Date
July 22, 2025, 2:40 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.648669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858 [ 19.727584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 19.680350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 19.689376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.585481] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 19.567638] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.514389] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.595736] ================================================================== [ 51.595792] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.595792] [ 51.595865] Use-after-free read at 0x00000000c42a51a4 (in kfence-#158): [ 51.595915] test_krealloc+0x51c/0x830 [ 51.595959] kunit_try_run_case+0x170/0x3f0 [ 51.596002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.596045] kthread+0x328/0x630 [ 51.596086] ret_from_fork+0x10/0x20 [ 51.596125] [ 51.596149] kfence-#158: 0x00000000c42a51a4-0x00000000e492c7d0, size=32, cache=kmalloc-32 [ 51.596149] [ 51.596201] allocated by task 339 on cpu 1 at 51.595150s (0.001048s ago): [ 51.596268] test_alloc+0x29c/0x628 [ 51.596322] test_krealloc+0xc0/0x830 [ 51.596360] kunit_try_run_case+0x170/0x3f0 [ 51.596401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.596442] kthread+0x328/0x630 [ 51.596481] ret_from_fork+0x10/0x20 [ 51.596519] [ 51.596542] freed by task 339 on cpu 1 at 51.595370s (0.001168s ago): [ 51.596601] krealloc_noprof+0x148/0x360 [ 51.596638] test_krealloc+0x1dc/0x830 [ 51.596676] kunit_try_run_case+0x170/0x3f0 [ 51.596717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.596758] kthread+0x328/0x630 [ 51.596797] ret_from_fork+0x10/0x20 [ 51.596835] [ 51.596875] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 51.596949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.596979] Hardware name: linux,dummy-virt (DT) [ 51.597012] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.531395] ================================================================== [ 51.531495] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.531495] [ 51.531595] Use-after-free read at 0x000000001f4d1272 (in kfence-#157): [ 51.531650] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.531699] kunit_try_run_case+0x170/0x3f0 [ 51.531746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.531789] kthread+0x328/0x630 [ 51.531834] ret_from_fork+0x10/0x20 [ 51.531873] [ 51.531898] kfence-#157: 0x000000001f4d1272-0x00000000024f6e6d, size=32, cache=test [ 51.531898] [ 51.531951] allocated by task 337 on cpu 1 at 51.491392s (0.040554s ago): [ 51.532018] test_alloc+0x230/0x628 [ 51.532058] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.532099] kunit_try_run_case+0x170/0x3f0 [ 51.532141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.532185] kthread+0x328/0x630 [ 51.532224] ret_from_fork+0x10/0x20 [ 51.532263] [ 51.532300] freed by task 337 on cpu 1 at 51.491512s (0.040784s ago): [ 51.532356] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.532397] kunit_try_run_case+0x170/0x3f0 [ 51.532436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.532477] kthread+0x328/0x630 [ 51.532515] ret_from_fork+0x10/0x20 [ 51.532555] [ 51.532601] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 51.532676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.532704] Hardware name: linux,dummy-virt (DT) [ 51.532740] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.526678] ================================================================== [ 28.526976] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.526976] [ 28.527223] Invalid read at 0x000000000f536a6b: [ 28.527457] test_invalid_access+0xdc/0x1f0 [ 28.527564] kunit_try_run_case+0x170/0x3f0 [ 28.527617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.527671] kthread+0x328/0x630 [ 28.527871] ret_from_fork+0x10/0x20 [ 28.527924] [ 28.527974] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 28.528058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.528093] Hardware name: linux,dummy-virt (DT) [ 28.528141] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.299406] ================================================================== [ 28.299496] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.299496] [ 28.299558] Corrupted memory at 0x00000000e52464d2 [ ! . . . . . . . . . . . . . . . ] (in kfence-#153): [ 28.299870] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.299918] kunit_try_run_case+0x170/0x3f0 [ 28.299962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.300004] kthread+0x328/0x630 [ 28.300045] ret_from_fork+0x10/0x20 [ 28.300085] [ 28.300109] kfence-#153: 0x00000000119c1287-0x000000008774c94d, size=73, cache=kmalloc-96 [ 28.300109] [ 28.300165] allocated by task 327 on cpu 1 at 28.299148s (0.001013s ago): [ 28.300226] test_alloc+0x29c/0x628 [ 28.300266] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.300320] kunit_try_run_case+0x170/0x3f0 [ 28.300360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.300401] kthread+0x328/0x630 [ 28.300440] ret_from_fork+0x10/0x20 [ 28.300479] [ 28.300502] freed by task 327 on cpu 1 at 28.299306s (0.001192s ago): [ 28.300561] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.300603] kunit_try_run_case+0x170/0x3f0 [ 28.300642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.300683] kthread+0x328/0x630 [ 28.300723] ret_from_fork+0x10/0x20 [ 28.300761] [ 28.300807] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 28.300885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.300915] Hardware name: linux,dummy-virt (DT) [ 28.300949] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.091378] ================================================================== [ 28.091470] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.091470] [ 28.091566] Out-of-bounds read at 0x0000000006dfdc9c (105B right of kfence-#151): [ 28.091628] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.091676] kunit_try_run_case+0x170/0x3f0 [ 28.091723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.091765] kthread+0x328/0x630 [ 28.091806] ret_from_fork+0x10/0x20 [ 28.091847] [ 28.091873] kfence-#151: 0x000000003dc99ad7-0x0000000049ba7188, size=73, cache=kmalloc-96 [ 28.091873] [ 28.091925] allocated by task 325 on cpu 0 at 28.091120s (0.000801s ago): [ 28.091995] test_alloc+0x29c/0x628 [ 28.092035] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.092079] kunit_try_run_case+0x170/0x3f0 [ 28.092120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.092161] kthread+0x328/0x630 [ 28.092199] ret_from_fork+0x10/0x20 [ 28.092239] [ 28.092299] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 28.092376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.092406] Hardware name: linux,dummy-virt (DT) [ 28.092441] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.579485] ================================================================== [ 22.579578] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.579578] [ 22.579639] Corrupted memory at 0x00000000a28faedb [ ! ] (in kfence-#98): [ 22.579771] test_corruption+0x284/0x378 [ 22.579814] kunit_try_run_case+0x170/0x3f0 [ 22.579859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.579903] kthread+0x328/0x630 [ 22.579944] ret_from_fork+0x10/0x20 [ 22.579987] [ 22.580011] kfence-#98: 0x000000005ae775dc-0x0000000073b158b9, size=32, cache=kmalloc-32 [ 22.580011] [ 22.580066] allocated by task 313 on cpu 1 at 22.579177s (0.000885s ago): [ 22.580129] test_alloc+0x29c/0x628 [ 22.580167] test_corruption+0x198/0x378 [ 22.580206] kunit_try_run_case+0x170/0x3f0 [ 22.580246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.580301] kthread+0x328/0x630 [ 22.580340] ret_from_fork+0x10/0x20 [ 22.580381] [ 22.580404] freed by task 313 on cpu 1 at 22.579297s (0.001104s ago): [ 22.580465] test_corruption+0x284/0x378 [ 22.580504] kunit_try_run_case+0x170/0x3f0 [ 22.580544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.580585] kthread+0x328/0x630 [ 22.580623] ret_from_fork+0x10/0x20 [ 22.580662] [ 22.580703] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.580779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.580807] Hardware name: linux,dummy-virt (DT) [ 22.580842] ================================================================== [ 23.203412] ================================================================== [ 23.203523] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.203523] [ 23.203586] Corrupted memory at 0x00000000dacacbbe [ ! ] (in kfence-#104): [ 23.203703] test_corruption+0x1d8/0x378 [ 23.203747] kunit_try_run_case+0x170/0x3f0 [ 23.203790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.203831] kthread+0x328/0x630 [ 23.203872] ret_from_fork+0x10/0x20 [ 23.203915] [ 23.203939] kfence-#104: 0x0000000007159c9d-0x000000001144a18a, size=32, cache=test [ 23.203939] [ 23.203994] allocated by task 315 on cpu 1 at 23.203240s (0.000750s ago): [ 23.204055] test_alloc+0x230/0x628 [ 23.204094] test_corruption+0x198/0x378 [ 23.204131] kunit_try_run_case+0x170/0x3f0 [ 23.204172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.204212] kthread+0x328/0x630 [ 23.204252] ret_from_fork+0x10/0x20 [ 23.204304] [ 23.204327] freed by task 315 on cpu 1 at 23.203322s (0.001002s ago): [ 23.204386] test_corruption+0x1d8/0x378 [ 23.204424] kunit_try_run_case+0x170/0x3f0 [ 23.204465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.204506] kthread+0x328/0x630 [ 23.204543] ret_from_fork+0x10/0x20 [ 23.204582] [ 23.204624] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 23.204698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.204726] Hardware name: linux,dummy-virt (DT) [ 23.204760] ================================================================== [ 22.371394] ================================================================== [ 22.371502] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.371502] [ 22.371568] Corrupted memory at 0x00000000b90f1df0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 22.372701] test_corruption+0x278/0x378 [ 22.372755] kunit_try_run_case+0x170/0x3f0 [ 22.372801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.372844] kthread+0x328/0x630 [ 22.372887] ret_from_fork+0x10/0x20 [ 22.372929] [ 22.372954] kfence-#96: 0x00000000100e7be0-0x000000000738ace7, size=32, cache=kmalloc-32 [ 22.372954] [ 22.373011] allocated by task 313 on cpu 1 at 22.371092s (0.001915s ago): [ 22.373074] test_alloc+0x29c/0x628 [ 22.373114] test_corruption+0xdc/0x378 [ 22.373152] kunit_try_run_case+0x170/0x3f0 [ 22.373194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.373236] kthread+0x328/0x630 [ 22.373275] ret_from_fork+0x10/0x20 [ 22.373326] [ 22.373351] freed by task 313 on cpu 1 at 22.371200s (0.002147s ago): [ 22.373410] test_corruption+0x278/0x378 [ 22.373454] kunit_try_run_case+0x170/0x3f0 [ 22.373495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.373536] kthread+0x328/0x630 [ 22.373575] ret_from_fork+0x10/0x20 [ 22.373615] [ 22.373661] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.373741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.373772] Hardware name: linux,dummy-virt (DT) [ 22.373808] ================================================================== [ 22.891371] ================================================================== [ 22.891469] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.891469] [ 22.891530] Corrupted memory at 0x000000007035870f [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 22.891842] test_corruption+0x120/0x378 [ 22.891887] kunit_try_run_case+0x170/0x3f0 [ 22.891931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.891973] kthread+0x328/0x630 [ 22.892015] ret_from_fork+0x10/0x20 [ 22.892056] [ 22.892082] kfence-#101: 0x00000000b303718c-0x0000000029de05ad, size=32, cache=test [ 22.892082] [ 22.892135] allocated by task 315 on cpu 1 at 22.891201s (0.000930s ago): [ 22.892195] test_alloc+0x230/0x628 [ 22.892234] test_corruption+0xdc/0x378 [ 22.892273] kunit_try_run_case+0x170/0x3f0 [ 22.892327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.892368] kthread+0x328/0x630 [ 22.892408] ret_from_fork+0x10/0x20 [ 22.892446] [ 22.892469] freed by task 315 on cpu 1 at 22.891268s (0.001198s ago): [ 22.892528] test_corruption+0x120/0x378 [ 22.892567] kunit_try_run_case+0x170/0x3f0 [ 22.892607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.892648] kthread+0x328/0x630 [ 22.892685] ret_from_fork+0x10/0x20 [ 22.892728] [ 22.892771] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.892845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.892873] Hardware name: linux,dummy-virt (DT) [ 22.892908] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.267341] ================================================================== [ 22.267440] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.267440] [ 22.267502] Invalid free of 0x00000000d9c46ea2 (in kfence-#95): [ 22.267556] test_invalid_addr_free+0xec/0x238 [ 22.267600] kunit_try_run_case+0x170/0x3f0 [ 22.267645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.267684] kthread+0x328/0x630 [ 22.267726] ret_from_fork+0x10/0x20 [ 22.267766] [ 22.267790] kfence-#95: 0x00000000b098f712-0x00000000aa2092be, size=32, cache=test [ 22.267790] [ 22.267842] allocated by task 311 on cpu 0 at 22.267187s (0.000651s ago): [ 22.267904] test_alloc+0x230/0x628 [ 22.267942] test_invalid_addr_free+0xd4/0x238 [ 22.267984] kunit_try_run_case+0x170/0x3f0 [ 22.268023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.268064] kthread+0x328/0x630 [ 22.268102] ret_from_fork+0x10/0x20 [ 22.268141] [ 22.268183] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.268259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.268299] Hardware name: linux,dummy-virt (DT) [ 22.268333] ================================================================== [ 22.163439] ================================================================== [ 22.163530] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.163530] [ 22.163591] Invalid free of 0x0000000041ddc1ac (in kfence-#94): [ 22.163642] test_invalid_addr_free+0x1ac/0x238 [ 22.163689] kunit_try_run_case+0x170/0x3f0 [ 22.163733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.163776] kthread+0x328/0x630 [ 22.163818] ret_from_fork+0x10/0x20 [ 22.163857] [ 22.163884] kfence-#94: 0x0000000066e06f7a-0x00000000065ac352, size=32, cache=kmalloc-32 [ 22.163884] [ 22.163938] allocated by task 309 on cpu 0 at 22.163255s (0.000679s ago): [ 22.164002] test_alloc+0x29c/0x628 [ 22.164041] test_invalid_addr_free+0xd4/0x238 [ 22.164081] kunit_try_run_case+0x170/0x3f0 [ 22.164122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.164163] kthread+0x328/0x630 [ 22.164202] ret_from_fork+0x10/0x20 [ 22.164242] [ 22.164297] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.164374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.164405] Hardware name: linux,dummy-virt (DT) [ 22.164440] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.060446] ================================================================== [ 22.060803] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.060803] [ 22.060880] Invalid free of 0x0000000091641901 (in kfence-#93): [ 22.060931] test_double_free+0x100/0x238 [ 22.061301] kunit_try_run_case+0x170/0x3f0 [ 22.061372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.061416] kthread+0x328/0x630 [ 22.061467] ret_from_fork+0x10/0x20 [ 22.061676] [ 22.061733] kfence-#93: 0x0000000091641901-0x00000000d7e37b44, size=32, cache=test [ 22.061733] [ 22.061811] allocated by task 307 on cpu 0 at 22.059911s (0.001878s ago): [ 22.062081] test_alloc+0x230/0x628 [ 22.062129] test_double_free+0xd4/0x238 [ 22.062175] kunit_try_run_case+0x170/0x3f0 [ 22.062251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.062312] kthread+0x328/0x630 [ 22.062352] ret_from_fork+0x10/0x20 [ 22.062537] [ 22.062769] freed by task 307 on cpu 0 at 22.060257s (0.002491s ago): [ 22.062944] test_double_free+0xf0/0x238 [ 22.062987] kunit_try_run_case+0x170/0x3f0 [ 22.063030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.063072] kthread+0x328/0x630 [ 22.063112] ret_from_fork+0x10/0x20 [ 22.063152] [ 22.063580] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 22.063754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.063980] Hardware name: linux,dummy-virt (DT) [ 22.064211] ================================================================== [ 21.957721] ================================================================== [ 21.957872] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.957872] [ 21.957967] Invalid free of 0x00000000904cbb3c (in kfence-#92): [ 21.958412] test_double_free+0x1bc/0x238 [ 21.958476] kunit_try_run_case+0x170/0x3f0 [ 21.958541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.958622] kthread+0x328/0x630 [ 21.958668] ret_from_fork+0x10/0x20 [ 21.959203] [ 21.959580] kfence-#92: 0x00000000904cbb3c-0x00000000acc730cf, size=32, cache=kmalloc-32 [ 21.959580] [ 21.959922] allocated by task 305 on cpu 0 at 21.956973s (0.002908s ago): [ 21.960027] test_alloc+0x29c/0x628 [ 21.960090] test_double_free+0xd4/0x238 [ 21.960131] kunit_try_run_case+0x170/0x3f0 [ 21.960173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.960215] kthread+0x328/0x630 [ 21.960254] ret_from_fork+0x10/0x20 [ 21.960318] [ 21.960370] freed by task 305 on cpu 0 at 21.957387s (0.002978s ago): [ 21.960432] test_double_free+0x1ac/0x238 [ 21.960478] kunit_try_run_case+0x170/0x3f0 [ 21.960521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.960587] kthread+0x328/0x630 [ 21.960632] ret_from_fork+0x10/0x20 [ 21.960687] [ 21.960735] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.960837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.960877] Hardware name: linux,dummy-virt (DT) [ 21.960920] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.644209] ================================================================== [ 21.644297] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.644297] [ 21.644713] Use-after-free read at 0x00000000bed58b57 (in kfence-#89): [ 21.644822] test_use_after_free_read+0x114/0x248 [ 21.644878] kunit_try_run_case+0x170/0x3f0 [ 21.644922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645004] kthread+0x328/0x630 [ 21.645339] ret_from_fork+0x10/0x20 [ 21.645409] [ 21.645442] kfence-#89: 0x00000000bed58b57-0x000000002854108e, size=32, cache=test [ 21.645442] [ 21.645593] allocated by task 299 on cpu 0 at 21.643762s (0.001823s ago): [ 21.645698] test_alloc+0x230/0x628 [ 21.645797] test_use_after_free_read+0xd0/0x248 [ 21.645840] kunit_try_run_case+0x170/0x3f0 [ 21.645900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645993] kthread+0x328/0x630 [ 21.646046] ret_from_fork+0x10/0x20 [ 21.646094] [ 21.646118] freed by task 299 on cpu 0 at 21.643965s (0.002149s ago): [ 21.646229] test_use_after_free_read+0xf0/0x248 [ 21.646272] kunit_try_run_case+0x170/0x3f0 [ 21.646327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.646368] kthread+0x328/0x630 [ 21.646408] ret_from_fork+0x10/0x20 [ 21.646447] [ 21.646489] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.646577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.646612] Hardware name: linux,dummy-virt (DT) [ 21.646650] ================================================================== [ 21.540011] ================================================================== [ 21.540443] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.540443] [ 21.540569] Use-after-free read at 0x000000008b8bfb66 (in kfence-#88): [ 21.540933] test_use_after_free_read+0x114/0x248 [ 21.541021] kunit_try_run_case+0x170/0x3f0 [ 21.541107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.541150] kthread+0x328/0x630 [ 21.541500] ret_from_fork+0x10/0x20 [ 21.541593] [ 21.541623] kfence-#88: 0x000000008b8bfb66-0x000000004b3c6ddf, size=32, cache=kmalloc-32 [ 21.541623] [ 21.541711] allocated by task 297 on cpu 0 at 21.539509s (0.002162s ago): [ 21.542092] test_alloc+0x29c/0x628 [ 21.542148] test_use_after_free_read+0xd0/0x248 [ 21.542437] kunit_try_run_case+0x170/0x3f0 [ 21.542630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.542711] kthread+0x328/0x630 [ 21.542895] ret_from_fork+0x10/0x20 [ 21.543015] [ 21.543345] freed by task 297 on cpu 0 at 21.539589s (0.003592s ago): [ 21.543472] test_use_after_free_read+0x1c0/0x248 [ 21.543516] kunit_try_run_case+0x170/0x3f0 [ 21.543843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.544069] kthread+0x328/0x630 [ 21.544173] ret_from_fork+0x10/0x20 [ 21.544757] [ 21.544857] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.545032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.545162] Hardware name: linux,dummy-virt (DT) [ 21.545250] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.436134] ================================================================== [ 21.436292] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.436292] [ 21.436661] Out-of-bounds write at 0x000000003de17f05 (1B left of kfence-#87): [ 21.436760] test_out_of_bounds_write+0x100/0x240 [ 21.436811] kunit_try_run_case+0x170/0x3f0 [ 21.437353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.437429] kthread+0x328/0x630 [ 21.437475] ret_from_fork+0x10/0x20 [ 21.437551] [ 21.437608] kfence-#87: 0x00000000dbac01e3-0x00000000aeed0d55, size=32, cache=test [ 21.437608] [ 21.437687] allocated by task 295 on cpu 0 at 21.436008s (0.001674s ago): [ 21.438096] test_alloc+0x230/0x628 [ 21.438398] test_out_of_bounds_write+0xc8/0x240 [ 21.438799] kunit_try_run_case+0x170/0x3f0 [ 21.439155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.439198] kthread+0x328/0x630 [ 21.439238] ret_from_fork+0x10/0x20 [ 21.439293] [ 21.439340] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.439900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.439991] Hardware name: linux,dummy-virt (DT) [ 21.440714] ================================================================== [ 21.332238] ================================================================== [ 21.332338] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.332338] [ 21.332475] Out-of-bounds write at 0x000000002c1cff80 (1B left of kfence-#86): [ 21.332559] test_out_of_bounds_write+0x100/0x240 [ 21.332606] kunit_try_run_case+0x170/0x3f0 [ 21.332801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.333000] kthread+0x328/0x630 [ 21.333104] ret_from_fork+0x10/0x20 [ 21.333181] [ 21.333207] kfence-#86: 0x000000002ea94eb9-0x0000000035224b01, size=32, cache=kmalloc-32 [ 21.333207] [ 21.333337] allocated by task 293 on cpu 0 at 21.331656s (0.001659s ago): [ 21.333437] test_alloc+0x29c/0x628 [ 21.333486] test_out_of_bounds_write+0xc8/0x240 [ 21.333527] kunit_try_run_case+0x170/0x3f0 [ 21.333737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.333927] kthread+0x328/0x630 [ 21.333979] ret_from_fork+0x10/0x20 [ 21.334037] [ 21.334233] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.334338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.334369] Hardware name: linux,dummy-virt (DT) [ 21.334403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.403199] ================================================================== [ 19.403297] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.403361] Read of size 1 at addr ffff800080a67b4a by task kunit_try_catch/255 [ 19.403412] [ 19.403449] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.403533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.403560] Hardware name: linux,dummy-virt (DT) [ 19.403597] Call trace: [ 19.403621] show_stack+0x20/0x38 (C) [ 19.403671] dump_stack_lvl+0x8c/0xd0 [ 19.403729] print_report+0x310/0x5d0 [ 19.403774] kasan_report+0xdc/0x128 [ 19.403820] __asan_report_load1_noabort+0x20/0x30 [ 19.403869] kasan_alloca_oob_right+0x2dc/0x340 [ 19.403920] kunit_try_run_case+0x170/0x3f0 [ 19.403969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404020] kthread+0x328/0x630 [ 19.404065] ret_from_fork+0x10/0x20 [ 19.404114] [ 19.404137] The buggy address belongs to stack of task kunit_try_catch/255 [ 19.404191] [ 19.404211] The buggy address ffff800080a67b4a belongs to a vmalloc virtual mapping [ 19.404257] The buggy address belongs to the physical page: [ 19.404300] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a18 [ 19.404486] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.404790] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.404843] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.404886] page dumped because: kasan: bad access detected [ 19.404920] [ 19.404999] Memory state around the buggy address: [ 19.405040] ffff800080a67a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.405193] ffff800080a67a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.405343] >ffff800080a67b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.405385] ^ [ 19.405427] ffff800080a67b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.405472] ffff800080a67c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.405548] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.124407] ================================================================== [ 21.124508] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.124508] [ 21.124598] Out-of-bounds read at 0x000000008c25199a (32B right of kfence-#84): [ 21.124945] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.125069] kunit_try_run_case+0x170/0x3f0 [ 21.125153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125196] kthread+0x328/0x630 [ 21.125522] ret_from_fork+0x10/0x20 [ 21.125906] [ 21.125950] kfence-#84: 0x00000000a07746e0-0x00000000bdbaa87a, size=32, cache=test [ 21.125950] [ 21.126064] allocated by task 291 on cpu 0 at 21.124273s (0.001731s ago): [ 21.126140] test_alloc+0x230/0x628 [ 21.126200] test_out_of_bounds_read+0x198/0x3e0 [ 21.126529] kunit_try_run_case+0x170/0x3f0 [ 21.126576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.126884] kthread+0x328/0x630 [ 21.127072] ret_from_fork+0x10/0x20 [ 21.127158] [ 21.127206] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 21.127581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.127696] Hardware name: linux,dummy-virt (DT) [ 21.128062] ================================================================== [ 20.501048] ================================================================== [ 20.501150] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.501150] [ 20.501302] Out-of-bounds read at 0x00000000f44b9d1c (1B left of kfence-#78): [ 20.501996] test_out_of_bounds_read+0x114/0x3e0 [ 20.502063] kunit_try_run_case+0x170/0x3f0 [ 20.502109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.502148] kthread+0x328/0x630 [ 20.502507] ret_from_fork+0x10/0x20 [ 20.502642] [ 20.502924] kfence-#78: 0x00000000bca0ca49-0x00000000485a92c9, size=32, cache=kmalloc-32 [ 20.502924] [ 20.503417] allocated by task 289 on cpu 0 at 20.499739s (0.003488s ago): [ 20.504390] test_alloc+0x29c/0x628 [ 20.504458] test_out_of_bounds_read+0xdc/0x3e0 [ 20.504501] kunit_try_run_case+0x170/0x3f0 [ 20.504682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.504729] kthread+0x328/0x630 [ 20.504843] ret_from_fork+0x10/0x20 [ 20.505030] [ 20.505369] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.505459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.505489] Hardware name: linux,dummy-virt (DT) [ 20.505620] ================================================================== [ 20.708003] ================================================================== [ 20.708399] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.708399] [ 20.708499] Out-of-bounds read at 0x000000008c2c97f0 (1B left of kfence-#80): [ 20.708555] test_out_of_bounds_read+0x114/0x3e0 [ 20.708923] kunit_try_run_case+0x170/0x3f0 [ 20.709012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.709305] kthread+0x328/0x630 [ 20.709464] ret_from_fork+0x10/0x20 [ 20.709743] [ 20.709833] kfence-#80: 0x0000000076e07ce2-0x00000000c469caab, size=32, cache=test [ 20.709833] [ 20.709932] allocated by task 291 on cpu 0 at 20.707820s (0.002066s ago): [ 20.710301] test_alloc+0x230/0x628 [ 20.710363] test_out_of_bounds_read+0xdc/0x3e0 [ 20.710552] kunit_try_run_case+0x170/0x3f0 [ 20.710968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.711067] kthread+0x328/0x630 [ 20.711109] ret_from_fork+0x10/0x20 [ 20.711149] [ 20.711200] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.711290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.711498] Hardware name: linux,dummy-virt (DT) [ 20.711636] ================================================================== [ 20.603656] ================================================================== [ 20.603732] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.603732] [ 20.603825] Out-of-bounds read at 0x00000000011edf1d (32B right of kfence-#79): [ 20.603881] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.603952] kunit_try_run_case+0x170/0x3f0 [ 20.604000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.604040] kthread+0x328/0x630 [ 20.604081] ret_from_fork+0x10/0x20 [ 20.604122] [ 20.604145] kfence-#79: 0x00000000699fe4b6-0x0000000099c40871, size=32, cache=kmalloc-32 [ 20.604145] [ 20.604195] allocated by task 289 on cpu 0 at 20.603411s (0.000780s ago): [ 20.604262] test_alloc+0x29c/0x628 [ 20.604312] test_out_of_bounds_read+0x198/0x3e0 [ 20.604351] kunit_try_run_case+0x170/0x3f0 [ 20.604404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.604490] kthread+0x328/0x630 [ 20.604529] ret_from_fork+0x10/0x20 [ 20.604839] [ 20.604972] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.605184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.605213] Hardware name: linux,dummy-virt (DT) [ 20.605245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.416784] ================================================================== [ 20.416846] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.417296] Write of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.417723] [ 20.417777] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.418392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.418646] Hardware name: linux,dummy-virt (DT) [ 20.418702] Call trace: [ 20.418740] show_stack+0x20/0x38 (C) [ 20.418813] dump_stack_lvl+0x8c/0xd0 [ 20.419096] print_report+0x118/0x5d0 [ 20.419323] kasan_report+0xdc/0x128 [ 20.419591] kasan_check_range+0x100/0x1a8 [ 20.419735] __kasan_check_write+0x20/0x30 [ 20.419938] strncpy_from_user+0x3c/0x2a0 [ 20.420131] copy_user_test_oob+0x5c0/0xec8 [ 20.420200] kunit_try_run_case+0x170/0x3f0 [ 20.420251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.420320] kthread+0x328/0x630 [ 20.420369] ret_from_fork+0x10/0x20 [ 20.420974] [ 20.421061] Allocated by task 287: [ 20.421141] kasan_save_stack+0x3c/0x68 [ 20.421192] kasan_save_track+0x20/0x40 [ 20.421698] kasan_save_alloc_info+0x40/0x58 [ 20.422004] __kasan_kmalloc+0xd4/0xd8 [ 20.422219] __kmalloc_noprof+0x198/0x4c8 [ 20.422736] kunit_kmalloc_array+0x34/0x88 [ 20.422811] copy_user_test_oob+0xac/0xec8 [ 20.423060] kunit_try_run_case+0x170/0x3f0 [ 20.423225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.423393] kthread+0x328/0x630 [ 20.423672] ret_from_fork+0x10/0x20 [ 20.423733] [ 20.423756] The buggy address belongs to the object at fff00000c6fc5700 [ 20.423756] which belongs to the cache kmalloc-128 of size 128 [ 20.423836] The buggy address is located 0 bytes inside of [ 20.423836] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.424199] [ 20.424455] The buggy address belongs to the physical page: [ 20.424562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.424732] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.424929] page_type: f5(slab) [ 20.424995] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.425471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.425567] page dumped because: kasan: bad access detected [ 20.425811] [ 20.425865] Memory state around the buggy address: [ 20.425905] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.426086] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.426180] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.426223] ^ [ 20.426278] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.426336] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.426378] ================================================================== [ 20.428775] ================================================================== [ 20.428838] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.428892] Write of size 1 at addr fff00000c6fc5778 by task kunit_try_catch/287 [ 20.429102] [ 20.429148] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.429630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.429903] Hardware name: linux,dummy-virt (DT) [ 20.430161] Call trace: [ 20.430403] show_stack+0x20/0x38 (C) [ 20.430667] dump_stack_lvl+0x8c/0xd0 [ 20.430737] print_report+0x118/0x5d0 [ 20.430819] kasan_report+0xdc/0x128 [ 20.430998] __asan_report_store1_noabort+0x20/0x30 [ 20.431084] strncpy_from_user+0x270/0x2a0 [ 20.431142] copy_user_test_oob+0x5c0/0xec8 [ 20.431189] kunit_try_run_case+0x170/0x3f0 [ 20.431240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.431554] kthread+0x328/0x630 [ 20.431931] ret_from_fork+0x10/0x20 [ 20.432116] [ 20.432220] Allocated by task 287: [ 20.432265] kasan_save_stack+0x3c/0x68 [ 20.432337] kasan_save_track+0x20/0x40 [ 20.432474] kasan_save_alloc_info+0x40/0x58 [ 20.432521] __kasan_kmalloc+0xd4/0xd8 [ 20.432562] __kmalloc_noprof+0x198/0x4c8 [ 20.432604] kunit_kmalloc_array+0x34/0x88 [ 20.432662] copy_user_test_oob+0xac/0xec8 [ 20.432726] kunit_try_run_case+0x170/0x3f0 [ 20.432784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.432836] kthread+0x328/0x630 [ 20.432892] ret_from_fork+0x10/0x20 [ 20.432934] [ 20.432957] The buggy address belongs to the object at fff00000c6fc5700 [ 20.432957] which belongs to the cache kmalloc-128 of size 128 [ 20.433034] The buggy address is located 0 bytes to the right of [ 20.433034] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.433127] [ 20.433170] The buggy address belongs to the physical page: [ 20.433208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.433261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.433461] page_type: f5(slab) [ 20.433601] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.434346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.434417] page dumped because: kasan: bad access detected [ 20.434477] [ 20.434520] Memory state around the buggy address: [ 20.435163] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.435589] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.435685] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.435772] ^ [ 20.435838] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.435926] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.436174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.372817] ================================================================== [ 20.372884] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.372940] Write of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.372997] [ 20.373031] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.373133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.373184] Hardware name: linux,dummy-virt (DT) [ 20.373224] Call trace: [ 20.373251] show_stack+0x20/0x38 (C) [ 20.373324] dump_stack_lvl+0x8c/0xd0 [ 20.373379] print_report+0x118/0x5d0 [ 20.373439] kasan_report+0xdc/0x128 [ 20.373487] kasan_check_range+0x100/0x1a8 [ 20.373543] __kasan_check_write+0x20/0x30 [ 20.373596] copy_user_test_oob+0x35c/0xec8 [ 20.373645] kunit_try_run_case+0x170/0x3f0 [ 20.373696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.373759] kthread+0x328/0x630 [ 20.373806] ret_from_fork+0x10/0x20 [ 20.373867] [ 20.373891] Allocated by task 287: [ 20.373929] kasan_save_stack+0x3c/0x68 [ 20.373982] kasan_save_track+0x20/0x40 [ 20.374031] kasan_save_alloc_info+0x40/0x58 [ 20.374074] __kasan_kmalloc+0xd4/0xd8 [ 20.374117] __kmalloc_noprof+0x198/0x4c8 [ 20.374160] kunit_kmalloc_array+0x34/0x88 [ 20.374201] copy_user_test_oob+0xac/0xec8 [ 20.374241] kunit_try_run_case+0x170/0x3f0 [ 20.374292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.375423] kthread+0x328/0x630 [ 20.375649] ret_from_fork+0x10/0x20 [ 20.375700] [ 20.375749] The buggy address belongs to the object at fff00000c6fc5700 [ 20.375749] which belongs to the cache kmalloc-128 of size 128 [ 20.376091] The buggy address is located 0 bytes inside of [ 20.376091] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.376407] [ 20.376662] The buggy address belongs to the physical page: [ 20.376739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.376896] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.377092] page_type: f5(slab) [ 20.377200] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.377582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.378349] page dumped because: kasan: bad access detected [ 20.378425] [ 20.378465] Memory state around the buggy address: [ 20.378764] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.378831] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.379100] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.379475] ^ [ 20.380255] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.380467] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.380696] ================================================================== [ 20.335887] ================================================================== [ 20.336591] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.336968] Write of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.337040] [ 20.337090] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.337823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.337881] Hardware name: linux,dummy-virt (DT) [ 20.337926] Call trace: [ 20.338023] show_stack+0x20/0x38 (C) [ 20.338353] dump_stack_lvl+0x8c/0xd0 [ 20.338503] print_report+0x118/0x5d0 [ 20.338597] kasan_report+0xdc/0x128 [ 20.338741] kasan_check_range+0x100/0x1a8 [ 20.338798] __kasan_check_write+0x20/0x30 [ 20.339041] copy_user_test_oob+0x234/0xec8 [ 20.339204] kunit_try_run_case+0x170/0x3f0 [ 20.339362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.339497] kthread+0x328/0x630 [ 20.339592] ret_from_fork+0x10/0x20 [ 20.339946] [ 20.339996] Allocated by task 287: [ 20.340074] kasan_save_stack+0x3c/0x68 [ 20.340171] kasan_save_track+0x20/0x40 [ 20.340343] kasan_save_alloc_info+0x40/0x58 [ 20.340425] __kasan_kmalloc+0xd4/0xd8 [ 20.340464] __kmalloc_noprof+0x198/0x4c8 [ 20.340822] kunit_kmalloc_array+0x34/0x88 [ 20.341240] copy_user_test_oob+0xac/0xec8 [ 20.341598] kunit_try_run_case+0x170/0x3f0 [ 20.341724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.341905] kthread+0x328/0x630 [ 20.342067] ret_from_fork+0x10/0x20 [ 20.342168] [ 20.342239] The buggy address belongs to the object at fff00000c6fc5700 [ 20.342239] which belongs to the cache kmalloc-128 of size 128 [ 20.342402] The buggy address is located 0 bytes inside of [ 20.342402] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.342773] [ 20.342877] The buggy address belongs to the physical page: [ 20.342966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.343124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.343214] page_type: f5(slab) [ 20.343266] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.343327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.343370] page dumped because: kasan: bad access detected [ 20.343405] [ 20.343798] Memory state around the buggy address: [ 20.343855] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.344055] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.344301] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.344371] ^ [ 20.344548] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.344709] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.344753] ================================================================== [ 20.352244] ================================================================== [ 20.352323] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.352377] Read of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.352433] [ 20.352468] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.352569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.352603] Hardware name: linux,dummy-virt (DT) [ 20.352643] Call trace: [ 20.352692] show_stack+0x20/0x38 (C) [ 20.352753] dump_stack_lvl+0x8c/0xd0 [ 20.352806] print_report+0x118/0x5d0 [ 20.352864] kasan_report+0xdc/0x128 [ 20.352911] kasan_check_range+0x100/0x1a8 [ 20.352968] __kasan_check_read+0x20/0x30 [ 20.353021] copy_user_test_oob+0x728/0xec8 [ 20.353070] kunit_try_run_case+0x170/0x3f0 [ 20.353122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.353176] kthread+0x328/0x630 [ 20.353223] ret_from_fork+0x10/0x20 [ 20.354869] [ 20.354975] Allocated by task 287: [ 20.355087] kasan_save_stack+0x3c/0x68 [ 20.355184] kasan_save_track+0x20/0x40 [ 20.355295] kasan_save_alloc_info+0x40/0x58 [ 20.355382] __kasan_kmalloc+0xd4/0xd8 [ 20.355729] __kmalloc_noprof+0x198/0x4c8 [ 20.355831] kunit_kmalloc_array+0x34/0x88 [ 20.355928] copy_user_test_oob+0xac/0xec8 [ 20.356031] kunit_try_run_case+0x170/0x3f0 [ 20.356118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.356213] kthread+0x328/0x630 [ 20.356526] ret_from_fork+0x10/0x20 [ 20.356636] [ 20.356703] The buggy address belongs to the object at fff00000c6fc5700 [ 20.356703] which belongs to the cache kmalloc-128 of size 128 [ 20.356816] The buggy address is located 0 bytes inside of [ 20.356816] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.357243] [ 20.357510] The buggy address belongs to the physical page: [ 20.357551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.357648] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.358022] page_type: f5(slab) [ 20.358359] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.358542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.359027] page dumped because: kasan: bad access detected [ 20.359356] [ 20.359490] Memory state around the buggy address: [ 20.359622] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.359699] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.360018] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.360246] ^ [ 20.360318] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.361000] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.361152] ================================================================== [ 20.396250] ================================================================== [ 20.396325] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.396381] Write of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.396455] [ 20.396491] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.396605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.396647] Hardware name: linux,dummy-virt (DT) [ 20.396684] Call trace: [ 20.396708] show_stack+0x20/0x38 (C) [ 20.396760] dump_stack_lvl+0x8c/0xd0 [ 20.396828] print_report+0x118/0x5d0 [ 20.396877] kasan_report+0xdc/0x128 [ 20.396926] kasan_check_range+0x100/0x1a8 [ 20.396982] __kasan_check_write+0x20/0x30 [ 20.397033] copy_user_test_oob+0x434/0xec8 [ 20.397082] kunit_try_run_case+0x170/0x3f0 [ 20.397133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.397189] kthread+0x328/0x630 [ 20.397242] ret_from_fork+0x10/0x20 [ 20.397303] [ 20.397741] Allocated by task 287: [ 20.397788] kasan_save_stack+0x3c/0x68 [ 20.397869] kasan_save_track+0x20/0x40 [ 20.397912] kasan_save_alloc_info+0x40/0x58 [ 20.398381] __kasan_kmalloc+0xd4/0xd8 [ 20.398441] __kmalloc_noprof+0x198/0x4c8 [ 20.398484] kunit_kmalloc_array+0x34/0x88 [ 20.398773] copy_user_test_oob+0xac/0xec8 [ 20.398848] kunit_try_run_case+0x170/0x3f0 [ 20.399205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.399586] kthread+0x328/0x630 [ 20.399881] ret_from_fork+0x10/0x20 [ 20.399989] [ 20.400147] The buggy address belongs to the object at fff00000c6fc5700 [ 20.400147] which belongs to the cache kmalloc-128 of size 128 [ 20.400432] The buggy address is located 0 bytes inside of [ 20.400432] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.400762] [ 20.400808] The buggy address belongs to the physical page: [ 20.400934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.401117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.401175] page_type: f5(slab) [ 20.401468] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.401643] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.401852] page dumped because: kasan: bad access detected [ 20.402008] [ 20.402037] Memory state around the buggy address: [ 20.402245] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.402424] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.402751] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.402821] ^ [ 20.402870] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.402919] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.402962] ================================================================== [ 20.404713] ================================================================== [ 20.404775] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.404827] Read of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.404884] [ 20.404919] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.405021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.405425] Hardware name: linux,dummy-virt (DT) [ 20.405728] Call trace: [ 20.405888] show_stack+0x20/0x38 (C) [ 20.405986] dump_stack_lvl+0x8c/0xd0 [ 20.406047] print_report+0x118/0x5d0 [ 20.406505] kasan_report+0xdc/0x128 [ 20.406667] kasan_check_range+0x100/0x1a8 [ 20.406902] __kasan_check_read+0x20/0x30 [ 20.407149] copy_user_test_oob+0x4a0/0xec8 [ 20.407722] kunit_try_run_case+0x170/0x3f0 [ 20.407966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.408177] kthread+0x328/0x630 [ 20.408369] ret_from_fork+0x10/0x20 [ 20.408705] [ 20.408928] Allocated by task 287: [ 20.409015] kasan_save_stack+0x3c/0x68 [ 20.409212] kasan_save_track+0x20/0x40 [ 20.409310] kasan_save_alloc_info+0x40/0x58 [ 20.409355] __kasan_kmalloc+0xd4/0xd8 [ 20.409404] __kmalloc_noprof+0x198/0x4c8 [ 20.409785] kunit_kmalloc_array+0x34/0x88 [ 20.410056] copy_user_test_oob+0xac/0xec8 [ 20.410247] kunit_try_run_case+0x170/0x3f0 [ 20.410404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.410525] kthread+0x328/0x630 [ 20.410568] ret_from_fork+0x10/0x20 [ 20.410622] [ 20.411056] The buggy address belongs to the object at fff00000c6fc5700 [ 20.411056] which belongs to the cache kmalloc-128 of size 128 [ 20.411490] The buggy address is located 0 bytes inside of [ 20.411490] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.411666] [ 20.411726] The buggy address belongs to the physical page: [ 20.411770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.411849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.411908] page_type: f5(slab) [ 20.412168] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.412549] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.412769] page dumped because: kasan: bad access detected [ 20.412820] [ 20.413188] Memory state around the buggy address: [ 20.413311] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.413543] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.413597] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.414029] ^ [ 20.414408] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.414469] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.414791] ================================================================== [ 20.382249] ================================================================== [ 20.382316] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.382809] Read of size 121 at addr fff00000c6fc5700 by task kunit_try_catch/287 [ 20.382930] [ 20.382977] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.383476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.383788] Hardware name: linux,dummy-virt (DT) [ 20.383843] Call trace: [ 20.384114] show_stack+0x20/0x38 (C) [ 20.384501] dump_stack_lvl+0x8c/0xd0 [ 20.384615] print_report+0x118/0x5d0 [ 20.384710] kasan_report+0xdc/0x128 [ 20.385092] kasan_check_range+0x100/0x1a8 [ 20.385187] __kasan_check_read+0x20/0x30 [ 20.385428] copy_user_test_oob+0x3c8/0xec8 [ 20.385506] kunit_try_run_case+0x170/0x3f0 [ 20.385716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.385977] kthread+0x328/0x630 [ 20.386289] ret_from_fork+0x10/0x20 [ 20.387210] [ 20.387268] Allocated by task 287: [ 20.387420] kasan_save_stack+0x3c/0x68 [ 20.387646] kasan_save_track+0x20/0x40 [ 20.387858] kasan_save_alloc_info+0x40/0x58 [ 20.387950] __kasan_kmalloc+0xd4/0xd8 [ 20.388065] __kmalloc_noprof+0x198/0x4c8 [ 20.388212] kunit_kmalloc_array+0x34/0x88 [ 20.388346] copy_user_test_oob+0xac/0xec8 [ 20.388391] kunit_try_run_case+0x170/0x3f0 [ 20.388472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.388863] kthread+0x328/0x630 [ 20.389488] ret_from_fork+0x10/0x20 [ 20.389592] [ 20.389636] The buggy address belongs to the object at fff00000c6fc5700 [ 20.389636] which belongs to the cache kmalloc-128 of size 128 [ 20.389859] The buggy address is located 0 bytes inside of [ 20.389859] allocated 120-byte region [fff00000c6fc5700, fff00000c6fc5778) [ 20.390083] [ 20.390139] The buggy address belongs to the physical page: [ 20.390185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.390455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.390765] page_type: f5(slab) [ 20.390837] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.391260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.391582] page dumped because: kasan: bad access detected [ 20.391768] [ 20.391849] Memory state around the buggy address: [ 20.391889] fff00000c6fc5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.391965] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.392234] >fff00000c6fc5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.392421] ^ [ 20.392669] fff00000c6fc5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.392805] fff00000c6fc5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.393020] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 20.292521] ================================================================== [ 20.292792] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 20.292854] Write of size 8 at addr fff00000c6fc5678 by task kunit_try_catch/283 [ 20.292909] [ 20.292943] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.293026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.293055] Hardware name: linux,dummy-virt (DT) [ 20.293357] Call trace: [ 20.293438] show_stack+0x20/0x38 (C) [ 20.293638] dump_stack_lvl+0x8c/0xd0 [ 20.293851] print_report+0x118/0x5d0 [ 20.294057] kasan_report+0xdc/0x128 [ 20.294169] kasan_check_range+0x100/0x1a8 [ 20.294395] __kasan_check_write+0x20/0x30 [ 20.294487] copy_to_kernel_nofault+0x8c/0x250 [ 20.294541] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 20.295005] kunit_try_run_case+0x170/0x3f0 [ 20.295065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.295130] kthread+0x328/0x630 [ 20.295561] ret_from_fork+0x10/0x20 [ 20.295970] [ 20.296082] Allocated by task 283: [ 20.296142] kasan_save_stack+0x3c/0x68 [ 20.296330] kasan_save_track+0x20/0x40 [ 20.296590] kasan_save_alloc_info+0x40/0x58 [ 20.296641] __kasan_kmalloc+0xd4/0xd8 [ 20.296867] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.297073] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.297126] kunit_try_run_case+0x170/0x3f0 [ 20.297180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.297226] kthread+0x328/0x630 [ 20.297262] ret_from_fork+0x10/0x20 [ 20.297313] [ 20.297354] The buggy address belongs to the object at fff00000c6fc5600 [ 20.297354] which belongs to the cache kmalloc-128 of size 128 [ 20.297442] The buggy address is located 0 bytes to the right of [ 20.297442] allocated 120-byte region [fff00000c6fc5600, fff00000c6fc5678) [ 20.297530] [ 20.297554] The buggy address belongs to the physical page: [ 20.297597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.297664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.297723] page_type: f5(slab) [ 20.297764] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.297815] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.297864] page dumped because: kasan: bad access detected [ 20.297898] [ 20.297935] Memory state around the buggy address: [ 20.297967] fff00000c6fc5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.298022] fff00000c6fc5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.298080] >fff00000c6fc5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.298146] ^ [ 20.298199] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.298243] fff00000c6fc5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.298633] ================================================================== [ 20.283450] ================================================================== [ 20.283528] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 20.283745] Read of size 8 at addr fff00000c6fc5678 by task kunit_try_catch/283 [ 20.284048] [ 20.284183] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.284357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.284391] Hardware name: linux,dummy-virt (DT) [ 20.284427] Call trace: [ 20.284454] show_stack+0x20/0x38 (C) [ 20.284875] dump_stack_lvl+0x8c/0xd0 [ 20.285002] print_report+0x118/0x5d0 [ 20.285096] kasan_report+0xdc/0x128 [ 20.285206] __asan_report_load8_noabort+0x20/0x30 [ 20.285270] copy_to_kernel_nofault+0x204/0x250 [ 20.285330] copy_to_kernel_nofault_oob+0x158/0x418 [ 20.285390] kunit_try_run_case+0x170/0x3f0 [ 20.285647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.285939] kthread+0x328/0x630 [ 20.286036] ret_from_fork+0x10/0x20 [ 20.286096] [ 20.286319] Allocated by task 283: [ 20.286365] kasan_save_stack+0x3c/0x68 [ 20.286410] kasan_save_track+0x20/0x40 [ 20.286449] kasan_save_alloc_info+0x40/0x58 [ 20.286634] __kasan_kmalloc+0xd4/0xd8 [ 20.286688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.287044] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.287184] kunit_try_run_case+0x170/0x3f0 [ 20.287365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.287429] kthread+0x328/0x630 [ 20.287609] ret_from_fork+0x10/0x20 [ 20.287832] [ 20.287880] The buggy address belongs to the object at fff00000c6fc5600 [ 20.287880] which belongs to the cache kmalloc-128 of size 128 [ 20.288008] The buggy address is located 0 bytes to the right of [ 20.288008] allocated 120-byte region [fff00000c6fc5600, fff00000c6fc5678) [ 20.288136] [ 20.288180] The buggy address belongs to the physical page: [ 20.288311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 20.288397] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.288662] page_type: f5(slab) [ 20.288887] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.288966] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.289104] page dumped because: kasan: bad access detected [ 20.289205] [ 20.289348] Memory state around the buggy address: [ 20.289411] fff00000c6fc5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.289663] fff00000c6fc5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.289724] >fff00000c6fc5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.289767] ^ [ 20.289823] fff00000c6fc5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.290261] fff00000c6fc5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.290656] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 20.222812] ================================================================== [ 20.222967] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 20.223275] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271 [ 20.223529] [ 20.223808] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.223967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.224046] Hardware name: linux,dummy-virt (DT) [ 20.224242] Call trace: [ 20.224266] show_stack+0x20/0x38 (C) [ 20.224633] dump_stack_lvl+0x8c/0xd0 [ 20.224768] print_report+0x310/0x5d0 [ 20.224869] kasan_report+0xdc/0x128 [ 20.225022] __asan_report_load1_noabort+0x20/0x30 [ 20.225145] vmalloc_oob+0x51c/0x5d0 [ 20.225369] kunit_try_run_case+0x170/0x3f0 [ 20.225678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.225851] kthread+0x328/0x630 [ 20.225913] ret_from_fork+0x10/0x20 [ 20.225971] [ 20.226158] The buggy address ffff80008010b7f8 belongs to a vmalloc virtual mapping [ 20.226671] The buggy address belongs to the physical page: [ 20.226788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c78f9000 pfn:0x1078f9 [ 20.226916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.227077] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.227151] raw: fff00000c78f9000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.227557] page dumped because: kasan: bad access detected [ 20.227894] [ 20.228049] Memory state around the buggy address: [ 20.228157] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.228225] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.228426] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.228467] ^ [ 20.228567] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.228739] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.228807] ================================================================== [ 20.212697] ================================================================== [ 20.214046] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 20.214162] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271 [ 20.214216] [ 20.214418] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.214517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.214572] Hardware name: linux,dummy-virt (DT) [ 20.214848] Call trace: [ 20.215096] show_stack+0x20/0x38 (C) [ 20.215166] dump_stack_lvl+0x8c/0xd0 [ 20.215232] print_report+0x310/0x5d0 [ 20.215550] kasan_report+0xdc/0x128 [ 20.215725] __asan_report_load1_noabort+0x20/0x30 [ 20.216100] vmalloc_oob+0x578/0x5d0 [ 20.216315] kunit_try_run_case+0x170/0x3f0 [ 20.216616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216919] kthread+0x328/0x630 [ 20.217123] ret_from_fork+0x10/0x20 [ 20.217400] [ 20.217444] The buggy address ffff80008010b7f3 belongs to a vmalloc virtual mapping [ 20.217789] The buggy address belongs to the physical page: [ 20.217928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c78f9000 pfn:0x1078f9 [ 20.218340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.218497] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.218984] raw: fff00000c78f9000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.219050] page dumped because: kasan: bad access detected [ 20.219087] [ 20.219327] Memory state around the buggy address: [ 20.219556] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.219633] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.219888] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.220051] ^ [ 20.220214] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.220418] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.220672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.775635] ================================================================== [ 19.775687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.775754] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.775846] [ 19.775884] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.775967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.776020] Hardware name: linux,dummy-virt (DT) [ 19.776054] Call trace: [ 19.776079] show_stack+0x20/0x38 (C) [ 19.776126] dump_stack_lvl+0x8c/0xd0 [ 19.776177] print_report+0x118/0x5d0 [ 19.776223] kasan_report+0xdc/0x128 [ 19.776318] kasan_check_range+0x100/0x1a8 [ 19.776371] __kasan_check_write+0x20/0x30 [ 19.776420] kasan_atomics_helper+0xa6c/0x4858 [ 19.776579] kasan_atomics+0x198/0x2e0 [ 19.776640] kunit_try_run_case+0x170/0x3f0 [ 19.776690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.776742] kthread+0x328/0x630 [ 19.776787] ret_from_fork+0x10/0x20 [ 19.776836] [ 19.776869] Allocated by task 267: [ 19.776899] kasan_save_stack+0x3c/0x68 [ 19.776949] kasan_save_track+0x20/0x40 [ 19.777188] kasan_save_alloc_info+0x40/0x58 [ 19.777300] __kasan_kmalloc+0xd4/0xd8 [ 19.777342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.777382] kasan_atomics+0xb8/0x2e0 [ 19.777426] kunit_try_run_case+0x170/0x3f0 [ 19.777469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.777513] kthread+0x328/0x630 [ 19.777551] ret_from_fork+0x10/0x20 [ 19.777590] [ 19.777747] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.777747] which belongs to the cache kmalloc-64 of size 64 [ 19.777842] The buggy address is located 0 bytes to the right of [ 19.777842] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.777947] [ 19.777970] The buggy address belongs to the physical page: [ 19.778029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.778147] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.778306] page_type: f5(slab) [ 19.778356] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.778409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.778451] page dumped because: kasan: bad access detected [ 19.778486] [ 19.778506] Memory state around the buggy address: [ 19.778539] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.778626] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.778672] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.778825] ^ [ 19.778888] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.778988] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.779102] ================================================================== [ 20.010070] ================================================================== [ 20.010139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.010866] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.010943] [ 20.010997] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.011771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.011838] Hardware name: linux,dummy-virt (DT) [ 20.011873] Call trace: [ 20.011897] show_stack+0x20/0x38 (C) [ 20.011950] dump_stack_lvl+0x8c/0xd0 [ 20.012240] print_report+0x118/0x5d0 [ 20.012590] kasan_report+0xdc/0x128 [ 20.012771] kasan_check_range+0x100/0x1a8 [ 20.012883] __kasan_check_write+0x20/0x30 [ 20.012934] kasan_atomics_helper+0x1190/0x4858 [ 20.013241] kasan_atomics+0x198/0x2e0 [ 20.013718] kunit_try_run_case+0x170/0x3f0 [ 20.013912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.014004] kthread+0x328/0x630 [ 20.014458] ret_from_fork+0x10/0x20 [ 20.014878] [ 20.014978] Allocated by task 267: [ 20.015054] kasan_save_stack+0x3c/0x68 [ 20.015131] kasan_save_track+0x20/0x40 [ 20.015321] kasan_save_alloc_info+0x40/0x58 [ 20.015568] __kasan_kmalloc+0xd4/0xd8 [ 20.015844] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.015916] kasan_atomics+0xb8/0x2e0 [ 20.015979] kunit_try_run_case+0x170/0x3f0 [ 20.016857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.016937] kthread+0x328/0x630 [ 20.016998] ret_from_fork+0x10/0x20 [ 20.017071] [ 20.017120] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.017120] which belongs to the cache kmalloc-64 of size 64 [ 20.017554] The buggy address is located 0 bytes to the right of [ 20.017554] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.017650] [ 20.017809] The buggy address belongs to the physical page: [ 20.018125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.018291] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.018344] page_type: f5(slab) [ 20.018384] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.018736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.019091] page dumped because: kasan: bad access detected [ 20.019262] [ 20.019301] Memory state around the buggy address: [ 20.019338] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.019686] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.019935] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.020143] ^ [ 20.020193] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.020391] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.020550] ================================================================== [ 20.069896] ================================================================== [ 20.070231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 20.070309] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.070362] [ 20.070527] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.070657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.071047] Hardware name: linux,dummy-virt (DT) [ 20.071102] Call trace: [ 20.071314] show_stack+0x20/0x38 (C) [ 20.071692] dump_stack_lvl+0x8c/0xd0 [ 20.071799] print_report+0x118/0x5d0 [ 20.071963] kasan_report+0xdc/0x128 [ 20.072181] kasan_check_range+0x100/0x1a8 [ 20.072337] __kasan_check_write+0x20/0x30 [ 20.072549] kasan_atomics_helper+0x1414/0x4858 [ 20.072623] kasan_atomics+0x198/0x2e0 [ 20.072668] kunit_try_run_case+0x170/0x3f0 [ 20.072888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.073020] kthread+0x328/0x630 [ 20.073434] ret_from_fork+0x10/0x20 [ 20.073671] [ 20.073797] Allocated by task 267: [ 20.073864] kasan_save_stack+0x3c/0x68 [ 20.074621] kasan_save_track+0x20/0x40 [ 20.074806] kasan_save_alloc_info+0x40/0x58 [ 20.074894] __kasan_kmalloc+0xd4/0xd8 [ 20.075046] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.075238] kasan_atomics+0xb8/0x2e0 [ 20.075469] kunit_try_run_case+0x170/0x3f0 [ 20.075542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.076405] kthread+0x328/0x630 [ 20.076507] ret_from_fork+0x10/0x20 [ 20.076568] [ 20.076623] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.076623] which belongs to the cache kmalloc-64 of size 64 [ 20.076729] The buggy address is located 0 bytes to the right of [ 20.076729] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.077175] [ 20.077227] The buggy address belongs to the physical page: [ 20.077304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.077540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.077597] page_type: f5(slab) [ 20.077990] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.078383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.078535] page dumped because: kasan: bad access detected [ 20.078888] [ 20.078949] Memory state around the buggy address: [ 20.079108] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.079300] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.079697] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.079903] ^ [ 20.079945] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.080408] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.080717] ================================================================== [ 20.138991] ================================================================== [ 20.139312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 20.139376] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.139586] [ 20.139808] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.140025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.140060] Hardware name: linux,dummy-virt (DT) [ 20.140106] Call trace: [ 20.140138] show_stack+0x20/0x38 (C) [ 20.140365] dump_stack_lvl+0x8c/0xd0 [ 20.140437] print_report+0x118/0x5d0 [ 20.140738] kasan_report+0xdc/0x128 [ 20.141026] __asan_report_load8_noabort+0x20/0x30 [ 20.141095] kasan_atomics_helper+0x3df4/0x4858 [ 20.141344] kasan_atomics+0x198/0x2e0 [ 20.141646] kunit_try_run_case+0x170/0x3f0 [ 20.141754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.141932] kthread+0x328/0x630 [ 20.142032] ret_from_fork+0x10/0x20 [ 20.142085] [ 20.142169] Allocated by task 267: [ 20.142213] kasan_save_stack+0x3c/0x68 [ 20.142255] kasan_save_track+0x20/0x40 [ 20.142442] kasan_save_alloc_info+0x40/0x58 [ 20.142610] __kasan_kmalloc+0xd4/0xd8 [ 20.142902] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.142968] kasan_atomics+0xb8/0x2e0 [ 20.143123] kunit_try_run_case+0x170/0x3f0 [ 20.143307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.143537] kthread+0x328/0x630 [ 20.143590] ret_from_fork+0x10/0x20 [ 20.143840] [ 20.143886] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.143886] which belongs to the cache kmalloc-64 of size 64 [ 20.144118] The buggy address is located 0 bytes to the right of [ 20.144118] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.144299] [ 20.144795] The buggy address belongs to the physical page: [ 20.144912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.145357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.145694] page_type: f5(slab) [ 20.145749] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.146129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.146447] page dumped because: kasan: bad access detected [ 20.146620] [ 20.146667] Memory state around the buggy address: [ 20.146705] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.146985] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.147039] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.147089] ^ [ 20.147127] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.147331] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.147461] ================================================================== [ 20.001787] ================================================================== [ 20.002041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.002126] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.002180] [ 20.002241] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.002396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.002428] Hardware name: linux,dummy-virt (DT) [ 20.002492] Call trace: [ 20.002517] show_stack+0x20/0x38 (C) [ 20.002783] dump_stack_lvl+0x8c/0xd0 [ 20.003219] print_report+0x118/0x5d0 [ 20.003556] kasan_report+0xdc/0x128 [ 20.003639] kasan_check_range+0x100/0x1a8 [ 20.003844] __kasan_check_write+0x20/0x30 [ 20.004000] kasan_atomics_helper+0x1128/0x4858 [ 20.004205] kasan_atomics+0x198/0x2e0 [ 20.004299] kunit_try_run_case+0x170/0x3f0 [ 20.004423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.004679] kthread+0x328/0x630 [ 20.005056] ret_from_fork+0x10/0x20 [ 20.005345] [ 20.005454] Allocated by task 267: [ 20.005549] kasan_save_stack+0x3c/0x68 [ 20.005820] kasan_save_track+0x20/0x40 [ 20.006098] kasan_save_alloc_info+0x40/0x58 [ 20.006215] __kasan_kmalloc+0xd4/0xd8 [ 20.006429] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.006613] kasan_atomics+0xb8/0x2e0 [ 20.006706] kunit_try_run_case+0x170/0x3f0 [ 20.006786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.007114] kthread+0x328/0x630 [ 20.007352] ret_from_fork+0x10/0x20 [ 20.007419] [ 20.007653] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.007653] which belongs to the cache kmalloc-64 of size 64 [ 20.007848] The buggy address is located 0 bytes to the right of [ 20.007848] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.008249] [ 20.008313] The buggy address belongs to the physical page: [ 20.008635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.008855] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.008915] page_type: f5(slab) [ 20.008955] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.009139] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.009215] page dumped because: kasan: bad access detected [ 20.009252] [ 20.009272] Memory state around the buggy address: [ 20.009327] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.009385] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.009433] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.009474] ^ [ 20.009510] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.009553] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.009594] ================================================================== [ 19.624115] ================================================================== [ 19.624964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 19.625128] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.626054] ret_from_fork+0x10/0x20 [ 19.626655] kasan_atomics+0xb8/0x2e0 [ 19.627265] The buggy address is located 0 bytes to the right of [ 19.627265] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.627625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.627887] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.628063] ================================================================== [ 20.119781] ================================================================== [ 20.120014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 20.120076] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.120130] [ 20.120390] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.120538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.120569] Hardware name: linux,dummy-virt (DT) [ 20.120603] Call trace: [ 20.120626] show_stack+0x20/0x38 (C) [ 20.120842] dump_stack_lvl+0x8c/0xd0 [ 20.121190] print_report+0x118/0x5d0 [ 20.121261] kasan_report+0xdc/0x128 [ 20.121324] __asan_report_load8_noabort+0x20/0x30 [ 20.121523] kasan_atomics_helper+0x3db0/0x4858 [ 20.121635] kasan_atomics+0x198/0x2e0 [ 20.121772] kunit_try_run_case+0x170/0x3f0 [ 20.122045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.122360] kthread+0x328/0x630 [ 20.122535] ret_from_fork+0x10/0x20 [ 20.122589] [ 20.122660] Allocated by task 267: [ 20.122709] kasan_save_stack+0x3c/0x68 [ 20.122778] kasan_save_track+0x20/0x40 [ 20.123003] kasan_save_alloc_info+0x40/0x58 [ 20.123072] __kasan_kmalloc+0xd4/0xd8 [ 20.123318] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.123563] kasan_atomics+0xb8/0x2e0 [ 20.123779] kunit_try_run_case+0x170/0x3f0 [ 20.123912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.124201] kthread+0x328/0x630 [ 20.124337] ret_from_fork+0x10/0x20 [ 20.124789] [ 20.124955] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.124955] which belongs to the cache kmalloc-64 of size 64 [ 20.125173] The buggy address is located 0 bytes to the right of [ 20.125173] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.125463] [ 20.125603] The buggy address belongs to the physical page: [ 20.125912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.125989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.126480] page_type: f5(slab) [ 20.126637] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.126959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.127032] page dumped because: kasan: bad access detected [ 20.127075] [ 20.127235] Memory state around the buggy address: [ 20.127474] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.127931] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.128047] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.128118] ^ [ 20.128336] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.128593] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.128836] ================================================================== [ 20.081688] ================================================================== [ 20.081761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 20.081875] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.082123] [ 20.082269] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.082687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.082820] Hardware name: linux,dummy-virt (DT) [ 20.082938] Call trace: [ 20.082999] show_stack+0x20/0x38 (C) [ 20.083156] dump_stack_lvl+0x8c/0xd0 [ 20.083211] print_report+0x118/0x5d0 [ 20.083259] kasan_report+0xdc/0x128 [ 20.083320] kasan_check_range+0x100/0x1a8 [ 20.083496] __kasan_check_write+0x20/0x30 [ 20.083714] kasan_atomics_helper+0x147c/0x4858 [ 20.084011] kasan_atomics+0x198/0x2e0 [ 20.084222] kunit_try_run_case+0x170/0x3f0 [ 20.084277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.084344] kthread+0x328/0x630 [ 20.084391] ret_from_fork+0x10/0x20 [ 20.084476] [ 20.084505] Allocated by task 267: [ 20.084537] kasan_save_stack+0x3c/0x68 [ 20.084595] kasan_save_track+0x20/0x40 [ 20.084655] kasan_save_alloc_info+0x40/0x58 [ 20.084705] __kasan_kmalloc+0xd4/0xd8 [ 20.084743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.084783] kasan_atomics+0xb8/0x2e0 [ 20.084820] kunit_try_run_case+0x170/0x3f0 [ 20.084860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.084912] kthread+0x328/0x630 [ 20.084956] ret_from_fork+0x10/0x20 [ 20.084992] [ 20.085015] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.085015] which belongs to the cache kmalloc-64 of size 64 [ 20.085074] The buggy address is located 0 bytes to the right of [ 20.085074] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.085139] [ 20.085180] The buggy address belongs to the physical page: [ 20.085221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.085275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.085334] page_type: f5(slab) [ 20.085378] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.085437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.088358] page dumped because: kasan: bad access detected [ 20.088639] [ 20.088983] Memory state around the buggy address: [ 20.089041] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.089151] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.089588] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.089785] ^ [ 20.090058] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.090408] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.090756] ================================================================== [ 19.764125] ================================================================== [ 19.764183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.764234] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.764381] [ 19.764432] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.764515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.764655] Hardware name: linux,dummy-virt (DT) [ 19.764693] Call trace: [ 19.764798] show_stack+0x20/0x38 (C) [ 19.764897] dump_stack_lvl+0x8c/0xd0 [ 19.764956] print_report+0x118/0x5d0 [ 19.765011] kasan_report+0xdc/0x128 [ 19.765058] kasan_check_range+0x100/0x1a8 [ 19.765134] __kasan_check_write+0x20/0x30 [ 19.765211] kasan_atomics_helper+0x99c/0x4858 [ 19.765261] kasan_atomics+0x198/0x2e0 [ 19.765320] kunit_try_run_case+0x170/0x3f0 [ 19.765370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.765540] kthread+0x328/0x630 [ 19.765593] ret_from_fork+0x10/0x20 [ 19.765642] [ 19.765662] Allocated by task 267: [ 19.765728] kasan_save_stack+0x3c/0x68 [ 19.765799] kasan_save_track+0x20/0x40 [ 19.765857] kasan_save_alloc_info+0x40/0x58 [ 19.765913] __kasan_kmalloc+0xd4/0xd8 [ 19.765950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.766006] kasan_atomics+0xb8/0x2e0 [ 19.766053] kunit_try_run_case+0x170/0x3f0 [ 19.766301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.766360] kthread+0x328/0x630 [ 19.766398] ret_from_fork+0x10/0x20 [ 19.766543] [ 19.766592] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.766592] which belongs to the cache kmalloc-64 of size 64 [ 19.766652] The buggy address is located 0 bytes to the right of [ 19.766652] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.766725] [ 19.766748] The buggy address belongs to the physical page: [ 19.767933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.768023] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.768134] page_type: f5(slab) [ 19.768232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.768474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.768589] page dumped because: kasan: bad access detected [ 19.768645] [ 19.768666] Memory state around the buggy address: [ 19.768908] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.768969] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.769074] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.769163] ^ [ 19.769309] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769411] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769493] ================================================================== [ 20.062555] ================================================================== [ 20.062652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 20.062738] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.062854] [ 20.062928] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.063137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.063411] Hardware name: linux,dummy-virt (DT) [ 20.063772] Call trace: [ 20.063932] show_stack+0x20/0x38 (C) [ 20.064063] dump_stack_lvl+0x8c/0xd0 [ 20.064120] print_report+0x118/0x5d0 [ 20.064692] kasan_report+0xdc/0x128 [ 20.064862] __asan_report_load8_noabort+0x20/0x30 [ 20.065047] kasan_atomics_helper+0x3f04/0x4858 [ 20.065219] kasan_atomics+0x198/0x2e0 [ 20.065310] kunit_try_run_case+0x170/0x3f0 [ 20.065365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.065418] kthread+0x328/0x630 [ 20.065515] ret_from_fork+0x10/0x20 [ 20.065585] [ 20.065616] Allocated by task 267: [ 20.065661] kasan_save_stack+0x3c/0x68 [ 20.065710] kasan_save_track+0x20/0x40 [ 20.065747] kasan_save_alloc_info+0x40/0x58 [ 20.065796] __kasan_kmalloc+0xd4/0xd8 [ 20.065832] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.065881] kasan_atomics+0xb8/0x2e0 [ 20.065918] kunit_try_run_case+0x170/0x3f0 [ 20.065958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.065999] kthread+0x328/0x630 [ 20.066053] ret_from_fork+0x10/0x20 [ 20.066093] [ 20.066115] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.066115] which belongs to the cache kmalloc-64 of size 64 [ 20.066180] The buggy address is located 0 bytes to the right of [ 20.066180] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.066260] [ 20.066301] The buggy address belongs to the physical page: [ 20.066335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.066389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.066439] page_type: f5(slab) [ 20.066479] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.066552] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.066596] page dumped because: kasan: bad access detected [ 20.066650] [ 20.066671] Memory state around the buggy address: [ 20.067134] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.067632] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.067706] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.067781] ^ [ 20.067858] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.067966] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.068007] ================================================================== [ 19.883618] ================================================================== [ 19.883680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.883735] Read of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.884032] [ 19.884203] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.884377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.884412] Hardware name: linux,dummy-virt (DT) [ 19.884513] Call trace: [ 19.885068] show_stack+0x20/0x38 (C) [ 19.885299] dump_stack_lvl+0x8c/0xd0 [ 19.885361] print_report+0x118/0x5d0 [ 19.885440] kasan_report+0xdc/0x128 [ 19.885507] __asan_report_load4_noabort+0x20/0x30 [ 19.885560] kasan_atomics_helper+0x3dd8/0x4858 [ 19.885709] kasan_atomics+0x198/0x2e0 [ 19.885755] kunit_try_run_case+0x170/0x3f0 [ 19.886003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.886120] kthread+0x328/0x630 [ 19.886428] ret_from_fork+0x10/0x20 [ 19.886624] [ 19.886653] Allocated by task 267: [ 19.886686] kasan_save_stack+0x3c/0x68 [ 19.886729] kasan_save_track+0x20/0x40 [ 19.886837] kasan_save_alloc_info+0x40/0x58 [ 19.886969] __kasan_kmalloc+0xd4/0xd8 [ 19.887028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.887381] kasan_atomics+0xb8/0x2e0 [ 19.887444] kunit_try_run_case+0x170/0x3f0 [ 19.887487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.887638] kthread+0x328/0x630 [ 19.887693] ret_from_fork+0x10/0x20 [ 19.887731] [ 19.887761] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.887761] which belongs to the cache kmalloc-64 of size 64 [ 19.887822] The buggy address is located 0 bytes to the right of [ 19.887822] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.887887] [ 19.887919] The buggy address belongs to the physical page: [ 19.887962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.888032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.888082] page_type: f5(slab) [ 19.888144] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.888197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.888242] page dumped because: kasan: bad access detected [ 19.888305] [ 19.888327] Memory state around the buggy address: [ 19.888368] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.888429] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.888481] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.888523] ^ [ 19.888562] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.888607] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.888650] ================================================================== [ 19.984102] ================================================================== [ 19.984155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.984493] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.984625] [ 19.984662] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.984770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.984815] Hardware name: linux,dummy-virt (DT) [ 19.984849] Call trace: [ 19.984878] show_stack+0x20/0x38 (C) [ 19.984930] dump_stack_lvl+0x8c/0xd0 [ 19.984982] print_report+0x118/0x5d0 [ 19.985029] kasan_report+0xdc/0x128 [ 19.985072] kasan_check_range+0x100/0x1a8 [ 19.985129] __kasan_check_write+0x20/0x30 [ 19.985177] kasan_atomics_helper+0x1058/0x4858 [ 19.985225] kasan_atomics+0x198/0x2e0 [ 19.985268] kunit_try_run_case+0x170/0x3f0 [ 19.985329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.985378] kthread+0x328/0x630 [ 19.985431] ret_from_fork+0x10/0x20 [ 19.985488] [ 19.985510] Allocated by task 267: [ 19.985539] kasan_save_stack+0x3c/0x68 [ 19.985580] kasan_save_track+0x20/0x40 [ 19.985617] kasan_save_alloc_info+0x40/0x58 [ 19.985665] __kasan_kmalloc+0xd4/0xd8 [ 19.985709] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.985748] kasan_atomics+0xb8/0x2e0 [ 19.985787] kunit_try_run_case+0x170/0x3f0 [ 19.985835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.985878] kthread+0x328/0x630 [ 19.985914] ret_from_fork+0x10/0x20 [ 19.985961] [ 19.985983] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.985983] which belongs to the cache kmalloc-64 of size 64 [ 19.986050] The buggy address is located 0 bytes to the right of [ 19.986050] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.986123] [ 19.986153] The buggy address belongs to the physical page: [ 19.986186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.986247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.987171] page_type: f5(slab) [ 19.987221] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.987275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.987331] page dumped because: kasan: bad access detected [ 19.987378] [ 19.987421] Memory state around the buggy address: [ 19.987470] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.987898] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.988252] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.988607] ^ [ 19.988671] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.988730] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.989080] ================================================================== [ 20.148785] ================================================================== [ 20.148847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 20.149156] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.149301] [ 20.149360] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.149470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.149552] Hardware name: linux,dummy-virt (DT) [ 20.149588] Call trace: [ 20.149642] show_stack+0x20/0x38 (C) [ 20.149705] dump_stack_lvl+0x8c/0xd0 [ 20.149759] print_report+0x118/0x5d0 [ 20.149995] kasan_report+0xdc/0x128 [ 20.150050] kasan_check_range+0x100/0x1a8 [ 20.150109] __kasan_check_write+0x20/0x30 [ 20.150269] kasan_atomics_helper+0x16d0/0x4858 [ 20.150687] kasan_atomics+0x198/0x2e0 [ 20.150933] kunit_try_run_case+0x170/0x3f0 [ 20.150992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.151045] kthread+0x328/0x630 [ 20.151483] ret_from_fork+0x10/0x20 [ 20.151841] [ 20.151944] Allocated by task 267: [ 20.151992] kasan_save_stack+0x3c/0x68 [ 20.152082] kasan_save_track+0x20/0x40 [ 20.152124] kasan_save_alloc_info+0x40/0x58 [ 20.152169] __kasan_kmalloc+0xd4/0xd8 [ 20.152222] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.152261] kasan_atomics+0xb8/0x2e0 [ 20.152307] kunit_try_run_case+0x170/0x3f0 [ 20.152370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.152413] kthread+0x328/0x630 [ 20.152450] ret_from_fork+0x10/0x20 [ 20.152488] [ 20.152516] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.152516] which belongs to the cache kmalloc-64 of size 64 [ 20.152577] The buggy address is located 0 bytes to the right of [ 20.152577] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.152658] [ 20.152698] The buggy address belongs to the physical page: [ 20.152740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.152793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.152842] page_type: f5(slab) [ 20.152890] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.152943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.152987] page dumped because: kasan: bad access detected [ 20.153030] [ 20.153066] Memory state around the buggy address: [ 20.153099] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.153143] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.153189] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.153230] ^ [ 20.153265] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.153340] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.154178] ================================================================== [ 20.091922] ================================================================== [ 20.091985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 20.092040] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.092101] [ 20.092135] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.092395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.092438] Hardware name: linux,dummy-virt (DT) [ 20.092474] Call trace: [ 20.092499] show_stack+0x20/0x38 (C) [ 20.092956] dump_stack_lvl+0x8c/0xd0 [ 20.093122] print_report+0x118/0x5d0 [ 20.093194] kasan_report+0xdc/0x128 [ 20.093240] kasan_check_range+0x100/0x1a8 [ 20.093345] __kasan_check_write+0x20/0x30 [ 20.093393] kasan_atomics_helper+0x14e4/0x4858 [ 20.093449] kasan_atomics+0x198/0x2e0 [ 20.093500] kunit_try_run_case+0x170/0x3f0 [ 20.093683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.093909] kthread+0x328/0x630 [ 20.093972] ret_from_fork+0x10/0x20 [ 20.094194] [ 20.094230] Allocated by task 267: [ 20.094361] kasan_save_stack+0x3c/0x68 [ 20.095401] kasan_save_track+0x20/0x40 [ 20.095696] kasan_save_alloc_info+0x40/0x58 [ 20.095816] __kasan_kmalloc+0xd4/0xd8 [ 20.095895] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.096539] kasan_atomics+0xb8/0x2e0 [ 20.096614] kunit_try_run_case+0x170/0x3f0 [ 20.096667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.096761] kthread+0x328/0x630 [ 20.096827] ret_from_fork+0x10/0x20 [ 20.096899] [ 20.097459] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.097459] which belongs to the cache kmalloc-64 of size 64 [ 20.097525] The buggy address is located 0 bytes to the right of [ 20.097525] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.098181] [ 20.098314] The buggy address belongs to the physical page: [ 20.098354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.098437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.098809] page_type: f5(slab) [ 20.099042] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.099301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.099358] page dumped because: kasan: bad access detected [ 20.099539] [ 20.099633] Memory state around the buggy address: [ 20.099799] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.099861] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.100091] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.100429] ^ [ 20.100540] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.101001] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.101181] ================================================================== [ 20.102020] ================================================================== [ 20.102597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 20.102669] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.102934] [ 20.103349] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.103463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.103492] Hardware name: linux,dummy-virt (DT) [ 20.103528] Call trace: [ 20.103552] show_stack+0x20/0x38 (C) [ 20.103604] dump_stack_lvl+0x8c/0xd0 [ 20.103656] print_report+0x118/0x5d0 [ 20.104085] kasan_report+0xdc/0x128 [ 20.104443] kasan_check_range+0x100/0x1a8 [ 20.104568] __kasan_check_write+0x20/0x30 [ 20.104688] kasan_atomics_helper+0x154c/0x4858 [ 20.104827] kasan_atomics+0x198/0x2e0 [ 20.104875] kunit_try_run_case+0x170/0x3f0 [ 20.104981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.105328] kthread+0x328/0x630 [ 20.105581] ret_from_fork+0x10/0x20 [ 20.105853] [ 20.105911] Allocated by task 267: [ 20.105990] kasan_save_stack+0x3c/0x68 [ 20.106053] kasan_save_track+0x20/0x40 [ 20.106254] kasan_save_alloc_info+0x40/0x58 [ 20.106480] __kasan_kmalloc+0xd4/0xd8 [ 20.106678] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.106853] kasan_atomics+0xb8/0x2e0 [ 20.106942] kunit_try_run_case+0x170/0x3f0 [ 20.107049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.107233] kthread+0x328/0x630 [ 20.107598] ret_from_fork+0x10/0x20 [ 20.107732] [ 20.107858] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.107858] which belongs to the cache kmalloc-64 of size 64 [ 20.108075] The buggy address is located 0 bytes to the right of [ 20.108075] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.108148] [ 20.108394] The buggy address belongs to the physical page: [ 20.108967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.109470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.109750] page_type: f5(slab) [ 20.109821] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.110138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.110330] page dumped because: kasan: bad access detected [ 20.110562] [ 20.110761] Memory state around the buggy address: [ 20.110802] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.110849] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.110894] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.111494] ^ [ 20.111663] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111890] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.112175] ================================================================== [ 20.184815] ================================================================== [ 20.185230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 20.185310] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.185361] [ 20.185461] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.185557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.185586] Hardware name: linux,dummy-virt (DT) [ 20.185827] Call trace: [ 20.186133] show_stack+0x20/0x38 (C) [ 20.186207] dump_stack_lvl+0x8c/0xd0 [ 20.186354] print_report+0x118/0x5d0 [ 20.186425] kasan_report+0xdc/0x128 [ 20.186753] kasan_check_range+0x100/0x1a8 [ 20.187022] __kasan_check_write+0x20/0x30 [ 20.187243] kasan_atomics_helper+0x17ec/0x4858 [ 20.187314] kasan_atomics+0x198/0x2e0 [ 20.187486] kunit_try_run_case+0x170/0x3f0 [ 20.187570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.187624] kthread+0x328/0x630 [ 20.187966] ret_from_fork+0x10/0x20 [ 20.188376] [ 20.188469] Allocated by task 267: [ 20.188538] kasan_save_stack+0x3c/0x68 [ 20.188582] kasan_save_track+0x20/0x40 [ 20.188659] kasan_save_alloc_info+0x40/0x58 [ 20.189057] __kasan_kmalloc+0xd4/0xd8 [ 20.189397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.189587] kasan_atomics+0xb8/0x2e0 [ 20.189706] kunit_try_run_case+0x170/0x3f0 [ 20.189832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.190494] kthread+0x328/0x630 [ 20.190749] ret_from_fork+0x10/0x20 [ 20.190833] [ 20.190867] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.190867] which belongs to the cache kmalloc-64 of size 64 [ 20.190987] The buggy address is located 0 bytes to the right of [ 20.190987] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.191142] [ 20.191232] The buggy address belongs to the physical page: [ 20.191385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.191484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.191589] page_type: f5(slab) [ 20.191797] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.192052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.192319] page dumped because: kasan: bad access detected [ 20.192512] [ 20.192577] Memory state around the buggy address: [ 20.192660] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.192707] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.192753] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.192804] ^ [ 20.192841] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.192897] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.192936] ================================================================== [ 20.027500] ================================================================== [ 20.028025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 20.028150] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.028323] [ 20.028360] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.028982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.029032] Hardware name: linux,dummy-virt (DT) [ 20.029087] Call trace: [ 20.029138] show_stack+0x20/0x38 (C) [ 20.029316] dump_stack_lvl+0x8c/0xd0 [ 20.029578] print_report+0x118/0x5d0 [ 20.029771] kasan_report+0xdc/0x128 [ 20.029982] kasan_check_range+0x100/0x1a8 [ 20.030259] __kasan_check_write+0x20/0x30 [ 20.031854] kasan_atomics_helper+0x126c/0x4858 [ 20.031971] kasan_atomics+0x198/0x2e0 [ 20.032532] kunit_try_run_case+0x170/0x3f0 [ 20.032830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.035162] kthread+0x328/0x630 [ 20.035386] ret_from_fork+0x10/0x20 [ 20.035439] [ 20.035460] Allocated by task 267: [ 20.035638] kasan_save_stack+0x3c/0x68 [ 20.035971] kasan_save_track+0x20/0x40 [ 20.036574] kasan_save_alloc_info+0x40/0x58 [ 20.036855] __kasan_kmalloc+0xd4/0xd8 [ 20.036916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.037030] kasan_atomics+0xb8/0x2e0 [ 20.037126] kunit_try_run_case+0x170/0x3f0 [ 20.037255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.037669] kthread+0x328/0x630 [ 20.037831] ret_from_fork+0x10/0x20 [ 20.038001] [ 20.038034] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.038034] which belongs to the cache kmalloc-64 of size 64 [ 20.038148] The buggy address is located 0 bytes to the right of [ 20.038148] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.038354] [ 20.038644] The buggy address belongs to the physical page: [ 20.038962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.039051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.039720] page_type: f5(slab) [ 20.039773] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.040317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.040515] page dumped because: kasan: bad access detected [ 20.040558] [ 20.040692] Memory state around the buggy address: [ 20.040959] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.041138] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.041399] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.041454] ^ [ 20.041492] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042317] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042441] ================================================================== [ 19.756381] ================================================================== [ 19.756433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.756482] Read of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.756532] [ 19.756562] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.756641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.756669] Hardware name: linux,dummy-virt (DT) [ 19.756701] Call trace: [ 19.756724] show_stack+0x20/0x38 (C) [ 19.756772] dump_stack_lvl+0x8c/0xd0 [ 19.756823] print_report+0x118/0x5d0 [ 19.756873] kasan_report+0xdc/0x128 [ 19.756918] __asan_report_load4_noabort+0x20/0x30 [ 19.757105] kasan_atomics_helper+0x42d8/0x4858 [ 19.757161] kasan_atomics+0x198/0x2e0 [ 19.757205] kunit_try_run_case+0x170/0x3f0 [ 19.757255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.757321] kthread+0x328/0x630 [ 19.757375] ret_from_fork+0x10/0x20 [ 19.757430] [ 19.757450] Allocated by task 267: [ 19.757478] kasan_save_stack+0x3c/0x68 [ 19.757654] kasan_save_track+0x20/0x40 [ 19.757694] kasan_save_alloc_info+0x40/0x58 [ 19.757734] __kasan_kmalloc+0xd4/0xd8 [ 19.758026] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.758118] kasan_atomics+0xb8/0x2e0 [ 19.758175] kunit_try_run_case+0x170/0x3f0 [ 19.758215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.758271] kthread+0x328/0x630 [ 19.758320] ret_from_fork+0x10/0x20 [ 19.758368] [ 19.758391] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.758391] which belongs to the cache kmalloc-64 of size 64 [ 19.758449] The buggy address is located 0 bytes to the right of [ 19.758449] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.758777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.759065] ^ [ 19.759193] ================================================================== [ 19.946184] ================================================================== [ 19.946315] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.946535] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.946648] [ 19.946698] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.946855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.946902] Hardware name: linux,dummy-virt (DT) [ 19.946935] Call trace: [ 19.947099] show_stack+0x20/0x38 (C) [ 19.947159] dump_stack_lvl+0x8c/0xd0 [ 19.947467] print_report+0x118/0x5d0 [ 19.947916] kasan_report+0xdc/0x128 [ 19.948073] kasan_check_range+0x100/0x1a8 [ 19.948181] __kasan_check_write+0x20/0x30 [ 19.948367] kasan_atomics_helper+0xeb8/0x4858 [ 19.948437] kasan_atomics+0x198/0x2e0 [ 19.948659] kunit_try_run_case+0x170/0x3f0 [ 19.949069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.949183] kthread+0x328/0x630 [ 19.949465] ret_from_fork+0x10/0x20 [ 19.949644] [ 19.949669] Allocated by task 267: [ 19.949759] kasan_save_stack+0x3c/0x68 [ 19.950017] kasan_save_track+0x20/0x40 [ 19.950295] kasan_save_alloc_info+0x40/0x58 [ 19.951100] __kasan_kmalloc+0xd4/0xd8 [ 19.951152] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.951192] kasan_atomics+0xb8/0x2e0 [ 19.951227] kunit_try_run_case+0x170/0x3f0 [ 19.951269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.951324] kthread+0x328/0x630 [ 19.951363] ret_from_fork+0x10/0x20 [ 19.951401] [ 19.951647] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.951647] which belongs to the cache kmalloc-64 of size 64 [ 19.951973] The buggy address is located 0 bytes to the right of [ 19.951973] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.952211] [ 19.952245] The buggy address belongs to the physical page: [ 19.952719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.952964] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.953083] page_type: f5(slab) [ 19.953124] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.953726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.953823] page dumped because: kasan: bad access detected [ 19.953908] [ 19.953930] Memory state around the buggy address: [ 19.954148] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.954236] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.954636] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.954798] ^ [ 19.954926] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.954989] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.955191] ================================================================== [ 19.769864] ================================================================== [ 19.769940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 19.770054] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.770106] [ 19.770166] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.770275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.770335] Hardware name: linux,dummy-virt (DT) [ 19.770390] Call trace: [ 19.770415] show_stack+0x20/0x38 (C) [ 19.770482] dump_stack_lvl+0x8c/0xd0 [ 19.770573] print_report+0x118/0x5d0 [ 19.770618] kasan_report+0xdc/0x128 [ 19.770664] kasan_check_range+0x100/0x1a8 [ 19.770711] __kasan_check_write+0x20/0x30 [ 19.770760] kasan_atomics_helper+0xa04/0x4858 [ 19.770807] kasan_atomics+0x198/0x2e0 [ 19.771475] kunit_try_run_case+0x170/0x3f0 [ 19.771588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.771905] kthread+0x328/0x630 [ 19.772000] ret_from_fork+0x10/0x20 [ 19.772080] [ 19.772129] Allocated by task 267: [ 19.772218] kasan_save_stack+0x3c/0x68 [ 19.772332] kasan_save_track+0x20/0x40 [ 19.772398] kasan_save_alloc_info+0x40/0x58 [ 19.772439] __kasan_kmalloc+0xd4/0xd8 [ 19.772476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.772629] kasan_atomics+0xb8/0x2e0 [ 19.772673] kunit_try_run_case+0x170/0x3f0 [ 19.772715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.772759] kthread+0x328/0x630 [ 19.772840] ret_from_fork+0x10/0x20 [ 19.772945] [ 19.772976] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.772976] which belongs to the cache kmalloc-64 of size 64 [ 19.773157] The buggy address is located 0 bytes to the right of [ 19.773157] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.773291] [ 19.773314] The buggy address belongs to the physical page: [ 19.773346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.773521] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.773579] page_type: f5(slab) [ 19.773616] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.773701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.773846] page dumped because: kasan: bad access detected [ 19.773923] [ 19.774009] Memory state around the buggy address: [ 19.774065] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.774137] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.774182] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.774384] ^ [ 19.774452] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.774498] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.774785] ================================================================== [ 19.967647] ================================================================== [ 19.967700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.967754] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.968162] [ 19.968305] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.968434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.968614] Hardware name: linux,dummy-virt (DT) [ 19.968660] Call trace: [ 19.968865] show_stack+0x20/0x38 (C) [ 19.968935] dump_stack_lvl+0x8c/0xd0 [ 19.968988] print_report+0x118/0x5d0 [ 19.969041] kasan_report+0xdc/0x128 [ 19.969087] kasan_check_range+0x100/0x1a8 [ 19.969201] __kasan_check_write+0x20/0x30 [ 19.969256] kasan_atomics_helper+0xf88/0x4858 [ 19.969596] kasan_atomics+0x198/0x2e0 [ 19.969648] kunit_try_run_case+0x170/0x3f0 [ 19.969995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.970098] kthread+0x328/0x630 [ 19.970209] ret_from_fork+0x10/0x20 [ 19.970263] [ 19.970296] Allocated by task 267: [ 19.970361] kasan_save_stack+0x3c/0x68 [ 19.970431] kasan_save_track+0x20/0x40 [ 19.970469] kasan_save_alloc_info+0x40/0x58 [ 19.970632] __kasan_kmalloc+0xd4/0xd8 [ 19.970813] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.971144] kasan_atomics+0xb8/0x2e0 [ 19.971212] kunit_try_run_case+0x170/0x3f0 [ 19.971459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.971605] kthread+0x328/0x630 [ 19.971682] ret_from_fork+0x10/0x20 [ 19.971739] [ 19.971761] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.971761] which belongs to the cache kmalloc-64 of size 64 [ 19.971822] The buggy address is located 0 bytes to the right of [ 19.971822] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.971887] [ 19.972171] The buggy address belongs to the physical page: [ 19.972547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.972835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.973057] page_type: f5(slab) [ 19.973123] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.973317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.973489] page dumped because: kasan: bad access detected [ 19.973757] [ 19.973818] Memory state around the buggy address: [ 19.973977] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.974026] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.974081] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.974129] ^ [ 19.974178] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974239] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974292] ================================================================== [ 19.912987] ================================================================== [ 19.913135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.913188] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.913632] [ 19.913716] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.914076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.914231] Hardware name: linux,dummy-virt (DT) [ 19.914279] Call trace: [ 19.914318] show_stack+0x20/0x38 (C) [ 19.914578] dump_stack_lvl+0x8c/0xd0 [ 19.914811] print_report+0x118/0x5d0 [ 19.914961] kasan_report+0xdc/0x128 [ 19.915069] kasan_check_range+0x100/0x1a8 [ 19.915131] __kasan_check_read+0x20/0x30 [ 19.915386] kasan_atomics_helper+0xdd4/0x4858 [ 19.915579] kasan_atomics+0x198/0x2e0 [ 19.915996] kunit_try_run_case+0x170/0x3f0 [ 19.916112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.916237] kthread+0x328/0x630 [ 19.916371] ret_from_fork+0x10/0x20 [ 19.916485] [ 19.916513] Allocated by task 267: [ 19.916677] kasan_save_stack+0x3c/0x68 [ 19.916930] kasan_save_track+0x20/0x40 [ 19.916994] kasan_save_alloc_info+0x40/0x58 [ 19.917234] __kasan_kmalloc+0xd4/0xd8 [ 19.917297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.917341] kasan_atomics+0xb8/0x2e0 [ 19.917379] kunit_try_run_case+0x170/0x3f0 [ 19.917616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.917700] kthread+0x328/0x630 [ 19.917741] ret_from_fork+0x10/0x20 [ 19.917780] [ 19.917812] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.917812] which belongs to the cache kmalloc-64 of size 64 [ 19.917872] The buggy address is located 0 bytes to the right of [ 19.917872] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.917937] [ 19.917968] The buggy address belongs to the physical page: [ 19.918010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.918066] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.918115] page_type: f5(slab) [ 19.918163] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.918215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.918267] page dumped because: kasan: bad access detected [ 19.918334] [ 19.918361] Memory state around the buggy address: [ 19.918412] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.918469] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.918514] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.918554] ^ [ 19.918598] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.918650] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.918700] ================================================================== [ 19.920653] ================================================================== [ 19.920833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.920895] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.921333] [ 19.921386] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.921475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.921504] Hardware name: linux,dummy-virt (DT) [ 19.921537] Call trace: [ 19.921885] show_stack+0x20/0x38 (C) [ 19.921957] dump_stack_lvl+0x8c/0xd0 [ 19.922012] print_report+0x118/0x5d0 [ 19.922390] kasan_report+0xdc/0x128 [ 19.922530] __asan_report_load8_noabort+0x20/0x30 [ 19.922587] kasan_atomics_helper+0x3f58/0x4858 [ 19.922839] kasan_atomics+0x198/0x2e0 [ 19.922906] kunit_try_run_case+0x170/0x3f0 [ 19.922959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.923274] kthread+0x328/0x630 [ 19.923401] ret_from_fork+0x10/0x20 [ 19.923757] [ 19.923812] Allocated by task 267: [ 19.923946] kasan_save_stack+0x3c/0x68 [ 19.924042] kasan_save_track+0x20/0x40 [ 19.924344] kasan_save_alloc_info+0x40/0x58 [ 19.924395] __kasan_kmalloc+0xd4/0xd8 [ 19.924801] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.925071] kasan_atomics+0xb8/0x2e0 [ 19.925217] kunit_try_run_case+0x170/0x3f0 [ 19.925472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.926029] kthread+0x328/0x630 [ 19.926080] ret_from_fork+0x10/0x20 [ 19.926420] [ 19.926627] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.926627] which belongs to the cache kmalloc-64 of size 64 [ 19.926994] The buggy address is located 0 bytes to the right of [ 19.926994] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.927224] [ 19.927315] The buggy address belongs to the physical page: [ 19.927435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.927547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.927760] page_type: f5(slab) [ 19.927969] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.928208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.928302] page dumped because: kasan: bad access detected [ 19.928576] [ 19.928674] Memory state around the buggy address: [ 19.929003] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.929203] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.929532] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.929764] ^ [ 19.929835] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.930049] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.930231] ================================================================== [ 19.931494] ================================================================== [ 19.931557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.931608] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.931658] [ 19.931689] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.931771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.931799] Hardware name: linux,dummy-virt (DT) [ 19.931832] Call trace: [ 19.931855] show_stack+0x20/0x38 (C) [ 19.931905] dump_stack_lvl+0x8c/0xd0 [ 19.931956] print_report+0x118/0x5d0 [ 19.932003] kasan_report+0xdc/0x128 [ 19.932049] kasan_check_range+0x100/0x1a8 [ 19.932096] __kasan_check_write+0x20/0x30 [ 19.932144] kasan_atomics_helper+0xe44/0x4858 [ 19.932192] kasan_atomics+0x198/0x2e0 [ 19.932235] kunit_try_run_case+0x170/0x3f0 [ 19.932299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932360] kthread+0x328/0x630 [ 19.932420] ret_from_fork+0x10/0x20 [ 19.932469] [ 19.932489] Allocated by task 267: [ 19.932528] kasan_save_stack+0x3c/0x68 [ 19.932574] kasan_save_track+0x20/0x40 [ 19.932614] kasan_save_alloc_info+0x40/0x58 [ 19.932653] __kasan_kmalloc+0xd4/0xd8 [ 19.932688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.932737] kasan_atomics+0xb8/0x2e0 [ 19.932774] kunit_try_run_case+0x170/0x3f0 [ 19.932815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932868] kthread+0x328/0x630 [ 19.932916] ret_from_fork+0x10/0x20 [ 19.932955] [ 19.932981] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.932981] which belongs to the cache kmalloc-64 of size 64 [ 19.933039] The buggy address is located 0 bytes to the right of [ 19.933039] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.933103] [ 19.933125] The buggy address belongs to the physical page: [ 19.933157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.933210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.933260] page_type: f5(slab) [ 19.933905] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.934522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.934582] page dumped because: kasan: bad access detected [ 19.934617] [ 19.934794] Memory state around the buggy address: [ 19.935077] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.935200] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.935258] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.935355] ^ [ 19.935391] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.935454] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.935495] ================================================================== [ 20.021631] ================================================================== [ 20.021732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.021782] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.021836] [ 20.022363] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.022615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.022674] Hardware name: linux,dummy-virt (DT) [ 20.022830] Call trace: [ 20.022890] show_stack+0x20/0x38 (C) [ 20.023046] dump_stack_lvl+0x8c/0xd0 [ 20.023120] print_report+0x118/0x5d0 [ 20.023174] kasan_report+0xdc/0x128 [ 20.023221] kasan_check_range+0x100/0x1a8 [ 20.023406] __kasan_check_write+0x20/0x30 [ 20.023585] kasan_atomics_helper+0x11f8/0x4858 [ 20.023854] kasan_atomics+0x198/0x2e0 [ 20.024065] kunit_try_run_case+0x170/0x3f0 [ 20.024182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.024365] kthread+0x328/0x630 [ 20.024431] ret_from_fork+0x10/0x20 [ 20.024638] [ 20.024857] Allocated by task 267: [ 20.024899] kasan_save_stack+0x3c/0x68 [ 20.024945] kasan_save_track+0x20/0x40 [ 20.024995] kasan_save_alloc_info+0x40/0x58 [ 20.025061] __kasan_kmalloc+0xd4/0xd8 [ 20.025112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.025161] kasan_atomics+0xb8/0x2e0 [ 20.025198] kunit_try_run_case+0x170/0x3f0 [ 20.025240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.025293] kthread+0x328/0x630 [ 20.025337] ret_from_fork+0x10/0x20 [ 20.025376] [ 20.025412] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.025412] which belongs to the cache kmalloc-64 of size 64 [ 20.025492] The buggy address is located 0 bytes to the right of [ 20.025492] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.025568] [ 20.025608] The buggy address belongs to the physical page: [ 20.025664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.025718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.025768] page_type: f5(slab) [ 20.025807] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.025868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.025926] page dumped because: kasan: bad access detected [ 20.025966] [ 20.025997] Memory state around the buggy address: [ 20.026040] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.026087] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.026132] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.026188] ^ [ 20.026223] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.026267] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.026747] ================================================================== [ 19.975644] ================================================================== [ 19.975728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.975781] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.976159] [ 19.976222] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.976320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.976501] Hardware name: linux,dummy-virt (DT) [ 19.976546] Call trace: [ 19.976764] show_stack+0x20/0x38 (C) [ 19.976826] dump_stack_lvl+0x8c/0xd0 [ 19.976888] print_report+0x118/0x5d0 [ 19.976934] kasan_report+0xdc/0x128 [ 19.977060] kasan_check_range+0x100/0x1a8 [ 19.977145] __kasan_check_write+0x20/0x30 [ 19.977196] kasan_atomics_helper+0xff0/0x4858 [ 19.977408] kasan_atomics+0x198/0x2e0 [ 19.977464] kunit_try_run_case+0x170/0x3f0 [ 19.977645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.977914] kthread+0x328/0x630 [ 19.978095] ret_from_fork+0x10/0x20 [ 19.978156] [ 19.978176] Allocated by task 267: [ 19.978267] kasan_save_stack+0x3c/0x68 [ 19.978331] kasan_save_track+0x20/0x40 [ 19.978369] kasan_save_alloc_info+0x40/0x58 [ 19.978577] __kasan_kmalloc+0xd4/0xd8 [ 19.978752] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.979082] kasan_atomics+0xb8/0x2e0 [ 19.979178] kunit_try_run_case+0x170/0x3f0 [ 19.979329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.979493] kthread+0x328/0x630 [ 19.979579] ret_from_fork+0x10/0x20 [ 19.979627] [ 19.979650] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.979650] which belongs to the cache kmalloc-64 of size 64 [ 19.979712] The buggy address is located 0 bytes to the right of [ 19.979712] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.980055] [ 19.980133] The buggy address belongs to the physical page: [ 19.980487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.980898] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.981367] page_type: f5(slab) [ 19.981436] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.981633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.981862] page dumped because: kasan: bad access detected [ 19.981923] [ 19.982396] Memory state around the buggy address: [ 19.982465] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.982522] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.982861] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.983097] ^ [ 19.983148] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.983341] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.983440] ================================================================== [ 20.053438] ================================================================== [ 20.053501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 20.053815] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.054011] [ 20.054056] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.054146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.054266] Hardware name: linux,dummy-virt (DT) [ 20.054327] Call trace: [ 20.054354] show_stack+0x20/0x38 (C) [ 20.054406] dump_stack_lvl+0x8c/0xd0 [ 20.054459] print_report+0x118/0x5d0 [ 20.054504] kasan_report+0xdc/0x128 [ 20.054550] kasan_check_range+0x100/0x1a8 [ 20.054597] __kasan_check_write+0x20/0x30 [ 20.054645] kasan_atomics_helper+0x1384/0x4858 [ 20.054716] kasan_atomics+0x198/0x2e0 [ 20.054771] kunit_try_run_case+0x170/0x3f0 [ 20.054821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.054873] kthread+0x328/0x630 [ 20.054919] ret_from_fork+0x10/0x20 [ 20.054968] [ 20.054989] Allocated by task 267: [ 20.055023] kasan_save_stack+0x3c/0x68 [ 20.055065] kasan_save_track+0x20/0x40 [ 20.055103] kasan_save_alloc_info+0x40/0x58 [ 20.055144] __kasan_kmalloc+0xd4/0xd8 [ 20.055795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.056107] kasan_atomics+0xb8/0x2e0 [ 20.056297] kunit_try_run_case+0x170/0x3f0 [ 20.056879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.056996] kthread+0x328/0x630 [ 20.057197] ret_from_fork+0x10/0x20 [ 20.057391] [ 20.057593] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.057593] which belongs to the cache kmalloc-64 of size 64 [ 20.057690] The buggy address is located 0 bytes to the right of [ 20.057690] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.058180] [ 20.058475] The buggy address belongs to the physical page: [ 20.058627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.059039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.059131] page_type: f5(slab) [ 20.059172] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.059233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.059276] page dumped because: kasan: bad access detected [ 20.059859] [ 20.060069] Memory state around the buggy address: [ 20.060142] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.060357] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.060734] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.061159] ^ [ 20.061320] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.061519] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.061820] ================================================================== [ 20.166001] ================================================================== [ 20.166064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 20.166244] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.166374] [ 20.166427] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.166704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.166774] Hardware name: linux,dummy-virt (DT) [ 20.166857] Call trace: [ 20.166883] show_stack+0x20/0x38 (C) [ 20.166937] dump_stack_lvl+0x8c/0xd0 [ 20.166988] print_report+0x118/0x5d0 [ 20.167273] kasan_report+0xdc/0x128 [ 20.167669] kasan_check_range+0x100/0x1a8 [ 20.167795] __kasan_check_write+0x20/0x30 [ 20.167889] kasan_atomics_helper+0x175c/0x4858 [ 20.168069] kasan_atomics+0x198/0x2e0 [ 20.168295] kunit_try_run_case+0x170/0x3f0 [ 20.168386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.168751] kthread+0x328/0x630 [ 20.169063] ret_from_fork+0x10/0x20 [ 20.169415] [ 20.169577] Allocated by task 267: [ 20.169624] kasan_save_stack+0x3c/0x68 [ 20.169703] kasan_save_track+0x20/0x40 [ 20.169741] kasan_save_alloc_info+0x40/0x58 [ 20.169781] __kasan_kmalloc+0xd4/0xd8 [ 20.169819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.169887] kasan_atomics+0xb8/0x2e0 [ 20.169943] kunit_try_run_case+0x170/0x3f0 [ 20.169985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.170029] kthread+0x328/0x630 [ 20.170066] ret_from_fork+0x10/0x20 [ 20.170103] [ 20.170139] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.170139] which belongs to the cache kmalloc-64 of size 64 [ 20.170199] The buggy address is located 0 bytes to the right of [ 20.170199] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.170273] [ 20.170316] The buggy address belongs to the physical page: [ 20.170358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.170411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.170471] page_type: f5(slab) [ 20.170511] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.170562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.170605] page dumped because: kasan: bad access detected [ 20.170652] [ 20.170681] Memory state around the buggy address: [ 20.170715] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.171074] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.171522] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.171620] ^ [ 20.171669] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.171725] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.171807] ================================================================== [ 20.043232] ================================================================== [ 20.043359] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 20.043413] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.043602] [ 20.043650] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.043933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.043977] Hardware name: linux,dummy-virt (DT) [ 20.044323] Call trace: [ 20.044428] show_stack+0x20/0x38 (C) [ 20.044526] dump_stack_lvl+0x8c/0xd0 [ 20.044623] print_report+0x118/0x5d0 [ 20.044812] kasan_report+0xdc/0x128 [ 20.044929] kasan_check_range+0x100/0x1a8 [ 20.044990] __kasan_check_write+0x20/0x30 [ 20.045152] kasan_atomics_helper+0x12d8/0x4858 [ 20.045450] kasan_atomics+0x198/0x2e0 [ 20.045602] kunit_try_run_case+0x170/0x3f0 [ 20.045731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.045816] kthread+0x328/0x630 [ 20.046045] ret_from_fork+0x10/0x20 [ 20.046138] [ 20.046219] Allocated by task 267: [ 20.046443] kasan_save_stack+0x3c/0x68 [ 20.046559] kasan_save_track+0x20/0x40 [ 20.046602] kasan_save_alloc_info+0x40/0x58 [ 20.046868] __kasan_kmalloc+0xd4/0xd8 [ 20.046980] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.047091] kasan_atomics+0xb8/0x2e0 [ 20.047363] kunit_try_run_case+0x170/0x3f0 [ 20.047505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.048363] kthread+0x328/0x630 [ 20.048443] ret_from_fork+0x10/0x20 [ 20.048517] [ 20.048562] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.048562] which belongs to the cache kmalloc-64 of size 64 [ 20.048646] The buggy address is located 0 bytes to the right of [ 20.048646] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.048714] [ 20.048736] The buggy address belongs to the physical page: [ 20.049103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.049260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.049639] page_type: f5(slab) [ 20.050053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.050400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.050682] page dumped because: kasan: bad access detected [ 20.050864] [ 20.051330] Memory state around the buggy address: [ 20.051406] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.051487] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.051543] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.051583] ^ [ 20.051620] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.051972] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.052175] ================================================================== [ 19.903131] ================================================================== [ 19.903612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.903682] Read of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.903736] [ 19.903773] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.903852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.903881] Hardware name: linux,dummy-virt (DT) [ 19.904080] Call trace: [ 19.904215] show_stack+0x20/0x38 (C) [ 19.904357] dump_stack_lvl+0x8c/0xd0 [ 19.904416] print_report+0x118/0x5d0 [ 19.904464] kasan_report+0xdc/0x128 [ 19.904901] __asan_report_load4_noabort+0x20/0x30 [ 19.905221] kasan_atomics_helper+0x3e04/0x4858 [ 19.905303] kasan_atomics+0x198/0x2e0 [ 19.905436] kunit_try_run_case+0x170/0x3f0 [ 19.905520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.905574] kthread+0x328/0x630 [ 19.905889] ret_from_fork+0x10/0x20 [ 19.906133] [ 19.906167] Allocated by task 267: [ 19.906332] kasan_save_stack+0x3c/0x68 [ 19.906380] kasan_save_track+0x20/0x40 [ 19.906418] kasan_save_alloc_info+0x40/0x58 [ 19.906460] __kasan_kmalloc+0xd4/0xd8 [ 19.906497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.906537] kasan_atomics+0xb8/0x2e0 [ 19.906591] kunit_try_run_case+0x170/0x3f0 [ 19.906643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.906689] kthread+0x328/0x630 [ 19.906744] ret_from_fork+0x10/0x20 [ 19.906799] [ 19.906854] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.906854] which belongs to the cache kmalloc-64 of size 64 [ 19.906915] The buggy address is located 0 bytes to the right of [ 19.906915] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.907239] [ 19.907339] The buggy address belongs to the physical page: [ 19.907660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.908103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.908504] page_type: f5(slab) [ 19.908604] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.908769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.909071] page dumped because: kasan: bad access detected [ 19.909488] [ 19.909659] Memory state around the buggy address: [ 19.909725] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.910150] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.910390] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.910436] ^ [ 19.910695] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.911092] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.911150] ================================================================== [ 19.633071] ================================================================== [ 19.633143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 19.633271] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.633950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.634376] print_report+0x118/0x5d0 [ 19.635182] kasan_atomics+0x198/0x2e0 [ 19.635775] ret_from_fork+0x10/0x20 [ 19.636661] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.637249] The buggy address is located 0 bytes to the right of [ 19.637249] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.637670] page dumped because: kasan: bad access detected [ 19.637825] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.638056] ================================================================== [ 20.154466] ================================================================== [ 20.155009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 20.155277] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.155346] [ 20.155619] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.156068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.156303] Hardware name: linux,dummy-virt (DT) [ 20.156632] Call trace: [ 20.156912] show_stack+0x20/0x38 (C) [ 20.157063] dump_stack_lvl+0x8c/0xd0 [ 20.157120] print_report+0x118/0x5d0 [ 20.157236] kasan_report+0xdc/0x128 [ 20.157728] __asan_report_load8_noabort+0x20/0x30 [ 20.158077] kasan_atomics_helper+0x3e10/0x4858 [ 20.158374] kasan_atomics+0x198/0x2e0 [ 20.158630] kunit_try_run_case+0x170/0x3f0 [ 20.158861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.159155] kthread+0x328/0x630 [ 20.159343] ret_from_fork+0x10/0x20 [ 20.159402] [ 20.159436] Allocated by task 267: [ 20.159467] kasan_save_stack+0x3c/0x68 [ 20.159717] kasan_save_track+0x20/0x40 [ 20.160011] kasan_save_alloc_info+0x40/0x58 [ 20.160322] __kasan_kmalloc+0xd4/0xd8 [ 20.160478] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.160610] kasan_atomics+0xb8/0x2e0 [ 20.160694] kunit_try_run_case+0x170/0x3f0 [ 20.160742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.161067] kthread+0x328/0x630 [ 20.161484] ret_from_fork+0x10/0x20 [ 20.161716] [ 20.161772] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.161772] which belongs to the cache kmalloc-64 of size 64 [ 20.161852] The buggy address is located 0 bytes to the right of [ 20.161852] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.162413] [ 20.162484] The buggy address belongs to the physical page: [ 20.162820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.162919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.163002] page_type: f5(slab) [ 20.163046] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.163297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.163568] page dumped because: kasan: bad access detected [ 20.163826] [ 20.164026] Memory state around the buggy address: [ 20.164069] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.164139] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.164501] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.164585] ^ [ 20.164912] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.164968] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.165321] ================================================================== [ 19.890105] ================================================================== [ 19.890162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.890577] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.890649] [ 19.890772] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.890860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.891082] Hardware name: linux,dummy-virt (DT) [ 19.891337] Call trace: [ 19.891749] show_stack+0x20/0x38 (C) [ 19.892004] dump_stack_lvl+0x8c/0xd0 [ 19.892315] print_report+0x118/0x5d0 [ 19.892482] kasan_report+0xdc/0x128 [ 19.892942] kasan_check_range+0x100/0x1a8 [ 19.893054] __kasan_check_write+0x20/0x30 [ 19.893432] kasan_atomics_helper+0xd3c/0x4858 [ 19.893804] kasan_atomics+0x198/0x2e0 [ 19.894133] kunit_try_run_case+0x170/0x3f0 [ 19.894278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.894508] kthread+0x328/0x630 [ 19.895143] ret_from_fork+0x10/0x20 [ 19.895542] [ 19.895574] Allocated by task 267: [ 19.895606] kasan_save_stack+0x3c/0x68 [ 19.895650] kasan_save_track+0x20/0x40 [ 19.895689] kasan_save_alloc_info+0x40/0x58 [ 19.896431] __kasan_kmalloc+0xd4/0xd8 [ 19.896604] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.896653] kasan_atomics+0xb8/0x2e0 [ 19.896888] kunit_try_run_case+0x170/0x3f0 [ 19.896961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.897101] kthread+0x328/0x630 [ 19.897437] ret_from_fork+0x10/0x20 [ 19.897699] [ 19.897910] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.897910] which belongs to the cache kmalloc-64 of size 64 [ 19.898349] The buggy address is located 0 bytes to the right of [ 19.898349] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.898471] [ 19.898704] The buggy address belongs to the physical page: [ 19.898861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.899109] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.899166] page_type: f5(slab) [ 19.899400] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.900023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.900361] page dumped because: kasan: bad access detected [ 19.900572] [ 19.900633] Memory state around the buggy address: [ 19.900993] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.901294] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.901834] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.901980] ^ [ 19.902065] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.902305] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.902577] ================================================================== [ 19.990531] ================================================================== [ 19.990584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.990636] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.991025] [ 19.991107] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.991392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.991453] Hardware name: linux,dummy-virt (DT) [ 19.991706] Call trace: [ 19.991916] show_stack+0x20/0x38 (C) [ 19.992006] dump_stack_lvl+0x8c/0xd0 [ 19.992324] print_report+0x118/0x5d0 [ 19.992517] kasan_report+0xdc/0x128 [ 19.992673] kasan_check_range+0x100/0x1a8 [ 19.992950] __kasan_check_write+0x20/0x30 [ 19.993095] kasan_atomics_helper+0x10c0/0x4858 [ 19.993445] kasan_atomics+0x198/0x2e0 [ 19.993619] kunit_try_run_case+0x170/0x3f0 [ 19.993875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.994082] kthread+0x328/0x630 [ 19.994340] ret_from_fork+0x10/0x20 [ 19.994557] [ 19.994600] Allocated by task 267: [ 19.994708] kasan_save_stack+0x3c/0x68 [ 19.994800] kasan_save_track+0x20/0x40 [ 19.994839] kasan_save_alloc_info+0x40/0x58 [ 19.995085] __kasan_kmalloc+0xd4/0xd8 [ 19.995202] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.995380] kasan_atomics+0xb8/0x2e0 [ 19.995800] kunit_try_run_case+0x170/0x3f0 [ 19.995948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.996052] kthread+0x328/0x630 [ 19.996880] ret_from_fork+0x10/0x20 [ 19.996966] [ 19.997078] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.997078] which belongs to the cache kmalloc-64 of size 64 [ 19.997143] The buggy address is located 0 bytes to the right of [ 19.997143] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.997473] [ 19.997563] The buggy address belongs to the physical page: [ 19.997865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.997977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.998460] page_type: f5(slab) [ 19.998524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.998870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.999255] page dumped because: kasan: bad access detected [ 19.999527] [ 19.999576] Memory state around the buggy address: [ 19.999726] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.999988] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.000245] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.000430] ^ [ 20.000490] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.000727] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.000924] ================================================================== [ 20.112746] ================================================================== [ 20.112799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 20.112849] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.112900] [ 20.112931] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.113012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.113042] Hardware name: linux,dummy-virt (DT) [ 20.113095] Call trace: [ 20.113119] show_stack+0x20/0x38 (C) [ 20.113178] dump_stack_lvl+0x8c/0xd0 [ 20.113237] print_report+0x118/0x5d0 [ 20.113298] kasan_report+0xdc/0x128 [ 20.113352] kasan_check_range+0x100/0x1a8 [ 20.113410] __kasan_check_write+0x20/0x30 [ 20.113473] kasan_atomics_helper+0x15b4/0x4858 [ 20.113530] kasan_atomics+0x198/0x2e0 [ 20.113576] kunit_try_run_case+0x170/0x3f0 [ 20.113632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.113708] kthread+0x328/0x630 [ 20.113764] ret_from_fork+0x10/0x20 [ 20.113813] [ 20.113834] Allocated by task 267: [ 20.113864] kasan_save_stack+0x3c/0x68 [ 20.113910] kasan_save_track+0x20/0x40 [ 20.113957] kasan_save_alloc_info+0x40/0x58 [ 20.114006] __kasan_kmalloc+0xd4/0xd8 [ 20.114044] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.114085] kasan_atomics+0xb8/0x2e0 [ 20.114126] kunit_try_run_case+0x170/0x3f0 [ 20.114166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.114208] kthread+0x328/0x630 [ 20.114246] ret_from_fork+0x10/0x20 [ 20.114725] [ 20.115212] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.115212] which belongs to the cache kmalloc-64 of size 64 [ 20.115312] The buggy address is located 0 bytes to the right of [ 20.115312] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.115412] [ 20.115523] The buggy address belongs to the physical page: [ 20.115558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.115893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.116121] page_type: f5(slab) [ 20.116514] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.116741] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.117319] page dumped because: kasan: bad access detected [ 20.117699] [ 20.117794] Memory state around the buggy address: [ 20.117899] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.118139] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.118508] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.118654] ^ [ 20.118909] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.118981] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.119251] ================================================================== [ 20.129582] ================================================================== [ 20.129714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 20.130083] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.130322] [ 20.130368] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.130451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.130662] Hardware name: linux,dummy-virt (DT) [ 20.130723] Call trace: [ 20.130751] show_stack+0x20/0x38 (C) [ 20.131068] dump_stack_lvl+0x8c/0xd0 [ 20.131457] print_report+0x118/0x5d0 [ 20.131532] kasan_report+0xdc/0x128 [ 20.131631] kasan_check_range+0x100/0x1a8 [ 20.131694] __kasan_check_write+0x20/0x30 [ 20.131743] kasan_atomics_helper+0x1644/0x4858 [ 20.131792] kasan_atomics+0x198/0x2e0 [ 20.131838] kunit_try_run_case+0x170/0x3f0 [ 20.132410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.132596] kthread+0x328/0x630 [ 20.132796] ret_from_fork+0x10/0x20 [ 20.132966] [ 20.132999] Allocated by task 267: [ 20.133029] kasan_save_stack+0x3c/0x68 [ 20.133633] kasan_save_track+0x20/0x40 [ 20.133974] kasan_save_alloc_info+0x40/0x58 [ 20.134087] __kasan_kmalloc+0xd4/0xd8 [ 20.134144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.134257] kasan_atomics+0xb8/0x2e0 [ 20.134308] kunit_try_run_case+0x170/0x3f0 [ 20.134412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.134687] kthread+0x328/0x630 [ 20.134835] ret_from_fork+0x10/0x20 [ 20.135065] [ 20.135260] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.135260] which belongs to the cache kmalloc-64 of size 64 [ 20.136011] The buggy address is located 0 bytes to the right of [ 20.136011] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.136124] [ 20.136179] The buggy address belongs to the physical page: [ 20.136232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.136571] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.136650] page_type: f5(slab) [ 20.137178] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.137548] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.137598] page dumped because: kasan: bad access detected [ 20.137878] [ 20.137999] Memory state around the buggy address: [ 20.138046] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.138093] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.138147] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.138208] ^ [ 20.138245] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.138298] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.138337] ================================================================== [ 19.936554] ================================================================== [ 19.936888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.937300] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.937371] [ 19.937508] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.937628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.937702] Hardware name: linux,dummy-virt (DT) [ 19.937736] Call trace: [ 19.937774] show_stack+0x20/0x38 (C) [ 19.937829] dump_stack_lvl+0x8c/0xd0 [ 19.937886] print_report+0x118/0x5d0 [ 19.938086] kasan_report+0xdc/0x128 [ 19.938140] __asan_report_store8_noabort+0x20/0x30 [ 19.938296] kasan_atomics_helper+0x3e5c/0x4858 [ 19.938688] kasan_atomics+0x198/0x2e0 [ 19.938763] kunit_try_run_case+0x170/0x3f0 [ 19.938926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.939079] kthread+0x328/0x630 [ 19.939176] ret_from_fork+0x10/0x20 [ 19.939237] [ 19.939504] Allocated by task 267: [ 19.939757] kasan_save_stack+0x3c/0x68 [ 19.940043] kasan_save_track+0x20/0x40 [ 19.940239] kasan_save_alloc_info+0x40/0x58 [ 19.940382] __kasan_kmalloc+0xd4/0xd8 [ 19.940461] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.940593] kasan_atomics+0xb8/0x2e0 [ 19.940632] kunit_try_run_case+0x170/0x3f0 [ 19.940835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.941070] kthread+0x328/0x630 [ 19.941147] ret_from_fork+0x10/0x20 [ 19.941331] [ 19.941400] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.941400] which belongs to the cache kmalloc-64 of size 64 [ 19.941841] The buggy address is located 0 bytes to the right of [ 19.941841] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.942022] [ 19.942331] The buggy address belongs to the physical page: [ 19.942385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.942546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.942637] page_type: f5(slab) [ 19.942678] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.942943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.943434] page dumped because: kasan: bad access detected [ 19.943653] [ 19.943681] Memory state around the buggy address: [ 19.943895] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.944069] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.944175] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.944427] ^ [ 19.944607] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.944711] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.944754] ================================================================== [ 19.779690] ================================================================== [ 19.779741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.779790] Write of size 4 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.779840] [ 19.780065] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.780180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.780218] Hardware name: linux,dummy-virt (DT) [ 19.780261] Call trace: [ 19.780296] show_stack+0x20/0x38 (C) [ 19.780346] dump_stack_lvl+0x8c/0xd0 [ 19.780396] print_report+0x118/0x5d0 [ 19.780442] kasan_report+0xdc/0x128 [ 19.780489] kasan_check_range+0x100/0x1a8 [ 19.780538] __kasan_check_write+0x20/0x30 [ 19.780694] kunit_try_run_case+0x170/0x3f0 [ 19.780964] kasan_save_stack+0x3c/0x68 [ 19.781016] kasan_save_track+0x20/0x40 [ 19.781063] kasan_save_alloc_info+0x40/0x58 [ 19.781105] __kasan_kmalloc+0xd4/0xd8 [ 19.781142] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.781191] kasan_atomics+0xb8/0x2e0 [ 19.781228] kunit_try_run_case+0x170/0x3f0 [ 19.781269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.781847] kthread+0x328/0x630 [ 19.781907] ret_from_fork+0x10/0x20 [ 19.782040] [ 19.782087] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.782087] which belongs to the cache kmalloc-64 of size 64 [ 19.782149] The buggy address is located 0 bytes to the right of [ 19.782149] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.782215] [ 19.782273] The buggy address belongs to the physical page: [ 19.782321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.782374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.782423] page_type: f5(slab) [ 19.782498] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.782681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.782815] [ 19.783188] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.783644] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.784896] [ 19.785038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.785098] Call trace: [ 19.785516] kasan_atomics_helper+0x3dcc/0x4858 [ 19.785772] kthread+0x328/0x630 [ 19.786313] kasan_save_alloc_info+0x40/0x58 [ 19.786353] __kasan_kmalloc+0xd4/0xd8 [ 19.786390] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.786698] [ 19.786779] The buggy address is located 0 bytes to the right of [ 19.786779] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.787392] page_type: f5(slab) [ 19.787792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.787902] page dumped because: kasan: bad access detected [ 19.788343] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.788417] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.789697] kasan_report+0xdc/0x128 [ 19.790416] [ 19.792307] kasan_save_alloc_info+0x40/0x58 [ 19.792464] __kasan_kmalloc+0xd4/0xd8 [ 19.792505] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.793337] kasan_atomics+0xb8/0x2e0 [ 19.793529] kunit_try_run_case+0x170/0x3f0 [ 19.794038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.794415] kthread+0x328/0x630 [ 19.796682] [ 19.797534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.798169] [ 19.799599] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.801453] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.804821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.805008] print_report+0x118/0x5d0 [ 19.809247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.809372] kasan_atomics+0xb8/0x2e0 [ 19.809572] kunit_try_run_case+0x170/0x3f0 [ 19.810595] [ 19.810753] [ 19.810775] The buggy address belongs to the physical page: [ 19.811978] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.812493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.814998] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.815858] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.824333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.826825] kasan_report+0xdc/0x128 [ 19.828379] kunit_try_run_case+0x170/0x3f0 [ 19.829994] kasan_save_stack+0x3c/0x68 [ 19.831527] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.832495] kasan_atomics+0xb8/0x2e0 [ 19.832551] kunit_try_run_case+0x170/0x3f0 [ 19.833254] kthread+0x328/0x630 [ 19.833605] [ 19.833801] The buggy address is located 0 bytes to the right of [ 19.833801] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.837261] page dumped because: kasan: bad access detected [ 19.838446] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.838628] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.841593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 19.845319] dump_stack_lvl+0x8c/0xd0 [ 19.847410] kasan_atomics+0x198/0x2e0 [ 19.852478] kasan_atomics+0xb8/0x2e0 [ 19.853582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.853740] kthread+0x328/0x630 [ 19.854184] ret_from_fork+0x10/0x20 [ 19.854677] The buggy address is located 0 bytes to the right of [ 19.854677] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.856738] page dumped because: kasan: bad access detected [ 19.857723] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.865458] ================================================================== [ 19.956507] ================================================================== [ 19.956702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.956756] Write of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 19.956807] [ 19.957076] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.957542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.957720] Hardware name: linux,dummy-virt (DT) [ 19.957788] Call trace: [ 19.957815] show_stack+0x20/0x38 (C) [ 19.958023] dump_stack_lvl+0x8c/0xd0 [ 19.958222] print_report+0x118/0x5d0 [ 19.958277] kasan_report+0xdc/0x128 [ 19.958337] kasan_check_range+0x100/0x1a8 [ 19.958385] __kasan_check_write+0x20/0x30 [ 19.958434] kasan_atomics_helper+0xf20/0x4858 [ 19.958482] kasan_atomics+0x198/0x2e0 [ 19.958562] kunit_try_run_case+0x170/0x3f0 [ 19.958624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.958686] kthread+0x328/0x630 [ 19.959330] ret_from_fork+0x10/0x20 [ 19.959504] [ 19.959545] Allocated by task 267: [ 19.959986] kasan_save_stack+0x3c/0x68 [ 19.960221] kasan_save_track+0x20/0x40 [ 19.960555] kasan_save_alloc_info+0x40/0x58 [ 19.960834] __kasan_kmalloc+0xd4/0xd8 [ 19.961070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.961141] kasan_atomics+0xb8/0x2e0 [ 19.961481] kunit_try_run_case+0x170/0x3f0 [ 19.961924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.961981] kthread+0x328/0x630 [ 19.962690] ret_from_fork+0x10/0x20 [ 19.962946] [ 19.963014] The buggy address belongs to the object at fff00000c7a1ae00 [ 19.963014] which belongs to the cache kmalloc-64 of size 64 [ 19.963360] The buggy address is located 0 bytes to the right of [ 19.963360] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 19.963655] [ 19.963771] The buggy address belongs to the physical page: [ 19.963825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 19.964234] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.964387] page_type: f5(slab) [ 19.964515] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.964756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.964899] page dumped because: kasan: bad access detected [ 19.965062] [ 19.965315] Memory state around the buggy address: [ 19.965659] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.965828] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.966016] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.966202] ^ [ 19.966244] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.966300] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.966342] ================================================================== [ 20.173996] ================================================================== [ 20.174072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 20.174124] Read of size 8 at addr fff00000c7a1ae30 by task kunit_try_catch/267 [ 20.174183] [ 20.174397] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 20.174861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.175027] Hardware name: linux,dummy-virt (DT) [ 20.175180] Call trace: [ 20.175305] show_stack+0x20/0x38 (C) [ 20.175773] dump_stack_lvl+0x8c/0xd0 [ 20.175990] print_report+0x118/0x5d0 [ 20.176089] kasan_report+0xdc/0x128 [ 20.176139] __asan_report_load8_noabort+0x20/0x30 [ 20.176399] kasan_atomics_helper+0x3e20/0x4858 [ 20.176749] kasan_atomics+0x198/0x2e0 [ 20.176976] kunit_try_run_case+0x170/0x3f0 [ 20.177100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.177230] kthread+0x328/0x630 [ 20.177693] ret_from_fork+0x10/0x20 [ 20.177851] [ 20.178047] Allocated by task 267: [ 20.178340] kasan_save_stack+0x3c/0x68 [ 20.178408] kasan_save_track+0x20/0x40 [ 20.178602] kasan_save_alloc_info+0x40/0x58 [ 20.178645] __kasan_kmalloc+0xd4/0xd8 [ 20.178993] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.179131] kasan_atomics+0xb8/0x2e0 [ 20.179431] kunit_try_run_case+0x170/0x3f0 [ 20.179632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.179749] kthread+0x328/0x630 [ 20.179868] ret_from_fork+0x10/0x20 [ 20.179925] [ 20.179947] The buggy address belongs to the object at fff00000c7a1ae00 [ 20.179947] which belongs to the cache kmalloc-64 of size 64 [ 20.180007] The buggy address is located 0 bytes to the right of [ 20.180007] allocated 48-byte region [fff00000c7a1ae00, fff00000c7a1ae30) [ 20.180253] [ 20.180395] The buggy address belongs to the physical page: [ 20.180638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107a1a [ 20.181008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.181496] page_type: f5(slab) [ 20.181671] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.181777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.181823] page dumped because: kasan: bad access detected [ 20.182600] [ 20.182635] Memory state around the buggy address: [ 20.182675] fff00000c7a1ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.182967] fff00000c7a1ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.183199] >fff00000c7a1ae00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.183342] ^ [ 20.183492] fff00000c7a1ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183548] fff00000c7a1af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183967] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.543261] ================================================================== [ 19.543535] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.543723] Write of size 8 at addr fff00000c5a0ed88 by task kunit_try_catch/263 [ 19.543808] [ 19.543843] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.543931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.544110] Hardware name: linux,dummy-virt (DT) [ 19.544256] Call trace: [ 19.544296] show_stack+0x20/0x38 (C) [ 19.544349] dump_stack_lvl+0x8c/0xd0 [ 19.544480] print_report+0x118/0x5d0 [ 19.544554] kasan_report+0xdc/0x128 [ 19.544610] kasan_check_range+0x100/0x1a8 [ 19.544810] __kasan_check_write+0x20/0x30 [ 19.544948] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.545027] kasan_bitops_generic+0x110/0x1c8 [ 19.545093] kunit_try_run_case+0x170/0x3f0 [ 19.545193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.545245] kthread+0x328/0x630 [ 19.545470] ret_from_fork+0x10/0x20 [ 19.545597] [ 19.545649] Allocated by task 263: [ 19.545683] kasan_save_stack+0x3c/0x68 [ 19.545802] kasan_save_track+0x20/0x40 [ 19.545844] kasan_save_alloc_info+0x40/0x58 [ 19.545885] __kasan_kmalloc+0xd4/0xd8 [ 19.545921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.545960] kasan_bitops_generic+0xa0/0x1c8 [ 19.546134] kunit_try_run_case+0x170/0x3f0 [ 19.546237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.546413] kthread+0x328/0x630 [ 19.546451] ret_from_fork+0x10/0x20 [ 19.546503] [ 19.546527] The buggy address belongs to the object at fff00000c5a0ed80 [ 19.546527] which belongs to the cache kmalloc-16 of size 16 [ 19.546597] The buggy address is located 8 bytes inside of [ 19.546597] allocated 9-byte region [fff00000c5a0ed80, fff00000c5a0ed89) [ 19.547158] page_type: f5(slab) [ 19.547685] page dumped because: kasan: bad access detected [ 19.547767] [ 19.547904] Memory state around the buggy address: [ 19.547958] fff00000c5a0ec80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.548447] fff00000c5a0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549641] Read of size 8 at addr fff00000c5a0ed88 by task kunit_try_catch/263 [ 19.550306] dump_stack_lvl+0x8c/0xd0 [ 19.551011] kasan_bitops_generic+0x110/0x1c8 [ 19.552507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.553950] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.554112] page dumped because: kasan: bad access detected [ 19.554859] ^ [ 19.554899] fff00000c5a0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.555654] ================================================================== [ 19.538045] ================================================================== [ 19.538109] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.538224] Write of size 8 at addr fff00000c5a0ed88 by task kunit_try_catch/263 [ 19.538302] [ 19.538362] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.538690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.538865] Hardware name: linux,dummy-virt (DT) [ 19.538911] Call trace: [ 19.539015] show_stack+0x20/0x38 (C) [ 19.539123] dump_stack_lvl+0x8c/0xd0 [ 19.539260] print_report+0x118/0x5d0 [ 19.539482] kasan_report+0xdc/0x128 [ 19.539564] kasan_check_range+0x100/0x1a8 [ 19.539763] __kasan_check_write+0x20/0x30 [ 19.539888] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.539952] kasan_bitops_generic+0x110/0x1c8 [ 19.539999] kunit_try_run_case+0x170/0x3f0 [ 19.540051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.540111] kthread+0x328/0x630 [ 19.540159] ret_from_fork+0x10/0x20 [ 19.540206] [ 19.540226] Allocated by task 263: [ 19.540257] kasan_save_stack+0x3c/0x68 [ 19.540310] kasan_save_track+0x20/0x40 [ 19.540349] kasan_save_alloc_info+0x40/0x58 [ 19.540389] __kasan_kmalloc+0xd4/0xd8 [ 19.540427] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.540476] kasan_bitops_generic+0xa0/0x1c8 [ 19.540524] kunit_try_run_case+0x170/0x3f0 [ 19.540565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.540617] kthread+0x328/0x630 [ 19.540663] ret_from_fork+0x10/0x20 [ 19.540708] [ 19.540739] The buggy address belongs to the object at fff00000c5a0ed80 [ 19.540739] which belongs to the cache kmalloc-16 of size 16 [ 19.540859] [ 19.540889] The buggy address belongs to the physical page: [ 19.540940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a0e [ 19.541008] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.541056] page_type: f5(slab) [ 19.541104] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.541205] page dumped because: kasan: bad access detected [ 19.541248] [ 19.541292] Memory state around the buggy address: [ 19.541715] fff00000c5a0ec80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.541766] fff00000c5a0ed00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 19.541835] >fff00000c5a0ed80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.541900] ^ [ 19.542411] fff00000c5a0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.542496] fff00000c5a0ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.542822] ================================================================== [ 19.530239] ================================================================== [ 19.530319] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.530951] Read of size 8 at addr fff00000c5a0ed88 by task kunit_try_catch/263 [ 19.531125] [ 19.531175] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.531311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.531730] Hardware name: linux,dummy-virt (DT) [ 19.531785] Call trace: [ 19.531990] show_stack+0x20/0x38 (C) [ 19.532145] dump_stack_lvl+0x8c/0xd0 [ 19.532341] print_report+0x118/0x5d0 [ 19.532479] kasan_report+0xdc/0x128 [ 19.532525] __asan_report_load8_noabort+0x20/0x30 [ 19.532982] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.533496] kasan_bitops_generic+0x110/0x1c8 [ 19.534323] kunit_try_run_case+0x170/0x3f0 [ 19.534384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.534845] kthread+0x328/0x630 [ 19.534904] ret_from_fork+0x10/0x20 [ 19.534955] [ 19.534975] Allocated by task 263: [ 19.535014] kasan_save_stack+0x3c/0x68 [ 19.535056] kasan_save_track+0x20/0x40 [ 19.535093] kasan_save_alloc_info+0x40/0x58 [ 19.535133] __kasan_kmalloc+0xd4/0xd8 [ 19.535168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.535208] kasan_bitops_generic+0xa0/0x1c8 [ 19.535246] kunit_try_run_case+0x170/0x3f0 [ 19.535296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535339] kthread+0x328/0x630 [ 19.535375] ret_from_fork+0x10/0x20 [ 19.535411] [ 19.535431] The buggy address belongs to the object at fff00000c5a0ed80 [ 19.535431] which belongs to the cache kmalloc-16 of size 16 [ 19.535489] The buggy address is located 8 bytes inside of [ 19.535489] allocated 9-byte region [fff00000c5a0ed80, fff00000c5a0ed89) [ 19.535551] [ 19.535573] The buggy address belongs to the physical page: [ 19.535605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a0e [ 19.535657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.535707] page_type: f5(slab) [ 19.535745] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.535798] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.535842] page dumped because: kasan: bad access detected [ 19.535876] [ 19.535895] Memory state around the buggy address: [ 19.535928] fff00000c5a0ec80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.535973] fff00000c5a0ed00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 19.536017] >fff00000c5a0ed80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536088] fff00000c5a0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536226] fff00000c5a0ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536426] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.472989] ================================================================== [ 19.473047] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.473109] Read of size 1 at addr fff00000c6fc4b90 by task kunit_try_catch/261 [ 19.473161] [ 19.473202] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.473301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.473371] Hardware name: linux,dummy-virt (DT) [ 19.473407] Call trace: [ 19.473445] show_stack+0x20/0x38 (C) [ 19.473508] dump_stack_lvl+0x8c/0xd0 [ 19.473569] print_report+0x118/0x5d0 [ 19.473619] kasan_report+0xdc/0x128 [ 19.473665] __asan_report_load1_noabort+0x20/0x30 [ 19.473726] strcmp+0xc0/0xc8 [ 19.473771] kasan_strings+0x340/0xb00 [ 19.473819] kunit_try_run_case+0x170/0x3f0 [ 19.473870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.473956] kthread+0x328/0x630 [ 19.474005] ret_from_fork+0x10/0x20 [ 19.474061] [ 19.474181] Allocated by task 261: [ 19.474256] kasan_save_stack+0x3c/0x68 [ 19.474372] kasan_save_track+0x20/0x40 [ 19.474553] kasan_save_alloc_info+0x40/0x58 [ 19.474895] __kasan_kmalloc+0xd4/0xd8 [ 19.474936] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.474977] kasan_strings+0xc8/0xb00 [ 19.475014] kunit_try_run_case+0x170/0x3f0 [ 19.475056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.475097] kthread+0x328/0x630 [ 19.475136] ret_from_fork+0x10/0x20 [ 19.475180] [ 19.475291] Freed by task 261: [ 19.475320] kasan_save_stack+0x3c/0x68 [ 19.476131] kthread+0x328/0x630 [ 19.477392] [ 19.478702] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.417274] ================================================================== [ 19.417638] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.418074] Read of size 1 at addr fff00000c6fc49d8 by task kunit_try_catch/259 [ 19.418416] [ 19.418735] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.419198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.419231] Hardware name: linux,dummy-virt (DT) [ 19.419266] Call trace: [ 19.419436] show_stack+0x20/0x38 (C) [ 19.419497] dump_stack_lvl+0x8c/0xd0 [ 19.419551] print_report+0x118/0x5d0 [ 19.419822] kasan_report+0xdc/0x128 [ 19.420012] __asan_report_load1_noabort+0x20/0x30 [ 19.420115] memcmp+0x198/0x1d8 [ 19.420167] kasan_memcmp+0x16c/0x300 [ 19.420216] kunit_try_run_case+0x170/0x3f0 [ 19.420694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.420994] kthread+0x328/0x630 [ 19.421320] ret_from_fork+0x10/0x20 [ 19.421718] [ 19.421743] Allocated by task 259: [ 19.421775] kasan_save_stack+0x3c/0x68 [ 19.421858] kasan_save_track+0x20/0x40 [ 19.421996] kasan_save_alloc_info+0x40/0x58 [ 19.422035] __kasan_kmalloc+0xd4/0xd8 [ 19.422073] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.422113] kasan_memcmp+0xbc/0x300 [ 19.422150] kunit_try_run_case+0x170/0x3f0 [ 19.422198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.422473] kthread+0x328/0x630 [ 19.422563] ret_from_fork+0x10/0x20 [ 19.423109] [ 19.423176] The buggy address belongs to the object at fff00000c6fc49c0 [ 19.423176] which belongs to the cache kmalloc-32 of size 32 [ 19.423240] The buggy address is located 0 bytes to the right of [ 19.423240] allocated 24-byte region [fff00000c6fc49c0, fff00000c6fc49d8) [ 19.423802] [ 19.424248] The buggy address belongs to the physical page: [ 19.424651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc4 [ 19.425163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.425607] page_type: f5(slab) [ 19.426013] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.426068] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.426111] page dumped because: kasan: bad access detected [ 19.426851] [ 19.426873] Memory state around the buggy address: [ 19.426995] fff00000c6fc4880: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.427531] fff00000c6fc4900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.427719] >fff00000c6fc4980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.427779] ^ [ 19.429189] fff00000c6fc4a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429540] fff00000c6fc4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429591] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.389236] ================================================================== [ 19.389439] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.389767] Read of size 1 at addr ffff800080a17b5f by task kunit_try_catch/253 [ 19.389848] [ 19.390040] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.390307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.390345] Hardware name: linux,dummy-virt (DT) [ 19.390381] Call trace: [ 19.390419] show_stack+0x20/0x38 (C) [ 19.390528] dump_stack_lvl+0x8c/0xd0 [ 19.390593] print_report+0x310/0x5d0 [ 19.391069] kasan_report+0xdc/0x128 [ 19.391123] __asan_report_load1_noabort+0x20/0x30 [ 19.391205] kasan_alloca_oob_left+0x2b8/0x310 [ 19.391257] kunit_try_run_case+0x170/0x3f0 [ 19.391336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.391396] kthread+0x328/0x630 [ 19.391448] ret_from_fork+0x10/0x20 [ 19.391501] [ 19.391525] The buggy address belongs to stack of task kunit_try_catch/253 [ 19.391595] [ 19.391617] The buggy address ffff800080a17b5f belongs to a vmalloc virtual mapping [ 19.391663] The buggy address belongs to the physical page: [ 19.391700] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078eb [ 19.391757] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.391826] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.391879] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.391922] page dumped because: kasan: bad access detected [ 19.391956] [ 19.391978] Memory state around the buggy address: [ 19.392013] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.392058] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.392103] >ffff800080a17b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.392144] ^ [ 19.392184] ffff800080a17b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.392229] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.392271] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.371912] ================================================================== [ 19.372319] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.372418] Read of size 1 at addr ffff800080a17c2a by task kunit_try_catch/251 [ 19.372482] [ 19.372517] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.372600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.372627] Hardware name: linux,dummy-virt (DT) [ 19.372920] Call trace: [ 19.372980] show_stack+0x20/0x38 (C) [ 19.373099] dump_stack_lvl+0x8c/0xd0 [ 19.373175] print_report+0x310/0x5d0 [ 19.373223] kasan_report+0xdc/0x128 [ 19.373349] __asan_report_load1_noabort+0x20/0x30 [ 19.373402] kasan_stack_oob+0x238/0x270 [ 19.373460] kunit_try_run_case+0x170/0x3f0 [ 19.373540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373838] kthread+0x328/0x630 [ 19.373909] ret_from_fork+0x10/0x20 [ 19.374041] [ 19.374131] The buggy address belongs to stack of task kunit_try_catch/251 [ 19.374335] and is located at offset 138 in frame: [ 19.374377] kasan_stack_oob+0x0/0x270 [ 19.374961] [ 19.375025] This frame has 4 objects: [ 19.375807] [48, 49) '__assertion' [ 19.375949] [64, 72) 'array' [ 19.375984] [96, 112) '__assertion' [ 19.376176] [128, 138) 'stack_array' [ 19.376243] [ 19.376614] The buggy address ffff800080a17c2a belongs to a vmalloc virtual mapping [ 19.376682] The buggy address belongs to the physical page: [ 19.376735] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078eb [ 19.376843] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.376929] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.376993] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.377227] page dumped because: kasan: bad access detected [ 19.377407] [ 19.377460] Memory state around the buggy address: [ 19.377588] ffff800080a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.377636] ffff800080a17b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.377689] >ffff800080a17c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.377746] ^ [ 19.377781] ffff800080a17c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.377822] ffff800080a17d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.377860] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.342157] ================================================================== [ 19.342236] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.342330] Read of size 1 at addr ffff9b0a4fc035ad by task kunit_try_catch/247 [ 19.342380] [ 19.342437] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.342518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.342546] Hardware name: linux,dummy-virt (DT) [ 19.342594] Call trace: [ 19.342617] show_stack+0x20/0x38 (C) [ 19.342678] dump_stack_lvl+0x8c/0xd0 [ 19.343065] print_report+0x310/0x5d0 [ 19.343146] kasan_report+0xdc/0x128 [ 19.343589] __asan_report_load1_noabort+0x20/0x30 [ 19.343761] kasan_global_oob_right+0x230/0x270 [ 19.343825] kunit_try_run_case+0x170/0x3f0 [ 19.343914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.343967] kthread+0x328/0x630 [ 19.344020] ret_from_fork+0x10/0x20 [ 19.344202] [ 19.344263] The buggy address belongs to the variable: [ 19.344309] global_array+0xd/0x40 [ 19.344391] [ 19.344455] The buggy address ffff9b0a4fc035ad belongs to a vmalloc virtual mapping [ 19.344678] The buggy address belongs to the physical page: [ 19.344735] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c03 [ 19.344801] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.344903] raw: 03fffe0000002000 ffffc1ffc01f00c8 ffffc1ffc01f00c8 0000000000000000 [ 19.344954] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.344993] page dumped because: kasan: bad access detected [ 19.345025] [ 19.345044] Memory state around the buggy address: [ 19.345083] ffff9b0a4fc03480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.345134] ffff9b0a4fc03500: 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 [ 19.345186] >ffff9b0a4fc03580: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 19.345233] ^ [ 19.345264] ffff9b0a4fc03600: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 19.345823] ffff9b0a4fc03680: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.345928] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.305601] ================================================================== [ 19.305789] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.305850] Free of addr fff00000c6fc5201 by task kunit_try_catch/243 [ 19.305918] [ 19.305972] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.306054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.306079] Hardware name: linux,dummy-virt (DT) [ 19.306128] Call trace: [ 19.306156] show_stack+0x20/0x38 (C) [ 19.306206] dump_stack_lvl+0x8c/0xd0 [ 19.306316] print_report+0x118/0x5d0 [ 19.306371] kasan_report_invalid_free+0xc0/0xe8 [ 19.306425] check_slab_allocation+0xfc/0x108 [ 19.306473] __kasan_mempool_poison_object+0x78/0x150 [ 19.307004] mempool_free+0x28c/0x328 [ 19.307133] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.307198] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.307259] kunit_try_run_case+0x170/0x3f0 [ 19.307328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307380] kthread+0x328/0x630 [ 19.307438] ret_from_fork+0x10/0x20 [ 19.307487] [ 19.307505] Allocated by task 243: [ 19.307559] kasan_save_stack+0x3c/0x68 [ 19.307602] kasan_save_track+0x20/0x40 [ 19.307850] kasan_save_alloc_info+0x40/0x58 [ 19.308016] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.308091] remove_element+0x130/0x1f8 [ 19.308468] mempool_alloc_preallocated+0x58/0xc0 [ 19.308680] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.308755] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.308880] kunit_try_run_case+0x170/0x3f0 [ 19.309614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.309700] kthread+0x328/0x630 [ 19.309818] ret_from_fork+0x10/0x20 [ 19.309869] [ 19.309913] The buggy address belongs to the object at fff00000c6fc5200 [ 19.309913] which belongs to the cache kmalloc-128 of size 128 [ 19.310458] The buggy address is located 1 bytes inside of [ 19.310458] 128-byte region [fff00000c6fc5200, fff00000c6fc5280) [ 19.310618] [ 19.310690] The buggy address belongs to the physical page: [ 19.310760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fc5 [ 19.310836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.310889] page_type: f5(slab) [ 19.310950] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.311028] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.311241] page dumped because: kasan: bad access detected [ 19.311915] [ 19.312051] Memory state around the buggy address: [ 19.312182] fff00000c6fc5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.312480] fff00000c6fc5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.312551] >fff00000c6fc5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.312612] ^ [ 19.312669] fff00000c6fc5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.312725] fff00000c6fc5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.312781] ================================================================== [ 19.328318] ================================================================== [ 19.328402] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.328519] Free of addr fff00000c78e4001 by task kunit_try_catch/245 [ 19.328565] [ 19.328605] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.328882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.329020] Hardware name: linux,dummy-virt (DT) [ 19.329074] Call trace: [ 19.329140] show_stack+0x20/0x38 (C) [ 19.329216] dump_stack_lvl+0x8c/0xd0 [ 19.329277] print_report+0x118/0x5d0 [ 19.329335] kasan_report_invalid_free+0xc0/0xe8 [ 19.329435] __kasan_mempool_poison_object+0xfc/0x150 [ 19.329489] mempool_free+0x28c/0x328 [ 19.329537] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.329591] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.329650] kunit_try_run_case+0x170/0x3f0 [ 19.329701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.329751] kthread+0x328/0x630 [ 19.329805] ret_from_fork+0x10/0x20 [ 19.329864] [ 19.329891] The buggy address belongs to the physical page: [ 19.329929] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 19.329985] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.330031] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.330091] page_type: f8(unknown) [ 19.330132] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.330195] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.330244] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.330486] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.330726] head: 0bfffe0000000002 ffffc1ffc31e3901 00000000ffffffff 00000000ffffffff [ 19.330916] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.330966] page dumped because: kasan: bad access detected [ 19.331308] [ 19.331348] Memory state around the buggy address: [ 19.331451] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.331531] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.331613] >fff00000c78e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.331711] ^ [ 19.331771] fff00000c78e4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.331885] fff00000c78e4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.331941] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.269123] ================================================================== [ 19.269202] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.269256] Free of addr fff00000c5b89e00 by task kunit_try_catch/237 [ 19.269312] [ 19.269343] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.269594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.269787] Hardware name: linux,dummy-virt (DT) [ 19.269858] Call trace: [ 19.269887] show_stack+0x20/0x38 (C) [ 19.269950] dump_stack_lvl+0x8c/0xd0 [ 19.270001] print_report+0x118/0x5d0 [ 19.270179] kasan_report_invalid_free+0xc0/0xe8 [ 19.270263] check_slab_allocation+0xd4/0x108 [ 19.270401] __kasan_mempool_poison_object+0x78/0x150 [ 19.270488] mempool_free+0x28c/0x328 [ 19.270554] mempool_double_free_helper+0x150/0x2e8 [ 19.270614] mempool_kmalloc_double_free+0xc0/0x118 [ 19.270674] kunit_try_run_case+0x170/0x3f0 [ 19.270776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270841] kthread+0x328/0x630 [ 19.271277] ret_from_fork+0x10/0x20 [ 19.271377] [ 19.271407] Allocated by task 237: [ 19.271487] kasan_save_stack+0x3c/0x68 [ 19.271587] kasan_save_track+0x20/0x40 [ 19.271655] kasan_save_alloc_info+0x40/0x58 [ 19.271722] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.271763] remove_element+0x130/0x1f8 [ 19.271823] mempool_alloc_preallocated+0x58/0xc0 [ 19.271865] mempool_double_free_helper+0x94/0x2e8 [ 19.271906] mempool_kmalloc_double_free+0xc0/0x118 [ 19.271969] kunit_try_run_case+0x170/0x3f0 [ 19.272139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.272228] kthread+0x328/0x630 [ 19.272326] ret_from_fork+0x10/0x20 [ 19.272385] [ 19.272444] Freed by task 237: [ 19.272546] kasan_save_stack+0x3c/0x68 [ 19.272611] kasan_save_track+0x20/0x40 [ 19.272655] kasan_save_free_info+0x4c/0x78 [ 19.272738] __kasan_mempool_poison_object+0xc0/0x150 [ 19.272779] mempool_free+0x28c/0x328 [ 19.272832] mempool_double_free_helper+0x100/0x2e8 [ 19.272873] mempool_kmalloc_double_free+0xc0/0x118 [ 19.272914] kunit_try_run_case+0x170/0x3f0 [ 19.272953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.273113] kthread+0x328/0x630 [ 19.273184] ret_from_fork+0x10/0x20 [ 19.273222] [ 19.273241] The buggy address belongs to the object at fff00000c5b89e00 [ 19.273241] which belongs to the cache kmalloc-128 of size 128 [ 19.273326] The buggy address is located 0 bytes inside of [ 19.273326] 128-byte region [fff00000c5b89e00, fff00000c5b89e80) [ 19.273394] [ 19.273416] The buggy address belongs to the physical page: [ 19.273452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b89 [ 19.273511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.273568] page_type: f5(slab) [ 19.273605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.273662] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.273702] page dumped because: kasan: bad access detected [ 19.273734] [ 19.273751] Memory state around the buggy address: [ 19.273782] fff00000c5b89d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.273836] fff00000c5b89d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273878] >fff00000c5b89e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.273926] ^ [ 19.273954] fff00000c5b89e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273996] fff00000c5b89f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.274034] ================================================================== [ 19.288153] ================================================================== [ 19.288228] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.288310] Free of addr fff00000c78e4000 by task kunit_try_catch/239 [ 19.288354] [ 19.288392] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.288474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.288500] Hardware name: linux,dummy-virt (DT) [ 19.288531] Call trace: [ 19.288554] show_stack+0x20/0x38 (C) [ 19.288603] dump_stack_lvl+0x8c/0xd0 [ 19.288655] print_report+0x118/0x5d0 [ 19.288700] kasan_report_invalid_free+0xc0/0xe8 [ 19.288757] __kasan_mempool_poison_object+0x14c/0x150 [ 19.288807] mempool_free+0x28c/0x328 [ 19.288853] mempool_double_free_helper+0x150/0x2e8 [ 19.288903] mempool_kmalloc_large_double_free+0xc0/0x118 [ 19.288955] kunit_try_run_case+0x170/0x3f0 [ 19.289005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.289054] kthread+0x328/0x630 [ 19.289099] ret_from_fork+0x10/0x20 [ 19.289146] [ 19.289169] The buggy address belongs to the physical page: [ 19.289204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 19.289258] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.289315] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.289371] page_type: f8(unknown) [ 19.289410] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.289466] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.289514] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.289562] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.289610] head: 0bfffe0000000002 ffffc1ffc31e3901 00000000ffffffff 00000000ffffffff [ 19.289658] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.289699] page dumped because: kasan: bad access detected [ 19.289730] [ 19.289747] Memory state around the buggy address: [ 19.289780] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.289822] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.289864] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.289903] ^ [ 19.289929] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.289969] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.290007] ================================================================== [ 19.296893] ================================================================== [ 19.296957] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.297135] Free of addr fff00000c78e4000 by task kunit_try_catch/241 [ 19.297188] [ 19.297223] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.297314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.297482] Hardware name: linux,dummy-virt (DT) [ 19.297519] Call trace: [ 19.297636] show_stack+0x20/0x38 (C) [ 19.297700] dump_stack_lvl+0x8c/0xd0 [ 19.297775] print_report+0x118/0x5d0 [ 19.297892] kasan_report_invalid_free+0xc0/0xe8 [ 19.297971] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.298032] mempool_free+0x24c/0x328 [ 19.298114] mempool_double_free_helper+0x150/0x2e8 [ 19.298181] mempool_page_alloc_double_free+0xbc/0x118 [ 19.298248] kunit_try_run_case+0x170/0x3f0 [ 19.298352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298404] kthread+0x328/0x630 [ 19.298458] ret_from_fork+0x10/0x20 [ 19.298506] [ 19.298527] The buggy address belongs to the physical page: [ 19.298560] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 19.298612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.298683] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.298771] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.298812] page dumped because: kasan: bad access detected [ 19.298843] [ 19.298860] Memory state around the buggy address: [ 19.299091] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.299146] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.299208] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.299271] ^ [ 19.299327] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.299371] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.299409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.220306] ================================================================== [ 19.220454] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.220518] Read of size 1 at addr fff00000c78dc000 by task kunit_try_catch/231 [ 19.220597] [ 19.220668] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.220751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.220777] Hardware name: linux,dummy-virt (DT) [ 19.220969] Call trace: [ 19.220995] show_stack+0x20/0x38 (C) [ 19.221058] dump_stack_lvl+0x8c/0xd0 [ 19.221111] print_report+0x118/0x5d0 [ 19.221154] kasan_report+0xdc/0x128 [ 19.221339] __asan_report_load1_noabort+0x20/0x30 [ 19.221521] mempool_uaf_helper+0x314/0x340 [ 19.221599] mempool_kmalloc_large_uaf+0xc4/0x120 [ 19.221674] kunit_try_run_case+0x170/0x3f0 [ 19.221850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.221929] kthread+0x328/0x630 [ 19.221978] ret_from_fork+0x10/0x20 [ 19.222045] [ 19.222178] The buggy address belongs to the physical page: [ 19.222224] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 19.222336] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.222386] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.222450] page_type: f8(unknown) [ 19.222489] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.222538] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.222585] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.222633] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.222681] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 19.222868] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.222913] page dumped because: kasan: bad access detected [ 19.222947] [ 19.222965] Memory state around the buggy address: [ 19.223043] fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.223118] fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.223161] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.223200] ^ [ 19.223228] fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.223271] fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.223332] ================================================================== [ 19.258874] ================================================================== [ 19.258936] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.259156] Read of size 1 at addr fff00000c78e4000 by task kunit_try_catch/235 [ 19.259334] [ 19.259423] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.259582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.259644] Hardware name: linux,dummy-virt (DT) [ 19.259738] Call trace: [ 19.259779] show_stack+0x20/0x38 (C) [ 19.259852] dump_stack_lvl+0x8c/0xd0 [ 19.259946] print_report+0x118/0x5d0 [ 19.260003] kasan_report+0xdc/0x128 [ 19.260047] __asan_report_load1_noabort+0x20/0x30 [ 19.260264] mempool_uaf_helper+0x314/0x340 [ 19.260333] mempool_page_alloc_uaf+0xc0/0x118 [ 19.260388] kunit_try_run_case+0x170/0x3f0 [ 19.260502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.260604] kthread+0x328/0x630 [ 19.260800] ret_from_fork+0x10/0x20 [ 19.261596] [ 19.261624] The buggy address belongs to the physical page: [ 19.261659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 19.261904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.261974] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.262104] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.262175] page dumped because: kasan: bad access detected [ 19.262231] [ 19.262250] Memory state around the buggy address: [ 19.262415] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.262468] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.262512] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.262550] ^ [ 19.262585] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.262642] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.262690] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.201316] ================================================================== [ 19.201754] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.201848] Read of size 1 at addr fff00000c5b89a00 by task kunit_try_catch/229 [ 19.201909] [ 19.201958] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.202045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.202072] Hardware name: linux,dummy-virt (DT) [ 19.202106] Call trace: [ 19.202310] show_stack+0x20/0x38 (C) [ 19.202381] dump_stack_lvl+0x8c/0xd0 [ 19.202443] print_report+0x118/0x5d0 [ 19.202487] kasan_report+0xdc/0x128 [ 19.202587] __asan_report_load1_noabort+0x20/0x30 [ 19.202644] mempool_uaf_helper+0x314/0x340 [ 19.202692] mempool_kmalloc_uaf+0xc4/0x120 [ 19.202795] kunit_try_run_case+0x170/0x3f0 [ 19.202847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.202927] kthread+0x328/0x630 [ 19.203043] ret_from_fork+0x10/0x20 [ 19.203302] [ 19.203322] Allocated by task 229: [ 19.203431] kasan_save_stack+0x3c/0x68 [ 19.203487] kasan_save_track+0x20/0x40 [ 19.203526] kasan_save_alloc_info+0x40/0x58 [ 19.203565] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.203995] remove_element+0x130/0x1f8 [ 19.204077] mempool_alloc_preallocated+0x58/0xc0 [ 19.204144] mempool_uaf_helper+0xa4/0x340 [ 19.204300] mempool_kmalloc_uaf+0xc4/0x120 [ 19.204369] kunit_try_run_case+0x170/0x3f0 [ 19.204494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.204539] kthread+0x328/0x630 [ 19.204606] ret_from_fork+0x10/0x20 [ 19.204940] [ 19.204999] Freed by task 229: [ 19.205069] kasan_save_stack+0x3c/0x68 [ 19.205142] kasan_save_track+0x20/0x40 [ 19.205243] kasan_save_free_info+0x4c/0x78 [ 19.205371] __kasan_mempool_poison_object+0xc0/0x150 [ 19.205437] mempool_free+0x28c/0x328 [ 19.205500] mempool_uaf_helper+0x104/0x340 [ 19.205794] mempool_kmalloc_uaf+0xc4/0x120 [ 19.205863] kunit_try_run_case+0x170/0x3f0 [ 19.205937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.206143] kthread+0x328/0x630 [ 19.206190] ret_from_fork+0x10/0x20 [ 19.206303] [ 19.206354] The buggy address belongs to the object at fff00000c5b89a00 [ 19.206354] which belongs to the cache kmalloc-128 of size 128 [ 19.206505] The buggy address is located 0 bytes inside of [ 19.206505] freed 128-byte region [fff00000c5b89a00, fff00000c5b89a80) [ 19.206587] [ 19.206612] The buggy address belongs to the physical page: [ 19.206660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b89 [ 19.206993] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.207132] page_type: f5(slab) [ 19.207209] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.207361] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.207443] page dumped because: kasan: bad access detected [ 19.207551] [ 19.207599] Memory state around the buggy address: [ 19.207647] fff00000c5b89900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.207695] fff00000c5b89980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.207738] >fff00000c5b89a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.207958] ^ [ 19.208013] fff00000c5b89a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.208064] fff00000c5b89b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.208130] ================================================================== [ 19.233168] ================================================================== [ 19.233230] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.233300] Read of size 1 at addr fff00000c78f9240 by task kunit_try_catch/233 [ 19.233353] [ 19.233630] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.233878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.233909] Hardware name: linux,dummy-virt (DT) [ 19.233943] Call trace: [ 19.234050] show_stack+0x20/0x38 (C) [ 19.234113] dump_stack_lvl+0x8c/0xd0 [ 19.234167] print_report+0x118/0x5d0 [ 19.234273] kasan_report+0xdc/0x128 [ 19.234359] __asan_report_load1_noabort+0x20/0x30 [ 19.234690] mempool_uaf_helper+0x314/0x340 [ 19.234879] mempool_slab_uaf+0xc0/0x118 [ 19.235001] kunit_try_run_case+0x170/0x3f0 [ 19.235078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235234] kthread+0x328/0x630 [ 19.235469] ret_from_fork+0x10/0x20 [ 19.235527] [ 19.235545] Allocated by task 233: [ 19.235574] kasan_save_stack+0x3c/0x68 [ 19.235691] kasan_save_track+0x20/0x40 [ 19.235750] kasan_save_alloc_info+0x40/0x58 [ 19.235865] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.235943] remove_element+0x16c/0x1f8 [ 19.235989] mempool_alloc_preallocated+0x58/0xc0 [ 19.236362] mempool_uaf_helper+0xa4/0x340 [ 19.236441] mempool_slab_uaf+0xc0/0x118 [ 19.236542] kunit_try_run_case+0x170/0x3f0 [ 19.236622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.236667] kthread+0x328/0x630 [ 19.236732] ret_from_fork+0x10/0x20 [ 19.236903] [ 19.236923] Freed by task 233: [ 19.237110] kasan_save_stack+0x3c/0x68 [ 19.237183] kasan_save_track+0x20/0x40 [ 19.237323] kasan_save_free_info+0x4c/0x78 [ 19.237393] __kasan_mempool_poison_object+0xc0/0x150 [ 19.237465] mempool_free+0x28c/0x328 [ 19.237597] mempool_uaf_helper+0x104/0x340 [ 19.237664] mempool_slab_uaf+0xc0/0x118 [ 19.237792] kunit_try_run_case+0x170/0x3f0 [ 19.237892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237956] kthread+0x328/0x630 [ 19.238157] ret_from_fork+0x10/0x20 [ 19.238201] [ 19.238253] The buggy address belongs to the object at fff00000c78f9240 [ 19.238253] which belongs to the cache test_cache of size 123 [ 19.238434] The buggy address is located 0 bytes inside of [ 19.238434] freed 123-byte region [fff00000c78f9240, fff00000c78f92bb) [ 19.238520] [ 19.238606] The buggy address belongs to the physical page: [ 19.238666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f9 [ 19.238934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.238990] page_type: f5(slab) [ 19.239146] raw: 0bfffe0000000000 fff00000c5971500 dead000000000122 0000000000000000 [ 19.239246] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.239355] page dumped because: kasan: bad access detected [ 19.239412] [ 19.239452] Memory state around the buggy address: [ 19.239566] fff00000c78f9100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.239679] fff00000c78f9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.239745] >fff00000c78f9200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.239939] ^ [ 19.239991] fff00000c78f9280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.240034] fff00000c78f9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.240087] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.142052] ================================================================== [ 19.142127] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.142203] Read of size 1 at addr fff00000c5b89673 by task kunit_try_catch/223 [ 19.142253] [ 19.142312] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.142399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.142427] Hardware name: linux,dummy-virt (DT) [ 19.142462] Call trace: [ 19.142488] show_stack+0x20/0x38 (C) [ 19.142538] dump_stack_lvl+0x8c/0xd0 [ 19.142594] print_report+0x118/0x5d0 [ 19.142637] kasan_report+0xdc/0x128 [ 19.142682] __asan_report_load1_noabort+0x20/0x30 [ 19.142739] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.142787] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.142837] kunit_try_run_case+0x170/0x3f0 [ 19.142888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.142936] kthread+0x328/0x630 [ 19.142983] ret_from_fork+0x10/0x20 [ 19.143035] [ 19.143747] Allocated by task 223: [ 19.143783] kasan_save_stack+0x3c/0x68 [ 19.143830] kasan_save_track+0x20/0x40 [ 19.143865] kasan_save_alloc_info+0x40/0x58 [ 19.143906] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.143946] remove_element+0x130/0x1f8 [ 19.143987] mempool_alloc_preallocated+0x58/0xc0 [ 19.144028] mempool_oob_right_helper+0x98/0x2f0 [ 19.144068] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.144109] kunit_try_run_case+0x170/0x3f0 [ 19.144147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.144189] kthread+0x328/0x630 [ 19.144224] ret_from_fork+0x10/0x20 [ 19.144258] [ 19.144278] The buggy address belongs to the object at fff00000c5b89600 [ 19.144278] which belongs to the cache kmalloc-128 of size 128 [ 19.144351] The buggy address is located 0 bytes to the right of [ 19.144351] allocated 115-byte region [fff00000c5b89600, fff00000c5b89673) [ 19.144414] [ 19.144437] The buggy address belongs to the physical page: [ 19.144470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b89 [ 19.144527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.144582] page_type: f5(slab) [ 19.144624] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.144674] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.144717] page dumped because: kasan: bad access detected [ 19.144749] [ 19.144767] Memory state around the buggy address: [ 19.144801] fff00000c5b89500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.144844] fff00000c5b89580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.144887] >fff00000c5b89600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.144925] ^ [ 19.144965] fff00000c5b89680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.145006] fff00000c5b89700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.145044] ================================================================== [ 19.177783] ================================================================== [ 19.177894] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.177956] Read of size 1 at addr fff00000c78f52bb by task kunit_try_catch/227 [ 19.178006] [ 19.178042] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.178124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.178152] Hardware name: linux,dummy-virt (DT) [ 19.178186] Call trace: [ 19.178208] show_stack+0x20/0x38 (C) [ 19.178258] dump_stack_lvl+0x8c/0xd0 [ 19.179135] print_report+0x118/0x5d0 [ 19.179217] kasan_report+0xdc/0x128 [ 19.179329] __asan_report_load1_noabort+0x20/0x30 [ 19.179433] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.179543] mempool_slab_oob_right+0xc0/0x118 [ 19.180166] kunit_try_run_case+0x170/0x3f0 [ 19.180251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.180314] kthread+0x328/0x630 [ 19.180744] ret_from_fork+0x10/0x20 [ 19.180892] [ 19.180955] Allocated by task 227: [ 19.181002] kasan_save_stack+0x3c/0x68 [ 19.181090] kasan_save_track+0x20/0x40 [ 19.181178] kasan_save_alloc_info+0x40/0x58 [ 19.181302] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.181372] remove_element+0x16c/0x1f8 [ 19.181480] mempool_alloc_preallocated+0x58/0xc0 [ 19.181524] mempool_oob_right_helper+0x98/0x2f0 [ 19.181594] mempool_slab_oob_right+0xc0/0x118 [ 19.181798] kunit_try_run_case+0x170/0x3f0 [ 19.181837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.181887] kthread+0x328/0x630 [ 19.181929] ret_from_fork+0x10/0x20 [ 19.181988] [ 19.182118] The buggy address belongs to the object at fff00000c78f5240 [ 19.182118] which belongs to the cache test_cache of size 123 [ 19.182321] The buggy address is located 0 bytes to the right of [ 19.182321] allocated 123-byte region [fff00000c78f5240, fff00000c78f52bb) [ 19.182419] [ 19.182529] The buggy address belongs to the physical page: [ 19.182578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f5 [ 19.182668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.182763] page_type: f5(slab) [ 19.182888] raw: 0bfffe0000000000 fff00000c59713c0 dead000000000122 0000000000000000 [ 19.182941] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.183036] page dumped because: kasan: bad access detected [ 19.183105] [ 19.183215] Memory state around the buggy address: [ 19.183304] fff00000c78f5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.183371] fff00000c78f5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.183415] >fff00000c78f5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.183753] ^ [ 19.183799] fff00000c78f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.183928] fff00000c78f5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.184006] ================================================================== [ 19.152135] ================================================================== [ 19.152356] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.152428] Read of size 1 at addr fff00000c78de001 by task kunit_try_catch/225 [ 19.152501] [ 19.152536] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 19.152629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.152655] Hardware name: linux,dummy-virt (DT) [ 19.152687] Call trace: [ 19.152721] show_stack+0x20/0x38 (C) [ 19.152780] dump_stack_lvl+0x8c/0xd0 [ 19.152837] print_report+0x118/0x5d0 [ 19.152884] kasan_report+0xdc/0x128 [ 19.152927] __asan_report_load1_noabort+0x20/0x30 [ 19.152975] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.153023] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 19.153733] kunit_try_run_case+0x170/0x3f0 [ 19.153820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.153873] kthread+0x328/0x630 [ 19.153921] ret_from_fork+0x10/0x20 [ 19.153968] [ 19.153989] The buggy address belongs to the physical page: [ 19.154022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 19.154386] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.154650] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.154846] page_type: f8(unknown) [ 19.154945] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.154995] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.155067] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.155512] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.155593] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 19.155714] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.156019] page dumped because: kasan: bad access detected [ 19.156101] [ 19.156261] Memory state around the buggy address: [ 19.156682] fff00000c78ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.156929] fff00000c78ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.156988] >fff00000c78de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.157327] ^ [ 19.157431] fff00000c78de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.157476] fff00000c78de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.158031] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.573583] ================================================================== [ 18.573663] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.573734] Read of size 1 at addr fff00000c1bdf8c0 by task kunit_try_catch/217 [ 18.573785] [ 18.573827] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 18.573913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.573941] Hardware name: linux,dummy-virt (DT) [ 18.573975] Call trace: [ 18.574000] show_stack+0x20/0x38 (C) [ 18.574051] dump_stack_lvl+0x8c/0xd0 [ 18.574102] print_report+0x118/0x5d0 [ 18.574146] kasan_report+0xdc/0x128 [ 18.574188] __kasan_check_byte+0x54/0x70 [ 18.574233] kmem_cache_destroy+0x34/0x218 [ 18.574294] kmem_cache_double_destroy+0x174/0x300 [ 18.574347] kunit_try_run_case+0x170/0x3f0 [ 18.574398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.574446] kthread+0x328/0x630 [ 18.574492] ret_from_fork+0x10/0x20 [ 18.574540] [ 18.574560] Allocated by task 217: [ 18.574590] kasan_save_stack+0x3c/0x68 [ 18.574630] kasan_save_track+0x20/0x40 [ 18.574665] kasan_save_alloc_info+0x40/0x58 [ 18.574704] __kasan_slab_alloc+0xa8/0xb0 [ 18.575193] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.575242] __kmem_cache_create_args+0x178/0x280 [ 18.575295] kmem_cache_double_destroy+0xc0/0x300 [ 18.575339] kunit_try_run_case+0x170/0x3f0 [ 18.575377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.575417] kthread+0x328/0x630 [ 18.575453] ret_from_fork+0x10/0x20 [ 18.575489] [ 18.575509] Freed by task 217: [ 18.575536] kasan_save_stack+0x3c/0x68 [ 18.575573] kasan_save_track+0x20/0x40 [ 18.575610] kasan_save_free_info+0x4c/0x78 [ 18.575648] __kasan_slab_free+0x6c/0x98 [ 18.575683] kmem_cache_free+0x260/0x468 [ 18.575717] slab_kmem_cache_release+0x38/0x50 [ 18.575755] kmem_cache_release+0x1c/0x30 [ 18.575793] kobject_put+0x17c/0x420 [ 18.575831] sysfs_slab_release+0x1c/0x30 [ 18.575866] kmem_cache_destroy+0x118/0x218 [ 18.575902] kmem_cache_double_destroy+0x128/0x300 [ 18.575944] kunit_try_run_case+0x170/0x3f0 [ 18.575982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.576024] kthread+0x328/0x630 [ 18.576060] ret_from_fork+0x10/0x20 [ 18.576097] [ 18.576118] The buggy address belongs to the object at fff00000c1bdf8c0 [ 18.576118] which belongs to the cache kmem_cache of size 208 [ 18.576175] The buggy address is located 0 bytes inside of [ 18.576175] freed 208-byte region [fff00000c1bdf8c0, fff00000c1bdf990) [ 18.576237] [ 18.576258] The buggy address belongs to the physical page: [ 18.576301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bdf [ 18.576358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.576410] page_type: f5(slab) [ 18.576452] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.576502] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.576544] page dumped because: kasan: bad access detected [ 18.576576] [ 18.576596] Memory state around the buggy address: [ 18.576630] fff00000c1bdf780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.576673] fff00000c1bdf800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.576716] >fff00000c1bdf880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.576754] ^ [ 18.576786] fff00000c1bdf900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.576829] fff00000c1bdf980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.576868] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.483261] ================================================================== [ 18.483391] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.483471] Read of size 1 at addr fff00000c6f99000 by task kunit_try_catch/215 [ 18.483524] [ 18.483568] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 18.483652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.483679] Hardware name: linux,dummy-virt (DT) [ 18.483713] Call trace: [ 18.483737] show_stack+0x20/0x38 (C) [ 18.483788] dump_stack_lvl+0x8c/0xd0 [ 18.483841] print_report+0x118/0x5d0 [ 18.483885] kasan_report+0xdc/0x128 [ 18.483929] __asan_report_load1_noabort+0x20/0x30 [ 18.483979] kmem_cache_rcu_uaf+0x388/0x468 [ 18.484026] kunit_try_run_case+0x170/0x3f0 [ 18.484080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.484129] kthread+0x328/0x630 [ 18.484177] ret_from_fork+0x10/0x20 [ 18.484226] [ 18.484245] Allocated by task 215: [ 18.484277] kasan_save_stack+0x3c/0x68 [ 18.484329] kasan_save_track+0x20/0x40 [ 18.484365] kasan_save_alloc_info+0x40/0x58 [ 18.484403] __kasan_slab_alloc+0xa8/0xb0 [ 18.484439] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.484479] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.484519] kunit_try_run_case+0x170/0x3f0 [ 18.484557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.484599] kthread+0x328/0x630 [ 18.484635] ret_from_fork+0x10/0x20 [ 18.484670] [ 18.484688] Freed by task 0: [ 18.484715] kasan_save_stack+0x3c/0x68 [ 18.484753] kasan_save_track+0x20/0x40 [ 18.484788] kasan_save_free_info+0x4c/0x78 [ 18.484826] __kasan_slab_free+0x6c/0x98 [ 18.484861] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.484898] rcu_core+0x9f4/0x1e20 [ 18.484935] rcu_core_si+0x18/0x30 [ 18.484968] handle_softirqs+0x374/0xb28 [ 18.485005] __do_softirq+0x1c/0x28 [ 18.485038] [ 18.485058] Last potentially related work creation: [ 18.485086] kasan_save_stack+0x3c/0x68 [ 18.485122] kasan_record_aux_stack+0xb4/0xc8 [ 18.485159] kmem_cache_free+0x120/0x468 [ 18.485195] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.485233] kunit_try_run_case+0x170/0x3f0 [ 18.485272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.485321] kthread+0x328/0x630 [ 18.485355] ret_from_fork+0x10/0x20 [ 18.485389] [ 18.485408] The buggy address belongs to the object at fff00000c6f99000 [ 18.485408] which belongs to the cache test_cache of size 200 [ 18.485470] The buggy address is located 0 bytes inside of [ 18.485470] freed 200-byte region [fff00000c6f99000, fff00000c6f990c8) [ 18.485532] [ 18.485555] The buggy address belongs to the physical page: [ 18.485587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106f99 [ 18.485642] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.485695] page_type: f5(slab) [ 18.485735] raw: 0bfffe0000000000 fff00000c1bdf780 dead000000000122 0000000000000000 [ 18.485786] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.485826] page dumped because: kasan: bad access detected [ 18.485857] [ 18.485875] Memory state around the buggy address: [ 18.485908] fff00000c6f98f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.485950] fff00000c6f98f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.485993] >fff00000c6f99000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.486030] ^ [ 18.486056] fff00000c6f99080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.486098] fff00000c6f99100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.486138] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.976786] ================================================================== [ 17.976871] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.976943] Free of addr fff00000c6fab001 by task kunit_try_catch/213 [ 17.976996] [ 17.977037] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.977199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.977343] Hardware name: linux,dummy-virt (DT) [ 17.977388] Call trace: [ 17.977467] show_stack+0x20/0x38 (C) [ 17.977542] dump_stack_lvl+0x8c/0xd0 [ 17.977595] print_report+0x118/0x5d0 [ 17.977660] kasan_report_invalid_free+0xc0/0xe8 [ 17.977712] check_slab_allocation+0xfc/0x108 [ 17.977757] __kasan_slab_pre_free+0x2c/0x48 [ 17.977803] kmem_cache_free+0xf0/0x468 [ 17.977848] kmem_cache_invalid_free+0x184/0x3c8 [ 17.978047] kunit_try_run_case+0x170/0x3f0 [ 17.978162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.978239] kthread+0x328/0x630 [ 17.978328] ret_from_fork+0x10/0x20 [ 17.978394] [ 17.978433] Allocated by task 213: [ 17.978469] kasan_save_stack+0x3c/0x68 [ 17.978511] kasan_save_track+0x20/0x40 [ 17.978546] kasan_save_alloc_info+0x40/0x58 [ 17.978623] __kasan_slab_alloc+0xa8/0xb0 [ 17.978740] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.978838] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.978956] kunit_try_run_case+0x170/0x3f0 [ 17.979044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.979174] kthread+0x328/0x630 [ 17.979222] ret_from_fork+0x10/0x20 [ 17.979335] [ 17.979375] The buggy address belongs to the object at fff00000c6fab000 [ 17.979375] which belongs to the cache test_cache of size 200 [ 17.979432] The buggy address is located 1 bytes inside of [ 17.979432] 200-byte region [fff00000c6fab000, fff00000c6fab0c8) [ 17.979726] [ 17.979768] The buggy address belongs to the physical page: [ 17.979819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fab [ 17.979935] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.980071] page_type: f5(slab) [ 17.980167] raw: 0bfffe0000000000 fff00000c1bdf640 dead000000000122 0000000000000000 [ 17.980265] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.980371] page dumped because: kasan: bad access detected [ 17.980448] [ 17.980545] Memory state around the buggy address: [ 17.980589] fff00000c6faaf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.980648] fff00000c6faaf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.980702] >fff00000c6fab000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.980739] ^ [ 17.980768] fff00000c6fab080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.980958] fff00000c6fab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.981025] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.955580] ================================================================== [ 17.955675] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.955750] Free of addr fff00000c6fac000 by task kunit_try_catch/211 [ 17.955794] [ 17.955869] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.955955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.955982] Hardware name: linux,dummy-virt (DT) [ 17.956022] Call trace: [ 17.956066] show_stack+0x20/0x38 (C) [ 17.956117] dump_stack_lvl+0x8c/0xd0 [ 17.956169] print_report+0x118/0x5d0 [ 17.956229] kasan_report_invalid_free+0xc0/0xe8 [ 17.956276] check_slab_allocation+0xd4/0x108 [ 17.956339] __kasan_slab_pre_free+0x2c/0x48 [ 17.956384] kmem_cache_free+0xf0/0x468 [ 17.956430] kmem_cache_double_free+0x190/0x3c8 [ 17.956477] kunit_try_run_case+0x170/0x3f0 [ 17.956528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.956578] kthread+0x328/0x630 [ 17.956623] ret_from_fork+0x10/0x20 [ 17.956672] [ 17.956704] Allocated by task 211: [ 17.956734] kasan_save_stack+0x3c/0x68 [ 17.956771] kasan_save_track+0x20/0x40 [ 17.956807] kasan_save_alloc_info+0x40/0x58 [ 17.956844] __kasan_slab_alloc+0xa8/0xb0 [ 17.956881] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.956917] kmem_cache_double_free+0x12c/0x3c8 [ 17.956967] kunit_try_run_case+0x170/0x3f0 [ 17.957004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.957043] kthread+0x328/0x630 [ 17.957086] ret_from_fork+0x10/0x20 [ 17.957121] [ 17.957147] Freed by task 211: [ 17.957177] kasan_save_stack+0x3c/0x68 [ 17.957212] kasan_save_track+0x20/0x40 [ 17.957247] kasan_save_free_info+0x4c/0x78 [ 17.957293] __kasan_slab_free+0x6c/0x98 [ 17.957328] kmem_cache_free+0x260/0x468 [ 17.957361] kmem_cache_double_free+0x140/0x3c8 [ 17.957430] kunit_try_run_case+0x170/0x3f0 [ 17.957483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.957536] kthread+0x328/0x630 [ 17.957585] ret_from_fork+0x10/0x20 [ 17.957705] [ 17.957730] The buggy address belongs to the object at fff00000c6fac000 [ 17.957730] which belongs to the cache test_cache of size 200 [ 17.957949] The buggy address is located 0 bytes inside of [ 17.957949] 200-byte region [fff00000c6fac000, fff00000c6fac0c8) [ 17.958014] [ 17.958035] The buggy address belongs to the physical page: [ 17.958066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fac [ 17.958145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.958199] page_type: f5(slab) [ 17.958340] raw: 0bfffe0000000000 fff00000c1bdf500 dead000000000122 0000000000000000 [ 17.958444] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.958492] page dumped because: kasan: bad access detected [ 17.958540] [ 17.958579] Memory state around the buggy address: [ 17.958632] fff00000c6fabf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.958675] fff00000c6fabf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.958746] >fff00000c6fac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.958806] ^ [ 17.958835] fff00000c6fac080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.958876] fff00000c6fac100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.958915] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.781066] ================================================================== [ 17.781150] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.781241] Read of size 1 at addr fff00000c6fae0c8 by task kunit_try_catch/209 [ 17.781322] [ 17.781379] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.781468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.781776] Hardware name: linux,dummy-virt (DT) [ 17.781822] Call trace: [ 17.781860] show_stack+0x20/0x38 (C) [ 17.781915] dump_stack_lvl+0x8c/0xd0 [ 17.781987] print_report+0x118/0x5d0 [ 17.782072] kasan_report+0xdc/0x128 [ 17.782118] __asan_report_load1_noabort+0x20/0x30 [ 17.782167] kmem_cache_oob+0x344/0x430 [ 17.782494] kunit_try_run_case+0x170/0x3f0 [ 17.782564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.782642] kthread+0x328/0x630 [ 17.782691] ret_from_fork+0x10/0x20 [ 17.782771] [ 17.782789] Allocated by task 209: [ 17.782818] kasan_save_stack+0x3c/0x68 [ 17.783052] kasan_save_track+0x20/0x40 [ 17.783158] kasan_save_alloc_info+0x40/0x58 [ 17.783233] __kasan_slab_alloc+0xa8/0xb0 [ 17.783339] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.783427] kmem_cache_oob+0x12c/0x430 [ 17.783505] kunit_try_run_case+0x170/0x3f0 [ 17.783581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.783648] kthread+0x328/0x630 [ 17.783718] ret_from_fork+0x10/0x20 [ 17.783782] [ 17.783803] The buggy address belongs to the object at fff00000c6fae000 [ 17.783803] which belongs to the cache test_cache of size 200 [ 17.783861] The buggy address is located 0 bytes to the right of [ 17.783861] allocated 200-byte region [fff00000c6fae000, fff00000c6fae0c8) [ 17.783948] [ 17.783968] The buggy address belongs to the physical page: [ 17.784181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fae [ 17.784269] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.784352] page_type: f5(slab) [ 17.784414] raw: 0bfffe0000000000 fff00000c1bdf3c0 dead000000000122 0000000000000000 [ 17.784659] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.784838] page dumped because: kasan: bad access detected [ 17.784907] [ 17.784959] Memory state around the buggy address: [ 17.785060] fff00000c6fadf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.785133] fff00000c6fae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.785214] >fff00000c6fae080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.785309] ^ [ 17.785396] fff00000c6fae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785497] fff00000c6fae180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785628] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.748606] ================================================================== [ 17.748678] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.748937] Read of size 8 at addr fff00000c6fcc500 by task kunit_try_catch/202 [ 17.749103] [ 17.749350] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.749464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.749543] Hardware name: linux,dummy-virt (DT) [ 17.749579] Call trace: [ 17.749605] show_stack+0x20/0x38 (C) [ 17.749885] dump_stack_lvl+0x8c/0xd0 [ 17.750264] print_report+0x118/0x5d0 [ 17.750345] kasan_report+0xdc/0x128 [ 17.750389] __asan_report_load8_noabort+0x20/0x30 [ 17.750442] workqueue_uaf+0x480/0x4a8 [ 17.750863] kunit_try_run_case+0x170/0x3f0 [ 17.751104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751306] kthread+0x328/0x630 [ 17.751430] ret_from_fork+0x10/0x20 [ 17.751567] [ 17.751609] Allocated by task 202: [ 17.751639] kasan_save_stack+0x3c/0x68 [ 17.751713] kasan_save_track+0x20/0x40 [ 17.752096] kasan_save_alloc_info+0x40/0x58 [ 17.752190] __kasan_kmalloc+0xd4/0xd8 [ 17.752230] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.752492] workqueue_uaf+0x13c/0x4a8 [ 17.752691] kunit_try_run_case+0x170/0x3f0 [ 17.752751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.752934] kthread+0x328/0x630 [ 17.753028] ret_from_fork+0x10/0x20 [ 17.753077] [ 17.753208] Freed by task 9: [ 17.753252] kasan_save_stack+0x3c/0x68 [ 17.753359] kasan_save_track+0x20/0x40 [ 17.753400] kasan_save_free_info+0x4c/0x78 [ 17.753442] __kasan_slab_free+0x6c/0x98 [ 17.753493] kfree+0x214/0x3c8 [ 17.753525] workqueue_uaf_work+0x18/0x30 [ 17.753565] process_one_work+0x530/0xf98 [ 17.753600] worker_thread+0x618/0xf38 [ 17.753646] kthread+0x328/0x630 [ 17.753683] ret_from_fork+0x10/0x20 [ 17.753718] [ 17.753739] Last potentially related work creation: [ 17.753766] kasan_save_stack+0x3c/0x68 [ 17.753819] kasan_record_aux_stack+0xb4/0xc8 [ 17.753857] __queue_work+0x65c/0x1008 [ 17.753893] queue_work_on+0xbc/0xf8 [ 17.753932] workqueue_uaf+0x210/0x4a8 [ 17.753981] kunit_try_run_case+0x170/0x3f0 [ 17.754029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.754079] kthread+0x328/0x630 [ 17.754114] ret_from_fork+0x10/0x20 [ 17.754148] [ 17.754175] The buggy address belongs to the object at fff00000c6fcc500 [ 17.754175] which belongs to the cache kmalloc-32 of size 32 [ 17.754233] The buggy address is located 0 bytes inside of [ 17.754233] freed 32-byte region [fff00000c6fcc500, fff00000c6fcc520) [ 17.754802] [ 17.755184] The buggy address belongs to the physical page: [ 17.755232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fcc [ 17.755312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.755376] page_type: f5(slab) [ 17.755569] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.755705] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.755782] page dumped because: kasan: bad access detected [ 17.756261] [ 17.756704] Memory state around the buggy address: [ 17.756837] fff00000c6fcc400: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.756885] fff00000c6fcc480: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.757201] >fff00000c6fcc500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.757310] ^ [ 17.757583] fff00000c6fcc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757862] fff00000c6fcc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757988] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.712013] ================================================================== [ 17.712617] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.712712] Read of size 4 at addr fff00000c6fcc2c0 by task swapper/0/0 [ 17.712760] [ 17.713108] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.713524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.713629] Hardware name: linux,dummy-virt (DT) [ 17.713664] Call trace: [ 17.713692] show_stack+0x20/0x38 (C) [ 17.713747] dump_stack_lvl+0x8c/0xd0 [ 17.713796] print_report+0x118/0x5d0 [ 17.714174] kasan_report+0xdc/0x128 [ 17.714245] __asan_report_load4_noabort+0x20/0x30 [ 17.714307] rcu_uaf_reclaim+0x64/0x70 [ 17.714668] rcu_core+0x9f4/0x1e20 [ 17.714858] rcu_core_si+0x18/0x30 [ 17.715262] handle_softirqs+0x374/0xb28 [ 17.715411] __do_softirq+0x1c/0x28 [ 17.715583] ____do_softirq+0x18/0x30 [ 17.715633] call_on_irq_stack+0x24/0x30 [ 17.716042] do_softirq_own_stack+0x24/0x38 [ 17.716103] __irq_exit_rcu+0x1fc/0x318 [ 17.716321] irq_exit_rcu+0x1c/0x80 [ 17.716516] el1_interrupt+0x38/0x58 [ 17.716579] el1h_64_irq_handler+0x18/0x28 [ 17.716803] el1h_64_irq+0x6c/0x70 [ 17.717296] arch_local_irq_enable+0x4/0x8 (P) [ 17.717767] do_idle+0x384/0x4e8 [ 17.717856] cpu_startup_entry+0x68/0x80 [ 17.718035] rest_init+0x160/0x188 [ 17.718278] start_kernel+0x308/0x3d0 [ 17.718546] __primary_switched+0x8c/0xa0 [ 17.718835] [ 17.718861] Allocated by task 200: [ 17.718894] kasan_save_stack+0x3c/0x68 [ 17.719312] kasan_save_track+0x20/0x40 [ 17.719438] kasan_save_alloc_info+0x40/0x58 [ 17.719497] __kasan_kmalloc+0xd4/0xd8 [ 17.719702] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.719962] rcu_uaf+0xb0/0x2d8 [ 17.720022] kunit_try_run_case+0x170/0x3f0 [ 17.720246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.720462] kthread+0x328/0x630 [ 17.720566] ret_from_fork+0x10/0x20 [ 17.720743] [ 17.720911] Freed by task 0: [ 17.721061] kasan_save_stack+0x3c/0x68 [ 17.721105] kasan_save_track+0x20/0x40 [ 17.721386] kasan_save_free_info+0x4c/0x78 [ 17.721584] __kasan_slab_free+0x6c/0x98 [ 17.721672] kfree+0x214/0x3c8 [ 17.721750] rcu_uaf_reclaim+0x28/0x70 [ 17.722012] rcu_core+0x9f4/0x1e20 [ 17.722406] rcu_core_si+0x18/0x30 [ 17.722573] handle_softirqs+0x374/0xb28 [ 17.722772] __do_softirq+0x1c/0x28 [ 17.722988] [ 17.723310] Last potentially related work creation: [ 17.723548] kasan_save_stack+0x3c/0x68 [ 17.723662] kasan_record_aux_stack+0xb4/0xc8 [ 17.723983] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.724274] call_rcu+0x18/0x30 [ 17.724342] rcu_uaf+0x14c/0x2d8 [ 17.724378] kunit_try_run_case+0x170/0x3f0 [ 17.724528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.724575] kthread+0x328/0x630 [ 17.724612] ret_from_fork+0x10/0x20 [ 17.724683] [ 17.724739] The buggy address belongs to the object at fff00000c6fcc2c0 [ 17.724739] which belongs to the cache kmalloc-32 of size 32 [ 17.724832] The buggy address is located 0 bytes inside of [ 17.724832] freed 32-byte region [fff00000c6fcc2c0, fff00000c6fcc2e0) [ 17.724892] [ 17.724913] The buggy address belongs to the physical page: [ 17.724953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fcc [ 17.725017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.725085] page_type: f5(slab) [ 17.725126] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.725186] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.725235] page dumped because: kasan: bad access detected [ 17.725299] [ 17.725325] Memory state around the buggy address: [ 17.725367] fff00000c6fcc180: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.725410] fff00000c6fcc200: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.725474] >fff00000c6fcc280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.725511] ^ [ 17.725544] fff00000c6fcc300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.725586] fff00000c6fcc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.725639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.476908] ================================================================== [ 17.477248] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.477322] Read of size 1 at addr fff00000c6fb0a78 by task kunit_try_catch/198 [ 17.477474] [ 17.477534] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.477687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.477728] Hardware name: linux,dummy-virt (DT) [ 17.477763] Call trace: [ 17.477946] show_stack+0x20/0x38 (C) [ 17.478120] dump_stack_lvl+0x8c/0xd0 [ 17.478184] print_report+0x118/0x5d0 [ 17.478238] kasan_report+0xdc/0x128 [ 17.478290] __asan_report_load1_noabort+0x20/0x30 [ 17.478341] ksize_uaf+0x544/0x5f8 [ 17.478387] kunit_try_run_case+0x170/0x3f0 [ 17.478434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.478483] kthread+0x328/0x630 [ 17.478623] ret_from_fork+0x10/0x20 [ 17.478679] [ 17.478698] Allocated by task 198: [ 17.479773] kasan_save_stack+0x3c/0x68 [ 17.479845] kasan_save_track+0x20/0x40 [ 17.479937] kasan_save_alloc_info+0x40/0x58 [ 17.480049] __kasan_kmalloc+0xd4/0xd8 [ 17.480147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.480322] ksize_uaf+0xb8/0x5f8 [ 17.480487] kunit_try_run_case+0x170/0x3f0 [ 17.480876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.481268] kthread+0x328/0x630 [ 17.481372] ret_from_fork+0x10/0x20 [ 17.481504] [ 17.481695] Freed by task 198: [ 17.481813] kasan_save_stack+0x3c/0x68 [ 17.481932] kasan_save_track+0x20/0x40 [ 17.482085] kasan_save_free_info+0x4c/0x78 [ 17.482183] __kasan_slab_free+0x6c/0x98 [ 17.482274] kfree+0x214/0x3c8 [ 17.482363] ksize_uaf+0x11c/0x5f8 [ 17.482475] kunit_try_run_case+0x170/0x3f0 [ 17.482562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.482881] kthread+0x328/0x630 [ 17.483050] ret_from_fork+0x10/0x20 [ 17.483129] [ 17.483169] The buggy address belongs to the object at fff00000c6fb0a00 [ 17.483169] which belongs to the cache kmalloc-128 of size 128 [ 17.483376] The buggy address is located 120 bytes inside of [ 17.483376] freed 128-byte region [fff00000c6fb0a00, fff00000c6fb0a80) [ 17.483638] [ 17.483672] The buggy address belongs to the physical page: [ 17.483740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.483805] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.483856] page_type: f5(slab) [ 17.483919] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.483970] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.484011] page dumped because: kasan: bad access detected [ 17.484044] [ 17.484071] Memory state around the buggy address: [ 17.484100] fff00000c6fb0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.484152] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.484204] >fff00000c6fb0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.484241] ^ [ 17.484301] fff00000c6fb0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.484343] fff00000c6fb0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.484381] ================================================================== [ 17.466517] ================================================================== [ 17.466843] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.467008] Read of size 1 at addr fff00000c6fb0a00 by task kunit_try_catch/198 [ 17.467162] [ 17.467201] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.467390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.467457] Hardware name: linux,dummy-virt (DT) [ 17.467514] Call trace: [ 17.467542] show_stack+0x20/0x38 (C) [ 17.467591] dump_stack_lvl+0x8c/0xd0 [ 17.468025] print_report+0x118/0x5d0 [ 17.468184] kasan_report+0xdc/0x128 [ 17.468273] __asan_report_load1_noabort+0x20/0x30 [ 17.468429] ksize_uaf+0x598/0x5f8 [ 17.468519] kunit_try_run_case+0x170/0x3f0 [ 17.468911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.469088] kthread+0x328/0x630 [ 17.469174] ret_from_fork+0x10/0x20 [ 17.469337] [ 17.469401] Allocated by task 198: [ 17.469484] kasan_save_stack+0x3c/0x68 [ 17.469547] kasan_save_track+0x20/0x40 [ 17.469582] kasan_save_alloc_info+0x40/0x58 [ 17.469803] __kasan_kmalloc+0xd4/0xd8 [ 17.470131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.470217] ksize_uaf+0xb8/0x5f8 [ 17.470370] kunit_try_run_case+0x170/0x3f0 [ 17.470452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.470783] kthread+0x328/0x630 [ 17.471002] ret_from_fork+0x10/0x20 [ 17.471091] [ 17.471140] Freed by task 198: [ 17.471256] kasan_save_stack+0x3c/0x68 [ 17.471326] kasan_save_track+0x20/0x40 [ 17.471544] kasan_save_free_info+0x4c/0x78 [ 17.471665] __kasan_slab_free+0x6c/0x98 [ 17.471951] kfree+0x214/0x3c8 [ 17.472263] ksize_uaf+0x11c/0x5f8 [ 17.472324] kunit_try_run_case+0x170/0x3f0 [ 17.472697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.472784] kthread+0x328/0x630 [ 17.472904] ret_from_fork+0x10/0x20 [ 17.472981] [ 17.473119] The buggy address belongs to the object at fff00000c6fb0a00 [ 17.473119] which belongs to the cache kmalloc-128 of size 128 [ 17.473207] The buggy address is located 0 bytes inside of [ 17.473207] freed 128-byte region [fff00000c6fb0a00, fff00000c6fb0a80) [ 17.473426] [ 17.473490] The buggy address belongs to the physical page: [ 17.473690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.473771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.473903] page_type: f5(slab) [ 17.473972] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.474085] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.474129] page dumped because: kasan: bad access detected [ 17.474561] [ 17.474627] Memory state around the buggy address: [ 17.474753] fff00000c6fb0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.474846] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.474967] >fff00000c6fb0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.475015] ^ [ 17.475042] fff00000c6fb0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.475344] fff00000c6fb0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.475526] ================================================================== [ 17.455288] ================================================================== [ 17.455495] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.455586] Read of size 1 at addr fff00000c6fb0a00 by task kunit_try_catch/198 [ 17.455916] [ 17.455984] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.456412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.456452] Hardware name: linux,dummy-virt (DT) [ 17.456510] Call trace: [ 17.456580] show_stack+0x20/0x38 (C) [ 17.456792] dump_stack_lvl+0x8c/0xd0 [ 17.457186] print_report+0x118/0x5d0 [ 17.457360] kasan_report+0xdc/0x128 [ 17.457415] __kasan_check_byte+0x54/0x70 [ 17.457676] ksize+0x30/0x88 [ 17.457906] ksize_uaf+0x168/0x5f8 [ 17.458005] kunit_try_run_case+0x170/0x3f0 [ 17.458404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.458550] kthread+0x328/0x630 [ 17.458639] ret_from_fork+0x10/0x20 [ 17.458965] [ 17.459041] Allocated by task 198: [ 17.459139] kasan_save_stack+0x3c/0x68 [ 17.459240] kasan_save_track+0x20/0x40 [ 17.459308] kasan_save_alloc_info+0x40/0x58 [ 17.459490] __kasan_kmalloc+0xd4/0xd8 [ 17.459646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.459857] ksize_uaf+0xb8/0x5f8 [ 17.459914] kunit_try_run_case+0x170/0x3f0 [ 17.460121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.460343] kthread+0x328/0x630 [ 17.460458] ret_from_fork+0x10/0x20 [ 17.460535] [ 17.460583] Freed by task 198: [ 17.460611] kasan_save_stack+0x3c/0x68 [ 17.460691] kasan_save_track+0x20/0x40 [ 17.460729] kasan_save_free_info+0x4c/0x78 [ 17.460766] __kasan_slab_free+0x6c/0x98 [ 17.460813] kfree+0x214/0x3c8 [ 17.460843] ksize_uaf+0x11c/0x5f8 [ 17.460888] kunit_try_run_case+0x170/0x3f0 [ 17.460926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.460968] kthread+0x328/0x630 [ 17.461003] ret_from_fork+0x10/0x20 [ 17.461052] [ 17.461072] The buggy address belongs to the object at fff00000c6fb0a00 [ 17.461072] which belongs to the cache kmalloc-128 of size 128 [ 17.461132] The buggy address is located 0 bytes inside of [ 17.461132] freed 128-byte region [fff00000c6fb0a00, fff00000c6fb0a80) [ 17.461193] [ 17.461220] The buggy address belongs to the physical page: [ 17.461250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.461330] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.461385] page_type: f5(slab) [ 17.461438] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.461497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.461548] page dumped because: kasan: bad access detected [ 17.461590] [ 17.461609] Memory state around the buggy address: [ 17.461642] fff00000c6fb0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.461696] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.461746] >fff00000c6fb0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.461787] ^ [ 17.461814] fff00000c6fb0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.461863] fff00000c6fb0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.461901] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.422777] ================================================================== [ 17.422936] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.423263] Read of size 1 at addr fff00000c6fb0973 by task kunit_try_catch/196 [ 17.423626] [ 17.423672] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.424107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.424172] Hardware name: linux,dummy-virt (DT) [ 17.424330] Call trace: [ 17.424385] show_stack+0x20/0x38 (C) [ 17.424633] dump_stack_lvl+0x8c/0xd0 [ 17.424894] print_report+0x118/0x5d0 [ 17.424970] kasan_report+0xdc/0x128 [ 17.425360] __asan_report_load1_noabort+0x20/0x30 [ 17.425426] ksize_unpoisons_memory+0x628/0x740 [ 17.425932] kunit_try_run_case+0x170/0x3f0 [ 17.426019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.426074] kthread+0x328/0x630 [ 17.426303] ret_from_fork+0x10/0x20 [ 17.426564] [ 17.426588] Allocated by task 196: [ 17.426636] kasan_save_stack+0x3c/0x68 [ 17.426826] kasan_save_track+0x20/0x40 [ 17.426905] kasan_save_alloc_info+0x40/0x58 [ 17.427026] __kasan_kmalloc+0xd4/0xd8 [ 17.427153] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.427222] ksize_unpoisons_memory+0xc0/0x740 [ 17.427269] kunit_try_run_case+0x170/0x3f0 [ 17.427655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.427774] kthread+0x328/0x630 [ 17.427843] ret_from_fork+0x10/0x20 [ 17.427942] [ 17.427963] The buggy address belongs to the object at fff00000c6fb0900 [ 17.427963] which belongs to the cache kmalloc-128 of size 128 [ 17.428261] The buggy address is located 0 bytes to the right of [ 17.428261] allocated 115-byte region [fff00000c6fb0900, fff00000c6fb0973) [ 17.428678] [ 17.428729] The buggy address belongs to the physical page: [ 17.428901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.429000] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.429337] page_type: f5(slab) [ 17.429581] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.429697] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.429801] page dumped because: kasan: bad access detected [ 17.429865] [ 17.429896] Memory state around the buggy address: [ 17.430008] fff00000c6fb0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.430086] fff00000c6fb0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430604] >fff00000c6fb0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.430691] ^ [ 17.430736] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430806] fff00000c6fb0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430844] ================================================================== [ 17.432853] ================================================================== [ 17.433113] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.433296] Read of size 1 at addr fff00000c6fb0978 by task kunit_try_catch/196 [ 17.433356] [ 17.433691] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.433829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.433889] Hardware name: linux,dummy-virt (DT) [ 17.433938] Call trace: [ 17.433967] show_stack+0x20/0x38 (C) [ 17.434126] dump_stack_lvl+0x8c/0xd0 [ 17.434200] print_report+0x118/0x5d0 [ 17.434317] kasan_report+0xdc/0x128 [ 17.434550] __asan_report_load1_noabort+0x20/0x30 [ 17.434788] ksize_unpoisons_memory+0x618/0x740 [ 17.434945] kunit_try_run_case+0x170/0x3f0 [ 17.435029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.435156] kthread+0x328/0x630 [ 17.435243] ret_from_fork+0x10/0x20 [ 17.435312] [ 17.435330] Allocated by task 196: [ 17.435358] kasan_save_stack+0x3c/0x68 [ 17.435606] kasan_save_track+0x20/0x40 [ 17.435790] kasan_save_alloc_info+0x40/0x58 [ 17.435938] __kasan_kmalloc+0xd4/0xd8 [ 17.436024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.436147] ksize_unpoisons_memory+0xc0/0x740 [ 17.436222] kunit_try_run_case+0x170/0x3f0 [ 17.436266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.436516] kthread+0x328/0x630 [ 17.436699] ret_from_fork+0x10/0x20 [ 17.437119] [ 17.437194] The buggy address belongs to the object at fff00000c6fb0900 [ 17.437194] which belongs to the cache kmalloc-128 of size 128 [ 17.437334] The buggy address is located 5 bytes to the right of [ 17.437334] allocated 115-byte region [fff00000c6fb0900, fff00000c6fb0973) [ 17.437489] [ 17.437547] The buggy address belongs to the physical page: [ 17.437751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.437881] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.438142] page_type: f5(slab) [ 17.438230] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.438406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.438475] page dumped because: kasan: bad access detected [ 17.438588] [ 17.438607] Memory state around the buggy address: [ 17.438653] fff00000c6fb0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.438712] fff00000c6fb0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.438907] >fff00000c6fb0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.439125] ^ [ 17.439210] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.439351] fff00000c6fb0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.439429] ================================================================== [ 17.440364] ================================================================== [ 17.440412] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.440465] Read of size 1 at addr fff00000c6fb097f by task kunit_try_catch/196 [ 17.440834] [ 17.440958] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.441071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.441155] Hardware name: linux,dummy-virt (DT) [ 17.441203] Call trace: [ 17.441240] show_stack+0x20/0x38 (C) [ 17.441522] dump_stack_lvl+0x8c/0xd0 [ 17.441583] print_report+0x118/0x5d0 [ 17.441641] kasan_report+0xdc/0x128 [ 17.441693] __asan_report_load1_noabort+0x20/0x30 [ 17.441965] ksize_unpoisons_memory+0x690/0x740 [ 17.442020] kunit_try_run_case+0x170/0x3f0 [ 17.442076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.442341] kthread+0x328/0x630 [ 17.442421] ret_from_fork+0x10/0x20 [ 17.442469] [ 17.442632] Allocated by task 196: [ 17.442669] kasan_save_stack+0x3c/0x68 [ 17.442711] kasan_save_track+0x20/0x40 [ 17.442746] kasan_save_alloc_info+0x40/0x58 [ 17.442843] __kasan_kmalloc+0xd4/0xd8 [ 17.442882] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.442919] ksize_unpoisons_memory+0xc0/0x740 [ 17.442960] kunit_try_run_case+0x170/0x3f0 [ 17.442999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.443039] kthread+0x328/0x630 [ 17.443072] ret_from_fork+0x10/0x20 [ 17.443108] [ 17.443138] The buggy address belongs to the object at fff00000c6fb0900 [ 17.443138] which belongs to the cache kmalloc-128 of size 128 [ 17.443198] The buggy address is located 12 bytes to the right of [ 17.443198] allocated 115-byte region [fff00000c6fb0900, fff00000c6fb0973) [ 17.443260] [ 17.443291] The buggy address belongs to the physical page: [ 17.443319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.443371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.443428] page_type: f5(slab) [ 17.443465] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.443523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.443565] page dumped because: kasan: bad access detected [ 17.443596] [ 17.443613] Memory state around the buggy address: [ 17.443643] fff00000c6fb0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.443686] fff00000c6fb0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.443729] >fff00000c6fb0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.443776] ^ [ 17.443826] fff00000c6fb0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.443871] fff00000c6fb0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.443918] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.405528] ================================================================== [ 17.405935] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.406160] Free of addr fff00000c16d06e0 by task kunit_try_catch/194 [ 17.406339] [ 17.406395] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.406501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.406529] Hardware name: linux,dummy-virt (DT) [ 17.406747] Call trace: [ 17.406798] show_stack+0x20/0x38 (C) [ 17.407046] dump_stack_lvl+0x8c/0xd0 [ 17.407144] print_report+0x118/0x5d0 [ 17.407219] kasan_report_invalid_free+0xc0/0xe8 [ 17.407365] check_slab_allocation+0xd4/0x108 [ 17.407425] __kasan_slab_pre_free+0x2c/0x48 [ 17.407480] kfree+0xe8/0x3c8 [ 17.407710] kfree_sensitive+0x3c/0xb0 [ 17.407878] kmalloc_double_kzfree+0x168/0x308 [ 17.408044] kunit_try_run_case+0x170/0x3f0 [ 17.408130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.408416] kthread+0x328/0x630 [ 17.408661] ret_from_fork+0x10/0x20 [ 17.408798] [ 17.408847] Allocated by task 194: [ 17.409042] kasan_save_stack+0x3c/0x68 [ 17.409112] kasan_save_track+0x20/0x40 [ 17.409329] kasan_save_alloc_info+0x40/0x58 [ 17.409499] __kasan_kmalloc+0xd4/0xd8 [ 17.409650] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.409771] kmalloc_double_kzfree+0xb8/0x308 [ 17.409879] kunit_try_run_case+0x170/0x3f0 [ 17.409951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.410079] kthread+0x328/0x630 [ 17.410128] ret_from_fork+0x10/0x20 [ 17.410174] [ 17.410426] Freed by task 194: [ 17.410565] kasan_save_stack+0x3c/0x68 [ 17.410750] kasan_save_track+0x20/0x40 [ 17.410833] kasan_save_free_info+0x4c/0x78 [ 17.411008] __kasan_slab_free+0x6c/0x98 [ 17.411065] kfree+0x214/0x3c8 [ 17.411096] kfree_sensitive+0x80/0xb0 [ 17.411140] kmalloc_double_kzfree+0x11c/0x308 [ 17.411371] kunit_try_run_case+0x170/0x3f0 [ 17.411594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.411677] kthread+0x328/0x630 [ 17.412253] ret_from_fork+0x10/0x20 [ 17.412603] [ 17.412691] The buggy address belongs to the object at fff00000c16d06e0 [ 17.412691] which belongs to the cache kmalloc-16 of size 16 [ 17.412798] The buggy address is located 0 bytes inside of [ 17.412798] 16-byte region [fff00000c16d06e0, fff00000c16d06f0) [ 17.413023] [ 17.413082] The buggy address belongs to the physical page: [ 17.413737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 17.413954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.414039] page_type: f5(slab) [ 17.414331] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.414731] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.414813] page dumped because: kasan: bad access detected [ 17.414931] [ 17.414984] Memory state around the buggy address: [ 17.415078] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.415144] fff00000c16d0600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.415203] >fff00000c16d0680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.415290] ^ [ 17.415409] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.415463] fff00000c16d0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.415503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.398006] ================================================================== [ 17.398074] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.398343] Read of size 1 at addr fff00000c16d06e0 by task kunit_try_catch/194 [ 17.398652] [ 17.398711] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.398980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.399087] Hardware name: linux,dummy-virt (DT) [ 17.399156] Call trace: [ 17.399258] show_stack+0x20/0x38 (C) [ 17.399397] dump_stack_lvl+0x8c/0xd0 [ 17.399449] print_report+0x118/0x5d0 [ 17.399492] kasan_report+0xdc/0x128 [ 17.399822] __kasan_check_byte+0x54/0x70 [ 17.399898] kfree_sensitive+0x30/0xb0 [ 17.400035] kmalloc_double_kzfree+0x168/0x308 [ 17.400086] kunit_try_run_case+0x170/0x3f0 [ 17.400136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.400194] kthread+0x328/0x630 [ 17.400257] ret_from_fork+0x10/0x20 [ 17.400316] [ 17.400336] Allocated by task 194: [ 17.400365] kasan_save_stack+0x3c/0x68 [ 17.400403] kasan_save_track+0x20/0x40 [ 17.400440] kasan_save_alloc_info+0x40/0x58 [ 17.400478] __kasan_kmalloc+0xd4/0xd8 [ 17.400514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.400550] kmalloc_double_kzfree+0xb8/0x308 [ 17.400590] kunit_try_run_case+0x170/0x3f0 [ 17.400637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.400694] kthread+0x328/0x630 [ 17.400729] ret_from_fork+0x10/0x20 [ 17.400766] [ 17.400793] Freed by task 194: [ 17.400817] kasan_save_stack+0x3c/0x68 [ 17.400858] kasan_save_track+0x20/0x40 [ 17.400902] kasan_save_free_info+0x4c/0x78 [ 17.400941] __kasan_slab_free+0x6c/0x98 [ 17.400977] kfree+0x214/0x3c8 [ 17.401015] kfree_sensitive+0x80/0xb0 [ 17.401062] kmalloc_double_kzfree+0x11c/0x308 [ 17.401108] kunit_try_run_case+0x170/0x3f0 [ 17.401155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.401202] kthread+0x328/0x630 [ 17.401244] ret_from_fork+0x10/0x20 [ 17.401278] [ 17.401588] The buggy address belongs to the object at fff00000c16d06e0 [ 17.401588] which belongs to the cache kmalloc-16 of size 16 [ 17.401889] The buggy address is located 0 bytes inside of [ 17.401889] freed 16-byte region [fff00000c16d06e0, fff00000c16d06f0) [ 17.401960] [ 17.402396] The buggy address belongs to the physical page: [ 17.402509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 17.402670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.402758] page_type: f5(slab) [ 17.402870] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.402939] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.402980] page dumped because: kasan: bad access detected [ 17.403011] [ 17.403029] Memory state around the buggy address: [ 17.403237] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.403540] fff00000c16d0600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.403646] >fff00000c16d0680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.403759] ^ [ 17.403918] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.404236] fff00000c16d0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.404566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.369738] ================================================================== [ 17.369880] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.369957] Read of size 1 at addr fff00000c6fca128 by task kunit_try_catch/190 [ 17.370009] [ 17.370047] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.370342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.370508] Hardware name: linux,dummy-virt (DT) [ 17.370551] Call trace: [ 17.370623] show_stack+0x20/0x38 (C) [ 17.370698] dump_stack_lvl+0x8c/0xd0 [ 17.370825] print_report+0x118/0x5d0 [ 17.370913] kasan_report+0xdc/0x128 [ 17.370967] __asan_report_load1_noabort+0x20/0x30 [ 17.371192] kmalloc_uaf2+0x3f4/0x468 [ 17.371423] kunit_try_run_case+0x170/0x3f0 [ 17.371574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.371662] kthread+0x328/0x630 [ 17.371818] ret_from_fork+0x10/0x20 [ 17.371921] [ 17.371947] Allocated by task 190: [ 17.371984] kasan_save_stack+0x3c/0x68 [ 17.372246] kasan_save_track+0x20/0x40 [ 17.372392] kasan_save_alloc_info+0x40/0x58 [ 17.372624] __kasan_kmalloc+0xd4/0xd8 [ 17.372701] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.372861] kmalloc_uaf2+0xc4/0x468 [ 17.372901] kunit_try_run_case+0x170/0x3f0 [ 17.372976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.373318] kthread+0x328/0x630 [ 17.373551] ret_from_fork+0x10/0x20 [ 17.373646] [ 17.373813] Freed by task 190: [ 17.373843] kasan_save_stack+0x3c/0x68 [ 17.373927] kasan_save_track+0x20/0x40 [ 17.374145] kasan_save_free_info+0x4c/0x78 [ 17.374833] __kasan_slab_free+0x6c/0x98 [ 17.374956] kfree+0x214/0x3c8 [ 17.375292] kmalloc_uaf2+0x134/0x468 [ 17.375358] kunit_try_run_case+0x170/0x3f0 [ 17.375420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.375557] kthread+0x328/0x630 [ 17.375661] ret_from_fork+0x10/0x20 [ 17.375697] [ 17.375717] The buggy address belongs to the object at fff00000c6fca100 [ 17.375717] which belongs to the cache kmalloc-64 of size 64 [ 17.375776] The buggy address is located 40 bytes inside of [ 17.375776] freed 64-byte region [fff00000c6fca100, fff00000c6fca140) [ 17.376410] [ 17.376470] The buggy address belongs to the physical page: [ 17.376566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fca [ 17.376653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.376721] page_type: f5(slab) [ 17.377078] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.377358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.377429] page dumped because: kasan: bad access detected [ 17.377567] [ 17.377596] Memory state around the buggy address: [ 17.377629] fff00000c6fca000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.377706] fff00000c6fca080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.377761] >fff00000c6fca100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.377801] ^ [ 17.377833] fff00000c6fca180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.377876] fff00000c6fca200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.377917] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.353247] ================================================================== [ 17.353527] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.353895] Write of size 33 at addr fff00000c3e99f80 by task kunit_try_catch/188 [ 17.353983] [ 17.354017] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.354097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.354124] Hardware name: linux,dummy-virt (DT) [ 17.354154] Call trace: [ 17.354175] show_stack+0x20/0x38 (C) [ 17.354729] dump_stack_lvl+0x8c/0xd0 [ 17.354912] print_report+0x118/0x5d0 [ 17.354996] kasan_report+0xdc/0x128 [ 17.355074] kasan_check_range+0x100/0x1a8 [ 17.355329] __asan_memset+0x34/0x78 [ 17.355513] kmalloc_uaf_memset+0x170/0x310 [ 17.355563] kunit_try_run_case+0x170/0x3f0 [ 17.355614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.355666] kthread+0x328/0x630 [ 17.355712] ret_from_fork+0x10/0x20 [ 17.355827] [ 17.355847] Allocated by task 188: [ 17.355884] kasan_save_stack+0x3c/0x68 [ 17.355932] kasan_save_track+0x20/0x40 [ 17.355977] kasan_save_alloc_info+0x40/0x58 [ 17.356015] __kasan_kmalloc+0xd4/0xd8 [ 17.356065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.356113] kmalloc_uaf_memset+0xb8/0x310 [ 17.356155] kunit_try_run_case+0x170/0x3f0 [ 17.356210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.356250] kthread+0x328/0x630 [ 17.356306] ret_from_fork+0x10/0x20 [ 17.356340] [ 17.356360] Freed by task 188: [ 17.356393] kasan_save_stack+0x3c/0x68 [ 17.356438] kasan_save_track+0x20/0x40 [ 17.356482] kasan_save_free_info+0x4c/0x78 [ 17.356520] __kasan_slab_free+0x6c/0x98 [ 17.356564] kfree+0x214/0x3c8 [ 17.356604] kmalloc_uaf_memset+0x11c/0x310 [ 17.356642] kunit_try_run_case+0x170/0x3f0 [ 17.356689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.356728] kthread+0x328/0x630 [ 17.356771] ret_from_fork+0x10/0x20 [ 17.356805] [ 17.356823] The buggy address belongs to the object at fff00000c3e99f80 [ 17.356823] which belongs to the cache kmalloc-64 of size 64 [ 17.356894] The buggy address is located 0 bytes inside of [ 17.356894] freed 64-byte region [fff00000c3e99f80, fff00000c3e99fc0) [ 17.356954] [ 17.356974] The buggy address belongs to the physical page: [ 17.357014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e99 [ 17.357065] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.357116] page_type: f5(slab) [ 17.357171] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.357219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.357259] page dumped because: kasan: bad access detected [ 17.357769] [ 17.357793] Memory state around the buggy address: [ 17.358457] fff00000c3e99e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.358601] fff00000c3e99f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.358737] >fff00000c3e99f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.358775] ^ [ 17.358829] fff00000c3e9a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.358877] fff00000c3e9a080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.359316] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.333046] ================================================================== [ 17.333549] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.333705] Read of size 1 at addr fff00000c16d06c8 by task kunit_try_catch/186 [ 17.333758] [ 17.333815] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.333929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.333956] Hardware name: linux,dummy-virt (DT) [ 17.334329] Call trace: [ 17.334364] show_stack+0x20/0x38 (C) [ 17.334419] dump_stack_lvl+0x8c/0xd0 [ 17.334561] print_report+0x118/0x5d0 [ 17.334647] kasan_report+0xdc/0x128 [ 17.334691] __asan_report_load1_noabort+0x20/0x30 [ 17.334855] kmalloc_uaf+0x300/0x338 [ 17.334900] kunit_try_run_case+0x170/0x3f0 [ 17.335141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.335335] kthread+0x328/0x630 [ 17.335547] ret_from_fork+0x10/0x20 [ 17.335704] [ 17.335741] Allocated by task 186: [ 17.335783] kasan_save_stack+0x3c/0x68 [ 17.335822] kasan_save_track+0x20/0x40 [ 17.335860] kasan_save_alloc_info+0x40/0x58 [ 17.335945] __kasan_kmalloc+0xd4/0xd8 [ 17.335996] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.336037] kmalloc_uaf+0xb8/0x338 [ 17.336081] kunit_try_run_case+0x170/0x3f0 [ 17.336129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.336170] kthread+0x328/0x630 [ 17.336203] ret_from_fork+0x10/0x20 [ 17.336240] [ 17.336260] Freed by task 186: [ 17.336298] kasan_save_stack+0x3c/0x68 [ 17.336351] kasan_save_track+0x20/0x40 [ 17.336392] kasan_save_free_info+0x4c/0x78 [ 17.336445] __kasan_slab_free+0x6c/0x98 [ 17.336483] kfree+0x214/0x3c8 [ 17.336520] kmalloc_uaf+0x11c/0x338 [ 17.336557] kunit_try_run_case+0x170/0x3f0 [ 17.336595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.336645] kthread+0x328/0x630 [ 17.336679] ret_from_fork+0x10/0x20 [ 17.336716] [ 17.336743] The buggy address belongs to the object at fff00000c16d06c0 [ 17.336743] which belongs to the cache kmalloc-16 of size 16 [ 17.336808] The buggy address is located 8 bytes inside of [ 17.336808] freed 16-byte region [fff00000c16d06c0, fff00000c16d06d0) [ 17.336867] [ 17.336887] The buggy address belongs to the physical page: [ 17.336919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 17.336990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.337052] page_type: f5(slab) [ 17.337106] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.337162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.337204] page dumped because: kasan: bad access detected [ 17.337235] [ 17.337254] Memory state around the buggy address: [ 17.337605] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.337888] fff00000c16d0600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.338161] >fff00000c16d0680: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.338228] ^ [ 17.338289] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.338508] fff00000c16d0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.338665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.301458] ================================================================== [ 17.301528] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.301870] Read of size 18446744073709551614 at addr fff00000c3e99a04 by task kunit_try_catch/182 [ 17.302216] [ 17.302258] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.302387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.302413] Hardware name: linux,dummy-virt (DT) [ 17.302463] Call trace: [ 17.302503] show_stack+0x20/0x38 (C) [ 17.302595] dump_stack_lvl+0x8c/0xd0 [ 17.302664] print_report+0x118/0x5d0 [ 17.302708] kasan_report+0xdc/0x128 [ 17.302813] kasan_check_range+0x100/0x1a8 [ 17.302878] __asan_memmove+0x3c/0x98 [ 17.303117] kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.303384] kunit_try_run_case+0x170/0x3f0 [ 17.303489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.303581] kthread+0x328/0x630 [ 17.303891] ret_from_fork+0x10/0x20 [ 17.304071] [ 17.304131] Allocated by task 182: [ 17.305144] kasan_save_stack+0x3c/0x68 [ 17.305193] kasan_save_track+0x20/0x40 [ 17.305243] kasan_save_alloc_info+0x40/0x58 [ 17.305301] __kasan_kmalloc+0xd4/0xd8 [ 17.305339] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.305380] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 17.305443] kunit_try_run_case+0x170/0x3f0 [ 17.305482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.305550] kthread+0x328/0x630 [ 17.305586] ret_from_fork+0x10/0x20 [ 17.305633] [ 17.305662] The buggy address belongs to the object at fff00000c3e99a00 [ 17.305662] which belongs to the cache kmalloc-64 of size 64 [ 17.305720] The buggy address is located 4 bytes inside of [ 17.305720] 64-byte region [fff00000c3e99a00, fff00000c3e99a40) [ 17.305791] [ 17.305812] The buggy address belongs to the physical page: [ 17.305843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e99 [ 17.305914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.305963] page_type: f5(slab) [ 17.306016] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.306065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.306104] page dumped because: kasan: bad access detected [ 17.306138] [ 17.306156] Memory state around the buggy address: [ 17.306197] fff00000c3e99900: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.306240] fff00000c3e99980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.307115] >fff00000c3e99a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.307182] ^ [ 17.307223] fff00000c3e99a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.307274] fff00000c3e99b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.307351] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.285502] ================================================================== [ 17.286130] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 17.286340] Write of size 16 at addr fff00000c6fb0769 by task kunit_try_catch/180 [ 17.286467] [ 17.286558] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.286671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.286697] Hardware name: linux,dummy-virt (DT) [ 17.286734] Call trace: [ 17.286845] show_stack+0x20/0x38 (C) [ 17.286909] dump_stack_lvl+0x8c/0xd0 [ 17.286969] print_report+0x118/0x5d0 [ 17.287174] kasan_report+0xdc/0x128 [ 17.287353] kasan_check_range+0x100/0x1a8 [ 17.287555] __asan_memset+0x34/0x78 [ 17.287683] kmalloc_oob_memset_16+0x150/0x2f8 [ 17.287759] kunit_try_run_case+0x170/0x3f0 [ 17.287877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.288075] kthread+0x328/0x630 [ 17.288277] ret_from_fork+0x10/0x20 [ 17.288358] [ 17.288378] Allocated by task 180: [ 17.288405] kasan_save_stack+0x3c/0x68 [ 17.288442] kasan_save_track+0x20/0x40 [ 17.288483] kasan_save_alloc_info+0x40/0x58 [ 17.288520] __kasan_kmalloc+0xd4/0xd8 [ 17.288564] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.288602] kmalloc_oob_memset_16+0xb0/0x2f8 [ 17.288640] kunit_try_run_case+0x170/0x3f0 [ 17.288678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.288717] kthread+0x328/0x630 [ 17.288758] ret_from_fork+0x10/0x20 [ 17.288794] [ 17.288814] The buggy address belongs to the object at fff00000c6fb0700 [ 17.288814] which belongs to the cache kmalloc-128 of size 128 [ 17.288875] The buggy address is located 105 bytes inside of [ 17.288875] allocated 120-byte region [fff00000c6fb0700, fff00000c6fb0778) [ 17.288943] [ 17.288963] The buggy address belongs to the physical page: [ 17.288998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.289064] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.289112] page_type: f5(slab) [ 17.289162] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.289221] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.289259] page dumped because: kasan: bad access detected [ 17.289308] [ 17.289623] Memory state around the buggy address: [ 17.289892] fff00000c6fb0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.289962] fff00000c6fb0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.290012] >fff00000c6fb0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.290064] ^ [ 17.290156] fff00000c6fb0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.290247] fff00000c6fb0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.290305] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.261567] ================================================================== [ 17.261800] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 17.262140] Write of size 8 at addr fff00000c6fb0671 by task kunit_try_catch/178 [ 17.262212] [ 17.262580] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.262694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.262996] Hardware name: linux,dummy-virt (DT) [ 17.263413] Call trace: [ 17.263489] show_stack+0x20/0x38 (C) [ 17.263646] dump_stack_lvl+0x8c/0xd0 [ 17.263734] print_report+0x118/0x5d0 [ 17.263838] kasan_report+0xdc/0x128 [ 17.263938] kasan_check_range+0x100/0x1a8 [ 17.264058] __asan_memset+0x34/0x78 [ 17.264125] kmalloc_oob_memset_8+0x150/0x2f8 [ 17.264244] kunit_try_run_case+0x170/0x3f0 [ 17.264351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.264473] kthread+0x328/0x630 [ 17.264542] ret_from_fork+0x10/0x20 [ 17.264970] [ 17.265051] Allocated by task 178: [ 17.265434] kasan_save_stack+0x3c/0x68 [ 17.265523] kasan_save_track+0x20/0x40 [ 17.265686] kasan_save_alloc_info+0x40/0x58 [ 17.265870] __kasan_kmalloc+0xd4/0xd8 [ 17.266096] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.266333] kmalloc_oob_memset_8+0xb0/0x2f8 [ 17.266759] kunit_try_run_case+0x170/0x3f0 [ 17.266906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.267108] kthread+0x328/0x630 [ 17.267324] ret_from_fork+0x10/0x20 [ 17.267399] [ 17.267483] The buggy address belongs to the object at fff00000c6fb0600 [ 17.267483] which belongs to the cache kmalloc-128 of size 128 [ 17.267570] The buggy address is located 113 bytes inside of [ 17.267570] allocated 120-byte region [fff00000c6fb0600, fff00000c6fb0678) [ 17.267755] [ 17.267824] The buggy address belongs to the physical page: [ 17.267909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.268087] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.268185] page_type: f5(slab) [ 17.268645] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.268748] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.268963] page dumped because: kasan: bad access detected [ 17.269110] [ 17.269238] Memory state around the buggy address: [ 17.269360] fff00000c6fb0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.269417] fff00000c6fb0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269492] >fff00000c6fb0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.269686] ^ [ 17.270118] fff00000c6fb0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.270330] fff00000c6fb0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.270416] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.245953] ================================================================== [ 17.246016] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 17.246079] Write of size 4 at addr fff00000c6fb0575 by task kunit_try_catch/176 [ 17.246269] [ 17.246812] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.247068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.247187] Hardware name: linux,dummy-virt (DT) [ 17.247265] Call trace: [ 17.247323] show_stack+0x20/0x38 (C) [ 17.247458] dump_stack_lvl+0x8c/0xd0 [ 17.247550] print_report+0x118/0x5d0 [ 17.247633] kasan_report+0xdc/0x128 [ 17.247676] kasan_check_range+0x100/0x1a8 [ 17.247720] __asan_memset+0x34/0x78 [ 17.248127] kmalloc_oob_memset_4+0x150/0x300 [ 17.248263] kunit_try_run_case+0x170/0x3f0 [ 17.248426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248515] kthread+0x328/0x630 [ 17.248629] ret_from_fork+0x10/0x20 [ 17.248711] [ 17.248730] Allocated by task 176: [ 17.248766] kasan_save_stack+0x3c/0x68 [ 17.249020] kasan_save_track+0x20/0x40 [ 17.249329] kasan_save_alloc_info+0x40/0x58 [ 17.249461] __kasan_kmalloc+0xd4/0xd8 [ 17.249628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.249710] kmalloc_oob_memset_4+0xb0/0x300 [ 17.249749] kunit_try_run_case+0x170/0x3f0 [ 17.250119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.250345] kthread+0x328/0x630 [ 17.250496] ret_from_fork+0x10/0x20 [ 17.250585] [ 17.250661] The buggy address belongs to the object at fff00000c6fb0500 [ 17.250661] which belongs to the cache kmalloc-128 of size 128 [ 17.250719] The buggy address is located 117 bytes inside of [ 17.250719] allocated 120-byte region [fff00000c6fb0500, fff00000c6fb0578) [ 17.250950] [ 17.251009] The buggy address belongs to the physical page: [ 17.251218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.251361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.251483] page_type: f5(slab) [ 17.251545] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.251691] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.251731] page dumped because: kasan: bad access detected [ 17.251767] [ 17.251786] Memory state around the buggy address: [ 17.251848] fff00000c6fb0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.252110] fff00000c6fb0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.252191] >fff00000c6fb0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.252334] ^ [ 17.252522] fff00000c6fb0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.252611] fff00000c6fb0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.252755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.230768] ================================================================== [ 17.231023] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 17.231154] Write of size 2 at addr fff00000c6fb0477 by task kunit_try_catch/174 [ 17.231212] [ 17.231246] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.231341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.231763] Hardware name: linux,dummy-virt (DT) [ 17.231819] Call trace: [ 17.231858] show_stack+0x20/0x38 (C) [ 17.232024] dump_stack_lvl+0x8c/0xd0 [ 17.232110] print_report+0x118/0x5d0 [ 17.232408] kasan_report+0xdc/0x128 [ 17.232532] kasan_check_range+0x100/0x1a8 [ 17.232584] __asan_memset+0x34/0x78 [ 17.232647] kmalloc_oob_memset_2+0x150/0x2f8 [ 17.232706] kunit_try_run_case+0x170/0x3f0 [ 17.232756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.232813] kthread+0x328/0x630 [ 17.232866] ret_from_fork+0x10/0x20 [ 17.232912] [ 17.232930] Allocated by task 174: [ 17.232957] kasan_save_stack+0x3c/0x68 [ 17.232995] kasan_save_track+0x20/0x40 [ 17.233041] kasan_save_alloc_info+0x40/0x58 [ 17.233077] __kasan_kmalloc+0xd4/0xd8 [ 17.233111] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.233153] kmalloc_oob_memset_2+0xb0/0x2f8 [ 17.233205] kunit_try_run_case+0x170/0x3f0 [ 17.233243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.233292] kthread+0x328/0x630 [ 17.233328] ret_from_fork+0x10/0x20 [ 17.233362] [ 17.233391] The buggy address belongs to the object at fff00000c6fb0400 [ 17.233391] which belongs to the cache kmalloc-128 of size 128 [ 17.233459] The buggy address is located 119 bytes inside of [ 17.233459] allocated 120-byte region [fff00000c6fb0400, fff00000c6fb0478) [ 17.233519] [ 17.233554] The buggy address belongs to the physical page: [ 17.233592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.233643] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.233690] page_type: f5(slab) [ 17.233734] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.233781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.233819] page dumped because: kasan: bad access detected [ 17.233854] [ 17.233872] Memory state around the buggy address: [ 17.233912] fff00000c6fb0300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.233954] fff00000c6fb0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.233996] >fff00000c6fb0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.234032] ^ [ 17.234077] fff00000c6fb0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234126] fff00000c6fb0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.234172] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.208675] ================================================================== [ 17.208766] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 17.208838] Write of size 128 at addr fff00000c6fb0300 by task kunit_try_catch/172 [ 17.209131] [ 17.209180] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.209263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.209298] Hardware name: linux,dummy-virt (DT) [ 17.209661] Call trace: [ 17.209752] show_stack+0x20/0x38 (C) [ 17.209816] dump_stack_lvl+0x8c/0xd0 [ 17.209917] print_report+0x118/0x5d0 [ 17.209983] kasan_report+0xdc/0x128 [ 17.210027] kasan_check_range+0x100/0x1a8 [ 17.210421] __asan_memset+0x34/0x78 [ 17.210498] kmalloc_oob_in_memset+0x144/0x2d0 [ 17.210607] kunit_try_run_case+0x170/0x3f0 [ 17.210704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.210783] kthread+0x328/0x630 [ 17.210921] ret_from_fork+0x10/0x20 [ 17.211027] [ 17.211201] Allocated by task 172: [ 17.211237] kasan_save_stack+0x3c/0x68 [ 17.211293] kasan_save_track+0x20/0x40 [ 17.211329] kasan_save_alloc_info+0x40/0x58 [ 17.211563] __kasan_kmalloc+0xd4/0xd8 [ 17.211672] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.211750] kmalloc_oob_in_memset+0xb0/0x2d0 [ 17.211880] kunit_try_run_case+0x170/0x3f0 [ 17.211981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.212121] kthread+0x328/0x630 [ 17.212201] ret_from_fork+0x10/0x20 [ 17.212264] [ 17.212293] The buggy address belongs to the object at fff00000c6fb0300 [ 17.212293] which belongs to the cache kmalloc-128 of size 128 [ 17.212737] The buggy address is located 0 bytes inside of [ 17.212737] allocated 120-byte region [fff00000c6fb0300, fff00000c6fb0378) [ 17.212884] [ 17.212943] The buggy address belongs to the physical page: [ 17.212991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 17.213110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.213187] page_type: f5(slab) [ 17.213234] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.213617] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.213770] page dumped because: kasan: bad access detected [ 17.213849] [ 17.213944] Memory state around the buggy address: [ 17.214049] fff00000c6fb0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.214113] fff00000c6fb0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214325] >fff00000c6fb0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.214470] ^ [ 17.214621] fff00000c6fb0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214749] fff00000c6fb0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.190074] ================================================================== [ 17.190135] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 17.190190] Read of size 16 at addr fff00000c16d06a0 by task kunit_try_catch/170 [ 17.190239] [ 17.190270] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.190373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.190399] Hardware name: linux,dummy-virt (DT) [ 17.190429] Call trace: [ 17.190462] show_stack+0x20/0x38 (C) [ 17.190519] dump_stack_lvl+0x8c/0xd0 [ 17.190567] print_report+0x118/0x5d0 [ 17.190616] kasan_report+0xdc/0x128 [ 17.190668] __asan_report_load16_noabort+0x20/0x30 [ 17.191454] kmalloc_uaf_16+0x3bc/0x438 [ 17.191668] kunit_try_run_case+0x170/0x3f0 [ 17.191741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.191953] kthread+0x328/0x630 [ 17.192084] ret_from_fork+0x10/0x20 [ 17.192380] [ 17.192403] Allocated by task 170: [ 17.192784] kasan_save_stack+0x3c/0x68 [ 17.192900] kasan_save_track+0x20/0x40 [ 17.192987] kasan_save_alloc_info+0x40/0x58 [ 17.193026] __kasan_kmalloc+0xd4/0xd8 [ 17.193322] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.193494] kmalloc_uaf_16+0x140/0x438 [ 17.193790] kunit_try_run_case+0x170/0x3f0 [ 17.193953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.194062] kthread+0x328/0x630 [ 17.194254] ret_from_fork+0x10/0x20 [ 17.194509] [ 17.194684] Freed by task 170: [ 17.194814] kasan_save_stack+0x3c/0x68 [ 17.194856] kasan_save_track+0x20/0x40 [ 17.194890] kasan_save_free_info+0x4c/0x78 [ 17.194927] __kasan_slab_free+0x6c/0x98 [ 17.195225] kfree+0x214/0x3c8 [ 17.195355] kmalloc_uaf_16+0x190/0x438 [ 17.195564] kunit_try_run_case+0x170/0x3f0 [ 17.195747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.195805] kthread+0x328/0x630 [ 17.195839] ret_from_fork+0x10/0x20 [ 17.196052] [ 17.196218] The buggy address belongs to the object at fff00000c16d06a0 [ 17.196218] which belongs to the cache kmalloc-16 of size 16 [ 17.196653] The buggy address is located 0 bytes inside of [ 17.196653] freed 16-byte region [fff00000c16d06a0, fff00000c16d06b0) [ 17.196946] [ 17.196999] The buggy address belongs to the physical page: [ 17.197028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 17.197499] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.197591] page_type: f5(slab) [ 17.197657] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.197959] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.198088] page dumped because: kasan: bad access detected [ 17.198251] [ 17.198509] Memory state around the buggy address: [ 17.198618] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.198807] fff00000c16d0600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.198910] >fff00000c16d0680: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.199068] ^ [ 17.199254] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.199352] fff00000c16d0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.199565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.169802] ================================================================== [ 17.169933] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 17.170342] Write of size 16 at addr fff00000c16d0640 by task kunit_try_catch/168 [ 17.170453] [ 17.170487] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.170567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.170593] Hardware name: linux,dummy-virt (DT) [ 17.170800] Call trace: [ 17.170826] show_stack+0x20/0x38 (C) [ 17.171003] dump_stack_lvl+0x8c/0xd0 [ 17.171173] print_report+0x118/0x5d0 [ 17.171232] kasan_report+0xdc/0x128 [ 17.171293] __asan_report_store16_noabort+0x20/0x30 [ 17.171343] kmalloc_oob_16+0x3a0/0x3f8 [ 17.171388] kunit_try_run_case+0x170/0x3f0 [ 17.171843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.171960] kthread+0x328/0x630 [ 17.172012] ret_from_fork+0x10/0x20 [ 17.172066] [ 17.172090] Allocated by task 168: [ 17.172117] kasan_save_stack+0x3c/0x68 [ 17.172155] kasan_save_track+0x20/0x40 [ 17.172200] kasan_save_alloc_info+0x40/0x58 [ 17.172246] __kasan_kmalloc+0xd4/0xd8 [ 17.172290] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.172336] kmalloc_oob_16+0xb4/0x3f8 [ 17.172373] kunit_try_run_case+0x170/0x3f0 [ 17.172410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.172449] kthread+0x328/0x630 [ 17.172482] ret_from_fork+0x10/0x20 [ 17.172516] [ 17.172534] The buggy address belongs to the object at fff00000c16d0640 [ 17.172534] which belongs to the cache kmalloc-16 of size 16 [ 17.172598] The buggy address is located 0 bytes inside of [ 17.172598] allocated 13-byte region [fff00000c16d0640, fff00000c16d064d) [ 17.172673] [ 17.172692] The buggy address belongs to the physical page: [ 17.172722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 17.172773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.172820] page_type: f5(slab) [ 17.172864] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.172914] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.172952] page dumped because: kasan: bad access detected [ 17.172991] [ 17.173013] Memory state around the buggy address: [ 17.173062] fff00000c16d0500: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 05 fc fc [ 17.173104] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.173144] >fff00000c16d0600: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 17.173180] ^ [ 17.173213] fff00000c16d0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.173262] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.173633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.149862] ================================================================== [ 17.149965] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 17.150018] Read of size 1 at addr fff00000c0923600 by task kunit_try_catch/166 [ 17.150084] [ 17.150155] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.150333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.150392] Hardware name: linux,dummy-virt (DT) [ 17.150440] Call trace: [ 17.150479] show_stack+0x20/0x38 (C) [ 17.150574] dump_stack_lvl+0x8c/0xd0 [ 17.150638] print_report+0x118/0x5d0 [ 17.150696] kasan_report+0xdc/0x128 [ 17.150996] __asan_report_load1_noabort+0x20/0x30 [ 17.151170] krealloc_uaf+0x4c8/0x520 [ 17.151296] kunit_try_run_case+0x170/0x3f0 [ 17.151358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.151627] kthread+0x328/0x630 [ 17.152140] ret_from_fork+0x10/0x20 [ 17.152467] [ 17.152547] Allocated by task 166: [ 17.152759] kasan_save_stack+0x3c/0x68 [ 17.152901] kasan_save_track+0x20/0x40 [ 17.152999] kasan_save_alloc_info+0x40/0x58 [ 17.153105] __kasan_kmalloc+0xd4/0xd8 [ 17.153169] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.153208] krealloc_uaf+0xc8/0x520 [ 17.153291] kunit_try_run_case+0x170/0x3f0 [ 17.153473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.153721] kthread+0x328/0x630 [ 17.153778] ret_from_fork+0x10/0x20 [ 17.153941] [ 17.154011] Freed by task 166: [ 17.154243] kasan_save_stack+0x3c/0x68 [ 17.154470] kasan_save_track+0x20/0x40 [ 17.154536] kasan_save_free_info+0x4c/0x78 [ 17.154625] __kasan_slab_free+0x6c/0x98 [ 17.154733] kfree+0x214/0x3c8 [ 17.154803] krealloc_uaf+0x12c/0x520 [ 17.154917] kunit_try_run_case+0x170/0x3f0 [ 17.154989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.155040] kthread+0x328/0x630 [ 17.155085] ret_from_fork+0x10/0x20 [ 17.155323] [ 17.155523] The buggy address belongs to the object at fff00000c0923600 [ 17.155523] which belongs to the cache kmalloc-256 of size 256 [ 17.155586] The buggy address is located 0 bytes inside of [ 17.155586] freed 256-byte region [fff00000c0923600, fff00000c0923700) [ 17.155947] [ 17.156213] The buggy address belongs to the physical page: [ 17.156300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.156401] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.156474] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.156754] page_type: f5(slab) [ 17.156901] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.157108] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.157205] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.157401] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.157493] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.157577] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.157678] page dumped because: kasan: bad access detected [ 17.157726] [ 17.157743] Memory state around the buggy address: [ 17.157799] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158036] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158258] >fff00000c0923600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.158387] ^ [ 17.158464] fff00000c0923680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.158529] fff00000c0923700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158612] ================================================================== [ 17.142390] ================================================================== [ 17.142771] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 17.142977] Read of size 1 at addr fff00000c0923600 by task kunit_try_catch/166 [ 17.143089] [ 17.143193] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.143276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.143336] Hardware name: linux,dummy-virt (DT) [ 17.143737] Call trace: [ 17.143798] show_stack+0x20/0x38 (C) [ 17.143945] dump_stack_lvl+0x8c/0xd0 [ 17.144024] print_report+0x118/0x5d0 [ 17.144118] kasan_report+0xdc/0x128 [ 17.144163] __kasan_check_byte+0x54/0x70 [ 17.144216] krealloc_noprof+0x44/0x360 [ 17.144270] krealloc_uaf+0x180/0x520 [ 17.144326] kunit_try_run_case+0x170/0x3f0 [ 17.144373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.144421] kthread+0x328/0x630 [ 17.144465] ret_from_fork+0x10/0x20 [ 17.144517] [ 17.144546] Allocated by task 166: [ 17.144583] kasan_save_stack+0x3c/0x68 [ 17.144635] kasan_save_track+0x20/0x40 [ 17.144670] kasan_save_alloc_info+0x40/0x58 [ 17.144715] __kasan_kmalloc+0xd4/0xd8 [ 17.144749] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.144794] krealloc_uaf+0xc8/0x520 [ 17.144853] kunit_try_run_case+0x170/0x3f0 [ 17.144892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.144931] kthread+0x328/0x630 [ 17.144975] ret_from_fork+0x10/0x20 [ 17.145023] [ 17.145056] Freed by task 166: [ 17.145102] kasan_save_stack+0x3c/0x68 [ 17.145136] kasan_save_track+0x20/0x40 [ 17.145191] kasan_save_free_info+0x4c/0x78 [ 17.145252] __kasan_slab_free+0x6c/0x98 [ 17.145307] kfree+0x214/0x3c8 [ 17.145345] krealloc_uaf+0x12c/0x520 [ 17.145391] kunit_try_run_case+0x170/0x3f0 [ 17.145433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.145485] kthread+0x328/0x630 [ 17.145529] ret_from_fork+0x10/0x20 [ 17.145572] [ 17.145592] The buggy address belongs to the object at fff00000c0923600 [ 17.145592] which belongs to the cache kmalloc-256 of size 256 [ 17.145762] The buggy address is located 0 bytes inside of [ 17.145762] freed 256-byte region [fff00000c0923600, fff00000c0923700) [ 17.145851] [ 17.145878] The buggy address belongs to the physical page: [ 17.145909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.145978] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.146033] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.146093] page_type: f5(slab) [ 17.146131] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.146178] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.146226] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.146317] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.147157] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.147231] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.147306] page dumped because: kasan: bad access detected [ 17.147370] [ 17.147443] Memory state around the buggy address: [ 17.147479] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.147538] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.147586] >fff00000c0923600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.147771] ^ [ 17.147933] fff00000c0923680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.148000] fff00000c0923700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.148223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.056756] ================================================================== [ 17.057101] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.057363] Write of size 1 at addr fff00000c09234eb by task kunit_try_catch/160 [ 17.057549] [ 17.057666] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.057760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.057785] Hardware name: linux,dummy-virt (DT) [ 17.058125] Call trace: [ 17.058243] show_stack+0x20/0x38 (C) [ 17.058310] dump_stack_lvl+0x8c/0xd0 [ 17.058515] print_report+0x118/0x5d0 [ 17.058576] kasan_report+0xdc/0x128 [ 17.058835] __asan_report_store1_noabort+0x20/0x30 [ 17.059151] krealloc_less_oob_helper+0xa58/0xc50 [ 17.059326] krealloc_less_oob+0x20/0x38 [ 17.059449] kunit_try_run_case+0x170/0x3f0 [ 17.059578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.059788] kthread+0x328/0x630 [ 17.060017] ret_from_fork+0x10/0x20 [ 17.060075] [ 17.060093] Allocated by task 160: [ 17.060333] kasan_save_stack+0x3c/0x68 [ 17.060494] kasan_save_track+0x20/0x40 [ 17.060561] kasan_save_alloc_info+0x40/0x58 [ 17.060739] __kasan_krealloc+0x118/0x178 [ 17.060784] krealloc_noprof+0x128/0x360 [ 17.061011] krealloc_less_oob_helper+0x168/0xc50 [ 17.061205] krealloc_less_oob+0x20/0x38 [ 17.061371] kunit_try_run_case+0x170/0x3f0 [ 17.061593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.061712] kthread+0x328/0x630 [ 17.062063] ret_from_fork+0x10/0x20 [ 17.062228] [ 17.062277] The buggy address belongs to the object at fff00000c0923400 [ 17.062277] which belongs to the cache kmalloc-256 of size 256 [ 17.062348] The buggy address is located 34 bytes to the right of [ 17.062348] allocated 201-byte region [fff00000c0923400, fff00000c09234c9) [ 17.062461] [ 17.062490] The buggy address belongs to the physical page: [ 17.062529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.062597] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.062651] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.062701] page_type: f5(slab) [ 17.062742] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.062800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.062848] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.062898] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.062945] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.062992] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.063030] page dumped because: kasan: bad access detected [ 17.063059] [ 17.063077] Memory state around the buggy address: [ 17.063106] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.063146] fff00000c0923400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.063196] >fff00000c0923480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.063241] ^ [ 17.063277] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.063329] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.063375] ================================================================== [ 17.096672] ================================================================== [ 17.096754] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.096809] Write of size 1 at addr fff00000c788e0c9 by task kunit_try_catch/164 [ 17.097092] [ 17.097137] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.097427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.097484] Hardware name: linux,dummy-virt (DT) [ 17.097543] Call trace: [ 17.097571] show_stack+0x20/0x38 (C) [ 17.097623] dump_stack_lvl+0x8c/0xd0 [ 17.097740] print_report+0x118/0x5d0 [ 17.097807] kasan_report+0xdc/0x128 [ 17.097851] __asan_report_store1_noabort+0x20/0x30 [ 17.098231] krealloc_less_oob_helper+0xa48/0xc50 [ 17.098311] krealloc_large_less_oob+0x20/0x38 [ 17.098439] kunit_try_run_case+0x170/0x3f0 [ 17.098493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.098560] kthread+0x328/0x630 [ 17.098670] ret_from_fork+0x10/0x20 [ 17.098720] [ 17.098740] The buggy address belongs to the physical page: [ 17.098881] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.098936] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.098981] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.099039] page_type: f8(unknown) [ 17.099077] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.099543] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.099657] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.099828] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.099893] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.100133] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.100251] page dumped because: kasan: bad access detected [ 17.100519] [ 17.100578] Memory state around the buggy address: [ 17.100705] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.100778] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.101007] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.101112] ^ [ 17.101401] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.101466] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.101600] ================================================================== [ 17.023747] ================================================================== [ 17.024140] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.024203] Write of size 1 at addr fff00000c09234d0 by task kunit_try_catch/160 [ 17.024407] [ 17.024517] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.024749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.024782] Hardware name: linux,dummy-virt (DT) [ 17.025022] Call trace: [ 17.025073] show_stack+0x20/0x38 (C) [ 17.025250] dump_stack_lvl+0x8c/0xd0 [ 17.025344] print_report+0x118/0x5d0 [ 17.025528] kasan_report+0xdc/0x128 [ 17.025582] __asan_report_store1_noabort+0x20/0x30 [ 17.025890] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.025967] krealloc_less_oob+0x20/0x38 [ 17.026346] kunit_try_run_case+0x170/0x3f0 [ 17.026425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.026525] kthread+0x328/0x630 [ 17.026614] ret_from_fork+0x10/0x20 [ 17.026661] [ 17.027052] Allocated by task 160: [ 17.027211] kasan_save_stack+0x3c/0x68 [ 17.027257] kasan_save_track+0x20/0x40 [ 17.027553] kasan_save_alloc_info+0x40/0x58 [ 17.027698] __kasan_krealloc+0x118/0x178 [ 17.027738] krealloc_noprof+0x128/0x360 [ 17.027824] krealloc_less_oob_helper+0x168/0xc50 [ 17.028277] krealloc_less_oob+0x20/0x38 [ 17.028539] kunit_try_run_case+0x170/0x3f0 [ 17.028618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.028776] kthread+0x328/0x630 [ 17.028853] ret_from_fork+0x10/0x20 [ 17.029134] [ 17.029176] The buggy address belongs to the object at fff00000c0923400 [ 17.029176] which belongs to the cache kmalloc-256 of size 256 [ 17.029454] The buggy address is located 7 bytes to the right of [ 17.029454] allocated 201-byte region [fff00000c0923400, fff00000c09234c9) [ 17.029544] [ 17.029563] The buggy address belongs to the physical page: [ 17.029880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.030102] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.030253] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.030362] page_type: f5(slab) [ 17.030598] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.030756] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.030811] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.030965] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.031015] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.031062] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.031101] page dumped because: kasan: bad access detected [ 17.031153] [ 17.031171] Memory state around the buggy address: [ 17.031202] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031243] fff00000c0923400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.031468] >fff00000c0923480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.031767] ^ [ 17.031813] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031871] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032088] ================================================================== [ 17.104354] ================================================================== [ 17.104404] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.104452] Write of size 1 at addr fff00000c788e0d0 by task kunit_try_catch/164 [ 17.104500] [ 17.104528] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.104603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.104628] Hardware name: linux,dummy-virt (DT) [ 17.104657] Call trace: [ 17.104678] show_stack+0x20/0x38 (C) [ 17.104723] dump_stack_lvl+0x8c/0xd0 [ 17.104771] print_report+0x118/0x5d0 [ 17.104816] kasan_report+0xdc/0x128 [ 17.104888] __asan_report_store1_noabort+0x20/0x30 [ 17.104939] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.104985] krealloc_large_less_oob+0x20/0x38 [ 17.105035] kunit_try_run_case+0x170/0x3f0 [ 17.105082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.105139] kthread+0x328/0x630 [ 17.105184] ret_from_fork+0x10/0x20 [ 17.105229] [ 17.105247] The buggy address belongs to the physical page: [ 17.105276] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.106271] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.106342] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.106471] page_type: f8(unknown) [ 17.106511] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.106575] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.106629] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.106882] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.107189] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.107307] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.107565] page dumped because: kasan: bad access detected [ 17.107708] [ 17.107784] Memory state around the buggy address: [ 17.107942] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.108192] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.108526] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.108920] ^ [ 17.108979] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.109215] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.109624] ================================================================== [ 17.012729] ================================================================== [ 17.012795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.012849] Write of size 1 at addr fff00000c09234c9 by task kunit_try_catch/160 [ 17.013843] [ 17.014034] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.015052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.015116] Hardware name: linux,dummy-virt (DT) [ 17.015157] Call trace: [ 17.015212] show_stack+0x20/0x38 (C) [ 17.015337] dump_stack_lvl+0x8c/0xd0 [ 17.015410] print_report+0x118/0x5d0 [ 17.015592] kasan_report+0xdc/0x128 [ 17.015691] __asan_report_store1_noabort+0x20/0x30 [ 17.015741] krealloc_less_oob_helper+0xa48/0xc50 [ 17.015786] krealloc_less_oob+0x20/0x38 [ 17.015832] kunit_try_run_case+0x170/0x3f0 [ 17.016202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.016593] kthread+0x328/0x630 [ 17.016947] ret_from_fork+0x10/0x20 [ 17.017154] [ 17.017203] Allocated by task 160: [ 17.017231] kasan_save_stack+0x3c/0x68 [ 17.017656] kasan_save_track+0x20/0x40 [ 17.017731] kasan_save_alloc_info+0x40/0x58 [ 17.018129] __kasan_krealloc+0x118/0x178 [ 17.018203] krealloc_noprof+0x128/0x360 [ 17.018447] krealloc_less_oob_helper+0x168/0xc50 [ 17.018603] krealloc_less_oob+0x20/0x38 [ 17.018740] kunit_try_run_case+0x170/0x3f0 [ 17.018833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.018881] kthread+0x328/0x630 [ 17.019232] ret_from_fork+0x10/0x20 [ 17.019520] [ 17.019559] The buggy address belongs to the object at fff00000c0923400 [ 17.019559] which belongs to the cache kmalloc-256 of size 256 [ 17.019680] The buggy address is located 0 bytes to the right of [ 17.019680] allocated 201-byte region [fff00000c0923400, fff00000c09234c9) [ 17.020167] [ 17.020219] The buggy address belongs to the physical page: [ 17.020251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.020510] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.020592] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.020761] page_type: f5(slab) [ 17.020926] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.021124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.021186] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.021427] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.021616] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.021722] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.021863] page dumped because: kasan: bad access detected [ 17.021921] [ 17.021950] Memory state around the buggy address: [ 17.021982] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022032] fff00000c0923400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.022078] >fff00000c0923480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.022114] ^ [ 17.022148] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022189] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022235] ================================================================== [ 17.037381] ================================================================== [ 17.037439] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.037493] Write of size 1 at addr fff00000c09234da by task kunit_try_catch/160 [ 17.037545] [ 17.037720] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.037817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.037854] Hardware name: linux,dummy-virt (DT) [ 17.037886] Call trace: [ 17.037907] show_stack+0x20/0x38 (C) [ 17.037956] dump_stack_lvl+0x8c/0xd0 [ 17.038005] print_report+0x118/0x5d0 [ 17.038057] kasan_report+0xdc/0x128 [ 17.038100] __asan_report_store1_noabort+0x20/0x30 [ 17.038148] krealloc_less_oob_helper+0xa80/0xc50 [ 17.038193] krealloc_less_oob+0x20/0x38 [ 17.038236] kunit_try_run_case+0x170/0x3f0 [ 17.038648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.038877] kthread+0x328/0x630 [ 17.038979] ret_from_fork+0x10/0x20 [ 17.039409] [ 17.039497] Allocated by task 160: [ 17.039585] kasan_save_stack+0x3c/0x68 [ 17.039787] kasan_save_track+0x20/0x40 [ 17.039837] kasan_save_alloc_info+0x40/0x58 [ 17.039975] __kasan_krealloc+0x118/0x178 [ 17.040033] krealloc_noprof+0x128/0x360 [ 17.040071] krealloc_less_oob_helper+0x168/0xc50 [ 17.040136] krealloc_less_oob+0x20/0x38 [ 17.040489] kunit_try_run_case+0x170/0x3f0 [ 17.040586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.040735] kthread+0x328/0x630 [ 17.040826] ret_from_fork+0x10/0x20 [ 17.040944] [ 17.040964] The buggy address belongs to the object at fff00000c0923400 [ 17.040964] which belongs to the cache kmalloc-256 of size 256 [ 17.041047] The buggy address is located 17 bytes to the right of [ 17.041047] allocated 201-byte region [fff00000c0923400, fff00000c09234c9) [ 17.041306] [ 17.041483] The buggy address belongs to the physical page: [ 17.041542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.041719] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.041815] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.042142] page_type: f5(slab) [ 17.042372] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.042477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.042621] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.042710] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.042765] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.042976] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.043065] page dumped because: kasan: bad access detected [ 17.043240] [ 17.043359] Memory state around the buggy address: [ 17.043429] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.044040] fff00000c0923400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.044323] >fff00000c0923480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.044394] ^ [ 17.044433] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.044729] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.045305] ================================================================== [ 17.111837] ================================================================== [ 17.111958] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.112034] Write of size 1 at addr fff00000c788e0da by task kunit_try_catch/164 [ 17.112138] [ 17.112172] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.112251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.112277] Hardware name: linux,dummy-virt (DT) [ 17.112324] Call trace: [ 17.112580] show_stack+0x20/0x38 (C) [ 17.112753] dump_stack_lvl+0x8c/0xd0 [ 17.112816] print_report+0x118/0x5d0 [ 17.112999] kasan_report+0xdc/0x128 [ 17.113061] __asan_report_store1_noabort+0x20/0x30 [ 17.113335] krealloc_less_oob_helper+0xa80/0xc50 [ 17.113682] krealloc_large_less_oob+0x20/0x38 [ 17.113748] kunit_try_run_case+0x170/0x3f0 [ 17.113934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.114197] kthread+0x328/0x630 [ 17.114268] ret_from_fork+0x10/0x20 [ 17.114505] [ 17.114562] The buggy address belongs to the physical page: [ 17.114708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.115055] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.115219] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.115364] page_type: f8(unknown) [ 17.115633] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.116009] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.116339] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.116411] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.116765] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.116925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.117039] page dumped because: kasan: bad access detected [ 17.117310] [ 17.117355] Memory state around the buggy address: [ 17.117428] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.117472] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.117512] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.117626] ^ [ 17.117676] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.117718] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.117763] ================================================================== [ 17.118743] ================================================================== [ 17.118790] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.118837] Write of size 1 at addr fff00000c788e0ea by task kunit_try_catch/164 [ 17.118888] [ 17.118916] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.119369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.119580] Hardware name: linux,dummy-virt (DT) [ 17.119696] Call trace: [ 17.119787] show_stack+0x20/0x38 (C) [ 17.120046] dump_stack_lvl+0x8c/0xd0 [ 17.120355] print_report+0x118/0x5d0 [ 17.120440] kasan_report+0xdc/0x128 [ 17.120578] __asan_report_store1_noabort+0x20/0x30 [ 17.120671] krealloc_less_oob_helper+0xae4/0xc50 [ 17.120817] krealloc_large_less_oob+0x20/0x38 [ 17.120893] kunit_try_run_case+0x170/0x3f0 [ 17.121099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.121363] kthread+0x328/0x630 [ 17.121463] ret_from_fork+0x10/0x20 [ 17.121608] [ 17.121669] The buggy address belongs to the physical page: [ 17.121724] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.121904] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.122128] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.122247] page_type: f8(unknown) [ 17.122312] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.122420] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.122566] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.122613] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.122705] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.122870] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.123088] page dumped because: kasan: bad access detected [ 17.123141] [ 17.123208] Memory state around the buggy address: [ 17.123298] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.123378] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.123503] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.123541] ^ [ 17.123596] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.124022] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.124198] ================================================================== [ 17.047692] ================================================================== [ 17.047746] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.047795] Write of size 1 at addr fff00000c09234ea by task kunit_try_catch/160 [ 17.047983] [ 17.048020] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.048225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.048406] Hardware name: linux,dummy-virt (DT) [ 17.048473] Call trace: [ 17.048499] show_stack+0x20/0x38 (C) [ 17.048548] dump_stack_lvl+0x8c/0xd0 [ 17.048792] print_report+0x118/0x5d0 [ 17.048893] kasan_report+0xdc/0x128 [ 17.048938] __asan_report_store1_noabort+0x20/0x30 [ 17.049334] krealloc_less_oob_helper+0xae4/0xc50 [ 17.049405] krealloc_less_oob+0x20/0x38 [ 17.049648] kunit_try_run_case+0x170/0x3f0 [ 17.049851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.050096] kthread+0x328/0x630 [ 17.050324] ret_from_fork+0x10/0x20 [ 17.050387] [ 17.050573] Allocated by task 160: [ 17.050670] kasan_save_stack+0x3c/0x68 [ 17.050840] kasan_save_track+0x20/0x40 [ 17.050884] kasan_save_alloc_info+0x40/0x58 [ 17.051168] __kasan_krealloc+0x118/0x178 [ 17.051346] krealloc_noprof+0x128/0x360 [ 17.051427] krealloc_less_oob_helper+0x168/0xc50 [ 17.051465] krealloc_less_oob+0x20/0x38 [ 17.051630] kunit_try_run_case+0x170/0x3f0 [ 17.051863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.051973] kthread+0x328/0x630 [ 17.052067] ret_from_fork+0x10/0x20 [ 17.052123] [ 17.052194] The buggy address belongs to the object at fff00000c0923400 [ 17.052194] which belongs to the cache kmalloc-256 of size 256 [ 17.052572] The buggy address is located 33 bytes to the right of [ 17.052572] allocated 201-byte region [fff00000c0923400, fff00000c09234c9) [ 17.052647] [ 17.052685] The buggy address belongs to the physical page: [ 17.052754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.052806] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.052852] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.052902] page_type: f5(slab) [ 17.052959] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.053024] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.053096] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.053156] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.053202] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.053248] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.053300] page dumped because: kasan: bad access detected [ 17.053720] [ 17.053749] Memory state around the buggy address: [ 17.054066] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.054411] fff00000c0923400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.054711] >fff00000c0923480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.054984] ^ [ 17.055036] fff00000c0923500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.055437] fff00000c0923580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.055561] ================================================================== [ 17.124755] ================================================================== [ 17.125110] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.125265] Write of size 1 at addr fff00000c788e0eb by task kunit_try_catch/164 [ 17.125332] [ 17.125361] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.125442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.125467] Hardware name: linux,dummy-virt (DT) [ 17.125496] Call trace: [ 17.125517] show_stack+0x20/0x38 (C) [ 17.125565] dump_stack_lvl+0x8c/0xd0 [ 17.125612] print_report+0x118/0x5d0 [ 17.125675] kasan_report+0xdc/0x128 [ 17.125727] __asan_report_store1_noabort+0x20/0x30 [ 17.125786] krealloc_less_oob_helper+0xa58/0xc50 [ 17.125834] krealloc_large_less_oob+0x20/0x38 [ 17.125879] kunit_try_run_case+0x170/0x3f0 [ 17.125925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.125983] kthread+0x328/0x630 [ 17.126028] ret_from_fork+0x10/0x20 [ 17.126074] [ 17.126094] The buggy address belongs to the physical page: [ 17.126123] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.126173] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.126217] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.126265] page_type: f8(unknown) [ 17.126667] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.126996] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.127078] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.127155] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.127405] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.127578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.127734] page dumped because: kasan: bad access detected [ 17.127817] [ 17.127903] Memory state around the buggy address: [ 17.127937] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.128009] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.128070] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.128392] ^ [ 17.128537] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.128601] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.128732] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.072619] ================================================================== [ 17.073343] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.073500] Write of size 1 at addr fff00000c788e0eb by task kunit_try_catch/162 [ 17.073553] [ 17.073600] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.073680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.073706] Hardware name: linux,dummy-virt (DT) [ 17.074053] Call trace: [ 17.074096] show_stack+0x20/0x38 (C) [ 17.074148] dump_stack_lvl+0x8c/0xd0 [ 17.074195] print_report+0x118/0x5d0 [ 17.074755] kasan_report+0xdc/0x128 [ 17.074878] __asan_report_store1_noabort+0x20/0x30 [ 17.074975] krealloc_more_oob_helper+0x60c/0x678 [ 17.075127] krealloc_large_more_oob+0x20/0x38 [ 17.075223] kunit_try_run_case+0x170/0x3f0 [ 17.075371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.075678] kthread+0x328/0x630 [ 17.075791] ret_from_fork+0x10/0x20 [ 17.075905] [ 17.075946] The buggy address belongs to the physical page: [ 17.075979] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.076031] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.076077] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.076128] page_type: f8(unknown) [ 17.076167] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.076231] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.076322] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.076636] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.076693] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.077109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.077203] page dumped because: kasan: bad access detected [ 17.077596] [ 17.077641] Memory state around the buggy address: [ 17.077692] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.077805] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.077890] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.077968] ^ [ 17.078252] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.078525] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.078596] ================================================================== [ 17.079707] ================================================================== [ 17.079865] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.079930] Write of size 1 at addr fff00000c788e0f0 by task kunit_try_catch/162 [ 17.079978] [ 17.080006] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 17.080381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.080407] Hardware name: linux,dummy-virt (DT) [ 17.080436] Call trace: [ 17.080457] show_stack+0x20/0x38 (C) [ 17.081342] dump_stack_lvl+0x8c/0xd0 [ 17.081437] print_report+0x118/0x5d0 [ 17.081508] kasan_report+0xdc/0x128 [ 17.081566] __asan_report_store1_noabort+0x20/0x30 [ 17.081928] krealloc_more_oob_helper+0x5c0/0x678 [ 17.082535] krealloc_large_more_oob+0x20/0x38 [ 17.082631] kunit_try_run_case+0x170/0x3f0 [ 17.082683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.082744] kthread+0x328/0x630 [ 17.082896] ret_from_fork+0x10/0x20 [ 17.083058] [ 17.083133] The buggy address belongs to the physical page: [ 17.083306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10788c [ 17.083439] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.083604] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.083655] page_type: f8(unknown) [ 17.083698] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.083746] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.083793] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.083849] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.083896] head: 0bfffe0000000002 ffffc1ffc31e2301 00000000ffffffff 00000000ffffffff [ 17.083943] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.083982] page dumped because: kasan: bad access detected [ 17.084022] [ 17.084049] Memory state around the buggy address: [ 17.084078] fff00000c788df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.084119] fff00000c788e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.084169] >fff00000c788e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.084211] ^ [ 17.084251] fff00000c788e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.084549] fff00000c788e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.084990] ================================================================== [ 16.985608] ================================================================== [ 16.985670] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.985724] Write of size 1 at addr fff00000c09232eb by task kunit_try_catch/158 [ 16.986191] [ 16.986243] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.986703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.986834] Hardware name: linux,dummy-virt (DT) [ 16.987004] Call trace: [ 16.987213] show_stack+0x20/0x38 (C) [ 16.987390] dump_stack_lvl+0x8c/0xd0 [ 16.987477] print_report+0x118/0x5d0 [ 16.987570] kasan_report+0xdc/0x128 [ 16.987757] __asan_report_store1_noabort+0x20/0x30 [ 16.987948] krealloc_more_oob_helper+0x60c/0x678 [ 16.988197] krealloc_more_oob+0x20/0x38 [ 16.988250] kunit_try_run_case+0x170/0x3f0 [ 16.988633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.988724] kthread+0x328/0x630 [ 16.989106] ret_from_fork+0x10/0x20 [ 16.989394] [ 16.989472] Allocated by task 158: [ 16.989895] kasan_save_stack+0x3c/0x68 [ 16.990119] kasan_save_track+0x20/0x40 [ 16.990295] kasan_save_alloc_info+0x40/0x58 [ 16.990546] __kasan_krealloc+0x118/0x178 [ 16.990814] krealloc_noprof+0x128/0x360 [ 16.990951] krealloc_more_oob_helper+0x168/0x678 [ 16.990992] krealloc_more_oob+0x20/0x38 [ 16.991038] kunit_try_run_case+0x170/0x3f0 [ 16.991077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.991587] kthread+0x328/0x630 [ 16.991643] ret_from_fork+0x10/0x20 [ 16.991820] [ 16.991910] The buggy address belongs to the object at fff00000c0923200 [ 16.991910] which belongs to the cache kmalloc-256 of size 256 [ 16.992084] The buggy address is located 0 bytes to the right of [ 16.992084] allocated 235-byte region [fff00000c0923200, fff00000c09232eb) [ 16.992535] [ 16.992632] The buggy address belongs to the physical page: [ 16.992722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 16.992794] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.993111] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.993360] page_type: f5(slab) [ 16.993443] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.993548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.993635] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.993892] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.993952] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 16.994093] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.994187] page dumped because: kasan: bad access detected [ 16.994235] [ 16.994253] Memory state around the buggy address: [ 16.994304] fff00000c0923180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.994350] fff00000c0923200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.994400] >fff00000c0923280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.994446] ^ [ 16.994485] fff00000c0923300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.994534] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.994571] ================================================================== [ 16.995182] ================================================================== [ 16.995241] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.995304] Write of size 1 at addr fff00000c09232f0 by task kunit_try_catch/158 [ 16.995351] [ 16.996104] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.996199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.996225] Hardware name: linux,dummy-virt (DT) [ 16.996255] Call trace: [ 16.996505] show_stack+0x20/0x38 (C) [ 16.996580] dump_stack_lvl+0x8c/0xd0 [ 16.996691] print_report+0x118/0x5d0 [ 16.996849] kasan_report+0xdc/0x128 [ 16.997208] __asan_report_store1_noabort+0x20/0x30 [ 16.997343] krealloc_more_oob_helper+0x5c0/0x678 [ 16.997418] krealloc_more_oob+0x20/0x38 [ 16.997476] kunit_try_run_case+0x170/0x3f0 [ 16.997604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.997658] kthread+0x328/0x630 [ 16.997731] ret_from_fork+0x10/0x20 [ 16.997786] [ 16.997804] Allocated by task 158: [ 16.997830] kasan_save_stack+0x3c/0x68 [ 16.997868] kasan_save_track+0x20/0x40 [ 16.997901] kasan_save_alloc_info+0x40/0x58 [ 16.997938] __kasan_krealloc+0x118/0x178 [ 16.997972] krealloc_noprof+0x128/0x360 [ 16.998007] krealloc_more_oob_helper+0x168/0x678 [ 16.998043] krealloc_more_oob+0x20/0x38 [ 16.998547] kunit_try_run_case+0x170/0x3f0 [ 16.998612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.998653] kthread+0x328/0x630 [ 16.999191] ret_from_fork+0x10/0x20 [ 16.999273] [ 16.999322] The buggy address belongs to the object at fff00000c0923200 [ 16.999322] which belongs to the cache kmalloc-256 of size 256 [ 16.999546] The buggy address is located 5 bytes to the right of [ 16.999546] allocated 235-byte region [fff00000c0923200, fff00000c09232eb) [ 16.999775] [ 17.000015] The buggy address belongs to the physical page: [ 17.000099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100922 [ 17.000233] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.000358] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.000445] page_type: f5(slab) [ 17.000560] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.000610] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.000893] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.000988] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.001065] head: 0bfffe0000000001 ffffc1ffc3024881 00000000ffffffff 00000000ffffffff [ 17.001443] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.001672] page dumped because: kasan: bad access detected [ 17.001774] [ 17.001880] Memory state around the buggy address: [ 17.001966] fff00000c0923180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002189] fff00000c0923200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.002376] >fff00000c0923280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.002557] ^ [ 17.002690] fff00000c0923300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002768] fff00000c0923380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002876] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.967434] ================================================================== [ 16.967950] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.968021] Read of size 1 at addr fff00000c7940000 by task kunit_try_catch/156 [ 16.968070] [ 16.968271] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.968366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.968605] Hardware name: linux,dummy-virt (DT) [ 16.968777] Call trace: [ 16.968812] show_stack+0x20/0x38 (C) [ 16.968865] dump_stack_lvl+0x8c/0xd0 [ 16.968912] print_report+0x118/0x5d0 [ 16.968956] kasan_report+0xdc/0x128 [ 16.969001] __asan_report_load1_noabort+0x20/0x30 [ 16.969169] page_alloc_uaf+0x328/0x350 [ 16.969244] kunit_try_run_case+0x170/0x3f0 [ 16.969508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.969805] kthread+0x328/0x630 [ 16.969862] ret_from_fork+0x10/0x20 [ 16.969928] [ 16.970032] The buggy address belongs to the physical page: [ 16.970066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 16.970123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.970187] page_type: f0(buddy) [ 16.970225] raw: 0bfffe0000000000 fff00000ff6160f0 fff00000ff6160f0 0000000000000000 [ 16.970273] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 16.970600] page dumped because: kasan: bad access detected [ 16.970697] [ 16.970719] Memory state around the buggy address: [ 16.970844] fff00000c793ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.970917] fff00000c793ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.970979] >fff00000c7940000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.971023] ^ [ 16.971234] fff00000c7940080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.971293] fff00000c7940100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.971780] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.943970] ================================================================== [ 16.944377] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.944796] Free of addr fff00000c7888001 by task kunit_try_catch/152 [ 16.944870] [ 16.944904] CPU: 0 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.944985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.945011] Hardware name: linux,dummy-virt (DT) [ 16.945293] Call trace: [ 16.945334] show_stack+0x20/0x38 (C) [ 16.945386] dump_stack_lvl+0x8c/0xd0 [ 16.945441] print_report+0x118/0x5d0 [ 16.945485] kasan_report_invalid_free+0xc0/0xe8 [ 16.945530] __kasan_kfree_large+0x5c/0xa8 [ 16.945573] free_large_kmalloc+0x64/0x190 [ 16.945620] kfree+0x270/0x3c8 [ 16.945658] kmalloc_large_invalid_free+0x108/0x270 [ 16.945706] kunit_try_run_case+0x170/0x3f0 [ 16.945752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.945799] kthread+0x328/0x630 [ 16.945842] ret_from_fork+0x10/0x20 [ 16.945888] [ 16.946016] The buggy address belongs to the physical page: [ 16.946054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107888 [ 16.946115] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.946167] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.946219] page_type: f8(unknown) [ 16.946269] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.946329] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.946649] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.947196] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.947270] head: 0bfffe0000000002 ffffc1ffc31e2201 00000000ffffffff 00000000ffffffff [ 16.947590] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.947668] page dumped because: kasan: bad access detected [ 16.947864] [ 16.948030] Memory state around the buggy address: [ 16.948066] fff00000c7887f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948365] fff00000c7887f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948673] >fff00000c7888000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.948830] ^ [ 16.949084] fff00000c7888080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.949148] fff00000c7888100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.949380] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.927023] ================================================================== [ 16.927459] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.927615] Read of size 1 at addr fff00000c7888000 by task kunit_try_catch/150 [ 16.927730] [ 16.927807] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.927949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.927978] Hardware name: linux,dummy-virt (DT) [ 16.928008] Call trace: [ 16.928031] show_stack+0x20/0x38 (C) [ 16.928098] dump_stack_lvl+0x8c/0xd0 [ 16.928146] print_report+0x118/0x5d0 [ 16.928191] kasan_report+0xdc/0x128 [ 16.928242] __asan_report_load1_noabort+0x20/0x30 [ 16.928315] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.928362] kunit_try_run_case+0x170/0x3f0 [ 16.928409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.928456] kthread+0x328/0x630 [ 16.928515] ret_from_fork+0x10/0x20 [ 16.928566] [ 16.928587] The buggy address belongs to the physical page: [ 16.928617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107888 [ 16.928666] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.928734] raw: 0bfffe0000000000 ffffc1ffc31e2308 fff00000da47fe00 0000000000000000 [ 16.928795] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.928834] page dumped because: kasan: bad access detected [ 16.928863] [ 16.928881] Memory state around the buggy address: [ 16.928920] fff00000c7887f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928972] fff00000c7887f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929022] >fff00000c7888000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.929065] ^ [ 16.929101] fff00000c7888080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.929142] fff00000c7888100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.929178] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.907618] ================================================================== [ 16.908210] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.908704] Write of size 1 at addr fff00000c788a00a by task kunit_try_catch/148 [ 16.908993] [ 16.909044] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.909226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.909252] Hardware name: linux,dummy-virt (DT) [ 16.909295] Call trace: [ 16.909318] show_stack+0x20/0x38 (C) [ 16.909371] dump_stack_lvl+0x8c/0xd0 [ 16.909425] print_report+0x118/0x5d0 [ 16.909470] kasan_report+0xdc/0x128 [ 16.909513] __asan_report_store1_noabort+0x20/0x30 [ 16.910047] kmalloc_large_oob_right+0x278/0x2b8 [ 16.910122] kunit_try_run_case+0x170/0x3f0 [ 16.910194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.910243] kthread+0x328/0x630 [ 16.910465] ret_from_fork+0x10/0x20 [ 16.910926] [ 16.910985] The buggy address belongs to the physical page: [ 16.911386] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107888 [ 16.911735] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.912205] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.912337] page_type: f8(unknown) [ 16.912992] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.913072] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.913202] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.913437] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.913528] head: 0bfffe0000000002 ffffc1ffc31e2201 00000000ffffffff 00000000ffffffff [ 16.913741] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.913841] page dumped because: kasan: bad access detected [ 16.914066] [ 16.914174] Memory state around the buggy address: [ 16.914320] fff00000c7889f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.914434] fff00000c7889f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.914479] >fff00000c788a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.914794] ^ [ 16.914917] fff00000c788a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.914962] fff00000c788a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.915003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.888181] ================================================================== [ 16.888657] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.888933] Write of size 1 at addr fff00000c6625f00 by task kunit_try_catch/146 [ 16.889087] [ 16.889168] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.889447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.889614] Hardware name: linux,dummy-virt (DT) [ 16.889659] Call trace: [ 16.889684] show_stack+0x20/0x38 (C) [ 16.889734] dump_stack_lvl+0x8c/0xd0 [ 16.889976] print_report+0x118/0x5d0 [ 16.890039] kasan_report+0xdc/0x128 [ 16.890304] __asan_report_store1_noabort+0x20/0x30 [ 16.890378] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.890427] kunit_try_run_case+0x170/0x3f0 [ 16.890746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.891076] kthread+0x328/0x630 [ 16.891169] ret_from_fork+0x10/0x20 [ 16.891597] [ 16.891636] Allocated by task 146: [ 16.891718] kasan_save_stack+0x3c/0x68 [ 16.891791] kasan_save_track+0x20/0x40 [ 16.891879] kasan_save_alloc_info+0x40/0x58 [ 16.891919] __kasan_kmalloc+0xd4/0xd8 [ 16.891953] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.891992] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.892304] kunit_try_run_case+0x170/0x3f0 [ 16.892581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.892711] kthread+0x328/0x630 [ 16.892992] ret_from_fork+0x10/0x20 [ 16.893214] [ 16.893256] The buggy address belongs to the object at fff00000c6624000 [ 16.893256] which belongs to the cache kmalloc-8k of size 8192 [ 16.893389] The buggy address is located 0 bytes to the right of [ 16.893389] allocated 7936-byte region [fff00000c6624000, fff00000c6625f00) [ 16.893472] [ 16.893508] The buggy address belongs to the physical page: [ 16.893573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106620 [ 16.893634] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.893694] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.893746] page_type: f5(slab) [ 16.893784] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.893842] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.893889] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.893936] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.893982] head: 0bfffe0000000003 ffffc1ffc3198801 00000000ffffffff 00000000ffffffff [ 16.894029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.894069] page dumped because: kasan: bad access detected [ 16.894108] [ 16.894126] Memory state around the buggy address: [ 16.894157] fff00000c6625e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.894197] fff00000c6625e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.894246] >fff00000c6625f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.894299] ^ [ 16.894326] fff00000c6625f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.894378] fff00000c6626000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.894415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.868792] ================================================================== [ 16.868839] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.869536] Write of size 1 at addr fff00000c6fb0278 by task kunit_try_catch/144 [ 16.869681] [ 16.869773] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.869852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.869922] Hardware name: linux,dummy-virt (DT) [ 16.869979] Call trace: [ 16.870006] show_stack+0x20/0x38 (C) [ 16.870407] dump_stack_lvl+0x8c/0xd0 [ 16.870515] print_report+0x118/0x5d0 [ 16.870601] kasan_report+0xdc/0x128 [ 16.870646] __asan_report_store1_noabort+0x20/0x30 [ 16.870803] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.870949] kunit_try_run_case+0x170/0x3f0 [ 16.871070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.871355] kthread+0x328/0x630 [ 16.871521] ret_from_fork+0x10/0x20 [ 16.871640] [ 16.871690] Allocated by task 144: [ 16.871834] kasan_save_stack+0x3c/0x68 [ 16.871901] kasan_save_track+0x20/0x40 [ 16.871974] kasan_save_alloc_info+0x40/0x58 [ 16.872160] __kasan_kmalloc+0xd4/0xd8 [ 16.872303] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.872497] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.872586] kunit_try_run_case+0x170/0x3f0 [ 16.872749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.872848] kthread+0x328/0x630 [ 16.872963] ret_from_fork+0x10/0x20 [ 16.872999] [ 16.873189] The buggy address belongs to the object at fff00000c6fb0200 [ 16.873189] which belongs to the cache kmalloc-128 of size 128 [ 16.873496] The buggy address is located 0 bytes to the right of [ 16.873496] allocated 120-byte region [fff00000c6fb0200, fff00000c6fb0278) [ 16.873601] [ 16.873659] The buggy address belongs to the physical page: [ 16.873739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 16.873852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.873963] page_type: f5(slab) [ 16.874448] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.875081] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.875413] page dumped because: kasan: bad access detected [ 16.875466] [ 16.875502] Memory state around the buggy address: [ 16.875566] fff00000c6fb0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.875650] fff00000c6fb0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875695] >fff00000c6fb0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.875731] ^ [ 16.875770] fff00000c6fb0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875811] fff00000c6fb0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876545] ================================================================== [ 16.860435] ================================================================== [ 16.860490] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.860542] Write of size 1 at addr fff00000c6fb0178 by task kunit_try_catch/144 [ 16.861231] [ 16.861407] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.861502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.861529] Hardware name: linux,dummy-virt (DT) [ 16.861624] Call trace: [ 16.861649] show_stack+0x20/0x38 (C) [ 16.861719] dump_stack_lvl+0x8c/0xd0 [ 16.862344] print_report+0x118/0x5d0 [ 16.862397] kasan_report+0xdc/0x128 [ 16.862492] __asan_report_store1_noabort+0x20/0x30 [ 16.862546] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.862610] kunit_try_run_case+0x170/0x3f0 [ 16.862809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.862992] kthread+0x328/0x630 [ 16.863140] ret_from_fork+0x10/0x20 [ 16.863315] [ 16.863396] Allocated by task 144: [ 16.863526] kasan_save_stack+0x3c/0x68 [ 16.863569] kasan_save_track+0x20/0x40 [ 16.864016] kasan_save_alloc_info+0x40/0x58 [ 16.864089] __kasan_kmalloc+0xd4/0xd8 [ 16.864274] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.864377] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.864454] kunit_try_run_case+0x170/0x3f0 [ 16.864496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.864553] kthread+0x328/0x630 [ 16.864598] ret_from_fork+0x10/0x20 [ 16.864649] [ 16.864668] The buggy address belongs to the object at fff00000c6fb0100 [ 16.864668] which belongs to the cache kmalloc-128 of size 128 [ 16.864724] The buggy address is located 0 bytes to the right of [ 16.864724] allocated 120-byte region [fff00000c6fb0100, fff00000c6fb0178) [ 16.864790] [ 16.864809] The buggy address belongs to the physical page: [ 16.864838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 16.864899] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.864946] page_type: f5(slab) [ 16.864990] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.865048] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.865086] page dumped because: kasan: bad access detected [ 16.865125] [ 16.865143] Memory state around the buggy address: [ 16.865172] fff00000c6fb0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.865213] fff00000c6fb0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865254] >fff00000c6fb0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.865308] ^ [ 16.865355] fff00000c6fb0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865415] fff00000c6fb0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865467] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.842347] ================================================================== [ 16.842419] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.842473] Read of size 1 at addr fff00000c40fd000 by task kunit_try_catch/142 [ 16.842876] [ 16.843037] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.843259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.844022] Hardware name: linux,dummy-virt (DT) [ 16.844096] Call trace: [ 16.844151] show_stack+0x20/0x38 (C) [ 16.844242] dump_stack_lvl+0x8c/0xd0 [ 16.844326] print_report+0x118/0x5d0 [ 16.844409] kasan_report+0xdc/0x128 [ 16.844493] __asan_report_load1_noabort+0x20/0x30 [ 16.844601] kmalloc_node_oob_right+0x2f4/0x330 [ 16.845041] kunit_try_run_case+0x170/0x3f0 [ 16.845140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845369] kthread+0x328/0x630 [ 16.845496] ret_from_fork+0x10/0x20 [ 16.845644] [ 16.845714] Allocated by task 142: [ 16.845819] kasan_save_stack+0x3c/0x68 [ 16.845910] kasan_save_track+0x20/0x40 [ 16.845994] kasan_save_alloc_info+0x40/0x58 [ 16.846424] __kasan_kmalloc+0xd4/0xd8 [ 16.846526] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.846925] kmalloc_node_oob_right+0xbc/0x330 [ 16.847086] kunit_try_run_case+0x170/0x3f0 [ 16.847179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.847220] kthread+0x328/0x630 [ 16.847262] ret_from_fork+0x10/0x20 [ 16.847307] [ 16.847616] The buggy address belongs to the object at fff00000c40fc000 [ 16.847616] which belongs to the cache kmalloc-4k of size 4096 [ 16.847699] The buggy address is located 0 bytes to the right of [ 16.847699] allocated 4096-byte region [fff00000c40fc000, fff00000c40fd000) [ 16.848033] [ 16.848107] The buggy address belongs to the physical page: [ 16.848390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1040f8 [ 16.848698] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.848776] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.848886] page_type: f5(slab) [ 16.848925] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.848973] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.849028] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.849075] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.849122] head: 0bfffe0000000003 ffffc1ffc3103e01 00000000ffffffff 00000000ffffffff [ 16.849168] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.849211] page dumped because: kasan: bad access detected [ 16.849241] [ 16.849274] Memory state around the buggy address: [ 16.849325] fff00000c40fcf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.849367] fff00000c40fcf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.849408] >fff00000c40fd000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.849457] ^ [ 16.849484] fff00000c40fd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.849525] fff00000c40fd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.849561] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.824608] ================================================================== [ 16.825718] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.826200] Read of size 1 at addr fff00000c16d061f by task kunit_try_catch/140 [ 16.826526] [ 16.826700] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.827078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.827304] Hardware name: linux,dummy-virt (DT) [ 16.827347] Call trace: [ 16.827369] show_stack+0x20/0x38 (C) [ 16.827420] dump_stack_lvl+0x8c/0xd0 [ 16.827468] print_report+0x118/0x5d0 [ 16.828147] kasan_report+0xdc/0x128 [ 16.828216] __asan_report_load1_noabort+0x20/0x30 [ 16.828265] kmalloc_oob_left+0x2ec/0x320 [ 16.828427] kunit_try_run_case+0x170/0x3f0 [ 16.828479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.828924] kthread+0x328/0x630 [ 16.829179] ret_from_fork+0x10/0x20 [ 16.829375] [ 16.829440] Allocated by task 26: [ 16.829472] kasan_save_stack+0x3c/0x68 [ 16.829761] kasan_save_track+0x20/0x40 [ 16.829806] kasan_save_alloc_info+0x40/0x58 [ 16.830151] __kasan_kmalloc+0xd4/0xd8 [ 16.830248] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.830757] kstrdup+0x54/0xc8 [ 16.830943] devtmpfs_work_loop+0x6f8/0xa58 [ 16.831083] devtmpfsd+0x50/0x58 [ 16.831209] kthread+0x328/0x630 [ 16.831312] ret_from_fork+0x10/0x20 [ 16.831452] [ 16.831517] Freed by task 26: [ 16.831730] kasan_save_stack+0x3c/0x68 [ 16.831997] kasan_save_track+0x20/0x40 [ 16.832086] kasan_save_free_info+0x4c/0x78 [ 16.832242] __kasan_slab_free+0x6c/0x98 [ 16.832336] kfree+0x214/0x3c8 [ 16.832436] devtmpfs_work_loop+0x804/0xa58 [ 16.832514] devtmpfsd+0x50/0x58 [ 16.832746] kthread+0x328/0x630 [ 16.832822] ret_from_fork+0x10/0x20 [ 16.832872] [ 16.832926] The buggy address belongs to the object at fff00000c16d0600 [ 16.832926] which belongs to the cache kmalloc-16 of size 16 [ 16.832982] The buggy address is located 15 bytes to the right of [ 16.832982] allocated 16-byte region [fff00000c16d0600, fff00000c16d0610) [ 16.833290] [ 16.833329] The buggy address belongs to the physical page: [ 16.833460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016d0 [ 16.833580] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.833706] page_type: f5(slab) [ 16.833804] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.833927] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.833987] page dumped because: kasan: bad access detected [ 16.834017] [ 16.834051] Memory state around the buggy address: [ 16.834119] fff00000c16d0500: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 05 fc fc [ 16.834475] fff00000c16d0580: 00 05 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 16.834550] >fff00000c16d0600: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 16.834670] ^ [ 16.834746] fff00000c16d0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.834811] fff00000c16d0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.834920] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.802324] ================================================================== [ 16.802393] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.802512] Write of size 1 at addr fff00000c6fb0078 by task kunit_try_catch/138 [ 16.802578] [ 16.802638] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.802783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.802853] Hardware name: linux,dummy-virt (DT) [ 16.802896] Call trace: [ 16.802918] show_stack+0x20/0x38 (C) [ 16.803014] dump_stack_lvl+0x8c/0xd0 [ 16.803081] print_report+0x118/0x5d0 [ 16.803125] kasan_report+0xdc/0x128 [ 16.803167] __asan_report_store1_noabort+0x20/0x30 [ 16.803216] kmalloc_oob_right+0x538/0x660 [ 16.803266] kunit_try_run_case+0x170/0x3f0 [ 16.803323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.803401] kthread+0x328/0x630 [ 16.803447] ret_from_fork+0x10/0x20 [ 16.803492] [ 16.803510] Allocated by task 138: [ 16.803537] kasan_save_stack+0x3c/0x68 [ 16.803573] kasan_save_track+0x20/0x40 [ 16.803607] kasan_save_alloc_info+0x40/0x58 [ 16.803643] __kasan_kmalloc+0xd4/0xd8 [ 16.803677] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.803877] kmalloc_oob_right+0xb0/0x660 [ 16.803920] kunit_try_run_case+0x170/0x3f0 [ 16.804045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.804098] kthread+0x328/0x630 [ 16.804132] ret_from_fork+0x10/0x20 [ 16.804201] [ 16.804270] The buggy address belongs to the object at fff00000c6fb0000 [ 16.804270] which belongs to the cache kmalloc-128 of size 128 [ 16.804347] The buggy address is located 5 bytes to the right of [ 16.804347] allocated 115-byte region [fff00000c6fb0000, fff00000c6fb0073) [ 16.804407] [ 16.804428] The buggy address belongs to the physical page: [ 16.804456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 16.804504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.804849] page_type: f5(slab) [ 16.805030] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.805142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.805209] page dumped because: kasan: bad access detected [ 16.805239] [ 16.805257] Memory state around the buggy address: [ 16.806067] fff00000c6faff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.806146] fff00000c6faff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.806204] >fff00000c6fb0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.806304] ^ [ 16.806399] fff00000c6fb0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.806455] fff00000c6fb0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.806522] ================================================================== [ 16.795456] ================================================================== [ 16.795799] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.796638] Write of size 1 at addr fff00000c6fb0073 by task kunit_try_catch/138 [ 16.796743] [ 16.797511] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G N 6.15.8-rc1 #1 PREEMPT [ 16.797652] Tainted: [N]=TEST [ 16.797684] Hardware name: linux,dummy-virt (DT) [ 16.797901] Call trace: [ 16.798064] show_stack+0x20/0x38 (C) [ 16.798194] dump_stack_lvl+0x8c/0xd0 [ 16.798256] print_report+0x118/0x5d0 [ 16.798315] kasan_report+0xdc/0x128 [ 16.798358] __asan_report_store1_noabort+0x20/0x30 [ 16.798407] kmalloc_oob_right+0x5a4/0x660 [ 16.798454] kunit_try_run_case+0x170/0x3f0 [ 16.798505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.798554] kthread+0x328/0x630 [ 16.798600] ret_from_fork+0x10/0x20 [ 16.798793] [ 16.798855] Allocated by task 138: [ 16.798972] kasan_save_stack+0x3c/0x68 [ 16.799038] kasan_save_track+0x20/0x40 [ 16.799074] kasan_save_alloc_info+0x40/0x58 [ 16.799111] __kasan_kmalloc+0xd4/0xd8 [ 16.799145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.799182] kmalloc_oob_right+0xb0/0x660 [ 16.799219] kunit_try_run_case+0x170/0x3f0 [ 16.799257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.799309] kthread+0x328/0x630 [ 16.799343] ret_from_fork+0x10/0x20 [ 16.799397] [ 16.799455] The buggy address belongs to the object at fff00000c6fb0000 [ 16.799455] which belongs to the cache kmalloc-128 of size 128 [ 16.799546] The buggy address is located 0 bytes to the right of [ 16.799546] allocated 115-byte region [fff00000c6fb0000, fff00000c6fb0073) [ 16.799610] [ 16.799690] The buggy address belongs to the physical page: [ 16.799864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 16.800122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.800417] page_type: f5(slab) [ 16.800704] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.800766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.800869] page dumped because: kasan: bad access detected [ 16.800908] [ 16.800933] Memory state around the buggy address: [ 16.801140] fff00000c6faff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.801203] fff00000c6faff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.801254] >fff00000c6fb0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.801320] ^ [ 16.801412] fff00000c6fb0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.801459] fff00000c6fb0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.801523] ================================================================== [ 16.807495] ================================================================== [ 16.807543] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.807591] Read of size 1 at addr fff00000c6fb0080 by task kunit_try_catch/138 [ 16.807637] [ 16.807675] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 16.807766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.807798] Hardware name: linux,dummy-virt (DT) [ 16.807830] Call trace: [ 16.807859] show_stack+0x20/0x38 (C) [ 16.807905] dump_stack_lvl+0x8c/0xd0 [ 16.807951] print_report+0x118/0x5d0 [ 16.807994] kasan_report+0xdc/0x128 [ 16.808036] __asan_report_load1_noabort+0x20/0x30 [ 16.808091] kmalloc_oob_right+0x5d0/0x660 [ 16.808147] kunit_try_run_case+0x170/0x3f0 [ 16.808193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.808241] kthread+0x328/0x630 [ 16.808297] ret_from_fork+0x10/0x20 [ 16.808342] [ 16.808360] Allocated by task 138: [ 16.808385] kasan_save_stack+0x3c/0x68 [ 16.808421] kasan_save_track+0x20/0x40 [ 16.808455] kasan_save_alloc_info+0x40/0x58 [ 16.808491] __kasan_kmalloc+0xd4/0xd8 [ 16.808524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.808560] kmalloc_oob_right+0xb0/0x660 [ 16.808829] kunit_try_run_case+0x170/0x3f0 [ 16.808882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.808942] kthread+0x328/0x630 [ 16.809163] ret_from_fork+0x10/0x20 [ 16.809203] [ 16.809260] The buggy address belongs to the object at fff00000c6fb0000 [ 16.809260] which belongs to the cache kmalloc-128 of size 128 [ 16.809357] The buggy address is located 13 bytes to the right of [ 16.809357] allocated 115-byte region [fff00000c6fb0000, fff00000c6fb0073) [ 16.809424] [ 16.809443] The buggy address belongs to the physical page: [ 16.809491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106fb0 [ 16.809557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.809602] page_type: f5(slab) [ 16.809637] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.809690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.809736] page dumped because: kasan: bad access detected [ 16.809765] [ 16.809782] Memory state around the buggy address: [ 16.809811] fff00000c6faff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.809851] fff00000c6fb0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.809902] >fff00000c6fb0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.809938] ^ [ 16.809963] fff00000c6fb0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.810003] fff00000c6fb0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.810040] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 96.110861] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 96.112892] Modules linked in: [ 96.113264] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D W N 6.15.8-rc1 #1 PREEMPT [ 96.114195] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.114893] Hardware name: linux,dummy-virt (DT) [ 96.115417] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.115711] pc : intlog10+0x38/0x48 [ 96.115897] lr : intlog10_test+0xe4/0x200 [ 96.116086] sp : ffff800082297c10 [ 96.116251] x29: ffff800082297c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.116715] x26: 1ffe000018f172e1 x25: 0000000000000000 x24: ffff800082297ce0 [ 96.117115] x23: ffff800082297d00 x22: 0000000000000000 x21: 1ffff00010452f82 [ 96.117642] x20: ffff9b0a4be35340 x19: ffff800080087990 x18: 00000000a8fa8aef [ 96.118073] x17: 00000000deb18353 x16: fff00000c096dc3c x15: 00000000bb6b6970 [ 96.118543] x14: 00000000059aa864 x13: 1ffe00001b493c1d x12: ffff736149f79b71 [ 96.118992] x11: 1ffff36149f79b70 x10: ffff736149f79b70 x9 : ffff9b0a494155e4 [ 96.119373] x8 : ffff9b0a4fbcdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.119810] x5 : ffff700010452f82 x4 : 1ffff00010010f3a x3 : 1ffff361497c6a68 [ 96.120208] x2 : 1ffff361497c6a68 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.120641] Call trace: [ 96.120817] intlog10+0x38/0x48 (P) [ 96.121022] kunit_try_run_case+0x170/0x3f0 [ 96.121294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.121621] kthread+0x328/0x630 [ 96.121828] ret_from_fork+0x10/0x20 [ 96.122075] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 96.061976] WARNING: CPU: 0 PID: 640 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 96.065272] Modules linked in: [ 96.065693] CPU: 0 UID: 0 PID: 640 Comm: kunit_try_catch Tainted: G B D N 6.15.8-rc1 #1 PREEMPT [ 96.066481] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.066893] Hardware name: linux,dummy-virt (DT) [ 96.067443] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.068150] pc : intlog2+0xd8/0xf8 [ 96.068556] lr : intlog2_test+0xe4/0x200 [ 96.068955] sp : ffff8000821c7c10 [ 96.069114] x29: ffff8000821c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.069478] x26: 1ffe0000187d06a1 x25: 0000000000000000 x24: ffff8000821c7ce0 [ 96.069823] x23: ffff8000821c7d00 x22: 0000000000000000 x21: 1ffff00010438f82 [ 96.070168] x20: ffff9b0a4be35240 x19: ffff800080087990 x18: 000000006eebabad [ 96.071004] x17: 000000000cc31ddf x16: fff00000c096dc3c x15: fff00000ff616b08 [ 96.071964] x14: 00000000f1f1f1f1 x13: 1ffe00001b493c1d x12: ffff736149f79b71 [ 96.072849] x11: 1ffff36149f79b70 x10: ffff736149f79b70 x9 : ffff9b0a494157e4 [ 96.073673] x8 : ffff9b0a4fbcdb83 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.074436] x5 : ffff700010438f82 x4 : 1ffff00010010f3a x3 : 1ffff361497c6a48 [ 96.075299] x2 : 1ffff361497c6a48 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.076117] Call trace: [ 96.076439] intlog2+0xd8/0xf8 (P) [ 96.076834] kunit_try_run_case+0x170/0x3f0 [ 96.077407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.077974] kthread+0x328/0x630 [ 96.078366] ret_from_fork+0x10/0x20 [ 96.078855] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/internal-error-oops-oops-smp
KNOWN ISSUE - qemu-arm64: Internal error: Oops at kunit_test_null_dereference - kunit_generic_run_threadfn_adapter
[ 95.189326] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.196034] Modules linked in: [ 95.197063] CPU: 0 UID: 0 PID: 534 Comm: kunit_try_catch Tainted: G B N 6.15.8-rc1 #1 PREEMPT [ 95.197994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.198192] Hardware name: linux,dummy-virt (DT) [ 95.198943] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.199907] pc : kunit_test_null_dereference+0x70/0x170 [ 95.200613] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.201230] sp : ffff800080f87d30 [ 95.201661] x29: ffff800080f87d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.202128] x26: 1ffe000018cb9301 x25: 0000000000000000 x24: 0000000000000004 [ 95.202952] x23: fff00000c65c980c x22: ffff9b0a49402bc0 x21: fff00000c17cfc88 [ 95.203974] x20: 1ffff000101f0fa6 x19: ffff800080087990 x18: 00000000579ef9ea [ 95.204800] x17: 0000000000000001 x16: fff00000c096dc3c x15: 000000009d90f61a [ 95.205240] x14: 00000000f1f1f1f1 x13: 1ffe00001b493c1d x12: fffd800018becdc4 [ 95.205604] x11: 1ffe000018becdc3 x10: fffd800018becdc3 x9 : ffff9b0a493fa028 [ 95.205993] x8 : ffff800080f87c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.206591] x5 : ffff7000101f0fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.207540] x2 : dfff800000000000 x1 : fff00000c5f66540 x0 : ffff800080087990 [ 95.208605] Call trace: [ 95.209079] kunit_test_null_dereference+0x70/0x170 (P) [ 95.209814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.210551] kthread+0x328/0x630 [ 95.211185] ret_from_fork+0x10/0x20 [ 95.212184] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.213076] ---[ end trace 0000000000000000 ]---