x20/0x40 [ 29.282771] kasan_save_alloc_info+0x40/0x58 [ 29.282933] __kasan_kmalloc+0xd4/0xd8 [ 29.283051] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.283156] kasan_atomics+0xb8/0x2e0 [ 29.283270] kunit_try_run_case+0x170/0x3f0 [ 29.283385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.283569] kthread+0x328/0x630 [ 29.283708] ret_from_fork+0x10/0x20 [ 29.284013] [ 29.284311] The buggy address belongs to the object at fff00000c7054a00 [ 29.284311] which belongs to the cache kmalloc-64 of size 64 [ 29.284484] The buggy address is located 0 bytes to the right of [ 29.284484] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.284714] [ 29.284773] The buggy address belongs to the physical page: [ 29.284867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.285168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.285522] page_type: f5(slab) [ 29.285681] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.285808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.285915] page dumped because: kasan: bad access detected [ 29.286036] [ 29.286083] Memory state around the buggy address: [ 29.286163] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.286384] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.286657] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.286848] ^ [ 29.286942] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.287063] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.287175] ================================================================== [ 29.112673] ================================================================== [ 29.112794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 29.113089] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.113263] [ 29.113473] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.114702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.114795] Hardware name: linux,dummy-virt (DT) [ 29.115145] Call trace: [ 29.115487] show_stack+0x20/0x38 (C) [ 29.115621] dump_stack_lvl+0x8c/0xd0 [ 29.116241] print_report+0x118/0x608 [ 29.116363] kasan_report+0xdc/0x128 [ 29.117345] kasan_check_range+0x100/0x1a8 [ 29.118414] __kasan_check_write+0x20/0x30 [ 29.119119] kasan_atomics_helper+0x1190/0x4858 [ 29.119845] kasan_atomics+0x198/0x2e0 [ 29.119969] kunit_try_run_case+0x170/0x3f0 [ 29.120105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.122047] kthread+0x328/0x630 [ 29.122363] ret_from_fork+0x10/0x20 [ 29.123337] [ 29.123410] Allocated by task 267: [ 29.123714] kasan_save_stack+0x3c/0x68 [ 29.124400] kasan_save_track+0x20/0x40 [ 29.124898] kasan_save_alloc_info+0x40/0x58 [ 29.125767] __kasan_kmalloc+0xd4/0xd8 [ 29.125874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.127364] kasan_atomics+0xb8/0x2e0 [ 29.127563] kunit_try_run_case+0x170/0x3f0 [ 29.127952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.128458] kthread+0x328/0x630 [ 29.128575] ret_from_fork+0x10/0x20 [ 29.128762] [ 29.130531] The buggy address belongs to the object at fff00000c7054a00 [ 29.130531] which belongs to the cache kmalloc-64 of size 64 [ 29.130701] The buggy address is located 0 bytes to the right of [ 29.130701] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.130861] [ 29.130913] The buggy address belongs to the physical page: [ 29.130985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.131111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.131233] page_type: f5(slab) [ 29.133658] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.134116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.135015] page dumped because: kasan: bad access detected [ 29.135094] [ 29.135138] Memory state around the buggy address: [ 29.135215] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.135318] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.135441] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.135540] ^ [ 29.137907] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.138020] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.138117] ================================================================== [ 28.969553] ================================================================== [ 28.969655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 28.969767] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.969884] [ 28.970339] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.970573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.970646] Hardware name: linux,dummy-virt (DT) [ 28.970756] Call trace: [ 28.970840] show_stack+0x20/0x38 (C) [ 28.970999] dump_stack_lvl+0x8c/0xd0 [ 28.971163] print_report+0x118/0x608 [ 28.971375] kasan_report+0xdc/0x128 [ 28.971511] kasan_check_range+0x100/0x1a8 [ 28.971631] __kasan_check_read+0x20/0x30 [ 28.971779] kasan_atomics_helper+0xdd4/0x4858 [ 28.971907] kasan_atomics+0x198/0x2e0 [ 28.972019] kunit_try_run_case+0x170/0x3f0 [ 28.972188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.973095] kthread+0x328/0x630 [ 28.973462] ret_from_fork+0x10/0x20 [ 28.973629] [ 28.973685] Allocated by task 267: [ 28.973757] kasan_save_stack+0x3c/0x68 [ 28.973913] kasan_save_track+0x20/0x40 [ 28.974205] kasan_save_alloc_info+0x40/0x58 [ 28.974336] __kasan_kmalloc+0xd4/0xd8 [ 28.974450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.974618] kasan_atomics+0xb8/0x2e0 [ 28.974735] kunit_try_run_case+0x170/0x3f0 [ 28.975253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.975572] kthread+0x328/0x630 [ 28.975704] ret_from_fork+0x10/0x20 [ 28.975860] [ 28.976105] The buggy address belongs to the object at fff00000c7054a00 [ 28.976105] which belongs to the cache kmalloc-64 of size 64 [ 28.976680] The buggy address is located 0 bytes to the right of [ 28.976680] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.977121] [ 28.977314] The buggy address belongs to the physical page: [ 28.977517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.977655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.977808] page_type: f5(slab) [ 28.977954] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.978097] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.978256] page dumped because: kasan: bad access detected [ 28.978441] [ 28.978501] Memory state around the buggy address: [ 28.978643] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.978771] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.979842] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.979974] ^ [ 28.980066] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.980176] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.980316] ================================================================== [ 29.288532] ================================================================== [ 29.288654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 29.288772] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.288893] [ 29.290161] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.290885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.290992] Hardware name: linux,dummy-virt (DT) [ 29.291077] Call trace: [ 29.291150] show_stack+0x20/0x38 (C) [ 29.291283] dump_stack_lvl+0x8c/0xd0 [ 29.291622] print_report+0x118/0x608 [ 29.291848] kasan_report+0xdc/0x128 [ 29.292095] kasan_check_range+0x100/0x1a8 [ 29.292241] __kasan_check_write+0x20/0x30 [ 29.292465] kasan_atomics_helper+0x15b4/0x4858 [ 29.292596] kasan_atomics+0x198/0x2e0 [ 29.292710] kunit_try_run_case+0x170/0x3f0 [ 29.292839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.292975] kthread+0x328/0x630 [ 29.293088] ret_from_fork+0x10/0x20 [ 29.293229] [ 29.293289] Allocated by task 267: [ 29.293365] kasan_save_stack+0x3c/0x68 [ 29.293883] kasan_save_track+0x20/0x40 [ 29.294320] kasan_save_alloc_info+0x40/0x58 [ 29.294627] __kasan_kmalloc+0xd4/0xd8 [ 29.295064] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.295175] kasan_atomics+0xb8/0x2e0 [ 29.295748] kunit_try_run_case+0x170/0x3f0 [ 29.295869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.296098] kthread+0x328/0x630 [ 29.296229] ret_from_fork+0x10/0x20 [ 29.296803] [ 29.296878] The buggy address belongs to the object at fff00000c7054a00 [ 29.296878] which belongs to the cache kmalloc-64 of size 64 [ 29.297039] The buggy address is located 0 bytes to the right of [ 29.297039] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.297327] [ 29.297519] The buggy address belongs to the physical page: [ 29.297604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.297732] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.297855] page_type: f5(slab) [ 29.297951] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.298149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.298425] page dumped because: kasan: bad access detected [ 29.298565] [ 29.298617] Memory state around the buggy address: [ 29.298699] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.298879] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.299010] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.299118] ^ [ 29.299287] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.299413] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.299509] ================================================================== [ 29.389547] ================================================================== [ 29.389652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 29.389768] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.389894] [ 29.389993] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.390204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.390288] Hardware name: linux,dummy-virt (DT) [ 29.390377] Call trace: [ 29.390750] show_stack+0x20/0x38 (C) [ 29.390967] dump_stack_lvl+0x8c/0xd0 [ 29.391150] print_report+0x118/0x608 [ 29.391698] kasan_report+0xdc/0x128 [ 29.391983] kasan_check_range+0x100/0x1a8 [ 29.392202] __kasan_check_write+0x20/0x30 [ 29.392426] kasan_atomics_helper+0x17ec/0x4858 [ 29.392629] kasan_atomics+0x198/0x2e0 [ 29.392810] kunit_try_run_case+0x170/0x3f0 [ 29.393051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.393226] kthread+0x328/0x630 [ 29.393852] ret_from_fork+0x10/0x20 [ 29.394105] [ 29.394602] Allocated by task 267: [ 29.394685] kasan_save_stack+0x3c/0x68 [ 29.394741] kasan_save_track+0x20/0x40 [ 29.394789] kasan_save_alloc_info+0x40/0x58 [ 29.394919] __kasan_kmalloc+0xd4/0xd8 [ 29.395145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.395303] kasan_atomics+0xb8/0x2e0 [ 29.395555] kunit_try_run_case+0x170/0x3f0 [ 29.395677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.395800] kthread+0x328/0x630 [ 29.396062] ret_from_fork+0x10/0x20 [ 29.396184] [ 29.396247] The buggy address belongs to the object at fff00000c7054a00 [ 29.396247] which belongs to the cache kmalloc-64 of size 64 [ 29.396409] The buggy address is located 0 bytes to the right of [ 29.396409] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.396695] [ 29.396829] The buggy address belongs to the physical page: [ 29.396918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.397072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.397359] page_type: f5(slab) [ 29.397562] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.397775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.397891] page dumped because: kasan: bad access detected [ 29.398037] [ 29.398102] Memory state around the buggy address: [ 29.398261] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.398407] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.398525] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.398625] ^ [ 29.398708] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.398896] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.399122] ================================================================== [ 29.250258] ================================================================== [ 29.250807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 29.250974] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.251103] [ 29.251272] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.251773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.251847] Hardware name: linux,dummy-virt (DT) [ 29.251966] Call trace: [ 29.252053] show_stack+0x20/0x38 (C) [ 29.252547] dump_stack_lvl+0x8c/0xd0 [ 29.252689] print_report+0x118/0x608 [ 29.252808] kasan_report+0xdc/0x128 [ 29.253240] kasan_check_range+0x100/0x1a8 [ 29.254070] __kasan_check_write+0x20/0x30 [ 29.254276] kasan_atomics_helper+0x147c/0x4858 [ 29.254467] kasan_atomics+0x198/0x2e0 [ 29.254739] kunit_try_run_case+0x170/0x3f0 [ 29.254878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.255019] kthread+0x328/0x630 [ 29.255138] ret_from_fork+0x10/0x20 [ 29.255273] [ 29.255322] Allocated by task 267: [ 29.255465] kasan_save_stack+0x3c/0x68 [ 29.255600] kasan_save_track+0x20/0x40 [ 29.255881] kasan_save_alloc_info+0x40/0x58 [ 29.256076] __kasan_kmalloc+0xd4/0xd8 [ 29.256171] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.256263] kasan_atomics+0xb8/0x2e0 [ 29.256353] kunit_try_run_case+0x170/0x3f0 [ 29.256504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.256788] kthread+0x328/0x630 [ 29.256888] ret_from_fork+0x10/0x20 [ 29.256987] [ 29.257068] The buggy address belongs to the object at fff00000c7054a00 [ 29.257068] which belongs to the cache kmalloc-64 of size 64 [ 29.257440] The buggy address is located 0 bytes to the right of [ 29.257440] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.257616] [ 29.257682] The buggy address belongs to the physical page: [ 29.257771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.257977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.259249] page_type: f5(slab) [ 29.259679] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.259869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.259981] page dumped because: kasan: bad access detected [ 29.260317] [ 29.260721] Memory state around the buggy address: [ 29.260821] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.261204] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.261325] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.261446] ^ [ 29.261530] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.261637] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.261732] ================================================================== [ 29.375674] ================================================================== [ 29.375793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 29.376145] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.376271] [ 29.376364] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.376930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.377131] Hardware name: linux,dummy-virt (DT) [ 29.377289] Call trace: [ 29.377348] show_stack+0x20/0x38 (C) [ 29.377507] dump_stack_lvl+0x8c/0xd0 [ 29.378112] print_report+0x118/0x608 [ 29.378711] kasan_report+0xdc/0x128 [ 29.379227] __asan_report_load8_noabort+0x20/0x30 [ 29.379517] kasan_atomics_helper+0x3e20/0x4858 [ 29.379775] kasan_atomics+0x198/0x2e0 [ 29.380275] kunit_try_run_case+0x170/0x3f0 [ 29.380434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.381007] kthread+0x328/0x630 [ 29.381166] ret_from_fork+0x10/0x20 [ 29.381570] [ 29.381704] Allocated by task 267: [ 29.381783] kasan_save_stack+0x3c/0x68 [ 29.381891] kasan_save_track+0x20/0x40 [ 29.382190] kasan_save_alloc_info+0x40/0x58 [ 29.382350] __kasan_kmalloc+0xd4/0xd8 [ 29.382550] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.383473] kasan_atomics+0xb8/0x2e0 [ 29.383578] kunit_try_run_case+0x170/0x3f0 [ 29.383673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.383782] kthread+0x328/0x630 [ 29.383871] ret_from_fork+0x10/0x20 [ 29.383971] [ 29.384026] The buggy address belongs to the object at fff00000c7054a00 [ 29.384026] which belongs to the cache kmalloc-64 of size 64 [ 29.384962] The buggy address is located 0 bytes to the right of [ 29.384962] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.385140] [ 29.385214] The buggy address belongs to the physical page: [ 29.385304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.385474] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.385616] page_type: f5(slab) [ 29.385761] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.386025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.386133] page dumped because: kasan: bad access detected [ 29.386213] [ 29.386261] Memory state around the buggy address: [ 29.386344] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.386488] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.387884] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.387973] ^ [ 29.388059] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.388357] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.388485] ================================================================== [ 28.981970] ================================================================== [ 28.982077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 28.982182] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.982302] [ 28.982384] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.982660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.982748] Hardware name: linux,dummy-virt (DT) [ 28.982844] Call trace: [ 28.983262] show_stack+0x20/0x38 (C) [ 28.983423] dump_stack_lvl+0x8c/0xd0 [ 28.983606] print_report+0x118/0x608 [ 28.983772] kasan_report+0xdc/0x128 [ 28.983918] __asan_report_load8_noabort+0x20/0x30 [ 28.984299] kasan_atomics_helper+0x3f58/0x4858 [ 28.984454] kasan_atomics+0x198/0x2e0 [ 28.984775] kunit_try_run_case+0x170/0x3f0 [ 28.984906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.985080] kthread+0x328/0x630 [ 28.985239] ret_from_fork+0x10/0x20 [ 28.985416] [ 28.985466] Allocated by task 267: [ 28.985557] kasan_save_stack+0x3c/0x68 [ 28.985672] kasan_save_track+0x20/0x40 [ 28.986227] kasan_save_alloc_info+0x40/0x58 [ 28.986348] __kasan_kmalloc+0xd4/0xd8 [ 28.986783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.986969] kasan_atomics+0xb8/0x2e0 [ 28.987063] kunit_try_run_case+0x170/0x3f0 [ 28.987170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.987314] kthread+0x328/0x630 [ 28.987476] ret_from_fork+0x10/0x20 [ 28.987791] [ 28.987882] The buggy address belongs to the object at fff00000c7054a00 [ 28.987882] which belongs to the cache kmalloc-64 of size 64 [ 28.988063] The buggy address is located 0 bytes to the right of [ 28.988063] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.988231] [ 28.988294] The buggy address belongs to the physical page: [ 28.988421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.988552] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.988879] page_type: f5(slab) [ 28.989087] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.989301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.989656] page dumped because: kasan: bad access detected [ 28.990212] [ 28.990266] Memory state around the buggy address: [ 28.990421] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.990678] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.990803] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.991310] ^ [ 28.991410] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.991529] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.991666] ================================================================== [ 29.065048] ================================================================== [ 29.065318] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 29.065537] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.065698] [ 29.065771] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.066216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.067105] Hardware name: linux,dummy-virt (DT) [ 29.067347] Call trace: [ 29.067438] show_stack+0x20/0x38 (C) [ 29.067589] dump_stack_lvl+0x8c/0xd0 [ 29.067779] print_report+0x118/0x608 [ 29.068382] kasan_report+0xdc/0x128 [ 29.069004] kasan_check_range+0x100/0x1a8 [ 29.069307] __kasan_check_write+0x20/0x30 [ 29.069580] kasan_atomics_helper+0x1058/0x4858 [ 29.069852] kasan_atomics+0x198/0x2e0 [ 29.070041] kunit_try_run_case+0x170/0x3f0 [ 29.070207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.070347] kthread+0x328/0x630 [ 29.070591] ret_from_fork+0x10/0x20 [ 29.070789] [ 29.070875] Allocated by task 267: [ 29.070956] kasan_save_stack+0x3c/0x68 [ 29.071117] kasan_save_track+0x20/0x40 [ 29.071315] kasan_save_alloc_info+0x40/0x58 [ 29.071467] __kasan_kmalloc+0xd4/0xd8 [ 29.071568] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.071660] kasan_atomics+0xb8/0x2e0 [ 29.071748] kunit_try_run_case+0x170/0x3f0 [ 29.071846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.071952] kthread+0x328/0x630 [ 29.072044] ret_from_fork+0x10/0x20 [ 29.072178] [ 29.072293] The buggy address belongs to the object at fff00000c7054a00 [ 29.072293] which belongs to the cache kmalloc-64 of size 64 [ 29.072614] The buggy address is located 0 bytes to the right of [ 29.072614] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.072776] [ 29.072871] The buggy address belongs to the physical page: [ 29.072958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.073155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.073326] page_type: f5(slab) [ 29.073440] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.073692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.073805] page dumped because: kasan: bad access detected [ 29.073884] [ 29.073963] Memory state around the buggy address: [ 29.074154] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.074264] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.074540] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.074658] ^ [ 29.074773] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.074897] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.075069] ================================================================== [ 28.992348] ================================================================== [ 28.992710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 28.992881] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.993405] [ 28.993525] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.993734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.993806] Hardware name: linux,dummy-virt (DT) [ 28.993881] Call trace: [ 28.993949] show_stack+0x20/0x38 (C) [ 28.994199] dump_stack_lvl+0x8c/0xd0 [ 28.994615] print_report+0x118/0x608 [ 28.994849] kasan_report+0xdc/0x128 [ 28.994992] kasan_check_range+0x100/0x1a8 [ 28.995173] __kasan_check_write+0x20/0x30 [ 28.995338] kasan_atomics_helper+0xe44/0x4858 [ 28.995498] kasan_atomics+0x198/0x2e0 [ 28.995699] kunit_try_run_case+0x170/0x3f0 [ 28.995887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.996079] kthread+0x328/0x630 [ 28.996238] ret_from_fork+0x10/0x20 [ 28.996377] [ 28.996517] Allocated by task 267: [ 28.996619] kasan_save_stack+0x3c/0x68 [ 28.996738] kasan_save_track+0x20/0x40 [ 28.996895] kasan_save_alloc_info+0x40/0x58 [ 28.997123] __kasan_kmalloc+0xd4/0xd8 [ 28.997240] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.997378] kasan_atomics+0xb8/0x2e0 [ 28.997489] kunit_try_run_case+0x170/0x3f0 [ 28.997657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.997825] kthread+0x328/0x630 [ 28.997927] ret_from_fork+0x10/0x20 [ 28.998086] [ 28.998142] The buggy address belongs to the object at fff00000c7054a00 [ 28.998142] which belongs to the cache kmalloc-64 of size 64 [ 28.998291] The buggy address is located 0 bytes to the right of [ 28.998291] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.998603] [ 28.998680] The buggy address belongs to the physical page: [ 28.998846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.999021] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.999325] page_type: f5(slab) [ 28.999452] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.999782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.000203] page dumped because: kasan: bad access detected [ 29.000288] [ 29.000757] Memory state around the buggy address: [ 29.000928] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.001049] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.001151] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.001291] ^ [ 29.001423] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.001533] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.001627] ================================================================== [ 29.053630] ================================================================== [ 29.053692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 29.053748] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.053810] [ 29.053846] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.053946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.053978] Hardware name: linux,dummy-virt (DT) [ 29.054018] Call trace: [ 29.054046] show_stack+0x20/0x38 (C) [ 29.054106] dump_stack_lvl+0x8c/0xd0 [ 29.054165] print_report+0x118/0x608 [ 29.054222] kasan_report+0xdc/0x128 [ 29.054275] kasan_check_range+0x100/0x1a8 [ 29.054335] __kasan_check_write+0x20/0x30 [ 29.054429] kasan_atomics_helper+0xff0/0x4858 [ 29.054555] kasan_atomics+0x198/0x2e0 [ 29.054661] kunit_try_run_case+0x170/0x3f0 [ 29.054843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.054995] kthread+0x328/0x630 [ 29.055118] ret_from_fork+0x10/0x20 [ 29.055259] [ 29.055320] Allocated by task 267: [ 29.055526] kasan_save_stack+0x3c/0x68 [ 29.055980] kasan_save_track+0x20/0x40 [ 29.056203] kasan_save_alloc_info+0x40/0x58 [ 29.056501] __kasan_kmalloc+0xd4/0xd8 [ 29.056629] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.056742] kasan_atomics+0xb8/0x2e0 [ 29.056983] kunit_try_run_case+0x170/0x3f0 [ 29.057323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.057532] kthread+0x328/0x630 [ 29.057649] ret_from_fork+0x10/0x20 [ 29.058084] [ 29.058374] The buggy address belongs to the object at fff00000c7054a00 [ 29.058374] which belongs to the cache kmalloc-64 of size 64 [ 29.058730] The buggy address is located 0 bytes to the right of [ 29.058730] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.059119] [ 29.059484] The buggy address belongs to the physical page: [ 29.059704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.060068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.060280] page_type: f5(slab) [ 29.060508] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.060722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.061256] page dumped because: kasan: bad access detected [ 29.061461] [ 29.061595] Memory state around the buggy address: [ 29.061683] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.062447] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.062561] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.062665] ^ [ 29.063747] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.064207] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.064341] ================================================================== [ 28.835800] ================================================================== [ 28.835903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 28.836014] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.836150] [ 28.836245] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.836557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.836754] Hardware name: linux,dummy-virt (DT) [ 28.836847] Call trace: [ 28.836910] show_stack+0x20/0x38 (C) [ 28.837035] dump_stack_lvl+0x8c/0xd0 [ 28.837156] print_report+0x118/0x608 [ 28.837289] kasan_report+0xdc/0x128 [ 28.837437] kasan_check_range+0x100/0x1a8 [ 28.837648] __kasan_check_write+0x20/0x30 [ 28.837799] kasan_atomics_helper+0xad4/0x4858 [ 28.838055] kasan_atomics+0x198/0x2e0 [ 28.838198] kunit_try_run_case+0x170/0x3f0 [ 28.838408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.838577] kthread+0x328/0x630 [ 28.838808] ret_from_fork+0x10/0x20 [ 28.839032] [ 28.839112] Allocated by task 267: [ 28.839198] kasan_save_stack+0x3c/0x68 [ 28.839314] kasan_save_track+0x20/0x40 [ 28.839464] kasan_save_alloc_info+0x40/0x58 [ 28.839689] __kasan_kmalloc+0xd4/0xd8 [ 28.839804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.839928] kasan_atomics+0xb8/0x2e0 [ 28.840045] kunit_try_run_case+0x170/0x3f0 [ 28.840181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.840310] kthread+0x328/0x630 [ 28.840492] ret_from_fork+0x10/0x20 [ 28.840601] [ 28.840698] The buggy address belongs to the object at fff00000c7054a00 [ 28.840698] which belongs to the cache kmalloc-64 of size 64 [ 28.840923] The buggy address is located 0 bytes to the right of [ 28.840923] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.841103] [ 28.841160] The buggy address belongs to the physical page: [ 28.841373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.841967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.842237] page_type: f5(slab) [ 28.842642] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.843025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.843132] page dumped because: kasan: bad access detected [ 28.843218] [ 28.843270] Memory state around the buggy address: [ 28.843777] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.844103] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.844214] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.845107] ^ [ 28.845704] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.845905] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.846007] ================================================================== [ 28.539928] ================================================================== [ 28.542253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 28.543002] [ 28.543117] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.543359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.543471] Hardware name: linux,dummy-virt (DT) [ 28.543561] Call trace: [ 28.544331] print_report+0x118/0x608 [ 28.545032] kasan_atomics_helper+0x40fc/0x4858 [ 28.545611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.546280] [ 28.546733] kasan_save_stack+0x3c/0x68 [ 28.547463] __kasan_kmalloc+0xd4/0xd8 [ 28.548872] ret_from_fork+0x10/0x20 [ 28.549702] [ 28.549864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.550892] page dumped because: kasan: bad access detected [ 28.553506] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.560650] [ 28.561271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.564354] kthread+0x328/0x630 [ 28.566209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.568055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.571374] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.575903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 28.576973] print_report+0x118/0x608 [ 28.583026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.585334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.587180] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.589500] ================================================================== [ 29.238506] ================================================================== [ 29.238701] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 29.239133] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.239288] [ 29.239360] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.239574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.239674] Hardware name: linux,dummy-virt (DT) [ 29.239905] Call trace: [ 29.240056] show_stack+0x20/0x38 (C) [ 29.240193] dump_stack_lvl+0x8c/0xd0 [ 29.240327] print_report+0x118/0x608 [ 29.240479] kasan_report+0xdc/0x128 [ 29.241213] kasan_check_range+0x100/0x1a8 [ 29.241468] __kasan_check_write+0x20/0x30 [ 29.241606] kasan_atomics_helper+0x1414/0x4858 [ 29.241730] kasan_atomics+0x198/0x2e0 [ 29.241864] kunit_try_run_case+0x170/0x3f0 [ 29.242409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.242572] kthread+0x328/0x630 [ 29.242896] ret_from_fork+0x10/0x20 [ 29.243027] [ 29.243114] Allocated by task 267: [ 29.243190] kasan_save_stack+0x3c/0x68 [ 29.243301] kasan_save_track+0x20/0x40 [ 29.243624] kasan_save_alloc_info+0x40/0x58 [ 29.243762] __kasan_kmalloc+0xd4/0xd8 [ 29.244177] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.244417] kasan_atomics+0xb8/0x2e0 [ 29.244694] kunit_try_run_case+0x170/0x3f0 [ 29.244880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.245071] kthread+0x328/0x630 [ 29.245163] ret_from_fork+0x10/0x20 [ 29.245306] [ 29.245462] The buggy address belongs to the object at fff00000c7054a00 [ 29.245462] which belongs to the cache kmalloc-64 of size 64 [ 29.245609] The buggy address is located 0 bytes to the right of [ 29.245609] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.245776] [ 29.245892] The buggy address belongs to the physical page: [ 29.246009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.246324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.246515] page_type: f5(slab) [ 29.247125] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.247266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.247375] page dumped because: kasan: bad access detected [ 29.247472] [ 29.247528] Memory state around the buggy address: [ 29.247614] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247721] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247832] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.247931] ^ [ 29.249196] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249535] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249748] ================================================================== [ 28.937584] ================================================================== [ 28.937694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 28.937861] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.938040] [ 28.938165] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.938430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.938507] Hardware name: linux,dummy-virt (DT) [ 28.938620] Call trace: [ 28.938680] show_stack+0x20/0x38 (C) [ 28.939457] dump_stack_lvl+0x8c/0xd0 [ 28.939610] print_report+0x118/0x608 [ 28.940078] kasan_report+0xdc/0x128 [ 28.940592] kasan_check_range+0x100/0x1a8 [ 28.940720] __kasan_check_write+0x20/0x30 [ 28.940847] kasan_atomics_helper+0xd3c/0x4858 [ 28.941652] kasan_atomics+0x198/0x2e0 [ 28.941809] kunit_try_run_case+0x170/0x3f0 [ 28.942062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.942215] kthread+0x328/0x630 [ 28.942413] ret_from_fork+0x10/0x20 [ 28.942575] [ 28.942638] Allocated by task 267: [ 28.942727] kasan_save_stack+0x3c/0x68 [ 28.942835] kasan_save_track+0x20/0x40 [ 28.942959] kasan_save_alloc_info+0x40/0x58 [ 28.943249] __kasan_kmalloc+0xd4/0xd8 [ 28.943357] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.943483] kasan_atomics+0xb8/0x2e0 [ 28.943589] kunit_try_run_case+0x170/0x3f0 [ 28.943714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.944058] kthread+0x328/0x630 [ 28.944941] ret_from_fork+0x10/0x20 [ 28.945059] [ 28.945125] The buggy address belongs to the object at fff00000c7054a00 [ 28.945125] which belongs to the cache kmalloc-64 of size 64 [ 28.945296] The buggy address is located 0 bytes to the right of [ 28.945296] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.945682] [ 28.945750] The buggy address belongs to the physical page: [ 28.945835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.945971] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.946092] page_type: f5(slab) [ 28.946359] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.946510] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.947006] page dumped because: kasan: bad access detected [ 28.947456] [ 28.947519] Memory state around the buggy address: [ 28.947670] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.948023] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.948165] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.948283] ^ [ 28.948380] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.948717] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.948834] ================================================================== [ 28.847510] ================================================================== [ 28.847610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 28.847823] Read of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.848492] [ 28.848599] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.849398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.849489] Hardware name: linux,dummy-virt (DT) [ 28.849911] Call trace: [ 28.850384] show_stack+0x20/0x38 (C) [ 28.850537] dump_stack_lvl+0x8c/0xd0 [ 28.850673] print_report+0x118/0x608 [ 28.851103] kasan_report+0xdc/0x128 [ 28.851278] __asan_report_load4_noabort+0x20/0x30 [ 28.852027] kasan_atomics_helper+0x3dcc/0x4858 [ 28.852405] kasan_atomics+0x198/0x2e0 [ 28.852639] kunit_try_run_case+0x170/0x3f0 [ 28.852862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.853067] kthread+0x328/0x630 [ 28.853670] ret_from_fork+0x10/0x20 [ 28.854070] [ 28.854206] Allocated by task 267: [ 28.854781] kasan_save_stack+0x3c/0x68 [ 28.855111] kasan_save_track+0x20/0x40 [ 28.855237] kasan_save_alloc_info+0x40/0x58 [ 28.855682] __kasan_kmalloc+0xd4/0xd8 [ 28.856111] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.856534] kasan_atomics+0xb8/0x2e0 [ 28.856637] kunit_try_run_case+0x170/0x3f0 [ 28.857346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.857504] kthread+0x328/0x630 [ 28.857883] [ 28.859548] page_type: f5(slab) [ 28.860097] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.864454] kasan_atomics+0x198/0x2e0 [ 28.870039] The buggy address is located 0 bytes to the right of [ 28.870039] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.872943] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.874612] ================================================================== [ 28.951736] ================================================================== [ 28.951848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 28.952051] Read of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.952246] [ 28.952417] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.952943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.953145] Hardware name: linux,dummy-virt (DT) [ 28.953340] Call trace: [ 28.953502] show_stack+0x20/0x38 (C) [ 28.953709] dump_stack_lvl+0x8c/0xd0 [ 28.954061] print_report+0x118/0x608 [ 28.954254] kasan_report+0xdc/0x128 [ 28.954493] __asan_report_load4_noabort+0x20/0x30 [ 28.954819] kasan_atomics_helper+0x3e04/0x4858 [ 28.954963] kasan_atomics+0x198/0x2e0 [ 28.955097] kunit_try_run_case+0x170/0x3f0 [ 28.955528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.955905] kthread+0x328/0x630 [ 28.956029] ret_from_fork+0x10/0x20 [ 28.956534] [ 28.957296] Allocated by task 267: [ 28.957424] kasan_save_stack+0x3c/0x68 [ 28.957549] kasan_save_track+0x20/0x40 [ 28.957648] kasan_save_alloc_info+0x40/0x58 [ 28.958503] __kasan_kmalloc+0xd4/0xd8 [ 28.958670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.958793] kasan_atomics+0xb8/0x2e0 [ 28.959038] kunit_try_run_case+0x170/0x3f0 [ 28.959174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.959530] kthread+0x328/0x630 [ 28.959933] ret_from_fork+0x10/0x20 [ 28.960045] [ 28.960097] The buggy address belongs to the object at fff00000c7054a00 [ 28.960097] which belongs to the cache kmalloc-64 of size 64 [ 28.960294] The buggy address is located 0 bytes to the right of [ 28.960294] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.960471] [ 28.960523] The buggy address belongs to the physical page: [ 28.960604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.961086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.961943] page_type: f5(slab) [ 28.962685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.963616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.963830] page dumped because: kasan: bad access detected [ 28.964677] [ 28.964792] Memory state around the buggy address: [ 28.964893] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.966031] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.966592] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.966992] ^ [ 28.967098] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.967222] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.967825] ================================================================== [ 29.339105] ================================================================== [ 29.339220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 29.339531] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.339659] [ 29.339730] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.339933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.340006] Hardware name: linux,dummy-virt (DT) [ 29.340077] Call trace: [ 29.340137] show_stack+0x20/0x38 (C) [ 29.340251] dump_stack_lvl+0x8c/0xd0 [ 29.340372] print_report+0x118/0x608 [ 29.340518] kasan_report+0xdc/0x128 [ 29.340852] kasan_check_range+0x100/0x1a8 [ 29.341216] __kasan_check_write+0x20/0x30 [ 29.341408] kasan_atomics_helper+0x16d0/0x4858 [ 29.341557] kasan_atomics+0x198/0x2e0 [ 29.341686] kunit_try_run_case+0x170/0x3f0 [ 29.341896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.342211] kthread+0x328/0x630 [ 29.342347] ret_from_fork+0x10/0x20 [ 29.342506] [ 29.342571] Allocated by task 267: [ 29.342720] kasan_save_stack+0x3c/0x68 [ 29.342969] kasan_save_track+0x20/0x40 [ 29.343153] kasan_save_alloc_info+0x40/0x58 [ 29.343521] __kasan_kmalloc+0xd4/0xd8 [ 29.343664] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.343799] kasan_atomics+0xb8/0x2e0 [ 29.343900] kunit_try_run_case+0x170/0x3f0 [ 29.344031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.344341] kthread+0x328/0x630 [ 29.344677] ret_from_fork+0x10/0x20 [ 29.345320] [ 29.345475] The buggy address belongs to the object at fff00000c7054a00 [ 29.345475] which belongs to the cache kmalloc-64 of size 64 [ 29.345705] The buggy address is located 0 bytes to the right of [ 29.345705] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.345867] [ 29.345966] The buggy address belongs to the physical page: [ 29.346058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.346212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.346330] page_type: f5(slab) [ 29.346444] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.347250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.347797] page dumped because: kasan: bad access detected [ 29.347914] [ 29.348101] Memory state around the buggy address: [ 29.348223] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.348788] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.349065] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.349196] ^ [ 29.349286] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.349948] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.350061] ================================================================== [ 29.031479] ================================================================== [ 29.031628] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 29.031786] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.031912] [ 29.031985] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.032187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.032429] Hardware name: linux,dummy-virt (DT) [ 29.032516] Call trace: [ 29.032572] show_stack+0x20/0x38 (C) [ 29.032690] dump_stack_lvl+0x8c/0xd0 [ 29.032809] print_report+0x118/0x608 [ 29.032920] kasan_report+0xdc/0x128 [ 29.033032] kasan_check_range+0x100/0x1a8 [ 29.033151] __kasan_check_write+0x20/0x30 [ 29.033282] kasan_atomics_helper+0xf20/0x4858 [ 29.033805] kasan_atomics+0x198/0x2e0 [ 29.033961] kunit_try_run_case+0x170/0x3f0 [ 29.034566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.034959] kthread+0x328/0x630 [ 29.035444] ret_from_fork+0x10/0x20 [ 29.035765] [ 29.035894] Allocated by task 267: [ 29.035995] kasan_save_stack+0x3c/0x68 [ 29.036097] kasan_save_track+0x20/0x40 [ 29.036472] kasan_save_alloc_info+0x40/0x58 [ 29.036613] __kasan_kmalloc+0xd4/0xd8 [ 29.036722] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.036994] kasan_atomics+0xb8/0x2e0 [ 29.037199] kunit_try_run_case+0x170/0x3f0 [ 29.037482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.037605] kthread+0x328/0x630 [ 29.038063] ret_from_fork+0x10/0x20 [ 29.038170] [ 29.038273] The buggy address belongs to the object at fff00000c7054a00 [ 29.038273] which belongs to the cache kmalloc-64 of size 64 [ 29.038439] The buggy address is located 0 bytes to the right of [ 29.038439] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.038640] [ 29.038689] The buggy address belongs to the physical page: [ 29.038768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.039551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.039683] page_type: f5(slab) [ 29.039780] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.040786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.041289] page dumped because: kasan: bad access detected [ 29.041444] [ 29.041605] Memory state around the buggy address: [ 29.041768] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.041882] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.041988] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.042083] ^ [ 29.042160] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.042266] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.042364] ================================================================== [ 28.656249] ================================================================== [ 28.656361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 28.656622] [ 28.656903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.657857] __kasan_check_write+0x20/0x30 [ 28.658426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.659858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.660690] The buggy address belongs to the physical page: [ 28.662442] page dumped because: kasan: bad access detected [ 28.663335] ^ [ 28.666229] [ 28.669189] [ 28.670488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.671997] page dumped because: kasan: bad access detected [ 28.673489] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.679339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.683209] kthread+0x328/0x630 [ 28.685766] kunit_try_run_case+0x170/0x3f0 [ 28.687793] [ 28.691095] [ 28.692220] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.707284] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.713357] __kasan_kmalloc+0xd4/0xd8 [ 28.717545] [ 28.718673] page_type: f5(slab) [ 28.719755] [ 28.719821] Memory state around the buggy address: [ 28.720695] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.721911] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.725189] [ 28.725488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.727564] kunit_try_run_case+0x170/0x3f0 [ 28.730231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.731462] [ 28.732421] page_type: f5(slab) [ 28.732997] page dumped because: kasan: bad access detected [ 28.734108] ^ [ 28.734654] ================================================================== [ 29.262771] ================================================================== [ 29.262875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 29.262940] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.263223] [ 29.263306] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.263523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.263600] Hardware name: linux,dummy-virt (DT) [ 29.263679] Call trace: [ 29.263856] show_stack+0x20/0x38 (C) [ 29.264238] dump_stack_lvl+0x8c/0xd0 [ 29.264408] print_report+0x118/0x608 [ 29.264525] kasan_report+0xdc/0x128 [ 29.264638] kasan_check_range+0x100/0x1a8 [ 29.264755] __kasan_check_write+0x20/0x30 [ 29.264870] kasan_atomics_helper+0x14e4/0x4858 [ 29.264988] kasan_atomics+0x198/0x2e0 [ 29.265106] kunit_try_run_case+0x170/0x3f0 [ 29.265242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.265375] kthread+0x328/0x630 [ 29.265505] ret_from_fork+0x10/0x20 [ 29.268498] [ 29.268571] Allocated by task 267: [ 29.268659] kasan_save_stack+0x3c/0x68 [ 29.268771] kasan_save_track+0x20/0x40 [ 29.268883] kasan_save_alloc_info+0x40/0x58 [ 29.268998] __kasan_kmalloc+0xd4/0xd8 [ 29.269110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.269231] kasan_atomics+0xb8/0x2e0 [ 29.269331] kunit_try_run_case+0x170/0x3f0 [ 29.269438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.269550] kthread+0x328/0x630 [ 29.271067] ret_from_fork+0x10/0x20 [ 29.271266] [ 29.271357] The buggy address belongs to the object at fff00000c7054a00 [ 29.271357] which belongs to the cache kmalloc-64 of size 64 [ 29.271612] The buggy address is located 0 bytes to the right of [ 29.271612] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.272354] [ 29.272459] The buggy address belongs to the physical page: [ 29.272537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.272666] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.272788] page_type: f5(slab) [ 29.273802] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.273964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.274085] page dumped because: kasan: bad access detected [ 29.274731] [ 29.274881] Memory state around the buggy address: [ 29.274971] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.275473] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.275983] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.276608] ^ [ 29.276713] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.276990] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.277087] ================================================================== [ 28.771457] ================================================================== [ 28.771573] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 28.772536] dump_stack_lvl+0x8c/0xd0 [ 28.776123] kasan_save_track+0x20/0x40 [ 28.776552] __kasan_kmalloc+0xd4/0xd8 [ 28.779551] [ 28.781229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.784717] ================================================================== [ 29.299839] ================================================================== [ 29.299976] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 29.300130] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.300257] [ 29.300344] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.300579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.300698] Hardware name: linux,dummy-virt (DT) [ 29.300859] Call trace: [ 29.300922] show_stack+0x20/0x38 (C) [ 29.301188] dump_stack_lvl+0x8c/0xd0 [ 29.301331] print_report+0x118/0x608 [ 29.301474] kasan_report+0xdc/0x128 [ 29.301637] __asan_report_load8_noabort+0x20/0x30 [ 29.301815] kasan_atomics_helper+0x3db0/0x4858 [ 29.301949] kasan_atomics+0x198/0x2e0 [ 29.302072] kunit_try_run_case+0x170/0x3f0 [ 29.302194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.302330] kthread+0x328/0x630 [ 29.302469] ret_from_fork+0x10/0x20 [ 29.302613] [ 29.302678] Allocated by task 267: [ 29.302780] kasan_save_stack+0x3c/0x68 [ 29.302927] kasan_save_track+0x20/0x40 [ 29.303023] kasan_save_alloc_info+0x40/0x58 [ 29.303250] __kasan_kmalloc+0xd4/0xd8 [ 29.303367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.303647] kasan_atomics+0xb8/0x2e0 [ 29.303747] kunit_try_run_case+0x170/0x3f0 [ 29.303855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.303966] kthread+0x328/0x630 [ 29.304054] ret_from_fork+0x10/0x20 [ 29.304146] [ 29.304205] The buggy address belongs to the object at fff00000c7054a00 [ 29.304205] which belongs to the cache kmalloc-64 of size 64 [ 29.304412] The buggy address is located 0 bytes to the right of [ 29.304412] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.304682] [ 29.304772] The buggy address belongs to the physical page: [ 29.304859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.304988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.305108] page_type: f5(slab) [ 29.305289] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.305437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.305545] page dumped because: kasan: bad access detected [ 29.305626] [ 29.305674] Memory state around the buggy address: [ 29.305777] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.306164] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.306576] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.306681] ^ [ 29.307513] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.307842] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.307948] ================================================================== [ 29.360075] ================================================================== [ 29.360338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 29.360643] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.360765] [ 29.360834] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.361030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.361095] Hardware name: linux,dummy-virt (DT) [ 29.361170] Call trace: [ 29.361237] show_stack+0x20/0x38 (C) [ 29.361358] dump_stack_lvl+0x8c/0xd0 [ 29.362708] print_report+0x118/0x608 [ 29.362846] kasan_report+0xdc/0x128 [ 29.362959] kasan_check_range+0x100/0x1a8 [ 29.363078] __kasan_check_write+0x20/0x30 [ 29.363204] kasan_atomics_helper+0x175c/0x4858 [ 29.364783] kasan_atomics+0x198/0x2e0 [ 29.365065] kunit_try_run_case+0x170/0x3f0 [ 29.365332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.365499] kthread+0x328/0x630 [ 29.365632] ret_from_fork+0x10/0x20 [ 29.366297] [ 29.366775] Allocated by task 267: [ 29.366856] kasan_save_stack+0x3c/0x68 [ 29.367061] kasan_save_track+0x20/0x40 [ 29.367295] kasan_save_alloc_info+0x40/0x58 [ 29.367510] __kasan_kmalloc+0xd4/0xd8 [ 29.367643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.367836] kasan_atomics+0xb8/0x2e0 [ 29.367944] kunit_try_run_case+0x170/0x3f0 [ 29.368526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.368721] kthread+0x328/0x630 [ 29.368854] ret_from_fork+0x10/0x20 [ 29.369333] [ 29.369409] The buggy address belongs to the object at fff00000c7054a00 [ 29.369409] which belongs to the cache kmalloc-64 of size 64 [ 29.369936] The buggy address is located 0 bytes to the right of [ 29.369936] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.370360] [ 29.370630] The buggy address belongs to the physical page: [ 29.370722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.370907] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.371488] page_type: f5(slab) [ 29.371703] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.371848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.372345] page dumped because: kasan: bad access detected [ 29.372499] [ 29.372612] Memory state around the buggy address: [ 29.372824] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.372954] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.373066] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.373625] ^ [ 29.373989] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.374271] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.374377] ================================================================== [ 29.096837] ================================================================== [ 29.097001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 29.097147] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.098583] [ 29.098680] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.098895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.098965] Hardware name: linux,dummy-virt (DT) [ 29.099044] Call trace: [ 29.099104] show_stack+0x20/0x38 (C) [ 29.099222] dump_stack_lvl+0x8c/0xd0 [ 29.099342] print_report+0x118/0x608 [ 29.101464] kasan_report+0xdc/0x128 [ 29.102719] kasan_check_range+0x100/0x1a8 [ 29.103339] __kasan_check_write+0x20/0x30 [ 29.103509] kasan_atomics_helper+0x1128/0x4858 [ 29.104339] kasan_atomics+0x198/0x2e0 [ 29.104618] kunit_try_run_case+0x170/0x3f0 [ 29.104987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.105161] kthread+0x328/0x630 [ 29.105511] ret_from_fork+0x10/0x20 [ 29.105659] [ 29.105812] Allocated by task 267: [ 29.105893] kasan_save_stack+0x3c/0x68 [ 29.105999] kasan_save_track+0x20/0x40 [ 29.106090] kasan_save_alloc_info+0x40/0x58 [ 29.106186] __kasan_kmalloc+0xd4/0xd8 [ 29.106272] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.106368] kasan_atomics+0xb8/0x2e0 [ 29.106477] kunit_try_run_case+0x170/0x3f0 [ 29.106589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.106929] kthread+0x328/0x630 [ 29.107119] ret_from_fork+0x10/0x20 [ 29.107211] [ 29.107659] The buggy address belongs to the object at fff00000c7054a00 [ 29.107659] which belongs to the cache kmalloc-64 of size 64 [ 29.108130] The buggy address is located 0 bytes to the right of [ 29.108130] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.108332] [ 29.108420] The buggy address belongs to the physical page: [ 29.108504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.108831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.108962] page_type: f5(slab) [ 29.109065] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.109485] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.109831] page dumped because: kasan: bad access detected [ 29.109921] [ 29.109975] Memory state around the buggy address: [ 29.110058] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.110528] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.110744] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.110874] ^ [ 29.110969] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.111135] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.111250] ================================================================== [ 29.309344] ================================================================== [ 29.309464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 29.309571] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.309688] [ 29.309757] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.311252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.311369] Hardware name: linux,dummy-virt (DT) [ 29.311627] Call trace: [ 29.311692] show_stack+0x20/0x38 (C) [ 29.311828] dump_stack_lvl+0x8c/0xd0 [ 29.312861] print_report+0x118/0x608 [ 29.313099] kasan_report+0xdc/0x128 [ 29.313228] kasan_check_range+0x100/0x1a8 [ 29.313814] __kasan_check_write+0x20/0x30 [ 29.314504] kasan_atomics_helper+0x1644/0x4858 [ 29.314649] kasan_atomics+0x198/0x2e0 [ 29.314787] kunit_try_run_case+0x170/0x3f0 [ 29.315415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.315639] kthread+0x328/0x630 [ 29.315765] ret_from_fork+0x10/0x20 [ 29.315892] [ 29.315954] Allocated by task 267: [ 29.316027] kasan_save_stack+0x3c/0x68 [ 29.317168] kasan_save_track+0x20/0x40 [ 29.318244] kasan_save_alloc_info+0x40/0x58 [ 29.318432] __kasan_kmalloc+0xd4/0xd8 [ 29.318986] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.319610] kasan_atomics+0xb8/0x2e0 [ 29.319718] kunit_try_run_case+0x170/0x3f0 [ 29.319991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.320600] kthread+0x328/0x630 [ 29.321154] ret_from_fork+0x10/0x20 [ 29.321884] [ 29.322326] The buggy address belongs to the object at fff00000c7054a00 [ 29.322326] which belongs to the cache kmalloc-64 of size 64 [ 29.322789] The buggy address is located 0 bytes to the right of [ 29.322789] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.322955] [ 29.323009] The buggy address belongs to the physical page: [ 29.323754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.324233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.324573] page_type: f5(slab) [ 29.324752] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.324940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.325125] page dumped because: kasan: bad access detected [ 29.325631] [ 29.325816] Memory state around the buggy address: [ 29.326065] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.326179] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.326289] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.326406] ^ [ 29.327308] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.327684] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.327786] ================================================================== [ 29.194016] ================================================================== [ 29.194121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 29.194226] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.196445] [ 29.196651] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.197695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.197764] Hardware name: linux,dummy-virt (DT) [ 29.197842] Call trace: [ 29.197899] show_stack+0x20/0x38 (C) [ 29.198025] dump_stack_lvl+0x8c/0xd0 [ 29.198146] print_report+0x118/0x608 [ 29.198265] kasan_report+0xdc/0x128 [ 29.198376] kasan_check_range+0x100/0x1a8 [ 29.201731] __kasan_check_write+0x20/0x30 [ 29.202441] kasan_atomics_helper+0x1384/0x4858 [ 29.202571] kasan_atomics+0x198/0x2e0 [ 29.204079] kunit_try_run_case+0x170/0x3f0 [ 29.204222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.205421] kthread+0x328/0x630 [ 29.206019] ret_from_fork+0x10/0x20 [ 29.207002] [ 29.207065] Allocated by task 267: [ 29.207139] kasan_save_stack+0x3c/0x68 [ 29.207247] kasan_save_track+0x20/0x40 [ 29.208590] kasan_save_alloc_info+0x40/0x58 [ 29.209121] __kasan_kmalloc+0xd4/0xd8 [ 29.209228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.209330] kasan_atomics+0xb8/0x2e0 [ 29.210956] kunit_try_run_case+0x170/0x3f0 [ 29.211561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.211672] kthread+0x328/0x630 [ 29.212965] ret_from_fork+0x10/0x20 [ 29.213449] [ 29.213931] The buggy address belongs to the object at fff00000c7054a00 [ 29.213931] which belongs to the cache kmalloc-64 of size 64 [ 29.214213] The buggy address is located 0 bytes to the right of [ 29.214213] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.215294] [ 29.215517] The buggy address belongs to the physical page: [ 29.216595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.216934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.218056] page_type: f5(slab) [ 29.218171] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.219367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.220607] page dumped because: kasan: bad access detected [ 29.220932] [ 29.221306] Memory state around the buggy address: [ 29.221575] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.221730] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.222243] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.222834] ^ [ 29.223219] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.223484] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.223936] ================================================================== [ 29.351095] ================================================================== [ 29.351205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 29.351328] Read of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.351485] [ 29.351560] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.351814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.351899] Hardware name: linux,dummy-virt (DT) [ 29.351981] Call trace: [ 29.352045] show_stack+0x20/0x38 (C) [ 29.352317] dump_stack_lvl+0x8c/0xd0 [ 29.352481] print_report+0x118/0x608 [ 29.352598] kasan_report+0xdc/0x128 [ 29.352716] __asan_report_load8_noabort+0x20/0x30 [ 29.352841] kasan_atomics_helper+0x3e10/0x4858 [ 29.352960] kasan_atomics+0x198/0x2e0 [ 29.353080] kunit_try_run_case+0x170/0x3f0 [ 29.353213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.353351] kthread+0x328/0x630 [ 29.353489] ret_from_fork+0x10/0x20 [ 29.353606] [ 29.353656] Allocated by task 267: [ 29.353723] kasan_save_stack+0x3c/0x68 [ 29.353819] kasan_save_track+0x20/0x40 [ 29.353907] kasan_save_alloc_info+0x40/0x58 [ 29.354004] __kasan_kmalloc+0xd4/0xd8 [ 29.354089] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.354184] kasan_atomics+0xb8/0x2e0 [ 29.354287] kunit_try_run_case+0x170/0x3f0 [ 29.354427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.354604] kthread+0x328/0x630 [ 29.354723] ret_from_fork+0x10/0x20 [ 29.354830] [ 29.354889] The buggy address belongs to the object at fff00000c7054a00 [ 29.354889] which belongs to the cache kmalloc-64 of size 64 [ 29.355040] The buggy address is located 0 bytes to the right of [ 29.355040] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.355221] [ 29.355279] The buggy address belongs to the physical page: [ 29.355404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.355828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.356625] page_type: f5(slab) [ 29.356999] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.357511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.357633] page dumped because: kasan: bad access detected [ 29.357727] [ 29.357881] Memory state around the buggy address: [ 29.357967] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.358407] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.358759] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.358875] ^ [ 29.359370] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.359529] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.359664] ================================================================== [ 28.798183] ================================================================== [ 28.798340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 28.798650] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.798785] [ 28.798870] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.799067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.799152] Hardware name: linux,dummy-virt (DT) [ 28.799379] Call trace: [ 28.799568] show_stack+0x20/0x38 (C) [ 28.799921] dump_stack_lvl+0x8c/0xd0 [ 28.800051] print_report+0x118/0x608 [ 28.800172] kasan_report+0xdc/0x128 [ 28.800291] kasan_check_range+0x100/0x1a8 [ 28.800785] __kasan_check_write+0x20/0x30 [ 28.801240] kasan_atomics_helper+0x99c/0x4858 [ 28.801468] kasan_atomics+0x198/0x2e0 [ 28.801608] kunit_try_run_case+0x170/0x3f0 [ 28.801736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.801935] kthread+0x328/0x630 [ 28.802058] ret_from_fork+0x10/0x20 [ 28.802286] [ 28.802581] Allocated by task 267: [ 28.802682] kasan_save_stack+0x3c/0x68 [ 28.803096] kasan_save_track+0x20/0x40 [ 28.803235] kasan_save_alloc_info+0x40/0x58 [ 28.803402] __kasan_kmalloc+0xd4/0xd8 [ 28.803641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.803801] kasan_atomics+0xb8/0x2e0 [ 28.804061] kunit_try_run_case+0x170/0x3f0 [ 28.804173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.804336] kthread+0x328/0x630 [ 28.804469] ret_from_fork+0x10/0x20 [ 28.804613] [ 28.804834] The buggy address belongs to the object at fff00000c7054a00 [ 28.804834] which belongs to the cache kmalloc-64 of size 64 [ 28.805052] The buggy address is located 0 bytes to the right of [ 28.805052] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.805226] [ 28.806463] The buggy address belongs to the physical page: [ 28.806561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.806817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.807193] page_type: f5(slab) [ 28.807533] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.807732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.807865] page dumped because: kasan: bad access detected [ 28.807951] [ 28.808184] Memory state around the buggy address: [ 28.808352] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.808620] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.808776] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.809018] ^ [ 28.809117] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.809237] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.809492] ================================================================== [ 29.161671] ================================================================== [ 29.161919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 29.162457] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.162616] [ 29.163296] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.163686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.163757] Hardware name: linux,dummy-virt (DT) [ 29.163934] Call trace: [ 29.163992] show_stack+0x20/0x38 (C) [ 29.164204] dump_stack_lvl+0x8c/0xd0 [ 29.164322] print_report+0x118/0x608 [ 29.164476] kasan_report+0xdc/0x128 [ 29.164968] kasan_check_range+0x100/0x1a8 [ 29.165363] __kasan_check_write+0x20/0x30 [ 29.165887] kasan_atomics_helper+0x126c/0x4858 [ 29.166015] kasan_atomics+0x198/0x2e0 [ 29.166129] kunit_try_run_case+0x170/0x3f0 [ 29.166250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.166380] kthread+0x328/0x630 [ 29.166521] ret_from_fork+0x10/0x20 [ 29.167263] [ 29.167347] Allocated by task 267: [ 29.167980] kasan_save_stack+0x3c/0x68 [ 29.168747] kasan_save_track+0x20/0x40 [ 29.168884] kasan_save_alloc_info+0x40/0x58 [ 29.169377] __kasan_kmalloc+0xd4/0xd8 [ 29.169512] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.169635] kasan_atomics+0xb8/0x2e0 [ 29.169738] kunit_try_run_case+0x170/0x3f0 [ 29.170366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.170705] kthread+0x328/0x630 [ 29.171024] ret_from_fork+0x10/0x20 [ 29.171359] [ 29.171437] The buggy address belongs to the object at fff00000c7054a00 [ 29.171437] which belongs to the cache kmalloc-64 of size 64 [ 29.171768] The buggy address is located 0 bytes to the right of [ 29.171768] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.172063] [ 29.172145] The buggy address belongs to the physical page: [ 29.173248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.173501] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.173877] page_type: f5(slab) [ 29.174276] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.174527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.174909] page dumped because: kasan: bad access detected [ 29.175023] [ 29.175080] Memory state around the buggy address: [ 29.175178] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.175307] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.175658] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.175780] ^ [ 29.175973] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.176076] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.176789] ================================================================== [ 28.827050] ================================================================== [ 28.827199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 28.827348] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.827650] [ 28.827812] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.828016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.828086] Hardware name: linux,dummy-virt (DT) [ 28.828167] Call trace: [ 28.828224] show_stack+0x20/0x38 (C) [ 28.828344] dump_stack_lvl+0x8c/0xd0 [ 28.828490] print_report+0x118/0x608 [ 28.828607] kasan_report+0xdc/0x128 [ 28.828719] kasan_check_range+0x100/0x1a8 [ 28.828839] __kasan_check_write+0x20/0x30 [ 28.828962] kasan_atomics_helper+0xa6c/0x4858 [ 28.829083] kasan_atomics+0x198/0x2e0 [ 28.829208] kunit_try_run_case+0x170/0x3f0 [ 28.829342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.829527] kthread+0x328/0x630 [ 28.829824] ret_from_fork+0x10/0x20 [ 28.829980] [ 28.830040] Allocated by task 267: [ 28.830130] kasan_save_stack+0x3c/0x68 [ 28.830245] kasan_save_track+0x20/0x40 [ 28.830357] kasan_save_alloc_info+0x40/0x58 [ 28.830490] __kasan_kmalloc+0xd4/0xd8 [ 28.830676] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.830834] kasan_atomics+0xb8/0x2e0 [ 28.830951] kunit_try_run_case+0x170/0x3f0 [ 28.831094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.831493] kthread+0x328/0x630 [ 28.831598] ret_from_fork+0x10/0x20 [ 28.831706] [ 28.831761] The buggy address belongs to the object at fff00000c7054a00 [ 28.831761] which belongs to the cache kmalloc-64 of size 64 [ 28.831898] The buggy address is located 0 bytes to the right of [ 28.831898] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.832169] [ 28.832240] The buggy address belongs to the physical page: [ 28.832321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.832480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.832690] page_type: f5(slab) [ 28.832814] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.832940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.833071] page dumped because: kasan: bad access detected [ 28.833219] [ 28.833283] Memory state around the buggy address: [ 28.833449] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.833578] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.833699] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.833860] ^ [ 28.833983] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.834194] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.834463] ================================================================== [ 28.811775] ================================================================== [ 28.811883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 28.812000] Write of size 4 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 28.812132] [ 28.812216] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.813477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.813820] Hardware name: linux,dummy-virt (DT) [ 28.814232] Call trace: [ 28.814629] show_stack+0x20/0x38 (C) [ 28.815139] dump_stack_lvl+0x8c/0xd0 [ 28.815244] print_report+0x118/0x608 [ 28.815364] kasan_report+0xdc/0x128 [ 28.816913] kasan_check_range+0x100/0x1a8 [ 28.817048] __kasan_check_write+0x20/0x30 [ 28.817212] kasan_atomics_helper+0xa04/0x4858 [ 28.817604] kasan_atomics+0x198/0x2e0 [ 28.817730] kunit_try_run_case+0x170/0x3f0 [ 28.817856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.817998] kthread+0x328/0x630 [ 28.818114] ret_from_fork+0x10/0x20 [ 28.818277] [ 28.818426] Allocated by task 267: [ 28.818519] kasan_save_stack+0x3c/0x68 [ 28.818700] kasan_save_track+0x20/0x40 [ 28.819165] kasan_save_alloc_info+0x40/0x58 [ 28.819439] __kasan_kmalloc+0xd4/0xd8 [ 28.819713] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.820059] kasan_atomics+0xb8/0x2e0 [ 28.820177] kunit_try_run_case+0x170/0x3f0 [ 28.820291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.820434] kthread+0x328/0x630 [ 28.820537] ret_from_fork+0x10/0x20 [ 28.821251] [ 28.821530] The buggy address belongs to the object at fff00000c7054a00 [ 28.821530] which belongs to the cache kmalloc-64 of size 64 [ 28.821762] The buggy address is located 0 bytes to the right of [ 28.821762] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 28.822070] [ 28.822125] The buggy address belongs to the physical page: [ 28.822205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 28.822404] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.822818] page_type: f5(slab) [ 28.822985] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 28.823367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.823588] page dumped because: kasan: bad access detected [ 28.823712] [ 28.823785] Memory state around the buggy address: [ 28.823872] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.824037] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.824333] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.824449] ^ [ 28.824581] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.824995] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.825261] ================================================================== [ 29.143304] ================================================================== [ 29.143446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 29.143570] Write of size 8 at addr fff00000c7054a30 by task kunit_try_catch/267 [ 29.143689] [ 29.143770] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 29.143968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.146471] Hardware name: linux,dummy-virt (DT) [ 29.146768] Call trace: [ 29.146889] show_stack+0x20/0x38 (C) [ 29.147227] dump_stack_lvl+0x8c/0xd0 [ 29.147492] print_report+0x118/0x608 [ 29.147713] kasan_report+0xdc/0x128 [ 29.147827] kasan_check_range+0x100/0x1a8 [ 29.149213] __kasan_check_write+0x20/0x30 [ 29.149379] kasan_atomics_helper+0x11f8/0x4858 [ 29.149793] kasan_atomics+0x198/0x2e0 [ 29.149931] kunit_try_run_case+0x170/0x3f0 [ 29.150557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.150831] kthread+0x328/0x630 [ 29.151662] ret_from_fork+0x10/0x20 [ 29.152231] [ 29.152401] Allocated by task 267: [ 29.152479] kasan_save_stack+0x3c/0x68 [ 29.152941] kasan_save_track+0x20/0x40 [ 29.153261] kasan_save_alloc_info+0x40/0x58 [ 29.153372] __kasan_kmalloc+0xd4/0xd8 [ 29.153606] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.153941] kasan_atomics+0xb8/0x2e0 [ 29.154527] kunit_try_run_case+0x170/0x3f0 [ 29.154959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.155474] kthread+0x328/0x630 [ 29.155834] ret_from_fork+0x10/0x20 [ 29.156016] [ 29.156491] The buggy address belongs to the object at fff00000c7054a00 [ 29.156491] which belongs to the cache kmalloc-64 of size 64 [ 29.156877] The buggy address is located 0 bytes to the right of [ 29.156877] allocated 48-byte region [fff00000c7054a00, fff00000c7054a30) [ 29.157139] [ 29.157207] The buggy address belongs to the physical page: [ 29.157815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107054 [ 29.157966] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.158087] page_type: f5(slab) [ 29.158279] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.158425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.158661] page dumped because: kasan: bad access detected [ 29.158746] [ 29.158804] Memory state around the buggy address: [ 29.159157] fff00000c7054900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.159367] fff00000c7054980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.159505] >fff00000c7054a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.159722] ^ [ 29.159817] fff00000c7054a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160278] fff00000c7054b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160762] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 28.181735] ================================================================== [ 28.182061] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 28.182419] Write of size 8 at addr fff00000c5e9de08 by task kunit_try_catch/263 [ 28.182600] [ 28.182700] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.183214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.183679] Hardware name: linux,dummy-virt (DT) [ 28.183852] Call trace: [ 28.183942] show_stack+0x20/0x38 (C) [ 28.184562] dump_stack_lvl+0x8c/0xd0 [ 28.185134] print_report+0x118/0x608 [ 28.185271] kasan_report+0xdc/0x128 [ 28.185836] kasan_check_range+0x100/0x1a8 [ 28.186048] __kasan_check_write+0x20/0x30 [ 28.186198] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 28.186493] kasan_bitops_generic+0x110/0x1c8 [ 28.186647] kunit_try_run_case+0x170/0x3f0 [ 28.186791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.187024] kthread+0x328/0x630 [ 28.187153] ret_from_fork+0x10/0x20 [ 28.187268] [ 28.187321] Allocated by task 263: [ 28.187536] kasan_save_stack+0x3c/0x68 [ 28.187637] kasan_save_track+0x20/0x40 [ 28.187887] kasan_save_alloc_info+0x40/0x58 [ 28.188159] __kasan_kmalloc+0xd4/0xd8 [ 28.188585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.188818] kasan_bitops_generic+0xa0/0x1c8 [ 28.188947] kunit_try_run_case+0x170/0x3f0 [ 28.189773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.190034] kthread+0x328/0x630 [ 28.190163] ret_from_fork+0x10/0x20 [ 28.190463] [ 28.190545] The buggy address belongs to the object at fff00000c5e9de00 [ 28.190545] which belongs to the cache kmalloc-16 of size 16 [ 28.190747] The buggy address is located 8 bytes inside of [ 28.190747] allocated 9-byte region [fff00000c5e9de00, fff00000c5e9de09) [ 28.190899] [ 28.190957] The buggy address belongs to the physical page: [ 28.191999] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.196763] [ 28.196964] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.197696] dump_stack_lvl+0x8c/0xd0 [ 28.200372] kasan_save_track+0x20/0x40 [ 28.202324] The buggy address is located 8 bytes inside of [ 28.202324] allocated 9-byte region [fff00000c5e9de00, fff00000c5e9de09) [ 28.204471] page dumped because: kasan: bad access detected [ 28.205623] >fff00000c5e9de00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.210076] print_report+0x118/0x608 [ 28.213020] __kasan_kmalloc+0xd4/0xd8 [ 28.214772] [ 28.216241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.217416] >fff00000c5e9de00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.218327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 28.155075] ================================================================== [ 28.155260] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 28.155375] Read of size 1 at addr fff00000c7043110 by task kunit_try_catch/261 [ 28.155518] [ 28.155589] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.155782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.155969] Hardware name: linux,dummy-virt (DT) [ 28.156049] Call trace: [ 28.156109] show_stack+0x20/0x38 (C) [ 28.156228] dump_stack_lvl+0x8c/0xd0 [ 28.156346] print_report+0x118/0x608 [ 28.156487] kasan_report+0xdc/0x128 [ 28.156604] __asan_report_load1_noabort+0x20/0x30 [ 28.156724] strnlen+0x80/0x88 [ 28.156837] kasan_strings+0x478/0xb00 [ 28.156954] kunit_try_run_case+0x170/0x3f0 [ 28.157071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.157222] kthread+0x328/0x630 [ 28.157338] ret_from_fork+0x10/0x20 [ 28.157483] [ 28.157542] Allocated by task 261: [ 28.157675] kasan_save_stack+0x3c/0x68 [ 28.157862] kasan_save_track+0x20/0x40 [ 28.158009] kasan_save_alloc_info+0x40/0x58 [ 28.158131] __kasan_kmalloc+0xd4/0xd8 [ 28.158240] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.158401] kasan_strings+0xc8/0xb00 [ 28.158626] kunit_try_run_case+0x170/0x3f0 [ 28.158981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.159141] kthread+0x328/0x630 [ 28.159254] ret_from_fork+0x10/0x20 [ 28.159385] [ 28.159455] Freed by task 261: [ 28.159523] kasan_save_stack+0x3c/0x68 [ 28.159625] kasan_save_track+0x20/0x40 [ 28.159723] kasan_save_free_info+0x4c/0x78 [ 28.159938] __kasan_slab_free+0x6c/0x98 [ 28.160094] kfree+0x214/0x3c8 [ 28.160289] kasan_strings+0x24c/0xb00 [ 28.160426] kunit_try_run_case+0x170/0x3f0 [ 28.160534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.160648] kthread+0x328/0x630 [ 28.160737] ret_from_fork+0x10/0x20 [ 28.160834] [ 28.160889] The buggy address belongs to the object at fff00000c7043100 [ 28.160889] which belongs to the cache kmalloc-32 of size 32 [ 28.161050] The buggy address is located 16 bytes inside of [ 28.161050] freed 32-byte region [fff00000c7043100, fff00000c7043120) [ 28.161223] [ 28.161275] The buggy address belongs to the physical page: [ 28.161402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107043 [ 28.161534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.161657] page_type: f5(slab) [ 28.161747] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.161879] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.162006] page dumped because: kasan: bad access detected [ 28.162120] [ 28.162191] Memory state around the buggy address: [ 28.162292] fff00000c7043000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.162581] fff00000c7043080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.162721] >fff00000c7043100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.162830] ^ [ 28.162925] fff00000c7043180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.163043] fff00000c7043200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.163178] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 28.138934] ================================================================== [ 28.139063] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 28.139251] Read of size 1 at addr fff00000c7043110 by task kunit_try_catch/261 [ 28.139460] [ 28.139546] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.140438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.140671] Hardware name: linux,dummy-virt (DT) [ 28.140895] Call trace: [ 28.141023] show_stack+0x20/0x38 (C) [ 28.141154] dump_stack_lvl+0x8c/0xd0 [ 28.141302] print_report+0x118/0x608 [ 28.141661] kasan_report+0xdc/0x128 [ 28.141853] __asan_report_load1_noabort+0x20/0x30 [ 28.142156] strlen+0xa8/0xb0 [ 28.142272] kasan_strings+0x418/0xb00 [ 28.142685] kunit_try_run_case+0x170/0x3f0 [ 28.143019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.143240] kthread+0x328/0x630 [ 28.143676] ret_from_fork+0x10/0x20 [ 28.143989] [ 28.144078] Allocated by task 261: [ 28.144160] kasan_save_stack+0x3c/0x68 [ 28.144277] kasan_save_track+0x20/0x40 [ 28.144470] kasan_save_alloc_info+0x40/0x58 [ 28.144589] __kasan_kmalloc+0xd4/0xd8 [ 28.145009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.145269] kasan_strings+0xc8/0xb00 [ 28.145381] kunit_try_run_case+0x170/0x3f0 [ 28.145502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.145623] kthread+0x328/0x630 [ 28.145736] ret_from_fork+0x10/0x20 [ 28.145881] [ 28.146300] Freed by task 261: [ 28.146519] kasan_save_stack+0x3c/0x68 [ 28.146635] kasan_save_track+0x20/0x40 [ 28.146823] kasan_save_free_info+0x4c/0x78 [ 28.147447] __kasan_slab_free+0x6c/0x98 [ 28.147571] kfree+0x214/0x3c8 [ 28.147667] kasan_strings+0x24c/0xb00 [ 28.147774] kunit_try_run_case+0x170/0x3f0 [ 28.147884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.148354] kthread+0x328/0x630 [ 28.148623] ret_from_fork+0x10/0x20 [ 28.148726] [ 28.148879] The buggy address belongs to the object at fff00000c7043100 [ 28.148879] which belongs to the cache kmalloc-32 of size 32 [ 28.149032] The buggy address is located 16 bytes inside of [ 28.149032] freed 32-byte region [fff00000c7043100, fff00000c7043120) [ 28.149200] [ 28.149353] The buggy address belongs to the physical page: [ 28.149452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107043 [ 28.149632] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.150127] page_type: f5(slab) [ 28.150617] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.150769] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.150927] page dumped because: kasan: bad access detected [ 28.151040] [ 28.151100] Memory state around the buggy address: [ 28.151197] fff00000c7043000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.151624] fff00000c7043080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.151827] >fff00000c7043100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.151935] ^ [ 28.152068] fff00000c7043180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.152184] fff00000c7043200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.152284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 28.122655] ================================================================== [ 28.122918] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 28.123034] Read of size 1 at addr fff00000c7043110 by task kunit_try_catch/261 [ 28.123279] [ 28.123368] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.123872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.124329] Hardware name: linux,dummy-virt (DT) [ 28.124596] Call trace: [ 28.124738] show_stack+0x20/0x38 (C) [ 28.124868] dump_stack_lvl+0x8c/0xd0 [ 28.124990] print_report+0x118/0x608 [ 28.125112] kasan_report+0xdc/0x128 [ 28.125333] __asan_report_load1_noabort+0x20/0x30 [ 28.125490] kasan_strings+0x95c/0xb00 [ 28.125612] kunit_try_run_case+0x170/0x3f0 [ 28.125756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.125901] kthread+0x328/0x630 [ 28.126016] ret_from_fork+0x10/0x20 [ 28.126510] [ 28.126801] Allocated by task 261: [ 28.126878] kasan_save_stack+0x3c/0x68 [ 28.127019] kasan_save_track+0x20/0x40 [ 28.127125] kasan_save_alloc_info+0x40/0x58 [ 28.127453] __kasan_kmalloc+0xd4/0xd8 [ 28.127546] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.127843] kasan_strings+0xc8/0xb00 [ 28.128116] kunit_try_run_case+0x170/0x3f0 [ 28.128236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.128340] kthread+0x328/0x630 [ 28.128446] ret_from_fork+0x10/0x20 [ 28.128536] [ 28.128586] Freed by task 261: [ 28.128647] kasan_save_stack+0x3c/0x68 [ 28.128741] kasan_save_track+0x20/0x40 [ 28.128834] kasan_save_free_info+0x4c/0x78 [ 28.128948] __kasan_slab_free+0x6c/0x98 [ 28.129059] kfree+0x214/0x3c8 [ 28.129694] kasan_strings+0x24c/0xb00 [ 28.130122] kunit_try_run_case+0x170/0x3f0 [ 28.130250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.130464] kthread+0x328/0x630 [ 28.130573] ret_from_fork+0x10/0x20 [ 28.131003] [ 28.131407] The buggy address belongs to the object at fff00000c7043100 [ 28.131407] which belongs to the cache kmalloc-32 of size 32 [ 28.131755] The buggy address is located 16 bytes inside of [ 28.131755] freed 32-byte region [fff00000c7043100, fff00000c7043120) [ 28.132118] [ 28.132521] The buggy address belongs to the physical page: [ 28.132656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107043 [ 28.132882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.132997] page_type: f5(slab) [ 28.133097] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.133231] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.133329] page dumped because: kasan: bad access detected [ 28.133418] [ 28.133522] Memory state around the buggy address: [ 28.133750] fff00000c7043000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.134040] fff00000c7043080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.134174] >fff00000c7043100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.134408] ^ [ 28.134484] fff00000c7043180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.134596] fff00000c7043200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.134746] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 28.108023] ================================================================== [ 28.108295] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 28.108461] Read of size 1 at addr fff00000c7043110 by task kunit_try_catch/261 [ 28.108718] [ 28.108803] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.109331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.109518] Hardware name: linux,dummy-virt (DT) [ 28.110051] Call trace: [ 28.110127] show_stack+0x20/0x38 (C) [ 28.110265] dump_stack_lvl+0x8c/0xd0 [ 28.110411] print_report+0x118/0x608 [ 28.110535] kasan_report+0xdc/0x128 [ 28.110861] __asan_report_load1_noabort+0x20/0x30 [ 28.110996] strcmp+0xc0/0xc8 [ 28.111125] kasan_strings+0x340/0xb00 [ 28.111255] kunit_try_run_case+0x170/0x3f0 [ 28.111410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.111545] kthread+0x328/0x630 [ 28.111685] ret_from_fork+0x10/0x20 [ 28.111820] [ 28.111898] Allocated by task 261: [ 28.111999] kasan_save_stack+0x3c/0x68 [ 28.112137] kasan_save_track+0x20/0x40 [ 28.112401] kasan_save_alloc_info+0x40/0x58 [ 28.112510] __kasan_kmalloc+0xd4/0xd8 [ 28.112786] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.112905] kasan_strings+0xc8/0xb00 [ 28.113106] kunit_try_run_case+0x170/0x3f0 [ 28.113235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.113646] kthread+0x328/0x630 [ 28.113944] ret_from_fork+0x10/0x20 [ 28.114185] [ 28.114360] Freed by task 261: [ 28.114474] kasan_save_stack+0x3c/0x68 [ 28.114590] kasan_save_track+0x20/0x40 [ 28.114914] kasan_save_free_info+0x4c/0x78 [ 28.115203] __kasan_slab_free+0x6c/0x98 [ 28.115402] kfree+0x214/0x3c8 [ 28.115493] kasan_strings+0x24c/0xb00 [ 28.115607] kunit_try_run_case+0x170/0x3f0 [ 28.115727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.115840] kthread+0x328/0x630 [ 28.115928] ret_from_fork+0x10/0x20 [ 28.116063] [ 28.116117] The buggy address belongs to the object at fff00000c7043100 [ 28.116117] which belongs to the cache kmalloc-32 of size 32 [ 28.116260] The buggy address is located 16 bytes inside of [ 28.116260] freed 32-byte region [fff00000c7043100, fff00000c7043120) [ 28.116807] [ 28.117084] The buggy address belongs to the physical page: [ 28.117256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107043 [ 28.117498] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.117740] page_type: f5(slab) [ 28.117887] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.118264] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.118641] page dumped because: kasan: bad access detected [ 28.118877] [ 28.119043] Memory state around the buggy address: [ 28.119141] fff00000c7043000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.119310] fff00000c7043080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.119762] >fff00000c7043100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.120270] ^ [ 28.120556] fff00000c7043180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.120804] fff00000c7043200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 28.120950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.054452] ================================================================== [ 28.054663] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 28.055001] Read of size 1 at addr fff00000c7050f58 by task kunit_try_catch/259 [ 28.055169] [ 28.055300] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.055599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.055915] Hardware name: linux,dummy-virt (DT) [ 28.056007] Call trace: [ 28.056068] show_stack+0x20/0x38 (C) [ 28.056243] dump_stack_lvl+0x8c/0xd0 [ 28.056362] print_report+0x118/0x608 [ 28.056496] kasan_report+0xdc/0x128 [ 28.056619] __asan_report_load1_noabort+0x20/0x30 [ 28.056940] memcmp+0x198/0x1d8 [ 28.057103] kasan_memcmp+0x16c/0x300 [ 28.057245] kunit_try_run_case+0x170/0x3f0 [ 28.057596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.057779] kthread+0x328/0x630 [ 28.057916] ret_from_fork+0x10/0x20 [ 28.058031] [ 28.058106] Allocated by task 259: [ 28.058310] kasan_save_stack+0x3c/0x68 [ 28.058969] kasan_save_track+0x20/0x40 [ 28.059266] kasan_save_alloc_info+0x40/0x58 [ 28.059446] __kasan_kmalloc+0xd4/0xd8 [ 28.059546] __kmalloc_cache_noprof+0x16c/0x3c0 [ 28.059664] kasan_memcmp+0xbc/0x300 [ 28.060036] kunit_try_run_case+0x170/0x3f0 [ 28.060351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.060509] kthread+0x328/0x630 [ 28.060598] ret_from_fork+0x10/0x20 [ 28.060680] [ 28.060743] The buggy address belongs to the object at fff00000c7050f40 [ 28.060743] which belongs to the cache kmalloc-32 of size 32 [ 28.061270] The buggy address is located 0 bytes to the right of [ 28.061270] allocated 24-byte region [fff00000c7050f40, fff00000c7050f58) [ 28.061367] [ 28.061418] The buggy address belongs to the physical page: [ 28.061519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107050 [ 28.061684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.061807] page_type: f5(slab) [ 28.062013] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 28.062167] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 28.062322] page dumped because: kasan: bad access detected [ 28.062826] [ 28.062900] Memory state around the buggy address: [ 28.063091] fff00000c7050e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.063209] fff00000c7050e80: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 28.063326] >fff00000c7050f00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 28.064833] ^ [ 28.065037] fff00000c7050f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065149] fff00000c7051000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.065254] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 28.007882] ================================================================== [ 28.008021] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 28.008157] Read of size 1 at addr ffff800080a57b4a by task kunit_try_catch/255 [ 28.008797] [ 28.008895] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 28.009294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.009368] Hardware name: linux,dummy-virt (DT) [ 28.009727] Call trace: [ 28.010034] show_stack+0x20/0x38 (C) [ 28.010173] dump_stack_lvl+0x8c/0xd0 [ 28.010296] print_report+0x310/0x608 [ 28.010430] kasan_report+0xdc/0x128 [ 28.010600] __asan_report_load1_noabort+0x20/0x30 [ 28.010744] kasan_alloca_oob_right+0x2dc/0x340 [ 28.011235] kunit_try_run_case+0x170/0x3f0 [ 28.011543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.011743] kthread+0x328/0x630 [ 28.011882] ret_from_fork+0x10/0x20 [ 28.012011] [ 28.012410] The buggy address belongs to stack of task kunit_try_catch/255 [ 28.012696] [ 28.012831] The buggy address belongs to the virtual mapping at [ 28.012831] [ffff800080a50000, ffff800080a59000) created by: [ 28.012831] kernel_clone+0x150/0x7a8 [ 28.013237] [ 28.013291] The buggy address belongs to the physical page: [ 28.013369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107057 [ 28.013516] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.013669] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.013788] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.013884] page dumped because: kasan: bad access detected [ 28.014017] [ 28.014177] Memory state around the buggy address: [ 28.014360] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.014994] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.015099] >ffff800080a57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 28.015208] ^ [ 28.015290] ffff800080a57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 28.015945] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 28.016919] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 27.961128] ================================================================== [ 27.961327] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 27.964712] Read of size 1 at addr ffff800080a57b5f by task kunit_try_catch/253 [ 27.965839] [ 27.966666] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.967320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.967681] Hardware name: linux,dummy-virt (DT) [ 27.967793] Call trace: [ 27.967862] show_stack+0x20/0x38 (C) [ 27.968001] dump_stack_lvl+0x8c/0xd0 [ 27.968284] print_report+0x310/0x608 [ 27.968625] kasan_report+0xdc/0x128 [ 27.969232] __asan_report_load1_noabort+0x20/0x30 [ 27.969606] kasan_alloca_oob_left+0x2b8/0x310 [ 27.969741] kunit_try_run_case+0x170/0x3f0 [ 27.969868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.970000] kthread+0x328/0x630 [ 27.970117] ret_from_fork+0x10/0x20 [ 27.971524] [ 27.971632] The buggy address belongs to stack of task kunit_try_catch/253 [ 27.971808] [ 27.971878] The buggy address belongs to the virtual mapping at [ 27.971878] [ffff800080a50000, ffff800080a59000) created by: [ 27.971878] kernel_clone+0x150/0x7a8 [ 27.972321] [ 27.972469] The buggy address belongs to the physical page: [ 27.972544] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107057 [ 27.972679] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.973279] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.973448] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.973954] page dumped because: kasan: bad access detected [ 27.974053] [ 27.974336] Memory state around the buggy address: [ 27.974701] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.974861] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.975140] >ffff800080a57b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 27.975620] ^ [ 27.975723] ffff800080a57b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 27.975834] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 27.976898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 27.924908] ================================================================== [ 27.925888] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 27.926347] Read of size 1 at addr ffff800080a57c2a by task kunit_try_catch/251 [ 27.926831] [ 27.926980] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.927177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.927674] Hardware name: linux,dummy-virt (DT) [ 27.927765] Call trace: [ 27.927836] show_stack+0x20/0x38 (C) [ 27.927970] dump_stack_lvl+0x8c/0xd0 [ 27.928115] print_report+0x310/0x608 [ 27.928308] kasan_report+0xdc/0x128 [ 27.928498] __asan_report_load1_noabort+0x20/0x30 [ 27.928629] kasan_stack_oob+0x238/0x270 [ 27.928746] kunit_try_run_case+0x170/0x3f0 [ 27.928869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.928996] kthread+0x328/0x630 [ 27.929106] ret_from_fork+0x10/0x20 [ 27.929290] [ 27.929507] The buggy address belongs to stack of task kunit_try_catch/251 [ 27.929756] and is located at offset 138 in frame: [ 27.930326] kasan_stack_oob+0x0/0x270 [ 27.930708] [ 27.930823] This frame has 4 objects: [ 27.931373] [48, 49) '__assertion' [ 27.931525] [64, 72) 'array' [ 27.931623] [96, 112) '__assertion' [ 27.931925] [128, 138) 'stack_array' [ 27.932098] [ 27.932210] The buggy address belongs to the virtual mapping at [ 27.932210] [ffff800080a50000, ffff800080a59000) created by: [ 27.932210] kernel_clone+0x150/0x7a8 [ 27.932405] [ 27.932521] The buggy address belongs to the physical page: [ 27.932748] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107057 [ 27.933159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.933595] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.933737] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.934309] page dumped because: kasan: bad access detected [ 27.934793] [ 27.934845] Memory state around the buggy address: [ 27.935052] ffff800080a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.935208] ffff800080a57b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 27.935317] >ffff800080a57c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 27.935428] ^ [ 27.935612] ffff800080a57c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 27.935723] ffff800080a57d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 27.935973] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 27.861659] ================================================================== [ 27.862203] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 27.862410] Read of size 1 at addr ffffa42c39e035ad by task kunit_try_catch/247 [ 27.862553] [ 27.862965] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.863379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.863486] Hardware name: linux,dummy-virt (DT) [ 27.863718] Call trace: [ 27.863781] show_stack+0x20/0x38 (C) [ 27.864156] dump_stack_lvl+0x8c/0xd0 [ 27.864411] print_report+0x310/0x608 [ 27.864693] kasan_report+0xdc/0x128 [ 27.864945] __asan_report_load1_noabort+0x20/0x30 [ 27.865091] kasan_global_oob_right+0x230/0x270 [ 27.866007] kunit_try_run_case+0x170/0x3f0 [ 27.866741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.867094] kthread+0x328/0x630 [ 27.867213] ret_from_fork+0x10/0x20 [ 27.868743] [ 27.869211] The buggy address belongs to the variable: [ 27.869904] global_array+0xd/0x40 [ 27.870159] [ 27.870816] The buggy address belongs to the virtual mapping at [ 27.870816] [ffffa42c38020000, ffffa42c39ec1000) created by: [ 27.870816] paging_init+0x66c/0x7d0 [ 27.871053] [ 27.871369] The buggy address belongs to the physical page: [ 27.871727] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c03 [ 27.871863] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 27.872033] raw: 03fffe0000002000 ffffc1ffc01f00c8 ffffc1ffc01f00c8 0000000000000000 [ 27.872411] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.873051] page dumped because: kasan: bad access detected [ 27.873335] [ 27.873453] Memory state around the buggy address: [ 27.873626] ffffa42c39e03480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.873804] ffffa42c39e03500: 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 [ 27.874123] >ffffa42c39e03580: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 27.874272] ^ [ 27.874350] ffffa42c39e03600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 27.875036] ffffa42c39e03680: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.875150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 27.803096] ================================================================== [ 27.803266] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.803512] Free of addr fff00000c7065301 by task kunit_try_catch/243 [ 27.803622] [ 27.803733] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.803964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.804034] Hardware name: linux,dummy-virt (DT) [ 27.804115] Call trace: [ 27.804177] show_stack+0x20/0x38 (C) [ 27.804341] dump_stack_lvl+0x8c/0xd0 [ 27.804707] print_report+0x118/0x608 [ 27.804944] kasan_report_invalid_free+0xc0/0xe8 [ 27.805213] check_slab_allocation+0xfc/0x108 [ 27.805339] __kasan_mempool_poison_object+0x78/0x150 [ 27.805486] mempool_free+0x28c/0x328 [ 27.805596] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.805731] mempool_kmalloc_invalid_free+0xc0/0x118 [ 27.805851] kunit_try_run_case+0x170/0x3f0 [ 27.805970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.806105] kthread+0x328/0x630 [ 27.806226] ret_from_fork+0x10/0x20 [ 27.806482] [ 27.806534] Allocated by task 243: [ 27.806620] kasan_save_stack+0x3c/0x68 [ 27.806727] kasan_save_track+0x20/0x40 [ 27.806876] kasan_save_alloc_info+0x40/0x58 [ 27.807013] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.807132] remove_element+0x130/0x1f8 [ 27.807240] mempool_alloc_preallocated+0x58/0xc0 [ 27.807410] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 27.807540] mempool_kmalloc_invalid_free+0xc0/0x118 [ 27.808175] kunit_try_run_case+0x170/0x3f0 [ 27.808772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.809139] kthread+0x328/0x630 [ 27.809710] ret_from_fork+0x10/0x20 [ 27.809874] [ 27.809956] The buggy address belongs to the object at fff00000c7065300 [ 27.809956] which belongs to the cache kmalloc-128 of size 128 [ 27.810141] The buggy address is located 1 bytes inside of [ 27.810141] 128-byte region [fff00000c7065300, fff00000c7065380) [ 27.810479] [ 27.810535] The buggy address belongs to the physical page: [ 27.810614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107065 [ 27.810760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.810943] page_type: f5(slab) [ 27.811052] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.811244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.811361] page dumped because: kasan: bad access detected [ 27.811457] [ 27.812300] Memory state around the buggy address: [ 27.812550] fff00000c7065200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.812683] fff00000c7065280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.813698] >fff00000c7065300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.813846] ^ [ 27.813915] fff00000c7065380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.814019] fff00000c7065400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.815680] ================================================================== [ 27.833782] ================================================================== [ 27.833929] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.834060] Free of addr fff00000c77f0001 by task kunit_try_catch/245 [ 27.834157] [ 27.834234] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.834461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.834710] Hardware name: linux,dummy-virt (DT) [ 27.834969] Call trace: [ 27.835382] show_stack+0x20/0x38 (C) [ 27.835535] dump_stack_lvl+0x8c/0xd0 [ 27.835661] print_report+0x118/0x608 [ 27.836794] kasan_report_invalid_free+0xc0/0xe8 [ 27.836939] __kasan_mempool_poison_object+0xfc/0x150 [ 27.837089] mempool_free+0x28c/0x328 [ 27.837368] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 27.837585] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 27.837726] kunit_try_run_case+0x170/0x3f0 [ 27.837854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.838045] kthread+0x328/0x630 [ 27.838404] ret_from_fork+0x10/0x20 [ 27.838537] [ 27.838660] The buggy address belongs to the physical page: [ 27.838743] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f0 [ 27.838914] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.839050] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.839197] page_type: f8(unknown) [ 27.839310] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.839495] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.839663] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.839804] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.839970] head: 0bfffe0000000002 ffffc1ffc31dfc01 00000000ffffffff 00000000ffffffff [ 27.840127] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.840244] page dumped because: kasan: bad access detected [ 27.840373] [ 27.840444] Memory state around the buggy address: [ 27.840533] fff00000c77eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.840642] fff00000c77eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.840815] >fff00000c77f0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.841096] ^ [ 27.841322] fff00000c77f0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.841462] fff00000c77f0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.841589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 27.763473] ================================================================== [ 27.763600] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.763732] Free of addr fff00000c77f0000 by task kunit_try_catch/241 [ 27.763825] [ 27.763911] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.764103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.764171] Hardware name: linux,dummy-virt (DT) [ 27.764252] Call trace: [ 27.764306] show_stack+0x20/0x38 (C) [ 27.764453] dump_stack_lvl+0x8c/0xd0 [ 27.764612] print_report+0x118/0x608 [ 27.764813] kasan_report_invalid_free+0xc0/0xe8 [ 27.764985] __kasan_mempool_poison_pages+0xe0/0xe8 [ 27.765237] mempool_free+0x24c/0x328 [ 27.765381] mempool_double_free_helper+0x150/0x2e8 [ 27.765557] mempool_page_alloc_double_free+0xbc/0x118 [ 27.765761] kunit_try_run_case+0x170/0x3f0 [ 27.765936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.766155] kthread+0x328/0x630 [ 27.766291] ret_from_fork+0x10/0x20 [ 27.766684] [ 27.766802] The buggy address belongs to the physical page: [ 27.766942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077f0 [ 27.767078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.767341] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.767498] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.767681] page dumped because: kasan: bad access detected [ 27.767897] [ 27.767984] Memory state around the buggy address: [ 27.768065] fff00000c77eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.768223] fff00000c77eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.768850] >fff00000c77f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.768963] ^ [ 27.769221] fff00000c77f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.769337] fff00000c77f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.769495] ================================================================== [ 27.700427] ================================================================== [ 27.700599] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.700743] Free of addr fff00000c76cff00 by task kunit_try_catch/237 [ 27.700974] [ 27.701075] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.701417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.702035] Hardware name: linux,dummy-virt (DT) [ 27.702137] Call trace: [ 27.702191] show_stack+0x20/0x38 (C) [ 27.702321] dump_stack_lvl+0x8c/0xd0 [ 27.702463] print_report+0x118/0x608 [ 27.702574] kasan_report_invalid_free+0xc0/0xe8 [ 27.702698] check_slab_allocation+0xd4/0x108 [ 27.702815] __kasan_mempool_poison_object+0x78/0x150 [ 27.702933] mempool_free+0x28c/0x328 [ 27.703064] mempool_double_free_helper+0x150/0x2e8 [ 27.703240] mempool_kmalloc_double_free+0xc0/0x118 [ 27.703472] kunit_try_run_case+0x170/0x3f0 [ 27.703608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.703762] kthread+0x328/0x630 [ 27.703897] ret_from_fork+0x10/0x20 [ 27.704037] [ 27.704089] Allocated by task 237: [ 27.704171] kasan_save_stack+0x3c/0x68 [ 27.705219] kasan_save_track+0x20/0x40 [ 27.705836] kasan_save_alloc_info+0x40/0x58 [ 27.705950] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.706075] remove_element+0x130/0x1f8 [ 27.706184] mempool_alloc_preallocated+0x58/0xc0 [ 27.706406] mempool_double_free_helper+0x94/0x2e8 [ 27.706878] mempool_kmalloc_double_free+0xc0/0x118 [ 27.707015] kunit_try_run_case+0x170/0x3f0 [ 27.707189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.707367] kthread+0x328/0x630 [ 27.707477] ret_from_fork+0x10/0x20 [ 27.707568] [ 27.707846] Freed by task 237: [ 27.707948] kasan_save_stack+0x3c/0x68 [ 27.708095] kasan_save_track+0x20/0x40 [ 27.708339] kasan_save_free_info+0x4c/0x78 [ 27.708702] __kasan_mempool_poison_object+0xc0/0x150 [ 27.709110] mempool_free+0x28c/0x328 [ 27.710086] mempool_double_free_helper+0x100/0x2e8 [ 27.710194] mempool_kmalloc_double_free+0xc0/0x118 [ 27.710333] kunit_try_run_case+0x170/0x3f0 [ 27.710777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.711112] kthread+0x328/0x630 [ 27.712013] ret_from_fork+0x10/0x20 [ 27.712141] [ 27.712312] The buggy address belongs to the object at fff00000c76cff00 [ 27.712312] which belongs to the cache kmalloc-128 of size 128 [ 27.712574] The buggy address is located 0 bytes inside of [ 27.712574] 128-byte region [fff00000c76cff00, fff00000c76cff80) [ 27.712783] [ 27.713428] The buggy address belongs to the physical page: [ 27.713651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 27.713783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.713904] page_type: f5(slab) [ 27.714003] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.714125] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 27.715628] page dumped because: kasan: bad access detected [ 27.715713] [ 27.716715] Memory state around the buggy address: [ 27.717103] fff00000c76cfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.717225] fff00000c76cfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.717334] >fff00000c76cff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.718826] ^ [ 27.719211] fff00000c76cff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.719383] fff00000c76d0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.719560] ================================================================== [ 27.733645] ================================================================== [ 27.733792] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 27.733977] Free of addr fff00000c77ec000 by task kunit_try_catch/239 [ 27.734077] [ 27.734167] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.734682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.734882] Hardware name: linux,dummy-virt (DT) [ 27.734969] Call trace: [ 27.735022] show_stack+0x20/0x38 (C) [ 27.735145] dump_stack_lvl+0x8c/0xd0 [ 27.735259] print_report+0x118/0x608 [ 27.735959] kasan_report_invalid_free+0xc0/0xe8 [ 27.737196] __kasan_mempool_poison_object+0x14c/0x150 [ 27.737335] mempool_free+0x28c/0x328 [ 27.737479] mempool_double_free_helper+0x150/0x2e8 [ 27.738960] mempool_kmalloc_large_double_free+0xc0/0x118 [ 27.739141] kunit_try_run_case+0x170/0x3f0 [ 27.739914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.740696] kthread+0x328/0x630 [ 27.741190] ret_from_fork+0x10/0x20 [ 27.741358] [ 27.741490] The buggy address belongs to the physical page: [ 27.741566] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 27.741695] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.741877] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.742247] page_type: f8(unknown) [ 27.742578] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.742723] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.742863] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.742994] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.743923] head: 0bfffe0000000002 ffffc1ffc31dfb01 00000000ffffffff 00000000ffffffff [ 27.744162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.744258] page dumped because: kasan: bad access detected [ 27.744338] [ 27.744403] Memory state around the buggy address: [ 27.744639] fff00000c77ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.744748] fff00000c77ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.744896] >fff00000c77ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.745168] ^ [ 27.745380] fff00000c77ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.745573] fff00000c77ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.746077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 27.647992] ================================================================== [ 27.648226] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 27.648407] Read of size 1 at addr fff00000c77ec000 by task kunit_try_catch/235 [ 27.648537] [ 27.648672] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.648868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.648988] Hardware name: linux,dummy-virt (DT) [ 27.649136] Call trace: [ 27.649310] show_stack+0x20/0x38 (C) [ 27.649529] dump_stack_lvl+0x8c/0xd0 [ 27.649677] print_report+0x118/0x608 [ 27.649796] kasan_report+0xdc/0x128 [ 27.649918] __asan_report_load1_noabort+0x20/0x30 [ 27.650815] mempool_uaf_helper+0x314/0x340 [ 27.651059] mempool_page_alloc_uaf+0xc0/0x118 [ 27.651468] kunit_try_run_case+0x170/0x3f0 [ 27.651923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.652082] kthread+0x328/0x630 [ 27.652383] ret_from_fork+0x10/0x20 [ 27.652958] [ 27.653092] The buggy address belongs to the physical page: [ 27.653184] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 27.654015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.654850] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 27.655615] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.655727] page dumped because: kasan: bad access detected [ 27.655897] [ 27.655996] Memory state around the buggy address: [ 27.656199] fff00000c77ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.656354] fff00000c77ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.656751] >fff00000c77ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.656868] ^ [ 27.657092] fff00000c77ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.657234] fff00000c77ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.657346] ================================================================== [ 27.536535] ================================================================== [ 27.536764] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 27.536890] Read of size 1 at addr fff00000c77ec000 by task kunit_try_catch/231 [ 27.537006] [ 27.537079] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.537282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.537347] Hardware name: linux,dummy-virt (DT) [ 27.537440] Call trace: [ 27.537496] show_stack+0x20/0x38 (C) [ 27.537617] dump_stack_lvl+0x8c/0xd0 [ 27.537732] print_report+0x118/0x608 [ 27.537838] kasan_report+0xdc/0x128 [ 27.537945] __asan_report_load1_noabort+0x20/0x30 [ 27.538063] mempool_uaf_helper+0x314/0x340 [ 27.538202] mempool_kmalloc_large_uaf+0xc4/0x120 [ 27.538443] kunit_try_run_case+0x170/0x3f0 [ 27.538733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.539129] kthread+0x328/0x630 [ 27.539407] ret_from_fork+0x10/0x20 [ 27.539598] [ 27.539740] The buggy address belongs to the physical page: [ 27.539911] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec [ 27.540039] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.540191] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.540345] page_type: f8(unknown) [ 27.540469] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.540598] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.540999] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.541209] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.541583] head: 0bfffe0000000002 ffffc1ffc31dfb01 00000000ffffffff 00000000ffffffff [ 27.541774] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.541967] page dumped because: kasan: bad access detected [ 27.542098] [ 27.542144] Memory state around the buggy address: [ 27.542270] fff00000c77ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.542497] fff00000c77ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.542715] >fff00000c77ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.543068] ^ [ 27.543224] fff00000c77ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.543419] fff00000c77ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.543578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 27.504575] ================================================================== [ 27.505005] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 27.505159] Read of size 1 at addr fff00000c76cfb00 by task kunit_try_catch/229 [ 27.505291] [ 27.505381] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.505596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.505680] Hardware name: linux,dummy-virt (DT) [ 27.505778] Call trace: [ 27.506141] show_stack+0x20/0x38 (C) [ 27.506507] dump_stack_lvl+0x8c/0xd0 [ 27.506747] print_report+0x118/0x608 [ 27.506913] kasan_report+0xdc/0x128 [ 27.507090] __asan_report_load1_noabort+0x20/0x30 [ 27.507379] mempool_uaf_helper+0x314/0x340 [ 27.507520] mempool_kmalloc_uaf+0xc4/0x120 [ 27.507672] kunit_try_run_case+0x170/0x3f0 [ 27.507861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.508418] kthread+0x328/0x630 [ 27.509108] ret_from_fork+0x10/0x20 [ 27.509310] [ 27.509356] Allocated by task 229: [ 27.510265] kasan_save_stack+0x3c/0x68 [ 27.510373] kasan_save_track+0x20/0x40 [ 27.510933] kasan_save_alloc_info+0x40/0x58 [ 27.511048] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.511207] remove_element+0x130/0x1f8 [ 27.511308] mempool_alloc_preallocated+0x58/0xc0 [ 27.511474] mempool_uaf_helper+0xa4/0x340 [ 27.511571] mempool_kmalloc_uaf+0xc4/0x120 [ 27.511677] kunit_try_run_case+0x170/0x3f0 [ 27.511829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.511988] kthread+0x328/0x630 [ 27.512094] ret_from_fork+0x10/0x20 [ 27.512197] [ 27.512244] Freed by task 229: [ 27.512309] kasan_save_stack+0x3c/0x68 [ 27.512417] kasan_save_track+0x20/0x40 [ 27.512535] kasan_save_free_info+0x4c/0x78 [ 27.512780] __kasan_mempool_poison_object+0xc0/0x150 [ 27.513075] mempool_free+0x28c/0x328 [ 27.513208] mempool_uaf_helper+0x104/0x340 [ 27.513365] mempool_kmalloc_uaf+0xc4/0x120 [ 27.513535] kunit_try_run_case+0x170/0x3f0 [ 27.513691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.513804] kthread+0x328/0x630 [ 27.513898] ret_from_fork+0x10/0x20 [ 27.513997] [ 27.514125] The buggy address belongs to the object at fff00000c76cfb00 [ 27.514125] which belongs to the cache kmalloc-128 of size 128 [ 27.514447] The buggy address is located 0 bytes inside of [ 27.514447] freed 128-byte region [fff00000c76cfb00, fff00000c76cfb80) [ 27.514662] [ 27.514723] The buggy address belongs to the physical page: [ 27.514811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 27.515084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.515548] page_type: f5(slab) [ 27.515925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.516122] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.516438] page dumped because: kasan: bad access detected [ 27.516821] [ 27.517011] Memory state around the buggy address: [ 27.517287] fff00000c76cfa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.517425] fff00000c76cfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.518127] >fff00000c76cfb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.518243] ^ [ 27.518320] fff00000c76cfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.518455] fff00000c76cfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.518993] ================================================================== [ 27.576572] ================================================================== [ 27.576730] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 27.576861] Read of size 1 at addr fff00000c7068240 by task kunit_try_catch/233 [ 27.576976] [ 27.577055] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.577272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.577337] Hardware name: linux,dummy-virt (DT) [ 27.577428] Call trace: [ 27.577487] show_stack+0x20/0x38 (C) [ 27.577604] dump_stack_lvl+0x8c/0xd0 [ 27.577734] print_report+0x118/0x608 [ 27.578067] kasan_report+0xdc/0x128 [ 27.578341] __asan_report_load1_noabort+0x20/0x30 [ 27.578497] mempool_uaf_helper+0x314/0x340 [ 27.578677] mempool_slab_uaf+0xc0/0x118 [ 27.578867] kunit_try_run_case+0x170/0x3f0 [ 27.579063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.579224] kthread+0x328/0x630 [ 27.579359] ret_from_fork+0x10/0x20 [ 27.579514] [ 27.579566] Allocated by task 233: [ 27.579640] kasan_save_stack+0x3c/0x68 [ 27.579855] kasan_save_track+0x20/0x40 [ 27.580035] kasan_save_alloc_info+0x40/0x58 [ 27.580160] __kasan_mempool_unpoison_object+0xbc/0x180 [ 27.580493] remove_element+0x16c/0x1f8 [ 27.580637] mempool_alloc_preallocated+0x58/0xc0 [ 27.580821] mempool_uaf_helper+0xa4/0x340 [ 27.580940] mempool_slab_uaf+0xc0/0x118 [ 27.581089] kunit_try_run_case+0x170/0x3f0 [ 27.581222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.581341] kthread+0x328/0x630 [ 27.581494] ret_from_fork+0x10/0x20 [ 27.581612] [ 27.581714] Freed by task 233: [ 27.581835] kasan_save_stack+0x3c/0x68 [ 27.582019] kasan_save_track+0x20/0x40 [ 27.582194] kasan_save_free_info+0x4c/0x78 [ 27.582335] __kasan_mempool_poison_object+0xc0/0x150 [ 27.582464] mempool_free+0x28c/0x328 [ 27.582559] mempool_uaf_helper+0x104/0x340 [ 27.582683] mempool_slab_uaf+0xc0/0x118 [ 27.582790] kunit_try_run_case+0x170/0x3f0 [ 27.582902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.583017] kthread+0x328/0x630 [ 27.583119] ret_from_fork+0x10/0x20 [ 27.583347] [ 27.583422] The buggy address belongs to the object at fff00000c7068240 [ 27.583422] which belongs to the cache test_cache of size 123 [ 27.583932] The buggy address is located 0 bytes inside of [ 27.583932] freed 123-byte region [fff00000c7068240, fff00000c70682bb) [ 27.584085] [ 27.584137] The buggy address belongs to the physical page: [ 27.584233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107068 [ 27.584432] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.584599] page_type: f5(slab) [ 27.584703] raw: 0bfffe0000000000 fff00000c64b83c0 dead000000000122 0000000000000000 [ 27.584869] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 27.585186] page dumped because: kasan: bad access detected [ 27.585447] [ 27.585592] Memory state around the buggy address: [ 27.585726] fff00000c7068100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.585843] fff00000c7068180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.586016] >fff00000c7068200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 27.586116] ^ [ 27.586246] fff00000c7068280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.586360] fff00000c7068300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.586751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 27.459032] ================================================================== [ 27.459253] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 27.459427] Read of size 1 at addr fff00000c706c2bb by task kunit_try_catch/227 [ 27.459700] [ 27.459936] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.460487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.460670] Hardware name: linux,dummy-virt (DT) [ 27.460832] Call trace: [ 27.460888] show_stack+0x20/0x38 (C) [ 27.461106] dump_stack_lvl+0x8c/0xd0 [ 27.461236] print_report+0x118/0x608 [ 27.461351] kasan_report+0xdc/0x128 [ 27.461481] __asan_report_load1_noabort+0x20/0x30 [ 27.461819] mempool_oob_right_helper+0x2ac/0x2f0 [ 27.462103] mempool_slab_oob_right+0xc0/0x118 [ 27.462372] kunit_try_run_case+0x170/0x3f0 [ 27.462638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.462875] kthread+0x328/0x630 [ 27.463095] ret_from_fork+0x10/0x20 [ 27.463321] [ 27.463375] Allocated by task 227: [ 27.463465] kasan_save_stack+0x3c/0x68 [ 27.463555] kasan_save_track+0x20/0x40 [ 27.463648] kasan_save_alloc_info+0x40/0x58 [ 27.463802] __kasan_mempool_unpoison_object+0xbc/0x180 [ 27.463912] remove_element+0x16c/0x1f8 [ 27.464000] mempool_alloc_preallocated+0x58/0xc0 [ 27.464130] mempool_oob_right_helper+0x98/0x2f0 [ 27.464239] mempool_slab_oob_right+0xc0/0x118 [ 27.464330] kunit_try_run_case+0x170/0x3f0 [ 27.464446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.464567] kthread+0x328/0x630 [ 27.464662] ret_from_fork+0x10/0x20 [ 27.464917] [ 27.464977] The buggy address belongs to the object at fff00000c706c240 [ 27.464977] which belongs to the cache test_cache of size 123 [ 27.465115] The buggy address is located 0 bytes to the right of [ 27.465115] allocated 123-byte region [fff00000c706c240, fff00000c706c2bb) [ 27.465320] [ 27.465508] The buggy address belongs to the physical page: [ 27.465618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10706c [ 27.465769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.466074] page_type: f5(slab) [ 27.466277] raw: 0bfffe0000000000 fff00000c64b8280 dead000000000122 0000000000000000 [ 27.466416] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 27.466582] page dumped because: kasan: bad access detected [ 27.466668] [ 27.466719] Memory state around the buggy address: [ 27.466987] fff00000c706c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.467100] fff00000c706c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 27.467217] >fff00000c706c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 27.467313] ^ [ 27.467551] fff00000c706c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.467678] fff00000c706c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.467773] ================================================================== [ 27.407248] ================================================================== [ 27.407343] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 27.407460] Read of size 1 at addr fff00000c76cf773 by task kunit_try_catch/223 [ 27.407524] [ 27.407571] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.407671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.407704] Hardware name: linux,dummy-virt (DT) [ 27.407744] Call trace: [ 27.407773] show_stack+0x20/0x38 (C) [ 27.407835] dump_stack_lvl+0x8c/0xd0 [ 27.407893] print_report+0x118/0x608 [ 27.407949] kasan_report+0xdc/0x128 [ 27.408003] __asan_report_load1_noabort+0x20/0x30 [ 27.408064] mempool_oob_right_helper+0x2ac/0x2f0 [ 27.408124] mempool_kmalloc_oob_right+0xc4/0x120 [ 27.408187] kunit_try_run_case+0x170/0x3f0 [ 27.408251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.408317] kthread+0x328/0x630 [ 27.408372] ret_from_fork+0x10/0x20 [ 27.408452] [ 27.408476] Allocated by task 223: [ 27.408509] kasan_save_stack+0x3c/0x68 [ 27.408559] kasan_save_track+0x20/0x40 [ 27.408602] kasan_save_alloc_info+0x40/0x58 [ 27.408651] __kasan_mempool_unpoison_object+0x11c/0x180 [ 27.408699] remove_element+0x130/0x1f8 [ 27.408750] mempool_alloc_preallocated+0x58/0xc0 [ 27.408800] mempool_oob_right_helper+0x98/0x2f0 [ 27.408851] mempool_kmalloc_oob_right+0xc4/0x120 [ 27.408902] kunit_try_run_case+0x170/0x3f0 [ 27.408950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.409002] kthread+0x328/0x630 [ 27.409047] ret_from_fork+0x10/0x20 [ 27.409089] [ 27.409112] The buggy address belongs to the object at fff00000c76cf700 [ 27.409112] which belongs to the cache kmalloc-128 of size 128 [ 27.409203] The buggy address is located 0 bytes to the right of [ 27.409203] allocated 115-byte region [fff00000c76cf700, fff00000c76cf773) [ 27.409280] [ 27.409304] The buggy address belongs to the physical page: [ 27.409343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 27.409422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.409489] page_type: f5(slab) [ 27.409539] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 27.409601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.409650] page dumped because: kasan: bad access detected [ 27.409689] [ 27.409710] Memory state around the buggy address: [ 27.409750] fff00000c76cf600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.409801] fff00000c76cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.409853] >fff00000c76cf700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.409898] ^ [ 27.409946] fff00000c76cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.409996] fff00000c76cf800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 27.410043] ================================================================== [ 27.424158] ================================================================== [ 27.424288] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 27.424447] Read of size 1 at addr fff00000c77e6001 by task kunit_try_catch/225 [ 27.424559] [ 27.424645] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 27.424838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.424905] Hardware name: linux,dummy-virt (DT) [ 27.424984] Call trace: [ 27.425035] show_stack+0x20/0x38 (C) [ 27.425168] dump_stack_lvl+0x8c/0xd0 [ 27.425320] print_report+0x118/0x608 [ 27.426485] kasan_report+0xdc/0x128 [ 27.426631] __asan_report_load1_noabort+0x20/0x30 [ 27.427382] mempool_oob_right_helper+0x2ac/0x2f0 [ 27.427541] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 27.427865] kunit_try_run_case+0x170/0x3f0 [ 27.428030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.428193] kthread+0x328/0x630 [ 27.428501] ret_from_fork+0x10/0x20 [ 27.428660] [ 27.428710] The buggy address belongs to the physical page: [ 27.428794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e4 [ 27.429132] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.429261] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 27.429410] page_type: f8(unknown) [ 27.429527] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.429663] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.429817] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.429952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 27.430678] head: 0bfffe0000000002 ffffc1ffc31df901 00000000ffffffff 00000000ffffffff [ 27.430831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 27.431192] page dumped because: kasan: bad access detected [ 27.431800] [ 27.431856] Memory state around the buggy address: [ 27.432024] fff00000c77e5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.432134] fff00000c77e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.432236] >fff00000c77e6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.432409] ^ [ 27.432497] fff00000c77e6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.432753] fff00000c77e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 27.432876] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 26.803963] ================================================================== [ 26.804124] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 26.804277] Read of size 1 at addr fff00000c64b8000 by task kunit_try_catch/217 [ 26.804444] [ 26.804555] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 26.804766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.804942] Hardware name: linux,dummy-virt (DT) [ 26.805140] Call trace: [ 26.805214] show_stack+0x20/0x38 (C) [ 26.805512] dump_stack_lvl+0x8c/0xd0 [ 26.806164] print_report+0x118/0x608 [ 26.806303] kasan_report+0xdc/0x128 [ 26.806451] __kasan_check_byte+0x54/0x70 [ 26.807016] kmem_cache_destroy+0x34/0x218 [ 26.807171] kmem_cache_double_destroy+0x174/0x300 [ 26.807572] kunit_try_run_case+0x170/0x3f0 [ 26.807823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.808062] kthread+0x328/0x630 [ 26.808206] ret_from_fork+0x10/0x20 [ 26.808330] [ 26.808425] Allocated by task 217: [ 26.808535] kasan_save_stack+0x3c/0x68 [ 26.808712] kasan_save_track+0x20/0x40 [ 26.808837] kasan_save_alloc_info+0x40/0x58 [ 26.808933] __kasan_slab_alloc+0xa8/0xb0 [ 26.809052] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.809160] __kmem_cache_create_args+0x178/0x280 [ 26.809356] kmem_cache_double_destroy+0xc0/0x300 [ 26.809496] kunit_try_run_case+0x170/0x3f0 [ 26.810061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.810810] kthread+0x328/0x630 [ 26.810985] ret_from_fork+0x10/0x20 [ 26.811218] [ 26.811480] Freed by task 217: [ 26.811554] kasan_save_stack+0x3c/0x68 [ 26.811669] kasan_save_track+0x20/0x40 [ 26.811764] kasan_save_free_info+0x4c/0x78 [ 26.811864] __kasan_slab_free+0x6c/0x98 [ 26.812436] kmem_cache_free+0x260/0x468 [ 26.812568] slab_kmem_cache_release+0x38/0x50 [ 26.812969] kmem_cache_release+0x1c/0x30 [ 26.813237] kobject_put+0x17c/0x420 [ 26.813758] sysfs_slab_release+0x1c/0x30 [ 26.813856] kmem_cache_destroy+0x118/0x218 [ 26.814440] kmem_cache_double_destroy+0x128/0x300 [ 26.814630] kunit_try_run_case+0x170/0x3f0 [ 26.814751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.815107] kthread+0x328/0x630 [ 26.815302] ret_from_fork+0x10/0x20 [ 26.815572] [ 26.815638] The buggy address belongs to the object at fff00000c64b8000 [ 26.815638] which belongs to the cache kmem_cache of size 208 [ 26.815775] The buggy address is located 0 bytes inside of [ 26.815775] freed 208-byte region [fff00000c64b8000, fff00000c64b80d0) [ 26.816444] [ 26.816667] The buggy address belongs to the physical page: [ 26.817083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b8 [ 26.817429] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.817637] page_type: f5(slab) [ 26.817762] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 26.818134] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 26.818312] page dumped because: kasan: bad access detected [ 26.818406] [ 26.818458] Memory state around the buggy address: [ 26.818535] fff00000c64b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.818643] fff00000c64b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.818803] >fff00000c64b8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.818901] ^ [ 26.819052] fff00000c64b8080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 26.819344] fff00000c64b8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.819457] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 26.393543] ================================================================== [ 26.393726] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 26.393885] Read of size 1 at addr fff00000c64ba000 by task kunit_try_catch/215 [ 26.394004] [ 26.394089] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 26.394284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.394347] Hardware name: linux,dummy-virt (DT) [ 26.394920] Call trace: [ 26.395354] show_stack+0x20/0x38 (C) [ 26.395607] dump_stack_lvl+0x8c/0xd0 [ 26.395940] print_report+0x118/0x608 [ 26.396081] kasan_report+0xdc/0x128 [ 26.396219] __asan_report_load1_noabort+0x20/0x30 [ 26.396606] kmem_cache_rcu_uaf+0x388/0x468 [ 26.396856] kunit_try_run_case+0x170/0x3f0 [ 26.397008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.397414] kthread+0x328/0x630 [ 26.397578] ret_from_fork+0x10/0x20 [ 26.398007] [ 26.398073] Allocated by task 215: [ 26.398573] kasan_save_stack+0x3c/0x68 [ 26.398755] kasan_save_track+0x20/0x40 [ 26.398918] kasan_save_alloc_info+0x40/0x58 [ 26.399133] __kasan_slab_alloc+0xa8/0xb0 [ 26.399235] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.399768] kmem_cache_rcu_uaf+0x12c/0x468 [ 26.399953] kunit_try_run_case+0x170/0x3f0 [ 26.400107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.400237] kthread+0x328/0x630 [ 26.400455] ret_from_fork+0x10/0x20 [ 26.400757] [ 26.401087] Freed by task 0: [ 26.401267] kasan_save_stack+0x3c/0x68 [ 26.401637] kasan_save_track+0x20/0x40 [ 26.401739] kasan_save_free_info+0x4c/0x78 [ 26.401833] __kasan_slab_free+0x6c/0x98 [ 26.401922] slab_free_after_rcu_debug+0xd4/0x2f8 [ 26.402014] rcu_core+0x9f4/0x1e20 [ 26.402103] rcu_core_si+0x18/0x30 [ 26.402184] handle_softirqs+0x374/0xb28 [ 26.402278] __do_softirq+0x1c/0x28 [ 26.402365] [ 26.403077] Last potentially related work creation: [ 26.403151] kasan_save_stack+0x3c/0x68 [ 26.404261] kasan_record_aux_stack+0xb4/0xc8 [ 26.404380] kmem_cache_free+0x120/0x468 [ 26.404505] kmem_cache_rcu_uaf+0x16c/0x468 [ 26.404621] kunit_try_run_case+0x170/0x3f0 [ 26.404727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.404840] kthread+0x328/0x630 [ 26.405268] ret_from_fork+0x10/0x20 [ 26.405492] [ 26.405571] The buggy address belongs to the object at fff00000c64ba000 [ 26.405571] which belongs to the cache test_cache of size 200 [ 26.406050] The buggy address is located 0 bytes inside of [ 26.406050] freed 200-byte region [fff00000c64ba000, fff00000c64ba0c8) [ 26.406585] [ 26.406790] The buggy address belongs to the physical page: [ 26.406895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064ba [ 26.407469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.407696] page_type: f5(slab) [ 26.407817] raw: 0bfffe0000000000 fff00000c59ebdc0 dead000000000122 0000000000000000 [ 26.407939] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 26.408036] page dumped because: kasan: bad access detected [ 26.408113] [ 26.408156] Memory state around the buggy address: [ 26.408230] fff00000c64b9f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.408351] fff00000c64b9f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.408498] >fff00000c64ba000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.408589] ^ [ 26.408657] fff00000c64ba080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.408770] fff00000c64ba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.408862] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 25.756550] ================================================================== [ 25.756837] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 25.757091] Free of addr fff00000c63ef001 by task kunit_try_catch/213 [ 25.757358] [ 25.757471] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.757669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.757735] Hardware name: linux,dummy-virt (DT) [ 25.757809] Call trace: [ 25.757866] show_stack+0x20/0x38 (C) [ 25.757997] dump_stack_lvl+0x8c/0xd0 [ 25.758116] print_report+0x118/0x608 [ 25.758227] kasan_report_invalid_free+0xc0/0xe8 [ 25.758340] check_slab_allocation+0xfc/0x108 [ 25.758477] __kasan_slab_pre_free+0x2c/0x48 [ 25.758603] kmem_cache_free+0xf0/0x468 [ 25.758721] kmem_cache_invalid_free+0x184/0x3c8 [ 25.758838] kunit_try_run_case+0x170/0x3f0 [ 25.758963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.759092] kthread+0x328/0x630 [ 25.759207] ret_from_fork+0x10/0x20 [ 25.759337] [ 25.759400] Allocated by task 213: [ 25.759473] kasan_save_stack+0x3c/0x68 [ 25.759588] kasan_save_track+0x20/0x40 [ 25.759696] kasan_save_alloc_info+0x40/0x58 [ 25.759806] __kasan_slab_alloc+0xa8/0xb0 [ 25.759970] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.760074] kmem_cache_invalid_free+0x12c/0x3c8 [ 25.760220] kunit_try_run_case+0x170/0x3f0 [ 25.760371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.760571] kthread+0x328/0x630 [ 25.760708] ret_from_fork+0x10/0x20 [ 25.761069] [ 25.761151] The buggy address belongs to the object at fff00000c63ef000 [ 25.761151] which belongs to the cache test_cache of size 200 [ 25.762039] The buggy address is located 1 bytes inside of [ 25.762039] 200-byte region [fff00000c63ef000, fff00000c63ef0c8) [ 25.762209] [ 25.762270] The buggy address belongs to the physical page: [ 25.762358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ef [ 25.762528] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.762738] page_type: f5(slab) [ 25.762960] raw: 0bfffe0000000000 fff00000c59ebc80 dead000000000122 0000000000000000 [ 25.763084] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.763175] page dumped because: kasan: bad access detected [ 25.763247] [ 25.763285] Memory state around the buggy address: [ 25.763353] fff00000c63eef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.763630] fff00000c63eef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.763755] >fff00000c63ef000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.763878] ^ [ 25.763951] fff00000c63ef080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.764054] fff00000c63ef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.764144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 25.688767] ================================================================== [ 25.688948] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 25.689103] Free of addr fff00000c63cd000 by task kunit_try_catch/211 [ 25.689214] [ 25.689300] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.690293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.691471] Hardware name: linux,dummy-virt (DT) [ 25.691564] Call trace: [ 25.691623] show_stack+0x20/0x38 (C) [ 25.692672] dump_stack_lvl+0x8c/0xd0 [ 25.692892] print_report+0x118/0x608 [ 25.693108] kasan_report_invalid_free+0xc0/0xe8 [ 25.693696] check_slab_allocation+0xd4/0x108 [ 25.694141] __kasan_slab_pre_free+0x2c/0x48 [ 25.694297] kmem_cache_free+0xf0/0x468 [ 25.694646] kmem_cache_double_free+0x190/0x3c8 [ 25.694794] kunit_try_run_case+0x170/0x3f0 [ 25.694945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.695187] kthread+0x328/0x630 [ 25.695322] ret_from_fork+0x10/0x20 [ 25.695872] [ 25.695921] Allocated by task 211: [ 25.695995] kasan_save_stack+0x3c/0x68 [ 25.696163] kasan_save_track+0x20/0x40 [ 25.696326] kasan_save_alloc_info+0x40/0x58 [ 25.696509] __kasan_slab_alloc+0xa8/0xb0 [ 25.696606] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.696769] kmem_cache_double_free+0x12c/0x3c8 [ 25.696879] kunit_try_run_case+0x170/0x3f0 [ 25.697115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.697298] kthread+0x328/0x630 [ 25.697444] ret_from_fork+0x10/0x20 [ 25.697556] [ 25.697607] Freed by task 211: [ 25.697694] kasan_save_stack+0x3c/0x68 [ 25.697980] kasan_save_track+0x20/0x40 [ 25.698092] kasan_save_free_info+0x4c/0x78 [ 25.698489] __kasan_slab_free+0x6c/0x98 [ 25.698735] kmem_cache_free+0x260/0x468 [ 25.698874] kmem_cache_double_free+0x140/0x3c8 [ 25.699071] kunit_try_run_case+0x170/0x3f0 [ 25.699174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.699293] kthread+0x328/0x630 [ 25.699379] ret_from_fork+0x10/0x20 [ 25.699493] [ 25.699557] The buggy address belongs to the object at fff00000c63cd000 [ 25.699557] which belongs to the cache test_cache of size 200 [ 25.699807] The buggy address is located 0 bytes inside of [ 25.699807] 200-byte region [fff00000c63cd000, fff00000c63cd0c8) [ 25.700028] [ 25.700145] The buggy address belongs to the physical page: [ 25.700370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 25.700542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.700668] page_type: f5(slab) [ 25.700820] raw: 0bfffe0000000000 fff00000c59ebb40 dead000000000122 0000000000000000 [ 25.700939] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.701156] page dumped because: kasan: bad access detected [ 25.701328] [ 25.701490] Memory state around the buggy address: [ 25.701680] fff00000c63ccf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.701800] fff00000c63ccf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.701907] >fff00000c63cd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.702059] ^ [ 25.702177] fff00000c63cd080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.702355] fff00000c63cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.702595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 25.466198] ================================================================== [ 25.466515] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 25.466682] Read of size 1 at addr fff00000c11870c8 by task kunit_try_catch/209 [ 25.466842] [ 25.466983] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.467181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.467254] Hardware name: linux,dummy-virt (DT) [ 25.467346] Call trace: [ 25.467482] show_stack+0x20/0x38 (C) [ 25.467667] dump_stack_lvl+0x8c/0xd0 [ 25.468043] print_report+0x118/0x608 [ 25.468175] kasan_report+0xdc/0x128 [ 25.468440] __asan_report_load1_noabort+0x20/0x30 [ 25.468586] kmem_cache_oob+0x344/0x430 [ 25.468793] kunit_try_run_case+0x170/0x3f0 [ 25.468931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.469586] kthread+0x328/0x630 [ 25.469734] ret_from_fork+0x10/0x20 [ 25.470046] [ 25.470165] Allocated by task 209: [ 25.470303] kasan_save_stack+0x3c/0x68 [ 25.470435] kasan_save_track+0x20/0x40 [ 25.470527] kasan_save_alloc_info+0x40/0x58 [ 25.471483] __kasan_slab_alloc+0xa8/0xb0 [ 25.471942] kmem_cache_alloc_noprof+0x10c/0x398 [ 25.472385] kmem_cache_oob+0x12c/0x430 [ 25.473007] kunit_try_run_case+0x170/0x3f0 [ 25.474058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.474649] kthread+0x328/0x630 [ 25.474780] ret_from_fork+0x10/0x20 [ 25.475019] [ 25.475087] The buggy address belongs to the object at fff00000c1187000 [ 25.475087] which belongs to the cache test_cache of size 200 [ 25.475354] The buggy address is located 0 bytes to the right of [ 25.475354] allocated 200-byte region [fff00000c1187000, fff00000c11870c8) [ 25.475523] [ 25.475580] The buggy address belongs to the physical page: [ 25.475658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101187 [ 25.476013] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.476318] page_type: f5(slab) [ 25.476712] raw: 0bfffe0000000000 fff00000c59eba00 dead000000000122 0000000000000000 [ 25.477122] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.477246] page dumped because: kasan: bad access detected [ 25.477327] [ 25.477751] Memory state around the buggy address: [ 25.477906] fff00000c1186f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.478272] fff00000c1187000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.478483] >fff00000c1187080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.478603] ^ [ 25.478690] fff00000c1187100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.478789] fff00000c1187180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.478882] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 25.377744] ================================================================== [ 25.377918] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 25.378060] Read of size 8 at addr fff00000c76c26c0 by task kunit_try_catch/202 [ 25.378179] [ 25.378265] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.378482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.378560] Hardware name: linux,dummy-virt (DT) [ 25.378638] Call trace: [ 25.379520] show_stack+0x20/0x38 (C) [ 25.380832] dump_stack_lvl+0x8c/0xd0 [ 25.381368] print_report+0x118/0x608 [ 25.382605] kasan_report+0xdc/0x128 [ 25.382859] __asan_report_load8_noabort+0x20/0x30 [ 25.382998] workqueue_uaf+0x480/0x4a8 [ 25.383213] kunit_try_run_case+0x170/0x3f0 [ 25.383352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.384520] kthread+0x328/0x630 [ 25.385042] ret_from_fork+0x10/0x20 [ 25.385257] [ 25.386090] Allocated by task 202: [ 25.386417] kasan_save_stack+0x3c/0x68 [ 25.386632] kasan_save_track+0x20/0x40 [ 25.386742] kasan_save_alloc_info+0x40/0x58 [ 25.386961] __kasan_kmalloc+0xd4/0xd8 [ 25.387057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.387216] workqueue_uaf+0x13c/0x4a8 [ 25.387319] kunit_try_run_case+0x170/0x3f0 [ 25.387484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.387650] kthread+0x328/0x630 [ 25.387745] ret_from_fork+0x10/0x20 [ 25.387842] [ 25.387902] Freed by task 9: [ 25.387966] kasan_save_stack+0x3c/0x68 [ 25.388064] kasan_save_track+0x20/0x40 [ 25.388149] kasan_save_free_info+0x4c/0x78 [ 25.388243] __kasan_slab_free+0x6c/0x98 [ 25.388326] kfree+0x214/0x3c8 [ 25.388427] workqueue_uaf_work+0x18/0x30 [ 25.388539] process_one_work+0x530/0xf98 [ 25.388659] worker_thread+0x618/0xf38 [ 25.388898] kthread+0x328/0x630 [ 25.389168] ret_from_fork+0x10/0x20 [ 25.389274] [ 25.389348] Last potentially related work creation: [ 25.389549] kasan_save_stack+0x3c/0x68 [ 25.389820] kasan_record_aux_stack+0xb4/0xc8 [ 25.389953] __queue_work+0x65c/0x1008 [ 25.390170] queue_work_on+0xbc/0xf8 [ 25.390261] workqueue_uaf+0x210/0x4a8 [ 25.390405] kunit_try_run_case+0x170/0x3f0 [ 25.390507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.390711] kthread+0x328/0x630 [ 25.390817] ret_from_fork+0x10/0x20 [ 25.390916] [ 25.390971] The buggy address belongs to the object at fff00000c76c26c0 [ 25.390971] which belongs to the cache kmalloc-32 of size 32 [ 25.391184] The buggy address is located 0 bytes inside of [ 25.391184] freed 32-byte region [fff00000c76c26c0, fff00000c76c26e0) [ 25.391338] [ 25.391409] The buggy address belongs to the physical page: [ 25.391487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c2 [ 25.391613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.391729] page_type: f5(slab) [ 25.391857] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.392032] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.392138] page dumped because: kasan: bad access detected [ 25.392223] [ 25.392265] Memory state around the buggy address: [ 25.392350] fff00000c76c2580: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 25.392507] fff00000c76c2600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.392689] >fff00000c76c2680: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 25.392785] ^ [ 25.392867] fff00000c76c2700: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.392984] fff00000c76c2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.393157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 25.316889] ================================================================== [ 25.317119] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 25.317282] Read of size 4 at addr fff00000c76c24c0 by task swapper/0/0 [ 25.317384] [ 25.317487] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.317677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.317738] Hardware name: linux,dummy-virt (DT) [ 25.317809] Call trace: [ 25.317861] show_stack+0x20/0x38 (C) [ 25.317980] dump_stack_lvl+0x8c/0xd0 [ 25.318096] print_report+0x118/0x608 [ 25.318201] kasan_report+0xdc/0x128 [ 25.318305] __asan_report_load4_noabort+0x20/0x30 [ 25.322195] rcu_uaf_reclaim+0x64/0x70 [ 25.322628] rcu_core+0x9f4/0x1e20 [ 25.323309] rcu_core_si+0x18/0x30 [ 25.324550] handle_softirqs+0x374/0xb28 [ 25.324882] __do_softirq+0x1c/0x28 [ 25.325483] ____do_softirq+0x18/0x30 [ 25.326245] call_on_irq_stack+0x24/0x30 [ 25.327021] do_softirq_own_stack+0x24/0x38 [ 25.327234] __irq_exit_rcu+0x1fc/0x318 [ 25.327353] irq_exit_rcu+0x1c/0x80 [ 25.328059] el1_interrupt+0x38/0x58 [ 25.328658] el1h_64_irq_handler+0x18/0x28 [ 25.328998] el1h_64_irq+0x6c/0x70 [ 25.330113] arch_local_irq_enable+0x4/0x8 (P) [ 25.330242] do_idle+0x384/0x4e8 [ 25.331105] cpu_startup_entry+0x68/0x80 [ 25.331713] rest_init+0x160/0x188 [ 25.332097] start_kernel+0x308/0x3d0 [ 25.332258] __primary_switched+0x8c/0xa0 [ 25.332895] [ 25.332950] Allocated by task 200: [ 25.333409] kasan_save_stack+0x3c/0x68 [ 25.333513] kasan_save_track+0x20/0x40 [ 25.333607] kasan_save_alloc_info+0x40/0x58 [ 25.334117] __kasan_kmalloc+0xd4/0xd8 [ 25.334599] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.335172] rcu_uaf+0xb0/0x2d8 [ 25.335306] kunit_try_run_case+0x170/0x3f0 [ 25.335586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.335813] kthread+0x328/0x630 [ 25.335933] ret_from_fork+0x10/0x20 [ 25.336037] [ 25.336245] Freed by task 0: [ 25.336331] kasan_save_stack+0x3c/0x68 [ 25.336828] kasan_save_track+0x20/0x40 [ 25.337139] kasan_save_free_info+0x4c/0x78 [ 25.337418] __kasan_slab_free+0x6c/0x98 [ 25.337900] kfree+0x214/0x3c8 [ 25.338404] rcu_uaf_reclaim+0x28/0x70 [ 25.338706] rcu_core+0x9f4/0x1e20 [ 25.338850] rcu_core_si+0x18/0x30 [ 25.339052] handle_softirqs+0x374/0xb28 [ 25.339263] __do_softirq+0x1c/0x28 [ 25.339418] [ 25.339488] Last potentially related work creation: [ 25.339570] kasan_save_stack+0x3c/0x68 [ 25.340306] kasan_record_aux_stack+0xb4/0xc8 [ 25.340439] __call_rcu_common.constprop.0+0x70/0x8b0 [ 25.340558] call_rcu+0x18/0x30 [ 25.340656] rcu_uaf+0x14c/0x2d8 [ 25.340765] kunit_try_run_case+0x170/0x3f0 [ 25.340878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.341738] kthread+0x328/0x630 [ 25.342194] ret_from_fork+0x10/0x20 [ 25.342303] [ 25.342366] The buggy address belongs to the object at fff00000c76c24c0 [ 25.342366] which belongs to the cache kmalloc-32 of size 32 [ 25.342523] The buggy address is located 0 bytes inside of [ 25.342523] freed 32-byte region [fff00000c76c24c0, fff00000c76c24e0) [ 25.342731] [ 25.343151] The buggy address belongs to the physical page: [ 25.343267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c2 [ 25.343560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.344221] page_type: f5(slab) [ 25.344364] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 25.344506] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.344686] page dumped because: kasan: bad access detected [ 25.344773] [ 25.345045] Memory state around the buggy address: [ 25.345163] fff00000c76c2380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.345862] fff00000c76c2400: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.346415] >fff00000c76c2480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.346626] ^ [ 25.346773] fff00000c76c2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.346912] fff00000c76c2580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.347267] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 25.137026] ================================================================== [ 25.137133] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 25.137261] Read of size 1 at addr fff00000c76cf400 by task kunit_try_catch/198 [ 25.137380] [ 25.137482] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.137695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.137772] Hardware name: linux,dummy-virt (DT) [ 25.138066] Call trace: [ 25.138244] show_stack+0x20/0x38 (C) [ 25.138548] dump_stack_lvl+0x8c/0xd0 [ 25.139511] print_report+0x118/0x608 [ 25.140653] kasan_report+0xdc/0x128 [ 25.140910] __asan_report_load1_noabort+0x20/0x30 [ 25.141049] ksize_uaf+0x598/0x5f8 [ 25.141401] kunit_try_run_case+0x170/0x3f0 [ 25.141533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.142329] kthread+0x328/0x630 [ 25.142800] ret_from_fork+0x10/0x20 [ 25.143339] [ 25.143406] Allocated by task 198: [ 25.143640] kasan_save_stack+0x3c/0x68 [ 25.143758] kasan_save_track+0x20/0x40 [ 25.144281] kasan_save_alloc_info+0x40/0x58 [ 25.144589] __kasan_kmalloc+0xd4/0xd8 [ 25.144925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.145087] ksize_uaf+0xb8/0x5f8 [ 25.145192] kunit_try_run_case+0x170/0x3f0 [ 25.145877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.146633] kthread+0x328/0x630 [ 25.147111] ret_from_fork+0x10/0x20 [ 25.147213] [ 25.147688] Freed by task 198: [ 25.147790] kasan_save_stack+0x3c/0x68 [ 25.147955] kasan_save_track+0x20/0x40 [ 25.148158] kasan_save_free_info+0x4c/0x78 [ 25.148489] __kasan_slab_free+0x6c/0x98 [ 25.148627] kfree+0x214/0x3c8 [ 25.149057] ksize_uaf+0x11c/0x5f8 [ 25.149380] kunit_try_run_case+0x170/0x3f0 [ 25.149742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.150104] kthread+0x328/0x630 [ 25.150302] ret_from_fork+0x10/0x20 [ 25.150412] [ 25.150463] The buggy address belongs to the object at fff00000c76cf400 [ 25.150463] which belongs to the cache kmalloc-128 of size 128 [ 25.151366] The buggy address is located 0 bytes inside of [ 25.151366] freed 128-byte region [fff00000c76cf400, fff00000c76cf480) [ 25.151631] [ 25.151768] The buggy address belongs to the physical page: [ 25.152147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.152267] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.152942] page_type: f5(slab) [ 25.153048] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.153172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.153355] page dumped because: kasan: bad access detected [ 25.153488] [ 25.153539] Memory state around the buggy address: [ 25.153629] fff00000c76cf300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.154271] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.155559] >fff00000c76cf400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.155695] ^ [ 25.155762] fff00000c76cf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.155853] fff00000c76cf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.155967] ================================================================== [ 25.116936] ================================================================== [ 25.117248] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 25.118668] Read of size 1 at addr fff00000c76cf400 by task kunit_try_catch/198 [ 25.118738] [ 25.118800] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.119132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.119201] Hardware name: linux,dummy-virt (DT) [ 25.119281] Call trace: [ 25.119336] show_stack+0x20/0x38 (C) [ 25.119611] dump_stack_lvl+0x8c/0xd0 [ 25.119732] print_report+0x118/0x608 [ 25.119853] kasan_report+0xdc/0x128 [ 25.120127] __kasan_check_byte+0x54/0x70 [ 25.120336] ksize+0x30/0x88 [ 25.120470] ksize_uaf+0x168/0x5f8 [ 25.120643] kunit_try_run_case+0x170/0x3f0 [ 25.121016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.121360] kthread+0x328/0x630 [ 25.121529] ret_from_fork+0x10/0x20 [ 25.121650] [ 25.121722] Allocated by task 198: [ 25.121794] kasan_save_stack+0x3c/0x68 [ 25.121899] kasan_save_track+0x20/0x40 [ 25.122124] kasan_save_alloc_info+0x40/0x58 [ 25.122237] __kasan_kmalloc+0xd4/0xd8 [ 25.122332] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.122635] ksize_uaf+0xb8/0x5f8 [ 25.122768] kunit_try_run_case+0x170/0x3f0 [ 25.122892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.122999] kthread+0x328/0x630 [ 25.123086] ret_from_fork+0x10/0x20 [ 25.123184] [ 25.123328] Freed by task 198: [ 25.124322] kasan_save_stack+0x3c/0x68 [ 25.124552] kasan_save_track+0x20/0x40 [ 25.124903] kasan_save_free_info+0x4c/0x78 [ 25.125293] __kasan_slab_free+0x6c/0x98 [ 25.125685] kfree+0x214/0x3c8 [ 25.125840] ksize_uaf+0x11c/0x5f8 [ 25.125989] kunit_try_run_case+0x170/0x3f0 [ 25.126159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.126333] kthread+0x328/0x630 [ 25.126439] ret_from_fork+0x10/0x20 [ 25.126611] [ 25.126670] The buggy address belongs to the object at fff00000c76cf400 [ 25.126670] which belongs to the cache kmalloc-128 of size 128 [ 25.126823] The buggy address is located 0 bytes inside of [ 25.126823] freed 128-byte region [fff00000c76cf400, fff00000c76cf480) [ 25.126986] [ 25.127047] The buggy address belongs to the physical page: [ 25.127564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.127699] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.127816] page_type: f5(slab) [ 25.127915] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.128273] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.128778] page dumped because: kasan: bad access detected [ 25.129123] [ 25.129446] Memory state around the buggy address: [ 25.129629] fff00000c76cf300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.129888] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.130643] >fff00000c76cf400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.130954] ^ [ 25.131155] fff00000c76cf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.131259] fff00000c76cf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.132276] ================================================================== [ 25.157769] ================================================================== [ 25.158115] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 25.158328] Read of size 1 at addr fff00000c76cf478 by task kunit_try_catch/198 [ 25.158523] [ 25.159094] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.159293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.159360] Hardware name: linux,dummy-virt (DT) [ 25.159563] Call trace: [ 25.159635] show_stack+0x20/0x38 (C) [ 25.160356] dump_stack_lvl+0x8c/0xd0 [ 25.161361] print_report+0x118/0x608 [ 25.161552] kasan_report+0xdc/0x128 [ 25.162242] __asan_report_load1_noabort+0x20/0x30 [ 25.162518] ksize_uaf+0x544/0x5f8 [ 25.162770] kunit_try_run_case+0x170/0x3f0 [ 25.162903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.163572] kthread+0x328/0x630 [ 25.164034] ret_from_fork+0x10/0x20 [ 25.164163] [ 25.164209] Allocated by task 198: [ 25.164723] kasan_save_stack+0x3c/0x68 [ 25.164854] kasan_save_track+0x20/0x40 [ 25.165201] kasan_save_alloc_info+0x40/0x58 [ 25.165910] __kasan_kmalloc+0xd4/0xd8 [ 25.166060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.166233] ksize_uaf+0xb8/0x5f8 [ 25.166660] kunit_try_run_case+0x170/0x3f0 [ 25.166773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.167075] kthread+0x328/0x630 [ 25.167215] ret_from_fork+0x10/0x20 [ 25.167371] [ 25.167438] Freed by task 198: [ 25.167535] kasan_save_stack+0x3c/0x68 [ 25.167687] kasan_save_track+0x20/0x40 [ 25.167813] kasan_save_free_info+0x4c/0x78 [ 25.168055] __kasan_slab_free+0x6c/0x98 [ 25.168213] kfree+0x214/0x3c8 [ 25.168298] ksize_uaf+0x11c/0x5f8 [ 25.168712] kunit_try_run_case+0x170/0x3f0 [ 25.168829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.168944] kthread+0x328/0x630 [ 25.169050] ret_from_fork+0x10/0x20 [ 25.169157] [ 25.169249] The buggy address belongs to the object at fff00000c76cf400 [ 25.169249] which belongs to the cache kmalloc-128 of size 128 [ 25.169530] The buggy address is located 120 bytes inside of [ 25.169530] freed 128-byte region [fff00000c76cf400, fff00000c76cf480) [ 25.170053] [ 25.170146] The buggy address belongs to the physical page: [ 25.170248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.170421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.170602] page_type: f5(slab) [ 25.171013] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.171620] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.171779] page dumped because: kasan: bad access detected [ 25.171969] [ 25.172019] Memory state around the buggy address: [ 25.172135] fff00000c76cf300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.172374] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.172516] >fff00000c76cf400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.172681] ^ [ 25.172796] fff00000c76cf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.172927] fff00000c76cf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.173037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 25.087382] ================================================================== [ 25.087512] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 25.087633] Read of size 1 at addr fff00000c76cf37f by task kunit_try_catch/196 [ 25.087748] [ 25.087829] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.088024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.088095] Hardware name: linux,dummy-virt (DT) [ 25.088188] Call trace: [ 25.088262] show_stack+0x20/0x38 (C) [ 25.088865] dump_stack_lvl+0x8c/0xd0 [ 25.089077] print_report+0x118/0x608 [ 25.089384] kasan_report+0xdc/0x128 [ 25.089717] __asan_report_load1_noabort+0x20/0x30 [ 25.089847] ksize_unpoisons_memory+0x690/0x740 [ 25.089975] kunit_try_run_case+0x170/0x3f0 [ 25.090109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.090353] kthread+0x328/0x630 [ 25.090505] ret_from_fork+0x10/0x20 [ 25.090653] [ 25.090705] Allocated by task 196: [ 25.090810] kasan_save_stack+0x3c/0x68 [ 25.091546] kasan_save_track+0x20/0x40 [ 25.091878] kasan_save_alloc_info+0x40/0x58 [ 25.091985] __kasan_kmalloc+0xd4/0xd8 [ 25.092094] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.092199] ksize_unpoisons_memory+0xc0/0x740 [ 25.092652] kunit_try_run_case+0x170/0x3f0 [ 25.092874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.093093] kthread+0x328/0x630 [ 25.093345] ret_from_fork+0x10/0x20 [ 25.093495] [ 25.093556] The buggy address belongs to the object at fff00000c76cf300 [ 25.093556] which belongs to the cache kmalloc-128 of size 128 [ 25.093979] The buggy address is located 12 bytes to the right of [ 25.093979] allocated 115-byte region [fff00000c76cf300, fff00000c76cf373) [ 25.094168] [ 25.094273] The buggy address belongs to the physical page: [ 25.094353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.094525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.094666] page_type: f5(slab) [ 25.095148] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.095532] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.095642] page dumped because: kasan: bad access detected [ 25.095731] [ 25.095783] Memory state around the buggy address: [ 25.096058] fff00000c76cf200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.096154] fff00000c76cf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.096251] >fff00000c76cf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.096385] ^ [ 25.096588] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.096729] fff00000c76cf400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.096825] ================================================================== [ 25.054271] ================================================================== [ 25.054530] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 25.054759] Read of size 1 at addr fff00000c76cf373 by task kunit_try_catch/196 [ 25.054883] [ 25.054971] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.055189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.055381] Hardware name: linux,dummy-virt (DT) [ 25.055592] Call trace: [ 25.057426] show_stack+0x20/0x38 (C) [ 25.057589] dump_stack_lvl+0x8c/0xd0 [ 25.058609] print_report+0x118/0x608 [ 25.058752] kasan_report+0xdc/0x128 [ 25.058877] __asan_report_load1_noabort+0x20/0x30 [ 25.059076] ksize_unpoisons_memory+0x628/0x740 [ 25.059476] kunit_try_run_case+0x170/0x3f0 [ 25.059831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.060102] kthread+0x328/0x630 [ 25.060257] ret_from_fork+0x10/0x20 [ 25.060588] [ 25.060635] Allocated by task 196: [ 25.060706] kasan_save_stack+0x3c/0x68 [ 25.061946] kasan_save_track+0x20/0x40 [ 25.062080] kasan_save_alloc_info+0x40/0x58 [ 25.062245] __kasan_kmalloc+0xd4/0xd8 [ 25.062499] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.062654] ksize_unpoisons_memory+0xc0/0x740 [ 25.062772] kunit_try_run_case+0x170/0x3f0 [ 25.062967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.063118] kthread+0x328/0x630 [ 25.063216] ret_from_fork+0x10/0x20 [ 25.063414] [ 25.063469] The buggy address belongs to the object at fff00000c76cf300 [ 25.063469] which belongs to the cache kmalloc-128 of size 128 [ 25.063748] The buggy address is located 0 bytes to the right of [ 25.063748] allocated 115-byte region [fff00000c76cf300, fff00000c76cf373) [ 25.064072] [ 25.064123] The buggy address belongs to the physical page: [ 25.064197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.064403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.064561] page_type: f5(slab) [ 25.064687] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.064896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.065134] page dumped because: kasan: bad access detected [ 25.065251] [ 25.065378] Memory state around the buggy address: [ 25.065764] fff00000c76cf200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.065888] fff00000c76cf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.066002] >fff00000c76cf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.066164] ^ [ 25.066373] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.066648] fff00000c76cf400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.066752] ================================================================== [ 25.068478] ================================================================== [ 25.068580] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 25.068693] Read of size 1 at addr fff00000c76cf378 by task kunit_try_catch/196 [ 25.068810] [ 25.068888] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.069074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.069142] Hardware name: linux,dummy-virt (DT) [ 25.069229] Call trace: [ 25.069285] show_stack+0x20/0x38 (C) [ 25.069421] dump_stack_lvl+0x8c/0xd0 [ 25.069547] print_report+0x118/0x608 [ 25.070627] kasan_report+0xdc/0x128 [ 25.071553] __asan_report_load1_noabort+0x20/0x30 [ 25.071788] ksize_unpoisons_memory+0x618/0x740 [ 25.071966] kunit_try_run_case+0x170/0x3f0 [ 25.072095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.072361] kthread+0x328/0x630 [ 25.072645] ret_from_fork+0x10/0x20 [ 25.072872] [ 25.072918] Allocated by task 196: [ 25.073266] kasan_save_stack+0x3c/0x68 [ 25.073404] kasan_save_track+0x20/0x40 [ 25.073532] kasan_save_alloc_info+0x40/0x58 [ 25.073893] __kasan_kmalloc+0xd4/0xd8 [ 25.074093] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.074247] ksize_unpoisons_memory+0xc0/0x740 [ 25.074457] kunit_try_run_case+0x170/0x3f0 [ 25.074597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.074725] kthread+0x328/0x630 [ 25.074821] ret_from_fork+0x10/0x20 [ 25.075174] [ 25.075552] The buggy address belongs to the object at fff00000c76cf300 [ 25.075552] which belongs to the cache kmalloc-128 of size 128 [ 25.075790] The buggy address is located 5 bytes to the right of [ 25.075790] allocated 115-byte region [fff00000c76cf300, fff00000c76cf373) [ 25.076043] [ 25.076105] The buggy address belongs to the physical page: [ 25.076226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 25.076797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.077113] page_type: f5(slab) [ 25.077443] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.077890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.078144] page dumped because: kasan: bad access detected [ 25.078538] [ 25.078784] Memory state around the buggy address: [ 25.079113] fff00000c76cf200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.079341] fff00000c76cf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.080383] >fff00000c76cf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.080541] ^ [ 25.081753] fff00000c76cf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.081949] fff00000c76cf400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.082835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 25.026595] ================================================================== [ 25.028288] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 25.028424] Free of addr fff00000c5e9dde0 by task kunit_try_catch/194 [ 25.028555] [ 25.028662] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.029056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.029169] Hardware name: linux,dummy-virt (DT) [ 25.029262] Call trace: [ 25.029320] show_stack+0x20/0x38 (C) [ 25.029451] dump_stack_lvl+0x8c/0xd0 [ 25.029760] print_report+0x118/0x608 [ 25.030450] kasan_report_invalid_free+0xc0/0xe8 [ 25.030729] check_slab_allocation+0xd4/0x108 [ 25.030855] __kasan_slab_pre_free+0x2c/0x48 [ 25.030983] kfree+0xe8/0x3c8 [ 25.031316] kfree_sensitive+0x3c/0xb0 [ 25.031845] kmalloc_double_kzfree+0x168/0x308 [ 25.032240] kunit_try_run_case+0x170/0x3f0 [ 25.032552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.032769] kthread+0x328/0x630 [ 25.032887] ret_from_fork+0x10/0x20 [ 25.033000] [ 25.033108] Allocated by task 194: [ 25.033238] kasan_save_stack+0x3c/0x68 [ 25.033408] kasan_save_track+0x20/0x40 [ 25.033517] kasan_save_alloc_info+0x40/0x58 [ 25.033634] __kasan_kmalloc+0xd4/0xd8 [ 25.033741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.034070] kmalloc_double_kzfree+0xb8/0x308 [ 25.034177] kunit_try_run_case+0x170/0x3f0 [ 25.034660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.034907] kthread+0x328/0x630 [ 25.035015] ret_from_fork+0x10/0x20 [ 25.035278] [ 25.035378] Freed by task 194: [ 25.035459] kasan_save_stack+0x3c/0x68 [ 25.035540] kasan_save_track+0x20/0x40 [ 25.035632] kasan_save_free_info+0x4c/0x78 [ 25.035848] __kasan_slab_free+0x6c/0x98 [ 25.036046] kfree+0x214/0x3c8 [ 25.036173] kfree_sensitive+0x80/0xb0 [ 25.036359] kmalloc_double_kzfree+0x11c/0x308 [ 25.036492] kunit_try_run_case+0x170/0x3f0 [ 25.036589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.036720] kthread+0x328/0x630 [ 25.036832] ret_from_fork+0x10/0x20 [ 25.036981] [ 25.037082] The buggy address belongs to the object at fff00000c5e9dde0 [ 25.037082] which belongs to the cache kmalloc-16 of size 16 [ 25.037632] The buggy address is located 0 bytes inside of [ 25.037632] 16-byte region [fff00000c5e9dde0, fff00000c5e9ddf0) [ 25.037790] [ 25.037849] The buggy address belongs to the physical page: [ 25.037927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 25.038369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.038517] page_type: f5(slab) [ 25.038708] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.039006] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.039108] page dumped because: kasan: bad access detected [ 25.039189] [ 25.039237] Memory state around the buggy address: [ 25.039455] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.039566] fff00000c5e9dd00: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.039666] >fff00000c5e9dd80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.039750] ^ [ 25.039874] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.039980] fff00000c5e9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.040073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 25.011780] ================================================================== [ 25.012751] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 25.012896] Read of size 1 at addr fff00000c5e9dde0 by task kunit_try_catch/194 [ 25.013233] [ 25.013326] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 25.013541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.013624] Hardware name: linux,dummy-virt (DT) [ 25.013794] Call trace: [ 25.013916] show_stack+0x20/0x38 (C) [ 25.014183] dump_stack_lvl+0x8c/0xd0 [ 25.014335] print_report+0x118/0x608 [ 25.014640] kasan_report+0xdc/0x128 [ 25.014768] __kasan_check_byte+0x54/0x70 [ 25.015156] kfree_sensitive+0x30/0xb0 [ 25.015790] kmalloc_double_kzfree+0x168/0x308 [ 25.016225] kunit_try_run_case+0x170/0x3f0 [ 25.016400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.016678] kthread+0x328/0x630 [ 25.016928] ret_from_fork+0x10/0x20 [ 25.017055] [ 25.017101] Allocated by task 194: [ 25.017209] kasan_save_stack+0x3c/0x68 [ 25.017305] kasan_save_track+0x20/0x40 [ 25.017429] kasan_save_alloc_info+0x40/0x58 [ 25.017524] __kasan_kmalloc+0xd4/0xd8 [ 25.017611] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.017736] kmalloc_double_kzfree+0xb8/0x308 [ 25.017844] kunit_try_run_case+0x170/0x3f0 [ 25.017967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.018118] kthread+0x328/0x630 [ 25.018216] ret_from_fork+0x10/0x20 [ 25.018335] [ 25.018382] Freed by task 194: [ 25.018661] kasan_save_stack+0x3c/0x68 [ 25.019092] kasan_save_track+0x20/0x40 [ 25.019240] kasan_save_free_info+0x4c/0x78 [ 25.019484] __kasan_slab_free+0x6c/0x98 [ 25.019694] kfree+0x214/0x3c8 [ 25.019920] kfree_sensitive+0x80/0xb0 [ 25.020057] kmalloc_double_kzfree+0x11c/0x308 [ 25.020349] kunit_try_run_case+0x170/0x3f0 [ 25.020473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.020585] kthread+0x328/0x630 [ 25.021306] ret_from_fork+0x10/0x20 [ 25.021616] [ 25.021719] The buggy address belongs to the object at fff00000c5e9dde0 [ 25.021719] which belongs to the cache kmalloc-16 of size 16 [ 25.021870] The buggy address is located 0 bytes inside of [ 25.021870] freed 16-byte region [fff00000c5e9dde0, fff00000c5e9ddf0) [ 25.022002] [ 25.022053] The buggy address belongs to the physical page: [ 25.022660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 25.022801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.022927] page_type: f5(slab) [ 25.023119] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.023274] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.023493] page dumped because: kasan: bad access detected [ 25.023573] [ 25.023637] Memory state around the buggy address: [ 25.023816] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.023961] fff00000c5e9dd00: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.024286] >fff00000c5e9dd80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.024429] ^ [ 25.024525] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.024637] fff00000c5e9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.024767] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 24.966653] ================================================================== [ 24.966956] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 24.967110] Read of size 1 at addr fff00000c76ce8a8 by task kunit_try_catch/190 [ 24.967762] [ 24.967973] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.968508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.968871] Hardware name: linux,dummy-virt (DT) [ 24.968954] Call trace: [ 24.969073] show_stack+0x20/0x38 (C) [ 24.969207] dump_stack_lvl+0x8c/0xd0 [ 24.969326] print_report+0x118/0x608 [ 24.969549] kasan_report+0xdc/0x128 [ 24.969860] __asan_report_load1_noabort+0x20/0x30 [ 24.970007] kmalloc_uaf2+0x3f4/0x468 [ 24.970300] kunit_try_run_case+0x170/0x3f0 [ 24.970737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.971060] kthread+0x328/0x630 [ 24.971203] ret_from_fork+0x10/0x20 [ 24.971627] [ 24.972026] Allocated by task 190: [ 24.972113] kasan_save_stack+0x3c/0x68 [ 24.972286] kasan_save_track+0x20/0x40 [ 24.972451] kasan_save_alloc_info+0x40/0x58 [ 24.972610] __kasan_kmalloc+0xd4/0xd8 [ 24.972725] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.972820] kmalloc_uaf2+0xc4/0x468 [ 24.972907] kunit_try_run_case+0x170/0x3f0 [ 24.973042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.973239] kthread+0x328/0x630 [ 24.973332] ret_from_fork+0x10/0x20 [ 24.973510] [ 24.973606] Freed by task 190: [ 24.973786] kasan_save_stack+0x3c/0x68 [ 24.973877] kasan_save_track+0x20/0x40 [ 24.974029] kasan_save_free_info+0x4c/0x78 [ 24.974195] __kasan_slab_free+0x6c/0x98 [ 24.974339] kfree+0x214/0x3c8 [ 24.974445] kmalloc_uaf2+0x134/0x468 [ 24.974568] kunit_try_run_case+0x170/0x3f0 [ 24.974679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.974797] kthread+0x328/0x630 [ 24.974886] ret_from_fork+0x10/0x20 [ 24.975066] [ 24.975207] The buggy address belongs to the object at fff00000c76ce880 [ 24.975207] which belongs to the cache kmalloc-64 of size 64 [ 24.975375] The buggy address is located 40 bytes inside of [ 24.975375] freed 64-byte region [fff00000c76ce880, fff00000c76ce8c0) [ 24.975551] [ 24.975607] The buggy address belongs to the physical page: [ 24.975685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ce [ 24.975922] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.976116] page_type: f5(slab) [ 24.976215] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.976336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.976448] page dumped because: kasan: bad access detected [ 24.976561] [ 24.976619] Memory state around the buggy address: [ 24.976770] fff00000c76ce780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.976910] fff00000c76ce800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.977018] >fff00000c76ce880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.977098] ^ [ 24.977185] fff00000c76ce900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 24.977349] fff00000c76ce980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.977460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 24.936332] ================================================================== [ 24.936496] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 24.936637] Write of size 33 at addr fff00000c76ce700 by task kunit_try_catch/188 [ 24.936953] [ 24.937195] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.937454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.937529] Hardware name: linux,dummy-virt (DT) [ 24.938331] Call trace: [ 24.938607] show_stack+0x20/0x38 (C) [ 24.938860] dump_stack_lvl+0x8c/0xd0 [ 24.939070] print_report+0x118/0x608 [ 24.939358] kasan_report+0xdc/0x128 [ 24.939519] kasan_check_range+0x100/0x1a8 [ 24.939646] __asan_memset+0x34/0x78 [ 24.939765] kmalloc_uaf_memset+0x170/0x310 [ 24.939882] kunit_try_run_case+0x170/0x3f0 [ 24.939998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.940123] kthread+0x328/0x630 [ 24.940234] ret_from_fork+0x10/0x20 [ 24.940384] [ 24.940454] Allocated by task 188: [ 24.940535] kasan_save_stack+0x3c/0x68 [ 24.941081] kasan_save_track+0x20/0x40 [ 24.941189] kasan_save_alloc_info+0x40/0x58 [ 24.941293] __kasan_kmalloc+0xd4/0xd8 [ 24.941413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.941513] kmalloc_uaf_memset+0xb8/0x310 [ 24.941609] kunit_try_run_case+0x170/0x3f0 [ 24.942240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.942448] kthread+0x328/0x630 [ 24.942662] ret_from_fork+0x10/0x20 [ 24.942954] [ 24.943031] Freed by task 188: [ 24.943098] kasan_save_stack+0x3c/0x68 [ 24.943187] kasan_save_track+0x20/0x40 [ 24.943312] kasan_save_free_info+0x4c/0x78 [ 24.943573] __kasan_slab_free+0x6c/0x98 [ 24.943831] kfree+0x214/0x3c8 [ 24.944036] kmalloc_uaf_memset+0x11c/0x310 [ 24.944160] kunit_try_run_case+0x170/0x3f0 [ 24.944266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.944568] kthread+0x328/0x630 [ 24.944676] ret_from_fork+0x10/0x20 [ 24.944787] [ 24.944835] The buggy address belongs to the object at fff00000c76ce700 [ 24.944835] which belongs to the cache kmalloc-64 of size 64 [ 24.944962] The buggy address is located 0 bytes inside of [ 24.944962] freed 64-byte region [fff00000c76ce700, fff00000c76ce740) [ 24.945143] [ 24.945212] The buggy address belongs to the physical page: [ 24.945284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ce [ 24.945422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.945551] page_type: f5(slab) [ 24.946080] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.946521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.947011] page dumped because: kasan: bad access detected [ 24.947098] [ 24.947149] Memory state around the buggy address: [ 24.947228] fff00000c76ce600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.947537] fff00000c76ce680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.947686] >fff00000c76ce700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.947774] ^ [ 24.947895] fff00000c76ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.948058] fff00000c76ce800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.948249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 24.898122] ================================================================== [ 24.898384] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 24.899030] Read of size 1 at addr fff00000c5e9ddc8 by task kunit_try_catch/186 [ 24.899155] [ 24.899326] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.899653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.899855] Hardware name: linux,dummy-virt (DT) [ 24.899976] Call trace: [ 24.900038] show_stack+0x20/0x38 (C) [ 24.900272] dump_stack_lvl+0x8c/0xd0 [ 24.900410] print_report+0x118/0x608 [ 24.900524] kasan_report+0xdc/0x128 [ 24.900630] __asan_report_load1_noabort+0x20/0x30 [ 24.900766] kmalloc_uaf+0x300/0x338 [ 24.900885] kunit_try_run_case+0x170/0x3f0 [ 24.901021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.901189] kthread+0x328/0x630 [ 24.901306] ret_from_fork+0x10/0x20 [ 24.901835] [ 24.901916] Allocated by task 186: [ 24.902378] kasan_save_stack+0x3c/0x68 [ 24.902597] kasan_save_track+0x20/0x40 [ 24.902662] kasan_save_alloc_info+0x40/0x58 [ 24.902763] __kasan_kmalloc+0xd4/0xd8 [ 24.902817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.902866] kmalloc_uaf+0xb8/0x338 [ 24.902908] kunit_try_run_case+0x170/0x3f0 [ 24.903000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.903255] kthread+0x328/0x630 [ 24.903418] ret_from_fork+0x10/0x20 [ 24.903509] [ 24.903558] Freed by task 186: [ 24.903621] kasan_save_stack+0x3c/0x68 [ 24.903855] kasan_save_track+0x20/0x40 [ 24.904115] kasan_save_free_info+0x4c/0x78 [ 24.904356] __kasan_slab_free+0x6c/0x98 [ 24.904467] kfree+0x214/0x3c8 [ 24.904559] kmalloc_uaf+0x11c/0x338 [ 24.904820] kunit_try_run_case+0x170/0x3f0 [ 24.905100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.905221] kthread+0x328/0x630 [ 24.905305] ret_from_fork+0x10/0x20 [ 24.905479] [ 24.905535] The buggy address belongs to the object at fff00000c5e9ddc0 [ 24.905535] which belongs to the cache kmalloc-16 of size 16 [ 24.905678] The buggy address is located 8 bytes inside of [ 24.905678] freed 16-byte region [fff00000c5e9ddc0, fff00000c5e9ddd0) [ 24.905831] [ 24.905879] The buggy address belongs to the physical page: [ 24.905956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 24.906093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.906224] page_type: f5(slab) [ 24.906331] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.906479] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.906587] page dumped because: kasan: bad access detected [ 24.906672] [ 24.906723] Memory state around the buggy address: [ 24.906806] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.906920] fff00000c5e9dd00: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.907032] >fff00000c5e9dd80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.907218] ^ [ 24.907317] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.907675] fff00000c5e9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.907779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 24.858063] ================================================================== [ 24.858763] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 24.858972] Read of size 64 at addr fff00000c76ce404 by task kunit_try_catch/184 [ 24.859092] [ 24.859179] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.859368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.859496] Hardware name: linux,dummy-virt (DT) [ 24.859577] Call trace: [ 24.859630] show_stack+0x20/0x38 (C) [ 24.859771] dump_stack_lvl+0x8c/0xd0 [ 24.860537] print_report+0x118/0x608 [ 24.860766] kasan_report+0xdc/0x128 [ 24.861735] kasan_check_range+0x100/0x1a8 [ 24.862306] __asan_memmove+0x3c/0x98 [ 24.862965] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 24.863114] kunit_try_run_case+0x170/0x3f0 [ 24.863235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.863369] kthread+0x328/0x630 [ 24.863594] ret_from_fork+0x10/0x20 [ 24.863720] [ 24.863764] Allocated by task 184: [ 24.863856] kasan_save_stack+0x3c/0x68 [ 24.864089] kasan_save_track+0x20/0x40 [ 24.864249] kasan_save_alloc_info+0x40/0x58 [ 24.864365] __kasan_kmalloc+0xd4/0xd8 [ 24.864484] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.864599] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 24.864716] kunit_try_run_case+0x170/0x3f0 [ 24.865169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.865333] kthread+0x328/0x630 [ 24.865523] ret_from_fork+0x10/0x20 [ 24.865628] [ 24.865712] The buggy address belongs to the object at fff00000c76ce400 [ 24.865712] which belongs to the cache kmalloc-64 of size 64 [ 24.865872] The buggy address is located 4 bytes inside of [ 24.865872] allocated 64-byte region [fff00000c76ce400, fff00000c76ce440) [ 24.866029] [ 24.866089] The buggy address belongs to the physical page: [ 24.866291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ce [ 24.866676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.866996] page_type: f5(slab) [ 24.867100] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.867647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.867759] page dumped because: kasan: bad access detected [ 24.867877] [ 24.867998] Memory state around the buggy address: [ 24.868175] fff00000c76ce300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.868379] fff00000c76ce380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.868525] >fff00000c76ce400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.868619] ^ [ 24.868701] fff00000c76ce480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.869301] fff00000c76ce500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.870185] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 24.826649] ================================================================== [ 24.826825] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 24.826965] Read of size 18446744073709551614 at addr fff00000c76ce204 by task kunit_try_catch/182 [ 24.828066] [ 24.828169] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.828382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.828476] Hardware name: linux,dummy-virt (DT) [ 24.828555] Call trace: [ 24.828614] show_stack+0x20/0x38 (C) [ 24.828741] dump_stack_lvl+0x8c/0xd0 [ 24.828937] print_report+0x118/0x608 [ 24.829078] kasan_report+0xdc/0x128 [ 24.829591] kasan_check_range+0x100/0x1a8 [ 24.830600] __asan_memmove+0x3c/0x98 [ 24.830761] kmalloc_memmove_negative_size+0x154/0x2e0 [ 24.830957] kunit_try_run_case+0x170/0x3f0 [ 24.831154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.831530] kthread+0x328/0x630 [ 24.831652] ret_from_fork+0x10/0x20 [ 24.831807] [ 24.831905] Allocated by task 182: [ 24.832027] kasan_save_stack+0x3c/0x68 [ 24.832249] kasan_save_track+0x20/0x40 [ 24.832425] kasan_save_alloc_info+0x40/0x58 [ 24.832532] __kasan_kmalloc+0xd4/0xd8 [ 24.832944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.833053] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 24.833161] kunit_try_run_case+0x170/0x3f0 [ 24.833275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.833421] kthread+0x328/0x630 [ 24.833526] ret_from_fork+0x10/0x20 [ 24.833884] [ 24.834043] The buggy address belongs to the object at fff00000c76ce200 [ 24.834043] which belongs to the cache kmalloc-64 of size 64 [ 24.834177] The buggy address is located 4 bytes inside of [ 24.834177] 64-byte region [fff00000c76ce200, fff00000c76ce240) [ 24.834314] [ 24.834470] The buggy address belongs to the physical page: [ 24.834592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076ce [ 24.834729] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.835375] page_type: f5(slab) [ 24.835572] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 24.835694] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.835785] page dumped because: kasan: bad access detected [ 24.835863] [ 24.835976] Memory state around the buggy address: [ 24.836115] fff00000c76ce100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 24.836244] fff00000c76ce180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.836351] >fff00000c76ce200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.836494] ^ [ 24.836576] fff00000c76ce280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.836876] fff00000c76ce300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.836983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 24.785939] ================================================================== [ 24.786164] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 24.786324] Write of size 16 at addr fff00000c76cf269 by task kunit_try_catch/180 [ 24.786544] [ 24.786735] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.786958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.787025] Hardware name: linux,dummy-virt (DT) [ 24.787102] Call trace: [ 24.787205] show_stack+0x20/0x38 (C) [ 24.787328] dump_stack_lvl+0x8c/0xd0 [ 24.787471] print_report+0x118/0x608 [ 24.787725] kasan_report+0xdc/0x128 [ 24.787835] kasan_check_range+0x100/0x1a8 [ 24.787945] __asan_memset+0x34/0x78 [ 24.788112] kmalloc_oob_memset_16+0x150/0x2f8 [ 24.788244] kunit_try_run_case+0x170/0x3f0 [ 24.788510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.788767] kthread+0x328/0x630 [ 24.788970] ret_from_fork+0x10/0x20 [ 24.789125] [ 24.789221] Allocated by task 180: [ 24.789291] kasan_save_stack+0x3c/0x68 [ 24.789515] kasan_save_track+0x20/0x40 [ 24.789617] kasan_save_alloc_info+0x40/0x58 [ 24.789721] __kasan_kmalloc+0xd4/0xd8 [ 24.789817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.789929] kmalloc_oob_memset_16+0xb0/0x2f8 [ 24.790040] kunit_try_run_case+0x170/0x3f0 [ 24.790150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.790270] kthread+0x328/0x630 [ 24.790374] ret_from_fork+0x10/0x20 [ 24.792186] [ 24.792302] The buggy address belongs to the object at fff00000c76cf200 [ 24.792302] which belongs to the cache kmalloc-128 of size 128 [ 24.793230] The buggy address is located 105 bytes inside of [ 24.793230] allocated 120-byte region [fff00000c76cf200, fff00000c76cf278) [ 24.793426] [ 24.793475] The buggy address belongs to the physical page: [ 24.793541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 24.793653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.794068] page_type: f5(slab) [ 24.794332] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.794625] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.794773] page dumped because: kasan: bad access detected [ 24.794846] [ 24.794889] Memory state around the buggy address: [ 24.794961] fff00000c76cf100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.795102] fff00000c76cf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.795214] >fff00000c76cf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.795300] ^ [ 24.795427] fff00000c76cf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.795519] fff00000c76cf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.795601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 24.757316] ================================================================== [ 24.757504] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 24.757646] Write of size 8 at addr fff00000c76cf171 by task kunit_try_catch/178 [ 24.757758] [ 24.757843] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.758057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.758211] Hardware name: linux,dummy-virt (DT) [ 24.758330] Call trace: [ 24.758442] show_stack+0x20/0x38 (C) [ 24.758624] dump_stack_lvl+0x8c/0xd0 [ 24.758755] print_report+0x118/0x608 [ 24.758878] kasan_report+0xdc/0x128 [ 24.758998] kasan_check_range+0x100/0x1a8 [ 24.759125] __asan_memset+0x34/0x78 [ 24.759323] kmalloc_oob_memset_8+0x150/0x2f8 [ 24.759471] kunit_try_run_case+0x170/0x3f0 [ 24.759593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.759723] kthread+0x328/0x630 [ 24.759832] ret_from_fork+0x10/0x20 [ 24.759945] [ 24.760028] Allocated by task 178: [ 24.760113] kasan_save_stack+0x3c/0x68 [ 24.760219] kasan_save_track+0x20/0x40 [ 24.760322] kasan_save_alloc_info+0x40/0x58 [ 24.760447] __kasan_kmalloc+0xd4/0xd8 [ 24.760614] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.760758] kmalloc_oob_memset_8+0xb0/0x2f8 [ 24.761019] kunit_try_run_case+0x170/0x3f0 [ 24.761117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.761235] kthread+0x328/0x630 [ 24.761321] ret_from_fork+0x10/0x20 [ 24.761422] [ 24.761471] The buggy address belongs to the object at fff00000c76cf100 [ 24.761471] which belongs to the cache kmalloc-128 of size 128 [ 24.761592] The buggy address is located 113 bytes inside of [ 24.761592] allocated 120-byte region [fff00000c76cf100, fff00000c76cf178) [ 24.762244] [ 24.762626] The buggy address belongs to the physical page: [ 24.762745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 24.763288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.763426] page_type: f5(slab) [ 24.763833] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.763983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.764673] page dumped because: kasan: bad access detected [ 24.764753] [ 24.764797] Memory state around the buggy address: [ 24.764871] fff00000c76cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.765365] fff00000c76cf080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.765680] >fff00000c76cf100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.765996] ^ [ 24.766225] fff00000c76cf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.766336] fff00000c76cf200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.766453] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 24.730238] ================================================================== [ 24.730528] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 24.730774] Write of size 4 at addr fff00000c76cf075 by task kunit_try_catch/176 [ 24.730912] [ 24.731063] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.731450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.731610] Hardware name: linux,dummy-virt (DT) [ 24.731869] Call trace: [ 24.731938] show_stack+0x20/0x38 (C) [ 24.732249] dump_stack_lvl+0x8c/0xd0 [ 24.732604] print_report+0x118/0x608 [ 24.732778] kasan_report+0xdc/0x128 [ 24.733074] kasan_check_range+0x100/0x1a8 [ 24.733202] __asan_memset+0x34/0x78 [ 24.733325] kmalloc_oob_memset_4+0x150/0x300 [ 24.733508] kunit_try_run_case+0x170/0x3f0 [ 24.733686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.733834] kthread+0x328/0x630 [ 24.733964] ret_from_fork+0x10/0x20 [ 24.734084] [ 24.734197] Allocated by task 176: [ 24.734236] kasan_save_stack+0x3c/0x68 [ 24.734288] kasan_save_track+0x20/0x40 [ 24.734417] kasan_save_alloc_info+0x40/0x58 [ 24.734596] __kasan_kmalloc+0xd4/0xd8 [ 24.734774] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.735219] kmalloc_oob_memset_4+0xb0/0x300 [ 24.735346] kunit_try_run_case+0x170/0x3f0 [ 24.735989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.736123] kthread+0x328/0x630 [ 24.736435] ret_from_fork+0x10/0x20 [ 24.736536] [ 24.736628] The buggy address belongs to the object at fff00000c76cf000 [ 24.736628] which belongs to the cache kmalloc-128 of size 128 [ 24.736826] The buggy address is located 117 bytes inside of [ 24.736826] allocated 120-byte region [fff00000c76cf000, fff00000c76cf078) [ 24.737045] [ 24.737430] The buggy address belongs to the physical page: [ 24.737521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cf [ 24.737644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.738049] page_type: f5(slab) [ 24.738220] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.738338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.738831] page dumped because: kasan: bad access detected [ 24.738944] [ 24.739257] Memory state around the buggy address: [ 24.739340] fff00000c76cef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.739970] fff00000c76cef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.740336] >fff00000c76cf000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.740476] ^ [ 24.740572] fff00000c76cf080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.740675] fff00000c76cf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.740765] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 24.706512] ================================================================== [ 24.706983] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 24.707134] Write of size 2 at addr fff00000c63adf77 by task kunit_try_catch/174 [ 24.707481] [ 24.708557] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.709448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.709539] Hardware name: linux,dummy-virt (DT) [ 24.709884] Call trace: [ 24.710153] show_stack+0x20/0x38 (C) [ 24.710299] dump_stack_lvl+0x8c/0xd0 [ 24.710441] print_report+0x118/0x608 [ 24.711311] kasan_report+0xdc/0x128 [ 24.711463] kasan_check_range+0x100/0x1a8 [ 24.711585] __asan_memset+0x34/0x78 [ 24.711731] kmalloc_oob_memset_2+0x150/0x2f8 [ 24.712009] kunit_try_run_case+0x170/0x3f0 [ 24.712202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.712561] kthread+0x328/0x630 [ 24.712705] ret_from_fork+0x10/0x20 [ 24.712918] [ 24.712964] Allocated by task 174: [ 24.713155] kasan_save_stack+0x3c/0x68 [ 24.713365] kasan_save_track+0x20/0x40 [ 24.713478] kasan_save_alloc_info+0x40/0x58 [ 24.713587] __kasan_kmalloc+0xd4/0xd8 [ 24.713761] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.713878] kmalloc_oob_memset_2+0xb0/0x2f8 [ 24.713976] kunit_try_run_case+0x170/0x3f0 [ 24.714084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.714418] kthread+0x328/0x630 [ 24.714521] ret_from_fork+0x10/0x20 [ 24.714810] [ 24.714867] The buggy address belongs to the object at fff00000c63adf00 [ 24.714867] which belongs to the cache kmalloc-128 of size 128 [ 24.715024] The buggy address is located 119 bytes inside of [ 24.715024] allocated 120-byte region [fff00000c63adf00, fff00000c63adf78) [ 24.715182] [ 24.715233] The buggy address belongs to the physical page: [ 24.715362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ad [ 24.715682] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.715870] page_type: f5(slab) [ 24.715963] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.716105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.716201] page dumped because: kasan: bad access detected [ 24.716321] [ 24.716427] Memory state around the buggy address: [ 24.716508] fff00000c63ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.716660] fff00000c63ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.716802] >fff00000c63adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.716898] ^ [ 24.716994] fff00000c63adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.717104] fff00000c63ae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.717240] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 24.639229] ================================================================== [ 24.639309] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 24.639382] Read of size 16 at addr fff00000c5e9dda0 by task kunit_try_catch/170 [ 24.639520] [ 24.639606] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.639834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.640111] Hardware name: linux,dummy-virt (DT) [ 24.640201] Call trace: [ 24.640252] show_stack+0x20/0x38 (C) [ 24.640380] dump_stack_lvl+0x8c/0xd0 [ 24.640530] print_report+0x118/0x608 [ 24.640787] kasan_report+0xdc/0x128 [ 24.641019] __asan_report_load16_noabort+0x20/0x30 [ 24.641243] kmalloc_uaf_16+0x3bc/0x438 [ 24.641499] kunit_try_run_case+0x170/0x3f0 [ 24.641840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.642208] kthread+0x328/0x630 [ 24.642499] ret_from_fork+0x10/0x20 [ 24.643092] [ 24.643147] Allocated by task 170: [ 24.643225] kasan_save_stack+0x3c/0x68 [ 24.643317] kasan_save_track+0x20/0x40 [ 24.643439] kasan_save_alloc_info+0x40/0x58 [ 24.643556] __kasan_kmalloc+0xd4/0xd8 [ 24.643644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.643801] kmalloc_uaf_16+0x140/0x438 [ 24.643926] kunit_try_run_case+0x170/0x3f0 [ 24.644170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.644275] kthread+0x328/0x630 [ 24.644448] ret_from_fork+0x10/0x20 [ 24.644541] [ 24.644584] Freed by task 170: [ 24.644645] kasan_save_stack+0x3c/0x68 [ 24.644767] kasan_save_track+0x20/0x40 [ 24.645017] kasan_save_free_info+0x4c/0x78 [ 24.645268] __kasan_slab_free+0x6c/0x98 [ 24.645358] kfree+0x214/0x3c8 [ 24.645465] kmalloc_uaf_16+0x190/0x438 [ 24.645625] kunit_try_run_case+0x170/0x3f0 [ 24.645758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.645866] kthread+0x328/0x630 [ 24.646012] ret_from_fork+0x10/0x20 [ 24.646093] [ 24.646190] The buggy address belongs to the object at fff00000c5e9dda0 [ 24.646190] which belongs to the cache kmalloc-16 of size 16 [ 24.646320] The buggy address is located 0 bytes inside of [ 24.646320] freed 16-byte region [fff00000c5e9dda0, fff00000c5e9ddb0) [ 24.646471] [ 24.646520] The buggy address belongs to the physical page: [ 24.646591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 24.646717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.646841] page_type: f5(slab) [ 24.646965] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.647148] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.647279] page dumped because: kasan: bad access detected [ 24.647347] [ 24.647406] Memory state around the buggy address: [ 24.647596] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.647700] fff00000c5e9dd00: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.647904] >fff00000c5e9dd80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 24.647990] ^ [ 24.648128] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.648247] fff00000c5e9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.648403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 24.611875] ================================================================== [ 24.612243] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 24.612634] Write of size 16 at addr fff00000c5e9dd40 by task kunit_try_catch/168 [ 24.612968] [ 24.613216] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.613619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.613778] Hardware name: linux,dummy-virt (DT) [ 24.613856] Call trace: [ 24.613913] show_stack+0x20/0x38 (C) [ 24.614078] dump_stack_lvl+0x8c/0xd0 [ 24.614301] print_report+0x118/0x608 [ 24.614478] kasan_report+0xdc/0x128 [ 24.614647] __asan_report_store16_noabort+0x20/0x30 [ 24.614779] kmalloc_oob_16+0x3a0/0x3f8 [ 24.614931] kunit_try_run_case+0x170/0x3f0 [ 24.615052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.615183] kthread+0x328/0x630 [ 24.615295] ret_from_fork+0x10/0x20 [ 24.615433] [ 24.615479] Allocated by task 168: [ 24.615545] kasan_save_stack+0x3c/0x68 [ 24.615765] kasan_save_track+0x20/0x40 [ 24.615855] kasan_save_alloc_info+0x40/0x58 [ 24.615949] __kasan_kmalloc+0xd4/0xd8 [ 24.616037] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.616131] kmalloc_oob_16+0xb4/0x3f8 [ 24.616223] kunit_try_run_case+0x170/0x3f0 [ 24.616312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.616448] kthread+0x328/0x630 [ 24.616600] ret_from_fork+0x10/0x20 [ 24.616734] [ 24.616788] The buggy address belongs to the object at fff00000c5e9dd40 [ 24.616788] which belongs to the cache kmalloc-16 of size 16 [ 24.616991] The buggy address is located 0 bytes inside of [ 24.616991] allocated 13-byte region [fff00000c5e9dd40, fff00000c5e9dd4d) [ 24.617137] [ 24.617217] The buggy address belongs to the physical page: [ 24.617384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 24.617540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.617661] page_type: f5(slab) [ 24.617757] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.617874] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.617968] page dumped because: kasan: bad access detected [ 24.618061] [ 24.618114] Memory state around the buggy address: [ 24.618249] fff00000c5e9dc00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 24.618431] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.618660] >fff00000c5e9dd00: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 24.618959] ^ [ 24.619049] fff00000c5e9dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.619154] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.619247] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 24.563355] ================================================================== [ 24.563471] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 24.563577] Read of size 1 at addr fff00000c44aac00 by task kunit_try_catch/166 [ 24.563708] [ 24.563788] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.563975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.564037] Hardware name: linux,dummy-virt (DT) [ 24.564106] Call trace: [ 24.564156] show_stack+0x20/0x38 (C) [ 24.564271] dump_stack_lvl+0x8c/0xd0 [ 24.564535] print_report+0x118/0x608 [ 24.564684] kasan_report+0xdc/0x128 [ 24.564914] __asan_report_load1_noabort+0x20/0x30 [ 24.565054] krealloc_uaf+0x4c8/0x520 [ 24.565251] kunit_try_run_case+0x170/0x3f0 [ 24.565472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.565716] kthread+0x328/0x630 [ 24.565912] ret_from_fork+0x10/0x20 [ 24.566047] [ 24.566171] Allocated by task 166: [ 24.566358] kasan_save_stack+0x3c/0x68 [ 24.566484] kasan_save_track+0x20/0x40 [ 24.566609] kasan_save_alloc_info+0x40/0x58 [ 24.566720] __kasan_kmalloc+0xd4/0xd8 [ 24.566867] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.567169] krealloc_uaf+0xc8/0x520 [ 24.567357] kunit_try_run_case+0x170/0x3f0 [ 24.567495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.568060] kthread+0x328/0x630 [ 24.568544] ret_from_fork+0x10/0x20 [ 24.568664] [ 24.568822] Freed by task 166: [ 24.569004] kasan_save_stack+0x3c/0x68 [ 24.570341] kasan_save_track+0x20/0x40 [ 24.570623] kasan_save_free_info+0x4c/0x78 [ 24.570731] __kasan_slab_free+0x6c/0x98 [ 24.571054] kfree+0x214/0x3c8 [ 24.571657] krealloc_uaf+0x12c/0x520 [ 24.571770] kunit_try_run_case+0x170/0x3f0 [ 24.571877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.571999] kthread+0x328/0x630 [ 24.572553] ret_from_fork+0x10/0x20 [ 24.572659] [ 24.572758] The buggy address belongs to the object at fff00000c44aac00 [ 24.572758] which belongs to the cache kmalloc-256 of size 256 [ 24.573975] The buggy address is located 0 bytes inside of [ 24.573975] freed 256-byte region [fff00000c44aac00, fff00000c44aad00) [ 24.574902] [ 24.574967] The buggy address belongs to the physical page: [ 24.575047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044aa [ 24.575191] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.575571] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.575719] page_type: f5(slab) [ 24.575833] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.575967] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.576200] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.576383] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.576515] head: 0bfffe0000000001 ffffc1ffc3112a81 00000000ffffffff 00000000ffffffff [ 24.577339] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.577638] page dumped because: kasan: bad access detected [ 24.577713] [ 24.578061] Memory state around the buggy address: [ 24.578206] fff00000c44aab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.578450] fff00000c44aab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.578612] >fff00000c44aac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.579104] ^ [ 24.579180] fff00000c44aac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.579340] fff00000c44aad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.579499] ================================================================== [ 24.545528] ================================================================== [ 24.545799] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 24.546328] Read of size 1 at addr fff00000c44aac00 by task kunit_try_catch/166 [ 24.546521] [ 24.546610] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.546800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.546861] Hardware name: linux,dummy-virt (DT) [ 24.546931] Call trace: [ 24.546982] show_stack+0x20/0x38 (C) [ 24.547099] dump_stack_lvl+0x8c/0xd0 [ 24.547209] print_report+0x118/0x608 [ 24.547317] kasan_report+0xdc/0x128 [ 24.547444] __kasan_check_byte+0x54/0x70 [ 24.547554] krealloc_noprof+0x44/0x360 [ 24.547681] krealloc_uaf+0x180/0x520 [ 24.547790] kunit_try_run_case+0x170/0x3f0 [ 24.547903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.548024] kthread+0x328/0x630 [ 24.548133] ret_from_fork+0x10/0x20 [ 24.548244] [ 24.548288] Allocated by task 166: [ 24.548353] kasan_save_stack+0x3c/0x68 [ 24.549491] kasan_save_track+0x20/0x40 [ 24.549795] kasan_save_alloc_info+0x40/0x58 [ 24.550282] __kasan_kmalloc+0xd4/0xd8 [ 24.550485] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.550606] krealloc_uaf+0xc8/0x520 [ 24.550731] kunit_try_run_case+0x170/0x3f0 [ 24.550822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.551004] kthread+0x328/0x630 [ 24.551347] ret_from_fork+0x10/0x20 [ 24.551565] [ 24.551634] Freed by task 166: [ 24.551983] kasan_save_stack+0x3c/0x68 [ 24.552554] kasan_save_track+0x20/0x40 [ 24.552647] kasan_save_free_info+0x4c/0x78 [ 24.553012] __kasan_slab_free+0x6c/0x98 [ 24.553943] kfree+0x214/0x3c8 [ 24.554370] krealloc_uaf+0x12c/0x520 [ 24.554507] kunit_try_run_case+0x170/0x3f0 [ 24.554739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.555288] kthread+0x328/0x630 [ 24.555702] ret_from_fork+0x10/0x20 [ 24.555974] [ 24.556162] The buggy address belongs to the object at fff00000c44aac00 [ 24.556162] which belongs to the cache kmalloc-256 of size 256 [ 24.556481] The buggy address is located 0 bytes inside of [ 24.556481] freed 256-byte region [fff00000c44aac00, fff00000c44aad00) [ 24.557023] [ 24.557200] The buggy address belongs to the physical page: [ 24.557316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044aa [ 24.557632] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.558004] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.558180] page_type: f5(slab) [ 24.558365] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.558499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.558624] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.558786] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.558988] head: 0bfffe0000000001 ffffc1ffc3112a81 00000000ffffffff 00000000ffffffff [ 24.559334] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.559515] page dumped because: kasan: bad access detected [ 24.559593] [ 24.559641] Memory state around the buggy address: [ 24.559925] fff00000c44aab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.560090] fff00000c44aab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.560217] >fff00000c44aac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.560350] ^ [ 24.560492] fff00000c44aac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.560679] fff00000c44aad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.560829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 24.458309] ================================================================== [ 24.459373] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 24.459661] Write of size 1 at addr fff00000c772e0ea by task kunit_try_catch/164 [ 24.460559] [ 24.460744] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.460930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.460991] Hardware name: linux,dummy-virt (DT) [ 24.461062] Call trace: [ 24.461111] show_stack+0x20/0x38 (C) [ 24.461241] dump_stack_lvl+0x8c/0xd0 [ 24.463436] print_report+0x118/0x608 [ 24.464205] kasan_report+0xdc/0x128 [ 24.464635] __asan_report_store1_noabort+0x20/0x30 [ 24.465241] krealloc_less_oob_helper+0xae4/0xc50 [ 24.465983] krealloc_large_less_oob+0x20/0x38 [ 24.466107] kunit_try_run_case+0x170/0x3f0 [ 24.467257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.467430] kthread+0x328/0x630 [ 24.467903] ret_from_fork+0x10/0x20 [ 24.468763] [ 24.468817] The buggy address belongs to the physical page: [ 24.469609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.470040] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.470153] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.470277] page_type: f8(unknown) [ 24.470372] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.470507] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.470626] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.470740] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.472574] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.473326] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.474402] page dumped because: kasan: bad access detected [ 24.474679] [ 24.474727] Memory state around the buggy address: [ 24.475565] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.475723] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.476515] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.477067] ^ [ 24.477170] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.477288] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.478575] ================================================================== [ 24.419379] ================================================================== [ 24.419645] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 24.419961] Write of size 1 at addr fff00000c772e0c9 by task kunit_try_catch/164 [ 24.420286] [ 24.420525] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.421214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.421290] Hardware name: linux,dummy-virt (DT) [ 24.421377] Call trace: [ 24.421455] show_stack+0x20/0x38 (C) [ 24.421698] dump_stack_lvl+0x8c/0xd0 [ 24.421913] print_report+0x118/0x608 [ 24.422173] kasan_report+0xdc/0x128 [ 24.422460] __asan_report_store1_noabort+0x20/0x30 [ 24.422760] krealloc_less_oob_helper+0xa48/0xc50 [ 24.423107] krealloc_large_less_oob+0x20/0x38 [ 24.423230] kunit_try_run_case+0x170/0x3f0 [ 24.423357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.423512] kthread+0x328/0x630 [ 24.423658] ret_from_fork+0x10/0x20 [ 24.423998] [ 24.424150] The buggy address belongs to the physical page: [ 24.424351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.424570] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.424693] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.424834] page_type: f8(unknown) [ 24.424939] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.425146] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.425275] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.425495] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.425611] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.425722] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.425813] page dumped because: kasan: bad access detected [ 24.425881] [ 24.426636] Memory state around the buggy address: [ 24.426726] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.426840] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.426951] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.427053] ^ [ 24.427148] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.427256] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.427357] ================================================================== [ 24.428553] ================================================================== [ 24.428668] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 24.428776] Write of size 1 at addr fff00000c772e0d0 by task kunit_try_catch/164 [ 24.429047] [ 24.429127] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.429326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.429410] Hardware name: linux,dummy-virt (DT) [ 24.430578] Call trace: [ 24.430670] show_stack+0x20/0x38 (C) [ 24.430796] dump_stack_lvl+0x8c/0xd0 [ 24.430921] print_report+0x118/0x608 [ 24.431115] kasan_report+0xdc/0x128 [ 24.431303] __asan_report_store1_noabort+0x20/0x30 [ 24.431807] krealloc_less_oob_helper+0xb9c/0xc50 [ 24.432463] krealloc_large_less_oob+0x20/0x38 [ 24.432584] kunit_try_run_case+0x170/0x3f0 [ 24.433078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.433400] kthread+0x328/0x630 [ 24.433811] ret_from_fork+0x10/0x20 [ 24.434135] [ 24.434198] The buggy address belongs to the physical page: [ 24.434277] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.434606] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.434725] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.435043] page_type: f8(unknown) [ 24.435184] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.435303] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.435436] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.435539] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.435648] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.435766] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.435858] page dumped because: kasan: bad access detected [ 24.436005] [ 24.436052] Memory state around the buggy address: [ 24.436201] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.436467] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.436569] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.436654] ^ [ 24.436736] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.436847] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.437101] ================================================================== [ 24.439700] ================================================================== [ 24.439793] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 24.439893] Write of size 1 at addr fff00000c772e0da by task kunit_try_catch/164 [ 24.440001] [ 24.440073] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.440256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.440318] Hardware name: linux,dummy-virt (DT) [ 24.440411] Call trace: [ 24.440465] show_stack+0x20/0x38 (C) [ 24.440577] dump_stack_lvl+0x8c/0xd0 [ 24.440688] print_report+0x118/0x608 [ 24.440797] kasan_report+0xdc/0x128 [ 24.440907] __asan_report_store1_noabort+0x20/0x30 [ 24.441023] krealloc_less_oob_helper+0xa80/0xc50 [ 24.441134] krealloc_large_less_oob+0x20/0x38 [ 24.441267] kunit_try_run_case+0x170/0x3f0 [ 24.441381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.443115] kthread+0x328/0x630 [ 24.443264] ret_from_fork+0x10/0x20 [ 24.443628] [ 24.443768] The buggy address belongs to the physical page: [ 24.444065] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.444197] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.445059] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.445887] page_type: f8(unknown) [ 24.446108] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.446225] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.446340] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.448051] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.448181] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.448360] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.449849] page dumped because: kasan: bad access detected [ 24.450170] [ 24.450274] Memory state around the buggy address: [ 24.450649] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.451300] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.451843] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.452415] ^ [ 24.452508] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.452611] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.452700] ================================================================== [ 24.481074] ================================================================== [ 24.481168] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 24.481285] Write of size 1 at addr fff00000c772e0eb by task kunit_try_catch/164 [ 24.486064] [ 24.486980] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.487332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.487969] Hardware name: linux,dummy-virt (DT) [ 24.488689] Call trace: [ 24.488856] show_stack+0x20/0x38 (C) [ 24.488998] dump_stack_lvl+0x8c/0xd0 [ 24.490363] print_report+0x118/0x608 [ 24.491103] kasan_report+0xdc/0x128 [ 24.491231] __asan_report_store1_noabort+0x20/0x30 [ 24.492131] krealloc_less_oob_helper+0xa58/0xc50 [ 24.492262] krealloc_large_less_oob+0x20/0x38 [ 24.492376] kunit_try_run_case+0x170/0x3f0 [ 24.492512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.494405] kthread+0x328/0x630 [ 24.495016] ret_from_fork+0x10/0x20 [ 24.495209] [ 24.495459] The buggy address belongs to the physical page: [ 24.495732] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.496445] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.497151] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.497289] page_type: f8(unknown) [ 24.497378] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.498807] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.499502] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.499702] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.500459] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.500588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.500680] page dumped because: kasan: bad access detected [ 24.500751] [ 24.501885] Memory state around the buggy address: [ 24.502343] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.502784] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.502944] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.503064] ^ [ 24.503307] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.503488] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.503640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 24.394501] ================================================================== [ 24.394694] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 24.394855] Write of size 1 at addr fff00000c772e0f0 by task kunit_try_catch/162 [ 24.395065] [ 24.395152] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.395422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.395501] Hardware name: linux,dummy-virt (DT) [ 24.395584] Call trace: [ 24.395645] show_stack+0x20/0x38 (C) [ 24.395768] dump_stack_lvl+0x8c/0xd0 [ 24.395933] print_report+0x118/0x608 [ 24.396223] kasan_report+0xdc/0x128 [ 24.396700] __asan_report_store1_noabort+0x20/0x30 [ 24.397647] krealloc_more_oob_helper+0x5c0/0x678 [ 24.397996] krealloc_large_more_oob+0x20/0x38 [ 24.398470] kunit_try_run_case+0x170/0x3f0 [ 24.398960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.399843] kthread+0x328/0x630 [ 24.399984] ret_from_fork+0x10/0x20 [ 24.400143] [ 24.400196] The buggy address belongs to the physical page: [ 24.400297] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.400448] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.400758] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.401038] page_type: f8(unknown) [ 24.401197] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.401406] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.401699] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.401842] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.401974] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.402090] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.402180] page dumped because: kasan: bad access detected [ 24.402249] [ 24.402322] Memory state around the buggy address: [ 24.402463] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.402676] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.402841] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.402937] ^ [ 24.403050] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.403198] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.403287] ================================================================== [ 24.385328] ================================================================== [ 24.385509] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 24.385645] Write of size 1 at addr fff00000c772e0eb by task kunit_try_catch/162 [ 24.385766] [ 24.385897] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.386189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.386264] Hardware name: linux,dummy-virt (DT) [ 24.386383] Call trace: [ 24.386463] show_stack+0x20/0x38 (C) [ 24.386619] dump_stack_lvl+0x8c/0xd0 [ 24.386756] print_report+0x118/0x608 [ 24.386886] kasan_report+0xdc/0x128 [ 24.387014] __asan_report_store1_noabort+0x20/0x30 [ 24.387303] krealloc_more_oob_helper+0x60c/0x678 [ 24.387478] krealloc_large_more_oob+0x20/0x38 [ 24.387821] kunit_try_run_case+0x170/0x3f0 [ 24.387944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.388072] kthread+0x328/0x630 [ 24.388223] ret_from_fork+0x10/0x20 [ 24.388481] [ 24.388533] The buggy address belongs to the physical page: [ 24.388677] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772c [ 24.389027] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.389141] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.389277] page_type: f8(unknown) [ 24.389372] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.389526] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.389946] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.390088] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.390453] head: 0bfffe0000000002 ffffc1ffc31dcb01 00000000ffffffff 00000000ffffffff [ 24.390701] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.390872] page dumped because: kasan: bad access detected [ 24.391028] [ 24.391410] Memory state around the buggy address: [ 24.391515] fff00000c772df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.391977] fff00000c772e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.392278] >fff00000c772e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.392902] ^ [ 24.393041] fff00000c772e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.393159] fff00000c772e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.393444] ================================================================== [ 24.272526] ================================================================== [ 24.272788] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 24.273070] Write of size 1 at addr fff00000c44aaaf0 by task kunit_try_catch/158 [ 24.273405] [ 24.273486] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.273723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.273973] Hardware name: linux,dummy-virt (DT) [ 24.274275] Call trace: [ 24.274336] show_stack+0x20/0x38 (C) [ 24.274526] dump_stack_lvl+0x8c/0xd0 [ 24.275020] print_report+0x118/0x608 [ 24.275161] kasan_report+0xdc/0x128 [ 24.275321] __asan_report_store1_noabort+0x20/0x30 [ 24.275467] krealloc_more_oob_helper+0x5c0/0x678 [ 24.275590] krealloc_more_oob+0x20/0x38 [ 24.275884] kunit_try_run_case+0x170/0x3f0 [ 24.276003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.276513] kthread+0x328/0x630 [ 24.276655] ret_from_fork+0x10/0x20 [ 24.276790] [ 24.276946] Allocated by task 158: [ 24.277052] kasan_save_stack+0x3c/0x68 [ 24.277497] kasan_save_track+0x20/0x40 [ 24.277740] kasan_save_alloc_info+0x40/0x58 [ 24.278187] __kasan_krealloc+0x118/0x178 [ 24.278561] krealloc_noprof+0x128/0x360 [ 24.278774] krealloc_more_oob_helper+0x168/0x678 [ 24.278960] krealloc_more_oob+0x20/0x38 [ 24.279081] kunit_try_run_case+0x170/0x3f0 [ 24.279182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.279328] kthread+0x328/0x630 [ 24.279442] ret_from_fork+0x10/0x20 [ 24.279547] [ 24.279777] The buggy address belongs to the object at fff00000c44aaa00 [ 24.279777] which belongs to the cache kmalloc-256 of size 256 [ 24.279925] The buggy address is located 5 bytes to the right of [ 24.279925] allocated 235-byte region [fff00000c44aaa00, fff00000c44aaaeb) [ 24.280083] [ 24.280140] The buggy address belongs to the physical page: [ 24.280221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044aa [ 24.280358] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.280505] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.280852] page_type: f5(slab) [ 24.281026] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.281294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.281501] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.281840] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.281994] head: 0bfffe0000000001 ffffc1ffc3112a81 00000000ffffffff 00000000ffffffff [ 24.282276] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.282405] page dumped because: kasan: bad access detected [ 24.282490] [ 24.282541] Memory state around the buggy address: [ 24.282668] fff00000c44aa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.282782] fff00000c44aaa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.282895] >fff00000c44aaa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.282995] ^ [ 24.283268] fff00000c44aab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.283409] fff00000c44aab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.283544] ================================================================== [ 24.256636] ================================================================== [ 24.256879] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 24.257112] Write of size 1 at addr fff00000c44aaaeb by task kunit_try_catch/158 [ 24.257553] [ 24.257800] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.258012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.258077] Hardware name: linux,dummy-virt (DT) [ 24.258152] Call trace: [ 24.258212] show_stack+0x20/0x38 (C) [ 24.258454] dump_stack_lvl+0x8c/0xd0 [ 24.258688] print_report+0x118/0x608 [ 24.258814] kasan_report+0xdc/0x128 [ 24.259330] __asan_report_store1_noabort+0x20/0x30 [ 24.259725] krealloc_more_oob_helper+0x60c/0x678 [ 24.259903] krealloc_more_oob+0x20/0x38 [ 24.260131] kunit_try_run_case+0x170/0x3f0 [ 24.260354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.260514] kthread+0x328/0x630 [ 24.260636] ret_from_fork+0x10/0x20 [ 24.260775] [ 24.260829] Allocated by task 158: [ 24.260907] kasan_save_stack+0x3c/0x68 [ 24.261526] kasan_save_track+0x20/0x40 [ 24.261939] kasan_save_alloc_info+0x40/0x58 [ 24.262629] __kasan_krealloc+0x118/0x178 [ 24.263045] krealloc_noprof+0x128/0x360 [ 24.263300] krealloc_more_oob_helper+0x168/0x678 [ 24.263411] krealloc_more_oob+0x20/0x38 [ 24.263499] kunit_try_run_case+0x170/0x3f0 [ 24.263618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.263727] kthread+0x328/0x630 [ 24.263828] ret_from_fork+0x10/0x20 [ 24.263922] [ 24.264040] The buggy address belongs to the object at fff00000c44aaa00 [ 24.264040] which belongs to the cache kmalloc-256 of size 256 [ 24.264214] The buggy address is located 0 bytes to the right of [ 24.264214] allocated 235-byte region [fff00000c44aaa00, fff00000c44aaaeb) [ 24.264629] [ 24.264742] The buggy address belongs to the physical page: [ 24.264820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044aa [ 24.264944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.265069] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.265419] page_type: f5(slab) [ 24.265807] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.265998] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.266125] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 24.266263] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.266423] head: 0bfffe0000000001 ffffc1ffc3112a81 00000000ffffffff 00000000ffffffff [ 24.266541] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.266882] page dumped because: kasan: bad access detected [ 24.267028] [ 24.267074] Memory state around the buggy address: [ 24.267151] fff00000c44aa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.267270] fff00000c44aaa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.267452] >fff00000c44aaa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.267598] ^ [ 24.268030] fff00000c44aab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.268158] fff00000c44aab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.268252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 24.233551] ================================================================== [ 24.233667] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 24.233790] Read of size 1 at addr fff00000c7730000 by task kunit_try_catch/156 [ 24.233913] [ 24.234139] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.234473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.234618] Hardware name: linux,dummy-virt (DT) [ 24.234738] Call trace: [ 24.234832] show_stack+0x20/0x38 (C) [ 24.235040] dump_stack_lvl+0x8c/0xd0 [ 24.235182] print_report+0x118/0x608 [ 24.235314] kasan_report+0xdc/0x128 [ 24.235464] __asan_report_load1_noabort+0x20/0x30 [ 24.235629] page_alloc_uaf+0x328/0x350 [ 24.235924] kunit_try_run_case+0x170/0x3f0 [ 24.236059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.236191] kthread+0x328/0x630 [ 24.236305] ret_from_fork+0x10/0x20 [ 24.236443] [ 24.236542] The buggy address belongs to the physical page: [ 24.236674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 24.236841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.236964] page_type: f0(buddy) [ 24.237149] raw: 0bfffe0000000000 fff00000ff616020 fff00000ff616020 0000000000000000 [ 24.237343] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 24.237505] page dumped because: kasan: bad access detected [ 24.237581] [ 24.237624] Memory state around the buggy address: [ 24.237717] fff00000c772ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.237902] fff00000c772ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.238011] >fff00000c7730000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.238163] ^ [ 24.238274] fff00000c7730080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.238376] fff00000c7730100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.238525] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 24.168516] ================================================================== [ 24.168731] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 24.168881] Free of addr fff00000c641c001 by task kunit_try_catch/152 [ 24.168985] [ 24.169067] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.169271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.169332] Hardware name: linux,dummy-virt (DT) [ 24.169420] Call trace: [ 24.169476] show_stack+0x20/0x38 (C) [ 24.169591] dump_stack_lvl+0x8c/0xd0 [ 24.169703] print_report+0x118/0x608 [ 24.169814] kasan_report_invalid_free+0xc0/0xe8 [ 24.169925] __kasan_kfree_large+0x5c/0xa8 [ 24.170033] free_large_kmalloc+0x64/0x190 [ 24.170146] kfree+0x270/0x3c8 [ 24.170243] kmalloc_large_invalid_free+0x108/0x270 [ 24.170362] kunit_try_run_case+0x170/0x3f0 [ 24.170522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.170722] kthread+0x328/0x630 [ 24.170859] ret_from_fork+0x10/0x20 [ 24.171042] [ 24.171104] The buggy address belongs to the physical page: [ 24.171186] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641c [ 24.171322] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.171462] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.171774] page_type: f8(unknown) [ 24.171882] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.171995] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.172128] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.172244] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.172364] head: 0bfffe0000000002 ffffc1ffc3190701 00000000ffffffff 00000000ffffffff [ 24.172506] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.173059] page dumped because: kasan: bad access detected [ 24.173281] [ 24.173495] Memory state around the buggy address: [ 24.173591] fff00000c641bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.174066] fff00000c641bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.174253] >fff00000c641c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.174428] ^ [ 24.174512] fff00000c641c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.174711] fff00000c641c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.175214] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 24.124988] ================================================================== [ 24.125217] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 24.125553] Read of size 1 at addr fff00000c641c000 by task kunit_try_catch/150 [ 24.125876] [ 24.126107] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.126557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.126677] Hardware name: linux,dummy-virt (DT) [ 24.126814] Call trace: [ 24.126878] show_stack+0x20/0x38 (C) [ 24.127155] dump_stack_lvl+0x8c/0xd0 [ 24.127292] print_report+0x118/0x608 [ 24.127426] kasan_report+0xdc/0x128 [ 24.128265] __asan_report_load1_noabort+0x20/0x30 [ 24.128901] kmalloc_large_uaf+0x2cc/0x2f8 [ 24.129458] kunit_try_run_case+0x170/0x3f0 [ 24.129791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.130248] kthread+0x328/0x630 [ 24.130890] ret_from_fork+0x10/0x20 [ 24.131048] [ 24.131105] The buggy address belongs to the physical page: [ 24.131188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641c [ 24.131310] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.132180] raw: 0bfffe0000000000 fff00000da47fe00 fff00000da47fe00 0000000000000000 [ 24.132925] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.133321] page dumped because: kasan: bad access detected [ 24.133683] [ 24.133731] Memory state around the buggy address: [ 24.134322] fff00000c641bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.134460] fff00000c641bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.135231] >fff00000c641c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.135325] ^ [ 24.135590] fff00000c641c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.135844] fff00000c641c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.135937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 24.097075] ================================================================== [ 24.097724] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 24.098206] Write of size 1 at addr fff00000c641e00a by task kunit_try_catch/148 [ 24.098334] [ 24.098430] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.100171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.100615] Hardware name: linux,dummy-virt (DT) [ 24.100731] Call trace: [ 24.101097] show_stack+0x20/0x38 (C) [ 24.101713] dump_stack_lvl+0x8c/0xd0 [ 24.102025] print_report+0x118/0x608 [ 24.102176] kasan_report+0xdc/0x128 [ 24.102283] __asan_report_store1_noabort+0x20/0x30 [ 24.102592] kmalloc_large_oob_right+0x278/0x2b8 [ 24.103006] kunit_try_run_case+0x170/0x3f0 [ 24.103906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.104359] kthread+0x328/0x630 [ 24.104713] ret_from_fork+0x10/0x20 [ 24.105223] [ 24.105596] The buggy address belongs to the physical page: [ 24.105678] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10641c [ 24.105834] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.105956] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.106648] page_type: f8(unknown) [ 24.106818] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.106936] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.107093] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.107225] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.107360] head: 0bfffe0000000002 ffffc1ffc3190701 00000000ffffffff 00000000ffffffff [ 24.107615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.107739] page dumped because: kasan: bad access detected [ 24.107865] [ 24.107914] Memory state around the buggy address: [ 24.108022] fff00000c641df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.108118] fff00000c641df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.108207] >fff00000c641e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.108288] ^ [ 24.108353] fff00000c641e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.108464] fff00000c641e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.108545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 24.057939] ================================================================== [ 24.058103] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 24.058251] Write of size 1 at addr fff00000c7709f00 by task kunit_try_catch/146 [ 24.058376] [ 24.058548] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.058870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.058935] Hardware name: linux,dummy-virt (DT) [ 24.059091] Call trace: [ 24.059152] show_stack+0x20/0x38 (C) [ 24.059293] dump_stack_lvl+0x8c/0xd0 [ 24.059562] print_report+0x118/0x608 [ 24.059808] kasan_report+0xdc/0x128 [ 24.059926] __asan_report_store1_noabort+0x20/0x30 [ 24.060108] kmalloc_big_oob_right+0x2a4/0x2f0 [ 24.060252] kunit_try_run_case+0x170/0x3f0 [ 24.060382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.062498] kthread+0x328/0x630 [ 24.062641] ret_from_fork+0x10/0x20 [ 24.062787] [ 24.062832] Allocated by task 146: [ 24.062907] kasan_save_stack+0x3c/0x68 [ 24.063008] kasan_save_track+0x20/0x40 [ 24.063097] kasan_save_alloc_info+0x40/0x58 [ 24.063207] __kasan_kmalloc+0xd4/0xd8 [ 24.063308] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.063463] kmalloc_big_oob_right+0xb8/0x2f0 [ 24.063777] kunit_try_run_case+0x170/0x3f0 [ 24.066422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.066558] kthread+0x328/0x630 [ 24.066655] ret_from_fork+0x10/0x20 [ 24.066745] [ 24.066823] The buggy address belongs to the object at fff00000c7708000 [ 24.066823] which belongs to the cache kmalloc-8k of size 8192 [ 24.066952] The buggy address is located 0 bytes to the right of [ 24.066952] allocated 7936-byte region [fff00000c7708000, fff00000c7709f00) [ 24.067513] [ 24.067745] The buggy address belongs to the physical page: [ 24.067823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107708 [ 24.068225] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.068573] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.068857] page_type: f5(slab) [ 24.070208] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 24.070480] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.070844] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 24.070996] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.071127] head: 0bfffe0000000003 ffffc1ffc31dc201 00000000ffffffff 00000000ffffffff [ 24.071552] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 24.071648] page dumped because: kasan: bad access detected [ 24.071719] [ 24.071773] Memory state around the buggy address: [ 24.071847] fff00000c7709e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.071949] fff00000c7709e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.072099] >fff00000c7709f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.072190] ^ [ 24.072272] fff00000c7709f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.072406] fff00000c770a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.072500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 24.003655] ================================================================== [ 24.003805] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 24.003947] Write of size 1 at addr fff00000c63ad878 by task kunit_try_catch/144 [ 24.004065] [ 24.004149] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 24.004335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.004415] Hardware name: linux,dummy-virt (DT) [ 24.004490] Call trace: [ 24.004764] show_stack+0x20/0x38 (C) [ 24.004910] dump_stack_lvl+0x8c/0xd0 [ 24.005047] print_report+0x118/0x608 [ 24.005198] kasan_report+0xdc/0x128 [ 24.005328] __asan_report_store1_noabort+0x20/0x30 [ 24.005546] kmalloc_track_caller_oob_right+0x40c/0x488 [ 24.005819] kunit_try_run_case+0x170/0x3f0 [ 24.006071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.006228] kthread+0x328/0x630 [ 24.006603] ret_from_fork+0x10/0x20 [ 24.007163] [ 24.007235] Allocated by task 144: [ 24.007315] kasan_save_stack+0x3c/0x68 [ 24.007808] kasan_save_track+0x20/0x40 [ 24.007897] kasan_save_alloc_info+0x40/0x58 [ 24.008042] __kasan_kmalloc+0xd4/0xd8 [ 24.008143] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 24.008253] kmalloc_track_caller_oob_right+0xa8/0x488 [ 24.008366] kunit_try_run_case+0x170/0x3f0 [ 24.008494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.008599] kthread+0x328/0x630 [ 24.008690] ret_from_fork+0x10/0x20 [ 24.008791] [ 24.008845] The buggy address belongs to the object at fff00000c63ad800 [ 24.008845] which belongs to the cache kmalloc-128 of size 128 [ 24.008986] The buggy address is located 0 bytes to the right of [ 24.008986] allocated 120-byte region [fff00000c63ad800, fff00000c63ad878) [ 24.009153] [ 24.009226] The buggy address belongs to the physical page: [ 24.009307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ad [ 24.010455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.010664] page_type: f5(slab) [ 24.010770] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.010933] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.011047] page dumped because: kasan: bad access detected [ 24.011299] [ 24.011466] Memory state around the buggy address: [ 24.011597] fff00000c63ad700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.011760] fff00000c63ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.011874] >fff00000c63ad800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.011974] ^ [ 24.012328] fff00000c63ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.012470] fff00000c63ad900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.012681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 23.960867] ================================================================== [ 23.961021] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 23.961295] Read of size 1 at addr fff00000c642f000 by task kunit_try_catch/142 [ 23.961445] [ 23.961538] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 23.961752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.962034] Hardware name: linux,dummy-virt (DT) [ 23.962165] Call trace: [ 23.962622] show_stack+0x20/0x38 (C) [ 23.962909] dump_stack_lvl+0x8c/0xd0 [ 23.963149] print_report+0x118/0x608 [ 23.963283] kasan_report+0xdc/0x128 [ 23.963493] __asan_report_load1_noabort+0x20/0x30 [ 23.963625] kmalloc_node_oob_right+0x2f4/0x330 [ 23.963749] kunit_try_run_case+0x170/0x3f0 [ 23.963929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.964083] kthread+0x328/0x630 [ 23.964223] ret_from_fork+0x10/0x20 [ 23.964361] [ 23.964425] Allocated by task 142: [ 23.964499] kasan_save_stack+0x3c/0x68 [ 23.964592] kasan_save_track+0x20/0x40 [ 23.964842] kasan_save_alloc_info+0x40/0x58 [ 23.965122] __kasan_kmalloc+0xd4/0xd8 [ 23.965825] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 23.966149] kmalloc_node_oob_right+0xbc/0x330 [ 23.966367] kunit_try_run_case+0x170/0x3f0 [ 23.966486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.967061] kthread+0x328/0x630 [ 23.967236] ret_from_fork+0x10/0x20 [ 23.967490] [ 23.967588] The buggy address belongs to the object at fff00000c642e000 [ 23.967588] which belongs to the cache kmalloc-4k of size 4096 [ 23.967910] The buggy address is located 0 bytes to the right of [ 23.967910] allocated 4096-byte region [fff00000c642e000, fff00000c642f000) [ 23.968219] [ 23.968431] The buggy address belongs to the physical page: [ 23.968771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106428 [ 23.969978] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.970119] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 23.970540] page_type: f5(slab) [ 23.970988] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 23.971198] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 23.971343] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 23.971690] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 23.972120] head: 0bfffe0000000003 ffffc1ffc3190a01 00000000ffffffff 00000000ffffffff [ 23.972354] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 23.972484] page dumped because: kasan: bad access detected [ 23.972994] [ 23.973152] Memory state around the buggy address: [ 23.973310] fff00000c642ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.973565] fff00000c642ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.973828] >fff00000c642f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.974143] ^ [ 23.974267] fff00000c642f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.974740] fff00000c642f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.974852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 23.923731] ================================================================== [ 23.923871] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 23.924006] Read of size 1 at addr fff00000c5e9dd1f by task kunit_try_catch/140 [ 23.924121] [ 23.924203] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 23.924413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.924479] Hardware name: linux,dummy-virt (DT) [ 23.924553] Call trace: [ 23.924609] show_stack+0x20/0x38 (C) [ 23.924830] dump_stack_lvl+0x8c/0xd0 [ 23.924964] print_report+0x118/0x608 [ 23.925110] kasan_report+0xdc/0x128 [ 23.925240] __asan_report_load1_noabort+0x20/0x30 [ 23.926581] kmalloc_oob_left+0x2ec/0x320 [ 23.926743] kunit_try_run_case+0x170/0x3f0 [ 23.926811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.926876] kthread+0x328/0x630 [ 23.927029] ret_from_fork+0x10/0x20 [ 23.927153] [ 23.927198] Allocated by task 9: [ 23.927269] kasan_save_stack+0x3c/0x68 [ 23.927366] kasan_save_track+0x20/0x40 [ 23.927545] kasan_save_alloc_info+0x40/0x58 [ 23.927694] __kasan_kmalloc+0xd4/0xd8 [ 23.927790] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 23.927935] kvasprintf+0xe0/0x180 [ 23.928124] __kthread_create_on_node+0x16c/0x350 [ 23.928234] kthread_create_on_node+0xe4/0x130 [ 23.928435] create_worker+0x380/0x6b8 [ 23.928669] worker_thread+0x808/0xf38 [ 23.928914] kthread+0x328/0x630 [ 23.929066] ret_from_fork+0x10/0x20 [ 23.929233] [ 23.929318] The buggy address belongs to the object at fff00000c5e9dd00 [ 23.929318] which belongs to the cache kmalloc-16 of size 16 [ 23.929550] The buggy address is located 19 bytes to the right of [ 23.929550] allocated 12-byte region [fff00000c5e9dd00, fff00000c5e9dd0c) [ 23.929714] [ 23.929854] The buggy address belongs to the physical page: [ 23.930007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9d [ 23.930197] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.930706] page_type: f5(slab) [ 23.930822] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 23.930955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.932269] page dumped because: kasan: bad access detected [ 23.932352] [ 23.932449] Memory state around the buggy address: [ 23.932536] fff00000c5e9dc00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 23.932647] fff00000c5e9dc80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.932753] >fff00000c5e9dd00: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 23.932844] ^ [ 23.932950] fff00000c5e9dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.933104] fff00000c5e9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.933374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 23.888473] ================================================================== [ 23.889150] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 23.889403] Read of size 1 at addr fff00000c63ad780 by task kunit_try_catch/138 [ 23.889531] [ 23.890023] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 23.890259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.890646] Hardware name: linux,dummy-virt (DT) [ 23.891073] Call trace: [ 23.891471] show_stack+0x20/0x38 (C) [ 23.891626] dump_stack_lvl+0x8c/0xd0 [ 23.891752] print_report+0x118/0x608 [ 23.891947] kasan_report+0xdc/0x128 [ 23.892213] __asan_report_load1_noabort+0x20/0x30 [ 23.892352] kmalloc_oob_right+0x5d0/0x660 [ 23.892513] kunit_try_run_case+0x170/0x3f0 [ 23.892708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.892844] kthread+0x328/0x630 [ 23.892954] ret_from_fork+0x10/0x20 [ 23.893075] [ 23.893752] Allocated by task 138: [ 23.893869] kasan_save_stack+0x3c/0x68 [ 23.893972] kasan_save_track+0x20/0x40 [ 23.894192] kasan_save_alloc_info+0x40/0x58 [ 23.894286] __kasan_kmalloc+0xd4/0xd8 [ 23.894369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.894485] kmalloc_oob_right+0xb0/0x660 [ 23.894964] kunit_try_run_case+0x170/0x3f0 [ 23.895220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.895817] kthread+0x328/0x630 [ 23.896150] ret_from_fork+0x10/0x20 [ 23.896258] [ 23.896308] The buggy address belongs to the object at fff00000c63ad700 [ 23.896308] which belongs to the cache kmalloc-128 of size 128 [ 23.896452] The buggy address is located 13 bytes to the right of [ 23.896452] allocated 115-byte region [fff00000c63ad700, fff00000c63ad773) [ 23.896641] [ 23.896701] The buggy address belongs to the physical page: [ 23.896779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ad [ 23.896888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.896999] page_type: f5(slab) [ 23.897148] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.897701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.897800] page dumped because: kasan: bad access detected [ 23.897873] [ 23.897952] Memory state around the buggy address: [ 23.898144] fff00000c63ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.898247] fff00000c63ad700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.898343] >fff00000c63ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.898454] ^ [ 23.898778] fff00000c63ad800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.898897] fff00000c63ad880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.898999] ================================================================== [ 23.871654] ================================================================== [ 23.871743] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 23.871847] Write of size 1 at addr fff00000c63ad778 by task kunit_try_catch/138 [ 23.871954] [ 23.872028] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 23.873738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.874071] Hardware name: linux,dummy-virt (DT) [ 23.874763] Call trace: [ 23.875428] show_stack+0x20/0x38 (C) [ 23.875704] dump_stack_lvl+0x8c/0xd0 [ 23.875867] print_report+0x118/0x608 [ 23.876290] kasan_report+0xdc/0x128 [ 23.876418] __asan_report_store1_noabort+0x20/0x30 [ 23.876541] kmalloc_oob_right+0x538/0x660 [ 23.876898] kunit_try_run_case+0x170/0x3f0 [ 23.877264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.877481] kthread+0x328/0x630 [ 23.878415] ret_from_fork+0x10/0x20 [ 23.878717] [ 23.878829] Allocated by task 138: [ 23.878914] kasan_save_stack+0x3c/0x68 [ 23.879011] kasan_save_track+0x20/0x40 [ 23.879137] kasan_save_alloc_info+0x40/0x58 [ 23.879305] __kasan_kmalloc+0xd4/0xd8 [ 23.879571] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.879851] kmalloc_oob_right+0xb0/0x660 [ 23.880040] kunit_try_run_case+0x170/0x3f0 [ 23.880493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.880645] kthread+0x328/0x630 [ 23.881151] ret_from_fork+0x10/0x20 [ 23.881325] [ 23.881670] The buggy address belongs to the object at fff00000c63ad700 [ 23.881670] which belongs to the cache kmalloc-128 of size 128 [ 23.882017] The buggy address is located 5 bytes to the right of [ 23.882017] allocated 115-byte region [fff00000c63ad700, fff00000c63ad773) [ 23.882678] [ 23.882741] The buggy address belongs to the physical page: [ 23.882837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ad [ 23.882976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.883256] page_type: f5(slab) [ 23.883635] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.883929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.884276] page dumped because: kasan: bad access detected [ 23.884354] [ 23.884957] Memory state around the buggy address: [ 23.885037] fff00000c63ad600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.885231] fff00000c63ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.885440] >fff00000c63ad700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.885582] ^ [ 23.885840] fff00000c63ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.886136] fff00000c63ad800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.886229] ================================================================== [ 23.861740] ================================================================== [ 23.862164] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 23.863662] Write of size 1 at addr fff00000c63ad773 by task kunit_try_catch/138 [ 23.863802] [ 23.864800] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.4-rc1 #1 PREEMPT [ 23.864985] Tainted: [N]=TEST [ 23.865031] Hardware name: linux,dummy-virt (DT) [ 23.865320] Call trace: [ 23.865560] show_stack+0x20/0x38 (C) [ 23.865745] dump_stack_lvl+0x8c/0xd0 [ 23.865832] print_report+0x118/0x608 [ 23.865895] kasan_report+0xdc/0x128 [ 23.865951] __asan_report_store1_noabort+0x20/0x30 [ 23.866013] kmalloc_oob_right+0x5a4/0x660 [ 23.866070] kunit_try_run_case+0x170/0x3f0 [ 23.866134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.866199] kthread+0x328/0x630 [ 23.866258] ret_from_fork+0x10/0x20 [ 23.866479] [ 23.866534] Allocated by task 138: [ 23.866779] kasan_save_stack+0x3c/0x68 [ 23.866970] kasan_save_track+0x20/0x40 [ 23.867027] kasan_save_alloc_info+0x40/0x58 [ 23.867075] __kasan_kmalloc+0xd4/0xd8 [ 23.867116] __kmalloc_cache_noprof+0x16c/0x3c0 [ 23.867165] kmalloc_oob_right+0xb0/0x660 [ 23.867211] kunit_try_run_case+0x170/0x3f0 [ 23.867257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.867309] kthread+0x328/0x630 [ 23.867352] ret_from_fork+0x10/0x20 [ 23.867454] [ 23.867533] The buggy address belongs to the object at fff00000c63ad700 [ 23.867533] which belongs to the cache kmalloc-128 of size 128 [ 23.867653] The buggy address is located 0 bytes to the right of [ 23.867653] allocated 115-byte region [fff00000c63ad700, fff00000c63ad773) [ 23.867737] [ 23.867838] The buggy address belongs to the physical page: [ 23.868096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ad [ 23.868439] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 23.868797] page_type: f5(slab) [ 23.869157] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 23.869249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.869403] page dumped because: kasan: bad access detected [ 23.869464] [ 23.869499] Memory state around the buggy address: [ 23.869755] fff00000c63ad600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.869842] fff00000c63ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.869915] >fff00000c63ad700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.869985] ^ [ 23.870087] fff00000c63ad780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.870140] fff00000c63ad800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.870219] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 116.673509] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 116.675817] Modules linked in: [ 116.676656] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT [ 116.678553] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 116.679160] Hardware name: linux,dummy-virt (DT) [ 116.679749] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 116.680876] pc : intlog10+0x38/0x48 [ 116.681521] lr : intlog10_test+0xe4/0x200 [ 116.682014] sp : ffff8000822e7c10 [ 116.682459] x29: ffff8000822e7c90 x28: 0000000000000000 x27: 0000000000000000 [ 116.683615] x26: 1ffe00001913afa1 x25: 0000000000000000 x24: ffff8000822e7ce0 [ 116.684583] x23: ffff8000822e7d00 x22: 0000000000000000 x21: 1ffff0001045cf82 [ 116.685540] x20: ffffa42c36035180 x19: ffff800080087990 x18: 000000003390c38c [ 116.686476] x17: 00000000cf2e2a30 x16: fff00000c096dc3c x15: fff00000ff616b08 [ 116.687540] x14: 00000000f1f1f1f1 x13: 1ffe00001b493c1d x12: ffff7485873b9b71 [ 116.688222] x11: 1ffff485873b9b70 x10: ffff7485873b9b70 x9 : ffffa42c336157e4 [ 116.689214] x8 : ffffa42c39dcdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 116.690221] x5 : ffff70001045cf82 x4 : 1ffff00010010f3a x3 : 1ffff48586c06a30 [ 116.691216] x2 : 1ffff48586c06a30 x1 : 0000000000000003 x0 : 0000000000000000 [ 116.691956] Call trace: [ 116.692408] intlog10+0x38/0x48 (P) [ 116.693155] kunit_try_run_case+0x170/0x3f0 [ 116.693729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 116.694488] kthread+0x328/0x630 [ 116.695067] ret_from_fork+0x10/0x20 [ 116.695639] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 116.584281] WARNING: CPU: 1 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 116.588503] Modules linked in: [ 116.589193] CPU: 1 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.4-rc1 #1 PREEMPT [ 116.591036] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 116.591532] Hardware name: linux,dummy-virt (DT) [ 116.592097] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 116.593365] pc : intlog2+0xd8/0xf8 [ 116.593853] lr : intlog2_test+0xe4/0x200 [ 116.594359] sp : ffff800082267c10 [ 116.595259] x29: ffff800082267c90 x28: 0000000000000000 x27: 0000000000000000 [ 116.596138] x26: 1ffe000019199b81 x25: 0000000000000000 x24: ffff800082267ce0 [ 116.597209] x23: ffff800082267d00 x22: 0000000000000000 x21: 1ffff0001044cf82 [ 116.598296] x20: ffffa42c36035080 x19: ffff800080087990 x18: 00000000fbd7a821 [ 116.599293] x17: 000000002b828ed3 x16: fff00000c096e03c x15: fff00000ff616b08 [ 116.600206] x14: 00000000f1f1f1f1 x13: 1ffe00001b48f81d x12: ffff7485873b9b71 [ 116.601087] x11: 1ffff485873b9b70 x10: ffff7485873b9b70 x9 : ffffa42c336159e4 [ 116.602082] x8 : ffffa42c39dcdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 116.603093] x5 : ffff70001044cf82 x4 : 1ffff00010010f3a x3 : 1ffff48586c06a10 [ 116.604374] x2 : 1ffff48586c06a10 x1 : 0000000000000003 x0 : 0000000000000000 [ 116.605064] Call trace: [ 116.605406] intlog2+0xd8/0xf8 (P) [ 116.605849] kunit_try_run_case+0x170/0x3f0 [ 116.606250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 116.607853] kthread+0x328/0x630 [ 116.608313] ret_from_fork+0x10/0x20 [ 116.608906] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 115.244743] Internal error: Oops: 0000000096000005 [#1] SMP [ 115.251761] Modules linked in: [ 115.252758] CPU: 1 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT [ 115.254343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 115.254992] Hardware name: linux,dummy-virt (DT) [ 115.255679] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 115.256660] pc : kunit_test_null_dereference+0x70/0x170 [ 115.257354] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 115.258060] sp : ffff800081f77d30 [ 115.258642] x29: ffff800081f77d90 x28: 0000000000000000 x27: 0000000000000000 [ 115.259867] x26: 1ffe000018e0c9a1 x25: 0000000000000000 x24: 0000000000000004 [ 115.260794] x23: fff00000c7064d0c x22: ffffa42c33602dc0 x21: fff00000c135aa88 [ 115.261742] x20: 1ffff000103eefa6 x19: ffff800080087990 x18: 00000000ed3f360f [ 115.262757] x17: 000000008e86f180 x16: 000000001883cf27 x15: 000000002f8071d9 [ 115.264294] x14: 00000000c74ca36a x13: 0000000000000005 x12: fffd800019129b3c [ 115.264974] x11: 1ffe000019129b3b x10: fffd800019129b3b x9 : ffffa42c335fa228 [ 115.266044] x8 : ffff800081f77c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 115.267324] x5 : ffff7000103eefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 115.268280] x2 : dfff800000000000 x1 : fff00000c894d100 x0 : ffff800080087990 [ 115.269366] Call trace: [ 115.269818] kunit_test_null_dereference+0x70/0x170 (P) [ 115.270510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 115.271156] kthread+0x328/0x630 [ 115.271744] ret_from_fork+0x10/0x20 [ 115.272782] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 115.273809] ---[ end trace 0000000000000000 ]---