Date
July 4, 2025, 3:11 p.m.
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.708522] ================================================================== [ 20.708603] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.708603] [ 20.708672] Invalid free of 0x00000000979010a2 (in kfence-#96): [ 20.708724] test_invalid_addr_free+0xec/0x238 [ 20.708766] kunit_try_run_case+0x170/0x3f0 [ 20.708809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.708854] kthread+0x328/0x630 [ 20.708895] ret_from_fork+0x10/0x20 [ 20.708935] [ 20.708959] kfence-#96: 0x000000003b77063b-0x00000000b78f1bf2, size=32, cache=test [ 20.708959] [ 20.709010] allocated by task 314 on cpu 1 at 20.708415s (0.000591s ago): [ 20.709071] test_alloc+0x230/0x628 [ 20.709108] test_invalid_addr_free+0xd4/0x238 [ 20.709148] kunit_try_run_case+0x170/0x3f0 [ 20.709188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.709232] kthread+0x328/0x630 [ 20.709270] ret_from_fork+0x10/0x20 [ 20.709310] [ 20.709350] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.709426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.709454] Hardware name: linux,dummy-virt (DT) [ 20.709488] ================================================================== [ 20.604836] ================================================================== [ 20.604900] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.604900] [ 20.604962] Invalid free of 0x00000000e26a7fab (in kfence-#95): [ 20.605013] test_invalid_addr_free+0x1ac/0x238 [ 20.605238] kunit_try_run_case+0x170/0x3f0 [ 20.605408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.605462] kthread+0x328/0x630 [ 20.605520] ret_from_fork+0x10/0x20 [ 20.605598] [ 20.605726] kfence-#95: 0x00000000a5d27c5a-0x00000000dcdd7ca3, size=32, cache=kmalloc-32 [ 20.605726] [ 20.605804] allocated by task 312 on cpu 1 at 20.604717s (0.001069s ago): [ 20.605975] test_alloc+0x29c/0x628 [ 20.606023] test_invalid_addr_free+0xd4/0x238 [ 20.606064] kunit_try_run_case+0x170/0x3f0 [ 20.606193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.606245] kthread+0x328/0x630 [ 20.606523] ret_from_fork+0x10/0x20 [ 20.606581] [ 20.606637] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.606776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.606828] Hardware name: linux,dummy-virt (DT) [ 20.606891] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.256588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 18.152162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 18.101093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 18.219940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 18.037949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ec/0x4858 [ 18.118599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.981085] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.920784] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.942065] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.172314] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.179307] Modules linked in: [ 94.180881] CPU: 0 UID: 0 PID: 537 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 94.182110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.182686] Hardware name: linux,dummy-virt (DT) [ 94.183395] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.184296] pc : kunit_test_null_dereference+0x70/0x170 [ 94.185022] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.185744] sp : ffff800080f97d30 [ 94.186259] x29: ffff800080f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.187251] x26: 1ffe000018ddd901 x25: 0000000000000000 x24: 0000000000000004 [ 94.188223] x23: fff00000c6eec80c x22: ffffaa35fda024e0 x21: fff00000c3e14d88 [ 94.189103] x20: 1ffff000101f2fa6 x19: ffff800080087990 x18: 000000005e2ed021 [ 94.189461] x17: 0000000000000001 x16: fff00000c096dc3c x15: fff00000ff616b08 [ 94.190142] x14: 00000000f1f1f1f1 x13: 1ffe00001b49381d x12: fffd800018fad11c [ 94.190492] x11: 1ffe000018fad11b x10: fffd800018fad11b x9 : ffffaa35fd9f9948 [ 94.191350] x8 : ffff800080f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.192186] x5 : ffff7000101f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.193108] x2 : dfff800000000000 x1 : fff00000c7d68000 x0 : ffff800080087990 [ 94.193893] Call trace: [ 94.194218] kunit_test_null_dereference+0x70/0x170 (P) [ 94.194777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.195173] kthread+0x328/0x630 [ 94.195360] ret_from_fork+0x10/0x20 [ 94.195813] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.196913] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.628928] ================================================================== [ 49.628987] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.628987] [ 49.629063] Use-after-free read at 0x00000000e7b3c9e4 (in kfence-#159): [ 49.629111] test_krealloc+0x51c/0x830 [ 49.629153] kunit_try_run_case+0x170/0x3f0 [ 49.629199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.629243] kthread+0x328/0x630 [ 49.629286] ret_from_fork+0x10/0x20 [ 49.629325] [ 49.629350] kfence-#159: 0x00000000e7b3c9e4-0x00000000a283aafb, size=32, cache=kmalloc-32 [ 49.629350] [ 49.629402] allocated by task 342 on cpu 1 at 49.628327s (0.001072s ago): [ 49.629468] test_alloc+0x29c/0x628 [ 49.629507] test_krealloc+0xc0/0x830 [ 49.629543] kunit_try_run_case+0x170/0x3f0 [ 49.629584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.629642] kthread+0x328/0x630 [ 49.629681] ret_from_fork+0x10/0x20 [ 49.629721] [ 49.629743] freed by task 342 on cpu 1 at 49.628528s (0.001212s ago): [ 49.629803] krealloc_noprof+0x148/0x360 [ 49.629841] test_krealloc+0x1dc/0x830 [ 49.629879] kunit_try_run_case+0x170/0x3f0 [ 49.629920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.629964] kthread+0x328/0x630 [ 49.630009] ret_from_fork+0x10/0x20 [ 49.630048] [ 49.630088] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 49.630163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.630195] Hardware name: linux,dummy-virt (DT) [ 49.630230] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.556766] ================================================================== [ 49.556858] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.556858] [ 49.556952] Use-after-free read at 0x00000000f6bfe689 (in kfence-#158): [ 49.557006] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.557053] kunit_try_run_case+0x170/0x3f0 [ 49.557100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.557145] kthread+0x328/0x630 [ 49.557188] ret_from_fork+0x10/0x20 [ 49.557229] [ 49.557253] kfence-#158: 0x00000000f6bfe689-0x000000007b5f25cc, size=32, cache=test [ 49.557253] [ 49.557304] allocated by task 340 on cpu 0 at 49.520508s (0.036792s ago): [ 49.557375] test_alloc+0x230/0x628 [ 49.557414] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.557456] kunit_try_run_case+0x170/0x3f0 [ 49.557496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.557540] kthread+0x328/0x630 [ 49.557578] ret_from_fork+0x10/0x20 [ 49.557614] [ 49.557653] freed by task 340 on cpu 0 at 49.520617s (0.037032s ago): [ 49.557709] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.557750] kunit_try_run_case+0x170/0x3f0 [ 49.557789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.557833] kthread+0x328/0x630 [ 49.557872] ret_from_fork+0x10/0x20 [ 49.557910] [ 49.557955] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 49.558038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.558068] Hardware name: linux,dummy-virt (DT) [ 49.558103] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.972411] ================================================================== [ 26.972575] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.972575] [ 26.972702] Invalid read at 0x0000000076b27657: [ 26.972769] test_invalid_access+0xdc/0x1f0 [ 26.972866] kunit_try_run_case+0x170/0x3f0 [ 26.973086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.973138] kthread+0x328/0x630 [ 26.973691] ret_from_fork+0x10/0x20 [ 26.974069] [ 26.974579] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 26.974777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.975025] Hardware name: linux,dummy-virt (DT) [ 26.975344] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.744708] ================================================================== [ 26.744812] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.744812] [ 26.744874] Corrupted memory at 0x00000000e7c89723 [ ! . . . . . . . . . . . . . . . ] (in kfence-#154): [ 26.745185] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.745231] kunit_try_run_case+0x170/0x3f0 [ 26.745274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.745319] kthread+0x328/0x630 [ 26.745361] ret_from_fork+0x10/0x20 [ 26.745401] [ 26.745425] kfence-#154: 0x000000007d048433-0x0000000057c887a1, size=73, cache=kmalloc-96 [ 26.745425] [ 26.745479] allocated by task 330 on cpu 1 at 26.744458s (0.001018s ago): [ 26.745541] test_alloc+0x29c/0x628 [ 26.745580] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.745621] kunit_try_run_case+0x170/0x3f0 [ 26.745673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.745717] kthread+0x328/0x630 [ 26.745757] ret_from_fork+0x10/0x20 [ 26.745794] [ 26.745817] freed by task 330 on cpu 1 at 26.744596s (0.001217s ago): [ 26.745876] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.745918] kunit_try_run_case+0x170/0x3f0 [ 26.745957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.746006] kthread+0x328/0x630 [ 26.746046] ret_from_fork+0x10/0x20 [ 26.746083] [ 26.746126] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 26.746202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.746232] Hardware name: linux,dummy-virt (DT) [ 26.746267] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.224598] ================================================================== [ 26.224687] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.224687] [ 26.224778] Out-of-bounds read at 0x00000000a556bad8 (105B right of kfence-#149): [ 26.224836] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.224882] kunit_try_run_case+0x170/0x3f0 [ 26.224928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.224974] kthread+0x328/0x630 [ 26.225015] ret_from_fork+0x10/0x20 [ 26.225055] [ 26.225079] kfence-#149: 0x0000000061a5aa55-0x000000007616d813, size=73, cache=kmalloc-96 [ 26.225079] [ 26.225131] allocated by task 328 on cpu 1 at 26.224269s (0.000858s ago): [ 26.225202] test_alloc+0x29c/0x628 [ 26.225241] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.225283] kunit_try_run_case+0x170/0x3f0 [ 26.225324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.225368] kthread+0x328/0x630 [ 26.225407] ret_from_fork+0x10/0x20 [ 26.225446] [ 26.225490] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 26.225569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.225599] Hardware name: linux,dummy-virt (DT) [ 26.225644] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.644513] ================================================================== [ 21.644603] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.644603] [ 21.644678] Corrupted memory at 0x00000000e73ed779 [ ! ] (in kfence-#105): [ 21.644791] test_corruption+0x1d8/0x378 [ 21.644835] kunit_try_run_case+0x170/0x3f0 [ 21.644879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.644925] kthread+0x328/0x630 [ 21.644968] ret_from_fork+0x10/0x20 [ 21.645007] [ 21.645030] kfence-#105: 0x00000000a03b2509-0x0000000092f8d8e0, size=32, cache=test [ 21.645030] [ 21.645083] allocated by task 318 on cpu 0 at 21.644369s (0.000710s ago): [ 21.645142] test_alloc+0x230/0x628 [ 21.645180] test_corruption+0x198/0x378 [ 21.645219] kunit_try_run_case+0x170/0x3f0 [ 21.645258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645302] kthread+0x328/0x630 [ 21.645340] ret_from_fork+0x10/0x20 [ 21.645379] [ 21.645402] freed by task 318 on cpu 0 at 21.644430s (0.000968s ago): [ 21.645460] test_corruption+0x1d8/0x378 [ 21.645497] kunit_try_run_case+0x170/0x3f0 [ 21.645538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645582] kthread+0x328/0x630 [ 21.645620] ret_from_fork+0x10/0x20 [ 21.645669] [ 21.645712] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 21.645785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.645815] Hardware name: linux,dummy-virt (DT) [ 21.645849] ================================================================== [ 20.812649] ================================================================== [ 20.812751] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.812751] [ 20.812815] Corrupted memory at 0x00000000b9f56f0e [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 20.813920] test_corruption+0x278/0x378 [ 20.813976] kunit_try_run_case+0x170/0x3f0 [ 20.814027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.814074] kthread+0x328/0x630 [ 20.814115] ret_from_fork+0x10/0x20 [ 20.814154] [ 20.814178] kfence-#97: 0x000000005e804c3a-0x000000001ffa9824, size=32, cache=kmalloc-32 [ 20.814178] [ 20.814234] allocated by task 316 on cpu 0 at 20.812335s (0.001895s ago): [ 20.814296] test_alloc+0x29c/0x628 [ 20.814335] test_corruption+0xdc/0x378 [ 20.814373] kunit_try_run_case+0x170/0x3f0 [ 20.814415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.814459] kthread+0x328/0x630 [ 20.814497] ret_from_fork+0x10/0x20 [ 20.814535] [ 20.814560] freed by task 316 on cpu 0 at 20.812443s (0.002113s ago): [ 20.814617] test_corruption+0x278/0x378 [ 20.814667] kunit_try_run_case+0x170/0x3f0 [ 20.814710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.814755] kthread+0x328/0x630 [ 20.814794] ret_from_fork+0x10/0x20 [ 20.814833] [ 20.814881] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.814961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.814991] Hardware name: linux,dummy-virt (DT) [ 20.815027] ================================================================== [ 21.124651] ================================================================== [ 21.124742] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.124742] [ 21.124800] Corrupted memory at 0x00000000f1d776a4 [ ! ] (in kfence-#100): [ 21.124924] test_corruption+0x284/0x378 [ 21.124969] kunit_try_run_case+0x170/0x3f0 [ 21.125011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125056] kthread+0x328/0x630 [ 21.125095] ret_from_fork+0x10/0x20 [ 21.125135] [ 21.125158] kfence-#100: 0x00000000b6bbf120-0x0000000026b499c9, size=32, cache=kmalloc-32 [ 21.125158] [ 21.125213] allocated by task 316 on cpu 0 at 21.124373s (0.000836s ago): [ 21.125272] test_alloc+0x29c/0x628 [ 21.125309] test_corruption+0x198/0x378 [ 21.125347] kunit_try_run_case+0x170/0x3f0 [ 21.125386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125431] kthread+0x328/0x630 [ 21.125471] ret_from_fork+0x10/0x20 [ 21.125509] [ 21.125532] freed by task 316 on cpu 0 at 21.124471s (0.001057s ago): [ 21.125588] test_corruption+0x284/0x378 [ 21.125639] kunit_try_run_case+0x170/0x3f0 [ 21.125679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125723] kthread+0x328/0x630 [ 21.125762] ret_from_fork+0x10/0x20 [ 21.125798] [ 21.125840] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 21.125915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.125943] Hardware name: linux,dummy-virt (DT) [ 21.125981] ================================================================== [ 21.228447] ================================================================== [ 21.228524] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.228524] [ 21.228581] Corrupted memory at 0x00000000084a6e59 [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 21.228900] test_corruption+0x120/0x378 [ 21.228945] kunit_try_run_case+0x170/0x3f0 [ 21.228990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229036] kthread+0x328/0x630 [ 21.229077] ret_from_fork+0x10/0x20 [ 21.229117] [ 21.229140] kfence-#101: 0x000000005c9bb4a6-0x00000000d35781e2, size=32, cache=test [ 21.229140] [ 21.229194] allocated by task 318 on cpu 0 at 21.228323s (0.000867s ago): [ 21.229254] test_alloc+0x230/0x628 [ 21.229293] test_corruption+0xdc/0x378 [ 21.229332] kunit_try_run_case+0x170/0x3f0 [ 21.229373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229417] kthread+0x328/0x630 [ 21.229456] ret_from_fork+0x10/0x20 [ 21.229495] [ 21.229517] freed by task 318 on cpu 0 at 21.228375s (0.001138s ago): [ 21.229577] test_corruption+0x120/0x378 [ 21.229614] kunit_try_run_case+0x170/0x3f0 [ 21.229664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229709] kthread+0x328/0x630 [ 21.229748] ret_from_fork+0x10/0x20 [ 21.229787] [ 21.229826] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 21.229898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.229926] Hardware name: linux,dummy-virt (DT) [ 21.229958] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.385418] ================================================================== [ 20.385592] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.385592] [ 20.385934] Invalid free of 0x00000000a3f533bc (in kfence-#93): [ 20.386008] test_double_free+0x1bc/0x238 [ 20.386050] kunit_try_run_case+0x170/0x3f0 [ 20.386474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.386597] kthread+0x328/0x630 [ 20.386988] ret_from_fork+0x10/0x20 [ 20.387054] [ 20.387179] kfence-#93: 0x00000000a3f533bc-0x000000009dfa8151, size=32, cache=kmalloc-32 [ 20.387179] [ 20.387583] allocated by task 308 on cpu 1 at 20.384900s (0.002659s ago): [ 20.387658] test_alloc+0x29c/0x628 [ 20.387698] test_double_free+0xd4/0x238 [ 20.387735] kunit_try_run_case+0x170/0x3f0 [ 20.387777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.387829] kthread+0x328/0x630 [ 20.387870] ret_from_fork+0x10/0x20 [ 20.387951] [ 20.388158] freed by task 308 on cpu 1 at 20.384977s (0.003176s ago): [ 20.388259] test_double_free+0x1ac/0x238 [ 20.388302] kunit_try_run_case+0x170/0x3f0 [ 20.388344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.388388] kthread+0x328/0x630 [ 20.388431] ret_from_fork+0x10/0x20 [ 20.388470] [ 20.388874] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.389054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.389143] Hardware name: linux,dummy-virt (DT) [ 20.389223] ================================================================== [ 20.493085] ================================================================== [ 20.493210] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.493210] [ 20.493299] Invalid free of 0x00000000a82edda0 (in kfence-#94): [ 20.493350] test_double_free+0x100/0x238 [ 20.493394] kunit_try_run_case+0x170/0x3f0 [ 20.493437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.493479] kthread+0x328/0x630 [ 20.493546] ret_from_fork+0x10/0x20 [ 20.493586] [ 20.493609] kfence-#94: 0x00000000a82edda0-0x0000000097eb0349, size=32, cache=test [ 20.493609] [ 20.493673] allocated by task 310 on cpu 1 at 20.492788s (0.000882s ago): [ 20.493734] test_alloc+0x230/0x628 [ 20.493771] test_double_free+0xd4/0x238 [ 20.493838] kunit_try_run_case+0x170/0x3f0 [ 20.493925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.494014] kthread+0x328/0x630 [ 20.494101] ret_from_fork+0x10/0x20 [ 20.494147] [ 20.494170] freed by task 310 on cpu 1 at 20.492841s (0.001325s ago): [ 20.494353] test_double_free+0xf0/0x238 [ 20.494395] kunit_try_run_case+0x170/0x3f0 [ 20.494437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.494522] kthread+0x328/0x630 [ 20.494599] ret_from_fork+0x10/0x20 [ 20.494703] [ 20.494745] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.494820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.494991] Hardware name: linux,dummy-virt (DT) [ 20.495028] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.952898] ================================================================== [ 19.952967] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.952967] [ 19.953047] Use-after-free read at 0x00000000a845f17d (in kfence-#89): [ 19.953196] test_use_after_free_read+0x114/0x248 [ 19.953350] kunit_try_run_case+0x170/0x3f0 [ 19.953491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.953536] kthread+0x328/0x630 [ 19.953622] ret_from_fork+0x10/0x20 [ 19.953675] [ 19.953798] kfence-#89: 0x00000000a845f17d-0x0000000096ac0eee, size=32, cache=kmalloc-32 [ 19.953798] [ 19.954112] allocated by task 300 on cpu 1 at 19.952325s (0.001725s ago): [ 19.954182] test_alloc+0x29c/0x628 [ 19.954273] test_use_after_free_read+0xd0/0x248 [ 19.954328] kunit_try_run_case+0x170/0x3f0 [ 19.954370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.954415] kthread+0x328/0x630 [ 19.954546] ret_from_fork+0x10/0x20 [ 19.954723] [ 19.954801] freed by task 300 on cpu 1 at 19.952410s (0.002380s ago): [ 19.954874] test_use_after_free_read+0x1c0/0x248 [ 19.955013] kunit_try_run_case+0x170/0x3f0 [ 19.955068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.955113] kthread+0x328/0x630 [ 19.955152] ret_from_fork+0x10/0x20 [ 19.955296] [ 19.955427] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.955515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.955543] Hardware name: linux,dummy-virt (DT) [ 19.955675] ================================================================== [ 20.061211] ================================================================== [ 20.061343] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.061343] [ 20.061420] Use-after-free read at 0x000000003ca692f6 (in kfence-#90): [ 20.061470] test_use_after_free_read+0x114/0x248 [ 20.061514] kunit_try_run_case+0x170/0x3f0 [ 20.061598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.061738] kthread+0x328/0x630 [ 20.061781] ret_from_fork+0x10/0x20 [ 20.061841] [ 20.061881] kfence-#90: 0x000000003ca692f6-0x00000000ce1b73df, size=32, cache=test [ 20.061881] [ 20.061997] allocated by task 302 on cpu 1 at 20.060986s (0.000942s ago): [ 20.062064] test_alloc+0x230/0x628 [ 20.062127] test_use_after_free_read+0xd0/0x248 [ 20.062179] kunit_try_run_case+0x170/0x3f0 [ 20.062220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.062273] kthread+0x328/0x630 [ 20.062321] ret_from_fork+0x10/0x20 [ 20.062361] [ 20.062383] freed by task 302 on cpu 1 at 20.061040s (0.001340s ago): [ 20.062478] test_use_after_free_read+0xf0/0x248 [ 20.062519] kunit_try_run_case+0x170/0x3f0 [ 20.062559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.062603] kthread+0x328/0x630 [ 20.062910] ret_from_fork+0x10/0x20 [ 20.062968] [ 20.063158] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 20.063344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.063377] Hardware name: linux,dummy-virt (DT) [ 20.063412] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.737369] ================================================================== [ 19.737533] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.737533] [ 19.737814] Out-of-bounds write at 0x00000000459332d3 (1B left of kfence-#87): [ 19.737874] test_out_of_bounds_write+0x100/0x240 [ 19.737997] kunit_try_run_case+0x170/0x3f0 [ 19.738051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.738094] kthread+0x328/0x630 [ 19.738164] ret_from_fork+0x10/0x20 [ 19.738426] [ 19.738464] kfence-#87: 0x000000000d229729-0x0000000068b3e64b, size=32, cache=kmalloc-32 [ 19.738464] [ 19.738527] allocated by task 296 on cpu 1 at 19.737147s (0.001377s ago): [ 19.738598] test_alloc+0x29c/0x628 [ 19.738651] test_out_of_bounds_write+0xc8/0x240 [ 19.738916] kunit_try_run_case+0x170/0x3f0 [ 19.738998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.739089] kthread+0x328/0x630 [ 19.739133] ret_from_fork+0x10/0x20 [ 19.739192] [ 19.739380] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.739557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.739592] Hardware name: linux,dummy-virt (DT) [ 19.739649] ================================================================== [ 19.844512] ================================================================== [ 19.844803] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.844803] [ 19.844944] Out-of-bounds write at 0x00000000ae4c71ef (1B left of kfence-#88): [ 19.845077] test_out_of_bounds_write+0x100/0x240 [ 19.845184] kunit_try_run_case+0x170/0x3f0 [ 19.845298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.845369] kthread+0x328/0x630 [ 19.845471] ret_from_fork+0x10/0x20 [ 19.845547] [ 19.845572] kfence-#88: 0x000000004094dc35-0x00000000910042df, size=32, cache=test [ 19.845572] [ 19.845622] allocated by task 298 on cpu 1 at 19.844320s (0.001298s ago): [ 19.845782] test_alloc+0x230/0x628 [ 19.845953] test_out_of_bounds_write+0xc8/0x240 [ 19.846035] kunit_try_run_case+0x170/0x3f0 [ 19.846077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.846121] kthread+0x328/0x630 [ 19.846180] ret_from_fork+0x10/0x20 [ 19.846220] [ 19.846284] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.846363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.846438] Hardware name: linux,dummy-virt (DT) [ 19.846474] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.977005] ================================================================== [ 18.977103] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.977103] [ 18.977233] Out-of-bounds read at 0x00000000dfa1f594 (1B left of kfence-#80): [ 18.977310] test_out_of_bounds_read+0x114/0x3e0 [ 18.977358] kunit_try_run_case+0x170/0x3f0 [ 18.977404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.977446] kthread+0x328/0x630 [ 18.977488] ret_from_fork+0x10/0x20 [ 18.977526] [ 18.977551] kfence-#80: 0x0000000072e9d7ab-0x00000000c9a2e925, size=32, cache=kmalloc-32 [ 18.977551] [ 18.977603] allocated by task 292 on cpu 1 at 18.976468s (0.001131s ago): [ 18.977685] test_alloc+0x29c/0x628 [ 18.977722] test_out_of_bounds_read+0xdc/0x3e0 [ 18.977762] kunit_try_run_case+0x170/0x3f0 [ 18.977800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.977844] kthread+0x328/0x630 [ 18.977883] ret_from_fork+0x10/0x20 [ 18.977933] [ 18.977983] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.978060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.978088] Hardware name: linux,dummy-virt (DT) [ 18.978123] ================================================================== [ 19.625182] ================================================================== [ 19.625436] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.625436] [ 19.625511] Out-of-bounds read at 0x00000000ae48dc0e (32B right of kfence-#86): [ 19.625565] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.625608] kunit_try_run_case+0x170/0x3f0 [ 19.625664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.625708] kthread+0x328/0x630 [ 19.625762] ret_from_fork+0x10/0x20 [ 19.625806] [ 19.625831] kfence-#86: 0x00000000e243b335-0x00000000599010e0, size=32, cache=test [ 19.625831] [ 19.625899] allocated by task 294 on cpu 1 at 19.624859s (0.001035s ago): [ 19.625964] test_alloc+0x230/0x628 [ 19.626007] test_out_of_bounds_read+0x198/0x3e0 [ 19.626047] kunit_try_run_case+0x170/0x3f0 [ 19.626086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.626130] kthread+0x328/0x630 [ 19.626169] ret_from_fork+0x10/0x20 [ 19.626222] [ 19.626263] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.626348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.626386] Hardware name: linux,dummy-virt (DT) [ 19.626426] ================================================================== [ 19.519018] ================================================================== [ 19.519320] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.519320] [ 19.519522] Out-of-bounds read at 0x0000000022a54cff (1B left of kfence-#85): [ 19.519615] test_out_of_bounds_read+0x114/0x3e0 [ 19.519757] kunit_try_run_case+0x170/0x3f0 [ 19.519813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.519867] kthread+0x328/0x630 [ 19.520193] ret_from_fork+0x10/0x20 [ 19.520326] [ 19.520406] kfence-#85: 0x00000000344c892e-0x0000000078272bea, size=32, cache=test [ 19.520406] [ 19.520597] allocated by task 294 on cpu 1 at 19.518527s (0.002040s ago): [ 19.520927] test_alloc+0x230/0x628 [ 19.521057] test_out_of_bounds_read+0xdc/0x3e0 [ 19.521099] kunit_try_run_case+0x170/0x3f0 [ 19.521150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.521497] kthread+0x328/0x630 [ 19.521613] ret_from_fork+0x10/0x20 [ 19.521850] [ 19.521943] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.522032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.522060] Hardware name: linux,dummy-virt (DT) [ 19.522115] ================================================================== [ 19.085435] ================================================================== [ 19.085507] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.085507] [ 19.085621] Out-of-bounds read at 0x00000000298e20e9 (32B right of kfence-#81): [ 19.085690] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.085735] kunit_try_run_case+0x170/0x3f0 [ 19.085778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.085823] kthread+0x328/0x630 [ 19.085906] ret_from_fork+0x10/0x20 [ 19.085947] [ 19.086185] kfence-#81: 0x00000000edc43a3c-0x00000000a000e643, size=32, cache=kmalloc-32 [ 19.086185] [ 19.086347] allocated by task 292 on cpu 1 at 19.084929s (0.001356s ago): [ 19.086420] test_alloc+0x29c/0x628 [ 19.086466] test_out_of_bounds_read+0x198/0x3e0 [ 19.086507] kunit_try_run_case+0x170/0x3f0 [ 19.086692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.086740] kthread+0x328/0x630 [ 19.086839] ret_from_fork+0x10/0x20 [ 19.086904] [ 19.086945] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 19.087024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.087373] Hardware name: linux,dummy-virt (DT) [ 19.087502] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-ksize_uaf
[ 15.779352] ================================================================== [ 15.779719] BUG: KFENCE: use-after-free read in ksize_uaf+0x1dc/0x5f8 [ 15.779719] [ 15.779794] Use-after-free read at 0x000000008c71b52a (in kfence-#58): [ 15.779979] ksize_uaf+0x1dc/0x5f8 [ 15.780118] kunit_try_run_case+0x170/0x3f0 [ 15.780179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.780224] kthread+0x328/0x630 [ 15.780261] ret_from_fork+0x10/0x20 [ 15.780295] [ 15.780316] kfence-#58: 0x000000008c71b52a-0x000000006f0923f3, size=120, cache=kmalloc-128 [ 15.780316] [ 15.780372] allocated by task 201 on cpu 0 at 15.777781s (0.002586s ago): [ 15.780714] ksize_uaf+0xb8/0x5f8 [ 15.780783] kunit_try_run_case+0x170/0x3f0 [ 15.780904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.781000] kthread+0x328/0x630 [ 15.781374] ret_from_fork+0x10/0x20 [ 15.781468] [ 15.781568] freed by task 201 on cpu 0 at 15.777856s (0.003693s ago): [ 15.781785] ksize_uaf+0x11c/0x5f8 [ 15.781928] kunit_try_run_case+0x170/0x3f0 [ 15.782178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.782274] kthread+0x328/0x630 [ 15.782429] ret_from_fork+0x10/0x20 [ 15.782546] [ 15.782667] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.782963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783005] Hardware name: linux,dummy-virt (DT) [ 15.783044] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset
[ 15.675636] ================================================================== [ 15.676495] BUG: KFENCE: use-after-free write in __memset+0xc/0x20 [ 15.676495] [ 15.676925] Use-after-free write at 0x00000000c02c8890 (in kfence-#57): [ 15.677575] __memset+0xc/0x20 [ 15.677616] kmalloc_uaf_memset+0x170/0x310 [ 15.677900] kunit_try_run_case+0x170/0x3f0 [ 15.677995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.678170] kthread+0x328/0x630 [ 15.678242] ret_from_fork+0x10/0x20 [ 15.678403] [ 15.678885] kfence-#57: 0x00000000c02c8890-0x0000000004de3278, size=33, cache=kmalloc-64 [ 15.678885] [ 15.679922] allocated by task 191 on cpu 0 at 15.673777s (0.005932s ago): [ 15.681348] kmalloc_uaf_memset+0xb8/0x310 [ 15.681541] kunit_try_run_case+0x170/0x3f0 [ 15.681761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.681815] kthread+0x328/0x630 [ 15.681851] ret_from_fork+0x10/0x20 [ 15.681999] [ 15.682161] freed by task 191 on cpu 0 at 15.673839s (0.008221s ago): [ 15.682362] kmalloc_uaf_memset+0x11c/0x310 [ 15.682412] kunit_try_run_case+0x170/0x3f0 [ 15.682449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.682493] kthread+0x328/0x630 [ 15.682536] ret_from_fork+0x10/0x20 [ 15.682590] [ 15.682671] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.682926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.683183] Hardware name: linux,dummy-virt (DT) [ 15.683271] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.774837] ================================================================== [ 18.775159] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.775287] Write of size 1 at addr fff00000c793a578 by task kunit_try_catch/290 [ 18.775482] [ 18.775845] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.775943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.776408] Hardware name: linux,dummy-virt (DT) [ 18.776456] Call trace: [ 18.776480] show_stack+0x20/0x38 (C) [ 18.776531] dump_stack_lvl+0x8c/0xd0 [ 18.776588] print_report+0x118/0x608 [ 18.776643] kasan_report+0xdc/0x128 [ 18.776995] __asan_report_store1_noabort+0x20/0x30 [ 18.777337] strncpy_from_user+0x270/0x2a0 [ 18.777589] copy_user_test_oob+0x5c0/0xec8 [ 18.778021] kunit_try_run_case+0x170/0x3f0 [ 18.778253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.778338] kthread+0x328/0x630 [ 18.778386] ret_from_fork+0x10/0x20 [ 18.778719] [ 18.778772] Allocated by task 290: [ 18.779199] kasan_save_stack+0x3c/0x68 [ 18.779584] kasan_save_track+0x20/0x40 [ 18.779643] kasan_save_alloc_info+0x40/0x58 [ 18.779863] __kasan_kmalloc+0xd4/0xd8 [ 18.780171] __kmalloc_noprof+0x198/0x4c8 [ 18.780281] kunit_kmalloc_array+0x34/0x88 [ 18.780525] copy_user_test_oob+0xac/0xec8 [ 18.780654] kunit_try_run_case+0x170/0x3f0 [ 18.780946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.781010] kthread+0x328/0x630 [ 18.781048] ret_from_fork+0x10/0x20 [ 18.781086] [ 18.781268] The buggy address belongs to the object at fff00000c793a500 [ 18.781268] which belongs to the cache kmalloc-128 of size 128 [ 18.781570] The buggy address is located 0 bytes to the right of [ 18.781570] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.781966] [ 18.782061] The buggy address belongs to the physical page: [ 18.782187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.782524] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.783123] page_type: f5(slab) [ 18.783188] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.783411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.783725] page dumped because: kasan: bad access detected [ 18.783772] [ 18.783906] Memory state around the buggy address: [ 18.784081] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.784132] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.784357] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.784815] ^ [ 18.785190] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.785449] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.785571] ================================================================== [ 18.765586] ================================================================== [ 18.765808] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.765877] Write of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.766208] [ 18.766466] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.766727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.767019] Hardware name: linux,dummy-virt (DT) [ 18.767067] Call trace: [ 18.767094] show_stack+0x20/0x38 (C) [ 18.767148] dump_stack_lvl+0x8c/0xd0 [ 18.767552] print_report+0x118/0x608 [ 18.767736] kasan_report+0xdc/0x128 [ 18.767798] kasan_check_range+0x100/0x1a8 [ 18.768270] __kasan_check_write+0x20/0x30 [ 18.768517] strncpy_from_user+0x3c/0x2a0 [ 18.768769] copy_user_test_oob+0x5c0/0xec8 [ 18.769049] kunit_try_run_case+0x170/0x3f0 [ 18.769190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.769359] kthread+0x328/0x630 [ 18.769530] ret_from_fork+0x10/0x20 [ 18.769815] [ 18.769837] Allocated by task 290: [ 18.770019] kasan_save_stack+0x3c/0x68 [ 18.770216] kasan_save_track+0x20/0x40 [ 18.770298] kasan_save_alloc_info+0x40/0x58 [ 18.770530] __kasan_kmalloc+0xd4/0xd8 [ 18.770742] __kmalloc_noprof+0x198/0x4c8 [ 18.770804] kunit_kmalloc_array+0x34/0x88 [ 18.770930] copy_user_test_oob+0xac/0xec8 [ 18.770979] kunit_try_run_case+0x170/0x3f0 [ 18.771018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771115] kthread+0x328/0x630 [ 18.771171] ret_from_fork+0x10/0x20 [ 18.771212] [ 18.771242] The buggy address belongs to the object at fff00000c793a500 [ 18.771242] which belongs to the cache kmalloc-128 of size 128 [ 18.771313] The buggy address is located 0 bytes inside of [ 18.771313] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.771376] [ 18.771416] The buggy address belongs to the physical page: [ 18.771455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.771525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.771582] page_type: f5(slab) [ 18.771621] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.771687] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.771741] page dumped because: kasan: bad access detected [ 18.771783] [ 18.771803] Memory state around the buggy address: [ 18.771838] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.771882] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.771927] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.772013] ^ [ 18.772315] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.772362] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.772433] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.690706] ================================================================== [ 18.690812] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.691752] Write of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.692008] [ 18.692366] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.692548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.692692] Hardware name: linux,dummy-virt (DT) [ 18.692790] Call trace: [ 18.692932] show_stack+0x20/0x38 (C) [ 18.693437] dump_stack_lvl+0x8c/0xd0 [ 18.693539] print_report+0x118/0x608 [ 18.693693] kasan_report+0xdc/0x128 [ 18.693823] kasan_check_range+0x100/0x1a8 [ 18.693937] __kasan_check_write+0x20/0x30 [ 18.694251] copy_user_test_oob+0x234/0xec8 [ 18.694363] kunit_try_run_case+0x170/0x3f0 [ 18.694432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.694516] kthread+0x328/0x630 [ 18.694584] ret_from_fork+0x10/0x20 [ 18.694670] [ 18.694694] Allocated by task 290: [ 18.694749] kasan_save_stack+0x3c/0x68 [ 18.694803] kasan_save_track+0x20/0x40 [ 18.694840] kasan_save_alloc_info+0x40/0x58 [ 18.694881] __kasan_kmalloc+0xd4/0xd8 [ 18.694926] __kmalloc_noprof+0x198/0x4c8 [ 18.694974] kunit_kmalloc_array+0x34/0x88 [ 18.695030] copy_user_test_oob+0xac/0xec8 [ 18.695080] kunit_try_run_case+0x170/0x3f0 [ 18.695128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.695185] kthread+0x328/0x630 [ 18.695235] ret_from_fork+0x10/0x20 [ 18.695271] [ 18.695293] The buggy address belongs to the object at fff00000c793a500 [ 18.695293] which belongs to the cache kmalloc-128 of size 128 [ 18.695359] The buggy address is located 0 bytes inside of [ 18.695359] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.695429] [ 18.695455] The buggy address belongs to the physical page: [ 18.695500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.695569] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.695888] page_type: f5(slab) [ 18.696255] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.696345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.696587] page dumped because: kasan: bad access detected [ 18.697063] [ 18.697106] Memory state around the buggy address: [ 18.697163] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.698028] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.698278] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.698663] ^ [ 18.698719] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.699054] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.699489] ================================================================== [ 18.725038] ================================================================== [ 18.725206] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.725307] Write of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.725363] [ 18.725399] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.725765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.725815] Hardware name: linux,dummy-virt (DT) [ 18.725848] Call trace: [ 18.725901] show_stack+0x20/0x38 (C) [ 18.725956] dump_stack_lvl+0x8c/0xd0 [ 18.726015] print_report+0x118/0x608 [ 18.726086] kasan_report+0xdc/0x128 [ 18.726135] kasan_check_range+0x100/0x1a8 [ 18.726186] __kasan_check_write+0x20/0x30 [ 18.726235] copy_user_test_oob+0x35c/0xec8 [ 18.726295] kunit_try_run_case+0x170/0x3f0 [ 18.726347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.726402] kthread+0x328/0x630 [ 18.726461] ret_from_fork+0x10/0x20 [ 18.726510] [ 18.726539] Allocated by task 290: [ 18.726571] kasan_save_stack+0x3c/0x68 [ 18.726620] kasan_save_track+0x20/0x40 [ 18.726671] kasan_save_alloc_info+0x40/0x58 [ 18.726710] __kasan_kmalloc+0xd4/0xd8 [ 18.726748] __kmalloc_noprof+0x198/0x4c8 [ 18.726784] kunit_kmalloc_array+0x34/0x88 [ 18.726825] copy_user_test_oob+0xac/0xec8 [ 18.726869] kunit_try_run_case+0x170/0x3f0 [ 18.726910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.726956] kthread+0x328/0x630 [ 18.726992] ret_from_fork+0x10/0x20 [ 18.727030] [ 18.727059] The buggy address belongs to the object at fff00000c793a500 [ 18.727059] which belongs to the cache kmalloc-128 of size 128 [ 18.727119] The buggy address is located 0 bytes inside of [ 18.727119] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.727188] [ 18.727212] The buggy address belongs to the physical page: [ 18.727250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.727303] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.727350] page_type: f5(slab) [ 18.727400] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.727450] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.727501] page dumped because: kasan: bad access detected [ 18.727544] [ 18.727565] Memory state around the buggy address: [ 18.727599] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.727924] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.728385] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.729085] ^ [ 18.729528] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.729722] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.730047] ================================================================== [ 18.744950] ================================================================== [ 18.745013] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.745218] Write of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.745288] [ 18.745492] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.745588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.745772] Hardware name: linux,dummy-virt (DT) [ 18.746040] Call trace: [ 18.746084] show_stack+0x20/0x38 (C) [ 18.746137] dump_stack_lvl+0x8c/0xd0 [ 18.746524] print_report+0x118/0x608 [ 18.746599] kasan_report+0xdc/0x128 [ 18.746655] kasan_check_range+0x100/0x1a8 [ 18.746791] __kasan_check_write+0x20/0x30 [ 18.747090] copy_user_test_oob+0x434/0xec8 [ 18.747158] kunit_try_run_case+0x170/0x3f0 [ 18.747209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.747489] kthread+0x328/0x630 [ 18.747559] ret_from_fork+0x10/0x20 [ 18.747752] [ 18.747981] Allocated by task 290: [ 18.748053] kasan_save_stack+0x3c/0x68 [ 18.748245] kasan_save_track+0x20/0x40 [ 18.748556] kasan_save_alloc_info+0x40/0x58 [ 18.748684] __kasan_kmalloc+0xd4/0xd8 [ 18.748848] __kmalloc_noprof+0x198/0x4c8 [ 18.748895] kunit_kmalloc_array+0x34/0x88 [ 18.748935] copy_user_test_oob+0xac/0xec8 [ 18.749132] kunit_try_run_case+0x170/0x3f0 [ 18.749358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.749543] kthread+0x328/0x630 [ 18.749828] ret_from_fork+0x10/0x20 [ 18.749988] [ 18.750068] The buggy address belongs to the object at fff00000c793a500 [ 18.750068] which belongs to the cache kmalloc-128 of size 128 [ 18.750147] The buggy address is located 0 bytes inside of [ 18.750147] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.750395] [ 18.750651] The buggy address belongs to the physical page: [ 18.750701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.750758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.750807] page_type: f5(slab) [ 18.750962] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.751050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.751095] page dumped because: kasan: bad access detected [ 18.751140] [ 18.751179] Memory state around the buggy address: [ 18.751229] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.751291] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751336] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.751391] ^ [ 18.751436] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751501] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.751547] ================================================================== [ 18.753528] ================================================================== [ 18.753592] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.753891] Read of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.754204] [ 18.754251] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.754583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.754746] Hardware name: linux,dummy-virt (DT) [ 18.754943] Call trace: [ 18.755078] show_stack+0x20/0x38 (C) [ 18.755303] dump_stack_lvl+0x8c/0xd0 [ 18.755514] print_report+0x118/0x608 [ 18.755621] kasan_report+0xdc/0x128 [ 18.755917] kasan_check_range+0x100/0x1a8 [ 18.756054] __kasan_check_read+0x20/0x30 [ 18.756160] copy_user_test_oob+0x4a0/0xec8 [ 18.756333] kunit_try_run_case+0x170/0x3f0 [ 18.756450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.756655] kthread+0x328/0x630 [ 18.756968] ret_from_fork+0x10/0x20 [ 18.757236] [ 18.757311] Allocated by task 290: [ 18.757487] kasan_save_stack+0x3c/0x68 [ 18.757603] kasan_save_track+0x20/0x40 [ 18.757655] kasan_save_alloc_info+0x40/0x58 [ 18.757885] __kasan_kmalloc+0xd4/0xd8 [ 18.758242] __kmalloc_noprof+0x198/0x4c8 [ 18.758425] kunit_kmalloc_array+0x34/0x88 [ 18.758555] copy_user_test_oob+0xac/0xec8 [ 18.758782] kunit_try_run_case+0x170/0x3f0 [ 18.758830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.759096] kthread+0x328/0x630 [ 18.759450] ret_from_fork+0x10/0x20 [ 18.759948] [ 18.759986] The buggy address belongs to the object at fff00000c793a500 [ 18.759986] which belongs to the cache kmalloc-128 of size 128 [ 18.760055] The buggy address is located 0 bytes inside of [ 18.760055] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.760378] [ 18.760512] The buggy address belongs to the physical page: [ 18.760793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.760949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.761185] page_type: f5(slab) [ 18.761296] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.761398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.761444] page dumped because: kasan: bad access detected [ 18.761511] [ 18.761680] Memory state around the buggy address: [ 18.761912] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.761986] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762032] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.762092] ^ [ 18.762140] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762186] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762227] ================================================================== [ 18.706712] ================================================================== [ 18.706802] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.707102] Read of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.707207] [ 18.707244] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.707328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.707702] Hardware name: linux,dummy-virt (DT) [ 18.708013] Call trace: [ 18.708070] show_stack+0x20/0x38 (C) [ 18.708183] dump_stack_lvl+0x8c/0xd0 [ 18.708276] print_report+0x118/0x608 [ 18.708462] kasan_report+0xdc/0x128 [ 18.708724] kasan_check_range+0x100/0x1a8 [ 18.708986] __kasan_check_read+0x20/0x30 [ 18.709141] copy_user_test_oob+0x728/0xec8 [ 18.709331] kunit_try_run_case+0x170/0x3f0 [ 18.709480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.709565] kthread+0x328/0x630 [ 18.710113] ret_from_fork+0x10/0x20 [ 18.710488] [ 18.710559] Allocated by task 290: [ 18.710812] kasan_save_stack+0x3c/0x68 [ 18.711007] kasan_save_track+0x20/0x40 [ 18.711198] kasan_save_alloc_info+0x40/0x58 [ 18.711447] __kasan_kmalloc+0xd4/0xd8 [ 18.711659] __kmalloc_noprof+0x198/0x4c8 [ 18.711862] kunit_kmalloc_array+0x34/0x88 [ 18.712089] copy_user_test_oob+0xac/0xec8 [ 18.712232] kunit_try_run_case+0x170/0x3f0 [ 18.712445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.712616] kthread+0x328/0x630 [ 18.712687] ret_from_fork+0x10/0x20 [ 18.712737] [ 18.712761] The buggy address belongs to the object at fff00000c793a500 [ 18.712761] which belongs to the cache kmalloc-128 of size 128 [ 18.712831] The buggy address is located 0 bytes inside of [ 18.712831] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.712894] [ 18.712933] The buggy address belongs to the physical page: [ 18.712979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.713037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.713093] page_type: f5(slab) [ 18.713141] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.713203] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.713244] page dumped because: kasan: bad access detected [ 18.713279] [ 18.713318] Memory state around the buggy address: [ 18.713371] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.713418] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.713482] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.713523] ^ [ 18.713575] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.713619] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.713819] ================================================================== [ 18.731539] ================================================================== [ 18.731948] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.732177] Read of size 121 at addr fff00000c793a500 by task kunit_try_catch/290 [ 18.732408] [ 18.732596] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.732736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.732977] Hardware name: linux,dummy-virt (DT) [ 18.733383] Call trace: [ 18.733570] show_stack+0x20/0x38 (C) [ 18.733835] dump_stack_lvl+0x8c/0xd0 [ 18.734007] print_report+0x118/0x608 [ 18.734248] kasan_report+0xdc/0x128 [ 18.734435] kasan_check_range+0x100/0x1a8 [ 18.734782] __kasan_check_read+0x20/0x30 [ 18.734846] copy_user_test_oob+0x3c8/0xec8 [ 18.734895] kunit_try_run_case+0x170/0x3f0 [ 18.735222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.735609] kthread+0x328/0x630 [ 18.736166] ret_from_fork+0x10/0x20 [ 18.736480] [ 18.736586] Allocated by task 290: [ 18.736812] kasan_save_stack+0x3c/0x68 [ 18.736877] kasan_save_track+0x20/0x40 [ 18.736918] kasan_save_alloc_info+0x40/0x58 [ 18.736965] __kasan_kmalloc+0xd4/0xd8 [ 18.737003] __kmalloc_noprof+0x198/0x4c8 [ 18.737447] kunit_kmalloc_array+0x34/0x88 [ 18.737824] copy_user_test_oob+0xac/0xec8 [ 18.737930] kunit_try_run_case+0x170/0x3f0 [ 18.738143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.738195] kthread+0x328/0x630 [ 18.738711] ret_from_fork+0x10/0x20 [ 18.738804] [ 18.738969] The buggy address belongs to the object at fff00000c793a500 [ 18.738969] which belongs to the cache kmalloc-128 of size 128 [ 18.739131] The buggy address is located 0 bytes inside of [ 18.739131] allocated 120-byte region [fff00000c793a500, fff00000c793a578) [ 18.739297] [ 18.739535] The buggy address belongs to the physical page: [ 18.739983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.740217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.740588] page_type: f5(slab) [ 18.740659] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.740712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.741518] page dumped because: kasan: bad access detected [ 18.741656] [ 18.741904] Memory state around the buggy address: [ 18.741986] fff00000c793a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.742387] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.742446] >fff00000c793a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.742782] ^ [ 18.743260] fff00000c793a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743351] fff00000c793a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.743503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.627995] ================================================================== [ 18.629125] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.629247] Read of size 8 at addr fff00000c793a478 by task kunit_try_catch/286 [ 18.629399] [ 18.629581] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.629791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.629839] Hardware name: linux,dummy-virt (DT) [ 18.629874] Call trace: [ 18.630455] show_stack+0x20/0x38 (C) [ 18.630576] dump_stack_lvl+0x8c/0xd0 [ 18.630680] print_report+0x118/0x608 [ 18.630852] kasan_report+0xdc/0x128 [ 18.630972] __asan_report_load8_noabort+0x20/0x30 [ 18.631110] copy_to_kernel_nofault+0x204/0x250 [ 18.631246] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.631320] kunit_try_run_case+0x170/0x3f0 [ 18.631660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.631897] kthread+0x328/0x630 [ 18.632354] ret_from_fork+0x10/0x20 [ 18.632535] [ 18.632578] Allocated by task 286: [ 18.632608] kasan_save_stack+0x3c/0x68 [ 18.632665] kasan_save_track+0x20/0x40 [ 18.632703] kasan_save_alloc_info+0x40/0x58 [ 18.632985] __kasan_kmalloc+0xd4/0xd8 [ 18.633035] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.633372] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.633788] kunit_try_run_case+0x170/0x3f0 [ 18.633910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.634125] kthread+0x328/0x630 [ 18.634309] ret_from_fork+0x10/0x20 [ 18.634420] [ 18.634510] The buggy address belongs to the object at fff00000c793a400 [ 18.634510] which belongs to the cache kmalloc-128 of size 128 [ 18.634842] The buggy address is located 0 bytes to the right of [ 18.634842] allocated 120-byte region [fff00000c793a400, fff00000c793a478) [ 18.634996] [ 18.635024] The buggy address belongs to the physical page: [ 18.635081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.635501] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.635855] page_type: f5(slab) [ 18.636004] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.636188] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.636413] page dumped because: kasan: bad access detected [ 18.636543] [ 18.636571] Memory state around the buggy address: [ 18.636606] fff00000c793a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.636666] fff00000c793a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636722] >fff00000c793a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.636770] ^ [ 18.636815] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636868] fff00000c793a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636909] ================================================================== [ 18.641536] ================================================================== [ 18.641674] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.641735] Write of size 8 at addr fff00000c793a478 by task kunit_try_catch/286 [ 18.641947] [ 18.642113] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.642200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.642229] Hardware name: linux,dummy-virt (DT) [ 18.642309] Call trace: [ 18.642339] show_stack+0x20/0x38 (C) [ 18.642390] dump_stack_lvl+0x8c/0xd0 [ 18.642450] print_report+0x118/0x608 [ 18.642497] kasan_report+0xdc/0x128 [ 18.642544] kasan_check_range+0x100/0x1a8 [ 18.642590] __kasan_check_write+0x20/0x30 [ 18.642986] copy_to_kernel_nofault+0x8c/0x250 [ 18.643438] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.643683] kunit_try_run_case+0x170/0x3f0 [ 18.643746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.643820] kthread+0x328/0x630 [ 18.643872] ret_from_fork+0x10/0x20 [ 18.643920] [ 18.643942] Allocated by task 286: [ 18.644373] kasan_save_stack+0x3c/0x68 [ 18.644425] kasan_save_track+0x20/0x40 [ 18.644490] kasan_save_alloc_info+0x40/0x58 [ 18.644552] __kasan_kmalloc+0xd4/0xd8 [ 18.644886] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.644988] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.645035] kunit_try_run_case+0x170/0x3f0 [ 18.645642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.645804] kthread+0x328/0x630 [ 18.645965] ret_from_fork+0x10/0x20 [ 18.646092] [ 18.646350] The buggy address belongs to the object at fff00000c793a400 [ 18.646350] which belongs to the cache kmalloc-128 of size 128 [ 18.646548] The buggy address is located 0 bytes to the right of [ 18.646548] allocated 120-byte region [fff00000c793a400, fff00000c793a478) [ 18.646785] [ 18.646829] The buggy address belongs to the physical page: [ 18.646881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 18.647068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.647262] page_type: f5(slab) [ 18.647344] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.647478] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.647988] page dumped because: kasan: bad access detected [ 18.648104] [ 18.648253] Memory state around the buggy address: [ 18.648403] fff00000c793a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.648455] fff00000c793a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.648501] >fff00000c793a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.648559] ^ [ 18.648752] fff00000c793a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.648948] fff00000c793a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.649042] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.562277] ================================================================== [ 18.562581] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.562756] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/274 [ 18.562863] [ 18.562897] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.563021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.563051] Hardware name: linux,dummy-virt (DT) [ 18.563238] Call trace: [ 18.563393] show_stack+0x20/0x38 (C) [ 18.563505] dump_stack_lvl+0x8c/0xd0 [ 18.563556] print_report+0x310/0x608 [ 18.563601] kasan_report+0xdc/0x128 [ 18.563659] __asan_report_load1_noabort+0x20/0x30 [ 18.563709] vmalloc_oob+0x51c/0x5d0 [ 18.563756] kunit_try_run_case+0x170/0x3f0 [ 18.563804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.563859] kthread+0x328/0x630 [ 18.563919] ret_from_fork+0x10/0x20 [ 18.564269] [ 18.564620] The buggy address belongs to the virtual mapping at [ 18.564620] [ffff80008010b000, ffff80008010d000) created by: [ 18.564620] vmalloc_oob+0x98/0x5d0 [ 18.564748] [ 18.564800] The buggy address belongs to the physical page: [ 18.564833] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106efa [ 18.564997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.565101] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.565182] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.565591] page dumped because: kasan: bad access detected [ 18.565735] [ 18.565881] Memory state around the buggy address: [ 18.566009] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.566198] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.566252] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.566537] ^ [ 18.566804] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.567028] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.567200] ================================================================== [ 18.551870] ================================================================== [ 18.551960] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.552413] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/274 [ 18.552495] [ 18.552536] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.552636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.552664] Hardware name: linux,dummy-virt (DT) [ 18.553070] Call trace: [ 18.553154] show_stack+0x20/0x38 (C) [ 18.553226] dump_stack_lvl+0x8c/0xd0 [ 18.553525] print_report+0x310/0x608 [ 18.553735] kasan_report+0xdc/0x128 [ 18.553950] __asan_report_load1_noabort+0x20/0x30 [ 18.554135] vmalloc_oob+0x578/0x5d0 [ 18.554193] kunit_try_run_case+0x170/0x3f0 [ 18.554558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.554801] kthread+0x328/0x630 [ 18.555055] ret_from_fork+0x10/0x20 [ 18.555304] [ 18.555359] The buggy address belongs to the virtual mapping at [ 18.555359] [ffff80008010b000, ffff80008010d000) created by: [ 18.555359] vmalloc_oob+0x98/0x5d0 [ 18.555799] [ 18.555882] The buggy address belongs to the physical page: [ 18.556174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106efa [ 18.556459] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.556565] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.556721] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.556801] page dumped because: kasan: bad access detected [ 18.556836] [ 18.557107] Memory state around the buggy address: [ 18.557248] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.557401] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.557996] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.558172] ^ [ 18.558340] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.558599] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.558699] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.453258] ================================================================== [ 18.453320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.453412] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.453515] [ 18.453552] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.453789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.453818] Hardware name: linux,dummy-virt (DT) [ 18.454040] Call trace: [ 18.454378] show_stack+0x20/0x38 (C) [ 18.454530] dump_stack_lvl+0x8c/0xd0 [ 18.454583] print_report+0x118/0x608 [ 18.454685] kasan_report+0xdc/0x128 [ 18.454774] kasan_check_range+0x100/0x1a8 [ 18.454954] __kasan_check_write+0x20/0x30 [ 18.455008] kasan_atomics_helper+0x154c/0x4858 [ 18.455341] kasan_atomics+0x198/0x2e0 [ 18.455410] kunit_try_run_case+0x170/0x3f0 [ 18.455495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.455550] kthread+0x328/0x630 [ 18.455883] ret_from_fork+0x10/0x20 [ 18.455958] [ 18.456250] Allocated by task 270: [ 18.456344] kasan_save_stack+0x3c/0x68 [ 18.456515] kasan_save_track+0x20/0x40 [ 18.456882] kasan_save_alloc_info+0x40/0x58 [ 18.457204] __kasan_kmalloc+0xd4/0xd8 [ 18.457331] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.457441] kasan_atomics+0xb8/0x2e0 [ 18.457476] kunit_try_run_case+0x170/0x3f0 [ 18.457868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.457948] kthread+0x328/0x630 [ 18.458115] ret_from_fork+0x10/0x20 [ 18.458465] [ 18.458606] The buggy address belongs to the object at fff00000c7948980 [ 18.458606] which belongs to the cache kmalloc-64 of size 64 [ 18.458984] The buggy address is located 0 bytes to the right of [ 18.458984] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.459062] [ 18.459084] The buggy address belongs to the physical page: [ 18.459118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.459390] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.459786] page_type: f5(slab) [ 18.459882] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.460277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.460343] page dumped because: kasan: bad access detected [ 18.460380] [ 18.460409] Memory state around the buggy address: [ 18.460460] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.460663] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.460878] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.460963] ^ [ 18.461024] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.461399] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.461477] ================================================================== [ 18.204711] ================================================================== [ 18.204768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 18.205097] Write of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.205322] [ 18.205367] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.205520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.205578] Hardware name: linux,dummy-virt (DT) [ 18.205615] Call trace: [ 18.205808] show_stack+0x20/0x38 (C) [ 18.205893] dump_stack_lvl+0x8c/0xd0 [ 18.205950] print_report+0x118/0x608 [ 18.206000] kasan_report+0xdc/0x128 [ 18.206324] kasan_check_range+0x100/0x1a8 [ 18.206689] __kasan_check_write+0x20/0x30 [ 18.207007] kasan_atomics_helper+0xad4/0x4858 [ 18.207079] kasan_atomics+0x198/0x2e0 [ 18.207439] kunit_try_run_case+0x170/0x3f0 [ 18.207516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.207600] kthread+0x328/0x630 [ 18.207673] ret_from_fork+0x10/0x20 [ 18.207722] [ 18.207978] Allocated by task 270: [ 18.208070] kasan_save_stack+0x3c/0x68 [ 18.208398] kasan_save_track+0x20/0x40 [ 18.208744] kasan_save_alloc_info+0x40/0x58 [ 18.208967] __kasan_kmalloc+0xd4/0xd8 [ 18.209049] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.209449] kasan_atomics+0xb8/0x2e0 [ 18.209520] kunit_try_run_case+0x170/0x3f0 [ 18.209666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.209717] kthread+0x328/0x630 [ 18.210089] ret_from_fork+0x10/0x20 [ 18.210171] [ 18.210392] The buggy address belongs to the object at fff00000c7948980 [ 18.210392] which belongs to the cache kmalloc-64 of size 64 [ 18.210548] The buggy address is located 0 bytes to the right of [ 18.210548] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.210621] [ 18.210654] The buggy address belongs to the physical page: [ 18.210936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.211270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.211349] page_type: f5(slab) [ 18.211487] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.211553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.211604] page dumped because: kasan: bad access detected [ 18.211700] [ 18.211723] Memory state around the buggy address: [ 18.211774] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.211819] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.211865] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.211905] ^ [ 18.212203] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.212295] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.212772] ================================================================== [ 18.388569] ================================================================== [ 18.388783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.388855] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.389040] [ 18.389076] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.389396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.389466] Hardware name: linux,dummy-virt (DT) [ 18.389501] Call trace: [ 18.389667] show_stack+0x20/0x38 (C) [ 18.389748] dump_stack_lvl+0x8c/0xd0 [ 18.389800] print_report+0x118/0x608 [ 18.389844] kasan_report+0xdc/0x128 [ 18.389890] kasan_check_range+0x100/0x1a8 [ 18.389937] __kasan_check_write+0x20/0x30 [ 18.389987] kasan_atomics_helper+0x11f8/0x4858 [ 18.390106] kasan_atomics+0x198/0x2e0 [ 18.390156] kunit_try_run_case+0x170/0x3f0 [ 18.390206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.390261] kthread+0x328/0x630 [ 18.390312] ret_from_fork+0x10/0x20 [ 18.390361] [ 18.390392] Allocated by task 270: [ 18.390423] kasan_save_stack+0x3c/0x68 [ 18.390462] kasan_save_track+0x20/0x40 [ 18.390501] kasan_save_alloc_info+0x40/0x58 [ 18.390540] __kasan_kmalloc+0xd4/0xd8 [ 18.390577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.390614] kasan_atomics+0xb8/0x2e0 [ 18.391109] kunit_try_run_case+0x170/0x3f0 [ 18.391377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.391447] kthread+0x328/0x630 [ 18.391493] ret_from_fork+0x10/0x20 [ 18.391530] [ 18.391964] The buggy address belongs to the object at fff00000c7948980 [ 18.391964] which belongs to the cache kmalloc-64 of size 64 [ 18.392332] The buggy address is located 0 bytes to the right of [ 18.392332] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.392475] [ 18.392869] The buggy address belongs to the physical page: [ 18.393034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.393216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.393310] page_type: f5(slab) [ 18.393699] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.393823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.394067] page dumped because: kasan: bad access detected [ 18.394148] [ 18.394236] Memory state around the buggy address: [ 18.394549] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.394694] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.394782] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.394822] ^ [ 18.395133] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.395210] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.395394] ================================================================== [ 18.339382] ================================================================== [ 18.339505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.339874] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.339937] [ 18.340388] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.340540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.340607] Hardware name: linux,dummy-virt (DT) [ 18.340770] Call trace: [ 18.340850] show_stack+0x20/0x38 (C) [ 18.341069] dump_stack_lvl+0x8c/0xd0 [ 18.341127] print_report+0x118/0x608 [ 18.341360] kasan_report+0xdc/0x128 [ 18.341541] kasan_check_range+0x100/0x1a8 [ 18.341937] __kasan_check_write+0x20/0x30 [ 18.342046] kasan_atomics_helper+0xf88/0x4858 [ 18.342176] kasan_atomics+0x198/0x2e0 [ 18.342288] kunit_try_run_case+0x170/0x3f0 [ 18.342369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342424] kthread+0x328/0x630 [ 18.342472] ret_from_fork+0x10/0x20 [ 18.343169] [ 18.343209] Allocated by task 270: [ 18.343326] kasan_save_stack+0x3c/0x68 [ 18.343405] kasan_save_track+0x20/0x40 [ 18.343775] kasan_save_alloc_info+0x40/0x58 [ 18.343980] __kasan_kmalloc+0xd4/0xd8 [ 18.344065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.344146] kasan_atomics+0xb8/0x2e0 [ 18.344224] kunit_try_run_case+0x170/0x3f0 [ 18.344625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.344791] kthread+0x328/0x630 [ 18.344836] ret_from_fork+0x10/0x20 [ 18.344876] [ 18.345086] The buggy address belongs to the object at fff00000c7948980 [ 18.345086] which belongs to the cache kmalloc-64 of size 64 [ 18.345280] The buggy address is located 0 bytes to the right of [ 18.345280] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.345668] [ 18.345698] The buggy address belongs to the physical page: [ 18.345733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.345788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.345839] page_type: f5(slab) [ 18.345897] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.345949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.345998] page dumped because: kasan: bad access detected [ 18.346041] [ 18.346071] Memory state around the buggy address: [ 18.346108] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.346153] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.346199] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.346237] ^ [ 18.346288] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.346346] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.346397] ================================================================== [ 18.500557] ================================================================== [ 18.500609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.500680] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.500732] [ 18.500774] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.501045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.501095] Hardware name: linux,dummy-virt (DT) [ 18.501156] Call trace: [ 18.501431] show_stack+0x20/0x38 (C) [ 18.501594] dump_stack_lvl+0x8c/0xd0 [ 18.501839] print_report+0x118/0x608 [ 18.501910] kasan_report+0xdc/0x128 [ 18.502379] __asan_report_load8_noabort+0x20/0x30 [ 18.502525] kasan_atomics_helper+0x3e10/0x4858 [ 18.502900] kasan_atomics+0x198/0x2e0 [ 18.502970] kunit_try_run_case+0x170/0x3f0 [ 18.503021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.503094] kthread+0x328/0x630 [ 18.503190] ret_from_fork+0x10/0x20 [ 18.503280] [ 18.503329] Allocated by task 270: [ 18.503397] kasan_save_stack+0x3c/0x68 [ 18.503677] kasan_save_track+0x20/0x40 [ 18.503757] kasan_save_alloc_info+0x40/0x58 [ 18.503838] __kasan_kmalloc+0xd4/0xd8 [ 18.503881] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.503920] kasan_atomics+0xb8/0x2e0 [ 18.503956] kunit_try_run_case+0x170/0x3f0 [ 18.504411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.504574] kthread+0x328/0x630 [ 18.504719] ret_from_fork+0x10/0x20 [ 18.504771] [ 18.504798] The buggy address belongs to the object at fff00000c7948980 [ 18.504798] which belongs to the cache kmalloc-64 of size 64 [ 18.504865] The buggy address is located 0 bytes to the right of [ 18.504865] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.504931] [ 18.505256] The buggy address belongs to the physical page: [ 18.505364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.505720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.505788] page_type: f5(slab) [ 18.505829] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.506107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.506499] page dumped because: kasan: bad access detected [ 18.506573] [ 18.506623] Memory state around the buggy address: [ 18.506783] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.506833] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.507146] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.507229] ^ [ 18.507435] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507617] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507738] ================================================================== [ 18.315101] ================================================================== [ 18.315449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.315526] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.315643] [ 18.315679] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.315759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.315788] Hardware name: linux,dummy-virt (DT) [ 18.315945] Call trace: [ 18.316006] show_stack+0x20/0x38 (C) [ 18.316318] dump_stack_lvl+0x8c/0xd0 [ 18.316487] print_report+0x118/0x608 [ 18.316660] kasan_report+0xdc/0x128 [ 18.316779] __asan_report_store8_noabort+0x20/0x30 [ 18.316968] kasan_atomics_helper+0x3e5c/0x4858 [ 18.317137] kasan_atomics+0x198/0x2e0 [ 18.317264] kunit_try_run_case+0x170/0x3f0 [ 18.317390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.317841] kthread+0x328/0x630 [ 18.317964] ret_from_fork+0x10/0x20 [ 18.318202] [ 18.318521] Allocated by task 270: [ 18.318581] kasan_save_stack+0x3c/0x68 [ 18.318890] kasan_save_track+0x20/0x40 [ 18.318966] kasan_save_alloc_info+0x40/0x58 [ 18.319139] __kasan_kmalloc+0xd4/0xd8 [ 18.319435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.319622] kasan_atomics+0xb8/0x2e0 [ 18.319779] kunit_try_run_case+0x170/0x3f0 [ 18.319843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.320256] kthread+0x328/0x630 [ 18.320341] ret_from_fork+0x10/0x20 [ 18.320711] [ 18.320738] The buggy address belongs to the object at fff00000c7948980 [ 18.320738] which belongs to the cache kmalloc-64 of size 64 [ 18.320801] The buggy address is located 0 bytes to the right of [ 18.320801] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.321152] [ 18.321213] The buggy address belongs to the physical page: [ 18.321516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.321579] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.321694] page_type: f5(slab) [ 18.321765] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.321828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.321880] page dumped because: kasan: bad access detected [ 18.321922] [ 18.321951] Memory state around the buggy address: [ 18.321989] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.322034] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.322078] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.322116] ^ [ 18.322152] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.322205] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.322245] ================================================================== [ 18.373293] ================================================================== [ 18.373346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.373396] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.373449] [ 18.373480] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.373590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373640] Hardware name: linux,dummy-virt (DT) [ 18.373673] Call trace: [ 18.373699] show_stack+0x20/0x38 (C) [ 18.373747] dump_stack_lvl+0x8c/0xd0 [ 18.373795] print_report+0x118/0x608 [ 18.373849] kasan_report+0xdc/0x128 [ 18.373896] kasan_check_range+0x100/0x1a8 [ 18.373942] __kasan_check_write+0x20/0x30 [ 18.373996] kasan_atomics_helper+0x1128/0x4858 [ 18.374053] kasan_atomics+0x198/0x2e0 [ 18.374106] kunit_try_run_case+0x170/0x3f0 [ 18.374155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.374209] kthread+0x328/0x630 [ 18.374259] ret_from_fork+0x10/0x20 [ 18.374308] [ 18.374329] Allocated by task 270: [ 18.374366] kasan_save_stack+0x3c/0x68 [ 18.374408] kasan_save_track+0x20/0x40 [ 18.374476] kasan_save_alloc_info+0x40/0x58 [ 18.374515] __kasan_kmalloc+0xd4/0xd8 [ 18.374553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.374590] kasan_atomics+0xb8/0x2e0 [ 18.374637] kunit_try_run_case+0x170/0x3f0 [ 18.374677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.374723] kthread+0x328/0x630 [ 18.374940] ret_from_fork+0x10/0x20 [ 18.375088] [ 18.375175] The buggy address belongs to the object at fff00000c7948980 [ 18.375175] which belongs to the cache kmalloc-64 of size 64 [ 18.375883] The buggy address is located 0 bytes to the right of [ 18.375883] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.375999] [ 18.376042] The buggy address belongs to the physical page: [ 18.376106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.376515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.376599] page_type: f5(slab) [ 18.376651] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.376704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.377000] page dumped because: kasan: bad access detected [ 18.377165] [ 18.377417] Memory state around the buggy address: [ 18.377488] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.377567] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.377613] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.377982] ^ [ 18.378050] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378119] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378438] ================================================================== [ 18.197750] ================================================================== [ 18.197835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.197935] Write of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.198015] [ 18.198047] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.198372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.198428] Hardware name: linux,dummy-virt (DT) [ 18.198462] Call trace: [ 18.198486] show_stack+0x20/0x38 (C) [ 18.198697] dump_stack_lvl+0x8c/0xd0 [ 18.198863] print_report+0x118/0x608 [ 18.199201] kasan_report+0xdc/0x128 [ 18.199270] kasan_check_range+0x100/0x1a8 [ 18.199319] __kasan_check_write+0x20/0x30 [ 18.199590] kasan_atomics_helper+0xa6c/0x4858 [ 18.199679] kasan_atomics+0x198/0x2e0 [ 18.199725] kunit_try_run_case+0x170/0x3f0 [ 18.200057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.200235] kthread+0x328/0x630 [ 18.200291] ret_from_fork+0x10/0x20 [ 18.200338] [ 18.200479] Allocated by task 270: [ 18.200513] kasan_save_stack+0x3c/0x68 [ 18.200557] kasan_save_track+0x20/0x40 [ 18.200823] kasan_save_alloc_info+0x40/0x58 [ 18.200993] __kasan_kmalloc+0xd4/0xd8 [ 18.201070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.201435] kasan_atomics+0xb8/0x2e0 [ 18.201488] kunit_try_run_case+0x170/0x3f0 [ 18.201529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.201807] kthread+0x328/0x630 [ 18.202157] ret_from_fork+0x10/0x20 [ 18.202233] [ 18.202289] The buggy address belongs to the object at fff00000c7948980 [ 18.202289] which belongs to the cache kmalloc-64 of size 64 [ 18.202407] The buggy address is located 0 bytes to the right of [ 18.202407] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.202522] [ 18.202707] The buggy address belongs to the physical page: [ 18.202889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.202950] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.203075] page_type: f5(slab) [ 18.203126] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.203178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.203226] page dumped because: kasan: bad access detected [ 18.203269] [ 18.203297] Memory state around the buggy address: [ 18.203336] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203392] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203436] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.203485] ^ [ 18.203528] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203573] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203622] ================================================================== [ 18.189984] ================================================================== [ 18.190311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 18.190377] Write of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.190429] [ 18.190683] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.190826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.190884] Hardware name: linux,dummy-virt (DT) [ 18.190917] Call trace: [ 18.191227] show_stack+0x20/0x38 (C) [ 18.191331] dump_stack_lvl+0x8c/0xd0 [ 18.191383] print_report+0x118/0x608 [ 18.191429] kasan_report+0xdc/0x128 [ 18.191473] kasan_check_range+0x100/0x1a8 [ 18.191855] __kasan_check_write+0x20/0x30 [ 18.191948] kasan_atomics_helper+0xa04/0x4858 [ 18.192150] kasan_atomics+0x198/0x2e0 [ 18.192238] kunit_try_run_case+0x170/0x3f0 [ 18.192549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.192700] kthread+0x328/0x630 [ 18.192754] ret_from_fork+0x10/0x20 [ 18.192810] [ 18.192832] Allocated by task 270: [ 18.192895] kasan_save_stack+0x3c/0x68 [ 18.192959] kasan_save_track+0x20/0x40 [ 18.193014] kasan_save_alloc_info+0x40/0x58 [ 18.193061] __kasan_kmalloc+0xd4/0xd8 [ 18.193109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.193149] kasan_atomics+0xb8/0x2e0 [ 18.193184] kunit_try_run_case+0x170/0x3f0 [ 18.193233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.193294] kthread+0x328/0x630 [ 18.193341] ret_from_fork+0x10/0x20 [ 18.193379] [ 18.193399] The buggy address belongs to the object at fff00000c7948980 [ 18.193399] which belongs to the cache kmalloc-64 of size 64 [ 18.193471] The buggy address is located 0 bytes to the right of [ 18.193471] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.193536] [ 18.193559] The buggy address belongs to the physical page: [ 18.193599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.193943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.194310] page_type: f5(slab) [ 18.194385] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.194462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.194548] page dumped because: kasan: bad access detected [ 18.194849] [ 18.195126] Memory state around the buggy address: [ 18.195220] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.195369] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.195449] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.195776] ^ [ 18.195950] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196015] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196391] ================================================================== [ 18.404200] ================================================================== [ 18.404389] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.404475] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.404528] [ 18.404566] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.404976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.405283] Hardware name: linux,dummy-virt (DT) [ 18.405397] Call trace: [ 18.405429] show_stack+0x20/0x38 (C) [ 18.405797] dump_stack_lvl+0x8c/0xd0 [ 18.406066] print_report+0x118/0x608 [ 18.406433] kasan_report+0xdc/0x128 [ 18.406728] kasan_check_range+0x100/0x1a8 [ 18.406819] __kasan_check_write+0x20/0x30 [ 18.407005] kasan_atomics_helper+0x12d8/0x4858 [ 18.407165] kasan_atomics+0x198/0x2e0 [ 18.407253] kunit_try_run_case+0x170/0x3f0 [ 18.407479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.407544] kthread+0x328/0x630 [ 18.407589] ret_from_fork+0x10/0x20 [ 18.407691] [ 18.407722] Allocated by task 270: [ 18.407773] kasan_save_stack+0x3c/0x68 [ 18.407815] kasan_save_track+0x20/0x40 [ 18.407869] kasan_save_alloc_info+0x40/0x58 [ 18.407918] __kasan_kmalloc+0xd4/0xd8 [ 18.407969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.408016] kasan_atomics+0xb8/0x2e0 [ 18.408053] kunit_try_run_case+0x170/0x3f0 [ 18.408093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.408141] kthread+0x328/0x630 [ 18.408177] ret_from_fork+0x10/0x20 [ 18.408229] [ 18.408258] The buggy address belongs to the object at fff00000c7948980 [ 18.408258] which belongs to the cache kmalloc-64 of size 64 [ 18.408338] The buggy address is located 0 bytes to the right of [ 18.408338] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.408403] [ 18.408424] The buggy address belongs to the physical page: [ 18.408472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.408534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.408582] page_type: f5(slab) [ 18.408918] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.409330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.409400] page dumped because: kasan: bad access detected [ 18.409477] [ 18.409549] Memory state around the buggy address: [ 18.409637] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.409941] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.410138] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.410491] ^ [ 18.410560] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.410904] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411013] ================================================================== [ 18.356875] ================================================================== [ 18.356942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.357212] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.357293] [ 18.357325] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.357615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.357706] Hardware name: linux,dummy-virt (DT) [ 18.357749] Call trace: [ 18.358093] show_stack+0x20/0x38 (C) [ 18.358183] dump_stack_lvl+0x8c/0xd0 [ 18.358235] print_report+0x118/0x608 [ 18.358281] kasan_report+0xdc/0x128 [ 18.358326] kasan_check_range+0x100/0x1a8 [ 18.358453] __kasan_check_write+0x20/0x30 [ 18.358547] kasan_atomics_helper+0x1058/0x4858 [ 18.358595] kasan_atomics+0x198/0x2e0 [ 18.358781] kunit_try_run_case+0x170/0x3f0 [ 18.358936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.359004] kthread+0x328/0x630 [ 18.359364] ret_from_fork+0x10/0x20 [ 18.359434] [ 18.359579] Allocated by task 270: [ 18.359615] kasan_save_stack+0x3c/0x68 [ 18.359769] kasan_save_track+0x20/0x40 [ 18.359859] kasan_save_alloc_info+0x40/0x58 [ 18.360359] __kasan_kmalloc+0xd4/0xd8 [ 18.360681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.360799] kasan_atomics+0xb8/0x2e0 [ 18.360898] kunit_try_run_case+0x170/0x3f0 [ 18.361059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.361401] kthread+0x328/0x630 [ 18.361482] ret_from_fork+0x10/0x20 [ 18.361663] [ 18.361700] The buggy address belongs to the object at fff00000c7948980 [ 18.361700] which belongs to the cache kmalloc-64 of size 64 [ 18.362004] The buggy address is located 0 bytes to the right of [ 18.362004] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.362181] [ 18.362207] The buggy address belongs to the physical page: [ 18.362241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.362323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.362599] page_type: f5(slab) [ 18.362779] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.362873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.362916] page dumped because: kasan: bad access detected [ 18.362956] [ 18.362978] Memory state around the buggy address: [ 18.363022] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363084] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363143] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.363194] ^ [ 18.363236] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.363281] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.363330] ================================================================== [ 18.462057] ================================================================== [ 18.462112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.462519] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.462591] [ 18.462624] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.462719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.462746] Hardware name: linux,dummy-virt (DT) [ 18.462992] Call trace: [ 18.463291] show_stack+0x20/0x38 (C) [ 18.463420] dump_stack_lvl+0x8c/0xd0 [ 18.463469] print_report+0x118/0x608 [ 18.463534] kasan_report+0xdc/0x128 [ 18.463581] kasan_check_range+0x100/0x1a8 [ 18.463650] __kasan_check_write+0x20/0x30 [ 18.463699] kasan_atomics_helper+0x15b4/0x4858 [ 18.463745] kasan_atomics+0x198/0x2e0 [ 18.463790] kunit_try_run_case+0x170/0x3f0 [ 18.463848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.463902] kthread+0x328/0x630 [ 18.463948] ret_from_fork+0x10/0x20 [ 18.463994] [ 18.464383] Allocated by task 270: [ 18.464456] kasan_save_stack+0x3c/0x68 [ 18.464656] kasan_save_track+0x20/0x40 [ 18.464698] kasan_save_alloc_info+0x40/0x58 [ 18.464752] __kasan_kmalloc+0xd4/0xd8 [ 18.464788] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.465129] kasan_atomics+0xb8/0x2e0 [ 18.465500] kunit_try_run_case+0x170/0x3f0 [ 18.465579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.465790] kthread+0x328/0x630 [ 18.466064] ret_from_fork+0x10/0x20 [ 18.466109] [ 18.466131] The buggy address belongs to the object at fff00000c7948980 [ 18.466131] which belongs to the cache kmalloc-64 of size 64 [ 18.466477] The buggy address is located 0 bytes to the right of [ 18.466477] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.466782] [ 18.466819] The buggy address belongs to the physical page: [ 18.466941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.467133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.467185] page_type: f5(slab) [ 18.467496] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.467587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.468005] page dumped because: kasan: bad access detected [ 18.468156] [ 18.468181] Memory state around the buggy address: [ 18.468218] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.468438] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.468491] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.468871] ^ [ 18.468944] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.469015] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.469056] ================================================================== [ 18.523304] ================================================================== [ 18.523657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.523789] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.523881] [ 18.524062] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.524317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.524381] Hardware name: linux,dummy-virt (DT) [ 18.524486] Call trace: [ 18.524764] show_stack+0x20/0x38 (C) [ 18.524832] dump_stack_lvl+0x8c/0xd0 [ 18.525014] print_report+0x118/0x608 [ 18.525186] kasan_report+0xdc/0x128 [ 18.525492] kasan_check_range+0x100/0x1a8 [ 18.525823] __kasan_check_write+0x20/0x30 [ 18.525890] kasan_atomics_helper+0x17ec/0x4858 [ 18.526318] kasan_atomics+0x198/0x2e0 [ 18.526556] kunit_try_run_case+0x170/0x3f0 [ 18.526639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.526858] kthread+0x328/0x630 [ 18.527102] ret_from_fork+0x10/0x20 [ 18.527348] [ 18.527394] Allocated by task 270: [ 18.527647] kasan_save_stack+0x3c/0x68 [ 18.527720] kasan_save_track+0x20/0x40 [ 18.527777] kasan_save_alloc_info+0x40/0x58 [ 18.527818] __kasan_kmalloc+0xd4/0xd8 [ 18.527854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.527904] kasan_atomics+0xb8/0x2e0 [ 18.527938] kunit_try_run_case+0x170/0x3f0 [ 18.527979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.528182] kthread+0x328/0x630 [ 18.528422] ret_from_fork+0x10/0x20 [ 18.528667] [ 18.529175] The buggy address belongs to the object at fff00000c7948980 [ 18.529175] which belongs to the cache kmalloc-64 of size 64 [ 18.529264] The buggy address is located 0 bytes to the right of [ 18.529264] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.529332] [ 18.529353] The buggy address belongs to the physical page: [ 18.530018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.530095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.530376] page_type: f5(slab) [ 18.530458] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.530789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.531014] page dumped because: kasan: bad access detected [ 18.531067] [ 18.531090] Memory state around the buggy address: [ 18.531127] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.531719] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.531850] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.532059] ^ [ 18.532261] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.532325] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.532549] ================================================================== [ 18.279275] ================================================================== [ 18.279331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.279388] Read of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.279439] [ 18.279481] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.279562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.279592] Hardware name: linux,dummy-virt (DT) [ 18.279624] Call trace: [ 18.280589] show_stack+0x20/0x38 (C) [ 18.280677] dump_stack_lvl+0x8c/0xd0 [ 18.280760] print_report+0x118/0x608 [ 18.280834] kasan_report+0xdc/0x128 [ 18.280891] __asan_report_load4_noabort+0x20/0x30 [ 18.280940] kasan_atomics_helper+0x3e04/0x4858 [ 18.280990] kasan_atomics+0x198/0x2e0 [ 18.281034] kunit_try_run_case+0x170/0x3f0 [ 18.281638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.282315] kthread+0x328/0x630 [ 18.282473] ret_from_fork+0x10/0x20 [ 18.282563] [ 18.282584] Allocated by task 270: [ 18.282933] kasan_save_stack+0x3c/0x68 [ 18.283008] kasan_save_track+0x20/0x40 [ 18.283198] kasan_save_alloc_info+0x40/0x58 [ 18.283245] __kasan_kmalloc+0xd4/0xd8 [ 18.284022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.284089] kasan_atomics+0xb8/0x2e0 [ 18.284127] kunit_try_run_case+0x170/0x3f0 [ 18.284502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.284678] kthread+0x328/0x630 [ 18.285050] ret_from_fork+0x10/0x20 [ 18.285120] [ 18.285294] The buggy address belongs to the object at fff00000c7948980 [ 18.285294] which belongs to the cache kmalloc-64 of size 64 [ 18.285476] The buggy address is located 0 bytes to the right of [ 18.285476] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.285954] [ 18.285999] The buggy address belongs to the physical page: [ 18.286032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.286444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.286758] page_type: f5(slab) [ 18.286920] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.287007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.287052] page dumped because: kasan: bad access detected [ 18.287437] [ 18.287493] Memory state around the buggy address: [ 18.287547] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.288050] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.288122] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.288193] ^ [ 18.288554] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288620] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288771] ================================================================== [ 18.363564] ================================================================== [ 18.363613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.363734] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.364341] [ 18.364424] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.364658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.364710] Hardware name: linux,dummy-virt (DT) [ 18.364887] Call trace: [ 18.364941] show_stack+0x20/0x38 (C) [ 18.365040] dump_stack_lvl+0x8c/0xd0 [ 18.365319] print_report+0x118/0x608 [ 18.365492] kasan_report+0xdc/0x128 [ 18.365783] kasan_check_range+0x100/0x1a8 [ 18.365885] __kasan_check_write+0x20/0x30 [ 18.365955] kasan_atomics_helper+0x10c0/0x4858 [ 18.366033] kasan_atomics+0x198/0x2e0 [ 18.366392] kunit_try_run_case+0x170/0x3f0 [ 18.366484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.366966] kthread+0x328/0x630 [ 18.367078] ret_from_fork+0x10/0x20 [ 18.367515] [ 18.367611] Allocated by task 270: [ 18.367742] kasan_save_stack+0x3c/0x68 [ 18.367872] kasan_save_track+0x20/0x40 [ 18.367930] kasan_save_alloc_info+0x40/0x58 [ 18.367970] __kasan_kmalloc+0xd4/0xd8 [ 18.368196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.368366] kasan_atomics+0xb8/0x2e0 [ 18.368622] kunit_try_run_case+0x170/0x3f0 [ 18.368848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.368931] kthread+0x328/0x630 [ 18.369139] ret_from_fork+0x10/0x20 [ 18.369369] [ 18.369560] The buggy address belongs to the object at fff00000c7948980 [ 18.369560] which belongs to the cache kmalloc-64 of size 64 [ 18.369720] The buggy address is located 0 bytes to the right of [ 18.369720] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.369950] [ 18.370126] The buggy address belongs to the physical page: [ 18.370166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.370465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.370564] page_type: f5(slab) [ 18.370640] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.371014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.371121] page dumped because: kasan: bad access detected [ 18.371159] [ 18.371179] Memory state around the buggy address: [ 18.371574] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.371984] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.372048] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.372175] ^ [ 18.372215] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372270] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372317] ================================================================== [ 18.330036] ================================================================== [ 18.330401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.330542] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.330648] [ 18.330682] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.330863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.330969] Hardware name: linux,dummy-virt (DT) [ 18.331004] Call trace: [ 18.331191] show_stack+0x20/0x38 (C) [ 18.331347] dump_stack_lvl+0x8c/0xd0 [ 18.331405] print_report+0x118/0x608 [ 18.331452] kasan_report+0xdc/0x128 [ 18.331496] kasan_check_range+0x100/0x1a8 [ 18.331824] __kasan_check_write+0x20/0x30 [ 18.331897] kasan_atomics_helper+0xf20/0x4858 [ 18.332073] kasan_atomics+0x198/0x2e0 [ 18.332509] kunit_try_run_case+0x170/0x3f0 [ 18.332588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.332756] kthread+0x328/0x630 [ 18.332861] ret_from_fork+0x10/0x20 [ 18.333352] [ 18.333434] Allocated by task 270: [ 18.333558] kasan_save_stack+0x3c/0x68 [ 18.333606] kasan_save_track+0x20/0x40 [ 18.333655] kasan_save_alloc_info+0x40/0x58 [ 18.334000] __kasan_kmalloc+0xd4/0xd8 [ 18.334253] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.334350] kasan_atomics+0xb8/0x2e0 [ 18.334732] kunit_try_run_case+0x170/0x3f0 [ 18.334804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.335102] kthread+0x328/0x630 [ 18.335158] ret_from_fork+0x10/0x20 [ 18.335198] [ 18.335938] The buggy address belongs to the object at fff00000c7948980 [ 18.335938] which belongs to the cache kmalloc-64 of size 64 [ 18.336021] The buggy address is located 0 bytes to the right of [ 18.336021] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.336087] [ 18.336208] The buggy address belongs to the physical page: [ 18.336362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.336540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.336664] page_type: f5(slab) [ 18.337083] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.337176] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.337243] page dumped because: kasan: bad access detected [ 18.337279] [ 18.337299] Memory state around the buggy address: [ 18.337898] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.337973] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.338030] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.338159] ^ [ 18.338209] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.338340] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.338382] ================================================================== [ 18.411647] ================================================================== [ 18.411702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.412011] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.412503] [ 18.412701] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.412884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.413042] Hardware name: linux,dummy-virt (DT) [ 18.413119] Call trace: [ 18.413152] show_stack+0x20/0x38 (C) [ 18.413202] dump_stack_lvl+0x8c/0xd0 [ 18.413253] print_report+0x118/0x608 [ 18.413511] kasan_report+0xdc/0x128 [ 18.414039] kasan_check_range+0x100/0x1a8 [ 18.414174] __kasan_check_write+0x20/0x30 [ 18.414341] kasan_atomics_helper+0x1384/0x4858 [ 18.414477] kasan_atomics+0x198/0x2e0 [ 18.414545] kunit_try_run_case+0x170/0x3f0 [ 18.414620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.417355] kthread+0x328/0x630 [ 18.417812] ret_from_fork+0x10/0x20 [ 18.418216] [ 18.418260] Allocated by task 270: [ 18.419428] kasan_save_stack+0x3c/0x68 [ 18.419516] kasan_save_track+0x20/0x40 [ 18.419579] kasan_save_alloc_info+0x40/0x58 [ 18.419690] __kasan_kmalloc+0xd4/0xd8 [ 18.419730] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.420223] kasan_atomics+0xb8/0x2e0 [ 18.420301] kunit_try_run_case+0x170/0x3f0 [ 18.420376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.421445] kthread+0x328/0x630 [ 18.421891] ret_from_fork+0x10/0x20 [ 18.422726] [ 18.422758] The buggy address belongs to the object at fff00000c7948980 [ 18.422758] which belongs to the cache kmalloc-64 of size 64 [ 18.424116] The buggy address is located 0 bytes to the right of [ 18.424116] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.424185] [ 18.424207] The buggy address belongs to the physical page: [ 18.424241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.424295] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.424344] page_type: f5(slab) [ 18.424383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.424436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.424480] page dumped because: kasan: bad access detected [ 18.424514] [ 18.424534] Memory state around the buggy address: [ 18.424568] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.424614] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.424677] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.424718] ^ [ 18.424753] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.424796] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.424835] ================================================================== [ 18.430987] ================================================================== [ 18.431041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.431099] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.431161] [ 18.431193] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.431275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.431304] Hardware name: linux,dummy-virt (DT) [ 18.431335] Call trace: [ 18.431360] show_stack+0x20/0x38 (C) [ 18.431406] dump_stack_lvl+0x8c/0xd0 [ 18.431456] print_report+0x118/0x608 [ 18.431501] kasan_report+0xdc/0x128 [ 18.431546] kasan_check_range+0x100/0x1a8 [ 18.431601] __kasan_check_write+0x20/0x30 [ 18.431663] kasan_atomics_helper+0x1414/0x4858 [ 18.431711] kasan_atomics+0x198/0x2e0 [ 18.431765] kunit_try_run_case+0x170/0x3f0 [ 18.431815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.431869] kthread+0x328/0x630 [ 18.431913] ret_from_fork+0x10/0x20 [ 18.431970] [ 18.432248] Allocated by task 270: [ 18.432564] kasan_save_stack+0x3c/0x68 [ 18.432644] kasan_save_track+0x20/0x40 [ 18.432713] kasan_save_alloc_info+0x40/0x58 [ 18.432788] __kasan_kmalloc+0xd4/0xd8 [ 18.433102] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.433174] kasan_atomics+0xb8/0x2e0 [ 18.433307] kunit_try_run_case+0x170/0x3f0 [ 18.433352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433401] kthread+0x328/0x630 [ 18.433446] ret_from_fork+0x10/0x20 [ 18.433949] [ 18.434124] The buggy address belongs to the object at fff00000c7948980 [ 18.434124] which belongs to the cache kmalloc-64 of size 64 [ 18.434302] The buggy address is located 0 bytes to the right of [ 18.434302] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.434619] [ 18.434721] The buggy address belongs to the physical page: [ 18.434814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.434947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.435328] page_type: f5(slab) [ 18.435381] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.435742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.435852] page dumped because: kasan: bad access detected [ 18.436116] [ 18.436252] Memory state around the buggy address: [ 18.436398] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.436540] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.436770] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.437092] ^ [ 18.437234] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.437369] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.437478] ================================================================== [ 18.379093] ================================================================== [ 18.379244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.379305] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.379356] [ 18.379387] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.379468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.379495] Hardware name: linux,dummy-virt (DT) [ 18.379815] Call trace: [ 18.379950] show_stack+0x20/0x38 (C) [ 18.380253] dump_stack_lvl+0x8c/0xd0 [ 18.380302] print_report+0x118/0x608 [ 18.380492] kasan_report+0xdc/0x128 [ 18.380817] kasan_check_range+0x100/0x1a8 [ 18.381086] __kasan_check_write+0x20/0x30 [ 18.381323] kasan_atomics_helper+0x1190/0x4858 [ 18.381658] kasan_atomics+0x198/0x2e0 [ 18.381812] kunit_try_run_case+0x170/0x3f0 [ 18.381947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.382115] kthread+0x328/0x630 [ 18.382199] ret_from_fork+0x10/0x20 [ 18.382249] [ 18.382273] Allocated by task 270: [ 18.382589] kasan_save_stack+0x3c/0x68 [ 18.382768] kasan_save_track+0x20/0x40 [ 18.382822] kasan_save_alloc_info+0x40/0x58 [ 18.383153] __kasan_kmalloc+0xd4/0xd8 [ 18.383243] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.383353] kasan_atomics+0xb8/0x2e0 [ 18.383495] kunit_try_run_case+0x170/0x3f0 [ 18.383567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.383863] kthread+0x328/0x630 [ 18.383983] ret_from_fork+0x10/0x20 [ 18.384260] [ 18.384311] The buggy address belongs to the object at fff00000c7948980 [ 18.384311] which belongs to the cache kmalloc-64 of size 64 [ 18.384391] The buggy address is located 0 bytes to the right of [ 18.384391] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.384758] [ 18.384807] The buggy address belongs to the physical page: [ 18.384865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.385070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.385223] page_type: f5(slab) [ 18.385491] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.385588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.386009] page dumped because: kasan: bad access detected [ 18.386118] [ 18.386185] Memory state around the buggy address: [ 18.386221] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.386288] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.386658] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.386739] ^ [ 18.387006] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.387147] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.387231] ================================================================== [ 18.514125] ================================================================== [ 18.514182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.514233] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.514554] [ 18.514775] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.514877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.515215] Hardware name: linux,dummy-virt (DT) [ 18.515285] Call trace: [ 18.515312] show_stack+0x20/0x38 (C) [ 18.515364] dump_stack_lvl+0x8c/0xd0 [ 18.515413] print_report+0x118/0x608 [ 18.515466] kasan_report+0xdc/0x128 [ 18.515513] __asan_report_load8_noabort+0x20/0x30 [ 18.515565] kasan_atomics_helper+0x3e20/0x4858 [ 18.515611] kasan_atomics+0x198/0x2e0 [ 18.515666] kunit_try_run_case+0x170/0x3f0 [ 18.516308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.516732] kthread+0x328/0x630 [ 18.516831] ret_from_fork+0x10/0x20 [ 18.516962] [ 18.517185] Allocated by task 270: [ 18.517226] kasan_save_stack+0x3c/0x68 [ 18.517270] kasan_save_track+0x20/0x40 [ 18.517307] kasan_save_alloc_info+0x40/0x58 [ 18.517354] __kasan_kmalloc+0xd4/0xd8 [ 18.517736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.517947] kasan_atomics+0xb8/0x2e0 [ 18.518153] kunit_try_run_case+0x170/0x3f0 [ 18.518380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.518582] kthread+0x328/0x630 [ 18.518624] ret_from_fork+0x10/0x20 [ 18.518838] [ 18.519052] The buggy address belongs to the object at fff00000c7948980 [ 18.519052] which belongs to the cache kmalloc-64 of size 64 [ 18.519300] The buggy address is located 0 bytes to the right of [ 18.519300] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.519587] [ 18.519793] The buggy address belongs to the physical page: [ 18.520001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.520118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.520313] page_type: f5(slab) [ 18.520567] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.520726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.520963] page dumped because: kasan: bad access detected [ 18.521164] [ 18.521193] Memory state around the buggy address: [ 18.521229] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.521279] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.521616] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.521887] ^ [ 18.522063] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.522253] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.522338] ================================================================== [ 18.469782] ================================================================== [ 18.469841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.470186] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.470265] [ 18.470300] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.470381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.470408] Hardware name: linux,dummy-virt (DT) [ 18.470442] Call trace: [ 18.470464] show_stack+0x20/0x38 (C) [ 18.470670] dump_stack_lvl+0x8c/0xd0 [ 18.470745] print_report+0x118/0x608 [ 18.470795] kasan_report+0xdc/0x128 [ 18.470841] __asan_report_load8_noabort+0x20/0x30 [ 18.470892] kasan_atomics_helper+0x3db0/0x4858 [ 18.470949] kasan_atomics+0x198/0x2e0 [ 18.471004] kunit_try_run_case+0x170/0x3f0 [ 18.471061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.471118] kthread+0x328/0x630 [ 18.471164] ret_from_fork+0x10/0x20 [ 18.471213] [ 18.471239] Allocated by task 270: [ 18.471271] kasan_save_stack+0x3c/0x68 [ 18.471312] kasan_save_track+0x20/0x40 [ 18.471361] kasan_save_alloc_info+0x40/0x58 [ 18.471400] __kasan_kmalloc+0xd4/0xd8 [ 18.471438] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.471474] kasan_atomics+0xb8/0x2e0 [ 18.471510] kunit_try_run_case+0x170/0x3f0 [ 18.471557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.471604] kthread+0x328/0x630 [ 18.471810] ret_from_fork+0x10/0x20 [ 18.471864] [ 18.472079] The buggy address belongs to the object at fff00000c7948980 [ 18.472079] which belongs to the cache kmalloc-64 of size 64 [ 18.472505] The buggy address is located 0 bytes to the right of [ 18.472505] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.473036] [ 18.473096] The buggy address belongs to the physical page: [ 18.473149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.473371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.473461] page_type: f5(slab) [ 18.473902] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.474004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.474501] page dumped because: kasan: bad access detected [ 18.474574] [ 18.474910] Memory state around the buggy address: [ 18.474985] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.475068] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.475300] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.475397] ^ [ 18.475677] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.475741] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.475949] ================================================================== [ 18.322492] ================================================================== [ 18.322550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.322606] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.322670] [ 18.322702] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.322784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.322823] Hardware name: linux,dummy-virt (DT) [ 18.322855] Call trace: [ 18.322888] show_stack+0x20/0x38 (C) [ 18.322935] dump_stack_lvl+0x8c/0xd0 [ 18.322983] print_report+0x118/0x608 [ 18.323027] kasan_report+0xdc/0x128 [ 18.323072] kasan_check_range+0x100/0x1a8 [ 18.323118] __kasan_check_write+0x20/0x30 [ 18.323175] kasan_atomics_helper+0xeb8/0x4858 [ 18.323223] kasan_atomics+0x198/0x2e0 [ 18.323272] kunit_try_run_case+0x170/0x3f0 [ 18.323321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.323374] kthread+0x328/0x630 [ 18.323419] ret_from_fork+0x10/0x20 [ 18.323465] [ 18.323485] Allocated by task 270: [ 18.323514] kasan_save_stack+0x3c/0x68 [ 18.323553] kasan_save_track+0x20/0x40 [ 18.323592] kasan_save_alloc_info+0x40/0x58 [ 18.324064] __kasan_kmalloc+0xd4/0xd8 [ 18.324585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.324645] kasan_atomics+0xb8/0x2e0 [ 18.324683] kunit_try_run_case+0x170/0x3f0 [ 18.324725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.324818] kthread+0x328/0x630 [ 18.325152] ret_from_fork+0x10/0x20 [ 18.325474] [ 18.325661] The buggy address belongs to the object at fff00000c7948980 [ 18.325661] which belongs to the cache kmalloc-64 of size 64 [ 18.325726] The buggy address is located 0 bytes to the right of [ 18.325726] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.326215] [ 18.326360] The buggy address belongs to the physical page: [ 18.326440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.326608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.326675] page_type: f5(slab) [ 18.326715] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.327103] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.327558] page dumped because: kasan: bad access detected [ 18.327602] [ 18.327860] Memory state around the buggy address: [ 18.328038] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.328113] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.328424] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.328504] ^ [ 18.328541] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.328973] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.329079] ================================================================== [ 18.347238] ================================================================== [ 18.347396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.347546] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.347749] [ 18.347792] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.347877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.348331] Hardware name: linux,dummy-virt (DT) [ 18.348619] Call trace: [ 18.348710] show_stack+0x20/0x38 (C) [ 18.348887] dump_stack_lvl+0x8c/0xd0 [ 18.348944] print_report+0x118/0x608 [ 18.349254] kasan_report+0xdc/0x128 [ 18.349389] kasan_check_range+0x100/0x1a8 [ 18.349784] __kasan_check_write+0x20/0x30 [ 18.349902] kasan_atomics_helper+0xff0/0x4858 [ 18.350050] kasan_atomics+0x198/0x2e0 [ 18.350433] kunit_try_run_case+0x170/0x3f0 [ 18.350587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.351046] kthread+0x328/0x630 [ 18.351197] ret_from_fork+0x10/0x20 [ 18.351364] [ 18.351460] Allocated by task 270: [ 18.351494] kasan_save_stack+0x3c/0x68 [ 18.352431] kasan_save_track+0x20/0x40 [ 18.352518] kasan_save_alloc_info+0x40/0x58 [ 18.352579] __kasan_kmalloc+0xd4/0xd8 [ 18.352651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.352713] kasan_atomics+0xb8/0x2e0 [ 18.352834] kunit_try_run_case+0x170/0x3f0 [ 18.352877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.353147] kthread+0x328/0x630 [ 18.353365] ret_from_fork+0x10/0x20 [ 18.353957] [ 18.354013] The buggy address belongs to the object at fff00000c7948980 [ 18.354013] which belongs to the cache kmalloc-64 of size 64 [ 18.354235] The buggy address is located 0 bytes to the right of [ 18.354235] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.354329] [ 18.354452] The buggy address belongs to the physical page: [ 18.354512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.354704] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.354902] page_type: f5(slab) [ 18.355068] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.355422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.355484] page dumped because: kasan: bad access detected [ 18.355548] [ 18.355569] Memory state around the buggy address: [ 18.355604] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.355690] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.355742] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.355783] ^ [ 18.355828] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.355873] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.355913] ================================================================== [ 18.494076] ================================================================== [ 18.494205] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.494301] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.494369] [ 18.494402] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.494486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.494513] Hardware name: linux,dummy-virt (DT) [ 18.494919] Call trace: [ 18.494980] show_stack+0x20/0x38 (C) [ 18.495064] dump_stack_lvl+0x8c/0xd0 [ 18.495401] print_report+0x118/0x608 [ 18.495495] kasan_report+0xdc/0x128 [ 18.495605] kasan_check_range+0x100/0x1a8 [ 18.495687] __kasan_check_write+0x20/0x30 [ 18.495738] kasan_atomics_helper+0x16d0/0x4858 [ 18.495831] kasan_atomics+0x198/0x2e0 [ 18.496129] kunit_try_run_case+0x170/0x3f0 [ 18.496191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.496247] kthread+0x328/0x630 [ 18.496680] ret_from_fork+0x10/0x20 [ 18.496827] [ 18.496897] Allocated by task 270: [ 18.496929] kasan_save_stack+0x3c/0x68 [ 18.496971] kasan_save_track+0x20/0x40 [ 18.497112] kasan_save_alloc_info+0x40/0x58 [ 18.497161] __kasan_kmalloc+0xd4/0xd8 [ 18.497315] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.497439] kasan_atomics+0xb8/0x2e0 [ 18.497566] kunit_try_run_case+0x170/0x3f0 [ 18.497937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.498265] kthread+0x328/0x630 [ 18.498437] ret_from_fork+0x10/0x20 [ 18.498479] [ 18.499141] The buggy address belongs to the object at fff00000c7948980 [ 18.499141] which belongs to the cache kmalloc-64 of size 64 [ 18.499214] The buggy address is located 0 bytes to the right of [ 18.499214] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.499282] [ 18.499373] The buggy address belongs to the physical page: [ 18.499428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.499499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.499548] page_type: f5(slab) [ 18.499588] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.499653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.499706] page dumped because: kasan: bad access detected [ 18.499740] [ 18.499762] Memory state around the buggy address: [ 18.499809] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.499856] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.499912] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.499965] ^ [ 18.500002] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.500047] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.500086] ================================================================== [ 18.299126] ================================================================== [ 18.299195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.299252] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.299642] [ 18.299799] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.299960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.300108] Hardware name: linux,dummy-virt (DT) [ 18.300229] Call trace: [ 18.300410] show_stack+0x20/0x38 (C) [ 18.300622] dump_stack_lvl+0x8c/0xd0 [ 18.300880] print_report+0x118/0x608 [ 18.300991] kasan_report+0xdc/0x128 [ 18.301329] __asan_report_load8_noabort+0x20/0x30 [ 18.301500] kasan_atomics_helper+0x3f58/0x4858 [ 18.301577] kasan_atomics+0x198/0x2e0 [ 18.301702] kunit_try_run_case+0x170/0x3f0 [ 18.301814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.301900] kthread+0x328/0x630 [ 18.301949] ret_from_fork+0x10/0x20 [ 18.302003] [ 18.302035] Allocated by task 270: [ 18.302074] kasan_save_stack+0x3c/0x68 [ 18.302124] kasan_save_track+0x20/0x40 [ 18.302173] kasan_save_alloc_info+0x40/0x58 [ 18.302223] __kasan_kmalloc+0xd4/0xd8 [ 18.302261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.302300] kasan_atomics+0xb8/0x2e0 [ 18.302351] kunit_try_run_case+0x170/0x3f0 [ 18.302392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.302447] kthread+0x328/0x630 [ 18.302491] ret_from_fork+0x10/0x20 [ 18.302526] [ 18.302549] The buggy address belongs to the object at fff00000c7948980 [ 18.302549] which belongs to the cache kmalloc-64 of size 64 [ 18.302606] The buggy address is located 0 bytes to the right of [ 18.302606] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.302683] [ 18.302714] The buggy address belongs to the physical page: [ 18.302761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.302821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.302869] page_type: f5(slab) [ 18.302925] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.302990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.303051] page dumped because: kasan: bad access detected [ 18.303086] [ 18.303112] Memory state around the buggy address: [ 18.303143] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.303189] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.303233] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.303274] ^ [ 18.303307] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.303351] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.303392] ================================================================== [ 18.264481] ================================================================== [ 18.264534] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.265041] Read of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.265153] [ 18.265189] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.265376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.265441] Hardware name: linux,dummy-virt (DT) [ 18.265490] Call trace: [ 18.265566] show_stack+0x20/0x38 (C) [ 18.265620] dump_stack_lvl+0x8c/0xd0 [ 18.265681] print_report+0x118/0x608 [ 18.265733] kasan_report+0xdc/0x128 [ 18.266033] __asan_report_load4_noabort+0x20/0x30 [ 18.266390] kasan_atomics_helper+0x3dd8/0x4858 [ 18.266468] kasan_atomics+0x198/0x2e0 [ 18.266687] kunit_try_run_case+0x170/0x3f0 [ 18.266847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.266909] kthread+0x328/0x630 [ 18.266974] ret_from_fork+0x10/0x20 [ 18.267026] [ 18.267048] Allocated by task 270: [ 18.267322] kasan_save_stack+0x3c/0x68 [ 18.267384] kasan_save_track+0x20/0x40 [ 18.267726] kasan_save_alloc_info+0x40/0x58 [ 18.267789] __kasan_kmalloc+0xd4/0xd8 [ 18.267826] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.267864] kasan_atomics+0xb8/0x2e0 [ 18.268184] kunit_try_run_case+0x170/0x3f0 [ 18.268338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.268409] kthread+0x328/0x630 [ 18.268925] ret_from_fork+0x10/0x20 [ 18.269182] [ 18.269293] The buggy address belongs to the object at fff00000c7948980 [ 18.269293] which belongs to the cache kmalloc-64 of size 64 [ 18.269791] The buggy address is located 0 bytes to the right of [ 18.269791] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.269881] [ 18.270221] The buggy address belongs to the physical page: [ 18.270275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.270647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.270781] page_type: f5(slab) [ 18.270825] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.271185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.271258] page dumped because: kasan: bad access detected [ 18.271565] [ 18.271681] Memory state around the buggy address: [ 18.271818] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.272161] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.272278] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.272344] ^ [ 18.272382] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.272426] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.272468] ================================================================== [ 18.166389] ================================================================== [ 18.166442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 18.166492] Read of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.166542] [ 18.166573] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.166669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.166700] Hardware name: linux,dummy-virt (DT) [ 18.166734] Call trace: [ 18.166756] show_stack+0x20/0x38 (C) [ 18.166816] dump_stack_lvl+0x8c/0xd0 [ 18.166865] print_report+0x118/0x608 [ 18.166920] kasan_report+0xdc/0x128 [ 18.166977] __asan_report_load4_noabort+0x20/0x30 [ 18.167031] kasan_atomics_helper+0x42d8/0x4858 [ 18.167087] kasan_atomics+0x198/0x2e0 [ 18.167133] kunit_try_run_case+0x170/0x3f0 [ 18.167192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.167246] kthread+0x328/0x630 [ 18.167302] ret_from_fork+0x10/0x20 [ 18.167359] [ 18.167495] kasan_save_alloc_info+0x40/0x58 [ 18.167542] __kasan_kmalloc+0xd4/0xd8 [ 18.167579] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.167622] kasan_atomics+0xb8/0x2e0 [ 18.167680] kunit_try_run_case+0x170/0x3f0 [ 18.167719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.168365] [ 18.169222] [ 18.169910] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.171555] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.173499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x934/0x4858 [ 18.174041] Call trace: [ 18.174240] show_stack+0x20/0x38 (C) [ 18.174294] dump_stack_lvl+0x8c/0xd0 [ 18.174357] print_report+0x118/0x608 [ 18.174408] kasan_report+0xdc/0x128 [ 18.174454] kasan_check_range+0x100/0x1a8 [ 18.174500] __kasan_check_write+0x20/0x30 [ 18.174901] kasan_atomics_helper+0x934/0x4858 [ 18.175113] kasan_atomics+0x198/0x2e0 [ 18.175173] kunit_try_run_case+0x170/0x3f0 [ 18.175348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.175456] kthread+0x328/0x630 [ 18.175654] ret_from_fork+0x10/0x20 [ 18.175894] [ 18.175963] Allocated by task 270: [ 18.176036] kasan_save_stack+0x3c/0x68 [ 18.176088] kasan_save_track+0x20/0x40 [ 18.176213] kasan_save_alloc_info+0x40/0x58 [ 18.176313] __kasan_kmalloc+0xd4/0xd8 [ 18.176456] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.176497] kasan_atomics+0xb8/0x2e0 [ 18.176539] kunit_try_run_case+0x170/0x3f0 [ 18.176579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.176956] kthread+0x328/0x630 [ 18.177119] ret_from_fork+0x10/0x20 [ 18.177298] [ 18.177413] The buggy address belongs to the object at fff00000c7948980 [ 18.177413] which belongs to the cache kmalloc-64 of size 64 [ 18.177495] The buggy address is located 0 bytes to the right of [ 18.177495] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.177906] [ 18.178004] The buggy address belongs to the physical page: [ 18.178240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.178334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.178564] page_type: f5(slab) [ 18.178776] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.178940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.179004] page dumped because: kasan: bad access detected [ 18.179358] [ 18.179508] Memory state around the buggy address: [ 18.179716] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.180215] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.180354] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.180480] ^ [ 18.180602] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.180801] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.180876] ================================================================== [ 18.438101] ================================================================== [ 18.438157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.438534] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.438815] [ 18.438887] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.439015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.439231] Hardware name: linux,dummy-virt (DT) [ 18.439372] Call trace: [ 18.439647] show_stack+0x20/0x38 (C) [ 18.439718] dump_stack_lvl+0x8c/0xd0 [ 18.439846] print_report+0x118/0x608 [ 18.439901] kasan_report+0xdc/0x128 [ 18.439979] kasan_check_range+0x100/0x1a8 [ 18.440163] __kasan_check_write+0x20/0x30 [ 18.440251] kasan_atomics_helper+0x147c/0x4858 [ 18.440478] kasan_atomics+0x198/0x2e0 [ 18.440743] kunit_try_run_case+0x170/0x3f0 [ 18.440970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.441158] kthread+0x328/0x630 [ 18.441210] ret_from_fork+0x10/0x20 [ 18.441664] [ 18.441708] Allocated by task 270: [ 18.441859] kasan_save_stack+0x3c/0x68 [ 18.441936] kasan_save_track+0x20/0x40 [ 18.441987] kasan_save_alloc_info+0x40/0x58 [ 18.442029] __kasan_kmalloc+0xd4/0xd8 [ 18.442066] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.442115] kasan_atomics+0xb8/0x2e0 [ 18.442152] kunit_try_run_case+0x170/0x3f0 [ 18.442203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.442248] kthread+0x328/0x630 [ 18.442294] ret_from_fork+0x10/0x20 [ 18.442341] [ 18.442371] The buggy address belongs to the object at fff00000c7948980 [ 18.442371] which belongs to the cache kmalloc-64 of size 64 [ 18.442452] The buggy address is located 0 bytes to the right of [ 18.442452] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.442525] [ 18.442561] The buggy address belongs to the physical page: [ 18.442601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.442677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.442726] page_type: f5(slab) [ 18.442764] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.442839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.442891] page dumped because: kasan: bad access detected [ 18.442924] [ 18.442943] Memory state around the buggy address: [ 18.442992] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.443043] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.443088] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.443128] ^ [ 18.443163] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443213] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443272] ================================================================== [ 18.483862] ================================================================== [ 18.483916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.484484] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.484565] [ 18.484717] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.484922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.485082] Hardware name: linux,dummy-virt (DT) [ 18.485478] Call trace: [ 18.485545] show_stack+0x20/0x38 (C) [ 18.485620] dump_stack_lvl+0x8c/0xd0 [ 18.485939] print_report+0x118/0x608 [ 18.486218] kasan_report+0xdc/0x128 [ 18.486366] __asan_report_load8_noabort+0x20/0x30 [ 18.486697] kasan_atomics_helper+0x3df4/0x4858 [ 18.487055] kasan_atomics+0x198/0x2e0 [ 18.487194] kunit_try_run_case+0x170/0x3f0 [ 18.487337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.487526] kthread+0x328/0x630 [ 18.487578] ret_from_fork+0x10/0x20 [ 18.488151] [ 18.488276] Allocated by task 270: [ 18.488417] kasan_save_stack+0x3c/0x68 [ 18.488588] kasan_save_track+0x20/0x40 [ 18.488702] kasan_save_alloc_info+0x40/0x58 [ 18.488855] __kasan_kmalloc+0xd4/0xd8 [ 18.488894] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.488956] kasan_atomics+0xb8/0x2e0 [ 18.488998] kunit_try_run_case+0x170/0x3f0 [ 18.489645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.489814] kthread+0x328/0x630 [ 18.489999] ret_from_fork+0x10/0x20 [ 18.490171] [ 18.490284] The buggy address belongs to the object at fff00000c7948980 [ 18.490284] which belongs to the cache kmalloc-64 of size 64 [ 18.490504] The buggy address is located 0 bytes to the right of [ 18.490504] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.490718] [ 18.490761] The buggy address belongs to the physical page: [ 18.491055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.491140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.491398] page_type: f5(slab) [ 18.491557] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.491653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.491700] page dumped because: kasan: bad access detected [ 18.491734] [ 18.491755] Memory state around the buggy address: [ 18.491798] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.491860] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.491907] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.492237] ^ [ 18.492446] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.492497] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.492536] ================================================================== [ 18.508711] ================================================================== [ 18.508762] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.509049] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.509245] [ 18.509294] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.509379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509576] Hardware name: linux,dummy-virt (DT) [ 18.509799] Call trace: [ 18.509858] show_stack+0x20/0x38 (C) [ 18.510079] dump_stack_lvl+0x8c/0xd0 [ 18.510251] print_report+0x118/0x608 [ 18.510309] kasan_report+0xdc/0x128 [ 18.510359] kasan_check_range+0x100/0x1a8 [ 18.510407] __kasan_check_write+0x20/0x30 [ 18.510491] kasan_atomics_helper+0x175c/0x4858 [ 18.510544] kasan_atomics+0x198/0x2e0 [ 18.510588] kunit_try_run_case+0x170/0x3f0 [ 18.510656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.510712] kthread+0x328/0x630 [ 18.510766] ret_from_fork+0x10/0x20 [ 18.510815] [ 18.510844] Allocated by task 270: [ 18.510875] kasan_save_stack+0x3c/0x68 [ 18.510922] kasan_save_track+0x20/0x40 [ 18.510969] kasan_save_alloc_info+0x40/0x58 [ 18.511016] __kasan_kmalloc+0xd4/0xd8 [ 18.511053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.511091] kasan_atomics+0xb8/0x2e0 [ 18.511135] kunit_try_run_case+0x170/0x3f0 [ 18.511174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.511220] kthread+0x328/0x630 [ 18.511256] ret_from_fork+0x10/0x20 [ 18.511294] [ 18.511320] The buggy address belongs to the object at fff00000c7948980 [ 18.511320] which belongs to the cache kmalloc-64 of size 64 [ 18.511387] The buggy address is located 0 bytes to the right of [ 18.511387] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.511462] [ 18.511488] The buggy address belongs to the physical page: [ 18.511522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.511583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.511643] page_type: f5(slab) [ 18.511683] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.511744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.511787] page dumped because: kasan: bad access detected [ 18.511821] [ 18.511843] Memory state around the buggy address: [ 18.511877] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.511921] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.512722] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.512806] ^ [ 18.512866] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.513089] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.513160] ================================================================== [ 18.303659] ================================================================== [ 18.304599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.304683] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.304758] [ 18.304822] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.305149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.305270] Hardware name: linux,dummy-virt (DT) [ 18.305348] Call trace: [ 18.305757] show_stack+0x20/0x38 (C) [ 18.306182] dump_stack_lvl+0x8c/0xd0 [ 18.306273] print_report+0x118/0x608 [ 18.306343] kasan_report+0xdc/0x128 [ 18.306427] kasan_check_range+0x100/0x1a8 [ 18.306528] __kasan_check_write+0x20/0x30 [ 18.306903] kasan_atomics_helper+0xe44/0x4858 [ 18.307213] kasan_atomics+0x198/0x2e0 [ 18.307318] kunit_try_run_case+0x170/0x3f0 [ 18.307691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.308103] kthread+0x328/0x630 [ 18.308251] ret_from_fork+0x10/0x20 [ 18.308432] [ 18.308534] Allocated by task 270: [ 18.308683] kasan_save_stack+0x3c/0x68 [ 18.308761] kasan_save_track+0x20/0x40 [ 18.308800] kasan_save_alloc_info+0x40/0x58 [ 18.308847] __kasan_kmalloc+0xd4/0xd8 [ 18.309016] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.309288] kasan_atomics+0xb8/0x2e0 [ 18.309925] kunit_try_run_case+0x170/0x3f0 [ 18.310296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.310393] kthread+0x328/0x630 [ 18.310664] ret_from_fork+0x10/0x20 [ 18.310817] [ 18.310901] The buggy address belongs to the object at fff00000c7948980 [ 18.310901] which belongs to the cache kmalloc-64 of size 64 [ 18.311019] The buggy address is located 0 bytes to the right of [ 18.311019] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.311378] [ 18.311453] The buggy address belongs to the physical page: [ 18.311573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.311939] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.312132] page_type: f5(slab) [ 18.312211] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.312552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.312597] page dumped because: kasan: bad access detected [ 18.312646] [ 18.312666] Memory state around the buggy address: [ 18.312699] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.313137] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.313441] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.313815] ^ [ 18.313907] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.314120] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.314298] ================================================================== [ 18.476677] ================================================================== [ 18.477068] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.477181] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.477236] [ 18.477270] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.477408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.477439] Hardware name: linux,dummy-virt (DT) [ 18.477470] Call trace: [ 18.477495] show_stack+0x20/0x38 (C) [ 18.477549] dump_stack_lvl+0x8c/0xd0 [ 18.477598] print_report+0x118/0x608 [ 18.478023] kasan_report+0xdc/0x128 [ 18.478316] kasan_check_range+0x100/0x1a8 [ 18.478541] __kasan_check_write+0x20/0x30 [ 18.478649] kasan_atomics_helper+0x1644/0x4858 [ 18.478951] kasan_atomics+0x198/0x2e0 [ 18.479060] kunit_try_run_case+0x170/0x3f0 [ 18.479115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.479242] kthread+0x328/0x630 [ 18.479296] ret_from_fork+0x10/0x20 [ 18.479363] [ 18.479448] Allocated by task 270: [ 18.479483] kasan_save_stack+0x3c/0x68 [ 18.479523] kasan_save_track+0x20/0x40 [ 18.479850] kasan_save_alloc_info+0x40/0x58 [ 18.479937] __kasan_kmalloc+0xd4/0xd8 [ 18.480190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.480279] kasan_atomics+0xb8/0x2e0 [ 18.480341] kunit_try_run_case+0x170/0x3f0 [ 18.480512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.480647] kthread+0x328/0x630 [ 18.480746] ret_from_fork+0x10/0x20 [ 18.480824] [ 18.480849] The buggy address belongs to the object at fff00000c7948980 [ 18.480849] which belongs to the cache kmalloc-64 of size 64 [ 18.480909] The buggy address is located 0 bytes to the right of [ 18.480909] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.480974] [ 18.481522] The buggy address belongs to the physical page: [ 18.481849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.482063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.482221] page_type: f5(slab) [ 18.482349] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.482415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.482677] page dumped because: kasan: bad access detected [ 18.482728] [ 18.482750] Memory state around the buggy address: [ 18.482793] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.482840] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.482903] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.482952] ^ [ 18.482988] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.483032] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.483072] ================================================================== [ 18.054960] ================================================================== [ 18.055013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 18.055096] Read of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.055511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.055551] Hardware name: linux,dummy-virt (DT) [ 18.055592] Call trace: [ 18.055616] show_stack+0x20/0x38 (C) [ 18.055823] dump_stack_lvl+0x8c/0xd0 [ 18.055954] print_report+0x118/0x608 [ 18.061386] Hardware name: linux,dummy-virt (DT) [ 18.062542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.064329] The buggy address is located 0 bytes to the right of [ 18.064329] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.064981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.066149] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.067259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.067900] __asan_report_store4_noabort+0x20/0x30 [ 18.069057] Allocated by task 270: [ 18.069611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.069936] The buggy address belongs to the physical page: [ 18.070168] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.070527] ^ [ 18.070910] ================================================================== [ 18.181774] ================================================================== [ 18.181857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.182578] Write of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.182865] [ 18.182905] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.183012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183051] Hardware name: linux,dummy-virt (DT) [ 18.183186] Call trace: [ 18.183222] show_stack+0x20/0x38 (C) [ 18.183275] dump_stack_lvl+0x8c/0xd0 [ 18.183323] print_report+0x118/0x608 [ 18.183369] kasan_report+0xdc/0x128 [ 18.183436] kasan_check_range+0x100/0x1a8 [ 18.183488] __kasan_check_write+0x20/0x30 [ 18.183538] kasan_atomics_helper+0x99c/0x4858 [ 18.183584] kasan_atomics+0x198/0x2e0 [ 18.183640] kunit_try_run_case+0x170/0x3f0 [ 18.183757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.183820] kthread+0x328/0x630 [ 18.184140] ret_from_fork+0x10/0x20 [ 18.184260] [ 18.184316] Allocated by task 270: [ 18.184576] kasan_save_stack+0x3c/0x68 [ 18.184819] kasan_save_track+0x20/0x40 [ 18.185117] kasan_save_alloc_info+0x40/0x58 [ 18.185449] __kasan_kmalloc+0xd4/0xd8 [ 18.185589] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.185769] kasan_atomics+0xb8/0x2e0 [ 18.185810] kunit_try_run_case+0x170/0x3f0 [ 18.186122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.186242] kthread+0x328/0x630 [ 18.186350] ret_from_fork+0x10/0x20 [ 18.186600] [ 18.186669] The buggy address belongs to the object at fff00000c7948980 [ 18.186669] which belongs to the cache kmalloc-64 of size 64 [ 18.186794] The buggy address is located 0 bytes to the right of [ 18.186794] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.186953] [ 18.187245] The buggy address belongs to the physical page: [ 18.187311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.187380] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.187674] page_type: f5(slab) [ 18.187804] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.187918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.188186] page dumped because: kasan: bad access detected [ 18.188252] [ 18.188304] Memory state around the buggy address: [ 18.188359] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.188407] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.188452] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.188502] ^ [ 18.188549] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.188593] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.188662] ================================================================== [ 18.396599] ================================================================== [ 18.396821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.396988] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.397063] [ 18.397174] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.397263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.397292] Hardware name: linux,dummy-virt (DT) [ 18.397338] Call trace: [ 18.397365] show_stack+0x20/0x38 (C) [ 18.397822] dump_stack_lvl+0x8c/0xd0 [ 18.397916] print_report+0x118/0x608 [ 18.397977] kasan_report+0xdc/0x128 [ 18.398066] kasan_check_range+0x100/0x1a8 [ 18.398120] __kasan_check_write+0x20/0x30 [ 18.398280] kasan_atomics_helper+0x126c/0x4858 [ 18.398335] kasan_atomics+0x198/0x2e0 [ 18.398378] kunit_try_run_case+0x170/0x3f0 [ 18.398679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.398767] kthread+0x328/0x630 [ 18.399026] ret_from_fork+0x10/0x20 [ 18.399228] [ 18.399284] Allocated by task 270: [ 18.399318] kasan_save_stack+0x3c/0x68 [ 18.399360] kasan_save_track+0x20/0x40 [ 18.399435] kasan_save_alloc_info+0x40/0x58 [ 18.399477] __kasan_kmalloc+0xd4/0xd8 [ 18.399523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.399562] kasan_atomics+0xb8/0x2e0 [ 18.399598] kunit_try_run_case+0x170/0x3f0 [ 18.399656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.399703] kthread+0x328/0x630 [ 18.399740] ret_from_fork+0x10/0x20 [ 18.399776] [ 18.399804] The buggy address belongs to the object at fff00000c7948980 [ 18.399804] which belongs to the cache kmalloc-64 of size 64 [ 18.399864] The buggy address is located 0 bytes to the right of [ 18.399864] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.399929] [ 18.399951] The buggy address belongs to the physical page: [ 18.399995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.400399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.400690] page_type: f5(slab) [ 18.400931] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.401030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.401074] page dumped because: kasan: bad access detected [ 18.401753] [ 18.401815] Memory state around the buggy address: [ 18.401876] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.401947] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.402166] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.402222] ^ [ 18.402592] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.402693] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.403041] ================================================================== [ 18.425621] ================================================================== [ 18.425698] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.425748] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.425799] [ 18.425831] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.425911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.425939] Hardware name: linux,dummy-virt (DT) [ 18.425980] Call trace: [ 18.426003] show_stack+0x20/0x38 (C) [ 18.426053] dump_stack_lvl+0x8c/0xd0 [ 18.426101] print_report+0x118/0x608 [ 18.426148] kasan_report+0xdc/0x128 [ 18.426192] __asan_report_load8_noabort+0x20/0x30 [ 18.426243] kasan_atomics_helper+0x3f04/0x4858 [ 18.426291] kasan_atomics+0x198/0x2e0 [ 18.426335] kunit_try_run_case+0x170/0x3f0 [ 18.426384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.426439] kthread+0x328/0x630 [ 18.426485] ret_from_fork+0x10/0x20 [ 18.426534] [ 18.426554] Allocated by task 270: [ 18.426584] kasan_save_stack+0x3c/0x68 [ 18.426622] kasan_save_track+0x20/0x40 [ 18.426726] kasan_save_alloc_info+0x40/0x58 [ 18.426770] __kasan_kmalloc+0xd4/0xd8 [ 18.426807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.426917] kasan_atomics+0xb8/0x2e0 [ 18.426964] kunit_try_run_case+0x170/0x3f0 [ 18.427006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.427172] kthread+0x328/0x630 [ 18.427213] ret_from_fork+0x10/0x20 [ 18.427249] [ 18.427272] The buggy address belongs to the object at fff00000c7948980 [ 18.427272] which belongs to the cache kmalloc-64 of size 64 [ 18.427561] The buggy address is located 0 bytes to the right of [ 18.427561] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.427718] [ 18.427743] The buggy address belongs to the physical page: [ 18.428016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.428226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.428503] page_type: f5(slab) [ 18.428619] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.428718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.428796] page dumped because: kasan: bad access detected [ 18.428904] [ 18.429216] Memory state around the buggy address: [ 18.429281] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.429393] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.429487] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.429602] ^ [ 18.429654] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.429700] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.430206] ================================================================== [ 18.444414] ================================================================== [ 18.444528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.444609] Write of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.444702] [ 18.444854] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.445232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.445267] Hardware name: linux,dummy-virt (DT) [ 18.445301] Call trace: [ 18.445324] show_stack+0x20/0x38 (C) [ 18.445377] dump_stack_lvl+0x8c/0xd0 [ 18.445992] print_report+0x118/0x608 [ 18.446077] kasan_report+0xdc/0x128 [ 18.446487] kasan_check_range+0x100/0x1a8 [ 18.446662] __kasan_check_write+0x20/0x30 [ 18.446784] kasan_atomics_helper+0x14e4/0x4858 [ 18.446850] kasan_atomics+0x198/0x2e0 [ 18.447219] kunit_try_run_case+0x170/0x3f0 [ 18.447479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.447594] kthread+0x328/0x630 [ 18.447971] ret_from_fork+0x10/0x20 [ 18.448099] [ 18.448143] Allocated by task 270: [ 18.448320] kasan_save_stack+0x3c/0x68 [ 18.448671] kasan_save_track+0x20/0x40 [ 18.448779] kasan_save_alloc_info+0x40/0x58 [ 18.448868] __kasan_kmalloc+0xd4/0xd8 [ 18.449003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.449110] kasan_atomics+0xb8/0x2e0 [ 18.449196] kunit_try_run_case+0x170/0x3f0 [ 18.449460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.449527] kthread+0x328/0x630 [ 18.449662] ret_from_fork+0x10/0x20 [ 18.449771] [ 18.449842] The buggy address belongs to the object at fff00000c7948980 [ 18.449842] which belongs to the cache kmalloc-64 of size 64 [ 18.450190] The buggy address is located 0 bytes to the right of [ 18.450190] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.450398] [ 18.450465] The buggy address belongs to the physical page: [ 18.450500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.450812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.450915] page_type: f5(slab) [ 18.451233] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.451350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.451418] page dumped because: kasan: bad access detected [ 18.451453] [ 18.451473] Memory state around the buggy address: [ 18.451795] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.451858] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.452181] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.452305] ^ [ 18.452380] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.452423] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.452463] ================================================================== [ 18.289322] ================================================================== [ 18.289375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.289731] Read of size 8 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.289806] [ 18.290203] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.290311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.290645] Hardware name: linux,dummy-virt (DT) [ 18.290723] Call trace: [ 18.290764] show_stack+0x20/0x38 (C) [ 18.290815] dump_stack_lvl+0x8c/0xd0 [ 18.290972] print_report+0x118/0x608 [ 18.291022] kasan_report+0xdc/0x128 [ 18.291068] kasan_check_range+0x100/0x1a8 [ 18.291566] __kasan_check_read+0x20/0x30 [ 18.291745] kasan_atomics_helper+0xdd4/0x4858 [ 18.291838] kasan_atomics+0x198/0x2e0 [ 18.291892] kunit_try_run_case+0x170/0x3f0 [ 18.291978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.292283] kthread+0x328/0x630 [ 18.292491] ret_from_fork+0x10/0x20 [ 18.292547] [ 18.292599] Allocated by task 270: [ 18.292681] kasan_save_stack+0x3c/0x68 [ 18.292981] kasan_save_track+0x20/0x40 [ 18.293298] kasan_save_alloc_info+0x40/0x58 [ 18.293471] __kasan_kmalloc+0xd4/0xd8 [ 18.293513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.293815] kasan_atomics+0xb8/0x2e0 [ 18.293952] kunit_try_run_case+0x170/0x3f0 [ 18.294249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.294716] kthread+0x328/0x630 [ 18.295152] ret_from_fork+0x10/0x20 [ 18.295298] [ 18.295324] The buggy address belongs to the object at fff00000c7948980 [ 18.295324] which belongs to the cache kmalloc-64 of size 64 [ 18.295811] The buggy address is located 0 bytes to the right of [ 18.295811] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.296049] [ 18.296079] The buggy address belongs to the physical page: [ 18.296113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.296341] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.296413] page_type: f5(slab) [ 18.296485] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.296860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.296943] page dumped because: kasan: bad access detected [ 18.296978] [ 18.297000] Memory state around the buggy address: [ 18.297035] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.297485] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.297654] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.297725] ^ [ 18.297810] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.297871] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.297919] ================================================================== [ 18.272824] ================================================================== [ 18.272874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.273324] Write of size 4 at addr fff00000c79489b0 by task kunit_try_catch/270 [ 18.273395] [ 18.273605] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 18.274062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.274129] Hardware name: linux,dummy-virt (DT) [ 18.274164] Call trace: [ 18.274458] show_stack+0x20/0x38 (C) [ 18.274643] dump_stack_lvl+0x8c/0xd0 [ 18.274718] print_report+0x118/0x608 [ 18.274846] kasan_report+0xdc/0x128 [ 18.274909] kasan_check_range+0x100/0x1a8 [ 18.274997] __kasan_check_write+0x20/0x30 [ 18.275046] kasan_atomics_helper+0xd3c/0x4858 [ 18.275414] kasan_atomics+0x198/0x2e0 [ 18.275474] kunit_try_run_case+0x170/0x3f0 [ 18.275816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.275964] kthread+0x328/0x630 [ 18.276520] ret_from_fork+0x10/0x20 [ 18.276583] [ 18.276647] Allocated by task 270: [ 18.276680] kasan_save_stack+0x3c/0x68 [ 18.276915] kasan_save_track+0x20/0x40 [ 18.277003] kasan_save_alloc_info+0x40/0x58 [ 18.277354] __kasan_kmalloc+0xd4/0xd8 [ 18.277429] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.277860] kasan_atomics+0xb8/0x2e0 [ 18.277910] kunit_try_run_case+0x170/0x3f0 [ 18.277960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278010] kthread+0x328/0x630 [ 18.278106] ret_from_fork+0x10/0x20 [ 18.278146] [ 18.278168] The buggy address belongs to the object at fff00000c7948980 [ 18.278168] which belongs to the cache kmalloc-64 of size 64 [ 18.278240] The buggy address is located 0 bytes to the right of [ 18.278240] allocated 48-byte region [fff00000c7948980, fff00000c79489b0) [ 18.278324] [ 18.278346] The buggy address belongs to the physical page: [ 18.278389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107948 [ 18.278451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.278507] page_type: f5(slab) [ 18.278554] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.278607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.278660] page dumped because: kasan: bad access detected [ 18.278701] [ 18.278731] Memory state around the buggy address: [ 18.278775] fff00000c7948880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.278829] fff00000c7948900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.278873] >fff00000c7948980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.278922] ^ [ 18.278958] fff00000c7948a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.279011] fff00000c7948a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.279060] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.858829] ================================================================== [ 17.858882] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.858929] Read of size 1 at addr fff00000c7949310 by task kunit_try_catch/264 [ 17.859248] [ 17.859292] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.859487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.859557] Hardware name: linux,dummy-virt (DT) [ 17.859665] Call trace: [ 17.859722] show_stack+0x20/0x38 (C) [ 17.859810] dump_stack_lvl+0x8c/0xd0 [ 17.859863] print_report+0x118/0x608 [ 17.859947] kasan_report+0xdc/0x128 [ 17.860179] __asan_report_load1_noabort+0x20/0x30 [ 17.860374] strlen+0xa8/0xb0 [ 17.860497] kasan_strings+0x418/0xb00 [ 17.860601] kunit_try_run_case+0x170/0x3f0 [ 17.860665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.860939] kthread+0x328/0x630 [ 17.861091] ret_from_fork+0x10/0x20 [ 17.861274] [ 17.861373] Allocated by task 264: [ 17.861416] kasan_save_stack+0x3c/0x68 [ 17.861662] kasan_save_track+0x20/0x40 [ 17.861800] kasan_save_alloc_info+0x40/0x58 [ 17.861881] __kasan_kmalloc+0xd4/0xd8 [ 17.862014] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.862125] kasan_strings+0xc8/0xb00 [ 17.862420] kunit_try_run_case+0x170/0x3f0 [ 17.862545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862702] kthread+0x328/0x630 [ 17.862801] ret_from_fork+0x10/0x20 [ 17.862840] [ 17.863134] Freed by task 264: [ 17.863247] kasan_save_stack+0x3c/0x68 [ 17.863450] __kasan_slab_free+0x6c/0x98 [ 17.864620] The buggy address is located 16 bytes inside of [ 17.864620] freed 32-byte region [fff00000c7949300, fff00000c7949320) [ 17.866135] fff00000c7949200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.867782] [ 17.867813] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.869796] kthread+0x328/0x630 [ 17.870509] kasan_save_stack+0x3c/0x68 [ 17.871328] kunit_try_run_case+0x170/0x3f0 [ 17.871806] ret_from_fork+0x10/0x20 [ 17.873019] kasan_strings+0x24c/0xb00 [ 17.873879] The buggy address is located 16 bytes inside of [ 17.873879] freed 32-byte region [fff00000c7949300, fff00000c7949320) [ 17.875964] >fff00000c7949300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.876607] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.852839] ================================================================== [ 17.852912] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.853016] Read of size 1 at addr fff00000c7949310 by task kunit_try_catch/264 [ 17.853117] [ 17.853151] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.853351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.853390] Hardware name: linux,dummy-virt (DT) [ 17.853423] Call trace: [ 17.853446] show_stack+0x20/0x38 (C) [ 17.853497] dump_stack_lvl+0x8c/0xd0 [ 17.853609] print_report+0x118/0x608 [ 17.853705] kasan_report+0xdc/0x128 [ 17.853899] __asan_report_load1_noabort+0x20/0x30 [ 17.853953] kasan_strings+0x95c/0xb00 [ 17.854025] kunit_try_run_case+0x170/0x3f0 [ 17.854258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.854328] kthread+0x328/0x630 [ 17.854454] ret_from_fork+0x10/0x20 [ 17.854548] [ 17.854616] Allocated by task 264: [ 17.854685] kasan_save_stack+0x3c/0x68 [ 17.854728] kasan_save_track+0x20/0x40 [ 17.854796] kasan_save_alloc_info+0x40/0x58 [ 17.854837] __kasan_kmalloc+0xd4/0xd8 [ 17.854874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.855126] kasan_strings+0xc8/0xb00 [ 17.855249] kunit_try_run_case+0x170/0x3f0 [ 17.855298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.855530] kthread+0x328/0x630 [ 17.855585] ret_from_fork+0x10/0x20 [ 17.855690] [ 17.855750] Freed by task 264: [ 17.855817] kasan_save_stack+0x3c/0x68 [ 17.856057] kasan_save_track+0x20/0x40 [ 17.856203] kasan_save_free_info+0x4c/0x78 [ 17.856411] __kasan_slab_free+0x6c/0x98 [ 17.856512] kfree+0x214/0x3c8 [ 17.856553] kasan_strings+0x24c/0xb00 [ 17.856812] kunit_try_run_case+0x170/0x3f0 [ 17.856936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.857078] kthread+0x328/0x630 [ 17.857196] ret_from_fork+0x10/0x20 [ 17.857252] [ 17.857274] The buggy address belongs to the object at fff00000c7949300 [ 17.857274] which belongs to the cache kmalloc-32 of size 32 [ 17.857621] The buggy address is located 16 bytes inside of [ 17.857621] freed 32-byte region [fff00000c7949300, fff00000c7949320) [ 17.857726] [ 17.857757] The buggy address belongs to the physical page: [ 17.857799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107949 [ 17.857852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.857924] page_type: f5(slab) [ 17.857990] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.858052] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.858094] page dumped because: kasan: bad access detected [ 17.858127] [ 17.858147] Memory state around the buggy address: [ 17.858180] fff00000c7949200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.858226] fff00000c7949280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.858269] >fff00000c7949300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.858323] ^ [ 17.858355] fff00000c7949380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.858400] fff00000c7949400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.858441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.842771] ================================================================== [ 17.842844] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.842894] Read of size 1 at addr fff00000c7949310 by task kunit_try_catch/264 [ 17.843150] [ 17.843187] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.843426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.843474] Hardware name: linux,dummy-virt (DT) [ 17.843576] Call trace: [ 17.843601] show_stack+0x20/0x38 (C) [ 17.843749] dump_stack_lvl+0x8c/0xd0 [ 17.843802] print_report+0x118/0x608 [ 17.843849] kasan_report+0xdc/0x128 [ 17.844267] __asan_report_load1_noabort+0x20/0x30 [ 17.844378] strcmp+0xc0/0xc8 [ 17.844658] kasan_strings+0x340/0xb00 [ 17.844811] kunit_try_run_case+0x170/0x3f0 [ 17.844942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.845059] kthread+0x328/0x630 [ 17.845253] ret_from_fork+0x10/0x20 [ 17.845488] [ 17.845546] Allocated by task 264: [ 17.845619] kasan_save_stack+0x3c/0x68 [ 17.845666] kasan_save_track+0x20/0x40 [ 17.845934] kasan_save_alloc_info+0x40/0x58 [ 17.846168] __kasan_kmalloc+0xd4/0xd8 [ 17.846291] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.846418] kasan_strings+0xc8/0xb00 [ 17.846581] kunit_try_run_case+0x170/0x3f0 [ 17.846873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.847108] kthread+0x328/0x630 [ 17.847748] ret_from_fork+0x10/0x20 [ 17.847824] [ 17.848277] Freed by task 264: [ 17.848457] kasan_save_stack+0x3c/0x68 [ 17.848512] kasan_save_track+0x20/0x40 [ 17.848552] kasan_save_free_info+0x4c/0x78 [ 17.848852] __kasan_slab_free+0x6c/0x98 [ 17.848924] kfree+0x214/0x3c8 [ 17.848958] kasan_strings+0x24c/0xb00 [ 17.849124] kunit_try_run_case+0x170/0x3f0 [ 17.849295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.849444] kthread+0x328/0x630 [ 17.849541] ret_from_fork+0x10/0x20 [ 17.849696] [ 17.849838] The buggy address belongs to the object at fff00000c7949300 [ 17.849838] which belongs to the cache kmalloc-32 of size 32 [ 17.849941] The buggy address is located 16 bytes inside of [ 17.849941] freed 32-byte region [fff00000c7949300, fff00000c7949320) [ 17.850042] [ 17.850073] The buggy address belongs to the physical page: [ 17.850112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107949 [ 17.850185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.850243] page_type: f5(slab) [ 17.850290] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.850341] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.850383] page dumped because: kasan: bad access detected [ 17.850433] [ 17.850463] Memory state around the buggy address: [ 17.850497] fff00000c7949200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.850542] fff00000c7949280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.850587] >fff00000c7949300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.850848] ^ [ 17.851180] fff00000c7949380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.851370] fff00000c7949400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.851514] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.823980] ================================================================== [ 17.824135] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.824344] Read of size 1 at addr fff00000c7949158 by task kunit_try_catch/262 [ 17.824565] [ 17.824614] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.824751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.824779] Hardware name: linux,dummy-virt (DT) [ 17.824810] Call trace: [ 17.824952] show_stack+0x20/0x38 (C) [ 17.825145] dump_stack_lvl+0x8c/0xd0 [ 17.825303] print_report+0x118/0x608 [ 17.825640] kasan_report+0xdc/0x128 [ 17.825792] __asan_report_load1_noabort+0x20/0x30 [ 17.825963] memcmp+0x198/0x1d8 [ 17.826108] kasan_memcmp+0x16c/0x300 [ 17.826170] kunit_try_run_case+0x170/0x3f0 [ 17.826465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.826668] kthread+0x328/0x630 [ 17.826719] ret_from_fork+0x10/0x20 [ 17.827064] [ 17.827127] Allocated by task 262: [ 17.827229] kasan_save_stack+0x3c/0x68 [ 17.827330] kasan_save_track+0x20/0x40 [ 17.827605] kasan_save_alloc_info+0x40/0x58 [ 17.827726] __kasan_kmalloc+0xd4/0xd8 [ 17.827835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.827940] kasan_memcmp+0xbc/0x300 [ 17.827981] kunit_try_run_case+0x170/0x3f0 [ 17.828274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.828373] kthread+0x328/0x630 [ 17.828470] ret_from_fork+0x10/0x20 [ 17.828622] [ 17.828651] The buggy address belongs to the object at fff00000c7949140 [ 17.828651] which belongs to the cache kmalloc-32 of size 32 [ 17.828708] The buggy address is located 0 bytes to the right of [ 17.828708] allocated 24-byte region [fff00000c7949140, fff00000c7949158) [ 17.828883] [ 17.828975] The buggy address belongs to the physical page: [ 17.829102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107949 [ 17.829261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.829401] page_type: f5(slab) [ 17.829454] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.829662] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.829807] page dumped because: kasan: bad access detected [ 17.829909] [ 17.829992] Memory state around the buggy address: [ 17.830127] fff00000c7949000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.830209] fff00000c7949080: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.830561] >fff00000c7949100: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.830618] ^ [ 17.830726] fff00000c7949180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.831072] fff00000c7949200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.831189] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.806531] ================================================================== [ 17.806589] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.806816] Read of size 1 at addr ffff800080aa7b4a by task kunit_try_catch/258 [ 17.807056] [ 17.807184] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.807291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.807318] Hardware name: linux,dummy-virt (DT) [ 17.807378] Call trace: [ 17.807513] show_stack+0x20/0x38 (C) [ 17.807607] dump_stack_lvl+0x8c/0xd0 [ 17.807800] print_report+0x310/0x608 [ 17.807895] kasan_report+0xdc/0x128 [ 17.807982] __asan_report_load1_noabort+0x20/0x30 [ 17.808118] kasan_alloca_oob_right+0x2dc/0x340 [ 17.808256] kunit_try_run_case+0x170/0x3f0 [ 17.808497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.808703] kthread+0x328/0x630 [ 17.808800] ret_from_fork+0x10/0x20 [ 17.808851] [ 17.808881] The buggy address belongs to stack of task kunit_try_catch/258 [ 17.808947] [ 17.808970] The buggy address belongs to the virtual mapping at [ 17.808970] [ffff800080aa0000, ffff800080aa9000) created by: [ 17.808970] kernel_clone+0x150/0x7a8 [ 17.809166] [ 17.809286] The buggy address belongs to the physical page: [ 17.809465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107945 [ 17.809607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.809756] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.809900] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.810085] page dumped because: kasan: bad access detected [ 17.810120] [ 17.810137] Memory state around the buggy address: [ 17.810193] ffff800080aa7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.810450] ffff800080aa7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.810586] >ffff800080aa7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.810698] ^ [ 17.811017] ffff800080aa7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.811136] ffff800080aa7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.811362] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.793706] ================================================================== [ 17.794035] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.794297] Read of size 1 at addr ffff800080a87b5f by task kunit_try_catch/256 [ 17.794418] [ 17.794456] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.794536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.794563] Hardware name: linux,dummy-virt (DT) [ 17.794676] Call trace: [ 17.794705] show_stack+0x20/0x38 (C) [ 17.794912] dump_stack_lvl+0x8c/0xd0 [ 17.795035] print_report+0x310/0x608 [ 17.795132] kasan_report+0xdc/0x128 [ 17.795185] __asan_report_load1_noabort+0x20/0x30 [ 17.795237] kasan_alloca_oob_left+0x2b8/0x310 [ 17.795344] kunit_try_run_case+0x170/0x3f0 [ 17.795396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.795484] kthread+0x328/0x630 [ 17.795719] ret_from_fork+0x10/0x20 [ 17.795870] [ 17.795923] The buggy address belongs to stack of task kunit_try_catch/256 [ 17.795996] [ 17.796028] The buggy address belongs to the virtual mapping at [ 17.796028] [ffff800080a80000, ffff800080a89000) created by: [ 17.796028] kernel_clone+0x150/0x7a8 [ 17.796185] [ 17.796226] The buggy address belongs to the physical page: [ 17.796256] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f0f [ 17.796426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.796493] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.796673] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.796798] page dumped because: kasan: bad access detected [ 17.796995] [ 17.797085] Memory state around the buggy address: [ 17.797197] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.797262] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.797322] >ffff800080a87b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.797585] ^ [ 17.797675] ffff800080a87b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.797763] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.797812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.775041] ================================================================== [ 17.775146] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.775203] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/254 [ 17.775259] [ 17.775293] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.775382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.775411] Hardware name: linux,dummy-virt (DT) [ 17.775443] Call trace: [ 17.775471] show_stack+0x20/0x38 (C) [ 17.775520] dump_stack_lvl+0x8c/0xd0 [ 17.775565] print_report+0x310/0x608 [ 17.775617] kasan_report+0xdc/0x128 [ 17.775679] __asan_report_load1_noabort+0x20/0x30 [ 17.775730] kasan_stack_oob+0x238/0x270 [ 17.775774] kunit_try_run_case+0x170/0x3f0 [ 17.775829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.775882] kthread+0x328/0x630 [ 17.775932] ret_from_fork+0x10/0x20 [ 17.776119] [ 17.776193] The buggy address belongs to stack of task kunit_try_catch/254 [ 17.776302] and is located at offset 138 in frame: [ 17.777119] kasan_stack_oob+0x0/0x270 [ 17.777845] [ 17.778033] This frame has 4 objects: [ 17.778943] [48, 49) '__assertion' [ 17.779137] [64, 72) 'array' [ 17.779192] [96, 112) '__assertion' [ 17.779766] [128, 138) 'stack_array' [ 17.779961] [ 17.780250] The buggy address belongs to the virtual mapping at [ 17.780250] [ffff800080a90000, ffff800080a99000) created by: [ 17.780250] kernel_clone+0x150/0x7a8 [ 17.780584] [ 17.780673] The buggy address belongs to the physical page: [ 17.780851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107931 [ 17.780977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.781180] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.781282] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.781737] page dumped because: kasan: bad access detected [ 17.781874] [ 17.781910] Memory state around the buggy address: [ 17.782038] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.782146] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.782992] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.783138] ^ [ 17.783279] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.783345] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.783513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.750661] ================================================================== [ 17.750727] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.750782] Read of size 1 at addr ffffaa36042035ad by task kunit_try_catch/250 [ 17.750832] [ 17.750869] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.750967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.751006] Hardware name: linux,dummy-virt (DT) [ 17.751039] Call trace: [ 17.751061] show_stack+0x20/0x38 (C) [ 17.751117] dump_stack_lvl+0x8c/0xd0 [ 17.751174] print_report+0x310/0x608 [ 17.751227] kasan_report+0xdc/0x128 [ 17.751277] __asan_report_load1_noabort+0x20/0x30 [ 17.751327] kasan_global_oob_right+0x230/0x270 [ 17.751374] kunit_try_run_case+0x170/0x3f0 [ 17.751422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751476] kthread+0x328/0x630 [ 17.751527] ret_from_fork+0x10/0x20 [ 17.751579] [ 17.751641] The buggy address belongs to the variable: [ 17.751670] global_array+0xd/0x40 [ 17.751730] [ 17.751815] The buggy address belongs to the virtual mapping at [ 17.751815] [ffffaa3602420000, ffffaa36042c1000) created by: [ 17.751815] paging_init+0x66c/0x7d0 [ 17.751909] [ 17.752827] The buggy address belongs to the physical page: [ 17.752897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c03 [ 17.752975] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.753418] raw: 03fffe0000002000 ffffc1ffc01f00c8 ffffc1ffc01f00c8 0000000000000000 [ 17.753487] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.753690] page dumped because: kasan: bad access detected [ 17.753840] [ 17.753931] Memory state around the buggy address: [ 17.753972] ffffaa3604203480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.754019] ffffaa3604203500: 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 [ 17.754431] >ffffaa3604203580: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 17.754488] ^ [ 17.754713] ffffaa3604203600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 17.754814] ffffaa3604203680: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.755160] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.718156] ================================================================== [ 17.718323] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.718502] Free of addr fff00000c793a001 by task kunit_try_catch/246 [ 17.718556] [ 17.718938] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.719279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.719323] Hardware name: linux,dummy-virt (DT) [ 17.719641] Call trace: [ 17.719682] show_stack+0x20/0x38 (C) [ 17.720059] dump_stack_lvl+0x8c/0xd0 [ 17.720247] print_report+0x118/0x608 [ 17.720834] kasan_report_invalid_free+0xc0/0xe8 [ 17.720909] check_slab_allocation+0xfc/0x108 [ 17.720959] __kasan_mempool_poison_object+0x78/0x150 [ 17.721204] mempool_free+0x28c/0x328 [ 17.721321] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.721435] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.721488] kunit_try_run_case+0x170/0x3f0 [ 17.721536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.721605] kthread+0x328/0x630 [ 17.721665] ret_from_fork+0x10/0x20 [ 17.721720] [ 17.721739] Allocated by task 246: [ 17.721769] kasan_save_stack+0x3c/0x68 [ 17.721806] kasan_save_track+0x20/0x40 [ 17.721851] kasan_save_alloc_info+0x40/0x58 [ 17.721890] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.721930] remove_element+0x130/0x1f8 [ 17.721970] mempool_alloc_preallocated+0x58/0xc0 [ 17.722019] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.722061] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.722103] kunit_try_run_case+0x170/0x3f0 [ 17.722151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.722194] kthread+0x328/0x630 [ 17.722229] ret_from_fork+0x10/0x20 [ 17.722262] [ 17.722280] The buggy address belongs to the object at fff00000c793a000 [ 17.722280] which belongs to the cache kmalloc-128 of size 128 [ 17.722348] The buggy address is located 1 bytes inside of [ 17.722348] 128-byte region [fff00000c793a000, fff00000c793a080) [ 17.722406] [ 17.722427] The buggy address belongs to the physical page: [ 17.722455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793a [ 17.722517] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.722563] page_type: f5(slab) [ 17.722611] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.723218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.723290] page dumped because: kasan: bad access detected [ 17.723334] [ 17.723388] Memory state around the buggy address: [ 17.723442] fff00000c7939f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723499] fff00000c7939f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.724035] >fff00000c793a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.724115] ^ [ 17.724253] fff00000c793a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.724298] fff00000c793a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.724348] ================================================================== [ 17.734882] ================================================================== [ 17.735030] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.735091] Free of addr fff00000c7968001 by task kunit_try_catch/248 [ 17.735134] [ 17.735166] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.735281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.735309] Hardware name: linux,dummy-virt (DT) [ 17.735339] Call trace: [ 17.735360] show_stack+0x20/0x38 (C) [ 17.735410] dump_stack_lvl+0x8c/0xd0 [ 17.735454] print_report+0x118/0x608 [ 17.735499] kasan_report_invalid_free+0xc0/0xe8 [ 17.735544] __kasan_mempool_poison_object+0xfc/0x150 [ 17.735604] mempool_free+0x28c/0x328 [ 17.735659] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.735726] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.735780] kunit_try_run_case+0x170/0x3f0 [ 17.735826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.735878] kthread+0x328/0x630 [ 17.735922] ret_from_fork+0x10/0x20 [ 17.736427] [ 17.736664] The buggy address belongs to the physical page: [ 17.736838] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 17.736978] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.737164] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.737372] page_type: f8(unknown) [ 17.737471] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.737565] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.737712] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.737818] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.738307] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff [ 17.738516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.738660] page dumped because: kasan: bad access detected [ 17.738757] [ 17.738776] Memory state around the buggy address: [ 17.738810] fff00000c7967f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.738896] fff00000c7967f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.739088] >fff00000c7968000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.739232] ^ [ 17.739300] fff00000c7968080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.739616] fff00000c7968100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.739779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.689942] ================================================================== [ 17.690224] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.690297] Free of addr fff00000c7968000 by task kunit_try_catch/242 [ 17.690479] [ 17.690523] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.690604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.690675] Hardware name: linux,dummy-virt (DT) [ 17.690708] Call trace: [ 17.690730] show_stack+0x20/0x38 (C) [ 17.690781] dump_stack_lvl+0x8c/0xd0 [ 17.690828] print_report+0x118/0x608 [ 17.690883] kasan_report_invalid_free+0xc0/0xe8 [ 17.690933] __kasan_mempool_poison_object+0x14c/0x150 [ 17.690983] mempool_free+0x28c/0x328 [ 17.691029] mempool_double_free_helper+0x150/0x2e8 [ 17.691079] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.691130] kunit_try_run_case+0x170/0x3f0 [ 17.691177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.691229] kthread+0x328/0x630 [ 17.691273] ret_from_fork+0x10/0x20 [ 17.691319] [ 17.691339] The buggy address belongs to the physical page: [ 17.691371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 17.691429] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.691487] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.691537] page_type: f8(unknown) [ 17.691575] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.691624] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.691683] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.691732] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.691781] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff [ 17.691839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.691881] page dumped because: kasan: bad access detected [ 17.691911] [ 17.691929] Memory state around the buggy address: [ 17.691971] fff00000c7967f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.692213] fff00000c7967f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.692265] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.693161] ^ [ 17.693342] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.693625] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.693751] ================================================================== [ 17.705542] ================================================================== [ 17.705599] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.705670] Free of addr fff00000c7968000 by task kunit_try_catch/244 [ 17.705709] [ 17.705751] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.705843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.705881] Hardware name: linux,dummy-virt (DT) [ 17.705919] Call trace: [ 17.705941] show_stack+0x20/0x38 (C) [ 17.705993] dump_stack_lvl+0x8c/0xd0 [ 17.706039] print_report+0x118/0x608 [ 17.706083] kasan_report_invalid_free+0xc0/0xe8 [ 17.706129] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.706187] mempool_free+0x24c/0x328 [ 17.706239] mempool_double_free_helper+0x150/0x2e8 [ 17.706299] mempool_page_alloc_double_free+0xbc/0x118 [ 17.706355] kunit_try_run_case+0x170/0x3f0 [ 17.706412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.706466] kthread+0x328/0x630 [ 17.706510] ret_from_fork+0x10/0x20 [ 17.706564] [ 17.706584] The buggy address belongs to the physical page: [ 17.706612] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 17.706672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.706847] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.707270] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.707332] page dumped because: kasan: bad access detected [ 17.707643] [ 17.707796] Memory state around the buggy address: [ 17.708030] fff00000c7967f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.708088] fff00000c7967f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.708132] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.708403] ^ [ 17.708551] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.708671] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.708813] ================================================================== [ 17.669619] ================================================================== [ 17.669949] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.670177] Free of addr fff00000c6ecac00 by task kunit_try_catch/240 [ 17.670242] [ 17.670360] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.670491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.670600] Hardware name: linux,dummy-virt (DT) [ 17.670642] Call trace: [ 17.670664] show_stack+0x20/0x38 (C) [ 17.670953] dump_stack_lvl+0x8c/0xd0 [ 17.671040] print_report+0x118/0x608 [ 17.671169] kasan_report_invalid_free+0xc0/0xe8 [ 17.671255] check_slab_allocation+0xd4/0x108 [ 17.671395] __kasan_mempool_poison_object+0x78/0x150 [ 17.671455] mempool_free+0x28c/0x328 [ 17.671534] mempool_double_free_helper+0x150/0x2e8 [ 17.671719] mempool_kmalloc_double_free+0xc0/0x118 [ 17.671787] kunit_try_run_case+0x170/0x3f0 [ 17.671926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.672171] kthread+0x328/0x630 [ 17.672234] ret_from_fork+0x10/0x20 [ 17.672306] [ 17.672326] Allocated by task 240: [ 17.672602] kasan_save_stack+0x3c/0x68 [ 17.672758] kasan_save_track+0x20/0x40 [ 17.672847] kasan_save_alloc_info+0x40/0x58 [ 17.673033] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.673293] remove_element+0x130/0x1f8 [ 17.673359] mempool_alloc_preallocated+0x58/0xc0 [ 17.673769] mempool_double_free_helper+0x94/0x2e8 [ 17.673928] mempool_kmalloc_double_free+0xc0/0x118 [ 17.674040] kunit_try_run_case+0x170/0x3f0 [ 17.674131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.674346] kthread+0x328/0x630 [ 17.674383] ret_from_fork+0x10/0x20 [ 17.674613] [ 17.674785] Freed by task 240: [ 17.674889] kasan_save_stack+0x3c/0x68 [ 17.675072] kasan_save_track+0x20/0x40 [ 17.675194] kasan_save_free_info+0x4c/0x78 [ 17.675362] __kasan_mempool_poison_object+0xc0/0x150 [ 17.675432] mempool_free+0x28c/0x328 [ 17.675644] mempool_double_free_helper+0x100/0x2e8 [ 17.675875] mempool_kmalloc_double_free+0xc0/0x118 [ 17.676005] kunit_try_run_case+0x170/0x3f0 [ 17.676138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.676186] kthread+0x328/0x630 [ 17.676252] ret_from_fork+0x10/0x20 [ 17.676289] [ 17.676675] The buggy address belongs to the object at fff00000c6ecac00 [ 17.676675] which belongs to the cache kmalloc-128 of size 128 [ 17.676799] The buggy address is located 0 bytes inside of [ 17.676799] 128-byte region [fff00000c6ecac00, fff00000c6ecac80) [ 17.676997] [ 17.677095] The buggy address belongs to the physical page: [ 17.677219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106eca [ 17.677273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.677347] page_type: f5(slab) [ 17.677546] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.677862] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.678168] page dumped because: kasan: bad access detected [ 17.678228] [ 17.678246] Memory state around the buggy address: [ 17.678411] fff00000c6ecab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.678496] fff00000c6ecab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.678553] >fff00000c6ecac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.678906] ^ [ 17.679174] fff00000c6ecac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.679225] fff00000c6ecad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.679264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.657994] ================================================================== [ 17.658057] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.658448] Read of size 1 at addr fff00000c7850000 by task kunit_try_catch/238 [ 17.658684] [ 17.658770] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.659096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.659124] Hardware name: linux,dummy-virt (DT) [ 17.659170] Call trace: [ 17.659196] show_stack+0x20/0x38 (C) [ 17.659250] dump_stack_lvl+0x8c/0xd0 [ 17.659366] print_report+0x118/0x608 [ 17.659415] kasan_report+0xdc/0x128 [ 17.659460] __asan_report_load1_noabort+0x20/0x30 [ 17.659530] mempool_uaf_helper+0x314/0x340 [ 17.659581] mempool_page_alloc_uaf+0xc0/0x118 [ 17.659626] kunit_try_run_case+0x170/0x3f0 [ 17.659694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.659759] kthread+0x328/0x630 [ 17.659804] ret_from_fork+0x10/0x20 [ 17.659858] [ 17.659880] The buggy address belongs to the physical page: [ 17.659912] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 17.660167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.660274] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.660339] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.660425] page dumped because: kasan: bad access detected [ 17.660493] [ 17.660656] Memory state around the buggy address: [ 17.660805] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.661031] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.661169] >fff00000c7850000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.661298] ^ [ 17.661368] fff00000c7850080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.661461] fff00000c7850100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.661557] ================================================================== [ 17.602589] ================================================================== [ 17.603416] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.603486] Read of size 1 at addr fff00000c7850000 by task kunit_try_catch/234 [ 17.603536] [ 17.603576] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.603679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.603708] Hardware name: linux,dummy-virt (DT) [ 17.603955] Call trace: [ 17.604043] show_stack+0x20/0x38 (C) [ 17.604127] dump_stack_lvl+0x8c/0xd0 [ 17.604178] print_report+0x118/0x608 [ 17.604229] kasan_report+0xdc/0x128 [ 17.604273] __asan_report_load1_noabort+0x20/0x30 [ 17.604323] mempool_uaf_helper+0x314/0x340 [ 17.604695] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.604834] kunit_try_run_case+0x170/0x3f0 [ 17.604933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.605279] kthread+0x328/0x630 [ 17.605457] ret_from_fork+0x10/0x20 [ 17.605544] [ 17.605574] The buggy address belongs to the physical page: [ 17.606027] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 17.606137] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.606251] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.606305] page_type: f8(unknown) [ 17.606343] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.606726] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.606814] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.607092] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.607267] head: 0bfffe0000000002 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 17.607356] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.607793] page dumped because: kasan: bad access detected [ 17.607976] [ 17.608020] Memory state around the buggy address: [ 17.608196] fff00000c784ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.608243] fff00000c784ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.608292] >fff00000c7850000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.608332] ^ [ 17.608361] fff00000c7850080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.608719] fff00000c7850100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.608816] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.622062] ================================================================== [ 17.622418] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.622491] Read of size 1 at addr fff00000c7936240 by task kunit_try_catch/236 [ 17.622562] [ 17.622597] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.622687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.622714] Hardware name: linux,dummy-virt (DT) [ 17.622972] Call trace: [ 17.623146] show_stack+0x20/0x38 (C) [ 17.623205] dump_stack_lvl+0x8c/0xd0 [ 17.623522] print_report+0x118/0x608 [ 17.623608] kasan_report+0xdc/0x128 [ 17.623725] __asan_report_load1_noabort+0x20/0x30 [ 17.623797] mempool_uaf_helper+0x314/0x340 [ 17.623884] mempool_slab_uaf+0xc0/0x118 [ 17.623937] kunit_try_run_case+0x170/0x3f0 [ 17.624281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.624403] kthread+0x328/0x630 [ 17.624584] ret_from_fork+0x10/0x20 [ 17.624775] [ 17.624858] Allocated by task 236: [ 17.625161] kasan_save_stack+0x3c/0x68 [ 17.625246] kasan_save_track+0x20/0x40 [ 17.625356] kasan_save_alloc_info+0x40/0x58 [ 17.625474] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.625672] remove_element+0x16c/0x1f8 [ 17.625724] mempool_alloc_preallocated+0x58/0xc0 [ 17.626008] mempool_uaf_helper+0xa4/0x340 [ 17.626089] mempool_slab_uaf+0xc0/0x118 [ 17.626417] kunit_try_run_case+0x170/0x3f0 [ 17.626491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.626680] kthread+0x328/0x630 [ 17.626749] ret_from_fork+0x10/0x20 [ 17.626787] [ 17.627104] Freed by task 236: [ 17.627172] kasan_save_stack+0x3c/0x68 [ 17.627233] kasan_save_track+0x20/0x40 [ 17.627427] kasan_save_free_info+0x4c/0x78 [ 17.627569] __kasan_mempool_poison_object+0xc0/0x150 [ 17.627705] mempool_free+0x28c/0x328 [ 17.628174] mempool_uaf_helper+0x104/0x340 [ 17.628282] mempool_slab_uaf+0xc0/0x118 [ 17.628449] kunit_try_run_case+0x170/0x3f0 [ 17.628584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.628676] kthread+0x328/0x630 [ 17.628720] ret_from_fork+0x10/0x20 [ 17.629030] [ 17.629142] The buggy address belongs to the object at fff00000c7936240 [ 17.629142] which belongs to the cache test_cache of size 123 [ 17.629284] The buggy address is located 0 bytes inside of [ 17.629284] freed 123-byte region [fff00000c7936240, fff00000c79362bb) [ 17.629511] [ 17.629704] The buggy address belongs to the physical page: [ 17.629762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107936 [ 17.629914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.630367] page_type: f5(slab) [ 17.631720] raw: 0bfffe0000000000 fff00000c3eadc80 dead000000000122 0000000000000000 [ 17.631778] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.631818] page dumped because: kasan: bad access detected [ 17.631857] [ 17.631875] Memory state around the buggy address: [ 17.631907] fff00000c7936100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.631952] fff00000c7936180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.631994] >fff00000c7936200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.632034] ^ [ 17.632069] fff00000c7936280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.632110] fff00000c7936300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.632148] ================================================================== [ 17.591710] ================================================================== [ 17.591787] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.591850] Read of size 1 at addr fff00000c6eca800 by task kunit_try_catch/232 [ 17.591902] [ 17.591939] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.592664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.592695] Hardware name: linux,dummy-virt (DT) [ 17.592729] Call trace: [ 17.592754] show_stack+0x20/0x38 (C) [ 17.592807] dump_stack_lvl+0x8c/0xd0 [ 17.592857] print_report+0x118/0x608 [ 17.592900] kasan_report+0xdc/0x128 [ 17.592943] __asan_report_load1_noabort+0x20/0x30 [ 17.592993] mempool_uaf_helper+0x314/0x340 [ 17.593041] mempool_kmalloc_uaf+0xc4/0x120 [ 17.593089] kunit_try_run_case+0x170/0x3f0 [ 17.593138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.593190] kthread+0x328/0x630 [ 17.593236] ret_from_fork+0x10/0x20 [ 17.593283] [ 17.593301] Allocated by task 232: [ 17.593330] kasan_save_stack+0x3c/0x68 [ 17.593370] kasan_save_track+0x20/0x40 [ 17.593406] kasan_save_alloc_info+0x40/0x58 [ 17.593445] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.593487] remove_element+0x130/0x1f8 [ 17.593528] mempool_alloc_preallocated+0x58/0xc0 [ 17.593568] mempool_uaf_helper+0xa4/0x340 [ 17.593605] mempool_kmalloc_uaf+0xc4/0x120 [ 17.593654] kunit_try_run_case+0x170/0x3f0 [ 17.593691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.593735] kthread+0x328/0x630 [ 17.593771] ret_from_fork+0x10/0x20 [ 17.593807] [ 17.593825] Freed by task 232: [ 17.593850] kasan_save_stack+0x3c/0x68 [ 17.593885] kasan_save_track+0x20/0x40 [ 17.593919] kasan_save_free_info+0x4c/0x78 [ 17.593957] __kasan_mempool_poison_object+0xc0/0x150 [ 17.593999] mempool_free+0x28c/0x328 [ 17.594036] mempool_uaf_helper+0x104/0x340 [ 17.594075] mempool_kmalloc_uaf+0xc4/0x120 [ 17.594112] kunit_try_run_case+0x170/0x3f0 [ 17.594151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.594195] kthread+0x328/0x630 [ 17.594229] ret_from_fork+0x10/0x20 [ 17.594263] [ 17.594283] The buggy address belongs to the object at fff00000c6eca800 [ 17.594283] which belongs to the cache kmalloc-128 of size 128 [ 17.594339] The buggy address is located 0 bytes inside of [ 17.594339] freed 128-byte region [fff00000c6eca800, fff00000c6eca880) [ 17.594399] [ 17.594421] The buggy address belongs to the physical page: [ 17.594452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106eca [ 17.594506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.594554] page_type: f5(slab) [ 17.594592] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.594877] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.594923] page dumped because: kasan: bad access detected [ 17.594955] [ 17.594973] Memory state around the buggy address: [ 17.595007] fff00000c6eca700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.595050] fff00000c6eca780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.595093] >fff00000c6eca800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.595131] ^ [ 17.595158] fff00000c6eca880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.595198] fff00000c6eca900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.595237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.505589] ================================================================== [ 17.505679] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.505751] Read of size 1 at addr fff00000c6eca473 by task kunit_try_catch/226 [ 17.505801] [ 17.505842] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.505928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.505955] Hardware name: linux,dummy-virt (DT) [ 17.505994] Call trace: [ 17.506018] show_stack+0x20/0x38 (C) [ 17.506069] dump_stack_lvl+0x8c/0xd0 [ 17.506120] print_report+0x118/0x608 [ 17.506163] kasan_report+0xdc/0x128 [ 17.506207] __asan_report_load1_noabort+0x20/0x30 [ 17.506256] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.506306] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.506356] kunit_try_run_case+0x170/0x3f0 [ 17.506406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.506458] kthread+0x328/0x630 [ 17.506504] ret_from_fork+0x10/0x20 [ 17.506553] [ 17.506571] Allocated by task 226: [ 17.506601] kasan_save_stack+0x3c/0x68 [ 17.506652] kasan_save_track+0x20/0x40 [ 17.506689] kasan_save_alloc_info+0x40/0x58 [ 17.506727] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.506769] remove_element+0x130/0x1f8 [ 17.506809] mempool_alloc_preallocated+0x58/0xc0 [ 17.506851] mempool_oob_right_helper+0x98/0x2f0 [ 17.506891] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.506933] kunit_try_run_case+0x170/0x3f0 [ 17.506972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.507014] kthread+0x328/0x630 [ 17.507050] ret_from_fork+0x10/0x20 [ 17.507084] [ 17.507103] The buggy address belongs to the object at fff00000c6eca400 [ 17.507103] which belongs to the cache kmalloc-128 of size 128 [ 17.507159] The buggy address is located 0 bytes to the right of [ 17.507159] allocated 115-byte region [fff00000c6eca400, fff00000c6eca473) [ 17.507222] [ 17.507243] The buggy address belongs to the physical page: [ 17.507275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106eca [ 17.507328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.507378] page_type: f5(slab) [ 17.507421] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.507470] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.507512] page dumped because: kasan: bad access detected [ 17.507544] [ 17.507561] Memory state around the buggy address: [ 17.507596] fff00000c6eca300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.507651] fff00000c6eca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.507695] >fff00000c6eca400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.507733] ^ [ 17.507772] fff00000c6eca480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.507815] fff00000c6eca500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.507852] ================================================================== [ 17.517281] ================================================================== [ 17.517345] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.517402] Read of size 1 at addr fff00000c784a001 by task kunit_try_catch/228 [ 17.517451] [ 17.517485] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.517566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.517594] Hardware name: linux,dummy-virt (DT) [ 17.517625] Call trace: [ 17.517664] show_stack+0x20/0x38 (C) [ 17.517713] dump_stack_lvl+0x8c/0xd0 [ 17.517760] print_report+0x118/0x608 [ 17.517802] kasan_report+0xdc/0x128 [ 17.517845] __asan_report_load1_noabort+0x20/0x30 [ 17.517895] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.517942] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.518067] kunit_try_run_case+0x170/0x3f0 [ 17.518136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.518189] kthread+0x328/0x630 [ 17.518665] ret_from_fork+0x10/0x20 [ 17.519011] [ 17.519134] The buggy address belongs to the physical page: [ 17.519266] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.519363] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.519583] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.519760] page_type: f8(unknown) [ 17.519808] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.520007] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.520407] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.520586] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.520675] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff [ 17.520733] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.520883] page dumped because: kasan: bad access detected [ 17.520959] [ 17.521027] Memory state around the buggy address: [ 17.521059] fff00000c7849f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.521244] fff00000c7849f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.521435] >fff00000c784a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.521476] ^ [ 17.521503] fff00000c784a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.521544] fff00000c784a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.521583] ================================================================== [ 17.539229] ================================================================== [ 17.539293] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.539347] Read of size 1 at addr fff00000c79332bb by task kunit_try_catch/230 [ 17.539396] [ 17.539429] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 17.539512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.539540] Hardware name: linux,dummy-virt (DT) [ 17.540009] Call trace: [ 17.540048] show_stack+0x20/0x38 (C) [ 17.540225] dump_stack_lvl+0x8c/0xd0 [ 17.540569] print_report+0x118/0x608 [ 17.540958] kasan_report+0xdc/0x128 [ 17.541429] __asan_report_load1_noabort+0x20/0x30 [ 17.542252] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.542469] mempool_slab_oob_right+0xc0/0x118 [ 17.542532] kunit_try_run_case+0x170/0x3f0 [ 17.542898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.543276] kthread+0x328/0x630 [ 17.543526] ret_from_fork+0x10/0x20 [ 17.543893] [ 17.543918] Allocated by task 230: [ 17.544098] kasan_save_stack+0x3c/0x68 [ 17.544312] kasan_save_track+0x20/0x40 [ 17.544376] kasan_save_alloc_info+0x40/0x58 [ 17.544416] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.544464] remove_element+0x16c/0x1f8 [ 17.544504] mempool_alloc_preallocated+0x58/0xc0 [ 17.544546] mempool_oob_right_helper+0x98/0x2f0 [ 17.544585] mempool_slab_oob_right+0xc0/0x118 [ 17.544622] kunit_try_run_case+0x170/0x3f0 [ 17.544668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.545757] kthread+0x328/0x630 [ 17.545808] ret_from_fork+0x10/0x20 [ 17.545844] [ 17.545867] The buggy address belongs to the object at fff00000c7933240 [ 17.545867] which belongs to the cache test_cache of size 123 [ 17.546195] The buggy address is located 0 bytes to the right of [ 17.546195] allocated 123-byte region [fff00000c7933240, fff00000c79332bb) [ 17.546651] [ 17.546681] The buggy address belongs to the physical page: [ 17.547053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107933 [ 17.547334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.547577] page_type: f5(slab) [ 17.547693] raw: 0bfffe0000000000 fff00000c3eadb40 dead000000000122 0000000000000000 [ 17.548168] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.548254] page dumped because: kasan: bad access detected [ 17.548288] [ 17.548306] Memory state around the buggy address: [ 17.548349] fff00000c7933180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.548393] fff00000c7933200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.548435] >fff00000c7933280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.548490] ^ [ 17.548524] fff00000c7933300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.549019] fff00000c7933380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.549184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.926908] ================================================================== [ 16.926995] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.927071] Read of size 1 at addr fff00000c3ead8c0 by task kunit_try_catch/220 [ 16.927123] [ 16.927165] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 16.927249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.927278] Hardware name: linux,dummy-virt (DT) [ 16.927312] Call trace: [ 16.927337] show_stack+0x20/0x38 (C) [ 16.927389] dump_stack_lvl+0x8c/0xd0 [ 16.927439] print_report+0x118/0x608 [ 16.927485] kasan_report+0xdc/0x128 [ 16.927527] __kasan_check_byte+0x54/0x70 [ 16.927572] kmem_cache_destroy+0x34/0x218 [ 16.927617] kmem_cache_double_destroy+0x174/0x300 [ 16.927683] kunit_try_run_case+0x170/0x3f0 [ 16.927732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.927785] kthread+0x328/0x630 [ 16.927830] ret_from_fork+0x10/0x20 [ 16.927879] [ 16.927898] Allocated by task 220: [ 16.927927] kasan_save_stack+0x3c/0x68 [ 16.928381] kasan_save_track+0x20/0x40 [ 16.928434] kasan_save_alloc_info+0x40/0x58 [ 16.928474] __kasan_slab_alloc+0xa8/0xb0 [ 16.928509] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.928550] __kmem_cache_create_args+0x178/0x280 [ 16.928587] kmem_cache_double_destroy+0xc0/0x300 [ 16.928645] kunit_try_run_case+0x170/0x3f0 [ 16.928685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.928730] kthread+0x328/0x630 [ 16.928765] ret_from_fork+0x10/0x20 [ 16.928800] [ 16.928822] Freed by task 220: [ 16.928849] kasan_save_stack+0x3c/0x68 [ 16.928885] kasan_save_track+0x20/0x40 [ 16.928919] kasan_save_free_info+0x4c/0x78 [ 16.928957] __kasan_slab_free+0x6c/0x98 [ 16.928994] kmem_cache_free+0x260/0x468 [ 16.929028] slab_kmem_cache_release+0x38/0x50 [ 16.929066] kmem_cache_release+0x1c/0x30 [ 16.929104] kobject_put+0x17c/0x420 [ 16.929140] sysfs_slab_release+0x1c/0x30 [ 16.929175] kmem_cache_destroy+0x118/0x218 [ 16.929212] kmem_cache_double_destroy+0x128/0x300 [ 16.929253] kunit_try_run_case+0x170/0x3f0 [ 16.929290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.929335] kthread+0x328/0x630 [ 16.929371] ret_from_fork+0x10/0x20 [ 16.929405] [ 16.929424] The buggy address belongs to the object at fff00000c3ead8c0 [ 16.929424] which belongs to the cache kmem_cache of size 208 [ 16.929481] The buggy address is located 0 bytes inside of [ 16.929481] freed 208-byte region [fff00000c3ead8c0, fff00000c3ead990) [ 16.929541] [ 16.929565] The buggy address belongs to the physical page: [ 16.929598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ead [ 16.929665] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.929718] page_type: f5(slab) [ 16.929758] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.929808] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.929849] page dumped because: kasan: bad access detected [ 16.929882] [ 16.929899] Memory state around the buggy address: [ 16.929932] fff00000c3ead780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.929981] fff00000c3ead800: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 16.930023] >fff00000c3ead880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.930061] ^ [ 16.930095] fff00000c3ead900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.930137] fff00000c3ead980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.930175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.840494] ================================================================== [ 16.840603] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.840702] Read of size 1 at addr fff00000c65a1000 by task kunit_try_catch/218 [ 16.840753] [ 16.840797] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 16.840883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.840911] Hardware name: linux,dummy-virt (DT) [ 16.840946] Call trace: [ 16.840971] show_stack+0x20/0x38 (C) [ 16.841022] dump_stack_lvl+0x8c/0xd0 [ 16.841074] print_report+0x118/0x608 [ 16.841120] kasan_report+0xdc/0x128 [ 16.841164] __asan_report_load1_noabort+0x20/0x30 [ 16.841213] kmem_cache_rcu_uaf+0x388/0x468 [ 16.841261] kunit_try_run_case+0x170/0x3f0 [ 16.841313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.841367] kthread+0x328/0x630 [ 16.841414] ret_from_fork+0x10/0x20 [ 16.841464] [ 16.841483] Allocated by task 218: [ 16.841514] kasan_save_stack+0x3c/0x68 [ 16.841553] kasan_save_track+0x20/0x40 [ 16.841589] kasan_save_alloc_info+0x40/0x58 [ 16.841660] __kasan_slab_alloc+0xa8/0xb0 [ 16.841698] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.841739] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.841778] kunit_try_run_case+0x170/0x3f0 [ 16.841818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.841859] kthread+0x328/0x630 [ 16.841893] ret_from_fork+0x10/0x20 [ 16.841929] [ 16.841946] Freed by task 0: [ 16.841975] kasan_save_stack+0x3c/0x68 [ 16.842009] kasan_save_track+0x20/0x40 [ 16.842044] kasan_save_free_info+0x4c/0x78 [ 16.842082] __kasan_slab_free+0x6c/0x98 [ 16.842118] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.842155] rcu_core+0x9f4/0x1e20 [ 16.842193] rcu_core_si+0x18/0x30 [ 16.842225] handle_softirqs+0x374/0xb28 [ 16.842261] __do_softirq+0x1c/0x28 [ 16.842294] [ 16.842313] Last potentially related work creation: [ 16.842339] kasan_save_stack+0x3c/0x68 [ 16.842375] kasan_record_aux_stack+0xb4/0xc8 [ 16.842412] kmem_cache_free+0x120/0x468 [ 16.842448] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.842486] kunit_try_run_case+0x170/0x3f0 [ 16.842525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842568] kthread+0x328/0x630 [ 16.842601] ret_from_fork+0x10/0x20 [ 16.842645] [ 16.842664] The buggy address belongs to the object at fff00000c65a1000 [ 16.842664] which belongs to the cache test_cache of size 200 [ 16.842720] The buggy address is located 0 bytes inside of [ 16.842720] freed 200-byte region [fff00000c65a1000, fff00000c65a10c8) [ 16.842781] [ 16.842804] The buggy address belongs to the physical page: [ 16.842837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a1 [ 16.842893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.842944] page_type: f5(slab) [ 16.842985] raw: 0bfffe0000000000 fff00000c65af280 dead000000000122 0000000000000000 [ 16.843036] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.843077] page dumped because: kasan: bad access detected [ 16.843108] [ 16.843126] Memory state around the buggy address: [ 16.843160] fff00000c65a0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.843204] fff00000c65a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.843246] >fff00000c65a1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.843284] ^ [ 16.843311] fff00000c65a1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.843353] fff00000c65a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.843391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.266029] ================================================================== [ 16.266091] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.266712] Free of addr fff00000c65a0001 by task kunit_try_catch/216 [ 16.266763] [ 16.266800] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 16.266882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.266910] Hardware name: linux,dummy-virt (DT) [ 16.266942] Call trace: [ 16.266964] show_stack+0x20/0x38 (C) [ 16.267015] dump_stack_lvl+0x8c/0xd0 [ 16.267065] print_report+0x118/0x608 [ 16.267121] kasan_report_invalid_free+0xc0/0xe8 [ 16.267170] check_slab_allocation+0xfc/0x108 [ 16.267216] __kasan_slab_pre_free+0x2c/0x48 [ 16.267309] kmem_cache_free+0xf0/0x468 [ 16.267355] kmem_cache_invalid_free+0x184/0x3c8 [ 16.267404] kunit_try_run_case+0x170/0x3f0 [ 16.267454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.267507] kthread+0x328/0x630 [ 16.267551] ret_from_fork+0x10/0x20 [ 16.267679] [ 16.267697] Allocated by task 216: [ 16.267737] kasan_save_stack+0x3c/0x68 [ 16.267777] kasan_save_track+0x20/0x40 [ 16.267864] kasan_save_alloc_info+0x40/0x58 [ 16.267914] __kasan_slab_alloc+0xa8/0xb0 [ 16.268069] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.268107] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.268148] kunit_try_run_case+0x170/0x3f0 [ 16.268185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.268307] kthread+0x328/0x630 [ 16.268362] ret_from_fork+0x10/0x20 [ 16.268509] [ 16.268539] The buggy address belongs to the object at fff00000c65a0000 [ 16.268539] which belongs to the cache test_cache of size 200 [ 16.268597] The buggy address is located 1 bytes inside of [ 16.268597] 200-byte region [fff00000c65a0000, fff00000c65a00c8) [ 16.268665] [ 16.268686] The buggy address belongs to the physical page: [ 16.268720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a0 [ 16.268807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.268856] page_type: f5(slab) [ 16.268897] raw: 0bfffe0000000000 fff00000c65af140 dead000000000122 0000000000000000 [ 16.268982] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.269023] page dumped because: kasan: bad access detected [ 16.269063] [ 16.269168] Memory state around the buggy address: [ 16.269200] fff00000c659ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.269251] fff00000c659ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.269396] >fff00000c65a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.269434] ^ [ 16.269498] fff00000c65a0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.269600] fff00000c65a0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.269659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.238394] ================================================================== [ 16.238739] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.238867] Free of addr fff00000c656e000 by task kunit_try_catch/214 [ 16.238910] [ 16.239113] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 16.239200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.239256] Hardware name: linux,dummy-virt (DT) [ 16.239289] Call trace: [ 16.239393] show_stack+0x20/0x38 (C) [ 16.239539] dump_stack_lvl+0x8c/0xd0 [ 16.239598] print_report+0x118/0x608 [ 16.239675] kasan_report_invalid_free+0xc0/0xe8 [ 16.239879] check_slab_allocation+0xd4/0x108 [ 16.239926] __kasan_slab_pre_free+0x2c/0x48 [ 16.240012] kmem_cache_free+0xf0/0x468 [ 16.240359] kmem_cache_double_free+0x190/0x3c8 [ 16.240452] kunit_try_run_case+0x170/0x3f0 [ 16.240658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.240713] kthread+0x328/0x630 [ 16.240801] ret_from_fork+0x10/0x20 [ 16.240907] [ 16.240926] Allocated by task 214: [ 16.240976] kasan_save_stack+0x3c/0x68 [ 16.241018] kasan_save_track+0x20/0x40 [ 16.241053] kasan_save_alloc_info+0x40/0x58 [ 16.241091] __kasan_slab_alloc+0xa8/0xb0 [ 16.241126] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.241217] kmem_cache_double_free+0x12c/0x3c8 [ 16.241259] kunit_try_run_case+0x170/0x3f0 [ 16.241383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.241592] kthread+0x328/0x630 [ 16.241638] ret_from_fork+0x10/0x20 [ 16.241674] [ 16.241701] Freed by task 214: [ 16.241795] kasan_save_stack+0x3c/0x68 [ 16.241912] kasan_save_track+0x20/0x40 [ 16.241948] kasan_save_free_info+0x4c/0x78 [ 16.241989] __kasan_slab_free+0x6c/0x98 [ 16.242025] kmem_cache_free+0x260/0x468 [ 16.242059] kmem_cache_double_free+0x140/0x3c8 [ 16.242100] kunit_try_run_case+0x170/0x3f0 [ 16.242145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.242189] kthread+0x328/0x630 [ 16.242251] ret_from_fork+0x10/0x20 [ 16.242285] [ 16.242304] The buggy address belongs to the object at fff00000c656e000 [ 16.242304] which belongs to the cache test_cache of size 200 [ 16.242500] The buggy address is located 0 bytes inside of [ 16.242500] 200-byte region [fff00000c656e000, fff00000c656e0c8) [ 16.242723] [ 16.242744] The buggy address belongs to the physical page: [ 16.242801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656e [ 16.242908] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.243105] page_type: f5(slab) [ 16.243219] raw: 0bfffe0000000000 fff00000c65af000 dead000000000122 0000000000000000 [ 16.243302] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.243342] page dumped because: kasan: bad access detected [ 16.243373] [ 16.243429] Memory state around the buggy address: [ 16.243584] fff00000c656df00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.243670] fff00000c656df80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243711] >fff00000c656e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.243749] ^ [ 16.243796] fff00000c656e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.243851] fff00000c656e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243916] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.977711] ================================================================== [ 15.977845] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.977909] Read of size 1 at addr fff00000c65af0c8 by task kunit_try_catch/212 [ 15.977960] [ 15.978031] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.978170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.978214] Hardware name: linux,dummy-virt (DT) [ 15.978252] Call trace: [ 15.978329] show_stack+0x20/0x38 (C) [ 15.978389] dump_stack_lvl+0x8c/0xd0 [ 15.978438] print_report+0x118/0x608 [ 15.978573] kasan_report+0xdc/0x128 [ 15.980275] __asan_report_load1_noabort+0x20/0x30 [ 15.980341] kmem_cache_oob+0x344/0x430 [ 15.980389] kunit_try_run_case+0x170/0x3f0 [ 15.980441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.980495] kthread+0x328/0x630 [ 15.980541] ret_from_fork+0x10/0x20 [ 15.980589] [ 15.980606] Allocated by task 212: [ 15.980647] kasan_save_stack+0x3c/0x68 [ 15.980686] kasan_save_track+0x20/0x40 [ 15.980720] kasan_save_alloc_info+0x40/0x58 [ 15.980757] __kasan_slab_alloc+0xa8/0xb0 [ 15.980793] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.980831] kmem_cache_oob+0x12c/0x430 [ 15.980869] kunit_try_run_case+0x170/0x3f0 [ 15.980907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.980951] kthread+0x328/0x630 [ 15.980984] ret_from_fork+0x10/0x20 [ 15.981018] [ 15.981036] The buggy address belongs to the object at fff00000c65af000 [ 15.981036] which belongs to the cache test_cache of size 200 [ 15.981091] The buggy address is located 0 bytes to the right of [ 15.981091] allocated 200-byte region [fff00000c65af000, fff00000c65af0c8) [ 15.981155] [ 15.981175] The buggy address belongs to the physical page: [ 15.981205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065af [ 15.981256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.981303] page_type: f5(slab) [ 15.981341] raw: 0bfffe0000000000 fff00000c590bdc0 dead000000000122 0000000000000000 [ 15.981390] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.981429] page dumped because: kasan: bad access detected [ 15.981459] [ 15.981478] Memory state around the buggy address: [ 15.981508] fff00000c65aef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.981551] fff00000c65af000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.981593] >fff00000c65af080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.981640] ^ [ 15.981676] fff00000c65af100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981717] fff00000c65af180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.954485] ================================================================== [ 15.954550] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.954801] Read of size 8 at addr fff00000c65b3040 by task kunit_try_catch/205 [ 15.954853] [ 15.954952] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.955033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.955060] Hardware name: linux,dummy-virt (DT) [ 15.955093] Call trace: [ 15.955115] show_stack+0x20/0x38 (C) [ 15.955389] dump_stack_lvl+0x8c/0xd0 [ 15.955489] print_report+0x118/0x608 [ 15.955534] kasan_report+0xdc/0x128 [ 15.955577] __asan_report_load8_noabort+0x20/0x30 [ 15.955684] workqueue_uaf+0x480/0x4a8 [ 15.955828] kunit_try_run_case+0x170/0x3f0 [ 15.956027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.956161] kthread+0x328/0x630 [ 15.956329] ret_from_fork+0x10/0x20 [ 15.956466] [ 15.956734] Allocated by task 205: [ 15.956784] kasan_save_stack+0x3c/0x68 [ 15.956832] kasan_save_track+0x20/0x40 [ 15.956866] kasan_save_alloc_info+0x40/0x58 [ 15.956905] __kasan_kmalloc+0xd4/0xd8 [ 15.956941] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.956980] workqueue_uaf+0x13c/0x4a8 [ 15.957018] kunit_try_run_case+0x170/0x3f0 [ 15.957057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.957288] kthread+0x328/0x630 [ 15.957332] ret_from_fork+0x10/0x20 [ 15.957368] [ 15.957386] Freed by task 78: [ 15.957413] kasan_save_stack+0x3c/0x68 [ 15.957447] kasan_save_track+0x20/0x40 [ 15.957483] kasan_save_free_info+0x4c/0x78 [ 15.957521] __kasan_slab_free+0x6c/0x98 [ 15.957557] kfree+0x214/0x3c8 [ 15.957590] workqueue_uaf_work+0x18/0x30 [ 15.957637] process_one_work+0x530/0xf98 [ 15.957710] worker_thread+0x618/0xf38 [ 15.958058] kthread+0x328/0x630 [ 15.958276] ret_from_fork+0x10/0x20 [ 15.958441] [ 15.958671] Last potentially related work creation: [ 15.958811] kasan_save_stack+0x3c/0x68 [ 15.958872] kasan_record_aux_stack+0xb4/0xc8 [ 15.958911] __queue_work+0x65c/0x1008 [ 15.959108] queue_work_on+0xbc/0xf8 [ 15.959200] workqueue_uaf+0x210/0x4a8 [ 15.959317] kunit_try_run_case+0x170/0x3f0 [ 15.959358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.959639] kthread+0x328/0x630 [ 15.959786] ret_from_fork+0x10/0x20 [ 15.959940] [ 15.960024] The buggy address belongs to the object at fff00000c65b3040 [ 15.960024] which belongs to the cache kmalloc-32 of size 32 [ 15.960222] The buggy address is located 0 bytes inside of [ 15.960222] freed 32-byte region [fff00000c65b3040, fff00000c65b3060) [ 15.960431] [ 15.960534] The buggy address belongs to the physical page: [ 15.960667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b3 [ 15.960772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.960923] page_type: f5(slab) [ 15.960989] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.961089] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.961131] page dumped because: kasan: bad access detected [ 15.961162] [ 15.961179] Memory state around the buggy address: [ 15.961211] fff00000c65b2f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.961253] fff00000c65b2f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.961336] >fff00000c65b3000: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.961379] ^ [ 15.961412] fff00000c65b3080: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.961454] fff00000c65b3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.961492] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.939692] ================================================================== [ 15.939828] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.939897] Read of size 4 at addr fff00000c6f01e80 by task ksoftirqd/0/15 [ 15.939944] [ 15.941668] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.941761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941786] Hardware name: linux,dummy-virt (DT) [ 15.941818] Call trace: [ 15.941844] show_stack+0x20/0x38 (C) [ 15.941896] dump_stack_lvl+0x8c/0xd0 [ 15.941944] print_report+0x118/0x608 [ 15.941992] kasan_report+0xdc/0x128 [ 15.942037] __asan_report_load4_noabort+0x20/0x30 [ 15.942086] rcu_uaf_reclaim+0x64/0x70 [ 15.942130] rcu_core+0x9f4/0x1e20 [ 15.942176] rcu_core_si+0x18/0x30 [ 15.942218] handle_softirqs+0x374/0xb28 [ 15.942266] run_ksoftirqd+0x80/0xb0 [ 15.942308] smpboot_thread_fn+0x2e8/0x760 [ 15.942354] kthread+0x328/0x630 [ 15.942398] ret_from_fork+0x10/0x20 [ 15.942445] [ 15.942463] Allocated by task 203: [ 15.942493] kasan_save_stack+0x3c/0x68 [ 15.942530] kasan_save_track+0x20/0x40 [ 15.942567] kasan_save_alloc_info+0x40/0x58 [ 15.942605] __kasan_kmalloc+0xd4/0xd8 [ 15.942648] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.942745] rcu_uaf+0xb0/0x2d8 [ 15.942781] kunit_try_run_case+0x170/0x3f0 [ 15.942833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.942886] kthread+0x328/0x630 [ 15.942922] ret_from_fork+0x10/0x20 [ 15.942955] [ 15.942975] Freed by task 15: [ 15.943000] kasan_save_stack+0x3c/0x68 [ 15.943044] kasan_save_track+0x20/0x40 [ 15.943086] kasan_save_free_info+0x4c/0x78 [ 15.943125] __kasan_slab_free+0x6c/0x98 [ 15.943167] kfree+0x214/0x3c8 [ 15.943207] rcu_uaf_reclaim+0x28/0x70 [ 15.943244] rcu_core+0x9f4/0x1e20 [ 15.943276] rcu_core_si+0x18/0x30 [ 15.943325] handle_softirqs+0x374/0xb28 [ 15.943359] run_ksoftirqd+0x80/0xb0 [ 15.943403] smpboot_thread_fn+0x2e8/0x760 [ 15.943439] kthread+0x328/0x630 [ 15.943474] ret_from_fork+0x10/0x20 [ 15.943509] [ 15.943540] Last potentially related work creation: [ 15.943583] kasan_save_stack+0x3c/0x68 [ 15.943637] kasan_record_aux_stack+0xb4/0xc8 [ 15.943676] __call_rcu_common.constprop.0+0x70/0x8b0 [ 15.943717] call_rcu+0x18/0x30 [ 15.943750] rcu_uaf+0x14c/0x2d8 [ 15.943785] kunit_try_run_case+0x170/0x3f0 [ 15.943824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.943877] kthread+0x328/0x630 [ 15.943920] ret_from_fork+0x10/0x20 [ 15.943960] [ 15.944002] The buggy address belongs to the object at fff00000c6f01e80 [ 15.944002] which belongs to the cache kmalloc-32 of size 32 [ 15.944075] The buggy address is located 0 bytes inside of [ 15.944075] freed 32-byte region [fff00000c6f01e80, fff00000c6f01ea0) [ 15.944139] [ 15.944166] The buggy address belongs to the physical page: [ 15.944208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f01 [ 15.944260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.944311] page_type: f5(slab) [ 15.944359] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.944416] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.944457] page dumped because: kasan: bad access detected [ 15.944502] [ 15.944519] Memory state around the buggy address: [ 15.944588] fff00000c6f01d80: 00 00 00 fc fc fc fc fc 00 00 00 01 fc fc fc fc [ 15.944639] fff00000c6f01e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.944682] >fff00000c6f01e80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944721] ^ [ 15.944747] fff00000c6f01f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944789] fff00000c6f01f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944826] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.747736] ================================================================== [ 15.747795] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.748220] Read of size 1 at addr fff00000c637ab73 by task kunit_try_catch/199 [ 15.748354] [ 15.748388] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.748797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748876] Hardware name: linux,dummy-virt (DT) [ 15.749034] Call trace: [ 15.749091] show_stack+0x20/0x38 (C) [ 15.749217] dump_stack_lvl+0x8c/0xd0 [ 15.749270] print_report+0x118/0x608 [ 15.749571] kasan_report+0xdc/0x128 [ 15.749704] __asan_report_load1_noabort+0x20/0x30 [ 15.749762] ksize_unpoisons_memory+0x628/0x740 [ 15.750084] kunit_try_run_case+0x170/0x3f0 [ 15.750256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.750799] kthread+0x328/0x630 [ 15.751034] ret_from_fork+0x10/0x20 [ 15.751092] [ 15.751110] Allocated by task 199: [ 15.751425] kasan_save_stack+0x3c/0x68 [ 15.751546] kasan_save_track+0x20/0x40 [ 15.751984] kasan_save_alloc_info+0x40/0x58 [ 15.752087] __kasan_kmalloc+0xd4/0xd8 [ 15.752175] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.752258] ksize_unpoisons_memory+0xc0/0x740 [ 15.752648] kunit_try_run_case+0x170/0x3f0 [ 15.752754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.752845] kthread+0x328/0x630 [ 15.752947] ret_from_fork+0x10/0x20 [ 15.752983] [ 15.753394] The buggy address belongs to the object at fff00000c637ab00 [ 15.753394] which belongs to the cache kmalloc-128 of size 128 [ 15.753553] The buggy address is located 0 bytes to the right of [ 15.753553] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.753928] [ 15.753971] The buggy address belongs to the physical page: [ 15.754025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.754324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.754673] page_type: f5(slab) [ 15.754765] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.754865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.754944] page dumped because: kasan: bad access detected [ 15.755277] [ 15.755406] Memory state around the buggy address: [ 15.755461] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.755722] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756004] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.756265] ^ [ 15.756640] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756836] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.757120] ================================================================== [ 15.760100] ================================================================== [ 15.760396] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.760482] Read of size 1 at addr fff00000c637ab78 by task kunit_try_catch/199 [ 15.760650] [ 15.760739] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.760976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.761067] Hardware name: linux,dummy-virt (DT) [ 15.761163] Call trace: [ 15.761185] show_stack+0x20/0x38 (C) [ 15.761262] dump_stack_lvl+0x8c/0xd0 [ 15.761505] print_report+0x118/0x608 [ 15.761811] kasan_report+0xdc/0x128 [ 15.761941] __asan_report_load1_noabort+0x20/0x30 [ 15.762174] ksize_unpoisons_memory+0x618/0x740 [ 15.762382] kunit_try_run_case+0x170/0x3f0 [ 15.762436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.762518] kthread+0x328/0x630 [ 15.762563] ret_from_fork+0x10/0x20 [ 15.762726] [ 15.762749] Allocated by task 199: [ 15.762779] kasan_save_stack+0x3c/0x68 [ 15.762831] kasan_save_track+0x20/0x40 [ 15.762867] kasan_save_alloc_info+0x40/0x58 [ 15.762917] __kasan_kmalloc+0xd4/0xd8 [ 15.762950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.762985] ksize_unpoisons_memory+0xc0/0x740 [ 15.763033] kunit_try_run_case+0x170/0x3f0 [ 15.763081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.763135] kthread+0x328/0x630 [ 15.763170] ret_from_fork+0x10/0x20 [ 15.763204] [ 15.763222] The buggy address belongs to the object at fff00000c637ab00 [ 15.763222] which belongs to the cache kmalloc-128 of size 128 [ 15.763278] The buggy address is located 5 bytes to the right of [ 15.763278] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.763363] [ 15.763383] The buggy address belongs to the physical page: [ 15.763422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.763474] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.763522] page_type: f5(slab) [ 15.763569] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.763788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.763924] page dumped because: kasan: bad access detected [ 15.764398] [ 15.764415] Memory state around the buggy address: [ 15.764449] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.764494] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764706] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.764794] ^ [ 15.764997] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765060] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765230] ================================================================== [ 15.766130] ================================================================== [ 15.766179] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.766577] Read of size 1 at addr fff00000c637ab7f by task kunit_try_catch/199 [ 15.766681] [ 15.766742] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.766823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.766850] Hardware name: linux,dummy-virt (DT) [ 15.766944] Call trace: [ 15.767014] show_stack+0x20/0x38 (C) [ 15.767066] dump_stack_lvl+0x8c/0xd0 [ 15.767359] print_report+0x118/0x608 [ 15.767421] kasan_report+0xdc/0x128 [ 15.767465] __asan_report_load1_noabort+0x20/0x30 [ 15.767656] ksize_unpoisons_memory+0x690/0x740 [ 15.767749] kunit_try_run_case+0x170/0x3f0 [ 15.767860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.768003] kthread+0x328/0x630 [ 15.768121] ret_from_fork+0x10/0x20 [ 15.768353] [ 15.768374] Allocated by task 199: [ 15.768403] kasan_save_stack+0x3c/0x68 [ 15.768481] kasan_save_track+0x20/0x40 [ 15.768538] kasan_save_alloc_info+0x40/0x58 [ 15.768715] __kasan_kmalloc+0xd4/0xd8 [ 15.768860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.768964] ksize_unpoisons_memory+0xc0/0x740 [ 15.769061] kunit_try_run_case+0x170/0x3f0 [ 15.769149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.769238] kthread+0x328/0x630 [ 15.769383] ret_from_fork+0x10/0x20 [ 15.769453] [ 15.769479] The buggy address belongs to the object at fff00000c637ab00 [ 15.769479] which belongs to the cache kmalloc-128 of size 128 [ 15.769793] The buggy address is located 12 bytes to the right of [ 15.769793] allocated 115-byte region [fff00000c637ab00, fff00000c637ab73) [ 15.769933] [ 15.770039] The buggy address belongs to the physical page: [ 15.770125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.770261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.770445] page_type: f5(slab) [ 15.770518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.770583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.770953] page dumped because: kasan: bad access detected [ 15.771049] [ 15.771272] Memory state around the buggy address: [ 15.771453] fff00000c637aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.771533] fff00000c637aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.771607] >fff00000c637ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.771870] ^ [ 15.771951] fff00000c637ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772059] fff00000c637ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772186] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.733908] ================================================================== [ 15.733983] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.734042] Free of addr fff00000c6271320 by task kunit_try_catch/197 [ 15.734082] [ 15.734112] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.734191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.734217] Hardware name: linux,dummy-virt (DT) [ 15.734245] Call trace: [ 15.734268] show_stack+0x20/0x38 (C) [ 15.734323] dump_stack_lvl+0x8c/0xd0 [ 15.734372] print_report+0x118/0x608 [ 15.734414] kasan_report_invalid_free+0xc0/0xe8 [ 15.734460] check_slab_allocation+0xd4/0x108 [ 15.734503] __kasan_slab_pre_free+0x2c/0x48 [ 15.734548] kfree+0xe8/0x3c8 [ 15.734596] kfree_sensitive+0x3c/0xb0 [ 15.734653] kmalloc_double_kzfree+0x168/0x308 [ 15.734702] kunit_try_run_case+0x170/0x3f0 [ 15.734748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.734798] kthread+0x328/0x630 [ 15.734842] ret_from_fork+0x10/0x20 [ 15.734886] [ 15.734903] Allocated by task 197: [ 15.734930] kasan_save_stack+0x3c/0x68 [ 15.734968] kasan_save_track+0x20/0x40 [ 15.735001] kasan_save_alloc_info+0x40/0x58 [ 15.735049] __kasan_kmalloc+0xd4/0xd8 [ 15.735085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.735129] kmalloc_double_kzfree+0xb8/0x308 [ 15.735169] kunit_try_run_case+0x170/0x3f0 [ 15.735207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.735249] kthread+0x328/0x630 [ 15.735284] ret_from_fork+0x10/0x20 [ 15.735317] [ 15.735336] Freed by task 197: [ 15.735360] kasan_save_stack+0x3c/0x68 [ 15.735403] kasan_save_track+0x20/0x40 [ 15.735443] kasan_save_free_info+0x4c/0x78 [ 15.735489] __kasan_slab_free+0x6c/0x98 [ 15.735525] kfree+0x214/0x3c8 [ 15.735555] kfree_sensitive+0x80/0xb0 [ 15.735589] kmalloc_double_kzfree+0x11c/0x308 [ 15.735987] kunit_try_run_case+0x170/0x3f0 [ 15.736066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.736135] kthread+0x328/0x630 [ 15.736477] ret_from_fork+0x10/0x20 [ 15.736844] [ 15.736892] The buggy address belongs to the object at fff00000c6271320 [ 15.736892] which belongs to the cache kmalloc-16 of size 16 [ 15.737209] The buggy address is located 0 bytes inside of [ 15.737209] 16-byte region [fff00000c6271320, fff00000c6271330) [ 15.737305] [ 15.737347] The buggy address belongs to the physical page: [ 15.737386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.737602] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.737829] page_type: f5(slab) [ 15.738000] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.738390] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.738497] page dumped because: kasan: bad access detected [ 15.738981] [ 15.739030] Memory state around the buggy address: [ 15.739076] fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 15.739121] fff00000c6271280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.739448] >fff00000c6271300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.739590] ^ [ 15.739667] fff00000c6271380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.739810] fff00000c6271400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.739956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.722957] ================================================================== [ 15.723021] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.723555] Read of size 1 at addr fff00000c6271320 by task kunit_try_catch/197 [ 15.723773] [ 15.723848] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.724089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.724124] Hardware name: linux,dummy-virt (DT) [ 15.724157] Call trace: [ 15.724196] show_stack+0x20/0x38 (C) [ 15.724588] dump_stack_lvl+0x8c/0xd0 [ 15.724943] print_report+0x118/0x608 [ 15.725035] kasan_report+0xdc/0x128 [ 15.725189] __kasan_check_byte+0x54/0x70 [ 15.725294] kfree_sensitive+0x30/0xb0 [ 15.725447] kmalloc_double_kzfree+0x168/0x308 [ 15.725555] kunit_try_run_case+0x170/0x3f0 [ 15.725669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.726062] kthread+0x328/0x630 [ 15.726189] ret_from_fork+0x10/0x20 [ 15.726378] [ 15.726477] Allocated by task 197: [ 15.726610] kasan_save_stack+0x3c/0x68 [ 15.726698] kasan_save_track+0x20/0x40 [ 15.726753] kasan_save_alloc_info+0x40/0x58 [ 15.727079] __kasan_kmalloc+0xd4/0xd8 [ 15.727159] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.727347] kmalloc_double_kzfree+0xb8/0x308 [ 15.727516] kunit_try_run_case+0x170/0x3f0 [ 15.727728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.727807] kthread+0x328/0x630 [ 15.727889] ret_from_fork+0x10/0x20 [ 15.728189] [ 15.728312] Freed by task 197: [ 15.728389] kasan_save_stack+0x3c/0x68 [ 15.728507] kasan_save_track+0x20/0x40 [ 15.728722] kasan_save_free_info+0x4c/0x78 [ 15.728807] __kasan_slab_free+0x6c/0x98 [ 15.728935] kfree+0x214/0x3c8 [ 15.729057] kfree_sensitive+0x80/0xb0 [ 15.729274] kmalloc_double_kzfree+0x11c/0x308 [ 15.729428] kunit_try_run_case+0x170/0x3f0 [ 15.729524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.729732] kthread+0x328/0x630 [ 15.729925] ret_from_fork+0x10/0x20 [ 15.729998] [ 15.730319] The buggy address belongs to the object at fff00000c6271320 [ 15.730319] which belongs to the cache kmalloc-16 of size 16 [ 15.730399] The buggy address is located 0 bytes inside of [ 15.730399] freed 16-byte region [fff00000c6271320, fff00000c6271330) [ 15.730601] [ 15.730717] The buggy address belongs to the physical page: [ 15.730854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.730948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.731314] page_type: f5(slab) [ 15.731501] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.731679] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.731734] page dumped because: kasan: bad access detected [ 15.731800] [ 15.731818] Memory state around the buggy address: [ 15.731894] fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 15.732134] fff00000c6271280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.732679] >fff00000c6271300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.732814] ^ [ 15.732871] fff00000c6271380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.732971] fff00000c6271400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.733291] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.693870] ================================================================== [ 15.693933] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.694092] Read of size 1 at addr fff00000c636bba8 by task kunit_try_catch/193 [ 15.694463] [ 15.694517] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.694693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.694741] Hardware name: linux,dummy-virt (DT) [ 15.694859] Call trace: [ 15.694884] show_stack+0x20/0x38 (C) [ 15.694981] dump_stack_lvl+0x8c/0xd0 [ 15.695033] print_report+0x118/0x608 [ 15.695106] kasan_report+0xdc/0x128 [ 15.695441] __asan_report_load1_noabort+0x20/0x30 [ 15.695547] kmalloc_uaf2+0x3f4/0x468 [ 15.695677] kunit_try_run_case+0x170/0x3f0 [ 15.695803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.695889] kthread+0x328/0x630 [ 15.696024] ret_from_fork+0x10/0x20 [ 15.696366] [ 15.696455] Allocated by task 193: [ 15.696580] kasan_save_stack+0x3c/0x68 [ 15.696724] kasan_save_track+0x20/0x40 [ 15.696844] kasan_save_alloc_info+0x40/0x58 [ 15.696991] __kasan_kmalloc+0xd4/0xd8 [ 15.697114] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.697153] kmalloc_uaf2+0xc4/0x468 [ 15.697189] kunit_try_run_case+0x170/0x3f0 [ 15.697416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.697587] kthread+0x328/0x630 [ 15.697713] ret_from_fork+0x10/0x20 [ 15.697977] [ 15.698091] Freed by task 193: [ 15.698136] kasan_save_stack+0x3c/0x68 [ 15.698174] kasan_save_track+0x20/0x40 [ 15.699228] kasan_save_free_info+0x4c/0x78 [ 15.699328] __kasan_slab_free+0x6c/0x98 [ 15.699390] kfree+0x214/0x3c8 [ 15.699492] kmalloc_uaf2+0x134/0x468 [ 15.699577] kunit_try_run_case+0x170/0x3f0 [ 15.699654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.699730] kthread+0x328/0x630 [ 15.699784] ret_from_fork+0x10/0x20 [ 15.699819] [ 15.699992] The buggy address belongs to the object at fff00000c636bb80 [ 15.699992] which belongs to the cache kmalloc-64 of size 64 [ 15.700305] The buggy address is located 40 bytes inside of [ 15.700305] freed 64-byte region [fff00000c636bb80, fff00000c636bbc0) [ 15.700548] [ 15.700588] The buggy address belongs to the physical page: [ 15.700620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10636b [ 15.700721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.700769] page_type: f5(slab) [ 15.700825] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.701820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.701904] page dumped because: kasan: bad access detected [ 15.701982] [ 15.702031] Memory state around the buggy address: [ 15.702355] fff00000c636ba80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.702481] fff00000c636bb00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.702855] >fff00000c636bb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.703015] ^ [ 15.703105] fff00000c636bc00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.703190] fff00000c636bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.703349] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.660765] ================================================================== [ 15.660826] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.661063] Read of size 1 at addr fff00000c6271308 by task kunit_try_catch/189 [ 15.661215] [ 15.661259] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.661347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661373] Hardware name: linux,dummy-virt (DT) [ 15.661403] Call trace: [ 15.661426] show_stack+0x20/0x38 (C) [ 15.661506] dump_stack_lvl+0x8c/0xd0 [ 15.661555] print_report+0x118/0x608 [ 15.661599] kasan_report+0xdc/0x128 [ 15.661653] __asan_report_load1_noabort+0x20/0x30 [ 15.661702] kmalloc_uaf+0x300/0x338 [ 15.661758] kunit_try_run_case+0x170/0x3f0 [ 15.661804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.661856] kthread+0x328/0x630 [ 15.661900] ret_from_fork+0x10/0x20 [ 15.661950] [ 15.661984] Allocated by task 189: [ 15.662012] kasan_save_stack+0x3c/0x68 [ 15.662051] kasan_save_track+0x20/0x40 [ 15.662086] kasan_save_alloc_info+0x40/0x58 [ 15.662125] __kasan_kmalloc+0xd4/0xd8 [ 15.662158] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.662193] kmalloc_uaf+0xb8/0x338 [ 15.662229] kunit_try_run_case+0x170/0x3f0 [ 15.662268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.662310] kthread+0x328/0x630 [ 15.662343] ret_from_fork+0x10/0x20 [ 15.662378] [ 15.662398] Freed by task 189: [ 15.662432] kasan_save_stack+0x3c/0x68 [ 15.662468] kasan_save_track+0x20/0x40 [ 15.662501] kasan_save_free_info+0x4c/0x78 [ 15.662539] __kasan_slab_free+0x6c/0x98 [ 15.662582] kfree+0x214/0x3c8 [ 15.662614] kmalloc_uaf+0x11c/0x338 [ 15.662932] kunit_try_run_case+0x170/0x3f0 [ 15.662977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.663021] kthread+0x328/0x630 [ 15.663087] ret_from_fork+0x10/0x20 [ 15.663124] [ 15.663171] The buggy address belongs to the object at fff00000c6271300 [ 15.663171] which belongs to the cache kmalloc-16 of size 16 [ 15.663231] The buggy address is located 8 bytes inside of [ 15.663231] freed 16-byte region [fff00000c6271300, fff00000c6271310) [ 15.663430] [ 15.663479] The buggy address belongs to the physical page: [ 15.663722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.663805] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.663912] page_type: f5(slab) [ 15.664062] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.664155] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.664195] page dumped because: kasan: bad access detected [ 15.664232] [ 15.664494] Memory state around the buggy address: [ 15.664618] fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 15.664701] fff00000c6271280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.664806] >fff00000c6271300: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664892] ^ [ 15.664939] fff00000c6271380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.665179] fff00000c6271400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.665312] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.646689] ================================================================== [ 15.646750] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.647077] Read of size 64 at addr fff00000c636b584 by task kunit_try_catch/187 [ 15.647226] [ 15.647263] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.647446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.647513] Hardware name: linux,dummy-virt (DT) [ 15.647643] Call trace: [ 15.647668] show_stack+0x20/0x38 (C) [ 15.648037] dump_stack_lvl+0x8c/0xd0 [ 15.648129] print_report+0x118/0x608 [ 15.648366] kasan_report+0xdc/0x128 [ 15.648549] kasan_check_range+0x100/0x1a8 [ 15.648794] __asan_memmove+0x3c/0x98 [ 15.648842] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.649028] kunit_try_run_case+0x170/0x3f0 [ 15.649150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.649214] kthread+0x328/0x630 [ 15.649442] ret_from_fork+0x10/0x20 [ 15.649593] [ 15.649683] Allocated by task 187: [ 15.649773] kasan_save_stack+0x3c/0x68 [ 15.649912] kasan_save_track+0x20/0x40 [ 15.649976] kasan_save_alloc_info+0x40/0x58 [ 15.650045] __kasan_kmalloc+0xd4/0xd8 [ 15.650321] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.650505] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.650680] kunit_try_run_case+0x170/0x3f0 [ 15.650754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.650845] kthread+0x328/0x630 [ 15.650897] ret_from_fork+0x10/0x20 [ 15.651147] [ 15.651356] The buggy address belongs to the object at fff00000c636b580 [ 15.651356] which belongs to the cache kmalloc-64 of size 64 [ 15.651574] The buggy address is located 4 bytes inside of [ 15.651574] allocated 64-byte region [fff00000c636b580, fff00000c636b5c0) [ 15.651688] [ 15.651770] The buggy address belongs to the physical page: [ 15.651827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10636b [ 15.651920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.652139] page_type: f5(slab) [ 15.652201] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.652260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.652299] page dumped because: kasan: bad access detected [ 15.652359] [ 15.652484] Memory state around the buggy address: [ 15.652574] fff00000c636b480: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.652756] fff00000c636b500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.652926] >fff00000c636b580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.652974] ^ [ 15.653033] fff00000c636b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653076] fff00000c636b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653111] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.585161] ================================================================== [ 15.585281] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.585332] Write of size 2 at addr fff00000c637a677 by task kunit_try_catch/177 [ 15.585426] [ 15.585485] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.585564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.585590] Hardware name: linux,dummy-virt (DT) [ 15.585674] Call trace: [ 15.585702] show_stack+0x20/0x38 (C) [ 15.585785] dump_stack_lvl+0x8c/0xd0 [ 15.585863] print_report+0x118/0x608 [ 15.585907] kasan_report+0xdc/0x128 [ 15.586008] kasan_check_range+0x100/0x1a8 [ 15.586055] __asan_memset+0x34/0x78 [ 15.586114] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.586161] kunit_try_run_case+0x170/0x3f0 [ 15.586212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.586355] kthread+0x328/0x630 [ 15.586424] ret_from_fork+0x10/0x20 [ 15.586493] [ 15.586512] Allocated by task 177: [ 15.586539] kasan_save_stack+0x3c/0x68 [ 15.586592] kasan_save_track+0x20/0x40 [ 15.586638] kasan_save_alloc_info+0x40/0x58 [ 15.586713] __kasan_kmalloc+0xd4/0xd8 [ 15.586748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.586797] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.586881] kunit_try_run_case+0x170/0x3f0 [ 15.586953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.586997] kthread+0x328/0x630 [ 15.587031] ret_from_fork+0x10/0x20 [ 15.587273] [ 15.587317] The buggy address belongs to the object at fff00000c637a600 [ 15.587317] which belongs to the cache kmalloc-128 of size 128 [ 15.587371] The buggy address is located 119 bytes inside of [ 15.587371] allocated 120-byte region [fff00000c637a600, fff00000c637a678) [ 15.587431] [ 15.587451] The buggy address belongs to the physical page: [ 15.587514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.587684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.587768] page_type: f5(slab) [ 15.587841] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.587898] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.587936] page dumped because: kasan: bad access detected [ 15.588022] [ 15.588261] Memory state around the buggy address: [ 15.588417] fff00000c637a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.588570] fff00000c637a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588612] >fff00000c637a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.588657] ^ [ 15.588713] fff00000c637a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.589016] fff00000c637a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.589201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.629799] ================================================================== [ 15.629921] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.630017] Read of size 18446744073709551614 at addr fff00000c636b384 by task kunit_try_catch/185 [ 15.630154] [ 15.630222] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.630527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.630578] Hardware name: linux,dummy-virt (DT) [ 15.630619] Call trace: [ 15.630660] show_stack+0x20/0x38 (C) [ 15.630826] dump_stack_lvl+0x8c/0xd0 [ 15.630928] print_report+0x118/0x608 [ 15.631103] kasan_report+0xdc/0x128 [ 15.631146] kasan_check_range+0x100/0x1a8 [ 15.631190] __asan_memmove+0x3c/0x98 [ 15.631250] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.631302] kunit_try_run_case+0x170/0x3f0 [ 15.631348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.631399] kthread+0x328/0x630 [ 15.631527] ret_from_fork+0x10/0x20 [ 15.631613] [ 15.631738] Allocated by task 185: [ 15.631783] kasan_save_stack+0x3c/0x68 [ 15.631957] kasan_save_track+0x20/0x40 [ 15.632029] kasan_save_alloc_info+0x40/0x58 [ 15.632248] __kasan_kmalloc+0xd4/0xd8 [ 15.632470] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.632519] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.633178] kunit_try_run_case+0x170/0x3f0 [ 15.633444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.633504] kthread+0x328/0x630 [ 15.633684] ret_from_fork+0x10/0x20 [ 15.633794] [ 15.633898] The buggy address belongs to the object at fff00000c636b380 [ 15.633898] which belongs to the cache kmalloc-64 of size 64 [ 15.634217] The buggy address is located 4 bytes inside of [ 15.634217] 64-byte region [fff00000c636b380, fff00000c636b3c0) [ 15.634303] [ 15.634430] The buggy address belongs to the physical page: [ 15.634526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10636b [ 15.634786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.634949] page_type: f5(slab) [ 15.635016] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.635157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.635274] page dumped because: kasan: bad access detected [ 15.635580] [ 15.635751] Memory state around the buggy address: [ 15.635859] fff00000c636b280: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.636105] fff00000c636b300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.636518] >fff00000c636b380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.636656] ^ [ 15.636761] fff00000c636b400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636812] fff00000c636b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636850] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.617916] ================================================================== [ 15.617981] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.618032] Write of size 16 at addr fff00000c637a969 by task kunit_try_catch/183 [ 15.618287] [ 15.618400] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.618521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.618594] Hardware name: linux,dummy-virt (DT) [ 15.618639] Call trace: [ 15.618704] show_stack+0x20/0x38 (C) [ 15.618755] dump_stack_lvl+0x8c/0xd0 [ 15.618848] print_report+0x118/0x608 [ 15.619067] kasan_report+0xdc/0x128 [ 15.619128] kasan_check_range+0x100/0x1a8 [ 15.619176] __asan_memset+0x34/0x78 [ 15.619218] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.619463] kunit_try_run_case+0x170/0x3f0 [ 15.619572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.619665] kthread+0x328/0x630 [ 15.619717] ret_from_fork+0x10/0x20 [ 15.619761] [ 15.619779] Allocated by task 183: [ 15.619805] kasan_save_stack+0x3c/0x68 [ 15.619842] kasan_save_track+0x20/0x40 [ 15.620093] kasan_save_alloc_info+0x40/0x58 [ 15.620419] __kasan_kmalloc+0xd4/0xd8 [ 15.620459] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.620736] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.620912] kunit_try_run_case+0x170/0x3f0 [ 15.620956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.621161] kthread+0x328/0x630 [ 15.621232] ret_from_fork+0x10/0x20 [ 15.621400] [ 15.621545] The buggy address belongs to the object at fff00000c637a900 [ 15.621545] which belongs to the cache kmalloc-128 of size 128 [ 15.621775] The buggy address is located 105 bytes inside of [ 15.621775] allocated 120-byte region [fff00000c637a900, fff00000c637a978) [ 15.621866] [ 15.621885] The buggy address belongs to the physical page: [ 15.622134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.622216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.622372] page_type: f5(slab) [ 15.622508] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.622594] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.622645] page dumped because: kasan: bad access detected [ 15.622878] [ 15.623025] Memory state around the buggy address: [ 15.623195] fff00000c637a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.623280] fff00000c637a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623334] >fff00000c637a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.623530] ^ [ 15.623700] fff00000c637a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623839] fff00000c637aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.604988] ================================================================== [ 15.605173] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.605256] Write of size 8 at addr fff00000c637a871 by task kunit_try_catch/181 [ 15.605333] [ 15.605476] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.605622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.605709] Hardware name: linux,dummy-virt (DT) [ 15.605740] Call trace: [ 15.605762] show_stack+0x20/0x38 (C) [ 15.606005] dump_stack_lvl+0x8c/0xd0 [ 15.606062] print_report+0x118/0x608 [ 15.606105] kasan_report+0xdc/0x128 [ 15.606190] kasan_check_range+0x100/0x1a8 [ 15.606276] __asan_memset+0x34/0x78 [ 15.606321] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.606374] kunit_try_run_case+0x170/0x3f0 [ 15.606509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.606602] kthread+0x328/0x630 [ 15.606733] ret_from_fork+0x10/0x20 [ 15.606781] [ 15.606799] Allocated by task 181: [ 15.606841] kasan_save_stack+0x3c/0x68 [ 15.607103] kasan_save_track+0x20/0x40 [ 15.607159] kasan_save_alloc_info+0x40/0x58 [ 15.607220] __kasan_kmalloc+0xd4/0xd8 [ 15.607255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.607291] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.607398] kunit_try_run_case+0x170/0x3f0 [ 15.607475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.607519] kthread+0x328/0x630 [ 15.607682] ret_from_fork+0x10/0x20 [ 15.607794] [ 15.607934] The buggy address belongs to the object at fff00000c637a800 [ 15.607934] which belongs to the cache kmalloc-128 of size 128 [ 15.608030] The buggy address is located 113 bytes inside of [ 15.608030] allocated 120-byte region [fff00000c637a800, fff00000c637a878) [ 15.608122] [ 15.608170] The buggy address belongs to the physical page: [ 15.608309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.608403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.608454] page_type: f5(slab) [ 15.608743] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.608886] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.609003] page dumped because: kasan: bad access detected [ 15.609125] [ 15.609208] Memory state around the buggy address: [ 15.609357] fff00000c637a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.609451] fff00000c637a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609575] >fff00000c637a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.609612] ^ [ 15.609661] fff00000c637a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609998] fff00000c637a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.593737] ================================================================== [ 15.593793] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.593842] Write of size 4 at addr fff00000c637a775 by task kunit_try_catch/179 [ 15.593889] [ 15.593919] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.594002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594027] Hardware name: linux,dummy-virt (DT) [ 15.594056] Call trace: [ 15.594077] show_stack+0x20/0x38 (C) [ 15.594122] dump_stack_lvl+0x8c/0xd0 [ 15.594168] print_report+0x118/0x608 [ 15.594211] kasan_report+0xdc/0x128 [ 15.594271] kasan_check_range+0x100/0x1a8 [ 15.594317] __asan_memset+0x34/0x78 [ 15.594359] kmalloc_oob_memset_4+0x150/0x300 [ 15.594432] kunit_try_run_case+0x170/0x3f0 [ 15.594479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.594530] kthread+0x328/0x630 [ 15.594572] ret_from_fork+0x10/0x20 [ 15.594617] [ 15.594646] Allocated by task 179: [ 15.594672] kasan_save_stack+0x3c/0x68 [ 15.594708] kasan_save_track+0x20/0x40 [ 15.594742] kasan_save_alloc_info+0x40/0x58 [ 15.594779] __kasan_kmalloc+0xd4/0xd8 [ 15.594823] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.594859] kmalloc_oob_memset_4+0xb0/0x300 [ 15.594897] kunit_try_run_case+0x170/0x3f0 [ 15.595004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.595048] kthread+0x328/0x630 [ 15.595108] ret_from_fork+0x10/0x20 [ 15.595143] [ 15.595182] The buggy address belongs to the object at fff00000c637a700 [ 15.595182] which belongs to the cache kmalloc-128 of size 128 [ 15.595244] The buggy address is located 117 bytes inside of [ 15.595244] allocated 120-byte region [fff00000c637a700, fff00000c637a778) [ 15.595303] [ 15.595322] The buggy address belongs to the physical page: [ 15.595609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.595712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.595789] page_type: f5(slab) [ 15.595825] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.595929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.595975] page dumped because: kasan: bad access detected [ 15.596026] [ 15.596090] Memory state around the buggy address: [ 15.596120] fff00000c637a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.596160] fff00000c637a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.596200] >fff00000c637a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.596235] ^ [ 15.596273] fff00000c637a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.596312] fff00000c637a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.596348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.574667] ================================================================== [ 15.574726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.574777] Write of size 128 at addr fff00000c637a500 by task kunit_try_catch/175 [ 15.574824] [ 15.574854] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.574932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.574958] Hardware name: linux,dummy-virt (DT) [ 15.574988] Call trace: [ 15.575009] show_stack+0x20/0x38 (C) [ 15.575077] dump_stack_lvl+0x8c/0xd0 [ 15.575126] print_report+0x118/0x608 [ 15.575169] kasan_report+0xdc/0x128 [ 15.575210] kasan_check_range+0x100/0x1a8 [ 15.575255] __asan_memset+0x34/0x78 [ 15.575299] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.575345] kunit_try_run_case+0x170/0x3f0 [ 15.575391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.575441] kthread+0x328/0x630 [ 15.575494] ret_from_fork+0x10/0x20 [ 15.575540] [ 15.575557] Allocated by task 175: [ 15.575585] kasan_save_stack+0x3c/0x68 [ 15.575622] kasan_save_track+0x20/0x40 [ 15.576250] kasan_save_alloc_info+0x40/0x58 [ 15.576489] __kasan_kmalloc+0xd4/0xd8 [ 15.576576] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.576617] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.576665] kunit_try_run_case+0x170/0x3f0 [ 15.576703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.576746] kthread+0x328/0x630 [ 15.576780] ret_from_fork+0x10/0x20 [ 15.576814] [ 15.576833] The buggy address belongs to the object at fff00000c637a500 [ 15.576833] which belongs to the cache kmalloc-128 of size 128 [ 15.576887] The buggy address is located 0 bytes inside of [ 15.576887] allocated 120-byte region [fff00000c637a500, fff00000c637a578) [ 15.576945] [ 15.576965] The buggy address belongs to the physical page: [ 15.576993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.577040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.577084] page_type: f5(slab) [ 15.577120] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.577167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.577205] page dumped because: kasan: bad access detected [ 15.577235] [ 15.577253] Memory state around the buggy address: [ 15.577282] fff00000c637a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.577323] fff00000c637a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577363] >fff00000c637a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.577399] ^ [ 15.577437] fff00000c637a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577478] fff00000c637a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.563785] ================================================================== [ 15.563846] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.563901] Read of size 16 at addr fff00000c62712e0 by task kunit_try_catch/173 [ 15.564043] [ 15.564080] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.564159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.564185] Hardware name: linux,dummy-virt (DT) [ 15.564215] Call trace: [ 15.564236] show_stack+0x20/0x38 (C) [ 15.564285] dump_stack_lvl+0x8c/0xd0 [ 15.564373] print_report+0x118/0x608 [ 15.564425] kasan_report+0xdc/0x128 [ 15.564470] __asan_report_load16_noabort+0x20/0x30 [ 15.564524] kmalloc_uaf_16+0x3bc/0x438 [ 15.564593] kunit_try_run_case+0x170/0x3f0 [ 15.564667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.564722] kthread+0x328/0x630 [ 15.564769] ret_from_fork+0x10/0x20 [ 15.564816] [ 15.564834] Allocated by task 173: [ 15.564888] kasan_save_stack+0x3c/0x68 [ 15.564927] kasan_save_track+0x20/0x40 [ 15.564962] kasan_save_alloc_info+0x40/0x58 [ 15.564999] __kasan_kmalloc+0xd4/0xd8 [ 15.565032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.565069] kmalloc_uaf_16+0x140/0x438 [ 15.565106] kunit_try_run_case+0x170/0x3f0 [ 15.565143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.565186] kthread+0x328/0x630 [ 15.565650] ret_from_fork+0x10/0x20 [ 15.565694] [ 15.565714] Freed by task 173: [ 15.565740] kasan_save_stack+0x3c/0x68 [ 15.565777] kasan_save_track+0x20/0x40 [ 15.565812] kasan_save_free_info+0x4c/0x78 [ 15.566301] __kasan_slab_free+0x6c/0x98 [ 15.566381] kfree+0x214/0x3c8 [ 15.566551] kmalloc_uaf_16+0x190/0x438 [ 15.566746] kunit_try_run_case+0x170/0x3f0 [ 15.566862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.566987] kthread+0x328/0x630 [ 15.567121] ret_from_fork+0x10/0x20 [ 15.567270] [ 15.567309] The buggy address belongs to the object at fff00000c62712e0 [ 15.567309] which belongs to the cache kmalloc-16 of size 16 [ 15.567625] The buggy address is located 0 bytes inside of [ 15.567625] freed 16-byte region [fff00000c62712e0, fff00000c62712f0) [ 15.567763] [ 15.567791] The buggy address belongs to the physical page: [ 15.567886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.567987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.568219] page_type: f5(slab) [ 15.568354] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.568430] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.568472] page dumped because: kasan: bad access detected [ 15.568502] [ 15.568520] Memory state around the buggy address: [ 15.568550] fff00000c6271180: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.568591] fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 15.568649] >fff00000c6271280: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 15.568686] ^ [ 15.569091] fff00000c6271300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569204] fff00000c6271380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569240] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.547802] ================================================================== [ 15.548389] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.548512] Write of size 16 at addr fff00000c6271280 by task kunit_try_catch/171 [ 15.548562] [ 15.548594] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.548681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.548706] Hardware name: linux,dummy-virt (DT) [ 15.548736] Call trace: [ 15.548793] show_stack+0x20/0x38 (C) [ 15.548867] dump_stack_lvl+0x8c/0xd0 [ 15.548964] print_report+0x118/0x608 [ 15.549099] kasan_report+0xdc/0x128 [ 15.549181] __asan_report_store16_noabort+0x20/0x30 [ 15.549281] kmalloc_oob_16+0x3a0/0x3f8 [ 15.549326] kunit_try_run_case+0x170/0x3f0 [ 15.549373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.549425] kthread+0x328/0x630 [ 15.549470] ret_from_fork+0x10/0x20 [ 15.549570] [ 15.549625] Allocated by task 171: [ 15.549661] kasan_save_stack+0x3c/0x68 [ 15.549697] kasan_save_track+0x20/0x40 [ 15.549731] kasan_save_alloc_info+0x40/0x58 [ 15.549767] __kasan_kmalloc+0xd4/0xd8 [ 15.549800] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.550476] kmalloc_oob_16+0xb4/0x3f8 [ 15.550533] kunit_try_run_case+0x170/0x3f0 [ 15.550570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.550615] kthread+0x328/0x630 [ 15.550671] ret_from_fork+0x10/0x20 [ 15.550706] [ 15.550725] The buggy address belongs to the object at fff00000c6271280 [ 15.550725] which belongs to the cache kmalloc-16 of size 16 [ 15.551091] The buggy address is located 0 bytes inside of [ 15.551091] allocated 13-byte region [fff00000c6271280, fff00000c627128d) [ 15.551155] [ 15.551174] The buggy address belongs to the physical page: [ 15.551539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.551617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.551728] page_type: f5(slab) [ 15.551767] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.551873] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.551982] page dumped because: kasan: bad access detected [ 15.552014] [ 15.552032] Memory state around the buggy address: [ 15.552079] fff00000c6271180: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.552120] fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 15.552452] >fff00000c6271280: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.552492] ^ [ 15.552520] fff00000c6271300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552560] fff00000c6271380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.533690] ================================================================== [ 15.533736] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.533780] Read of size 1 at addr fff00000c0923000 by task kunit_try_catch/169 [ 15.533828] [ 15.533857] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.534112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.534262] Hardware name: linux,dummy-virt (DT) [ 15.534292] Call trace: [ 15.534579] show_stack+0x20/0x38 (C) [ 15.534652] dump_stack_lvl+0x8c/0xd0 [ 15.534702] print_report+0x118/0x608 [ 15.535116] kasan_report+0xdc/0x128 [ 15.535302] __asan_report_load1_noabort+0x20/0x30 [ 15.535645] krealloc_uaf+0x4c8/0x520 [ 15.535760] kunit_try_run_case+0x170/0x3f0 [ 15.535806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.535867] kthread+0x328/0x630 [ 15.536119] ret_from_fork+0x10/0x20 [ 15.536167] [ 15.536185] Allocated by task 169: [ 15.536228] kasan_save_stack+0x3c/0x68 [ 15.536265] kasan_save_track+0x20/0x40 [ 15.536299] kasan_save_alloc_info+0x40/0x58 [ 15.536499] __kasan_kmalloc+0xd4/0xd8 [ 15.536543] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.536804] krealloc_uaf+0xc8/0x520 [ 15.536841] kunit_try_run_case+0x170/0x3f0 [ 15.536877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.536919] kthread+0x328/0x630 [ 15.536953] ret_from_fork+0x10/0x20 [ 15.536986] [ 15.537004] Freed by task 169: [ 15.537076] kasan_save_stack+0x3c/0x68 [ 15.537248] kasan_save_track+0x20/0x40 [ 15.537321] kasan_save_free_info+0x4c/0x78 [ 15.537384] __kasan_slab_free+0x6c/0x98 [ 15.537456] kfree+0x214/0x3c8 [ 15.537530] krealloc_uaf+0x12c/0x520 [ 15.537594] kunit_try_run_case+0x170/0x3f0 [ 15.537662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.537704] kthread+0x328/0x630 [ 15.537737] ret_from_fork+0x10/0x20 [ 15.537771] [ 15.537788] The buggy address belongs to the object at fff00000c0923000 [ 15.537788] which belongs to the cache kmalloc-256 of size 256 [ 15.537887] The buggy address is located 0 bytes inside of [ 15.537887] freed 256-byte region [fff00000c0923000, fff00000c0923100) [ 15.538149] [ 15.538168] The buggy address belongs to the physical page: [ 15.538204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.538345] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.538389] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.538437] page_type: f5(slab) [ 15.538479] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.538653] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.538700] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.538802] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.539235] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.539337] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.539379] page dumped because: kasan: bad access detected [ 15.539409] [ 15.539426] Memory state around the buggy address: [ 15.539457] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540138] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540199] >fff00000c0923000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.540235] ^ [ 15.540262] fff00000c0923080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.540303] fff00000c0923100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540338] ================================================================== [ 15.524873] ================================================================== [ 15.525256] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.525413] Read of size 1 at addr fff00000c0923000 by task kunit_try_catch/169 [ 15.525460] [ 15.525491] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.525992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.526020] Hardware name: linux,dummy-virt (DT) [ 15.526051] Call trace: [ 15.526239] show_stack+0x20/0x38 (C) [ 15.526380] dump_stack_lvl+0x8c/0xd0 [ 15.526601] print_report+0x118/0x608 [ 15.526784] kasan_report+0xdc/0x128 [ 15.526827] __kasan_check_byte+0x54/0x70 [ 15.526870] krealloc_noprof+0x44/0x360 [ 15.526916] krealloc_uaf+0x180/0x520 [ 15.526956] kunit_try_run_case+0x170/0x3f0 [ 15.527002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.527053] kthread+0x328/0x630 [ 15.527095] ret_from_fork+0x10/0x20 [ 15.527139] [ 15.527157] Allocated by task 169: [ 15.527185] kasan_save_stack+0x3c/0x68 [ 15.527222] kasan_save_track+0x20/0x40 [ 15.527257] kasan_save_alloc_info+0x40/0x58 [ 15.527294] __kasan_kmalloc+0xd4/0xd8 [ 15.527328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.527373] krealloc_uaf+0xc8/0x520 [ 15.527408] kunit_try_run_case+0x170/0x3f0 [ 15.527684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.528091] kthread+0x328/0x630 [ 15.528352] ret_from_fork+0x10/0x20 [ 15.528388] [ 15.528425] Freed by task 169: [ 15.528462] kasan_save_stack+0x3c/0x68 [ 15.528498] kasan_save_track+0x20/0x40 [ 15.528977] kasan_save_free_info+0x4c/0x78 [ 15.529025] __kasan_slab_free+0x6c/0x98 [ 15.529061] kfree+0x214/0x3c8 [ 15.529361] krealloc_uaf+0x12c/0x520 [ 15.529493] kunit_try_run_case+0x170/0x3f0 [ 15.529531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.529818] kthread+0x328/0x630 [ 15.529947] ret_from_fork+0x10/0x20 [ 15.530438] [ 15.530481] The buggy address belongs to the object at fff00000c0923000 [ 15.530481] which belongs to the cache kmalloc-256 of size 256 [ 15.530648] The buggy address is located 0 bytes inside of [ 15.530648] freed 256-byte region [fff00000c0923000, fff00000c0923100) [ 15.530860] [ 15.531031] The buggy address belongs to the physical page: [ 15.531145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.531240] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.531373] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.531421] page_type: f5(slab) [ 15.531474] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.531521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.531567] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.531672] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.531882] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.531941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.532021] page dumped because: kasan: bad access detected [ 15.532050] [ 15.532067] Memory state around the buggy address: [ 15.532098] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532280] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532410] >fff00000c0923000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.532446] ^ [ 15.532474] fff00000c0923080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.532872] fff00000c0923100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532965] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.502107] ================================================================== [ 15.502214] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.502647] Write of size 1 at addr fff00000c65660da by task kunit_try_catch/167 [ 15.502732] [ 15.502761] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.502843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.502957] Hardware name: linux,dummy-virt (DT) [ 15.503091] Call trace: [ 15.503129] show_stack+0x20/0x38 (C) [ 15.503180] dump_stack_lvl+0x8c/0xd0 [ 15.503231] print_report+0x118/0x608 [ 15.503398] kasan_report+0xdc/0x128 [ 15.503440] __asan_report_store1_noabort+0x20/0x30 [ 15.503494] krealloc_less_oob_helper+0xa80/0xc50 [ 15.503650] krealloc_large_less_oob+0x20/0x38 [ 15.503694] kunit_try_run_case+0x170/0x3f0 [ 15.503741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.503792] kthread+0x328/0x630 [ 15.503835] ret_from_fork+0x10/0x20 [ 15.504034] [ 15.504188] The buggy address belongs to the physical page: [ 15.504225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.504276] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.504320] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.504736] page_type: f8(unknown) [ 15.504826] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.505017] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.505083] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.505129] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.505175] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.505220] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.505379] page dumped because: kasan: bad access detected [ 15.505580] [ 15.505695] Memory state around the buggy address: [ 15.505782] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.505854] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.505895] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.505931] ^ [ 15.505966] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.506206] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.506401] ================================================================== [ 15.491463] ================================================================== [ 15.491533] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.491646] Write of size 1 at addr fff00000c65660c9 by task kunit_try_catch/167 [ 15.491694] [ 15.491726] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.491878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.491928] Hardware name: linux,dummy-virt (DT) [ 15.492147] Call trace: [ 15.492172] show_stack+0x20/0x38 (C) [ 15.492438] dump_stack_lvl+0x8c/0xd0 [ 15.492488] print_report+0x118/0x608 [ 15.492531] kasan_report+0xdc/0x128 [ 15.492750] __asan_report_store1_noabort+0x20/0x30 [ 15.492999] krealloc_less_oob_helper+0xa48/0xc50 [ 15.493177] krealloc_large_less_oob+0x20/0x38 [ 15.493264] kunit_try_run_case+0x170/0x3f0 [ 15.493313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.493364] kthread+0x328/0x630 [ 15.493408] ret_from_fork+0x10/0x20 [ 15.493454] [ 15.493474] The buggy address belongs to the physical page: [ 15.493807] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.494057] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.494143] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.494192] page_type: f8(unknown) [ 15.494230] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.494330] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.494403] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.494560] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.494813] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.495542] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.495678] page dumped because: kasan: bad access detected [ 15.495726] [ 15.495743] Memory state around the buggy address: [ 15.495781] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.495834] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.495874] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.495946] ^ [ 15.496100] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.496326] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.496370] ================================================================== [ 15.447232] ================================================================== [ 15.447279] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.447324] Write of size 1 at addr fff00000c0922eea by task kunit_try_catch/163 [ 15.447371] [ 15.447399] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.447644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.447691] Hardware name: linux,dummy-virt (DT) [ 15.447743] Call trace: [ 15.447764] show_stack+0x20/0x38 (C) [ 15.448014] dump_stack_lvl+0x8c/0xd0 [ 15.448061] print_report+0x118/0x608 [ 15.448104] kasan_report+0xdc/0x128 [ 15.448146] __asan_report_store1_noabort+0x20/0x30 [ 15.448194] krealloc_less_oob_helper+0xae4/0xc50 [ 15.448776] krealloc_less_oob+0x20/0x38 [ 15.448845] kunit_try_run_case+0x170/0x3f0 [ 15.448893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.449205] kthread+0x328/0x630 [ 15.449325] ret_from_fork+0x10/0x20 [ 15.449426] [ 15.449489] Allocated by task 163: [ 15.449516] kasan_save_stack+0x3c/0x68 [ 15.449559] kasan_save_track+0x20/0x40 [ 15.449651] kasan_save_alloc_info+0x40/0x58 [ 15.449688] __kasan_krealloc+0x118/0x178 [ 15.449761] krealloc_noprof+0x128/0x360 [ 15.449926] krealloc_less_oob_helper+0x168/0xc50 [ 15.449963] krealloc_less_oob+0x20/0x38 [ 15.450000] kunit_try_run_case+0x170/0x3f0 [ 15.450037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.450080] kthread+0x328/0x630 [ 15.450113] ret_from_fork+0x10/0x20 [ 15.450147] [ 15.450165] The buggy address belongs to the object at fff00000c0922e00 [ 15.450165] which belongs to the cache kmalloc-256 of size 256 [ 15.450219] The buggy address is located 33 bytes to the right of [ 15.450219] allocated 201-byte region [fff00000c0922e00, fff00000c0922ec9) [ 15.450280] [ 15.450298] The buggy address belongs to the physical page: [ 15.450327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.450377] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.450467] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.450587] page_type: f5(slab) [ 15.451064] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.451446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.451580] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.451654] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.451907] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.453941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.454397] page dumped because: kasan: bad access detected [ 15.455092] [ 15.455153] Memory state around the buggy address: [ 15.455186] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455229] fff00000c0922e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.455282] >fff00000c0922e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.455318] ^ [ 15.455512] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456009] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456052] ================================================================== [ 15.507103] ================================================================== [ 15.507148] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.507194] Write of size 1 at addr fff00000c65660ea by task kunit_try_catch/167 [ 15.507412] [ 15.507498] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.508010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.508080] Hardware name: linux,dummy-virt (DT) [ 15.508160] Call trace: [ 15.508181] show_stack+0x20/0x38 (C) [ 15.508228] dump_stack_lvl+0x8c/0xd0 [ 15.508360] print_report+0x118/0x608 [ 15.508548] kasan_report+0xdc/0x128 [ 15.508603] __asan_report_store1_noabort+0x20/0x30 [ 15.508661] krealloc_less_oob_helper+0xae4/0xc50 [ 15.508706] krealloc_large_less_oob+0x20/0x38 [ 15.508760] kunit_try_run_case+0x170/0x3f0 [ 15.508964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.509015] kthread+0x328/0x630 [ 15.509066] ret_from_fork+0x10/0x20 [ 15.509112] [ 15.509132] The buggy address belongs to the physical page: [ 15.509162] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.509213] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.509555] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.509806] page_type: f8(unknown) [ 15.509848] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.509895] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.509942] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.510016] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.510065] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.510112] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.510149] page dumped because: kasan: bad access detected [ 15.510226] [ 15.510243] Memory state around the buggy address: [ 15.510273] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.510313] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.510353] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.510435] ^ [ 15.510472] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.510513] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.510565] ================================================================== [ 15.510960] ================================================================== [ 15.511185] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.511272] Write of size 1 at addr fff00000c65660eb by task kunit_try_catch/167 [ 15.511347] [ 15.511418] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.511493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.511518] Hardware name: linux,dummy-virt (DT) [ 15.511546] Call trace: [ 15.511566] show_stack+0x20/0x38 (C) [ 15.511610] dump_stack_lvl+0x8c/0xd0 [ 15.511668] print_report+0x118/0x608 [ 15.511721] kasan_report+0xdc/0x128 [ 15.511764] __asan_report_store1_noabort+0x20/0x30 [ 15.512047] krealloc_less_oob_helper+0xa58/0xc50 [ 15.512156] krealloc_large_less_oob+0x20/0x38 [ 15.512200] kunit_try_run_case+0x170/0x3f0 [ 15.512247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.512597] kthread+0x328/0x630 [ 15.512679] ret_from_fork+0x10/0x20 [ 15.513099] [ 15.513205] The buggy address belongs to the physical page: [ 15.513235] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.513327] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.513445] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.513530] page_type: f8(unknown) [ 15.513659] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.513745] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.513812] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.513858] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.513905] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.513951] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.513996] page dumped because: kasan: bad access detected [ 15.514065] [ 15.514151] Memory state around the buggy address: [ 15.514240] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.514280] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.514321] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.514357] ^ [ 15.514393] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.514487] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.515071] ================================================================== [ 15.440425] ================================================================== [ 15.440471] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.440516] Write of size 1 at addr fff00000c0922eda by task kunit_try_catch/163 [ 15.440563] [ 15.440727] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.440819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.440844] Hardware name: linux,dummy-virt (DT) [ 15.440873] Call trace: [ 15.440893] show_stack+0x20/0x38 (C) [ 15.440940] dump_stack_lvl+0x8c/0xd0 [ 15.441900] print_report+0x118/0x608 [ 15.442009] kasan_report+0xdc/0x128 [ 15.442075] __asan_report_store1_noabort+0x20/0x30 [ 15.442194] krealloc_less_oob_helper+0xa80/0xc50 [ 15.442239] krealloc_less_oob+0x20/0x38 [ 15.442282] kunit_try_run_case+0x170/0x3f0 [ 15.442336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.442574] kthread+0x328/0x630 [ 15.442897] ret_from_fork+0x10/0x20 [ 15.443169] [ 15.443463] Allocated by task 163: [ 15.443510] kasan_save_stack+0x3c/0x68 [ 15.443617] kasan_save_track+0x20/0x40 [ 15.443668] kasan_save_alloc_info+0x40/0x58 [ 15.443711] __kasan_krealloc+0x118/0x178 [ 15.443798] krealloc_noprof+0x128/0x360 [ 15.443832] krealloc_less_oob_helper+0x168/0xc50 [ 15.443868] krealloc_less_oob+0x20/0x38 [ 15.443901] kunit_try_run_case+0x170/0x3f0 [ 15.444062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.444288] kthread+0x328/0x630 [ 15.444366] ret_from_fork+0x10/0x20 [ 15.444450] [ 15.444478] The buggy address belongs to the object at fff00000c0922e00 [ 15.444478] which belongs to the cache kmalloc-256 of size 256 [ 15.444581] The buggy address is located 17 bytes to the right of [ 15.444581] allocated 201-byte region [fff00000c0922e00, fff00000c0922ec9) [ 15.444652] [ 15.444671] The buggy address belongs to the physical page: [ 15.444700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.444823] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.444962] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.445104] page_type: f5(slab) [ 15.445199] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.445298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.445346] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.445392] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.445621] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.445851] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.445918] page dumped because: kasan: bad access detected [ 15.445997] [ 15.446015] Memory state around the buggy address: [ 15.446045] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446086] fff00000c0922e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.446126] >fff00000c0922e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.446164] ^ [ 15.446198] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446239] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446285] ================================================================== [ 15.423494] ================================================================== [ 15.424063] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.424340] Write of size 1 at addr fff00000c0922ec9 by task kunit_try_catch/163 [ 15.424591] [ 15.424637] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.424827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.424862] Hardware name: linux,dummy-virt (DT) [ 15.424957] Call trace: [ 15.425004] show_stack+0x20/0x38 (C) [ 15.425115] dump_stack_lvl+0x8c/0xd0 [ 15.425189] print_report+0x118/0x608 [ 15.425293] kasan_report+0xdc/0x128 [ 15.425336] __asan_report_store1_noabort+0x20/0x30 [ 15.425384] krealloc_less_oob_helper+0xa48/0xc50 [ 15.425430] krealloc_less_oob+0x20/0x38 [ 15.425472] kunit_try_run_case+0x170/0x3f0 [ 15.425519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.425580] kthread+0x328/0x630 [ 15.425624] ret_from_fork+0x10/0x20 [ 15.426029] [ 15.426327] Allocated by task 163: [ 15.426558] kasan_save_stack+0x3c/0x68 [ 15.426884] kasan_save_track+0x20/0x40 [ 15.426951] kasan_save_alloc_info+0x40/0x58 [ 15.427164] __kasan_krealloc+0x118/0x178 [ 15.427414] krealloc_noprof+0x128/0x360 [ 15.427550] krealloc_less_oob_helper+0x168/0xc50 [ 15.427587] krealloc_less_oob+0x20/0x38 [ 15.427621] kunit_try_run_case+0x170/0x3f0 [ 15.427668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.427719] kthread+0x328/0x630 [ 15.427753] ret_from_fork+0x10/0x20 [ 15.427787] [ 15.428011] The buggy address belongs to the object at fff00000c0922e00 [ 15.428011] which belongs to the cache kmalloc-256 of size 256 [ 15.428256] The buggy address is located 0 bytes to the right of [ 15.428256] allocated 201-byte region [fff00000c0922e00, fff00000c0922ec9) [ 15.428462] [ 15.428721] The buggy address belongs to the physical page: [ 15.428755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.429034] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.429084] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.429181] page_type: f5(slab) [ 15.429229] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.429655] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.429785] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.429867] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.429913] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.429959] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.430003] page dumped because: kasan: bad access detected [ 15.430122] [ 15.430140] Memory state around the buggy address: [ 15.430176] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.430317] fff00000c0922e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.430366] >fff00000c0922e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.430414] ^ [ 15.430503] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.430603] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.430660] ================================================================== [ 15.456792] ================================================================== [ 15.456964] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.457047] Write of size 1 at addr fff00000c0922eeb by task kunit_try_catch/163 [ 15.457166] [ 15.457235] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.457581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.457994] Hardware name: linux,dummy-virt (DT) [ 15.458209] Call trace: [ 15.458232] show_stack+0x20/0x38 (C) [ 15.458447] dump_stack_lvl+0x8c/0xd0 [ 15.458724] print_report+0x118/0x608 [ 15.458928] kasan_report+0xdc/0x128 [ 15.459010] __asan_report_store1_noabort+0x20/0x30 [ 15.459166] krealloc_less_oob_helper+0xa58/0xc50 [ 15.459415] krealloc_less_oob+0x20/0x38 [ 15.459487] kunit_try_run_case+0x170/0x3f0 [ 15.459533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.459777] kthread+0x328/0x630 [ 15.460142] ret_from_fork+0x10/0x20 [ 15.460342] [ 15.460361] Allocated by task 163: [ 15.460422] kasan_save_stack+0x3c/0x68 [ 15.460460] kasan_save_track+0x20/0x40 [ 15.460494] kasan_save_alloc_info+0x40/0x58 [ 15.460530] __kasan_krealloc+0x118/0x178 [ 15.460564] krealloc_noprof+0x128/0x360 [ 15.460598] krealloc_less_oob_helper+0x168/0xc50 [ 15.460646] krealloc_less_oob+0x20/0x38 [ 15.460679] kunit_try_run_case+0x170/0x3f0 [ 15.460715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.461003] kthread+0x328/0x630 [ 15.461039] ret_from_fork+0x10/0x20 [ 15.461074] [ 15.461093] The buggy address belongs to the object at fff00000c0922e00 [ 15.461093] which belongs to the cache kmalloc-256 of size 256 [ 15.461147] The buggy address is located 34 bytes to the right of [ 15.461147] allocated 201-byte region [fff00000c0922e00, fff00000c0922ec9) [ 15.461211] [ 15.461231] The buggy address belongs to the physical page: [ 15.461270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.461320] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.461374] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.461613] page_type: f5(slab) [ 15.461996] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.462049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.462316] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.462432] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.462578] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.462673] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.462712] page dumped because: kasan: bad access detected [ 15.463055] [ 15.463078] Memory state around the buggy address: [ 15.463126] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463181] fff00000c0922e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.463240] >fff00000c0922e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.463278] ^ [ 15.463419] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463695] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463830] ================================================================== [ 15.433308] ================================================================== [ 15.433602] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.433880] Write of size 1 at addr fff00000c0922ed0 by task kunit_try_catch/163 [ 15.434005] [ 15.434036] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.434112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.434168] Hardware name: linux,dummy-virt (DT) [ 15.434200] Call trace: [ 15.434488] show_stack+0x20/0x38 (C) [ 15.434575] dump_stack_lvl+0x8c/0xd0 [ 15.434623] print_report+0x118/0x608 [ 15.434990] kasan_report+0xdc/0x128 [ 15.435100] __asan_report_store1_noabort+0x20/0x30 [ 15.435149] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.435201] krealloc_less_oob+0x20/0x38 [ 15.435337] kunit_try_run_case+0x170/0x3f0 [ 15.435478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.435537] kthread+0x328/0x630 [ 15.435691] ret_from_fork+0x10/0x20 [ 15.435816] [ 15.435862] Allocated by task 163: [ 15.435889] kasan_save_stack+0x3c/0x68 [ 15.435933] kasan_save_track+0x20/0x40 [ 15.436024] kasan_save_alloc_info+0x40/0x58 [ 15.436060] __kasan_krealloc+0x118/0x178 [ 15.436095] krealloc_noprof+0x128/0x360 [ 15.436129] krealloc_less_oob_helper+0x168/0xc50 [ 15.436383] krealloc_less_oob+0x20/0x38 [ 15.436424] kunit_try_run_case+0x170/0x3f0 [ 15.436462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.436505] kthread+0x328/0x630 [ 15.436538] ret_from_fork+0x10/0x20 [ 15.436572] [ 15.436591] The buggy address belongs to the object at fff00000c0922e00 [ 15.436591] which belongs to the cache kmalloc-256 of size 256 [ 15.437118] The buggy address is located 7 bytes to the right of [ 15.437118] allocated 201-byte region [fff00000c0922e00, fff00000c0922ec9) [ 15.437189] [ 15.437208] The buggy address belongs to the physical page: [ 15.437465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.437522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.437567] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.437637] page_type: f5(slab) [ 15.437674] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.437941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.437996] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.438098] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.438197] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.438283] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.438335] page dumped because: kasan: bad access detected [ 15.438733] [ 15.438756] Memory state around the buggy address: [ 15.438795] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438851] fff00000c0922e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.438892] >fff00000c0922e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.439010] ^ [ 15.439124] fff00000c0922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439269] fff00000c0922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439306] ================================================================== [ 15.497099] ================================================================== [ 15.497146] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.497483] Write of size 1 at addr fff00000c65660d0 by task kunit_try_catch/167 [ 15.497881] [ 15.497925] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.498006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.498031] Hardware name: linux,dummy-virt (DT) [ 15.498066] Call trace: [ 15.498167] show_stack+0x20/0x38 (C) [ 15.498239] dump_stack_lvl+0x8c/0xd0 [ 15.498445] print_report+0x118/0x608 [ 15.498538] kasan_report+0xdc/0x128 [ 15.498580] __asan_report_store1_noabort+0x20/0x30 [ 15.498639] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.498684] krealloc_large_less_oob+0x20/0x38 [ 15.498727] kunit_try_run_case+0x170/0x3f0 [ 15.498773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.498823] kthread+0x328/0x630 [ 15.498867] ret_from_fork+0x10/0x20 [ 15.498911] [ 15.498930] The buggy address belongs to the physical page: [ 15.498959] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.499008] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.499380] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.499591] page_type: f8(unknown) [ 15.499942] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.500235] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.500318] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.500596] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.500893] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.500942] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.501031] page dumped because: kasan: bad access detected [ 15.501062] [ 15.501266] Memory state around the buggy address: [ 15.501307] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.501435] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.501508] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.501567] ^ [ 15.501641] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.501681] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.501719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.403593] ================================================================== [ 15.403660] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.403709] Write of size 1 at addr fff00000c0922ceb by task kunit_try_catch/161 [ 15.404095] [ 15.404214] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.404294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404319] Hardware name: linux,dummy-virt (DT) [ 15.404370] Call trace: [ 15.404391] show_stack+0x20/0x38 (C) [ 15.404440] dump_stack_lvl+0x8c/0xd0 [ 15.404842] print_report+0x118/0x608 [ 15.404902] kasan_report+0xdc/0x128 [ 15.404964] __asan_report_store1_noabort+0x20/0x30 [ 15.405052] krealloc_more_oob_helper+0x60c/0x678 [ 15.405191] krealloc_more_oob+0x20/0x38 [ 15.405270] kunit_try_run_case+0x170/0x3f0 [ 15.405320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.405392] kthread+0x328/0x630 [ 15.405471] ret_from_fork+0x10/0x20 [ 15.405686] [ 15.405704] Allocated by task 161: [ 15.405740] kasan_save_stack+0x3c/0x68 [ 15.405848] kasan_save_track+0x20/0x40 [ 15.405910] kasan_save_alloc_info+0x40/0x58 [ 15.405963] __kasan_krealloc+0x118/0x178 [ 15.406003] krealloc_noprof+0x128/0x360 [ 15.406077] krealloc_more_oob_helper+0x168/0x678 [ 15.406222] krealloc_more_oob+0x20/0x38 [ 15.406255] kunit_try_run_case+0x170/0x3f0 [ 15.406293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.406355] kthread+0x328/0x630 [ 15.406510] ret_from_fork+0x10/0x20 [ 15.406621] [ 15.406648] The buggy address belongs to the object at fff00000c0922c00 [ 15.406648] which belongs to the cache kmalloc-256 of size 256 [ 15.406704] The buggy address is located 0 bytes to the right of [ 15.406704] allocated 235-byte region [fff00000c0922c00, fff00000c0922ceb) [ 15.407085] [ 15.407337] The buggy address belongs to the physical page: [ 15.407372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.407569] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.407614] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.407673] page_type: f5(slab) [ 15.407709] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.408247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.408332] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.408378] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.408425] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.408471] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.408519] page dumped because: kasan: bad access detected [ 15.408549] [ 15.408567] Memory state around the buggy address: [ 15.409000] fff00000c0922b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409047] fff00000c0922c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.409117] >fff00000c0922c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.409154] ^ [ 15.409191] fff00000c0922d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409232] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409268] ================================================================== [ 15.472868] ================================================================== [ 15.472925] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.473006] Write of size 1 at addr fff00000c65660eb by task kunit_try_catch/165 [ 15.473056] [ 15.473087] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.473344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.473403] Hardware name: linux,dummy-virt (DT) [ 15.473433] Call trace: [ 15.473499] show_stack+0x20/0x38 (C) [ 15.473650] dump_stack_lvl+0x8c/0xd0 [ 15.473698] print_report+0x118/0x608 [ 15.473787] kasan_report+0xdc/0x128 [ 15.473962] __asan_report_store1_noabort+0x20/0x30 [ 15.474014] krealloc_more_oob_helper+0x60c/0x678 [ 15.474060] krealloc_large_more_oob+0x20/0x38 [ 15.474105] kunit_try_run_case+0x170/0x3f0 [ 15.474192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.474294] kthread+0x328/0x630 [ 15.474487] ret_from_fork+0x10/0x20 [ 15.475226] [ 15.475253] The buggy address belongs to the physical page: [ 15.475286] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.475564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.475609] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.475895] page_type: f8(unknown) [ 15.476030] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.476079] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.476274] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.476325] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.476466] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.476527] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.476653] page dumped because: kasan: bad access detected [ 15.476703] [ 15.476819] Memory state around the buggy address: [ 15.476855] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.476964] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.477004] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.477041] ^ [ 15.477077] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.477121] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.477158] ================================================================== [ 15.478039] ================================================================== [ 15.478086] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.478304] Write of size 1 at addr fff00000c65660f0 by task kunit_try_catch/165 [ 15.478506] [ 15.478539] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.479004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.479169] Hardware name: linux,dummy-virt (DT) [ 15.479206] Call trace: [ 15.479288] show_stack+0x20/0x38 (C) [ 15.479367] dump_stack_lvl+0x8c/0xd0 [ 15.479447] print_report+0x118/0x608 [ 15.479710] kasan_report+0xdc/0x128 [ 15.479886] __asan_report_store1_noabort+0x20/0x30 [ 15.479940] krealloc_more_oob_helper+0x5c0/0x678 [ 15.479994] krealloc_large_more_oob+0x20/0x38 [ 15.480038] kunit_try_run_case+0x170/0x3f0 [ 15.480084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.480135] kthread+0x328/0x630 [ 15.480248] ret_from_fork+0x10/0x20 [ 15.480325] [ 15.480345] The buggy address belongs to the physical page: [ 15.480791] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106564 [ 15.480847] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.480892] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.480942] page_type: f8(unknown) [ 15.480978] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.481026] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.481073] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.481172] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.481382] head: 0bfffe0000000002 ffffc1ffc3195901 00000000ffffffff 00000000ffffffff [ 15.481554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.481593] page dumped because: kasan: bad access detected [ 15.481653] [ 15.481670] Memory state around the buggy address: [ 15.481736] fff00000c6565f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.481904] fff00000c6566000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.481946] >fff00000c6566080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.481988] ^ [ 15.482025] fff00000c6566100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.482066] fff00000c6566180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.482148] ================================================================== [ 15.410461] ================================================================== [ 15.410508] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.410554] Write of size 1 at addr fff00000c0922cf0 by task kunit_try_catch/161 [ 15.410601] [ 15.410643] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.410720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.410745] Hardware name: linux,dummy-virt (DT) [ 15.410774] Call trace: [ 15.410794] show_stack+0x20/0x38 (C) [ 15.410839] dump_stack_lvl+0x8c/0xd0 [ 15.410885] print_report+0x118/0x608 [ 15.410927] kasan_report+0xdc/0x128 [ 15.411041] __asan_report_store1_noabort+0x20/0x30 [ 15.411792] krealloc_more_oob_helper+0x5c0/0x678 [ 15.412065] krealloc_more_oob+0x20/0x38 [ 15.412202] kunit_try_run_case+0x170/0x3f0 [ 15.412287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.412373] kthread+0x328/0x630 [ 15.412420] ret_from_fork+0x10/0x20 [ 15.412481] [ 15.412499] Allocated by task 161: [ 15.412526] kasan_save_stack+0x3c/0x68 [ 15.412562] kasan_save_track+0x20/0x40 [ 15.412596] kasan_save_alloc_info+0x40/0x58 [ 15.412644] __kasan_krealloc+0x118/0x178 [ 15.413094] krealloc_noprof+0x128/0x360 [ 15.413174] krealloc_more_oob_helper+0x168/0x678 [ 15.413281] krealloc_more_oob+0x20/0x38 [ 15.413327] kunit_try_run_case+0x170/0x3f0 [ 15.413417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.413551] kthread+0x328/0x630 [ 15.413614] ret_from_fork+0x10/0x20 [ 15.413658] [ 15.413677] The buggy address belongs to the object at fff00000c0922c00 [ 15.413677] which belongs to the cache kmalloc-256 of size 256 [ 15.413777] The buggy address is located 5 bytes to the right of [ 15.413777] allocated 235-byte region [fff00000c0922c00, fff00000c0922ceb) [ 15.413837] [ 15.413856] The buggy address belongs to the physical page: [ 15.413892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 15.414113] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.414223] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.414270] page_type: f5(slab) [ 15.414312] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.414491] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.414572] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.415143] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.415199] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 15.415246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.415285] page dumped because: kasan: bad access detected [ 15.415315] [ 15.415333] Memory state around the buggy address: [ 15.415413] fff00000c0922b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415749] fff00000c0922c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.415892] >fff00000c0922c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.415928] ^ [ 15.416329] fff00000c0922d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416382] fff00000c0922d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.386885] ================================================================== [ 15.386949] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.387154] Read of size 1 at addr fff00000c78a0000 by task kunit_try_catch/159 [ 15.387309] [ 15.387388] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.387741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.387861] Hardware name: linux,dummy-virt (DT) [ 15.387980] Call trace: [ 15.388002] show_stack+0x20/0x38 (C) [ 15.388050] dump_stack_lvl+0x8c/0xd0 [ 15.388353] print_report+0x118/0x608 [ 15.388727] kasan_report+0xdc/0x128 [ 15.388814] __asan_report_load1_noabort+0x20/0x30 [ 15.388900] page_alloc_uaf+0x328/0x350 [ 15.388955] kunit_try_run_case+0x170/0x3f0 [ 15.389003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.389107] kthread+0x328/0x630 [ 15.389188] ret_from_fork+0x10/0x20 [ 15.389235] [ 15.389254] The buggy address belongs to the physical page: [ 15.389285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 15.389334] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.389656] page_type: f0(buddy) [ 15.389846] raw: 0bfffe0000000000 fff00000ff616088 fff00000ff616088 0000000000000000 [ 15.390000] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 15.390101] page dumped because: kasan: bad access detected [ 15.390142] [ 15.390159] Memory state around the buggy address: [ 15.390190] fff00000c789ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.390231] fff00000c789ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.390939] >fff00000c78a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.391004] ^ [ 15.391032] fff00000c78a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.391115] fff00000c78a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.391315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.363542] ================================================================== [ 15.363914] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.364059] Free of addr fff00000c6560001 by task kunit_try_catch/155 [ 15.364104] [ 15.364136] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.364768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.364811] Hardware name: linux,dummy-virt (DT) [ 15.364843] Call trace: [ 15.364865] show_stack+0x20/0x38 (C) [ 15.365018] dump_stack_lvl+0x8c/0xd0 [ 15.365087] print_report+0x118/0x608 [ 15.365129] kasan_report_invalid_free+0xc0/0xe8 [ 15.365524] __kasan_kfree_large+0x5c/0xa8 [ 15.365591] free_large_kmalloc+0x64/0x190 [ 15.365972] kfree+0x270/0x3c8 [ 15.366042] kmalloc_large_invalid_free+0x108/0x270 [ 15.366091] kunit_try_run_case+0x170/0x3f0 [ 15.366139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.366190] kthread+0x328/0x630 [ 15.366244] ret_from_fork+0x10/0x20 [ 15.366290] [ 15.366310] The buggy address belongs to the physical page: [ 15.366615] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106560 [ 15.367034] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.367163] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.367247] page_type: f8(unknown) [ 15.367284] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.367566] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.367615] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.367671] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.367717] head: 0bfffe0000000002 ffffc1ffc3195801 00000000ffffffff 00000000ffffffff [ 15.367764] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.367802] page dumped because: kasan: bad access detected [ 15.368041] [ 15.368061] Memory state around the buggy address: [ 15.368093] fff00000c655ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.368134] fff00000c655ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.368177] >fff00000c6560000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.368689] ^ [ 15.368861] fff00000c6560080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.368907] fff00000c6560100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.368956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.350586] ================================================================== [ 15.350661] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.350712] Read of size 1 at addr fff00000c6560000 by task kunit_try_catch/153 [ 15.350769] [ 15.350801] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.350878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.350902] Hardware name: linux,dummy-virt (DT) [ 15.350931] Call trace: [ 15.350969] show_stack+0x20/0x38 (C) [ 15.351016] dump_stack_lvl+0x8c/0xd0 [ 15.351061] print_report+0x118/0x608 [ 15.351137] kasan_report+0xdc/0x128 [ 15.351179] __asan_report_load1_noabort+0x20/0x30 [ 15.351225] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.351269] kunit_try_run_case+0x170/0x3f0 [ 15.351315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.351365] kthread+0x328/0x630 [ 15.351778] ret_from_fork+0x10/0x20 [ 15.351845] [ 15.351865] The buggy address belongs to the physical page: [ 15.352248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106560 [ 15.352365] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.352430] raw: 0bfffe0000000000 ffffc1ffc3195908 fff00000da47de00 0000000000000000 [ 15.352478] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.352641] page dumped because: kasan: bad access detected [ 15.352671] [ 15.352689] Memory state around the buggy address: [ 15.352742] fff00000c655ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352784] fff00000c655ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352824] >fff00000c6560000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.352913] ^ [ 15.352941] fff00000c6560080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.353116] fff00000c6560100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.353183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.337692] ================================================================== [ 15.337876] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.337961] Write of size 1 at addr fff00000c656200a by task kunit_try_catch/151 [ 15.338019] [ 15.338270] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.338489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338638] Hardware name: linux,dummy-virt (DT) [ 15.338672] Call trace: [ 15.338786] show_stack+0x20/0x38 (C) [ 15.338839] dump_stack_lvl+0x8c/0xd0 [ 15.339165] print_report+0x118/0x608 [ 15.339292] kasan_report+0xdc/0x128 [ 15.339336] __asan_report_store1_noabort+0x20/0x30 [ 15.339479] kmalloc_large_oob_right+0x278/0x2b8 [ 15.339713] kunit_try_run_case+0x170/0x3f0 [ 15.339918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.340014] kthread+0x328/0x630 [ 15.340061] ret_from_fork+0x10/0x20 [ 15.340128] [ 15.340181] The buggy address belongs to the physical page: [ 15.340215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106560 [ 15.340594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.340740] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.340920] page_type: f8(unknown) [ 15.340996] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.341202] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.341280] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.341540] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.341780] head: 0bfffe0000000002 ffffc1ffc3195801 00000000ffffffff 00000000ffffffff [ 15.341876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.341917] page dumped because: kasan: bad access detected [ 15.342280] [ 15.342477] Memory state around the buggy address: [ 15.342711] fff00000c6561f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.342926] fff00000c6561f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.343137] >fff00000c6562000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.343174] ^ [ 15.343246] fff00000c6562080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.343809] fff00000c6562100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.344034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.282288] ================================================================== [ 15.282356] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.282408] Write of size 1 at addr fff00000c7881f00 by task kunit_try_catch/149 [ 15.282474] [ 15.282506] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.282584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.282609] Hardware name: linux,dummy-virt (DT) [ 15.283139] Call trace: [ 15.283177] show_stack+0x20/0x38 (C) [ 15.283229] dump_stack_lvl+0x8c/0xd0 [ 15.283275] print_report+0x118/0x608 [ 15.283317] kasan_report+0xdc/0x128 [ 15.283849] __asan_report_store1_noabort+0x20/0x30 [ 15.283944] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.284005] kunit_try_run_case+0x170/0x3f0 [ 15.284059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.284166] kthread+0x328/0x630 [ 15.284215] ret_from_fork+0x10/0x20 [ 15.284260] [ 15.284278] Allocated by task 149: [ 15.284305] kasan_save_stack+0x3c/0x68 [ 15.284342] kasan_save_track+0x20/0x40 [ 15.284376] kasan_save_alloc_info+0x40/0x58 [ 15.284413] __kasan_kmalloc+0xd4/0xd8 [ 15.284446] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.284481] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.284518] kunit_try_run_case+0x170/0x3f0 [ 15.285361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.285578] kthread+0x328/0x630 [ 15.285618] ret_from_fork+0x10/0x20 [ 15.286035] [ 15.286072] The buggy address belongs to the object at fff00000c7880000 [ 15.286072] which belongs to the cache kmalloc-8k of size 8192 [ 15.286269] The buggy address is located 0 bytes to the right of [ 15.286269] allocated 7936-byte region [fff00000c7880000, fff00000c7881f00) [ 15.286578] [ 15.286651] The buggy address belongs to the physical page: [ 15.286802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107880 [ 15.287251] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.287482] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.287746] page_type: f5(slab) [ 15.287790] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.288226] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.288294] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.288341] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.288942] head: 0bfffe0000000003 ffffc1ffc31e2001 00000000ffffffff 00000000ffffffff [ 15.289153] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.289314] page dumped because: kasan: bad access detected [ 15.289345] [ 15.289536] Memory state around the buggy address: [ 15.289696] fff00000c7881e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.289984] fff00000c7881e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.290193] >fff00000c7881f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290351] ^ [ 15.290528] fff00000c7881f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290733] fff00000c7882000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.290950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.267646] ================================================================== [ 15.267708] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.268001] Write of size 1 at addr fff00000c637a478 by task kunit_try_catch/147 [ 15.268192] [ 15.268258] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.268377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.268413] Hardware name: linux,dummy-virt (DT) [ 15.268463] Call trace: [ 15.268494] show_stack+0x20/0x38 (C) [ 15.268543] dump_stack_lvl+0x8c/0xd0 [ 15.268600] print_report+0x118/0x608 [ 15.268654] kasan_report+0xdc/0x128 [ 15.268707] __asan_report_store1_noabort+0x20/0x30 [ 15.268756] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.268806] kunit_try_run_case+0x170/0x3f0 [ 15.268876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.269120] kthread+0x328/0x630 [ 15.269391] ret_from_fork+0x10/0x20 [ 15.269685] [ 15.269763] Allocated by task 147: [ 15.269895] kasan_save_stack+0x3c/0x68 [ 15.270030] kasan_save_track+0x20/0x40 [ 15.270066] kasan_save_alloc_info+0x40/0x58 [ 15.270283] __kasan_kmalloc+0xd4/0xd8 [ 15.270425] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.270699] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.270873] kunit_try_run_case+0x170/0x3f0 [ 15.271073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.271119] kthread+0x328/0x630 [ 15.271185] ret_from_fork+0x10/0x20 [ 15.271377] [ 15.271461] The buggy address belongs to the object at fff00000c637a400 [ 15.271461] which belongs to the cache kmalloc-128 of size 128 [ 15.271564] The buggy address is located 0 bytes to the right of [ 15.271564] allocated 120-byte region [fff00000c637a400, fff00000c637a478) [ 15.271763] [ 15.271991] The buggy address belongs to the physical page: [ 15.272023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.272233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.272437] page_type: f5(slab) [ 15.272624] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.272710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.272873] page dumped because: kasan: bad access detected [ 15.273084] [ 15.273291] Memory state around the buggy address: [ 15.273350] fff00000c637a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.273498] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273651] >fff00000c637a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.273690] ^ [ 15.273773] fff00000c637a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273998] fff00000c637a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274143] ================================================================== [ 15.258862] ================================================================== [ 15.258974] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.259218] Write of size 1 at addr fff00000c637a378 by task kunit_try_catch/147 [ 15.259280] [ 15.259476] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.259572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.259598] Hardware name: linux,dummy-virt (DT) [ 15.259640] Call trace: [ 15.259662] show_stack+0x20/0x38 (C) [ 15.259710] dump_stack_lvl+0x8c/0xd0 [ 15.259757] print_report+0x118/0x608 [ 15.259829] kasan_report+0xdc/0x128 [ 15.259874] __asan_report_store1_noabort+0x20/0x30 [ 15.259922] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.260311] kunit_try_run_case+0x170/0x3f0 [ 15.260368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.260492] kthread+0x328/0x630 [ 15.260555] ret_from_fork+0x10/0x20 [ 15.260711] [ 15.260836] Allocated by task 147: [ 15.260942] kasan_save_stack+0x3c/0x68 [ 15.261071] kasan_save_track+0x20/0x40 [ 15.261109] kasan_save_alloc_info+0x40/0x58 [ 15.261221] __kasan_kmalloc+0xd4/0xd8 [ 15.261650] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.262116] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.262213] kunit_try_run_case+0x170/0x3f0 [ 15.262303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.262450] kthread+0x328/0x630 [ 15.262772] ret_from_fork+0x10/0x20 [ 15.262843] [ 15.262928] The buggy address belongs to the object at fff00000c637a300 [ 15.262928] which belongs to the cache kmalloc-128 of size 128 [ 15.263133] The buggy address is located 0 bytes to the right of [ 15.263133] allocated 120-byte region [fff00000c637a300, fff00000c637a378) [ 15.263348] [ 15.263563] The buggy address belongs to the physical page: [ 15.263597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.263810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.264029] page_type: f5(slab) [ 15.264069] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.264123] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264161] page dumped because: kasan: bad access detected [ 15.264190] [ 15.264207] Memory state around the buggy address: [ 15.264542] fff00000c637a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.264646] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264699] >fff00000c637a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.264737] ^ [ 15.264784] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264826] fff00000c637a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264872] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.242218] ================================================================== [ 15.242279] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.242328] Read of size 1 at addr fff00000c652f000 by task kunit_try_catch/145 [ 15.242375] [ 15.242405] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.242481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.242506] Hardware name: linux,dummy-virt (DT) [ 15.242536] Call trace: [ 15.242556] show_stack+0x20/0x38 (C) [ 15.242602] dump_stack_lvl+0x8c/0xd0 [ 15.243406] print_report+0x118/0x608 [ 15.243648] kasan_report+0xdc/0x128 [ 15.243710] __asan_report_load1_noabort+0x20/0x30 [ 15.243760] kmalloc_node_oob_right+0x2f4/0x330 [ 15.243805] kunit_try_run_case+0x170/0x3f0 [ 15.243889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.243963] kthread+0x328/0x630 [ 15.244008] ret_from_fork+0x10/0x20 [ 15.244054] [ 15.244072] Allocated by task 145: [ 15.244100] kasan_save_stack+0x3c/0x68 [ 15.244137] kasan_save_track+0x20/0x40 [ 15.244340] kasan_save_alloc_info+0x40/0x58 [ 15.244575] __kasan_kmalloc+0xd4/0xd8 [ 15.244858] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.244949] kmalloc_node_oob_right+0xbc/0x330 [ 15.245132] kunit_try_run_case+0x170/0x3f0 [ 15.245178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.245221] kthread+0x328/0x630 [ 15.245254] ret_from_fork+0x10/0x20 [ 15.245288] [ 15.245307] The buggy address belongs to the object at fff00000c652e000 [ 15.245307] which belongs to the cache kmalloc-4k of size 4096 [ 15.245362] The buggy address is located 0 bytes to the right of [ 15.245362] allocated 4096-byte region [fff00000c652e000, fff00000c652f000) [ 15.245423] [ 15.245493] The buggy address belongs to the physical page: [ 15.245687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106528 [ 15.246451] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.246551] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.247090] page_type: f5(slab) [ 15.247239] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.247427] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.247743] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.247822] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.247888] head: 0bfffe0000000003 ffffc1ffc3194a01 00000000ffffffff 00000000ffffffff [ 15.247935] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.248655] page dumped because: kasan: bad access detected [ 15.248753] [ 15.248773] Memory state around the buggy address: [ 15.248813] fff00000c652ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.248855] fff00000c652ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.248899] >fff00000c652f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.248965] ^ [ 15.249052] fff00000c652f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249250] fff00000c652f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.249487] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.228070] ================================================================== [ 15.228128] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.228181] Read of size 1 at addr fff00000c627125f by task kunit_try_catch/143 [ 15.228229] [ 15.228262] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.228340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228365] Hardware name: linux,dummy-virt (DT) [ 15.228394] Call trace: [ 15.228415] show_stack+0x20/0x38 (C) [ 15.228461] dump_stack_lvl+0x8c/0xd0 [ 15.228508] print_report+0x118/0x608 [ 15.228574] kasan_report+0xdc/0x128 [ 15.228619] __asan_report_load1_noabort+0x20/0x30 [ 15.228977] kmalloc_oob_left+0x2ec/0x320 [ 15.229104] kunit_try_run_case+0x170/0x3f0 [ 15.229202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.229543] kthread+0x328/0x630 [ 15.229864] ret_from_fork+0x10/0x20 [ 15.230015] [ 15.230034] Allocated by task 10: [ 15.230138] kasan_save_stack+0x3c/0x68 [ 15.230196] kasan_save_track+0x20/0x40 [ 15.230291] kasan_save_alloc_info+0x40/0x58 [ 15.230418] __kasan_kmalloc+0xd4/0xd8 [ 15.230451] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.230493] kvasprintf+0xe0/0x180 [ 15.230548] __kthread_create_on_node+0x16c/0x350 [ 15.230585] kthread_create_on_node+0xe4/0x130 [ 15.230619] create_worker+0x380/0x6b8 [ 15.230663] worker_thread+0x808/0xf38 [ 15.230947] kthread+0x328/0x630 [ 15.230985] ret_from_fork+0x10/0x20 [ 15.231019] [ 15.231038] The buggy address belongs to the object at fff00000c6271240 [ 15.231038] which belongs to the cache kmalloc-16 of size 16 [ 15.231092] The buggy address is located 19 bytes to the right of [ 15.231092] allocated 12-byte region [fff00000c6271240, fff00000c627124c) [ 15.231314] [ 15.231495] The buggy address belongs to the physical page: [ 15.231542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106271 [ 15.231727] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.231797] page_type: f5(slab) [ 15.231890] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.232037] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.232279] page dumped because: kasan: bad access detected [ 15.232406] [ 15.232494] Memory state around the buggy address: [ 15.232607] fff00000c6271100: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 15.232756] fff00000c6271180: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.232938] >fff00000c6271200: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 15.233028] ^ [ 15.233171] fff00000c6271280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233213] fff00000c6271300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233248] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.205802] ================================================================== [ 15.205840] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.205886] Write of size 1 at addr fff00000c637a278 by task kunit_try_catch/141 [ 15.205933] [ 15.205962] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.206047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.206072] Hardware name: linux,dummy-virt (DT) [ 15.206100] Call trace: [ 15.206122] show_stack+0x20/0x38 (C) [ 15.206167] dump_stack_lvl+0x8c/0xd0 [ 15.206213] print_report+0x118/0x608 [ 15.206273] kasan_report+0xdc/0x128 [ 15.206318] __asan_report_store1_noabort+0x20/0x30 [ 15.206367] kmalloc_oob_right+0x538/0x660 [ 15.206413] kunit_try_run_case+0x170/0x3f0 [ 15.206480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.206532] kthread+0x328/0x630 [ 15.206584] ret_from_fork+0x10/0x20 [ 15.206640] [ 15.206657] Allocated by task 141: [ 15.206682] kasan_save_stack+0x3c/0x68 [ 15.206718] kasan_save_track+0x20/0x40 [ 15.206752] kasan_save_alloc_info+0x40/0x58 [ 15.206788] __kasan_kmalloc+0xd4/0xd8 [ 15.206820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.206855] kmalloc_oob_right+0xb0/0x660 [ 15.206891] kunit_try_run_case+0x170/0x3f0 [ 15.206927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.206968] kthread+0x328/0x630 [ 15.207001] ret_from_fork+0x10/0x20 [ 15.207035] [ 15.207052] The buggy address belongs to the object at fff00000c637a200 [ 15.207052] which belongs to the cache kmalloc-128 of size 128 [ 15.207105] The buggy address is located 5 bytes to the right of [ 15.207105] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.207164] [ 15.207183] The buggy address belongs to the physical page: [ 15.207225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.207273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.207330] page_type: f5(slab) [ 15.207365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.207411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.207448] page dumped because: kasan: bad access detected [ 15.207477] [ 15.207494] Memory state around the buggy address: [ 15.207522] fff00000c637a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.207579] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207637] >fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.207673] ^ [ 15.207710] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207757] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207792] ================================================================== [ 15.196505] ================================================================== [ 15.197535] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.199608] Write of size 1 at addr fff00000c637a273 by task kunit_try_catch/141 [ 15.199779] [ 15.200622] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G N 6.15.5-rc2 #1 PREEMPT [ 15.200785] Tainted: [N]=TEST [ 15.200817] Hardware name: linux,dummy-virt (DT) [ 15.201047] Call trace: [ 15.201219] show_stack+0x20/0x38 (C) [ 15.201353] dump_stack_lvl+0x8c/0xd0 [ 15.201414] print_report+0x118/0x608 [ 15.201458] kasan_report+0xdc/0x128 [ 15.201501] __asan_report_store1_noabort+0x20/0x30 [ 15.201549] kmalloc_oob_right+0x5a4/0x660 [ 15.201595] kunit_try_run_case+0x170/0x3f0 [ 15.201660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.201712] kthread+0x328/0x630 [ 15.201758] ret_from_fork+0x10/0x20 [ 15.201916] [ 15.201959] Allocated by task 141: [ 15.202081] kasan_save_stack+0x3c/0x68 [ 15.202143] kasan_save_track+0x20/0x40 [ 15.202177] kasan_save_alloc_info+0x40/0x58 [ 15.202214] __kasan_kmalloc+0xd4/0xd8 [ 15.202247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.202284] kmalloc_oob_right+0xb0/0x660 [ 15.202320] kunit_try_run_case+0x170/0x3f0 [ 15.202357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.202398] kthread+0x328/0x630 [ 15.202432] ret_from_fork+0x10/0x20 [ 15.202486] [ 15.202545] The buggy address belongs to the object at fff00000c637a200 [ 15.202545] which belongs to the cache kmalloc-128 of size 128 [ 15.202653] The buggy address is located 0 bytes to the right of [ 15.202653] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.202724] [ 15.202806] The buggy address belongs to the physical page: [ 15.202982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.203253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.203553] page_type: f5(slab) [ 15.203862] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.203926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.204095] page dumped because: kasan: bad access detected [ 15.204138] [ 15.204163] Memory state around the buggy address: [ 15.204391] fff00000c637a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.204465] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204519] >fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.204570] ^ [ 15.204665] fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204706] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204771] ================================================================== [ 15.208099] ================================================================== [ 15.208268] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.208312] Read of size 1 at addr fff00000c637a280 by task kunit_try_catch/141 [ 15.208357] [ 15.208383] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.208458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.208482] Hardware name: linux,dummy-virt (DT) [ 15.208583] Call trace: [ 15.208625] show_stack+0x20/0x38 (C) [ 15.208685] dump_stack_lvl+0x8c/0xd0 [ 15.208730] print_report+0x118/0x608 [ 15.208773] kasan_report+0xdc/0x128 [ 15.208814] __asan_report_load1_noabort+0x20/0x30 [ 15.208861] kmalloc_oob_right+0x5d0/0x660 [ 15.208918] kunit_try_run_case+0x170/0x3f0 [ 15.208996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.209194] kthread+0x328/0x630 [ 15.209309] ret_from_fork+0x10/0x20 [ 15.209424] [ 15.209502] Allocated by task 141: [ 15.209600] kasan_save_stack+0x3c/0x68 [ 15.209646] kasan_save_track+0x20/0x40 [ 15.209818] kasan_save_alloc_info+0x40/0x58 [ 15.209944] __kasan_kmalloc+0xd4/0xd8 [ 15.210060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.210216] kmalloc_oob_right+0xb0/0x660 [ 15.210332] kunit_try_run_case+0x170/0x3f0 [ 15.210424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.210544] kthread+0x328/0x630 [ 15.210578] ret_from_fork+0x10/0x20 [ 15.210844] [ 15.210912] The buggy address belongs to the object at fff00000c637a200 [ 15.210912] which belongs to the cache kmalloc-128 of size 128 [ 15.211069] The buggy address is located 13 bytes to the right of [ 15.211069] allocated 115-byte region [fff00000c637a200, fff00000c637a273) [ 15.211197] [ 15.211216] The buggy address belongs to the physical page: [ 15.211244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10637a [ 15.211538] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.211718] page_type: f5(slab) [ 15.211890] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.212038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.212076] page dumped because: kasan: bad access detected [ 15.212105] [ 15.212144] Memory state around the buggy address: [ 15.212173] fff00000c637a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212214] fff00000c637a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.212255] >fff00000c637a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212290] ^ [ 15.212315] fff00000c637a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212354] fff00000c637a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212389] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.122140] WARNING: CPU: 0 PID: 661 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.124001] Modules linked in: [ 95.124876] CPU: 0 UID: 0 PID: 661 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc2 #1 PREEMPT [ 95.125707] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.126383] Hardware name: linux,dummy-virt (DT) [ 95.126866] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.127155] pc : intlog10+0x38/0x48 [ 95.127337] lr : intlog10_test+0xe4/0x200 [ 95.127524] sp : ffff800082107c10 [ 95.128155] x29: ffff800082107c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.129156] x26: 1ffe00001882f961 x25: 0000000000000000 x24: ffff800082107ce0 [ 95.130032] x23: ffff800082107d00 x22: 0000000000000000 x21: 1ffff00010420f82 [ 95.130806] x20: ffffaa3600435180 x19: ffff800080087990 x18: 00000000578b2dfa [ 95.131677] x17: 0000000051aa2027 x16: fff00000c096dc3c x15: 0000000020944b5a [ 95.132312] x14: 00000000f1f1f1f1 x13: 1ffe00001b49381d x12: ffff7546c0839b71 [ 95.132920] x11: 1ffff546c0839b70 x10: ffff7546c0839b70 x9 : ffffaa35fda14f04 [ 95.133268] x8 : ffffaa36041cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.133600] x5 : ffff700010420f82 x4 : 1ffff00010010f3a x3 : 1ffff546c0086a30 [ 95.134021] x2 : 1ffff546c0086a30 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.134389] Call trace: [ 95.134565] intlog10+0x38/0x48 (P) [ 95.134848] kunit_try_run_case+0x170/0x3f0 [ 95.135103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.135755] kthread+0x328/0x630 [ 95.136286] ret_from_fork+0x10/0x20 [ 95.136982] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.066928] WARNING: CPU: 1 PID: 643 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.069302] Modules linked in: [ 95.069537] CPU: 1 UID: 0 PID: 643 Comm: kunit_try_catch Tainted: G B D N 6.15.5-rc2 #1 PREEMPT [ 95.071300] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.071964] Hardware name: linux,dummy-virt (DT) [ 95.072640] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.073537] pc : intlog2+0xd8/0xf8 [ 95.074116] lr : intlog2_test+0xe4/0x200 [ 95.074676] sp : ffff800082227c10 [ 95.075220] x29: ffff800082227c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.076057] x26: 1ffe000018ddc301 x25: 0000000000000000 x24: ffff800082227ce0 [ 95.077022] x23: ffff800082227d00 x22: 0000000000000000 x21: 1ffff00010444f82 [ 95.077972] x20: ffffaa3600435080 x19: ffff800080087990 x18: 0000000064f12419 [ 95.078893] x17: 000000006acc7ffb x16: fff00000c096e03c x15: 00000000d01085f5 [ 95.079252] x14: 00000000f1f1f1f1 x13: 1ffe00001b48f41d x12: ffff7546c0839b71 [ 95.079599] x11: 1ffff546c0839b70 x10: ffff7546c0839b70 x9 : ffffaa35fda15104 [ 95.080771] x8 : ffffaa36041cdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.081785] x5 : ffff700010444f82 x4 : 1ffff00010010f3a x3 : 1ffff546c0086a10 [ 95.082772] x2 : 1ffff546c0086a10 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.083767] Call trace: [ 95.084232] intlog2+0xd8/0xf8 (P) [ 95.084820] kunit_try_run_case+0x170/0x3f0 [ 95.085797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.086076] kthread+0x328/0x630 [ 95.086265] ret_from_fork+0x10/0x20 [ 95.086475] ---[ end trace 0000000000000000 ]---