Date
Nov. 22, 2024, 6:35 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 34.897946] ================================================================== [ 34.899308] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 34.900864] Read of size 8 at addr fff00000c6a70a00 by task kunit_try_catch/189 [ 34.903325] [ 34.903792] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.905268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.905965] Hardware name: linux,dummy-virt (DT) [ 34.906701] Call trace: [ 34.907259] show_stack+0x20/0x38 (C) [ 34.908084] dump_stack_lvl+0x8c/0xd0 [ 34.909523] print_report+0x118/0x5e0 [ 34.910193] kasan_report+0xc8/0x118 [ 34.910655] __asan_report_load8_noabort+0x20/0x30 [ 34.911980] workqueue_uaf+0x480/0x4a8 [ 34.912763] kunit_try_run_case+0x14c/0x3d0 [ 34.914036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.915139] kthread+0x24c/0x2d0 [ 34.915960] ret_from_fork+0x10/0x20 [ 34.916963] [ 34.917223] Allocated by task 189: [ 34.917630] kasan_save_stack+0x3c/0x68 [ 34.919100] kasan_save_track+0x20/0x40 [ 34.919815] kasan_save_alloc_info+0x40/0x58 [ 34.920635] __kasan_kmalloc+0xd4/0xd8 [ 34.921238] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.922615] workqueue_uaf+0x13c/0x4a8 [ 34.923183] kunit_try_run_case+0x14c/0x3d0 [ 34.923965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.926057] kthread+0x24c/0x2d0 [ 34.926582] ret_from_fork+0x10/0x20 [ 34.927277] [ 34.928012] Freed by task 10: [ 34.929033] kasan_save_stack+0x3c/0x68 [ 34.929577] kasan_save_track+0x20/0x40 [ 34.930268] kasan_save_free_info+0x4c/0x78 [ 34.931014] __kasan_slab_free+0x6c/0x98 [ 34.931769] kfree+0x114/0x3d0 [ 34.932364] workqueue_uaf_work+0x18/0x30 [ 34.933298] process_one_work+0x530/0xfa8 [ 34.933762] worker_thread+0x614/0xf28 [ 34.934177] kthread+0x24c/0x2d0 [ 34.934758] ret_from_fork+0x10/0x20 [ 34.935806] [ 34.936215] Last potentially related work creation: [ 34.937612] kasan_save_stack+0x3c/0x68 [ 34.938623] __kasan_record_aux_stack+0xbc/0xe8 [ 34.939661] kasan_record_aux_stack_noalloc+0x14/0x20 [ 34.940841] __queue_work+0x654/0xfe0 [ 34.941689] queue_work_on+0xbc/0xf8 [ 34.942218] workqueue_uaf+0x210/0x4a8 [ 34.943280] kunit_try_run_case+0x14c/0x3d0 [ 34.943768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.944822] kthread+0x24c/0x2d0 [ 34.946172] ret_from_fork+0x10/0x20 [ 34.947151] [ 34.947640] The buggy address belongs to the object at fff00000c6a70a00 [ 34.947640] which belongs to the cache kmalloc-32 of size 32 [ 34.949579] The buggy address is located 0 bytes inside of [ 34.949579] freed 32-byte region [fff00000c6a70a00, fff00000c6a70a20) [ 34.951115] [ 34.952381] The buggy address belongs to the physical page: [ 34.953284] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a70 [ 34.954102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.955705] page_type: f5(slab) [ 34.956240] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.957377] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.958930] page dumped because: kasan: bad access detected [ 34.960063] [ 34.960355] Memory state around the buggy address: [ 34.961954] fff00000c6a70900: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 34.962894] fff00000c6a70980: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 34.963951] >fff00000c6a70a00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 34.964820] ^ [ 34.967350] fff00000c6a70a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.967994] fff00000c6a70b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.968592] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 34.797230] ================================================================== [ 34.798764] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 34.799800] Read of size 4 at addr fff00000c6a708c0 by task swapper/0/0 [ 34.800558] [ 34.800945] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.0-next-20241122 #1 [ 34.802111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.803278] Hardware name: linux,dummy-virt (DT) [ 34.805311] Call trace: [ 34.805832] show_stack+0x20/0x38 (C) [ 34.806638] dump_stack_lvl+0x8c/0xd0 [ 34.807362] print_report+0x118/0x5e0 [ 34.808199] kasan_report+0xc8/0x118 [ 34.809111] __asan_report_load4_noabort+0x20/0x30 [ 34.810373] rcu_uaf_reclaim+0x64/0x70 [ 34.811162] rcu_core+0xa54/0x1df8 [ 34.811907] rcu_core_si+0x18/0x30 [ 34.812592] handle_softirqs+0x374/0xb20 [ 34.813574] __do_softirq+0x1c/0x28 [ 34.814217] ____do_softirq+0x18/0x30 [ 34.814684] call_on_irq_stack+0x24/0x58 [ 34.815244] do_softirq_own_stack+0x24/0x38 [ 34.815717] __irq_exit_rcu+0x1fc/0x318 [ 34.817580] irq_exit_rcu+0x1c/0x80 [ 34.818580] el1_interrupt+0x38/0x58 [ 34.819673] el1h_64_irq_handler+0x18/0x28 [ 34.820562] el1h_64_irq+0x6c/0x70 [ 34.821630] arch_local_irq_enable+0x4/0x8 (P) [ 34.822593] default_idle_call+0x6c/0x78 (L) [ 34.823712] do_idle+0x384/0x4e8 [ 34.824406] cpu_startup_entry+0x64/0x80 [ 34.825264] rest_init+0x160/0x188 [ 34.826254] start_kernel+0x308/0x3d0 [ 34.826921] __primary_switched+0x8c/0xa0 [ 34.827518] [ 34.827896] Allocated by task 187: [ 34.828338] kasan_save_stack+0x3c/0x68 [ 34.829724] kasan_save_track+0x20/0x40 [ 34.830357] kasan_save_alloc_info+0x40/0x58 [ 34.831069] __kasan_kmalloc+0xd4/0xd8 [ 34.831801] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.832498] rcu_uaf+0xb0/0x2d0 [ 34.833322] kunit_try_run_case+0x14c/0x3d0 [ 34.834663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.835931] kthread+0x24c/0x2d0 [ 34.836927] ret_from_fork+0x10/0x20 [ 34.837694] [ 34.838306] Freed by task 0: [ 34.838739] kasan_save_stack+0x3c/0x68 [ 34.839246] kasan_save_track+0x20/0x40 [ 34.839913] kasan_save_free_info+0x4c/0x78 [ 34.840718] __kasan_slab_free+0x6c/0x98 [ 34.841705] kfree+0x114/0x3d0 [ 34.842346] rcu_uaf_reclaim+0x28/0x70 [ 34.842944] rcu_core+0xa54/0x1df8 [ 34.843468] rcu_core_si+0x18/0x30 [ 34.843923] handle_softirqs+0x374/0xb20 [ 34.845142] __do_softirq+0x1c/0x28 [ 34.845687] [ 34.846078] Last potentially related work creation: [ 34.847144] kasan_save_stack+0x3c/0x68 [ 34.847969] __kasan_record_aux_stack+0xbc/0xe8 [ 34.848940] kasan_record_aux_stack_noalloc+0x14/0x20 [ 34.850103] __call_rcu_common.constprop.0+0x74/0xa18 [ 34.850899] call_rcu+0x18/0x30 [ 34.851359] rcu_uaf+0x14c/0x2d0 [ 34.851941] kunit_try_run_case+0x14c/0x3d0 [ 34.852897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.854090] kthread+0x24c/0x2d0 [ 34.854580] ret_from_fork+0x10/0x20 [ 34.855337] [ 34.855705] The buggy address belongs to the object at fff00000c6a708c0 [ 34.855705] which belongs to the cache kmalloc-32 of size 32 [ 34.858007] The buggy address is located 0 bytes inside of [ 34.858007] freed 32-byte region [fff00000c6a708c0, fff00000c6a708e0) [ 34.859427] [ 34.859813] The buggy address belongs to the physical page: [ 34.861071] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a70 [ 34.862688] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.863550] page_type: f5(slab) [ 34.864034] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 34.866791] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 34.867746] page dumped because: kasan: bad access detected [ 34.868511] [ 34.868961] Memory state around the buggy address: [ 34.869785] fff00000c6a70780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 34.871041] fff00000c6a70800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 34.871755] >fff00000c6a70880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 34.873545] ^ [ 34.874350] fff00000c6a70900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.875953] fff00000c6a70980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.877402] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 64.610856] ================================================================== [ 64.611871] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 64.611871] [ 64.613029] Use-after-free read at 0x00000000363d8d1c (in kfence-#214): [ 64.614522] test_krealloc+0x51c/0x830 [ 64.614999] test_krealloc+0x458/0x830 [ 64.615606] kunit_try_run_case+0x14c/0x3d0 [ 64.616649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.617675] kthread+0x24c/0x2d0 [ 64.618233] ret_from_fork+0x10/0x20 [ 64.618892] [ 64.619276] kfence-#214: 0x00000000363d8d1c-0x00000000d00ab175, size=32, cache=kmalloc-32 [ 64.619276] [ 64.620388] allocated by task 326 on cpu 1 at 64.609784s (0.010594s ago): [ 64.621806] test_alloc+0x298/0x620 [ 64.622660] test_krealloc+0xc0/0x830 [ 64.623216] kunit_try_run_case+0x14c/0x3d0 [ 64.623917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.624796] kthread+0x24c/0x2d0 [ 64.625727] ret_from_fork+0x10/0x20 [ 64.626517] [ 64.626971] freed by task 326 on cpu 1 at 64.610197s (0.016763s ago): [ 64.627903] krealloc_noprof+0x148/0x360 [ 64.628386] test_krealloc+0x1dc/0x830 [ 64.629102] kunit_try_run_case+0x14c/0x3d0 [ 64.630057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.631055] kthread+0x24c/0x2d0 [ 64.631519] ret_from_fork+0x10/0x20 [ 64.632113] [ 64.632699] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 64.635064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.635899] Hardware name: linux,dummy-virt (DT) [ 64.636854] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 64.519609] ================================================================== [ 64.520520] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 64.520520] [ 64.521569] Use-after-free read at 0x00000000573dcbac (in kfence-#213): [ 64.522465] test_memcache_typesafe_by_rcu+0x280/0x560 [ 64.523314] test_memcache_typesafe_by_rcu+0x260/0x560 [ 64.524061] kunit_try_run_case+0x14c/0x3d0 [ 64.524857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.525616] kthread+0x24c/0x2d0 [ 64.526095] ret_from_fork+0x10/0x20 [ 64.526851] [ 64.527180] kfence-#213: 0x00000000573dcbac-0x00000000d4aa2388, size=32, cache=test [ 64.527180] [ 64.528517] allocated by task 324 on cpu 1 at 64.509714s (0.018791s ago): [ 64.529403] test_alloc+0x22c/0x620 [ 64.529932] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 64.530810] kunit_try_run_case+0x14c/0x3d0 [ 64.531464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.532263] kthread+0x24c/0x2d0 [ 64.532738] ret_from_fork+0x10/0x20 [ 64.533368] [ 64.533734] freed by task 324 on cpu 1 at 64.509912s (0.023812s ago): [ 64.534647] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 64.535232] kunit_try_run_case+0x14c/0x3d0 [ 64.535699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 64.536192] kthread+0x24c/0x2d0 [ 64.536596] ret_from_fork+0x10/0x20 [ 64.537003] [ 64.537298] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 64.538162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.538905] Hardware name: linux,dummy-virt (DT) [ 64.539865] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 45.923505] ================================================================== [ 45.925674] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 45.925674] [ 45.927043] Invalid read at 0x00000000c6344c52: [ 45.927993] test_invalid_access+0xdc/0x1f0 [ 45.929330] kunit_try_run_case+0x14c/0x3d0 [ 45.930362] kunit_try_run_case+0x14c/0x3d0 [ 45.931139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.932091] kthread+0x24c/0x2d0 [ 45.933459] ret_from_fork+0x10/0x20 [ 45.934353] [ 45.934903] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 45.935871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.936670] Hardware name: linux,dummy-virt (DT) [ 45.937844] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 34.583606] ================================================================== [ 34.584940] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x600 [ 34.586458] Read of size 1 at addr fff00000c6357b00 by task kunit_try_catch/185 [ 34.587656] [ 34.588018] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.589230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.590001] Hardware name: linux,dummy-virt (DT) [ 34.591349] Call trace: [ 34.591765] show_stack+0x20/0x38 (C) [ 34.592356] dump_stack_lvl+0x8c/0xd0 [ 34.592889] print_report+0x118/0x5e0 [ 34.594006] kasan_report+0xc8/0x118 [ 34.594635] __kasan_check_byte+0x54/0x70 [ 34.595263] ksize+0x30/0x88 [ 34.595748] ksize_uaf+0x168/0x600 [ 34.596465] kunit_try_run_case+0x14c/0x3d0 [ 34.597132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.598625] kthread+0x24c/0x2d0 [ 34.599109] ret_from_fork+0x10/0x20 [ 34.599607] [ 34.599874] Allocated by task 185: [ 34.601103] kasan_save_stack+0x3c/0x68 [ 34.601998] kasan_save_track+0x20/0x40 [ 34.602816] kasan_save_alloc_info+0x40/0x58 [ 34.603668] __kasan_kmalloc+0xd4/0xd8 [ 34.604349] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.605183] ksize_uaf+0xb8/0x600 [ 34.605627] kunit_try_run_case+0x14c/0x3d0 [ 34.606398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.608504] kthread+0x24c/0x2d0 [ 34.609248] ret_from_fork+0x10/0x20 [ 34.609735] [ 34.610208] Freed by task 185: [ 34.610793] kasan_save_stack+0x3c/0x68 [ 34.611419] kasan_save_track+0x20/0x40 [ 34.612112] kasan_save_free_info+0x4c/0x78 [ 34.612871] __kasan_slab_free+0x6c/0x98 [ 34.613980] kfree+0x114/0x3d0 [ 34.614977] ksize_uaf+0x11c/0x600 [ 34.615761] kunit_try_run_case+0x14c/0x3d0 [ 34.616321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.617055] kthread+0x24c/0x2d0 [ 34.618068] ret_from_fork+0x10/0x20 [ 34.618697] [ 34.619051] The buggy address belongs to the object at fff00000c6357b00 [ 34.619051] which belongs to the cache kmalloc-128 of size 128 [ 34.621046] The buggy address is located 0 bytes inside of [ 34.621046] freed 128-byte region [fff00000c6357b00, fff00000c6357b80) [ 34.622456] [ 34.622863] The buggy address belongs to the physical page: [ 34.623601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.624911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.626135] page_type: f5(slab) [ 34.627097] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.628082] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.629481] page dumped because: kasan: bad access detected [ 34.630338] [ 34.630709] Memory state around the buggy address: [ 34.631654] fff00000c6357a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 34.632813] fff00000c6357a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.634004] >fff00000c6357b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.635046] ^ [ 34.635658] fff00000c6357b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.636723] fff00000c6357c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.637645] ================================================================== [ 34.640313] ================================================================== [ 34.641067] BUG: KASAN: slab-use-after-free in ksize_uaf+0x59c/0x600 [ 34.642476] Read of size 1 at addr fff00000c6357b00 by task kunit_try_catch/185 [ 34.644275] [ 34.645040] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.646409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.647368] Hardware name: linux,dummy-virt (DT) [ 34.648305] Call trace: [ 34.649074] show_stack+0x20/0x38 (C) [ 34.649733] dump_stack_lvl+0x8c/0xd0 [ 34.650279] print_report+0x118/0x5e0 [ 34.650869] kasan_report+0xc8/0x118 [ 34.652277] __asan_report_load1_noabort+0x20/0x30 [ 34.653082] ksize_uaf+0x59c/0x600 [ 34.653529] kunit_try_run_case+0x14c/0x3d0 [ 34.654008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.655387] kthread+0x24c/0x2d0 [ 34.656149] ret_from_fork+0x10/0x20 [ 34.657105] [ 34.657431] Allocated by task 185: [ 34.657931] kasan_save_stack+0x3c/0x68 [ 34.659100] kasan_save_track+0x20/0x40 [ 34.659721] kasan_save_alloc_info+0x40/0x58 [ 34.660264] __kasan_kmalloc+0xd4/0xd8 [ 34.661232] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.662195] ksize_uaf+0xb8/0x600 [ 34.662722] kunit_try_run_case+0x14c/0x3d0 [ 34.664315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.665823] kthread+0x24c/0x2d0 [ 34.666590] ret_from_fork+0x10/0x20 [ 34.666919] [ 34.667084] Freed by task 185: [ 34.667323] kasan_save_stack+0x3c/0x68 [ 34.667730] kasan_save_track+0x20/0x40 [ 34.668343] kasan_save_free_info+0x4c/0x78 [ 34.669709] __kasan_slab_free+0x6c/0x98 [ 34.670830] kfree+0x114/0x3d0 [ 34.671217] ksize_uaf+0x11c/0x600 [ 34.671625] kunit_try_run_case+0x14c/0x3d0 [ 34.672195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.673240] kthread+0x24c/0x2d0 [ 34.674068] ret_from_fork+0x10/0x20 [ 34.675067] [ 34.675707] The buggy address belongs to the object at fff00000c6357b00 [ 34.675707] which belongs to the cache kmalloc-128 of size 128 [ 34.677305] The buggy address is located 0 bytes inside of [ 34.677305] freed 128-byte region [fff00000c6357b00, fff00000c6357b80) [ 34.678631] [ 34.678931] The buggy address belongs to the physical page: [ 34.679975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.682427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.683874] page_type: f5(slab) [ 34.684735] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.686321] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.687907] page dumped because: kasan: bad access detected [ 34.688724] [ 34.689365] Memory state around the buggy address: [ 34.690322] fff00000c6357a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 34.691502] fff00000c6357a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.692325] >fff00000c6357b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.693624] ^ [ 34.694142] fff00000c6357b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.694893] fff00000c6357c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.696347] ================================================================== [ 34.699394] ================================================================== [ 34.702943] BUG: KASAN: slab-use-after-free in ksize_uaf+0x548/0x600 [ 34.705580] Read of size 1 at addr fff00000c6357b78 by task kunit_try_catch/185 [ 34.710154] [ 34.710529] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.711965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.714862] Hardware name: linux,dummy-virt (DT) [ 34.716293] Call trace: [ 34.716687] show_stack+0x20/0x38 (C) [ 34.718342] dump_stack_lvl+0x8c/0xd0 [ 34.719193] print_report+0x118/0x5e0 [ 34.719893] kasan_report+0xc8/0x118 [ 34.720493] __asan_report_load1_noabort+0x20/0x30 [ 34.721145] ksize_uaf+0x548/0x600 [ 34.721704] kunit_try_run_case+0x14c/0x3d0 [ 34.722325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.723531] kthread+0x24c/0x2d0 [ 34.723946] ret_from_fork+0x10/0x20 [ 34.725148] [ 34.725873] Allocated by task 185: [ 34.726982] kasan_save_stack+0x3c/0x68 [ 34.727899] kasan_save_track+0x20/0x40 [ 34.728497] kasan_save_alloc_info+0x40/0x58 [ 34.729599] __kasan_kmalloc+0xd4/0xd8 [ 34.730847] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.732338] ksize_uaf+0xb8/0x600 [ 34.733236] kunit_try_run_case+0x14c/0x3d0 [ 34.734799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.736303] kthread+0x24c/0x2d0 [ 34.737213] ret_from_fork+0x10/0x20 [ 34.737787] [ 34.738071] Freed by task 185: [ 34.738472] kasan_save_stack+0x3c/0x68 [ 34.739571] kasan_save_track+0x20/0x40 [ 34.740760] kasan_save_free_info+0x4c/0x78 [ 34.742274] __kasan_slab_free+0x6c/0x98 [ 34.743072] kfree+0x114/0x3d0 [ 34.743815] ksize_uaf+0x11c/0x600 [ 34.744878] kunit_try_run_case+0x14c/0x3d0 [ 34.745369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.746090] kthread+0x24c/0x2d0 [ 34.747116] ret_from_fork+0x10/0x20 [ 34.747698] [ 34.747942] The buggy address belongs to the object at fff00000c6357b00 [ 34.747942] which belongs to the cache kmalloc-128 of size 128 [ 34.750829] The buggy address is located 120 bytes inside of [ 34.750829] freed 128-byte region [fff00000c6357b00, fff00000c6357b80) [ 34.753048] [ 34.753419] The buggy address belongs to the physical page: [ 34.754520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.755852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.756955] page_type: f5(slab) [ 34.757483] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.758718] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.760213] page dumped because: kasan: bad access detected [ 34.761199] [ 34.761639] Memory state around the buggy address: [ 34.762578] fff00000c6357a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.764656] fff00000c6357a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.765497] >fff00000c6357b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.767261] ^ [ 34.768576] fff00000c6357b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.769864] fff00000c6357c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.770877] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 34.523428] ================================================================== [ 34.524321] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x6a0/0x750 [ 34.525668] Read of size 1 at addr fff00000c635797f by task kunit_try_catch/183 [ 34.526393] [ 34.526726] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.528252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.529164] Hardware name: linux,dummy-virt (DT) [ 34.530374] Call trace: [ 34.531253] show_stack+0x20/0x38 (C) [ 34.532162] dump_stack_lvl+0x8c/0xd0 [ 34.533259] print_report+0x118/0x5e0 [ 34.534046] kasan_report+0xc8/0x118 [ 34.535095] __asan_report_load1_noabort+0x20/0x30 [ 34.535901] ksize_unpoisons_memory+0x6a0/0x750 [ 34.536783] kunit_try_run_case+0x14c/0x3d0 [ 34.537934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.539101] kthread+0x24c/0x2d0 [ 34.539781] ret_from_fork+0x10/0x20 [ 34.540980] [ 34.541526] Allocated by task 183: [ 34.542298] kasan_save_stack+0x3c/0x68 [ 34.542698] kasan_save_track+0x20/0x40 [ 34.542983] kasan_save_alloc_info+0x40/0x58 [ 34.543285] __kasan_kmalloc+0xd4/0xd8 [ 34.543663] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.544736] ksize_unpoisons_memory+0xc0/0x750 [ 34.545844] kunit_try_run_case+0x14c/0x3d0 [ 34.547008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.548084] kthread+0x24c/0x2d0 [ 34.548869] ret_from_fork+0x10/0x20 [ 34.549847] [ 34.550230] The buggy address belongs to the object at fff00000c6357900 [ 34.550230] which belongs to the cache kmalloc-128 of size 128 [ 34.551636] The buggy address is located 12 bytes to the right of [ 34.551636] allocated 115-byte region [fff00000c6357900, fff00000c6357973) [ 34.553136] [ 34.553431] The buggy address belongs to the physical page: [ 34.553963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.557273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.560415] page_type: f5(slab) [ 34.561151] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.562263] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.563381] page dumped because: kasan: bad access detected [ 34.564465] [ 34.564974] Memory state around the buggy address: [ 34.565791] fff00000c6357800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.566471] fff00000c6357880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.567337] >fff00000c6357900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 34.568126] ^ [ 34.569752] fff00000c6357980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.570896] fff00000c6357a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.571745] ================================================================== [ 34.471874] ================================================================== [ 34.473005] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x750 [ 34.474491] Read of size 1 at addr fff00000c6357978 by task kunit_try_catch/183 [ 34.475512] [ 34.475835] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.478219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.479796] Hardware name: linux,dummy-virt (DT) [ 34.480515] Call trace: [ 34.481159] show_stack+0x20/0x38 (C) [ 34.481912] dump_stack_lvl+0x8c/0xd0 [ 34.483730] print_report+0x118/0x5e0 [ 34.484346] kasan_report+0xc8/0x118 [ 34.485369] __asan_report_load1_noabort+0x20/0x30 [ 34.486422] ksize_unpoisons_memory+0x628/0x750 [ 34.487238] kunit_try_run_case+0x14c/0x3d0 [ 34.488011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.489232] kthread+0x24c/0x2d0 [ 34.490211] ret_from_fork+0x10/0x20 [ 34.491199] [ 34.491690] Allocated by task 183: [ 34.492500] kasan_save_stack+0x3c/0x68 [ 34.493366] kasan_save_track+0x20/0x40 [ 34.493831] kasan_save_alloc_info+0x40/0x58 [ 34.494567] __kasan_kmalloc+0xd4/0xd8 [ 34.495212] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.496283] ksize_unpoisons_memory+0xc0/0x750 [ 34.497674] kunit_try_run_case+0x14c/0x3d0 [ 34.498622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.499495] kthread+0x24c/0x2d0 [ 34.499988] ret_from_fork+0x10/0x20 [ 34.500570] [ 34.501718] The buggy address belongs to the object at fff00000c6357900 [ 34.501718] which belongs to the cache kmalloc-128 of size 128 [ 34.503132] The buggy address is located 5 bytes to the right of [ 34.503132] allocated 115-byte region [fff00000c6357900, fff00000c6357973) [ 34.504677] [ 34.505012] The buggy address belongs to the physical page: [ 34.506476] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.507057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.507518] page_type: f5(slab) [ 34.508307] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.509993] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.511037] page dumped because: kasan: bad access detected [ 34.511939] [ 34.512250] Memory state around the buggy address: [ 34.512899] fff00000c6357800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.513774] fff00000c6357880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.515653] >fff00000c6357900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 34.516415] ^ [ 34.518020] fff00000c6357980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.519152] fff00000c6357a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.520029] ================================================================== [ 34.414681] ================================================================== [ 34.416340] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x638/0x750 [ 34.417992] Read of size 1 at addr fff00000c6357973 by task kunit_try_catch/183 [ 34.419701] [ 34.420071] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.422193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.422759] Hardware name: linux,dummy-virt (DT) [ 34.423589] Call trace: [ 34.424024] show_stack+0x20/0x38 (C) [ 34.424619] dump_stack_lvl+0x8c/0xd0 [ 34.425808] print_report+0x118/0x5e0 [ 34.426677] kasan_report+0xc8/0x118 [ 34.427620] __asan_report_load1_noabort+0x20/0x30 [ 34.428698] ksize_unpoisons_memory+0x638/0x750 [ 34.429057] kunit_try_run_case+0x14c/0x3d0 [ 34.431490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.432173] kthread+0x24c/0x2d0 [ 34.432625] ret_from_fork+0x10/0x20 [ 34.433049] [ 34.433590] Allocated by task 183: [ 34.434143] kasan_save_stack+0x3c/0x68 [ 34.436612] kasan_save_track+0x20/0x40 [ 34.437660] kasan_save_alloc_info+0x40/0x58 [ 34.438179] __kasan_kmalloc+0xd4/0xd8 [ 34.440633] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.442758] ksize_unpoisons_memory+0xc0/0x750 [ 34.443312] kunit_try_run_case+0x14c/0x3d0 [ 34.445908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.447161] kthread+0x24c/0x2d0 [ 34.447967] ret_from_fork+0x10/0x20 [ 34.449067] [ 34.449415] The buggy address belongs to the object at fff00000c6357900 [ 34.449415] which belongs to the cache kmalloc-128 of size 128 [ 34.451634] The buggy address is located 0 bytes to the right of [ 34.451634] allocated 115-byte region [fff00000c6357900, fff00000c6357973) [ 34.454385] [ 34.454776] The buggy address belongs to the physical page: [ 34.455504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 34.456398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.458204] page_type: f5(slab) [ 34.458926] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 34.459655] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 34.460090] page dumped because: kasan: bad access detected [ 34.460422] [ 34.461918] Memory state around the buggy address: [ 34.462839] fff00000c6357800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 34.463586] fff00000c6357880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.464851] >fff00000c6357900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 34.465652] ^ [ 34.466587] fff00000c6357980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.467532] fff00000c6357a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.468426] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 45.681960] ================================================================== [ 45.682836] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 45.682836] [ 45.683706] Corrupted memory at 0x00000000671b8153 [ ! . . . . . . . . . . . . . . . ] (in kfence-#208): [ 45.686208] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 45.686954] kunit_try_run_case+0x14c/0x3d0 [ 45.687600] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.688360] kthread+0x24c/0x2d0 [ 45.688916] ret_from_fork+0x10/0x20 [ 45.689503] [ 45.689957] kfence-#208: 0x000000000394e3f7-0x0000000068a5c4ae, size=73, cache=kmalloc-96 [ 45.689957] [ 45.691125] allocated by task 314 on cpu 1 at 45.681498s (0.009617s ago): [ 45.692102] test_alloc+0x298/0x620 [ 45.692664] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 45.693315] kunit_try_run_case+0x14c/0x3d0 [ 45.694021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.694863] kthread+0x24c/0x2d0 [ 45.695379] ret_from_fork+0x10/0x20 [ 45.695971] [ 45.696302] freed by task 314 on cpu 1 at 45.681729s (0.014564s ago): [ 45.697238] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 45.697965] kunit_try_run_case+0x14c/0x3d0 [ 45.698704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.699402] kthread+0x24c/0x2d0 [ 45.699998] ret_from_fork+0x10/0x20 [ 45.700476] [ 45.700949] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 45.702192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.702887] Hardware name: linux,dummy-virt (DT) [ 45.703467] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 45.577956] ================================================================== [ 45.578869] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 45.578869] [ 45.579891] Out-of-bounds read at 0x00000000453eff6a (105B right of kfence-#207): [ 45.580331] test_kmalloc_aligned_oob_read+0x238/0x468 [ 45.581346] test_kmalloc_aligned_oob_read+0x100/0x468 [ 45.582428] kunit_try_run_case+0x14c/0x3d0 [ 45.583502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.584481] kthread+0x24c/0x2d0 [ 45.585014] ret_from_fork+0x10/0x20 [ 45.585510] [ 45.586001] kfence-#207: 0x00000000d3be0ba9-0x000000002cda02e9, size=73, cache=kmalloc-96 [ 45.586001] [ 45.587235] allocated by task 312 on cpu 0 at 45.577510s (0.009716s ago): [ 45.588163] test_alloc+0x298/0x620 [ 45.588812] test_kmalloc_aligned_oob_read+0x100/0x468 [ 45.589622] kunit_try_run_case+0x14c/0x3d0 [ 45.590249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.590891] kthread+0x24c/0x2d0 [ 45.591531] ret_from_fork+0x10/0x20 [ 45.592112] [ 45.592638] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 45.593882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.594552] Hardware name: linux,dummy-virt (DT) [ 45.595396] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 41.626045] ================================================================== [ 41.626945] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 41.626945] [ 41.627902] Corrupted memory at 0x000000001e1906d6 [ ! ] (in kfence-#169): [ 41.630138] test_corruption+0x284/0x378 [ 41.630884] kunit_try_run_case+0x14c/0x3d0 [ 41.631568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.632175] kthread+0x24c/0x2d0 [ 41.632850] ret_from_fork+0x10/0x20 [ 41.633476] [ 41.633961] kfence-#169: 0x000000000b0427f7-0x00000000f8248443, size=32, cache=kmalloc-32 [ 41.633961] [ 41.635009] allocated by task 300 on cpu 1 at 41.625570s (0.009430s ago): [ 41.636036] test_alloc+0x298/0x620 [ 41.636628] test_corruption+0x198/0x378 [ 41.637168] kunit_try_run_case+0x14c/0x3d0 [ 41.637825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.638573] kthread+0x24c/0x2d0 [ 41.639018] ret_from_fork+0x10/0x20 [ 41.639696] [ 41.640060] freed by task 300 on cpu 1 at 41.625728s (0.014322s ago): [ 41.640908] test_corruption+0x284/0x378 [ 41.641573] kunit_try_run_case+0x14c/0x3d0 [ 41.642162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.642998] kthread+0x24c/0x2d0 [ 41.643481] ret_from_fork+0x10/0x20 [ 41.643890] [ 41.644272] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.645060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.645487] Hardware name: linux,dummy-virt (DT) [ 41.646049] ================================================================== [ 41.833837] ================================================================== [ 41.834968] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 41.834968] [ 41.835851] Corrupted memory at 0x0000000011113ce2 [ ! ] (in kfence-#171): [ 41.837487] test_corruption+0x1d8/0x378 [ 41.838216] kunit_try_run_case+0x14c/0x3d0 [ 41.838985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.839573] kthread+0x24c/0x2d0 [ 41.840270] ret_from_fork+0x10/0x20 [ 41.840894] [ 41.841248] kfence-#171: 0x000000008d2320d1-0x00000000eae7b40f, size=32, cache=test [ 41.841248] [ 41.842390] allocated by task 302 on cpu 1 at 41.833569s (0.008811s ago): [ 41.843224] test_alloc+0x22c/0x620 [ 41.843852] test_corruption+0x198/0x378 [ 41.844600] kunit_try_run_case+0x14c/0x3d0 [ 41.845285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.846149] kthread+0x24c/0x2d0 [ 41.846700] ret_from_fork+0x10/0x20 [ 41.847366] [ 41.847735] freed by task 302 on cpu 1 at 41.833670s (0.014056s ago): [ 41.848587] test_corruption+0x1d8/0x378 [ 41.849178] kunit_try_run_case+0x14c/0x3d0 [ 41.849895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.850707] kthread+0x24c/0x2d0 [ 41.851290] ret_from_fork+0x10/0x20 [ 41.851899] [ 41.852320] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.853509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.854222] Hardware name: linux,dummy-virt (DT) [ 41.854881] ================================================================== [ 41.521888] ================================================================== [ 41.522844] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 41.522844] [ 41.524119] Corrupted memory at 0x00000000c21159f5 [ ! . . . . . . . . . . . . . . . ] (in kfence-#168): [ 41.527426] test_corruption+0x278/0x378 [ 41.528179] kunit_try_run_case+0x14c/0x3d0 [ 41.528992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.529897] kthread+0x24c/0x2d0 [ 41.530603] ret_from_fork+0x10/0x20 [ 41.531278] [ 41.531716] kfence-#168: 0x000000002d2153fa-0x0000000090501588, size=32, cache=kmalloc-32 [ 41.531716] [ 41.532988] allocated by task 300 on cpu 1 at 41.521537s (0.011441s ago): [ 41.534192] test_alloc+0x298/0x620 [ 41.534974] test_corruption+0xdc/0x378 [ 41.535525] kunit_try_run_case+0x14c/0x3d0 [ 41.536113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.536822] kthread+0x24c/0x2d0 [ 41.537599] ret_from_fork+0x10/0x20 [ 41.538497] [ 41.539112] freed by task 300 on cpu 1 at 41.521705s (0.017394s ago): [ 41.540152] test_corruption+0x278/0x378 [ 41.540935] kunit_try_run_case+0x14c/0x3d0 [ 41.541710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.542659] kthread+0x24c/0x2d0 [ 41.543457] ret_from_fork+0x10/0x20 [ 41.544154] [ 41.544625] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.546025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.546777] Hardware name: linux,dummy-virt (DT) [ 41.547540] ================================================================== [ 41.729751] ================================================================== [ 41.730718] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 41.730718] [ 41.731766] Corrupted memory at 0x00000000c886816e [ ! . . . . . . . . . . . . . . . ] (in kfence-#170): [ 41.734574] test_corruption+0x120/0x378 [ 41.735418] kunit_try_run_case+0x14c/0x3d0 [ 41.736178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.737023] kthread+0x24c/0x2d0 [ 41.737606] ret_from_fork+0x10/0x20 [ 41.738237] [ 41.738644] kfence-#170: 0x00000000eaaa7a8b-0x000000007a363a7b, size=32, cache=test [ 41.738644] [ 41.739739] allocated by task 302 on cpu 1 at 41.729503s (0.010226s ago): [ 41.740865] test_alloc+0x22c/0x620 [ 41.741616] test_corruption+0xdc/0x378 [ 41.742255] kunit_try_run_case+0x14c/0x3d0 [ 41.742910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.743675] kthread+0x24c/0x2d0 [ 41.744469] ret_from_fork+0x10/0x20 [ 41.745024] [ 41.745483] freed by task 302 on cpu 1 at 41.729603s (0.015869s ago): [ 41.746488] test_corruption+0x120/0x378 [ 41.747212] kunit_try_run_case+0x14c/0x3d0 [ 41.747929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.748733] kthread+0x24c/0x2d0 [ 41.749356] ret_from_fork+0x10/0x20 [ 41.750087] [ 41.750521] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.751985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.752673] Hardware name: linux,dummy-virt (DT) [ 41.753289] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 41.313815] ================================================================== [ 41.314769] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 41.314769] [ 41.315536] Invalid free of 0x000000004e75df0e (in kfence-#166): [ 41.316384] test_invalid_addr_free+0xec/0x238 [ 41.317119] kunit_try_run_case+0x14c/0x3d0 [ 41.317717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.318622] kthread+0x24c/0x2d0 [ 41.319205] ret_from_fork+0x10/0x20 [ 41.319868] [ 41.320251] kfence-#166: 0x00000000eea9b6c9-0x000000007e064a15, size=32, cache=test [ 41.320251] [ 41.321308] allocated by task 298 on cpu 0 at 41.313608s (0.007690s ago): [ 41.322256] test_alloc+0x22c/0x620 [ 41.322814] test_invalid_addr_free+0xd4/0x238 [ 41.323416] kunit_try_run_case+0x14c/0x3d0 [ 41.323981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.324938] kthread+0x24c/0x2d0 [ 41.325622] ret_from_fork+0x10/0x20 [ 41.326168] [ 41.326522] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.328012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.328634] Hardware name: linux,dummy-virt (DT) [ 41.329294] ================================================================== [ 41.209962] ================================================================== [ 41.210852] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 41.210852] [ 41.211647] Invalid free of 0x000000004ad3130a (in kfence-#165): [ 41.212646] test_invalid_addr_free+0x1ac/0x238 [ 41.213245] kunit_try_run_case+0x14c/0x3d0 [ 41.214007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.214899] kthread+0x24c/0x2d0 [ 41.215569] ret_from_fork+0x10/0x20 [ 41.216043] [ 41.216546] kfence-#165: 0x000000007ec39f5a-0x00000000c264678e, size=32, cache=kmalloc-32 [ 41.216546] [ 41.217756] allocated by task 296 on cpu 1 at 41.209717s (0.008027s ago): [ 41.219069] test_alloc+0x298/0x620 [ 41.219719] test_invalid_addr_free+0xd4/0x238 [ 41.220236] kunit_try_run_case+0x14c/0x3d0 [ 41.221047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.221947] kthread+0x24c/0x2d0 [ 41.222595] ret_from_fork+0x10/0x20 [ 41.223176] [ 41.223695] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.224965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.225584] Hardware name: linux,dummy-virt (DT) [ 41.226244] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 41.105947] ================================================================== [ 41.106647] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 41.106647] [ 41.107263] Invalid free of 0x00000000e8a567ac (in kfence-#164): [ 41.109364] test_double_free+0x100/0x238 [ 41.110784] kunit_try_run_case+0x14c/0x3d0 [ 41.112084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.113599] kthread+0x24c/0x2d0 [ 41.114836] ret_from_fork+0x10/0x20 [ 41.116020] [ 41.116695] kfence-#164: 0x00000000e8a567ac-0x00000000465e44d3, size=32, cache=test [ 41.116695] [ 41.117407] allocated by task 294 on cpu 0 at 41.105568s (0.011829s ago): [ 41.119606] test_alloc+0x22c/0x620 [ 41.120804] test_double_free+0xd4/0x238 [ 41.122016] kunit_try_run_case+0x14c/0x3d0 [ 41.123223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.124101] kthread+0x24c/0x2d0 [ 41.124524] ret_from_fork+0x10/0x20 [ 41.124907] [ 41.125203] freed by task 294 on cpu 0 at 41.105671s (0.019524s ago): [ 41.126696] test_double_free+0xf0/0x238 [ 41.127364] kunit_try_run_case+0x14c/0x3d0 [ 41.128082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.128997] kthread+0x24c/0x2d0 [ 41.129674] ret_from_fork+0x10/0x20 [ 41.130389] [ 41.130796] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.132204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.132968] Hardware name: linux,dummy-virt (DT) [ 41.133728] ================================================================== [ 41.001925] ================================================================== [ 41.002913] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 41.002913] [ 41.003697] Invalid free of 0x0000000047a6a6e3 (in kfence-#163): [ 41.004790] test_double_free+0x1bc/0x238 [ 41.005523] kunit_try_run_case+0x14c/0x3d0 [ 41.006151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.006994] kthread+0x24c/0x2d0 [ 41.007491] ret_from_fork+0x10/0x20 [ 41.008134] [ 41.008469] kfence-#163: 0x0000000047a6a6e3-0x0000000080348d2e, size=32, cache=kmalloc-32 [ 41.008469] [ 41.009821] allocated by task 292 on cpu 0 at 41.001487s (0.008324s ago): [ 41.010803] test_alloc+0x298/0x620 [ 41.011495] test_double_free+0xd4/0x238 [ 41.012238] kunit_try_run_case+0x14c/0x3d0 [ 41.012778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.013681] kthread+0x24c/0x2d0 [ 41.014139] ret_from_fork+0x10/0x20 [ 41.014785] [ 41.015212] freed by task 292 on cpu 0 at 41.001609s (0.013593s ago): [ 41.016168] test_double_free+0x1ac/0x238 [ 41.016784] kunit_try_run_case+0x14c/0x3d0 [ 41.017495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.018285] kthread+0x24c/0x2d0 [ 41.018743] ret_from_fork+0x10/0x20 [ 41.019401] [ 41.019842] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 41.021130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.021712] Hardware name: linux,dummy-virt (DT) [ 41.022584] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 40.689851] ================================================================== [ 40.690721] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 40.690721] [ 40.691534] Use-after-free read at 0x0000000077092348 (in kfence-#160): [ 40.692643] test_use_after_free_read+0x114/0x248 [ 40.693882] test_use_after_free_read+0xf0/0x248 [ 40.694646] kunit_try_run_case+0x14c/0x3d0 [ 40.695343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.696169] kthread+0x24c/0x2d0 [ 40.696819] ret_from_fork+0x10/0x20 [ 40.697583] [ 40.698044] kfence-#160: 0x0000000077092348-0x00000000780ddb53, size=32, cache=test [ 40.698044] [ 40.699270] allocated by task 286 on cpu 1 at 40.689485s (0.009773s ago): [ 40.700312] test_alloc+0x22c/0x620 [ 40.700974] test_use_after_free_read+0xd0/0x248 [ 40.701642] kunit_try_run_case+0x14c/0x3d0 [ 40.702280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.703005] kthread+0x24c/0x2d0 [ 40.703547] ret_from_fork+0x10/0x20 [ 40.704032] [ 40.704481] freed by task 286 on cpu 1 at 40.689592s (0.014879s ago): [ 40.705358] test_use_after_free_read+0xf0/0x248 [ 40.706160] kunit_try_run_case+0x14c/0x3d0 [ 40.706857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.707703] kthread+0x24c/0x2d0 [ 40.708230] ret_from_fork+0x10/0x20 [ 40.708774] [ 40.709202] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 40.710277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.711030] Hardware name: linux,dummy-virt (DT) [ 40.711567] ================================================================== [ 40.588042] ================================================================== [ 40.589633] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 40.589633] [ 40.590988] Use-after-free read at 0x00000000ef12ae7c (in kfence-#159): [ 40.591990] test_use_after_free_read+0x114/0x248 [ 40.592863] test_use_after_free_read+0x1c0/0x248 [ 40.593715] kunit_try_run_case+0x14c/0x3d0 [ 40.594414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.595209] kthread+0x24c/0x2d0 [ 40.595797] ret_from_fork+0x10/0x20 [ 40.596491] [ 40.596833] kfence-#159: 0x00000000ef12ae7c-0x00000000398e4aad, size=32, cache=kmalloc-32 [ 40.596833] [ 40.598229] allocated by task 284 on cpu 0 at 40.587542s (0.010676s ago): [ 40.599238] test_alloc+0x298/0x620 [ 40.599938] test_use_after_free_read+0xd0/0x248 [ 40.600728] kunit_try_run_case+0x14c/0x3d0 [ 40.601470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.602220] kthread+0x24c/0x2d0 [ 40.602805] ret_from_fork+0x10/0x20 [ 40.603471] [ 40.603860] freed by task 284 on cpu 0 at 40.587662s (0.016188s ago): [ 40.604788] test_use_after_free_read+0x1c0/0x248 [ 40.605596] kunit_try_run_case+0x14c/0x3d0 [ 40.606422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.607038] kthread+0x24c/0x2d0 [ 40.607724] ret_from_fork+0x10/0x20 [ 40.608350] [ 40.608698] CPU: 0 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 40.609923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.610551] Hardware name: linux,dummy-virt (DT) [ 40.611245] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 40.481789] ================================================================== [ 40.482715] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 40.482715] [ 40.483655] Out-of-bounds write at 0x000000009e07dec0 (1B left of kfence-#158): [ 40.484742] test_out_of_bounds_write+0x100/0x240 [ 40.485292] test_out_of_bounds_write+0xc8/0x240 [ 40.486161] kunit_try_run_case+0x14c/0x3d0 [ 40.486746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.487751] kthread+0x24c/0x2d0 [ 40.488205] ret_from_fork+0x10/0x20 [ 40.488973] [ 40.489422] kfence-#158: 0x000000002914c616-0x00000000ee9e414c, size=32, cache=test [ 40.489422] [ 40.490578] allocated by task 282 on cpu 1 at 40.481622s (0.008946s ago): [ 40.491468] test_alloc+0x22c/0x620 [ 40.492167] test_out_of_bounds_write+0xc8/0x240 [ 40.493025] kunit_try_run_case+0x14c/0x3d0 [ 40.493645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.494622] kthread+0x24c/0x2d0 [ 40.495145] ret_from_fork+0x10/0x20 [ 40.495646] [ 40.495989] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 40.497461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.498162] Hardware name: linux,dummy-virt (DT) [ 40.498952] ================================================================== [ 40.274065] ================================================================== [ 40.274818] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 40.274818] [ 40.275347] Out-of-bounds write at 0x0000000060117f21 (1B left of kfence-#156): [ 40.276107] test_out_of_bounds_write+0x100/0x240 [ 40.276769] test_out_of_bounds_write+0xc8/0x240 [ 40.277721] kunit_try_run_case+0x14c/0x3d0 [ 40.278453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.279498] kthread+0x24c/0x2d0 [ 40.280276] ret_from_fork+0x10/0x20 [ 40.281050] [ 40.281525] kfence-#156: 0x000000003bc86581-0x00000000c58f7346, size=32, cache=kmalloc-32 [ 40.281525] [ 40.282771] allocated by task 280 on cpu 1 at 40.273810s (0.008950s ago): [ 40.283843] test_alloc+0x298/0x620 [ 40.284527] test_out_of_bounds_write+0xc8/0x240 [ 40.285392] kunit_try_run_case+0x14c/0x3d0 [ 40.286100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.286897] kthread+0x24c/0x2d0 [ 40.287526] ret_from_fork+0x10/0x20 [ 40.288065] [ 40.288594] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 40.289924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.290605] Hardware name: linux,dummy-virt (DT) [ 40.291415] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 39.753724] ================================================================== [ 39.754672] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 39.754672] [ 39.755600] Out-of-bounds read at 0x00000000c3dd76c4 (1B left of kfence-#151): [ 39.756595] test_out_of_bounds_read+0x114/0x3e0 [ 39.757159] test_out_of_bounds_read+0xdc/0x3e0 [ 39.757988] kunit_try_run_case+0x14c/0x3d0 [ 39.758674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.759274] kthread+0x24c/0x2d0 [ 39.759939] ret_from_fork+0x10/0x20 [ 39.760541] [ 39.760897] kfence-#151: 0x0000000077d273df-0x00000000a32e4c28, size=32, cache=test [ 39.760897] [ 39.761906] allocated by task 278 on cpu 0 at 39.753552s (0.008343s ago): [ 39.763289] test_alloc+0x22c/0x620 [ 39.763836] test_out_of_bounds_read+0xdc/0x3e0 [ 39.764679] kunit_try_run_case+0x14c/0x3d0 [ 39.765399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.766281] kthread+0x24c/0x2d0 [ 39.766857] ret_from_fork+0x10/0x20 [ 39.767528] [ 39.767977] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.768928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.769668] Hardware name: linux,dummy-virt (DT) [ 39.770422] ================================================================== [ 39.649856] ================================================================== [ 39.650719] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 39.650719] [ 39.651666] Out-of-bounds read at 0x00000000ce2266b2 (32B right of kfence-#150): [ 39.652682] test_out_of_bounds_read+0x1c8/0x3e0 [ 39.653216] test_out_of_bounds_read+0x198/0x3e0 [ 39.653989] kunit_try_run_case+0x14c/0x3d0 [ 39.654460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.654967] kthread+0x24c/0x2d0 [ 39.655367] ret_from_fork+0x10/0x20 [ 39.655814] [ 39.656080] kfence-#150: 0x00000000742458cb-0x00000000f7254f92, size=32, cache=kmalloc-32 [ 39.656080] [ 39.657038] allocated by task 276 on cpu 1 at 39.649462s (0.007567s ago): [ 39.658066] test_alloc+0x298/0x620 [ 39.658572] test_out_of_bounds_read+0x198/0x3e0 [ 39.659431] kunit_try_run_case+0x14c/0x3d0 [ 39.659949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.660896] kthread+0x24c/0x2d0 [ 39.661550] ret_from_fork+0x10/0x20 [ 39.662311] [ 39.662786] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.663674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.664126] Hardware name: linux,dummy-virt (DT) [ 39.664655] ================================================================== [ 40.065674] ================================================================== [ 40.066861] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 40.066861] [ 40.068058] Out-of-bounds read at 0x00000000745b01ae (32B right of kfence-#154): [ 40.069324] test_out_of_bounds_read+0x1c8/0x3e0 [ 40.070077] test_out_of_bounds_read+0x198/0x3e0 [ 40.070889] kunit_try_run_case+0x14c/0x3d0 [ 40.071641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.072592] kthread+0x24c/0x2d0 [ 40.073248] ret_from_fork+0x10/0x20 [ 40.073858] [ 40.074315] kfence-#154: 0x000000000b01dddb-0x000000006c956e5a, size=32, cache=test [ 40.074315] [ 40.075431] allocated by task 278 on cpu 0 at 40.065524s (0.009898s ago): [ 40.076614] test_alloc+0x22c/0x620 [ 40.077321] test_out_of_bounds_read+0x198/0x3e0 [ 40.078047] kunit_try_run_case+0x14c/0x3d0 [ 40.078795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.079687] kthread+0x24c/0x2d0 [ 40.080285] ret_from_fork+0x10/0x20 [ 40.080883] [ 40.081321] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 40.082710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.083452] Hardware name: linux,dummy-virt (DT) [ 40.084143] ================================================================== [ 39.442986] ================================================================== [ 39.443869] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 39.443869] [ 39.445222] Out-of-bounds read at 0x0000000064338d2d (1B left of kfence-#148): [ 39.446526] test_out_of_bounds_read+0x114/0x3e0 [ 39.447341] test_out_of_bounds_read+0xdc/0x3e0 [ 39.448202] kunit_try_run_case+0x14c/0x3d0 [ 39.448942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.449713] kthread+0x24c/0x2d0 [ 39.450409] ret_from_fork+0x10/0x20 [ 39.451105] [ 39.451519] kfence-#148: 0x00000000fff2224a-0x0000000062fa5e52, size=32, cache=kmalloc-32 [ 39.451519] [ 39.452836] allocated by task 276 on cpu 1 at 39.441663s (0.011164s ago): [ 39.453932] test_alloc+0x298/0x620 [ 39.454671] test_out_of_bounds_read+0xdc/0x3e0 [ 39.455398] kunit_try_run_case+0x14c/0x3d0 [ 39.456119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.456948] kthread+0x24c/0x2d0 [ 39.457573] ret_from_fork+0x10/0x20 [ 39.458297] [ 39.458728] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.459978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.460538] Hardware name: linux,dummy-virt (DT) [ 39.461146] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kasan_atomics
[ 38.610324] ================================================================== [ 38.612708] BUG: KFENCE: memory corruption in kasan_atomics+0x1a0/0x2e8 [ 38.612708] [ 38.613815] Corrupted memory at 0x0000000096a7c4d7 [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#140): [ 38.617737] kasan_atomics+0x1a0/0x2e8 [ 38.618286] kunit_try_run_case+0x14c/0x3d0 [ 38.619121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.619852] kthread+0x24c/0x2d0 [ 38.620308] ret_from_fork+0x10/0x20 [ 38.621020] [ 38.621658] kfence-#140: 0x00000000054ae9a4-0x000000006972024a, size=48, cache=kmalloc-64 [ 38.621658] [ 38.623228] allocated by task 254 on cpu 0 at 38.449324s (0.173784s ago): [ 38.624381] kasan_atomics+0xb8/0x2e8 [ 38.625154] kunit_try_run_case+0x14c/0x3d0 [ 38.625788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.626579] kthread+0x24c/0x2d0 [ 38.627084] ret_from_fork+0x10/0x20 [ 38.627832] [ 38.628458] freed by task 254 on cpu 0 at 38.609528s (0.018742s ago): [ 38.629423] kasan_atomics+0x1a0/0x2e8 [ 38.630068] kunit_try_run_case+0x14c/0x3d0 [ 38.630660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.631354] kthread+0x24c/0x2d0 [ 38.631960] ret_from_fork+0x10/0x20 [ 38.632605] [ 38.633104] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.634406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.634929] Hardware name: linux,dummy-virt (DT) [ 38.635702] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 39.227325] ================================================================== [ 39.228942] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 39.231053] Write of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 39.232115] [ 39.232690] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.234039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.234885] Hardware name: linux,dummy-virt (DT) [ 39.235696] Call trace: [ 39.236207] show_stack+0x20/0x38 (C) [ 39.236910] dump_stack_lvl+0x8c/0xd0 [ 39.237522] print_report+0x118/0x5e0 [ 39.238022] kasan_report+0xc8/0x118 [ 39.238867] kasan_check_range+0x100/0x1a8 [ 39.240259] __kasan_check_write+0x20/0x30 [ 39.241377] strncpy_from_user+0x3c/0x2a0 [ 39.242773] copy_user_test_oob+0x5c0/0xec0 [ 39.243906] kunit_try_run_case+0x14c/0x3d0 [ 39.245223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.245834] kthread+0x24c/0x2d0 [ 39.246324] ret_from_fork+0x10/0x20 [ 39.247092] [ 39.247372] Allocated by task 274: [ 39.249306] kasan_save_stack+0x3c/0x68 [ 39.249834] kasan_save_track+0x20/0x40 [ 39.250252] kasan_save_alloc_info+0x40/0x58 [ 39.250716] __kasan_kmalloc+0xd4/0xd8 [ 39.251128] __kmalloc_noprof+0x188/0x4c8 [ 39.251608] kunit_kmalloc_array+0x34/0x88 [ 39.252056] copy_user_test_oob+0xac/0xec0 [ 39.253204] kunit_try_run_case+0x14c/0x3d0 [ 39.254696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.255899] kthread+0x24c/0x2d0 [ 39.256424] ret_from_fork+0x10/0x20 [ 39.256855] [ 39.257117] The buggy address belongs to the object at fff00000c63a3f00 [ 39.257117] which belongs to the cache kmalloc-128 of size 128 [ 39.258008] The buggy address is located 0 bytes inside of [ 39.258008] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.261583] [ 39.262064] The buggy address belongs to the physical page: [ 39.262736] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.263788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.264776] page_type: f5(slab) [ 39.265212] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.266249] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.267244] page dumped because: kasan: bad access detected [ 39.268351] [ 39.268752] Memory state around the buggy address: [ 39.269482] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.270430] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.271293] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.272324] ^ [ 39.273186] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.274054] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.275072] ================================================================== [ 39.276949] ================================================================== [ 39.277793] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 39.278587] Write of size 1 at addr fff00000c63a3f78 by task kunit_try_catch/274 [ 39.279593] [ 39.279868] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.281971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.282649] Hardware name: linux,dummy-virt (DT) [ 39.283496] Call trace: [ 39.283936] show_stack+0x20/0x38 (C) [ 39.284567] dump_stack_lvl+0x8c/0xd0 [ 39.285214] print_report+0x118/0x5e0 [ 39.285824] kasan_report+0xc8/0x118 [ 39.286353] __asan_report_store1_noabort+0x20/0x30 [ 39.287187] strncpy_from_user+0x270/0x2a0 [ 39.287946] copy_user_test_oob+0x5c0/0xec0 [ 39.288509] kunit_try_run_case+0x14c/0x3d0 [ 39.289264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.290194] kthread+0x24c/0x2d0 [ 39.290747] ret_from_fork+0x10/0x20 [ 39.291557] [ 39.291924] Allocated by task 274: [ 39.292485] kasan_save_stack+0x3c/0x68 [ 39.293028] kasan_save_track+0x20/0x40 [ 39.293822] kasan_save_alloc_info+0x40/0x58 [ 39.294384] __kasan_kmalloc+0xd4/0xd8 [ 39.295082] __kmalloc_noprof+0x188/0x4c8 [ 39.295807] kunit_kmalloc_array+0x34/0x88 [ 39.296585] copy_user_test_oob+0xac/0xec0 [ 39.297147] kunit_try_run_case+0x14c/0x3d0 [ 39.298049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.298832] kthread+0x24c/0x2d0 [ 39.299281] ret_from_fork+0x10/0x20 [ 39.300009] [ 39.300516] The buggy address belongs to the object at fff00000c63a3f00 [ 39.300516] which belongs to the cache kmalloc-128 of size 128 [ 39.301860] The buggy address is located 0 bytes to the right of [ 39.301860] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.303502] [ 39.303924] The buggy address belongs to the physical page: [ 39.304819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.305810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.306654] page_type: f5(slab) [ 39.307258] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.308183] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.309202] page dumped because: kasan: bad access detected [ 39.310033] [ 39.310387] Memory state around the buggy address: [ 39.310954] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.311976] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.312845] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.313722] ^ [ 39.314715] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.315603] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.316521] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 39.056458] ================================================================== [ 39.057468] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec0 [ 39.058417] Write of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 39.059430] [ 39.059933] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.061281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.062003] Hardware name: linux,dummy-virt (DT) [ 39.062707] Call trace: [ 39.063213] show_stack+0x20/0x38 (C) [ 39.064017] dump_stack_lvl+0x8c/0xd0 [ 39.064655] print_report+0x118/0x5e0 [ 39.065251] kasan_report+0xc8/0x118 [ 39.065982] kasan_check_range+0x100/0x1a8 [ 39.066739] __kasan_check_write+0x20/0x30 [ 39.067451] copy_user_test_oob+0x35c/0xec0 [ 39.068165] kunit_try_run_case+0x14c/0x3d0 [ 39.068881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.069711] kthread+0x24c/0x2d0 [ 39.070342] ret_from_fork+0x10/0x20 [ 39.071003] [ 39.071354] Allocated by task 274: [ 39.072296] kasan_save_stack+0x3c/0x68 [ 39.072952] kasan_save_track+0x20/0x40 [ 39.073599] kasan_save_alloc_info+0x40/0x58 [ 39.074329] __kasan_kmalloc+0xd4/0xd8 [ 39.074960] __kmalloc_noprof+0x188/0x4c8 [ 39.075610] kunit_kmalloc_array+0x34/0x88 [ 39.076261] copy_user_test_oob+0xac/0xec0 [ 39.077056] kunit_try_run_case+0x14c/0x3d0 [ 39.077915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.078720] kthread+0x24c/0x2d0 [ 39.079498] ret_from_fork+0x10/0x20 [ 39.080120] [ 39.080519] The buggy address belongs to the object at fff00000c63a3f00 [ 39.080519] which belongs to the cache kmalloc-128 of size 128 [ 39.082111] The buggy address is located 0 bytes inside of [ 39.082111] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.083649] [ 39.084112] The buggy address belongs to the physical page: [ 39.084954] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.086077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.086996] page_type: f5(slab) [ 39.087653] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.088713] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.089797] page dumped because: kasan: bad access detected [ 39.090595] [ 39.090982] Memory state around the buggy address: [ 39.091740] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.092747] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.093680] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.094721] ^ [ 39.095626] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.096530] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.097428] ================================================================== [ 39.142230] ================================================================== [ 39.143122] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec0 [ 39.144918] Write of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 39.145805] [ 39.146212] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.147253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.147999] Hardware name: linux,dummy-virt (DT) [ 39.148984] Call trace: [ 39.150185] show_stack+0x20/0x38 (C) [ 39.151140] dump_stack_lvl+0x8c/0xd0 [ 39.151957] print_report+0x118/0x5e0 [ 39.152644] kasan_report+0xc8/0x118 [ 39.153289] kasan_check_range+0x100/0x1a8 [ 39.154026] __kasan_check_write+0x20/0x30 [ 39.154739] copy_user_test_oob+0x434/0xec0 [ 39.155461] kunit_try_run_case+0x14c/0x3d0 [ 39.156173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.157020] kthread+0x24c/0x2d0 [ 39.157628] ret_from_fork+0x10/0x20 [ 39.158319] [ 39.158742] Allocated by task 274: [ 39.159314] kasan_save_stack+0x3c/0x68 [ 39.159947] kasan_save_track+0x20/0x40 [ 39.160592] kasan_save_alloc_info+0x40/0x58 [ 39.161417] __kasan_kmalloc+0xd4/0xd8 [ 39.162097] __kmalloc_noprof+0x188/0x4c8 [ 39.162813] kunit_kmalloc_array+0x34/0x88 [ 39.163514] copy_user_test_oob+0xac/0xec0 [ 39.164180] kunit_try_run_case+0x14c/0x3d0 [ 39.164888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.165696] kthread+0x24c/0x2d0 [ 39.166290] ret_from_fork+0x10/0x20 [ 39.166942] [ 39.167300] The buggy address belongs to the object at fff00000c63a3f00 [ 39.167300] which belongs to the cache kmalloc-128 of size 128 [ 39.168913] The buggy address is located 0 bytes inside of [ 39.168913] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.170516] [ 39.171005] The buggy address belongs to the physical page: [ 39.171806] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.172845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.173741] page_type: f5(slab) [ 39.174326] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.175355] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.176343] page dumped because: kasan: bad access detected [ 39.177133] [ 39.177506] Memory state around the buggy address: [ 39.178318] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.179345] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.180304] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.181264] ^ [ 39.182227] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.183175] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.184121] ================================================================== [ 38.926636] ================================================================== [ 38.928258] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec0 [ 38.929101] Write of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 38.930513] [ 38.932159] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.934301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.935048] Hardware name: linux,dummy-virt (DT) [ 38.935792] Call trace: [ 38.936327] show_stack+0x20/0x38 (C) [ 38.937076] dump_stack_lvl+0x8c/0xd0 [ 38.937702] print_report+0x118/0x5e0 [ 38.938303] kasan_report+0xc8/0x118 [ 38.939730] kasan_check_range+0x100/0x1a8 [ 38.941116] __kasan_check_write+0x20/0x30 [ 38.941960] copy_user_test_oob+0x234/0xec0 [ 38.943405] kunit_try_run_case+0x14c/0x3d0 [ 38.944321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.945290] kthread+0x24c/0x2d0 [ 38.946831] ret_from_fork+0x10/0x20 [ 38.947749] [ 38.948079] Allocated by task 274: [ 38.948635] kasan_save_stack+0x3c/0x68 [ 38.949819] kasan_save_track+0x20/0x40 [ 38.950489] kasan_save_alloc_info+0x40/0x58 [ 38.951238] __kasan_kmalloc+0xd4/0xd8 [ 38.952042] __kmalloc_noprof+0x188/0x4c8 [ 38.952857] kunit_kmalloc_array+0x34/0x88 [ 38.954085] copy_user_test_oob+0xac/0xec0 [ 38.954837] kunit_try_run_case+0x14c/0x3d0 [ 38.955668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.957577] kthread+0x24c/0x2d0 [ 38.958085] ret_from_fork+0x10/0x20 [ 38.958728] [ 38.959180] The buggy address belongs to the object at fff00000c63a3f00 [ 38.959180] which belongs to the cache kmalloc-128 of size 128 [ 38.960555] The buggy address is located 0 bytes inside of [ 38.960555] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 38.962848] [ 38.963215] The buggy address belongs to the physical page: [ 38.965150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 38.966383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.967470] page_type: f5(slab) [ 38.968148] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.969726] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.970875] page dumped because: kasan: bad access detected [ 38.972184] [ 38.972419] Memory state around the buggy address: [ 38.974713] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.976588] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.977198] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.980351] ^ [ 38.981735] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.982750] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 38.986519] ================================================================== [ 39.099353] ================================================================== [ 39.100076] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec0 [ 39.102633] Read of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 39.103928] [ 39.104290] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.105994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.106553] Hardware name: linux,dummy-virt (DT) [ 39.107190] Call trace: [ 39.107953] show_stack+0x20/0x38 (C) [ 39.108803] dump_stack_lvl+0x8c/0xd0 [ 39.109461] print_report+0x118/0x5e0 [ 39.110081] kasan_report+0xc8/0x118 [ 39.110755] kasan_check_range+0x100/0x1a8 [ 39.111425] __kasan_check_read+0x20/0x30 [ 39.112020] copy_user_test_oob+0x3c8/0xec0 [ 39.112898] kunit_try_run_case+0x14c/0x3d0 [ 39.113610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.114519] kthread+0x24c/0x2d0 [ 39.115120] ret_from_fork+0x10/0x20 [ 39.115825] [ 39.116160] Allocated by task 274: [ 39.116680] kasan_save_stack+0x3c/0x68 [ 39.117314] kasan_save_track+0x20/0x40 [ 39.117871] kasan_save_alloc_info+0x40/0x58 [ 39.118352] __kasan_kmalloc+0xd4/0xd8 [ 39.118932] __kmalloc_noprof+0x188/0x4c8 [ 39.119639] kunit_kmalloc_array+0x34/0x88 [ 39.120415] copy_user_test_oob+0xac/0xec0 [ 39.121293] kunit_try_run_case+0x14c/0x3d0 [ 39.122039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.122854] kthread+0x24c/0x2d0 [ 39.123497] ret_from_fork+0x10/0x20 [ 39.124110] [ 39.124456] The buggy address belongs to the object at fff00000c63a3f00 [ 39.124456] which belongs to the cache kmalloc-128 of size 128 [ 39.126033] The buggy address is located 0 bytes inside of [ 39.126033] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.127411] [ 39.127761] The buggy address belongs to the physical page: [ 39.128576] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.129693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.130591] page_type: f5(slab) [ 39.131096] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.132038] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.132966] page dumped because: kasan: bad access detected [ 39.133859] [ 39.134194] Memory state around the buggy address: [ 39.134856] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.135771] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.136587] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.137531] ^ [ 39.138470] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.139333] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.140323] ================================================================== [ 38.996181] ================================================================== [ 38.997292] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec0 [ 38.998117] Read of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 38.999595] [ 39.000741] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.002143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.003567] Hardware name: linux,dummy-virt (DT) [ 39.004130] Call trace: [ 39.004828] show_stack+0x20/0x38 (C) [ 39.005472] dump_stack_lvl+0x8c/0xd0 [ 39.006209] print_report+0x118/0x5e0 [ 39.006810] kasan_report+0xc8/0x118 [ 39.007323] kasan_check_range+0x100/0x1a8 [ 39.008074] __kasan_check_read+0x20/0x30 [ 39.008761] copy_user_test_oob+0x728/0xec0 [ 39.009826] kunit_try_run_case+0x14c/0x3d0 [ 39.010609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.012077] kthread+0x24c/0x2d0 [ 39.013000] ret_from_fork+0x10/0x20 [ 39.013677] [ 39.014515] Allocated by task 274: [ 39.014816] kasan_save_stack+0x3c/0x68 [ 39.015121] kasan_save_track+0x20/0x40 [ 39.015409] kasan_save_alloc_info+0x40/0x58 [ 39.016026] __kasan_kmalloc+0xd4/0xd8 [ 39.016630] __kmalloc_noprof+0x188/0x4c8 [ 39.017405] kunit_kmalloc_array+0x34/0x88 [ 39.018856] copy_user_test_oob+0xac/0xec0 [ 39.019884] kunit_try_run_case+0x14c/0x3d0 [ 39.021259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.022864] kthread+0x24c/0x2d0 [ 39.023836] ret_from_fork+0x10/0x20 [ 39.024149] [ 39.024323] The buggy address belongs to the object at fff00000c63a3f00 [ 39.024323] which belongs to the cache kmalloc-128 of size 128 [ 39.027402] The buggy address is located 0 bytes inside of [ 39.027402] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.030144] [ 39.030585] The buggy address belongs to the physical page: [ 39.031508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.032746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.033854] page_type: f5(slab) [ 39.034271] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.035668] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.036929] page dumped because: kasan: bad access detected [ 39.037963] [ 39.038385] Memory state around the buggy address: [ 39.039536] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.040619] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.042814] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.044137] ^ [ 39.045581] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.046105] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.046705] ================================================================== [ 39.185814] ================================================================== [ 39.187396] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec0 [ 39.188106] Read of size 121 at addr fff00000c63a3f00 by task kunit_try_catch/274 [ 39.188707] [ 39.189130] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 39.191065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.191715] Hardware name: linux,dummy-virt (DT) [ 39.192388] Call trace: [ 39.192902] show_stack+0x20/0x38 (C) [ 39.193826] dump_stack_lvl+0x8c/0xd0 [ 39.194544] print_report+0x118/0x5e0 [ 39.195105] kasan_report+0xc8/0x118 [ 39.195674] kasan_check_range+0x100/0x1a8 [ 39.196268] __kasan_check_read+0x20/0x30 [ 39.196849] copy_user_test_oob+0x4a0/0xec0 [ 39.197679] kunit_try_run_case+0x14c/0x3d0 [ 39.198364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.199289] kthread+0x24c/0x2d0 [ 39.199956] ret_from_fork+0x10/0x20 [ 39.200547] [ 39.200918] Allocated by task 274: [ 39.201578] kasan_save_stack+0x3c/0x68 [ 39.202147] kasan_save_track+0x20/0x40 [ 39.202855] kasan_save_alloc_info+0x40/0x58 [ 39.203398] __kasan_kmalloc+0xd4/0xd8 [ 39.204025] __kmalloc_noprof+0x188/0x4c8 [ 39.204756] kunit_kmalloc_array+0x34/0x88 [ 39.205368] copy_user_test_oob+0xac/0xec0 [ 39.206191] kunit_try_run_case+0x14c/0x3d0 [ 39.206907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.207548] kthread+0x24c/0x2d0 [ 39.208238] ret_from_fork+0x10/0x20 [ 39.208851] [ 39.209168] The buggy address belongs to the object at fff00000c63a3f00 [ 39.209168] which belongs to the cache kmalloc-128 of size 128 [ 39.210815] The buggy address is located 0 bytes inside of [ 39.210815] allocated 120-byte region [fff00000c63a3f00, fff00000c63a3f78) [ 39.212351] [ 39.212713] The buggy address belongs to the physical page: [ 39.213609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a3 [ 39.214606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.215405] page_type: f5(slab) [ 39.216134] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 39.216993] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 39.217455] page dumped because: kasan: bad access detected [ 39.218406] [ 39.218851] Memory state around the buggy address: [ 39.219595] fff00000c63a3e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 39.220544] fff00000c63a3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.221376] >fff00000c63a3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 39.222151] ^ [ 39.223094] fff00000c63a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.224099] fff00000c63a4000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 39.224954] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 38.797727] ================================================================== [ 38.799363] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 38.800196] Read of size 8 at addr fff00000c6317a78 by task kunit_try_catch/270 [ 38.801310] [ 38.802343] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.803645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.804279] Hardware name: linux,dummy-virt (DT) [ 38.805647] Call trace: [ 38.806100] show_stack+0x20/0x38 (C) [ 38.806805] dump_stack_lvl+0x8c/0xd0 [ 38.807717] print_report+0x118/0x5e0 [ 38.808331] kasan_report+0xc8/0x118 [ 38.809359] __asan_report_load8_noabort+0x20/0x30 [ 38.810065] copy_to_kernel_nofault+0x204/0x250 [ 38.810861] copy_to_kernel_nofault_oob+0x158/0x418 [ 38.811607] kunit_try_run_case+0x14c/0x3d0 [ 38.812317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.813172] kthread+0x24c/0x2d0 [ 38.813733] ret_from_fork+0x10/0x20 [ 38.814308] [ 38.815313] Allocated by task 270: [ 38.815909] kasan_save_stack+0x3c/0x68 [ 38.816802] kasan_save_track+0x20/0x40 [ 38.817519] kasan_save_alloc_info+0x40/0x58 [ 38.818191] __kasan_kmalloc+0xd4/0xd8 [ 38.818747] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.819395] copy_to_kernel_nofault_oob+0xc8/0x418 [ 38.820042] kunit_try_run_case+0x14c/0x3d0 [ 38.820786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.822056] kthread+0x24c/0x2d0 [ 38.823009] ret_from_fork+0x10/0x20 [ 38.824110] [ 38.824809] The buggy address belongs to the object at fff00000c6317a00 [ 38.824809] which belongs to the cache kmalloc-128 of size 128 [ 38.826289] The buggy address is located 0 bytes to the right of [ 38.826289] allocated 120-byte region [fff00000c6317a00, fff00000c6317a78) [ 38.827634] [ 38.828025] The buggy address belongs to the physical page: [ 38.828812] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106317 [ 38.829787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.830703] page_type: f5(slab) [ 38.831356] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.832230] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.833470] page dumped because: kasan: bad access detected [ 38.834489] [ 38.834763] Memory state around the buggy address: [ 38.835395] fff00000c6317900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 38.837204] fff00000c6317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.838497] >fff00000c6317a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.839598] ^ [ 38.840501] fff00000c6317a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.842113] fff00000c6317b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.843431] ================================================================== [ 38.846974] ================================================================== [ 38.847924] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 38.848880] Write of size 8 at addr fff00000c6317a78 by task kunit_try_catch/270 [ 38.849838] [ 38.850650] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.851793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.852332] Hardware name: linux,dummy-virt (DT) [ 38.853468] Call trace: [ 38.853917] show_stack+0x20/0x38 (C) [ 38.854356] dump_stack_lvl+0x8c/0xd0 [ 38.855143] print_report+0x118/0x5e0 [ 38.855774] kasan_report+0xc8/0x118 [ 38.856519] kasan_check_range+0x100/0x1a8 [ 38.857185] __kasan_check_write+0x20/0x30 [ 38.858077] copy_to_kernel_nofault+0x8c/0x250 [ 38.858814] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 38.859584] kunit_try_run_case+0x14c/0x3d0 [ 38.860102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.861543] kthread+0x24c/0x2d0 [ 38.862392] ret_from_fork+0x10/0x20 [ 38.863107] [ 38.863640] Allocated by task 270: [ 38.864119] kasan_save_stack+0x3c/0x68 [ 38.866298] kasan_save_track+0x20/0x40 [ 38.867004] kasan_save_alloc_info+0x40/0x58 [ 38.867676] __kasan_kmalloc+0xd4/0xd8 [ 38.868336] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.869080] copy_to_kernel_nofault_oob+0xc8/0x418 [ 38.869893] kunit_try_run_case+0x14c/0x3d0 [ 38.870746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.871899] kthread+0x24c/0x2d0 [ 38.872518] ret_from_fork+0x10/0x20 [ 38.873431] [ 38.873824] The buggy address belongs to the object at fff00000c6317a00 [ 38.873824] which belongs to the cache kmalloc-128 of size 128 [ 38.875386] The buggy address is located 0 bytes to the right of [ 38.875386] allocated 120-byte region [fff00000c6317a00, fff00000c6317a78) [ 38.877248] [ 38.877869] The buggy address belongs to the physical page: [ 38.878394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106317 [ 38.879529] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.880405] page_type: f5(slab) [ 38.881659] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 38.883001] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 38.883759] page dumped because: kasan: bad access detected [ 38.884750] [ 38.885480] Memory state around the buggy address: [ 38.886816] fff00000c6317900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 38.887666] fff00000c6317980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.888256] >fff00000c6317a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 38.889738] ^ [ 38.891412] fff00000c6317a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.892293] fff00000c6317b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.893568] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 38.658048] ================================================================== [ 38.659965] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 38.661832] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/258 [ 38.663371] [ 38.664340] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.665911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.666222] Hardware name: linux,dummy-virt (DT) [ 38.666616] Call trace: [ 38.667124] show_stack+0x20/0x38 (C) [ 38.667992] dump_stack_lvl+0x8c/0xd0 [ 38.668886] print_report+0x2fc/0x5e0 [ 38.670090] kasan_report+0xc8/0x118 [ 38.670783] __asan_report_load1_noabort+0x20/0x30 [ 38.671573] vmalloc_oob+0x578/0x5d0 [ 38.672236] kunit_try_run_case+0x14c/0x3d0 [ 38.673467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.674424] kthread+0x24c/0x2d0 [ 38.675161] ret_from_fork+0x10/0x20 [ 38.676000] [ 38.676366] The buggy address belongs to the virtual mapping at [ 38.676366] [ffff80008010b000, ffff80008010d000) created by: [ 38.676366] vmalloc_oob+0x98/0x5d0 [ 38.678979] [ 38.679428] The buggy address belongs to the physical page: [ 38.680400] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a2 [ 38.682090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.682922] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 38.684089] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 38.685674] page dumped because: kasan: bad access detected [ 38.686550] [ 38.686760] Memory state around the buggy address: [ 38.687083] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.687613] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.689141] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 38.690223] ^ [ 38.691309] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.692311] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.693507] ================================================================== [ 38.697815] ================================================================== [ 38.698610] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 38.699022] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/258 [ 38.699456] [ 38.699728] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.701159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.702995] Hardware name: linux,dummy-virt (DT) [ 38.703907] Call trace: [ 38.705723] show_stack+0x20/0x38 (C) [ 38.706977] dump_stack_lvl+0x8c/0xd0 [ 38.707669] print_report+0x2fc/0x5e0 [ 38.708400] kasan_report+0xc8/0x118 [ 38.709334] __asan_report_load1_noabort+0x20/0x30 [ 38.710665] vmalloc_oob+0x51c/0x5d0 [ 38.711792] kunit_try_run_case+0x14c/0x3d0 [ 38.713646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.714381] kthread+0x24c/0x2d0 [ 38.715069] ret_from_fork+0x10/0x20 [ 38.716376] [ 38.716894] The buggy address belongs to the virtual mapping at [ 38.716894] [ffff80008010b000, ffff80008010d000) created by: [ 38.716894] vmalloc_oob+0x98/0x5d0 [ 38.718294] [ 38.721722] The buggy address belongs to the physical page: [ 38.722586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a2 [ 38.723628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.724354] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 38.725788] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 38.727174] page dumped because: kasan: bad access detected [ 38.728205] [ 38.729055] Memory state around the buggy address: [ 38.730032] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.731586] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 38.733375] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 38.734474] ^ [ 38.735615] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.736572] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 38.737905] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 38.081525] ================================================================== [ 38.082379] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 38.083810] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.085055] [ 38.085430] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.086620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.087456] Hardware name: linux,dummy-virt (DT) [ 38.088547] Call trace: [ 38.088871] show_stack+0x20/0x38 (C) [ 38.089577] dump_stack_lvl+0x8c/0xd0 [ 38.090146] print_report+0x118/0x5e0 [ 38.092063] kasan_report+0xc8/0x118 [ 38.092905] __asan_report_load8_noabort+0x20/0x30 [ 38.093621] kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 38.094172] kasan_bitops_generic+0x11c/0x1c8 [ 38.095045] kunit_try_run_case+0x14c/0x3d0 [ 38.095626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.096605] kthread+0x24c/0x2d0 [ 38.097137] ret_from_fork+0x10/0x20 [ 38.097693] [ 38.098149] Allocated by task 250: [ 38.098721] kasan_save_stack+0x3c/0x68 [ 38.099526] kasan_save_track+0x20/0x40 [ 38.100327] kasan_save_alloc_info+0x40/0x58 [ 38.100971] __kasan_kmalloc+0xd4/0xd8 [ 38.101723] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.102421] kasan_bitops_generic+0xa0/0x1c8 [ 38.103187] kunit_try_run_case+0x14c/0x3d0 [ 38.103918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.104660] kthread+0x24c/0x2d0 [ 38.105115] ret_from_fork+0x10/0x20 [ 38.105808] [ 38.106205] The buggy address belongs to the object at fff00000c5ce6800 [ 38.106205] which belongs to the cache kmalloc-16 of size 16 [ 38.107421] The buggy address is located 8 bytes inside of [ 38.107421] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.109020] [ 38.109331] The buggy address belongs to the physical page: [ 38.110116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.111183] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.111875] page_type: f5(slab) [ 38.112578] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.113508] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.114419] page dumped because: kasan: bad access detected [ 38.115111] [ 38.115507] Memory state around the buggy address: [ 38.116091] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.117165] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.117982] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.119030] ^ [ 38.119660] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.120536] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.121418] ================================================================== [ 38.381117] ================================================================== [ 38.382083] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 38.383166] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.384197] [ 38.384815] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.386020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.386797] Hardware name: linux,dummy-virt (DT) [ 38.387531] Call trace: [ 38.388107] show_stack+0x20/0x38 (C) [ 38.388803] dump_stack_lvl+0x8c/0xd0 [ 38.389567] print_report+0x118/0x5e0 [ 38.390319] kasan_report+0xc8/0x118 [ 38.391040] __asan_report_load8_noabort+0x20/0x30 [ 38.391787] kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 38.392684] kasan_bitops_generic+0x11c/0x1c8 [ 38.393499] kunit_try_run_case+0x14c/0x3d0 [ 38.394345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.395208] kthread+0x24c/0x2d0 [ 38.395834] ret_from_fork+0x10/0x20 [ 38.396499] [ 38.396837] Allocated by task 250: [ 38.397656] kasan_save_stack+0x3c/0x68 [ 38.398210] kasan_save_track+0x20/0x40 [ 38.399112] kasan_save_alloc_info+0x40/0x58 [ 38.399944] __kasan_kmalloc+0xd4/0xd8 [ 38.400748] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.401692] kasan_bitops_generic+0xa0/0x1c8 [ 38.402594] kunit_try_run_case+0x14c/0x3d0 [ 38.403501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.404372] kthread+0x24c/0x2d0 [ 38.404938] ret_from_fork+0x10/0x20 [ 38.405984] [ 38.406273] The buggy address belongs to the object at fff00000c5ce6800 [ 38.406273] which belongs to the cache kmalloc-16 of size 16 [ 38.407794] The buggy address is located 8 bytes inside of [ 38.407794] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.409291] [ 38.409818] The buggy address belongs to the physical page: [ 38.410531] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.411554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.412408] page_type: f5(slab) [ 38.412895] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.413893] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.414800] page dumped because: kasan: bad access detected [ 38.415506] [ 38.415834] Memory state around the buggy address: [ 38.416368] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.417377] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.418178] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.419100] ^ [ 38.419762] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.420681] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.421702] ================================================================== [ 38.215282] ================================================================== [ 38.216177] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 38.217397] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.218147] [ 38.218488] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.221049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.222404] Hardware name: linux,dummy-virt (DT) [ 38.223083] Call trace: [ 38.223667] show_stack+0x20/0x38 (C) [ 38.224235] dump_stack_lvl+0x8c/0xd0 [ 38.224924] print_report+0x118/0x5e0 [ 38.225585] kasan_report+0xc8/0x118 [ 38.226256] kasan_check_range+0x100/0x1a8 [ 38.227000] __kasan_check_write+0x20/0x30 [ 38.227708] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 38.228560] kasan_bitops_generic+0x11c/0x1c8 [ 38.229236] kunit_try_run_case+0x14c/0x3d0 [ 38.229900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.230799] kthread+0x24c/0x2d0 [ 38.231315] ret_from_fork+0x10/0x20 [ 38.231946] [ 38.232317] Allocated by task 250: [ 38.232886] kasan_save_stack+0x3c/0x68 [ 38.233425] kasan_save_track+0x20/0x40 [ 38.234133] kasan_save_alloc_info+0x40/0x58 [ 38.234739] __kasan_kmalloc+0xd4/0xd8 [ 38.235475] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.236113] kasan_bitops_generic+0xa0/0x1c8 [ 38.236957] kunit_try_run_case+0x14c/0x3d0 [ 38.237638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.238385] kthread+0x24c/0x2d0 [ 38.238928] ret_from_fork+0x10/0x20 [ 38.239492] [ 38.239825] The buggy address belongs to the object at fff00000c5ce6800 [ 38.239825] which belongs to the cache kmalloc-16 of size 16 [ 38.241332] The buggy address is located 8 bytes inside of [ 38.241332] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.242828] [ 38.243238] The buggy address belongs to the physical page: [ 38.244095] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.245045] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.246023] page_type: f5(slab) [ 38.246571] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.247515] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.248509] page dumped because: kasan: bad access detected [ 38.249187] [ 38.249561] Memory state around the buggy address: [ 38.250197] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.251115] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.252113] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.252945] ^ [ 38.253585] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.254478] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.255227] ================================================================== [ 38.298067] ================================================================== [ 38.298883] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 38.299840] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.300584] [ 38.301077] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.302334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.302933] Hardware name: linux,dummy-virt (DT) [ 38.303598] Call trace: [ 38.304100] show_stack+0x20/0x38 (C) [ 38.304868] dump_stack_lvl+0x8c/0xd0 [ 38.305535] print_report+0x118/0x5e0 [ 38.306190] kasan_report+0xc8/0x118 [ 38.306903] kasan_check_range+0x100/0x1a8 [ 38.307577] __kasan_check_write+0x20/0x30 [ 38.308208] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 38.308949] kasan_bitops_generic+0x11c/0x1c8 [ 38.309737] kunit_try_run_case+0x14c/0x3d0 [ 38.310562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.311347] kthread+0x24c/0x2d0 [ 38.312035] ret_from_fork+0x10/0x20 [ 38.312688] [ 38.313032] Allocated by task 250: [ 38.313517] kasan_save_stack+0x3c/0x68 [ 38.314203] kasan_save_track+0x20/0x40 [ 38.314811] kasan_save_alloc_info+0x40/0x58 [ 38.315348] __kasan_kmalloc+0xd4/0xd8 [ 38.316047] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.316590] kasan_bitops_generic+0xa0/0x1c8 [ 38.317303] kunit_try_run_case+0x14c/0x3d0 [ 38.317936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.318836] kthread+0x24c/0x2d0 [ 38.319274] ret_from_fork+0x10/0x20 [ 38.319940] [ 38.320275] The buggy address belongs to the object at fff00000c5ce6800 [ 38.320275] which belongs to the cache kmalloc-16 of size 16 [ 38.321948] The buggy address is located 8 bytes inside of [ 38.321948] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.323356] [ 38.323750] The buggy address belongs to the physical page: [ 38.324376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.325485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.326429] page_type: f5(slab) [ 38.326911] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.327866] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.328847] page dumped because: kasan: bad access detected [ 38.329565] [ 38.329920] Memory state around the buggy address: [ 38.330510] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.331465] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.332394] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.333339] ^ [ 38.333898] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.334748] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.335546] ================================================================== [ 38.168388] ================================================================== [ 38.169470] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 38.170814] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.171749] [ 38.172159] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.174947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.175406] Hardware name: linux,dummy-virt (DT) [ 38.175862] Call trace: [ 38.176163] show_stack+0x20/0x38 (C) [ 38.176617] dump_stack_lvl+0x8c/0xd0 [ 38.177041] print_report+0x118/0x5e0 [ 38.177657] kasan_report+0xc8/0x118 [ 38.179981] __asan_report_load8_noabort+0x20/0x30 [ 38.182495] kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 38.184558] kasan_bitops_generic+0x11c/0x1c8 [ 38.186343] kunit_try_run_case+0x14c/0x3d0 [ 38.187691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.188364] kthread+0x24c/0x2d0 [ 38.189052] ret_from_fork+0x10/0x20 [ 38.189610] [ 38.190012] Allocated by task 250: [ 38.190702] kasan_save_stack+0x3c/0x68 [ 38.191571] kasan_save_track+0x20/0x40 [ 38.192168] kasan_save_alloc_info+0x40/0x58 [ 38.192977] __kasan_kmalloc+0xd4/0xd8 [ 38.193612] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.194251] kasan_bitops_generic+0xa0/0x1c8 [ 38.194858] kunit_try_run_case+0x14c/0x3d0 [ 38.195573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.196303] kthread+0x24c/0x2d0 [ 38.196856] ret_from_fork+0x10/0x20 [ 38.197381] [ 38.197820] The buggy address belongs to the object at fff00000c5ce6800 [ 38.197820] which belongs to the cache kmalloc-16 of size 16 [ 38.199227] The buggy address is located 8 bytes inside of [ 38.199227] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.200696] [ 38.201100] The buggy address belongs to the physical page: [ 38.201805] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.202864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.203756] page_type: f5(slab) [ 38.204375] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.205328] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.206199] page dumped because: kasan: bad access detected [ 38.206966] [ 38.207307] Memory state around the buggy address: [ 38.208035] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.208900] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.209889] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.210701] ^ [ 38.211281] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.212063] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.212991] ================================================================== [ 38.042325] ================================================================== [ 38.043183] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 38.044132] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.045074] [ 38.045425] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.046718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.047383] Hardware name: linux,dummy-virt (DT) [ 38.047955] Call trace: [ 38.048453] show_stack+0x20/0x38 (C) [ 38.049019] dump_stack_lvl+0x8c/0xd0 [ 38.049708] print_report+0x118/0x5e0 [ 38.050301] kasan_report+0xc8/0x118 [ 38.050858] kasan_check_range+0x100/0x1a8 [ 38.051415] __kasan_check_write+0x20/0x30 [ 38.052142] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 38.053021] kasan_bitops_generic+0x11c/0x1c8 [ 38.053720] kunit_try_run_case+0x14c/0x3d0 [ 38.054516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.055342] kthread+0x24c/0x2d0 [ 38.055865] ret_from_fork+0x10/0x20 [ 38.056538] [ 38.056845] Allocated by task 250: [ 38.057455] kasan_save_stack+0x3c/0x68 [ 38.058152] kasan_save_track+0x20/0x40 [ 38.058727] kasan_save_alloc_info+0x40/0x58 [ 38.059363] __kasan_kmalloc+0xd4/0xd8 [ 38.059980] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.060512] kasan_bitops_generic+0xa0/0x1c8 [ 38.061234] kunit_try_run_case+0x14c/0x3d0 [ 38.061755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.062592] kthread+0x24c/0x2d0 [ 38.063202] ret_from_fork+0x10/0x20 [ 38.063779] [ 38.064081] The buggy address belongs to the object at fff00000c5ce6800 [ 38.064081] which belongs to the cache kmalloc-16 of size 16 [ 38.065547] The buggy address is located 8 bytes inside of [ 38.065547] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.066971] [ 38.067310] The buggy address belongs to the physical page: [ 38.068098] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.069129] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.070045] page_type: f5(slab) [ 38.070740] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.071701] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.072599] page dumped because: kasan: bad access detected [ 38.073225] [ 38.073621] Memory state around the buggy address: [ 38.074340] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.075235] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.076081] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.077000] ^ [ 38.077506] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.078319] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.079326] ================================================================== [ 38.338556] ================================================================== [ 38.340216] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 38.341239] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.341979] [ 38.342297] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.343672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.344550] Hardware name: linux,dummy-virt (DT) [ 38.345522] Call trace: [ 38.345919] show_stack+0x20/0x38 (C) [ 38.346536] dump_stack_lvl+0x8c/0xd0 [ 38.347140] print_report+0x118/0x5e0 [ 38.347856] kasan_report+0xc8/0x118 [ 38.348549] __asan_report_load8_noabort+0x20/0x30 [ 38.349211] kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 38.350131] kasan_bitops_generic+0x11c/0x1c8 [ 38.350716] kunit_try_run_case+0x14c/0x3d0 [ 38.351475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.352124] kthread+0x24c/0x2d0 [ 38.352810] ret_from_fork+0x10/0x20 [ 38.353464] [ 38.353808] Allocated by task 250: [ 38.354456] kasan_save_stack+0x3c/0x68 [ 38.355164] kasan_save_track+0x20/0x40 [ 38.355849] kasan_save_alloc_info+0x40/0x58 [ 38.356533] __kasan_kmalloc+0xd4/0xd8 [ 38.357088] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.357660] kasan_bitops_generic+0xa0/0x1c8 [ 38.358386] kunit_try_run_case+0x14c/0x3d0 [ 38.359079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.359978] kthread+0x24c/0x2d0 [ 38.360466] ret_from_fork+0x10/0x20 [ 38.361051] [ 38.361926] The buggy address belongs to the object at fff00000c5ce6800 [ 38.361926] which belongs to the cache kmalloc-16 of size 16 [ 38.363319] The buggy address is located 8 bytes inside of [ 38.363319] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.364763] [ 38.365121] The buggy address belongs to the physical page: [ 38.365852] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.366909] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.368274] page_type: f5(slab) [ 38.368816] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.369943] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.370973] page dumped because: kasan: bad access detected [ 38.371809] [ 38.372302] Memory state around the buggy address: [ 38.373097] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.373975] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.375069] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.376052] ^ [ 38.376763] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.377653] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.378569] ================================================================== [ 38.256964] ================================================================== [ 38.257911] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 38.259765] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.260866] [ 38.261076] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.261790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.262482] Hardware name: linux,dummy-virt (DT) [ 38.263238] Call trace: [ 38.263731] show_stack+0x20/0x38 (C) [ 38.264260] dump_stack_lvl+0x8c/0xd0 [ 38.264978] print_report+0x118/0x5e0 [ 38.265812] kasan_report+0xc8/0x118 [ 38.266416] __asan_report_load8_noabort+0x20/0x30 [ 38.267176] kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 38.267775] kasan_bitops_generic+0x11c/0x1c8 [ 38.268221] kunit_try_run_case+0x14c/0x3d0 [ 38.268675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.269154] kthread+0x24c/0x2d0 [ 38.269550] ret_from_fork+0x10/0x20 [ 38.269981] [ 38.270260] Allocated by task 250: [ 38.270677] kasan_save_stack+0x3c/0x68 [ 38.271179] kasan_save_track+0x20/0x40 [ 38.271858] kasan_save_alloc_info+0x40/0x58 [ 38.272563] __kasan_kmalloc+0xd4/0xd8 [ 38.273921] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.274822] kasan_bitops_generic+0xa0/0x1c8 [ 38.277398] kunit_try_run_case+0x14c/0x3d0 [ 38.278117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.278790] kthread+0x24c/0x2d0 [ 38.279325] ret_from_fork+0x10/0x20 [ 38.279874] [ 38.280156] The buggy address belongs to the object at fff00000c5ce6800 [ 38.280156] which belongs to the cache kmalloc-16 of size 16 [ 38.281594] The buggy address is located 8 bytes inside of [ 38.281594] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.283008] [ 38.283351] The buggy address belongs to the physical page: [ 38.284123] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.285212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.286109] page_type: f5(slab) [ 38.286738] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.287767] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.288734] page dumped because: kasan: bad access detected [ 38.289460] [ 38.289810] Memory state around the buggy address: [ 38.290410] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.291333] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.292113] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.293086] ^ [ 38.293597] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.294515] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.295401] ================================================================== [ 38.123184] ================================================================== [ 38.124806] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 38.125895] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.127335] [ 38.127925] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.129318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.130202] Hardware name: linux,dummy-virt (DT) [ 38.131081] Call trace: [ 38.131729] show_stack+0x20/0x38 (C) [ 38.132556] dump_stack_lvl+0x8c/0xd0 [ 38.133144] print_report+0x118/0x5e0 [ 38.134293] kasan_report+0xc8/0x118 [ 38.135054] kasan_check_range+0x100/0x1a8 [ 38.135853] __kasan_check_write+0x20/0x30 [ 38.136748] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 38.137778] kasan_bitops_generic+0x11c/0x1c8 [ 38.138596] kunit_try_run_case+0x14c/0x3d0 [ 38.139209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.139951] kthread+0x24c/0x2d0 [ 38.141051] ret_from_fork+0x10/0x20 [ 38.141668] [ 38.142203] Allocated by task 250: [ 38.142678] kasan_save_stack+0x3c/0x68 [ 38.143299] kasan_save_track+0x20/0x40 [ 38.143926] kasan_save_alloc_info+0x40/0x58 [ 38.144670] __kasan_kmalloc+0xd4/0xd8 [ 38.145529] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.146333] kasan_bitops_generic+0xa0/0x1c8 [ 38.147139] kunit_try_run_case+0x14c/0x3d0 [ 38.147919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.148791] kthread+0x24c/0x2d0 [ 38.149312] ret_from_fork+0x10/0x20 [ 38.150214] [ 38.150554] The buggy address belongs to the object at fff00000c5ce6800 [ 38.150554] which belongs to the cache kmalloc-16 of size 16 [ 38.152381] The buggy address is located 8 bytes inside of [ 38.152381] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.154145] [ 38.154744] The buggy address belongs to the physical page: [ 38.155569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.156566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.157390] page_type: f5(slab) [ 38.157923] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.158891] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.159831] page dumped because: kasan: bad access detected [ 38.160627] [ 38.161008] Memory state around the buggy address: [ 38.161648] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.162713] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.163517] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.164503] ^ [ 38.164953] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.165969] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.166952] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 37.959697] ================================================================== [ 37.960885] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 37.963118] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.964151] [ 37.964469] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.965830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.966475] Hardware name: linux,dummy-virt (DT) [ 37.967075] Call trace: [ 37.967802] show_stack+0x20/0x38 (C) [ 37.968559] dump_stack_lvl+0x8c/0xd0 [ 37.969200] print_report+0x118/0x5e0 [ 37.969993] kasan_report+0xc8/0x118 [ 37.970668] kasan_check_range+0x100/0x1a8 [ 37.971394] __kasan_check_write+0x20/0x30 [ 37.972071] kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 37.972937] kasan_bitops_generic+0x110/0x1c8 [ 37.973497] kunit_try_run_case+0x14c/0x3d0 [ 37.974241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.975041] kthread+0x24c/0x2d0 [ 37.975693] ret_from_fork+0x10/0x20 [ 37.976330] [ 37.976782] Allocated by task 250: [ 37.977273] kasan_save_stack+0x3c/0x68 [ 37.977992] kasan_save_track+0x20/0x40 [ 37.978645] kasan_save_alloc_info+0x40/0x58 [ 37.979330] __kasan_kmalloc+0xd4/0xd8 [ 37.979866] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.980642] kasan_bitops_generic+0xa0/0x1c8 [ 37.981268] kunit_try_run_case+0x14c/0x3d0 [ 37.981810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.982664] kthread+0x24c/0x2d0 [ 37.983240] ret_from_fork+0x10/0x20 [ 37.983802] [ 37.984255] The buggy address belongs to the object at fff00000c5ce6800 [ 37.984255] which belongs to the cache kmalloc-16 of size 16 [ 37.985786] The buggy address is located 8 bytes inside of [ 37.985786] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.987205] [ 37.987541] The buggy address belongs to the physical page: [ 37.988271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.989273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.990065] page_type: f5(slab) [ 37.990744] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.991751] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.992700] page dumped because: kasan: bad access detected [ 37.993419] [ 37.993815] Memory state around the buggy address: [ 37.994332] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.995403] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.996357] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.997308] ^ [ 37.997841] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.998876] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.999766] ================================================================== [ 37.714481] ================================================================== [ 37.715237] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 37.716129] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.716942] [ 37.718335] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.719617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.720293] Hardware name: linux,dummy-virt (DT) [ 37.721180] Call trace: [ 37.721617] show_stack+0x20/0x38 (C) [ 37.722204] dump_stack_lvl+0x8c/0xd0 [ 37.723255] print_report+0x118/0x5e0 [ 37.724104] kasan_report+0xc8/0x118 [ 37.724794] __asan_report_load8_noabort+0x20/0x30 [ 37.725879] kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 37.726608] kasan_bitops_generic+0x110/0x1c8 [ 37.727220] kunit_try_run_case+0x14c/0x3d0 [ 37.727952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.728721] kthread+0x24c/0x2d0 [ 37.729184] ret_from_fork+0x10/0x20 [ 37.730352] [ 37.730795] Allocated by task 250: [ 37.731410] kasan_save_stack+0x3c/0x68 [ 37.732034] kasan_save_track+0x20/0x40 [ 37.732984] kasan_save_alloc_info+0x40/0x58 [ 37.733597] __kasan_kmalloc+0xd4/0xd8 [ 37.734256] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.735008] kasan_bitops_generic+0xa0/0x1c8 [ 37.735731] kunit_try_run_case+0x14c/0x3d0 [ 37.736391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.738792] kthread+0x24c/0x2d0 [ 37.739563] ret_from_fork+0x10/0x20 [ 37.740115] [ 37.740810] The buggy address belongs to the object at fff00000c5ce6800 [ 37.740810] which belongs to the cache kmalloc-16 of size 16 [ 37.742687] The buggy address is located 8 bytes inside of [ 37.742687] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.744083] [ 37.744420] The buggy address belongs to the physical page: [ 37.745809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.746847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.747660] page_type: f5(slab) [ 37.748193] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.749516] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.750378] page dumped because: kasan: bad access detected [ 37.751182] [ 37.751577] Memory state around the buggy address: [ 37.752290] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.753530] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.754392] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.755493] ^ [ 37.755985] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.757385] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.758619] ================================================================== [ 37.761039] ================================================================== [ 37.761779] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 37.763953] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.765549] [ 37.765895] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.767063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.767654] Hardware name: linux,dummy-virt (DT) [ 37.768495] Call trace: [ 37.768857] show_stack+0x20/0x38 (C) [ 37.769832] dump_stack_lvl+0x8c/0xd0 [ 37.770519] print_report+0x118/0x5e0 [ 37.771112] kasan_report+0xc8/0x118 [ 37.771831] kasan_check_range+0x100/0x1a8 [ 37.773017] __kasan_check_write+0x20/0x30 [ 37.773634] kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 37.774458] kasan_bitops_generic+0x110/0x1c8 [ 37.775115] kunit_try_run_case+0x14c/0x3d0 [ 37.775762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.776990] kthread+0x24c/0x2d0 [ 37.777515] ret_from_fork+0x10/0x20 [ 37.778078] [ 37.778484] Allocated by task 250: [ 37.778969] kasan_save_stack+0x3c/0x68 [ 37.779775] kasan_save_track+0x20/0x40 [ 37.780358] kasan_save_alloc_info+0x40/0x58 [ 37.782387] __kasan_kmalloc+0xd4/0xd8 [ 37.783009] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.783655] kasan_bitops_generic+0xa0/0x1c8 [ 37.784321] kunit_try_run_case+0x14c/0x3d0 [ 37.785194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.786724] kthread+0x24c/0x2d0 [ 37.787256] ret_from_fork+0x10/0x20 [ 37.787787] [ 37.788208] The buggy address belongs to the object at fff00000c5ce6800 [ 37.788208] which belongs to the cache kmalloc-16 of size 16 [ 37.790348] The buggy address is located 8 bytes inside of [ 37.790348] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.791802] [ 37.792293] The buggy address belongs to the physical page: [ 37.793501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.794713] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.795629] page_type: f5(slab) [ 37.796127] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.797745] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.798684] page dumped because: kasan: bad access detected [ 37.799546] [ 37.800038] Memory state around the buggy address: [ 37.801886] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.803122] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.804254] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.805345] ^ [ 37.805900] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.807031] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.808389] ================================================================== [ 37.858032] ================================================================== [ 37.859344] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 37.860551] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.861651] [ 37.862025] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.863651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.864410] Hardware name: linux,dummy-virt (DT) [ 37.865495] Call trace: [ 37.866009] show_stack+0x20/0x38 (C) [ 37.866693] dump_stack_lvl+0x8c/0xd0 [ 37.867363] print_report+0x118/0x5e0 [ 37.868109] kasan_report+0xc8/0x118 [ 37.869159] __asan_report_load8_noabort+0x20/0x30 [ 37.870079] kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 37.870888] kasan_bitops_generic+0x110/0x1c8 [ 37.871642] kunit_try_run_case+0x14c/0x3d0 [ 37.872389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.873600] kthread+0x24c/0x2d0 [ 37.874564] ret_from_fork+0x10/0x20 [ 37.875093] [ 37.875470] Allocated by task 250: [ 37.876084] kasan_save_stack+0x3c/0x68 [ 37.877131] kasan_save_track+0x20/0x40 [ 37.877912] kasan_save_alloc_info+0x40/0x58 [ 37.878741] __kasan_kmalloc+0xd4/0xd8 [ 37.879424] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.880115] kasan_bitops_generic+0xa0/0x1c8 [ 37.880832] kunit_try_run_case+0x14c/0x3d0 [ 37.881570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.882372] kthread+0x24c/0x2d0 [ 37.882928] ret_from_fork+0x10/0x20 [ 37.884567] [ 37.884988] The buggy address belongs to the object at fff00000c5ce6800 [ 37.884988] which belongs to the cache kmalloc-16 of size 16 [ 37.886380] The buggy address is located 8 bytes inside of [ 37.886380] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.888145] [ 37.888937] The buggy address belongs to the physical page: [ 37.889754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.890581] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.891001] page_type: f5(slab) [ 37.891260] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.891747] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.892177] page dumped because: kasan: bad access detected [ 37.892708] [ 37.893142] Memory state around the buggy address: [ 37.894593] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.896231] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.898025] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.898818] ^ [ 37.899889] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.900540] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.901114] ================================================================== [ 37.557069] ================================================================== [ 37.558491] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 37.559795] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.561614] [ 37.562217] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.563905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.564453] Hardware name: linux,dummy-virt (DT) [ 37.565874] Call trace: [ 37.566354] show_stack+0x20/0x38 (C) [ 37.567104] dump_stack_lvl+0x8c/0xd0 [ 37.567772] print_report+0x118/0x5e0 [ 37.568324] kasan_report+0xc8/0x118 [ 37.569262] kasan_check_range+0x100/0x1a8 [ 37.569866] __kasan_check_write+0x20/0x30 [ 37.570627] kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 37.571472] kasan_bitops_generic+0x110/0x1c8 [ 37.572096] kunit_try_run_case+0x14c/0x3d0 [ 37.573343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.574115] kthread+0x24c/0x2d0 [ 37.574792] ret_from_fork+0x10/0x20 [ 37.575337] [ 37.575898] Allocated by task 250: [ 37.576498] kasan_save_stack+0x3c/0x68 [ 37.577869] kasan_save_track+0x20/0x40 [ 37.578609] kasan_save_alloc_info+0x40/0x58 [ 37.579163] __kasan_kmalloc+0xd4/0xd8 [ 37.580342] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.581406] kasan_bitops_generic+0xa0/0x1c8 [ 37.582012] kunit_try_run_case+0x14c/0x3d0 [ 37.582710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.583425] kthread+0x24c/0x2d0 [ 37.583984] ret_from_fork+0x10/0x20 [ 37.584571] [ 37.585040] The buggy address belongs to the object at fff00000c5ce6800 [ 37.585040] which belongs to the cache kmalloc-16 of size 16 [ 37.586539] The buggy address is located 8 bytes inside of [ 37.586539] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.589028] [ 37.589403] The buggy address belongs to the physical page: [ 37.590179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.591119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.591913] page_type: f5(slab) [ 37.592513] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.594162] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.595272] page dumped because: kasan: bad access detected [ 37.596124] [ 37.597405] Memory state around the buggy address: [ 37.597967] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.599282] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.600399] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.601836] ^ [ 37.602364] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.603260] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.604085] ================================================================== [ 37.902216] ================================================================== [ 37.902862] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 37.905702] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.907046] [ 37.909583] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.913148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.914948] Hardware name: linux,dummy-virt (DT) [ 37.915905] Call trace: [ 37.916919] show_stack+0x20/0x38 (C) [ 37.919132] dump_stack_lvl+0x8c/0xd0 [ 37.920204] print_report+0x118/0x5e0 [ 37.921727] kasan_report+0xc8/0x118 [ 37.922608] kasan_check_range+0x100/0x1a8 [ 37.923109] __kasan_check_write+0x20/0x30 [ 37.923695] kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 37.924923] kasan_bitops_generic+0x110/0x1c8 [ 37.926302] kunit_try_run_case+0x14c/0x3d0 [ 37.927234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.928353] kthread+0x24c/0x2d0 [ 37.929459] ret_from_fork+0x10/0x20 [ 37.930023] [ 37.930486] Allocated by task 250: [ 37.931136] kasan_save_stack+0x3c/0x68 [ 37.931693] kasan_save_track+0x20/0x40 [ 37.932523] kasan_save_alloc_info+0x40/0x58 [ 37.933566] __kasan_kmalloc+0xd4/0xd8 [ 37.934622] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.935943] kasan_bitops_generic+0xa0/0x1c8 [ 37.936670] kunit_try_run_case+0x14c/0x3d0 [ 37.937243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.938049] kthread+0x24c/0x2d0 [ 37.938743] ret_from_fork+0x10/0x20 [ 37.939264] [ 37.939731] The buggy address belongs to the object at fff00000c5ce6800 [ 37.939731] which belongs to the cache kmalloc-16 of size 16 [ 37.941397] The buggy address is located 8 bytes inside of [ 37.941397] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.943199] [ 37.943603] The buggy address belongs to the physical page: [ 37.944318] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.946319] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.946961] page_type: f5(slab) [ 37.947259] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.948512] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.949982] page dumped because: kasan: bad access detected [ 37.950663] [ 37.950987] Memory state around the buggy address: [ 37.951772] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.953655] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.954896] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.955716] ^ [ 37.956474] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.957619] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.958060] ================================================================== [ 37.665577] ================================================================== [ 37.667466] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 37.669181] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.670602] [ 37.671111] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.672369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.673571] Hardware name: linux,dummy-virt (DT) [ 37.674278] Call trace: [ 37.674684] show_stack+0x20/0x38 (C) [ 37.675267] dump_stack_lvl+0x8c/0xd0 [ 37.675871] print_report+0x118/0x5e0 [ 37.676547] kasan_report+0xc8/0x118 [ 37.677670] kasan_check_range+0x100/0x1a8 [ 37.678398] __kasan_check_write+0x20/0x30 [ 37.679246] kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 37.680075] kasan_bitops_generic+0x110/0x1c8 [ 37.680828] kunit_try_run_case+0x14c/0x3d0 [ 37.682009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.682853] kthread+0x24c/0x2d0 [ 37.683486] ret_from_fork+0x10/0x20 [ 37.684086] [ 37.684527] Allocated by task 250: [ 37.685363] kasan_save_stack+0x3c/0x68 [ 37.686093] kasan_save_track+0x20/0x40 [ 37.686564] kasan_save_alloc_info+0x40/0x58 [ 37.687300] __kasan_kmalloc+0xd4/0xd8 [ 37.687932] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.688853] kasan_bitops_generic+0xa0/0x1c8 [ 37.690121] kunit_try_run_case+0x14c/0x3d0 [ 37.690701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.691450] kthread+0x24c/0x2d0 [ 37.691923] ret_from_fork+0x10/0x20 [ 37.692752] [ 37.693663] The buggy address belongs to the object at fff00000c5ce6800 [ 37.693663] which belongs to the cache kmalloc-16 of size 16 [ 37.695580] The buggy address is located 8 bytes inside of [ 37.695580] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.696424] [ 37.697194] The buggy address belongs to the physical page: [ 37.698075] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.699743] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.700810] page_type: f5(slab) [ 37.701280] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.702251] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.703968] page dumped because: kasan: bad access detected [ 37.704326] [ 37.704701] Memory state around the buggy address: [ 37.705846] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.706813] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.707764] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.708969] ^ [ 37.709661] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.711523] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.712616] ================================================================== [ 37.607545] ================================================================== [ 37.608421] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 37.610908] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.611967] [ 37.612401] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.613638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.614160] Hardware name: linux,dummy-virt (DT) [ 37.615055] Call trace: [ 37.615471] show_stack+0x20/0x38 (C) [ 37.616052] dump_stack_lvl+0x8c/0xd0 [ 37.616996] print_report+0x118/0x5e0 [ 37.617757] kasan_report+0xc8/0x118 [ 37.619100] __asan_report_load8_noabort+0x20/0x30 [ 37.620007] kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 37.620959] kasan_bitops_generic+0x110/0x1c8 [ 37.621781] kunit_try_run_case+0x14c/0x3d0 [ 37.622524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.623338] kthread+0x24c/0x2d0 [ 37.623941] ret_from_fork+0x10/0x20 [ 37.624717] [ 37.625016] Allocated by task 250: [ 37.625534] kasan_save_stack+0x3c/0x68 [ 37.625986] kasan_save_track+0x20/0x40 [ 37.627650] kasan_save_alloc_info+0x40/0x58 [ 37.628263] __kasan_kmalloc+0xd4/0xd8 [ 37.628699] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.629144] kasan_bitops_generic+0xa0/0x1c8 [ 37.629601] kunit_try_run_case+0x14c/0x3d0 [ 37.632928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.635123] kthread+0x24c/0x2d0 [ 37.635860] ret_from_fork+0x10/0x20 [ 37.637607] [ 37.638577] The buggy address belongs to the object at fff00000c5ce6800 [ 37.638577] which belongs to the cache kmalloc-16 of size 16 [ 37.642623] The buggy address is located 8 bytes inside of [ 37.642623] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.644542] [ 37.644840] The buggy address belongs to the physical page: [ 37.645340] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.648102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.649185] page_type: f5(slab) [ 37.650336] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.651626] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.652809] page dumped because: kasan: bad access detected [ 37.653314] [ 37.654586] Memory state around the buggy address: [ 37.655850] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.657131] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.658202] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.659596] ^ [ 37.660095] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.661788] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.662723] ================================================================== [ 38.001455] ================================================================== [ 38.003054] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 38.004140] Read of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 38.005168] [ 38.005596] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 38.006783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 38.007378] Hardware name: linux,dummy-virt (DT) [ 38.008135] Call trace: [ 38.008520] show_stack+0x20/0x38 (C) [ 38.009247] dump_stack_lvl+0x8c/0xd0 [ 38.009899] print_report+0x118/0x5e0 [ 38.010600] kasan_report+0xc8/0x118 [ 38.011296] __asan_report_load8_noabort+0x20/0x30 [ 38.011935] kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 38.012747] kasan_bitops_generic+0x110/0x1c8 [ 38.013533] kunit_try_run_case+0x14c/0x3d0 [ 38.014186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.015067] kthread+0x24c/0x2d0 [ 38.015589] ret_from_fork+0x10/0x20 [ 38.016254] [ 38.016572] Allocated by task 250: [ 38.017085] kasan_save_stack+0x3c/0x68 [ 38.017756] kasan_save_track+0x20/0x40 [ 38.018515] kasan_save_alloc_info+0x40/0x58 [ 38.019157] __kasan_kmalloc+0xd4/0xd8 [ 38.019717] __kmalloc_cache_noprof+0x15c/0x3c8 [ 38.020483] kasan_bitops_generic+0xa0/0x1c8 [ 38.021089] kunit_try_run_case+0x14c/0x3d0 [ 38.021725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 38.022477] kthread+0x24c/0x2d0 [ 38.023027] ret_from_fork+0x10/0x20 [ 38.023581] [ 38.023994] The buggy address belongs to the object at fff00000c5ce6800 [ 38.023994] which belongs to the cache kmalloc-16 of size 16 [ 38.025582] The buggy address is located 8 bytes inside of [ 38.025582] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 38.027012] [ 38.027404] The buggy address belongs to the physical page: [ 38.028213] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 38.029200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 38.030142] page_type: f5(slab) [ 38.030674] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 38.031792] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 38.032797] page dumped because: kasan: bad access detected [ 38.033489] [ 38.033872] Memory state around the buggy address: [ 38.034534] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 38.035461] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 38.036397] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.037330] ^ [ 38.037951] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.038809] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 38.039752] ================================================================== [ 37.810904] ================================================================== [ 37.811857] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 37.813290] Write of size 8 at addr fff00000c5ce6808 by task kunit_try_catch/250 [ 37.814662] [ 37.814971] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.816054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.816703] Hardware name: linux,dummy-virt (DT) [ 37.817319] Call trace: [ 37.817905] show_stack+0x20/0x38 (C) [ 37.818833] dump_stack_lvl+0x8c/0xd0 [ 37.819591] print_report+0x118/0x5e0 [ 37.820305] kasan_report+0xc8/0x118 [ 37.821260] kasan_check_range+0x100/0x1a8 [ 37.821910] __kasan_check_write+0x20/0x30 [ 37.822513] kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 37.823376] kasan_bitops_generic+0x110/0x1c8 [ 37.824036] kunit_try_run_case+0x14c/0x3d0 [ 37.824796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.825590] kthread+0x24c/0x2d0 [ 37.826166] ret_from_fork+0x10/0x20 [ 37.827197] [ 37.827540] Allocated by task 250: [ 37.827972] kasan_save_stack+0x3c/0x68 [ 37.829115] kasan_save_track+0x20/0x40 [ 37.829826] kasan_save_alloc_info+0x40/0x58 [ 37.830646] __kasan_kmalloc+0xd4/0xd8 [ 37.830981] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.831297] kasan_bitops_generic+0xa0/0x1c8 [ 37.831736] kunit_try_run_case+0x14c/0x3d0 [ 37.832523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.833490] kthread+0x24c/0x2d0 [ 37.834102] ret_from_fork+0x10/0x20 [ 37.835410] [ 37.836684] The buggy address belongs to the object at fff00000c5ce6800 [ 37.836684] which belongs to the cache kmalloc-16 of size 16 [ 37.838932] The buggy address is located 8 bytes inside of [ 37.838932] allocated 9-byte region [fff00000c5ce6800, fff00000c5ce6809) [ 37.840410] [ 37.840991] The buggy address belongs to the physical page: [ 37.842088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 37.843370] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.844311] page_type: f5(slab) [ 37.845404] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 37.846704] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 37.847819] page dumped because: kasan: bad access detected [ 37.848986] [ 37.849315] Memory state around the buggy address: [ 37.850160] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 37.851137] fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 37.852169] >fff00000c5ce6800: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.853234] ^ [ 37.854099] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.855239] fff00000c5ce6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.856370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 37.485043] ================================================================== [ 37.486587] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 37.487474] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.488382] [ 37.489100] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.490914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.491369] Hardware name: linux,dummy-virt (DT) [ 37.491741] Call trace: [ 37.491951] show_stack+0x20/0x38 (C) [ 37.492263] dump_stack_lvl+0x8c/0xd0 [ 37.492847] print_report+0x118/0x5e0 [ 37.493743] kasan_report+0xc8/0x118 [ 37.495284] __asan_report_load1_noabort+0x20/0x30 [ 37.496235] strnlen+0x80/0x88 [ 37.496825] kasan_strings+0x380/0x8f8 [ 37.497413] kunit_try_run_case+0x14c/0x3d0 [ 37.499363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.501012] kthread+0x24c/0x2d0 [ 37.501649] ret_from_fork+0x10/0x20 [ 37.502281] [ 37.502643] Allocated by task 248: [ 37.503409] kasan_save_stack+0x3c/0x68 [ 37.504150] kasan_save_track+0x20/0x40 [ 37.505329] kasan_save_alloc_info+0x40/0x58 [ 37.506046] __kasan_kmalloc+0xd4/0xd8 [ 37.506980] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.508520] kasan_strings+0xb4/0x8f8 [ 37.509372] kunit_try_run_case+0x14c/0x3d0 [ 37.510397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.511272] kthread+0x24c/0x2d0 [ 37.511872] ret_from_fork+0x10/0x20 [ 37.512790] [ 37.513689] Freed by task 248: [ 37.514076] kasan_save_stack+0x3c/0x68 [ 37.514561] kasan_save_track+0x20/0x40 [ 37.515208] kasan_save_free_info+0x4c/0x78 [ 37.515926] __kasan_slab_free+0x6c/0x98 [ 37.516976] kfree+0x114/0x3d0 [ 37.517863] kasan_strings+0x128/0x8f8 [ 37.518568] kunit_try_run_case+0x14c/0x3d0 [ 37.519213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.520127] kthread+0x24c/0x2d0 [ 37.520731] ret_from_fork+0x10/0x20 [ 37.522115] [ 37.522391] The buggy address belongs to the object at fff00000c6a4c540 [ 37.522391] which belongs to the cache kmalloc-32 of size 32 [ 37.524331] The buggy address is located 16 bytes inside of [ 37.524331] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.525994] [ 37.527083] The buggy address belongs to the physical page: [ 37.528064] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.529381] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.530776] page_type: f5(slab) [ 37.531867] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.533371] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.534488] page dumped because: kasan: bad access detected [ 37.535139] [ 37.535475] Memory state around the buggy address: [ 37.536116] fff00000c6a4c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 37.538268] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.539379] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.540278] ^ [ 37.541700] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.542621] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.543568] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 37.425862] ================================================================== [ 37.427428] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 37.428637] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.430155] [ 37.430581] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.431721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.432761] Hardware name: linux,dummy-virt (DT) [ 37.433231] Call trace: [ 37.434403] show_stack+0x20/0x38 (C) [ 37.435359] dump_stack_lvl+0x8c/0xd0 [ 37.436010] print_report+0x118/0x5e0 [ 37.436325] kasan_report+0xc8/0x118 [ 37.437429] __asan_report_load1_noabort+0x20/0x30 [ 37.438731] strlen+0xa8/0xb0 [ 37.439421] kasan_strings+0x320/0x8f8 [ 37.440192] kunit_try_run_case+0x14c/0x3d0 [ 37.440945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.441633] kthread+0x24c/0x2d0 [ 37.442179] ret_from_fork+0x10/0x20 [ 37.442837] [ 37.443217] Allocated by task 248: [ 37.445206] kasan_save_stack+0x3c/0x68 [ 37.446263] kasan_save_track+0x20/0x40 [ 37.447117] kasan_save_alloc_info+0x40/0x58 [ 37.447961] __kasan_kmalloc+0xd4/0xd8 [ 37.449035] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.449930] kasan_strings+0xb4/0x8f8 [ 37.450914] kunit_try_run_case+0x14c/0x3d0 [ 37.451810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.452965] kthread+0x24c/0x2d0 [ 37.453987] ret_from_fork+0x10/0x20 [ 37.454292] [ 37.454500] Freed by task 248: [ 37.454888] kasan_save_stack+0x3c/0x68 [ 37.455702] kasan_save_track+0x20/0x40 [ 37.456208] kasan_save_free_info+0x4c/0x78 [ 37.457831] __kasan_slab_free+0x6c/0x98 [ 37.458345] kfree+0x114/0x3d0 [ 37.459064] kasan_strings+0x128/0x8f8 [ 37.459616] kunit_try_run_case+0x14c/0x3d0 [ 37.460364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.461221] kthread+0x24c/0x2d0 [ 37.462452] ret_from_fork+0x10/0x20 [ 37.463109] [ 37.463480] The buggy address belongs to the object at fff00000c6a4c540 [ 37.463480] which belongs to the cache kmalloc-32 of size 32 [ 37.465373] The buggy address is located 16 bytes inside of [ 37.465373] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.467890] [ 37.468255] The buggy address belongs to the physical page: [ 37.468896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.470965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.471787] page_type: f5(slab) [ 37.472062] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.473086] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.474701] page dumped because: kasan: bad access detected [ 37.475573] [ 37.476247] Memory state around the buggy address: [ 37.476864] fff00000c6a4c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 37.478328] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.479367] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.480284] ^ [ 37.481280] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.481937] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.483404] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 37.363684] ================================================================== [ 37.366742] BUG: KASAN: slab-use-after-free in kasan_strings+0x858/0x8f8 [ 37.368287] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.369632] [ 37.370231] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.373003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.373481] Hardware name: linux,dummy-virt (DT) [ 37.373932] Call trace: [ 37.374218] show_stack+0x20/0x38 (C) [ 37.376198] dump_stack_lvl+0x8c/0xd0 [ 37.377781] print_report+0x118/0x5e0 [ 37.378298] kasan_report+0xc8/0x118 [ 37.378790] __asan_report_load1_noabort+0x20/0x30 [ 37.379179] kasan_strings+0x858/0x8f8 [ 37.379545] kunit_try_run_case+0x14c/0x3d0 [ 37.381692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.382884] kthread+0x24c/0x2d0 [ 37.383655] ret_from_fork+0x10/0x20 [ 37.384200] [ 37.384634] Allocated by task 248: [ 37.385140] kasan_save_stack+0x3c/0x68 [ 37.385750] kasan_save_track+0x20/0x40 [ 37.386342] kasan_save_alloc_info+0x40/0x58 [ 37.387748] __kasan_kmalloc+0xd4/0xd8 [ 37.389059] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.389820] kasan_strings+0xb4/0x8f8 [ 37.390304] kunit_try_run_case+0x14c/0x3d0 [ 37.390968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.391730] kthread+0x24c/0x2d0 [ 37.392262] ret_from_fork+0x10/0x20 [ 37.392837] [ 37.393130] Freed by task 248: [ 37.393710] kasan_save_stack+0x3c/0x68 [ 37.394784] kasan_save_track+0x20/0x40 [ 37.395309] kasan_save_free_info+0x4c/0x78 [ 37.396063] __kasan_slab_free+0x6c/0x98 [ 37.397693] kfree+0x114/0x3d0 [ 37.398224] kasan_strings+0x128/0x8f8 [ 37.398781] kunit_try_run_case+0x14c/0x3d0 [ 37.399396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.400790] kthread+0x24c/0x2d0 [ 37.401280] ret_from_fork+0x10/0x20 [ 37.401965] [ 37.402292] The buggy address belongs to the object at fff00000c6a4c540 [ 37.402292] which belongs to the cache kmalloc-32 of size 32 [ 37.405188] The buggy address is located 16 bytes inside of [ 37.405188] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.406968] [ 37.407296] The buggy address belongs to the physical page: [ 37.408281] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.409552] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.410202] page_type: f5(slab) [ 37.410908] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.412099] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.412983] page dumped because: kasan: bad access detected [ 37.414420] [ 37.414848] Memory state around the buggy address: [ 37.415788] fff00000c6a4c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 37.417074] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.418487] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.419678] ^ [ 37.421199] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.422121] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.423217] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 37.303542] ================================================================== [ 37.304382] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 37.305200] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.306056] [ 37.307724] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.309117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.309755] Hardware name: linux,dummy-virt (DT) [ 37.310455] Call trace: [ 37.310870] show_stack+0x20/0x38 (C) [ 37.311962] dump_stack_lvl+0x8c/0xd0 [ 37.312550] print_report+0x118/0x5e0 [ 37.313245] kasan_report+0xc8/0x118 [ 37.313869] __asan_report_load1_noabort+0x20/0x30 [ 37.314672] strcmp+0xc0/0xc8 [ 37.315137] kasan_strings+0x248/0x8f8 [ 37.315883] kunit_try_run_case+0x14c/0x3d0 [ 37.317186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.318650] kthread+0x24c/0x2d0 [ 37.319792] ret_from_fork+0x10/0x20 [ 37.320135] [ 37.320304] Allocated by task 248: [ 37.320667] kasan_save_stack+0x3c/0x68 [ 37.322294] kasan_save_track+0x20/0x40 [ 37.323574] kasan_save_alloc_info+0x40/0x58 [ 37.324511] __kasan_kmalloc+0xd4/0xd8 [ 37.325469] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.326284] kasan_strings+0xb4/0x8f8 [ 37.326898] kunit_try_run_case+0x14c/0x3d0 [ 37.327583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.328269] kthread+0x24c/0x2d0 [ 37.329108] ret_from_fork+0x10/0x20 [ 37.329996] [ 37.330419] Freed by task 248: [ 37.330872] kasan_save_stack+0x3c/0x68 [ 37.331403] kasan_save_track+0x20/0x40 [ 37.333018] kasan_save_free_info+0x4c/0x78 [ 37.333733] __kasan_slab_free+0x6c/0x98 [ 37.334317] kfree+0x114/0x3d0 [ 37.335220] kasan_strings+0x128/0x8f8 [ 37.336130] kunit_try_run_case+0x14c/0x3d0 [ 37.337020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.338204] kthread+0x24c/0x2d0 [ 37.338661] ret_from_fork+0x10/0x20 [ 37.339478] [ 37.339930] The buggy address belongs to the object at fff00000c6a4c540 [ 37.339930] which belongs to the cache kmalloc-32 of size 32 [ 37.342209] The buggy address is located 16 bytes inside of [ 37.342209] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.343728] [ 37.344216] The buggy address belongs to the physical page: [ 37.345291] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.346316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.347930] page_type: f5(slab) [ 37.348421] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.349891] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.350848] page dumped because: kasan: bad access detected [ 37.351623] [ 37.351956] Memory state around the buggy address: [ 37.353825] fff00000c6a4c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 37.354645] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.355614] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.358150] ^ [ 37.358768] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.359351] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.359942] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 37.240275] ================================================================== [ 37.241855] BUG: KASAN: slab-use-after-free in strrchr+0x6c/0x78 [ 37.242894] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.244013] [ 37.244885] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.246091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.247316] Hardware name: linux,dummy-virt (DT) [ 37.247909] Call trace: [ 37.248362] show_stack+0x20/0x38 (C) [ 37.249043] dump_stack_lvl+0x8c/0xd0 [ 37.250747] print_report+0x118/0x5e0 [ 37.251293] kasan_report+0xc8/0x118 [ 37.251943] __asan_report_load1_noabort+0x20/0x30 [ 37.253502] strrchr+0x6c/0x78 [ 37.254260] kasan_strings+0x1e0/0x8f8 [ 37.255094] kunit_try_run_case+0x14c/0x3d0 [ 37.255761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.256917] kthread+0x24c/0x2d0 [ 37.258303] ret_from_fork+0x10/0x20 [ 37.259208] [ 37.259633] Allocated by task 248: [ 37.260213] kasan_save_stack+0x3c/0x68 [ 37.261139] kasan_save_track+0x20/0x40 [ 37.262408] kasan_save_alloc_info+0x40/0x58 [ 37.263133] __kasan_kmalloc+0xd4/0xd8 [ 37.263865] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.264772] kasan_strings+0xb4/0x8f8 [ 37.265614] kunit_try_run_case+0x14c/0x3d0 [ 37.266972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.268621] kthread+0x24c/0x2d0 [ 37.269430] ret_from_fork+0x10/0x20 [ 37.270231] [ 37.271065] Freed by task 248: [ 37.271526] kasan_save_stack+0x3c/0x68 [ 37.272235] kasan_save_track+0x20/0x40 [ 37.273975] kasan_save_free_info+0x4c/0x78 [ 37.274762] __kasan_slab_free+0x6c/0x98 [ 37.275480] kfree+0x114/0x3d0 [ 37.276109] kasan_strings+0x128/0x8f8 [ 37.277190] kunit_try_run_case+0x14c/0x3d0 [ 37.278023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.278918] kthread+0x24c/0x2d0 [ 37.279481] ret_from_fork+0x10/0x20 [ 37.280090] [ 37.280468] The buggy address belongs to the object at fff00000c6a4c540 [ 37.280468] which belongs to the cache kmalloc-32 of size 32 [ 37.282393] The buggy address is located 16 bytes inside of [ 37.282393] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.283747] [ 37.284153] The buggy address belongs to the physical page: [ 37.285561] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.286640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.287604] page_type: f5(slab) [ 37.288106] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.289461] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.290294] page dumped because: kasan: bad access detected [ 37.290842] [ 37.291466] Memory state around the buggy address: [ 37.292591] fff00000c6a4c400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.293763] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.295174] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.296601] ^ [ 37.298305] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.299318] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.300285] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 37.178262] ================================================================== [ 37.179337] BUG: KASAN: slab-use-after-free in strchr+0xcc/0xd8 [ 37.180427] Read of size 1 at addr fff00000c6a4c550 by task kunit_try_catch/248 [ 37.182230] [ 37.182578] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.183959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.184626] Hardware name: linux,dummy-virt (DT) [ 37.185626] Call trace: [ 37.186090] show_stack+0x20/0x38 (C) [ 37.186743] dump_stack_lvl+0x8c/0xd0 [ 37.187918] print_report+0x118/0x5e0 [ 37.188802] kasan_report+0xc8/0x118 [ 37.189693] __asan_report_load1_noabort+0x20/0x30 [ 37.190736] strchr+0xcc/0xd8 [ 37.191744] kasan_strings+0x180/0x8f8 [ 37.192797] kunit_try_run_case+0x14c/0x3d0 [ 37.193631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.194744] kthread+0x24c/0x2d0 [ 37.195341] ret_from_fork+0x10/0x20 [ 37.195915] [ 37.196241] Allocated by task 248: [ 37.197717] kasan_save_stack+0x3c/0x68 [ 37.199021] kasan_save_track+0x20/0x40 [ 37.199683] kasan_save_alloc_info+0x40/0x58 [ 37.200314] __kasan_kmalloc+0xd4/0xd8 [ 37.201584] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.202503] kasan_strings+0xb4/0x8f8 [ 37.203205] kunit_try_run_case+0x14c/0x3d0 [ 37.203983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.205397] kthread+0x24c/0x2d0 [ 37.206610] ret_from_fork+0x10/0x20 [ 37.207629] [ 37.207924] Freed by task 248: [ 37.208588] kasan_save_stack+0x3c/0x68 [ 37.210186] kasan_save_track+0x20/0x40 [ 37.210803] kasan_save_free_info+0x4c/0x78 [ 37.211841] __kasan_slab_free+0x6c/0x98 [ 37.212334] kfree+0x114/0x3d0 [ 37.213293] kasan_strings+0x128/0x8f8 [ 37.213848] kunit_try_run_case+0x14c/0x3d0 [ 37.214562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.216010] kthread+0x24c/0x2d0 [ 37.217026] ret_from_fork+0x10/0x20 [ 37.217666] [ 37.218215] The buggy address belongs to the object at fff00000c6a4c540 [ 37.218215] which belongs to the cache kmalloc-32 of size 32 [ 37.220006] The buggy address is located 16 bytes inside of [ 37.220006] freed 32-byte region [fff00000c6a4c540, fff00000c6a4c560) [ 37.222309] [ 37.222763] The buggy address belongs to the physical page: [ 37.223489] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.224408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.225986] page_type: f5(slab) [ 37.226625] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.227565] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.228859] page dumped because: kasan: bad access detected [ 37.230024] [ 37.230293] Memory state around the buggy address: [ 37.230918] fff00000c6a4c400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.233098] fff00000c6a4c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.234110] >fff00000c6a4c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 37.235128] ^ [ 37.235880] fff00000c6a4c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.237210] fff00000c6a4c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.237893] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 37.116551] ================================================================== [ 37.118299] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 37.119067] Read of size 1 at addr fff00000c6a4c458 by task kunit_try_catch/246 [ 37.120074] [ 37.120506] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.121923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.122635] Hardware name: linux,dummy-virt (DT) [ 37.123298] Call trace: [ 37.123677] show_stack+0x20/0x38 (C) [ 37.124401] dump_stack_lvl+0x8c/0xd0 [ 37.125918] print_report+0x118/0x5e0 [ 37.126464] kasan_report+0xc8/0x118 [ 37.127094] __asan_report_load1_noabort+0x20/0x30 [ 37.127787] memcmp+0x198/0x1d8 [ 37.128285] kasan_memcmp+0x16c/0x300 [ 37.128986] kunit_try_run_case+0x14c/0x3d0 [ 37.129601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.130992] kthread+0x24c/0x2d0 [ 37.131548] ret_from_fork+0x10/0x20 [ 37.132315] [ 37.132766] Allocated by task 246: [ 37.133969] kasan_save_stack+0x3c/0x68 [ 37.134894] kasan_save_track+0x20/0x40 [ 37.135358] kasan_save_alloc_info+0x40/0x58 [ 37.135997] __kasan_kmalloc+0xd4/0xd8 [ 37.137107] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.137827] kasan_memcmp+0xbc/0x300 [ 37.138412] kunit_try_run_case+0x14c/0x3d0 [ 37.139151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.139914] kthread+0x24c/0x2d0 [ 37.141529] ret_from_fork+0x10/0x20 [ 37.142214] [ 37.142575] The buggy address belongs to the object at fff00000c6a4c440 [ 37.142575] which belongs to the cache kmalloc-32 of size 32 [ 37.144178] The buggy address is located 0 bytes to the right of [ 37.144178] allocated 24-byte region [fff00000c6a4c440, fff00000c6a4c458) [ 37.147202] [ 37.147572] The buggy address belongs to the physical page: [ 37.148359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.149606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.150064] page_type: f5(slab) [ 37.150330] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.152037] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.154013] page dumped because: kasan: bad access detected [ 37.155819] [ 37.156239] Memory state around the buggy address: [ 37.157713] fff00000c6a4c300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.159570] fff00000c6a4c380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.160250] >fff00000c6a4c400: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 37.161414] ^ [ 37.162612] fff00000c6a4c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.163365] fff00000c6a4c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.164398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 37.048363] ================================================================== [ 37.049878] BUG: KASAN: slab-out-of-bounds in memchr+0x78/0x88 [ 37.051892] Read of size 1 at addr fff00000c6a4c318 by task kunit_try_catch/244 [ 37.053256] [ 37.053634] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.054924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.055644] Hardware name: linux,dummy-virt (DT) [ 37.056263] Call trace: [ 37.056701] show_stack+0x20/0x38 (C) [ 37.057375] dump_stack_lvl+0x8c/0xd0 [ 37.058587] print_report+0x118/0x5e0 [ 37.059082] kasan_report+0xc8/0x118 [ 37.059792] __asan_report_load1_noabort+0x20/0x30 [ 37.060397] memchr+0x78/0x88 [ 37.060920] kasan_memchr+0x148/0x2d8 [ 37.061808] kunit_try_run_case+0x14c/0x3d0 [ 37.062996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.063934] kthread+0x24c/0x2d0 [ 37.064718] ret_from_fork+0x10/0x20 [ 37.065616] [ 37.066097] Allocated by task 244: [ 37.066763] kasan_save_stack+0x3c/0x68 [ 37.067400] kasan_save_track+0x20/0x40 [ 37.069036] kasan_save_alloc_info+0x40/0x58 [ 37.069665] __kasan_kmalloc+0xd4/0xd8 [ 37.070231] __kmalloc_cache_noprof+0x15c/0x3c8 [ 37.070800] kasan_memchr+0xb0/0x2d8 [ 37.071429] kunit_try_run_case+0x14c/0x3d0 [ 37.072055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.073925] kthread+0x24c/0x2d0 [ 37.074521] ret_from_fork+0x10/0x20 [ 37.075006] [ 37.075381] The buggy address belongs to the object at fff00000c6a4c300 [ 37.075381] which belongs to the cache kmalloc-32 of size 32 [ 37.076971] The buggy address is located 0 bytes to the right of [ 37.076971] allocated 24-byte region [fff00000c6a4c300, fff00000c6a4c318) [ 37.078277] [ 37.078766] The buggy address belongs to the physical page: [ 37.079897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a4c [ 37.081358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.082049] page_type: f5(slab) [ 37.082659] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 37.083969] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 37.085327] page dumped because: kasan: bad access detected [ 37.086316] [ 37.086632] Memory state around the buggy address: [ 37.087423] fff00000c6a4c200: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 37.089387] fff00000c6a4c280: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 37.091171] >fff00000c6a4c300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.094230] ^ [ 37.095143] fff00000c6a4c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.098116] fff00000c6a4c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 37.098792] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 37.005413] ================================================================== [ 37.007686] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2e4/0x348 [ 37.008704] Read of size 1 at addr ffff800080b97bea by task kunit_try_catch/242 [ 37.009475] [ 37.009922] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 37.011422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 37.011979] Hardware name: linux,dummy-virt (DT) [ 37.012698] Call trace: [ 37.013065] show_stack+0x20/0x38 (C) [ 37.013731] dump_stack_lvl+0x8c/0xd0 [ 37.014383] print_report+0x2fc/0x5e0 [ 37.015009] kasan_report+0xc8/0x118 [ 37.015583] __asan_report_load1_noabort+0x20/0x30 [ 37.016283] kasan_alloca_oob_right+0x2e4/0x348 [ 37.017029] kunit_try_run_case+0x14c/0x3d0 [ 37.017593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 37.018374] kthread+0x24c/0x2d0 [ 37.019054] ret_from_fork+0x10/0x20 [ 37.019645] [ 37.020007] The buggy address belongs to stack of task kunit_try_catch/242 [ 37.020887] [ 37.021212] The buggy address belongs to the virtual mapping at [ 37.021212] [ffff800080b90000, ffff800080b99000) created by: [ 37.021212] kernel_clone+0x140/0x790 [ 37.022906] [ 37.023280] The buggy address belongs to the physical page: [ 37.024167] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10612d [ 37.025135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 37.025974] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 37.027086] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 37.027879] page dumped because: kasan: bad access detected [ 37.028586] [ 37.028983] Memory state around the buggy address: [ 37.029597] ffff800080b97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 37.030516] ffff800080b97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 37.031424] >ffff800080b97b80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 37.032246] ^ [ 37.033134] ffff800080b97c00: cb cb cb cb 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 [ 37.034061] ffff800080b97c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 37.034991] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 36.962400] ================================================================== [ 36.963616] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 36.964421] Read of size 1 at addr ffff800080b57bdf by task kunit_try_catch/240 [ 36.965624] [ 36.966080] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.968119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.969718] Hardware name: linux,dummy-virt (DT) [ 36.970264] Call trace: [ 36.970764] show_stack+0x20/0x38 (C) [ 36.971260] dump_stack_lvl+0x8c/0xd0 [ 36.971971] print_report+0x2fc/0x5e0 [ 36.972606] kasan_report+0xc8/0x118 [ 36.973149] __asan_report_load1_noabort+0x20/0x30 [ 36.973934] kasan_alloca_oob_left+0x2b8/0x310 [ 36.974680] kunit_try_run_case+0x14c/0x3d0 [ 36.975400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.976092] kthread+0x24c/0x2d0 [ 36.976728] ret_from_fork+0x10/0x20 [ 36.977287] [ 36.977665] The buggy address belongs to stack of task kunit_try_catch/240 [ 36.978541] [ 36.978914] The buggy address belongs to the virtual mapping at [ 36.978914] [ffff800080b50000, ffff800080b59000) created by: [ 36.978914] kernel_clone+0x140/0x790 [ 36.980742] [ 36.981262] The buggy address belongs to the physical page: [ 36.981868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a56 [ 36.983076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.983888] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 36.984938] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.986061] page dumped because: kasan: bad access detected [ 36.986888] [ 36.987219] Memory state around the buggy address: [ 36.987818] ffff800080b57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.988726] ffff800080b57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.989714] >ffff800080b57b80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 36.990693] ^ [ 36.991588] ffff800080b57c00: cb cb cb cb 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 [ 36.992467] ffff800080b57c80: 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 36.993347] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 36.905728] ================================================================== [ 36.907308] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x230/0x268 [ 36.908413] Read of size 1 at addr ffff800080b27cba by task kunit_try_catch/238 [ 36.909265] [ 36.909839] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.912093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.913196] Hardware name: linux,dummy-virt (DT) [ 36.913980] Call trace: [ 36.914836] show_stack+0x20/0x38 (C) [ 36.915573] dump_stack_lvl+0x8c/0xd0 [ 36.916734] print_report+0x2fc/0x5e0 [ 36.917577] kasan_report+0xc8/0x118 [ 36.918133] __asan_report_load1_noabort+0x20/0x30 [ 36.918833] kasan_stack_oob+0x230/0x268 [ 36.919412] kunit_try_run_case+0x14c/0x3d0 [ 36.920948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.921896] kthread+0x24c/0x2d0 [ 36.922725] ret_from_fork+0x10/0x20 [ 36.923352] [ 36.923788] The buggy address belongs to stack of task kunit_try_catch/238 [ 36.925139] and is located at offset 138 in frame: [ 36.926851] kasan_stack_oob+0x0/0x268 [ 36.927660] [ 36.928133] This frame has 4 objects: [ 36.929471] [48, 49) '__assertion' [ 36.929629] [64, 72) 'array' [ 36.930312] [96, 112) '__assertion' [ 36.931124] [128, 138) 'stack_array' [ 36.931837] [ 36.933329] The buggy address belongs to the virtual mapping at [ 36.933329] [ffff800080b20000, ffff800080b29000) created by: [ 36.933329] kernel_clone+0x140/0x790 [ 36.935037] [ 36.935488] The buggy address belongs to the physical page: [ 36.936185] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a77 [ 36.938259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.939151] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 36.940080] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.941053] page dumped because: kasan: bad access detected [ 36.942964] [ 36.943518] Memory state around the buggy address: [ 36.944181] ffff800080b27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.945779] ffff800080b27c00: 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 [ 36.947039] >ffff800080b27c80: f2 f2 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 [ 36.947963] ^ [ 36.948692] ffff800080b27d00: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 36.950351] ffff800080b27d80: f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 [ 36.951358] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 36.842110] ================================================================== [ 36.843941] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 36.845795] Read of size 1 at addr ffffa3d12e0d906d by task kunit_try_catch/234 [ 36.847297] [ 36.847839] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.849521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.851025] Hardware name: linux,dummy-virt (DT) [ 36.851813] Call trace: [ 36.852498] show_stack+0x20/0x38 (C) [ 36.853465] dump_stack_lvl+0x8c/0xd0 [ 36.854393] print_report+0x2fc/0x5e0 [ 36.855113] kasan_report+0xc8/0x118 [ 36.855650] __asan_report_load1_noabort+0x20/0x30 [ 36.856400] kasan_global_oob_right+0x230/0x270 [ 36.857362] kunit_try_run_case+0x14c/0x3d0 [ 36.857925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.860186] kthread+0x24c/0x2d0 [ 36.861039] ret_from_fork+0x10/0x20 [ 36.861965] [ 36.862433] The buggy address belongs to the variable: [ 36.863242] global_array+0xd/0x40 [ 36.863865] [ 36.864739] The buggy address belongs to the virtual mapping at [ 36.864739] [ffffa3d12c420000, ffffa3d12e191000) created by: [ 36.864739] paging_init+0x668/0x7c8 [ 36.867376] [ 36.868382] The buggy address belongs to the physical page: [ 36.870024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x478d9 [ 36.871039] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 36.872243] raw: 03fffe0000002000 ffffc1ffc01e3648 ffffc1ffc01e3648 0000000000000000 [ 36.873954] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.875116] page dumped because: kasan: bad access detected [ 36.876029] [ 36.876728] Memory state around the buggy address: [ 36.877815] ffffa3d12e0d8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.879884] ffffa3d12e0d8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.881137] >ffffa3d12e0d9000: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 36.882218] ^ [ 36.883612] ffffa3d12e0d9080: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 36.885086] ffffa3d12e0d9100: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 36.886062] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 36.777551] ================================================================== [ 36.779026] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 36.780153] Free of addr fff00000c6b94001 by task kunit_try_catch/232 [ 36.781487] [ 36.782010] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.782844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.783428] Hardware name: linux,dummy-virt (DT) [ 36.783935] Call trace: [ 36.784249] show_stack+0x20/0x38 (C) [ 36.786428] dump_stack_lvl+0x8c/0xd0 [ 36.787278] print_report+0x118/0x5e0 [ 36.787949] kasan_report_invalid_free+0xb0/0xd8 [ 36.788291] __kasan_mempool_poison_object+0xfc/0x150 [ 36.789116] mempool_free+0x28c/0x328 [ 36.789595] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 36.790153] mempool_kmalloc_large_invalid_free+0xb8/0x110 [ 36.791351] kunit_try_run_case+0x14c/0x3d0 [ 36.792462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.793608] kthread+0x24c/0x2d0 [ 36.794100] ret_from_fork+0x10/0x20 [ 36.794834] [ 36.795105] The buggy address belongs to the physical page: [ 36.796258] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b94 [ 36.798459] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 36.799907] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 36.801588] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.803070] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.803840] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.806061] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.808051] head: 0bfffe0000000002 ffffc1ffc31ae501 ffffffffffffffff 0000000000000000 [ 36.809340] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 36.810348] page dumped because: kasan: bad access detected [ 36.811717] [ 36.812059] Memory state around the buggy address: [ 36.812375] fff00000c6b93f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.814343] fff00000c6b93f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.816138] >fff00000c6b94000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.817564] ^ [ 36.818669] fff00000c6b94080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.819799] fff00000c6b94100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.821511] ================================================================== [ 36.717060] ================================================================== [ 36.718683] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 36.719627] Free of addr fff00000c6122101 by task kunit_try_catch/230 [ 36.720660] [ 36.721659] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.723003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.723644] Hardware name: linux,dummy-virt (DT) [ 36.724353] Call trace: [ 36.724907] show_stack+0x20/0x38 (C) [ 36.725575] dump_stack_lvl+0x8c/0xd0 [ 36.726604] print_report+0x118/0x5e0 [ 36.727258] kasan_report_invalid_free+0xb0/0xd8 [ 36.728009] check_slab_allocation+0xfc/0x108 [ 36.728565] __kasan_mempool_poison_object+0x78/0x150 [ 36.729585] mempool_free+0x28c/0x328 [ 36.730222] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 36.731048] mempool_kmalloc_invalid_free+0xb8/0x110 [ 36.731811] kunit_try_run_case+0x14c/0x3d0 [ 36.732510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.733273] kthread+0x24c/0x2d0 [ 36.734253] ret_from_fork+0x10/0x20 [ 36.734875] [ 36.735177] Allocated by task 230: [ 36.735622] kasan_save_stack+0x3c/0x68 [ 36.736365] kasan_save_track+0x20/0x40 [ 36.737000] kasan_save_alloc_info+0x40/0x58 [ 36.737712] __kasan_mempool_unpoison_object+0x11c/0x180 [ 36.738560] remove_element+0x130/0x1f8 [ 36.739120] mempool_alloc_preallocated+0x58/0xc0 [ 36.739799] mempool_kmalloc_invalid_free_helper+0x94/0x2a0 [ 36.740666] mempool_kmalloc_invalid_free+0xb8/0x110 [ 36.741633] kunit_try_run_case+0x14c/0x3d0 [ 36.742297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.743173] kthread+0x24c/0x2d0 [ 36.743741] ret_from_fork+0x10/0x20 [ 36.744196] [ 36.744653] The buggy address belongs to the object at fff00000c6122100 [ 36.744653] which belongs to the cache kmalloc-128 of size 128 [ 36.746242] The buggy address is located 1 bytes inside of [ 36.746242] 128-byte region [fff00000c6122100, fff00000c6122180) [ 36.748962] [ 36.749838] The buggy address belongs to the physical page: [ 36.750333] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106122 [ 36.751560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.752746] page_type: f5(slab) [ 36.753496] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 36.754561] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.755705] page dumped because: kasan: bad access detected [ 36.756407] [ 36.756893] Memory state around the buggy address: [ 36.758031] fff00000c6122000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.759372] fff00000c6122080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.760165] >fff00000c6122100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.762481] ^ [ 36.762944] fff00000c6122180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.763862] fff00000c6122200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.765240] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 36.537928] ================================================================== [ 36.539523] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 36.540617] Free of addr fff00000c6a52900 by task kunit_try_catch/224 [ 36.542873] [ 36.543258] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.545380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.546012] Hardware name: linux,dummy-virt (DT) [ 36.546880] Call trace: [ 36.547464] show_stack+0x20/0x38 (C) [ 36.548257] dump_stack_lvl+0x8c/0xd0 [ 36.549159] print_report+0x118/0x5e0 [ 36.550005] kasan_report_invalid_free+0xb0/0xd8 [ 36.550665] check_slab_allocation+0xd4/0x108 [ 36.551343] __kasan_mempool_poison_object+0x78/0x150 [ 36.552422] mempool_free+0x28c/0x328 [ 36.552995] mempool_double_free_helper+0x150/0x2e0 [ 36.553578] mempool_kmalloc_double_free+0xb8/0x110 [ 36.555751] kunit_try_run_case+0x14c/0x3d0 [ 36.557799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.559890] kthread+0x24c/0x2d0 [ 36.560338] ret_from_fork+0x10/0x20 [ 36.562610] [ 36.563520] Allocated by task 224: [ 36.564834] kasan_save_stack+0x3c/0x68 [ 36.565996] kasan_save_track+0x20/0x40 [ 36.566779] kasan_save_alloc_info+0x40/0x58 [ 36.567553] __kasan_mempool_unpoison_object+0x11c/0x180 [ 36.568062] remove_element+0x130/0x1f8 [ 36.569018] mempool_alloc_preallocated+0x58/0xc0 [ 36.570804] mempool_double_free_helper+0x94/0x2e0 [ 36.571848] mempool_kmalloc_double_free+0xb8/0x110 [ 36.572421] kunit_try_run_case+0x14c/0x3d0 [ 36.573205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.574601] kthread+0x24c/0x2d0 [ 36.575171] ret_from_fork+0x10/0x20 [ 36.575778] [ 36.576243] Freed by task 224: [ 36.577463] kasan_save_stack+0x3c/0x68 [ 36.578143] kasan_save_track+0x20/0x40 [ 36.578953] kasan_save_free_info+0x4c/0x78 [ 36.579568] __kasan_mempool_poison_object+0xc0/0x150 [ 36.580362] mempool_free+0x28c/0x328 [ 36.581497] mempool_double_free_helper+0x100/0x2e0 [ 36.582579] mempool_kmalloc_double_free+0xb8/0x110 [ 36.583288] kunit_try_run_case+0x14c/0x3d0 [ 36.584058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.585492] kthread+0x24c/0x2d0 [ 36.585924] ret_from_fork+0x10/0x20 [ 36.586328] [ 36.586744] The buggy address belongs to the object at fff00000c6a52900 [ 36.586744] which belongs to the cache kmalloc-128 of size 128 [ 36.588208] The buggy address is located 0 bytes inside of [ 36.588208] 128-byte region [fff00000c6a52900, fff00000c6a52980) [ 36.590517] [ 36.590946] The buggy address belongs to the physical page: [ 36.591936] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a52 [ 36.593904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.595052] page_type: f5(slab) [ 36.595727] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 36.597198] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.598254] page dumped because: kasan: bad access detected [ 36.599087] [ 36.599476] Memory state around the buggy address: [ 36.600255] fff00000c6a52800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.601670] fff00000c6a52880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.602490] >fff00000c6a52900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.603636] ^ [ 36.604236] fff00000c6a52980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.605291] fff00000c6a52a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.607338] ================================================================== [ 36.671327] ================================================================== [ 36.673295] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 36.674272] Free of addr fff00000c6b84000 by task kunit_try_catch/228 [ 36.675275] [ 36.675632] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.677357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.677937] Hardware name: linux,dummy-virt (DT) [ 36.678830] Call trace: [ 36.679389] show_stack+0x20/0x38 (C) [ 36.680019] dump_stack_lvl+0x8c/0xd0 [ 36.681168] print_report+0x118/0x5e0 [ 36.681852] kasan_report_invalid_free+0xb0/0xd8 [ 36.682744] __kasan_mempool_poison_pages+0xe0/0xe8 [ 36.683659] mempool_free+0x24c/0x328 [ 36.684271] mempool_double_free_helper+0x150/0x2e0 [ 36.685413] mempool_page_alloc_double_free+0xb4/0x110 [ 36.686193] kunit_try_run_case+0x14c/0x3d0 [ 36.687013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.687892] kthread+0x24c/0x2d0 [ 36.688506] ret_from_fork+0x10/0x20 [ 36.689241] [ 36.689875] The buggy address belongs to the physical page: [ 36.691472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b84 [ 36.692225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.694125] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 36.695145] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.696741] page dumped because: kasan: bad access detected [ 36.697751] [ 36.698119] Memory state around the buggy address: [ 36.698825] fff00000c6b83f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.699758] fff00000c6b83f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.701070] >fff00000c6b84000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.702102] ^ [ 36.702797] fff00000c6b84080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.703752] fff00000c6b84100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.704783] ================================================================== [ 36.619425] ================================================================== [ 36.620967] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 36.622298] Free of addr fff00000c6b90000 by task kunit_try_catch/226 [ 36.623240] [ 36.623696] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.625142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.626420] Hardware name: linux,dummy-virt (DT) [ 36.627165] Call trace: [ 36.628057] show_stack+0x20/0x38 (C) [ 36.628803] dump_stack_lvl+0x8c/0xd0 [ 36.629285] print_report+0x118/0x5e0 [ 36.630115] kasan_report_invalid_free+0xb0/0xd8 [ 36.631478] __kasan_mempool_poison_object+0x14c/0x150 [ 36.632294] mempool_free+0x28c/0x328 [ 36.633265] mempool_double_free_helper+0x150/0x2e0 [ 36.634080] mempool_kmalloc_large_double_free+0xb8/0x110 [ 36.634838] kunit_try_run_case+0x14c/0x3d0 [ 36.635799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.637395] kthread+0x24c/0x2d0 [ 36.638134] ret_from_fork+0x10/0x20 [ 36.638793] [ 36.639107] The buggy address belongs to the physical page: [ 36.639816] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b90 [ 36.641564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 36.642475] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 36.643370] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.644839] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.646188] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.646840] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.647966] head: 0bfffe0000000002 ffffc1ffc31ae401 ffffffffffffffff 0000000000000000 [ 36.649317] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 36.650514] page dumped because: kasan: bad access detected [ 36.651322] [ 36.651861] Memory state around the buggy address: [ 36.652351] fff00000c6b8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.653963] fff00000c6b8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.654835] >fff00000c6b90000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.655772] ^ [ 36.656377] fff00000c6b90080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.657955] fff00000c6b90100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.659544] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 32.458981] ================================================================== [ 32.460885] BUG: KASAN: invalid-free in kfree+0x278/0x3d0 [ 32.461740] Free of addr fff00000c69f0001 by task kunit_try_catch/139 [ 32.462823] [ 32.463350] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.465260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.465977] Hardware name: linux,dummy-virt (DT) [ 32.466599] Call trace: [ 32.467079] show_stack+0x20/0x38 (C) [ 32.467740] dump_stack_lvl+0x8c/0xd0 [ 32.468391] print_report+0x118/0x5e0 [ 32.469521] kasan_report_invalid_free+0xb0/0xd8 [ 32.470191] __kasan_kfree_large+0x5c/0xa8 [ 32.471167] free_large_kmalloc+0x58/0x140 [ 32.472235] kfree+0x278/0x3d0 [ 32.473136] kmalloc_large_invalid_free+0x108/0x270 [ 32.473921] kunit_try_run_case+0x14c/0x3d0 [ 32.474671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.475470] kthread+0x24c/0x2d0 [ 32.476032] ret_from_fork+0x10/0x20 [ 32.477158] [ 32.477536] The buggy address belongs to the physical page: [ 32.478520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f0 [ 32.480505] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.481728] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.483019] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 32.483962] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.485186] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 32.486558] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.487490] head: 0bfffe0000000002 ffffc1ffc31a7c01 ffffffffffffffff 0000000000000000 [ 32.488402] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 32.489453] page dumped because: kasan: bad access detected [ 32.490110] [ 32.490544] Memory state around the buggy address: [ 32.491579] fff00000c69eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.492463] fff00000c69eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.493339] >fff00000c69f0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.495349] ^ [ 32.496257] fff00000c69f0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.497344] fff00000c69f0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.498237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 36.490308] ================================================================== [ 36.491789] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 36.492784] Read of size 1 at addr fff00000c6b90000 by task kunit_try_catch/222 [ 36.494702] [ 36.495501] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.497981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.498872] Hardware name: linux,dummy-virt (DT) [ 36.499601] Call trace: [ 36.500011] show_stack+0x20/0x38 (C) [ 36.501301] dump_stack_lvl+0x8c/0xd0 [ 36.502222] print_report+0x118/0x5e0 [ 36.502688] kasan_report+0xc8/0x118 [ 36.503552] __asan_report_load1_noabort+0x20/0x30 [ 36.504269] mempool_uaf_helper+0x314/0x340 [ 36.505269] mempool_page_alloc_uaf+0xb8/0x118 [ 36.505952] kunit_try_run_case+0x14c/0x3d0 [ 36.506638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.507493] kthread+0x24c/0x2d0 [ 36.508089] ret_from_fork+0x10/0x20 [ 36.509131] [ 36.509466] The buggy address belongs to the physical page: [ 36.510690] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b90 [ 36.511979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.513219] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 36.514365] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.515555] page dumped because: kasan: bad access detected [ 36.516550] [ 36.516990] Memory state around the buggy address: [ 36.517657] fff00000c6b8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.518759] fff00000c6b8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.519756] >fff00000c6b90000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.520874] ^ [ 36.521695] fff00000c6b90080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.522784] fff00000c6b90100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.523836] ================================================================== [ 36.354056] ================================================================== [ 36.355483] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 36.356877] Read of size 1 at addr fff00000c6b80000 by task kunit_try_catch/218 [ 36.358608] [ 36.358932] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.360730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.361674] Hardware name: linux,dummy-virt (DT) [ 36.362135] Call trace: [ 36.362847] show_stack+0x20/0x38 (C) [ 36.363412] dump_stack_lvl+0x8c/0xd0 [ 36.364011] print_report+0x118/0x5e0 [ 36.364994] kasan_report+0xc8/0x118 [ 36.365559] __asan_report_load1_noabort+0x20/0x30 [ 36.366338] mempool_uaf_helper+0x314/0x340 [ 36.368030] mempool_kmalloc_large_uaf+0xbc/0x118 [ 36.368763] kunit_try_run_case+0x14c/0x3d0 [ 36.369511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.370379] kthread+0x24c/0x2d0 [ 36.371018] ret_from_fork+0x10/0x20 [ 36.371624] [ 36.371977] The buggy address belongs to the physical page: [ 36.373418] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b80 [ 36.374170] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 36.375240] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 36.376143] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.377173] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.378277] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.380007] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.381267] head: 0bfffe0000000002 ffffc1ffc31ae001 ffffffffffffffff 0000000000000000 [ 36.382753] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 36.383773] page dumped because: kasan: bad access detected [ 36.384607] [ 36.384968] Memory state around the buggy address: [ 36.386041] fff00000c6b7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.387210] fff00000c6b7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.388402] >fff00000c6b80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.390203] ^ [ 36.390766] fff00000c6b80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.391905] fff00000c6b80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 36.393246] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 36.408197] ================================================================== [ 36.410607] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 36.411662] Read of size 1 at addr fff00000c6ad9240 by task kunit_try_catch/220 [ 36.412832] [ 36.413276] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.414714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.415351] Hardware name: linux,dummy-virt (DT) [ 36.416123] Call trace: [ 36.416578] show_stack+0x20/0x38 (C) [ 36.417868] dump_stack_lvl+0x8c/0xd0 [ 36.418580] print_report+0x118/0x5e0 [ 36.419179] kasan_report+0xc8/0x118 [ 36.419856] __asan_report_load1_noabort+0x20/0x30 [ 36.420642] mempool_uaf_helper+0x314/0x340 [ 36.421502] mempool_slab_uaf+0xb8/0x110 [ 36.422048] kunit_try_run_case+0x14c/0x3d0 [ 36.422665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.423531] kthread+0x24c/0x2d0 [ 36.424105] ret_from_fork+0x10/0x20 [ 36.425087] [ 36.425674] Allocated by task 220: [ 36.426283] kasan_save_stack+0x3c/0x68 [ 36.426908] kasan_save_track+0x20/0x40 [ 36.427625] kasan_save_alloc_info+0x40/0x58 [ 36.428285] __kasan_mempool_unpoison_object+0xbc/0x180 [ 36.429368] remove_element+0x16c/0x1f8 [ 36.430665] mempool_alloc_preallocated+0x58/0xc0 [ 36.431596] mempool_uaf_helper+0xa4/0x340 [ 36.432165] mempool_slab_uaf+0xb8/0x110 [ 36.433495] kunit_try_run_case+0x14c/0x3d0 [ 36.434136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.434924] kthread+0x24c/0x2d0 [ 36.435753] ret_from_fork+0x10/0x20 [ 36.436574] [ 36.437346] Freed by task 220: [ 36.438097] kasan_save_stack+0x3c/0x68 [ 36.438754] kasan_save_track+0x20/0x40 [ 36.439619] kasan_save_free_info+0x4c/0x78 [ 36.440331] __kasan_mempool_poison_object+0xc0/0x150 [ 36.441383] mempool_free+0x28c/0x328 [ 36.441945] mempool_uaf_helper+0x104/0x340 [ 36.443013] mempool_slab_uaf+0xb8/0x110 [ 36.443627] kunit_try_run_case+0x14c/0x3d0 [ 36.444310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.445421] kthread+0x24c/0x2d0 [ 36.445927] ret_from_fork+0x10/0x20 [ 36.446457] [ 36.446773] The buggy address belongs to the object at fff00000c6ad9240 [ 36.446773] which belongs to the cache test_cache of size 123 [ 36.448377] The buggy address is located 0 bytes inside of [ 36.448377] freed 123-byte region [fff00000c6ad9240, fff00000c6ad92bb) [ 36.450596] [ 36.450897] The buggy address belongs to the physical page: [ 36.451781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ad9 [ 36.453123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.454374] page_type: f5(slab) [ 36.455073] raw: 0bfffe0000000000 fff00000c408cb40 dead000000000122 0000000000000000 [ 36.456566] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 36.458242] page dumped because: kasan: bad access detected [ 36.459006] [ 36.459677] Memory state around the buggy address: [ 36.460247] fff00000c6ad9100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.461709] fff00000c6ad9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.463199] >fff00000c6ad9200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 36.464047] ^ [ 36.465398] fff00000c6ad9280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 36.466423] fff00000c6ad9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.467544] ================================================================== [ 36.270239] ================================================================== [ 36.271752] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 36.273605] Read of size 1 at addr fff00000c6a52100 by task kunit_try_catch/216 [ 36.274932] [ 36.275313] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.276815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.277462] Hardware name: linux,dummy-virt (DT) [ 36.278165] Call trace: [ 36.278802] show_stack+0x20/0x38 (C) [ 36.279524] dump_stack_lvl+0x8c/0xd0 [ 36.280370] print_report+0x118/0x5e0 [ 36.281382] kasan_report+0xc8/0x118 [ 36.282282] __asan_report_load1_noabort+0x20/0x30 [ 36.282908] mempool_uaf_helper+0x314/0x340 [ 36.283630] mempool_kmalloc_uaf+0xbc/0x118 [ 36.284892] kunit_try_run_case+0x14c/0x3d0 [ 36.286501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.287091] kthread+0x24c/0x2d0 [ 36.288278] ret_from_fork+0x10/0x20 [ 36.290117] [ 36.290867] Allocated by task 216: [ 36.292296] kasan_save_stack+0x3c/0x68 [ 36.293270] kasan_save_track+0x20/0x40 [ 36.296293] kasan_save_alloc_info+0x40/0x58 [ 36.297357] __kasan_mempool_unpoison_object+0x11c/0x180 [ 36.298188] remove_element+0x130/0x1f8 [ 36.299960] mempool_alloc_preallocated+0x58/0xc0 [ 36.301225] mempool_uaf_helper+0xa4/0x340 [ 36.302526] mempool_kmalloc_uaf+0xbc/0x118 [ 36.302982] kunit_try_run_case+0x14c/0x3d0 [ 36.304285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.304979] kthread+0x24c/0x2d0 [ 36.306152] ret_from_fork+0x10/0x20 [ 36.307280] [ 36.308142] Freed by task 216: [ 36.309108] kasan_save_stack+0x3c/0x68 [ 36.310038] kasan_save_track+0x20/0x40 [ 36.311009] kasan_save_free_info+0x4c/0x78 [ 36.311933] __kasan_mempool_poison_object+0xc0/0x150 [ 36.312784] mempool_free+0x28c/0x328 [ 36.313870] mempool_uaf_helper+0x104/0x340 [ 36.314701] mempool_kmalloc_uaf+0xbc/0x118 [ 36.315403] kunit_try_run_case+0x14c/0x3d0 [ 36.316092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.316977] kthread+0x24c/0x2d0 [ 36.317984] ret_from_fork+0x10/0x20 [ 36.319139] [ 36.319484] The buggy address belongs to the object at fff00000c6a52100 [ 36.319484] which belongs to the cache kmalloc-128 of size 128 [ 36.321074] The buggy address is located 0 bytes inside of [ 36.321074] freed 128-byte region [fff00000c6a52100, fff00000c6a52180) [ 36.322402] [ 36.323065] The buggy address belongs to the physical page: [ 36.324249] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a52 [ 36.325429] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.326533] page_type: f5(slab) [ 36.327094] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 36.328132] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.329151] page dumped because: kasan: bad access detected [ 36.330324] [ 36.330613] Memory state around the buggy address: [ 36.331876] fff00000c6a52000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.333382] fff00000c6a52080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.334866] >fff00000c6a52100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.335892] ^ [ 36.336641] fff00000c6a52180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.337500] fff00000c6a52200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.338686] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 36.086125] ================================================================== [ 36.087481] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 36.088355] Read of size 1 at addr fff00000c6a99073 by task kunit_try_catch/210 [ 36.089313] [ 36.089692] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.091603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.092193] Hardware name: linux,dummy-virt (DT) [ 36.093272] Call trace: [ 36.093713] show_stack+0x20/0x38 (C) [ 36.094333] dump_stack_lvl+0x8c/0xd0 [ 36.094883] print_report+0x118/0x5e0 [ 36.095577] kasan_report+0xc8/0x118 [ 36.096156] __asan_report_load1_noabort+0x20/0x30 [ 36.097410] mempool_oob_right_helper+0x2ac/0x2f0 [ 36.098155] mempool_kmalloc_oob_right+0xbc/0x118 [ 36.098582] kunit_try_run_case+0x14c/0x3d0 [ 36.099269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.100150] kthread+0x24c/0x2d0 [ 36.100923] ret_from_fork+0x10/0x20 [ 36.101959] [ 36.102388] Allocated by task 210: [ 36.102983] kasan_save_stack+0x3c/0x68 [ 36.103648] kasan_save_track+0x20/0x40 [ 36.104341] kasan_save_alloc_info+0x40/0x58 [ 36.105391] __kasan_mempool_unpoison_object+0x11c/0x180 [ 36.106297] remove_element+0x130/0x1f8 [ 36.106860] mempool_alloc_preallocated+0x58/0xc0 [ 36.107552] mempool_oob_right_helper+0x98/0x2f0 [ 36.108331] mempool_kmalloc_oob_right+0xbc/0x118 [ 36.109666] kunit_try_run_case+0x14c/0x3d0 [ 36.110266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.111111] kthread+0x24c/0x2d0 [ 36.111609] ret_from_fork+0x10/0x20 [ 36.112154] [ 36.112899] The buggy address belongs to the object at fff00000c6a99000 [ 36.112899] which belongs to the cache kmalloc-128 of size 128 [ 36.114394] The buggy address is located 0 bytes to the right of [ 36.114394] allocated 115-byte region [fff00000c6a99000, fff00000c6a99073) [ 36.116169] [ 36.117023] The buggy address belongs to the physical page: [ 36.117872] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a99 [ 36.118787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.119832] page_type: f5(slab) [ 36.120313] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 36.121744] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 36.122599] page dumped because: kasan: bad access detected [ 36.123279] [ 36.123587] Memory state around the buggy address: [ 36.124259] fff00000c6a98f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.125668] fff00000c6a98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.126694] >fff00000c6a99000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 36.127593] ^ [ 36.129026] fff00000c6a99080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.129782] fff00000c6a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 36.130621] ================================================================== [ 36.195325] ================================================================== [ 36.197702] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 36.198662] Read of size 1 at addr fff00000c63312bb by task kunit_try_catch/214 [ 36.199772] [ 36.200153] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.201911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.202849] Hardware name: linux,dummy-virt (DT) [ 36.203399] Call trace: [ 36.203825] show_stack+0x20/0x38 (C) [ 36.204391] dump_stack_lvl+0x8c/0xd0 [ 36.205187] print_report+0x118/0x5e0 [ 36.206256] kasan_report+0xc8/0x118 [ 36.207041] __asan_report_load1_noabort+0x20/0x30 [ 36.207717] mempool_oob_right_helper+0x2ac/0x2f0 [ 36.208533] mempool_slab_oob_right+0xb8/0x110 [ 36.209355] kunit_try_run_case+0x14c/0x3d0 [ 36.210311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.211135] kthread+0x24c/0x2d0 [ 36.211751] ret_from_fork+0x10/0x20 [ 36.212514] [ 36.213026] Allocated by task 214: [ 36.213500] kasan_save_stack+0x3c/0x68 [ 36.214355] kasan_save_track+0x20/0x40 [ 36.215367] kasan_save_alloc_info+0x40/0x58 [ 36.216274] __kasan_mempool_unpoison_object+0xbc/0x180 [ 36.217381] remove_element+0x16c/0x1f8 [ 36.218371] mempool_alloc_preallocated+0x58/0xc0 [ 36.219048] mempool_oob_right_helper+0x98/0x2f0 [ 36.219889] mempool_slab_oob_right+0xb8/0x110 [ 36.220891] kunit_try_run_case+0x14c/0x3d0 [ 36.221482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.222849] kthread+0x24c/0x2d0 [ 36.223819] ret_from_fork+0x10/0x20 [ 36.224572] [ 36.224867] The buggy address belongs to the object at fff00000c6331240 [ 36.224867] which belongs to the cache test_cache of size 123 [ 36.226396] The buggy address is located 0 bytes to the right of [ 36.226396] allocated 123-byte region [fff00000c6331240, fff00000c63312bb) [ 36.228177] [ 36.228715] The buggy address belongs to the physical page: [ 36.229543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331 [ 36.230947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 36.232133] page_type: f5(slab) [ 36.232725] raw: 0bfffe0000000000 fff00000c408ca00 dead000000000122 0000000000000000 [ 36.234236] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 36.235105] page dumped because: kasan: bad access detected [ 36.236395] [ 36.236830] Memory state around the buggy address: [ 36.237612] fff00000c6331180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 36.238911] fff00000c6331200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 36.239555] >fff00000c6331280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 36.241144] ^ [ 36.241969] fff00000c6331300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.243242] fff00000c6331380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 36.244146] ================================================================== [ 36.143749] ================================================================== [ 36.145051] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 36.145937] Read of size 1 at addr fff00000c6b82001 by task kunit_try_catch/212 [ 36.147026] [ 36.147360] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 36.149953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.150666] Hardware name: linux,dummy-virt (DT) [ 36.151304] Call trace: [ 36.151726] show_stack+0x20/0x38 (C) [ 36.152304] dump_stack_lvl+0x8c/0xd0 [ 36.153506] print_report+0x118/0x5e0 [ 36.154270] kasan_report+0xc8/0x118 [ 36.155068] __asan_report_load1_noabort+0x20/0x30 [ 36.155803] mempool_oob_right_helper+0x2ac/0x2f0 [ 36.156459] mempool_kmalloc_large_oob_right+0xbc/0x118 [ 36.157213] kunit_try_run_case+0x14c/0x3d0 [ 36.158320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 36.159059] kthread+0x24c/0x2d0 [ 36.159682] ret_from_fork+0x10/0x20 [ 36.160261] [ 36.160654] The buggy address belongs to the physical page: [ 36.161733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b80 [ 36.162657] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 36.163516] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 36.164380] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.166350] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.167778] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 36.169035] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 36.170400] head: 0bfffe0000000002 ffffc1ffc31ae001 ffffffffffffffff 0000000000000000 [ 36.171507] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 36.172409] page dumped because: kasan: bad access detected [ 36.173552] [ 36.173957] Memory state around the buggy address: [ 36.174782] fff00000c6b81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.175802] fff00000c6b81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 36.177175] >fff00000c6b82000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 36.178225] ^ [ 36.178791] fff00000c6b82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 36.179676] fff00000c6b82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 36.180910] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 35.443185] ================================================================== [ 35.444418] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x17c/0x2f8 [ 35.445365] Read of size 1 at addr fff00000c408c780 by task kunit_try_catch/204 [ 35.446959] [ 35.447487] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.449253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.450018] Hardware name: linux,dummy-virt (DT) [ 35.450941] Call trace: [ 35.451551] show_stack+0x20/0x38 (C) [ 35.452181] dump_stack_lvl+0x8c/0xd0 [ 35.453107] print_report+0x118/0x5e0 [ 35.453805] kasan_report+0xc8/0x118 [ 35.454409] __kasan_check_byte+0x54/0x70 [ 35.455244] kmem_cache_destroy+0x34/0x218 [ 35.455881] kmem_cache_double_destroy+0x17c/0x2f8 [ 35.456757] kunit_try_run_case+0x14c/0x3d0 [ 35.457531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.458243] kthread+0x24c/0x2d0 [ 35.458924] ret_from_fork+0x10/0x20 [ 35.459428] [ 35.459877] Allocated by task 204: [ 35.460755] kasan_save_stack+0x3c/0x68 [ 35.461373] kasan_save_track+0x20/0x40 [ 35.461932] kasan_save_alloc_info+0x40/0x58 [ 35.462621] __kasan_slab_alloc+0xa8/0xb0 [ 35.463203] kmem_cache_alloc_noprof+0x108/0x3a0 [ 35.463887] __kmem_cache_create_args+0x18c/0x2b0 [ 35.465205] kmem_cache_double_destroy+0xc8/0x2f8 [ 35.466097] kunit_try_run_case+0x14c/0x3d0 [ 35.466655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.467597] kthread+0x24c/0x2d0 [ 35.468164] ret_from_fork+0x10/0x20 [ 35.468763] [ 35.469113] Freed by task 204: [ 35.469627] kasan_save_stack+0x3c/0x68 [ 35.470339] kasan_save_track+0x20/0x40 [ 35.470921] kasan_save_free_info+0x4c/0x78 [ 35.471589] __kasan_slab_free+0x6c/0x98 [ 35.472106] kmem_cache_free+0x118/0x470 [ 35.472742] slab_kmem_cache_release+0x38/0x50 [ 35.473374] kmem_cache_release+0x1c/0x30 [ 35.474037] kobject_put+0x17c/0x430 [ 35.474845] sysfs_slab_release+0x1c/0x30 [ 35.475350] kmem_cache_destroy+0x118/0x218 [ 35.476150] kmem_cache_double_destroy+0x130/0x2f8 [ 35.476729] kunit_try_run_case+0x14c/0x3d0 [ 35.477537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.478129] kthread+0x24c/0x2d0 [ 35.479200] ret_from_fork+0x10/0x20 [ 35.479799] [ 35.480220] The buggy address belongs to the object at fff00000c408c780 [ 35.480220] which belongs to the cache kmem_cache of size 208 [ 35.482611] The buggy address is located 0 bytes inside of [ 35.482611] freed 208-byte region [fff00000c408c780, fff00000c408c850) [ 35.484863] [ 35.485384] The buggy address belongs to the physical page: [ 35.486976] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10408c [ 35.488140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.488982] page_type: f5(slab) [ 35.489567] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 35.490499] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 35.491476] page dumped because: kasan: bad access detected [ 35.492295] [ 35.492586] Memory state around the buggy address: [ 35.493240] fff00000c408c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.494253] fff00000c408c700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.495108] >fff00000c408c780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.496165] ^ [ 35.497114] fff00000c408c800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 35.497967] fff00000c408c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.498668] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 35.317798] ================================================================== [ 35.319306] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x390/0x468 [ 35.320363] Read of size 1 at addr fff00000c6afc000 by task kunit_try_catch/202 [ 35.321711] [ 35.322859] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.324506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.325684] Hardware name: linux,dummy-virt (DT) [ 35.326506] Call trace: [ 35.326928] show_stack+0x20/0x38 (C) [ 35.327750] dump_stack_lvl+0x8c/0xd0 [ 35.328585] print_report+0x118/0x5e0 [ 35.329139] kasan_report+0xc8/0x118 [ 35.329704] __asan_report_load1_noabort+0x20/0x30 [ 35.331053] kmem_cache_rcu_uaf+0x390/0x468 [ 35.332184] kunit_try_run_case+0x14c/0x3d0 [ 35.332867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.334045] kthread+0x24c/0x2d0 [ 35.334605] ret_from_fork+0x10/0x20 [ 35.335314] [ 35.335802] Allocated by task 202: [ 35.336360] kasan_save_stack+0x3c/0x68 [ 35.337370] kasan_save_track+0x20/0x40 [ 35.338099] kasan_save_alloc_info+0x40/0x58 [ 35.339018] __kasan_slab_alloc+0xa8/0xb0 [ 35.339326] kmem_cache_alloc_noprof+0x108/0x3a0 [ 35.340195] kmem_cache_rcu_uaf+0x12c/0x468 [ 35.340806] kunit_try_run_case+0x14c/0x3d0 [ 35.341879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.343260] kthread+0x24c/0x2d0 [ 35.343701] ret_from_fork+0x10/0x20 [ 35.344182] [ 35.344879] Freed by task 0: [ 35.345353] kasan_save_stack+0x3c/0x68 [ 35.346190] kasan_save_track+0x20/0x40 [ 35.346940] kasan_save_free_info+0x4c/0x78 [ 35.347614] __kasan_slab_free+0x6c/0x98 [ 35.348803] slab_free_after_rcu_debug+0xd4/0x2f8 [ 35.349350] rcu_core+0xa54/0x1df8 [ 35.350203] rcu_core_si+0x18/0x30 [ 35.351958] handle_softirqs+0x374/0xb20 [ 35.353030] __do_softirq+0x1c/0x28 [ 35.353632] [ 35.353917] Last potentially related work creation: [ 35.354896] kasan_save_stack+0x3c/0x68 [ 35.355671] __kasan_record_aux_stack+0xbc/0xe8 [ 35.356420] kasan_record_aux_stack_noalloc+0x14/0x20 [ 35.357636] kmem_cache_free+0x28c/0x470 [ 35.359026] kmem_cache_rcu_uaf+0x16c/0x468 [ 35.359701] kunit_try_run_case+0x14c/0x3d0 [ 35.360329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.361063] kthread+0x24c/0x2d0 [ 35.361589] ret_from_fork+0x10/0x20 [ 35.362755] [ 35.363178] The buggy address belongs to the object at fff00000c6afc000 [ 35.363178] which belongs to the cache test_cache of size 200 [ 35.365626] The buggy address is located 0 bytes inside of [ 35.365626] freed 200-byte region [fff00000c6afc000, fff00000c6afc0c8) [ 35.368164] [ 35.368974] The buggy address belongs to the physical page: [ 35.369915] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106afc [ 35.371017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.371792] page_type: f5(slab) [ 35.372407] raw: 0bfffe0000000000 fff00000c408c640 dead000000000122 0000000000000000 [ 35.373947] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 35.374922] page dumped because: kasan: bad access detected [ 35.375603] [ 35.376076] Memory state around the buggy address: [ 35.377271] fff00000c6afbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.378263] fff00000c6afbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.379072] >fff00000c6afc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.380061] ^ [ 35.380525] fff00000c6afc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 35.381983] fff00000c6afc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.382893] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 35.183521] ================================================================== [ 35.185553] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3b8 [ 35.187228] Free of addr fff00000c6afa001 by task kunit_try_catch/200 [ 35.189099] [ 35.189937] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.191151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.191831] Hardware name: linux,dummy-virt (DT) [ 35.193118] Call trace: [ 35.193600] show_stack+0x20/0x38 (C) [ 35.194278] dump_stack_lvl+0x8c/0xd0 [ 35.195215] print_report+0x118/0x5e0 [ 35.196074] kasan_report_invalid_free+0xb0/0xd8 [ 35.197073] check_slab_allocation+0xfc/0x108 [ 35.198059] __kasan_slab_pre_free+0x2c/0x48 [ 35.199161] kmem_cache_free+0xf0/0x470 [ 35.199883] kmem_cache_invalid_free+0x184/0x3b8 [ 35.200370] kunit_try_run_case+0x14c/0x3d0 [ 35.201275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.202723] kthread+0x24c/0x2d0 [ 35.203330] ret_from_fork+0x10/0x20 [ 35.204183] [ 35.204735] Allocated by task 200: [ 35.205198] kasan_save_stack+0x3c/0x68 [ 35.205922] kasan_save_track+0x20/0x40 [ 35.207204] kasan_save_alloc_info+0x40/0x58 [ 35.207899] __kasan_slab_alloc+0xa8/0xb0 [ 35.209125] kmem_cache_alloc_noprof+0x108/0x3a0 [ 35.209903] kmem_cache_invalid_free+0x12c/0x3b8 [ 35.210963] kunit_try_run_case+0x14c/0x3d0 [ 35.211634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.212903] kthread+0x24c/0x2d0 [ 35.213959] ret_from_fork+0x10/0x20 [ 35.214526] [ 35.214842] The buggy address belongs to the object at fff00000c6afa000 [ 35.214842] which belongs to the cache test_cache of size 200 [ 35.216929] The buggy address is located 1 bytes inside of [ 35.216929] 200-byte region [fff00000c6afa000, fff00000c6afa0c8) [ 35.218656] [ 35.219077] The buggy address belongs to the physical page: [ 35.219934] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106afa [ 35.221969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.222717] page_type: f5(slab) [ 35.223409] raw: 0bfffe0000000000 fff00000c408c500 dead000000000122 0000000000000000 [ 35.225423] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 35.227104] page dumped because: kasan: bad access detected [ 35.227883] [ 35.228214] Memory state around the buggy address: [ 35.229613] fff00000c6af9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.230966] fff00000c6af9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.231751] >fff00000c6afa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.232329] ^ [ 35.232705] fff00000c6afa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 35.234757] fff00000c6afa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.235379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 35.102753] ================================================================== [ 35.103537] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 35.104771] Free of addr fff00000c6af7000 by task kunit_try_catch/198 [ 35.106416] [ 35.107057] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.109307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.110337] Hardware name: linux,dummy-virt (DT) [ 35.111064] Call trace: [ 35.111592] show_stack+0x20/0x38 (C) [ 35.112295] dump_stack_lvl+0x8c/0xd0 [ 35.113149] print_report+0x118/0x5e0 [ 35.113715] kasan_report_invalid_free+0xb0/0xd8 [ 35.114845] check_slab_allocation+0xd4/0x108 [ 35.115542] __kasan_slab_pre_free+0x2c/0x48 [ 35.116235] kmem_cache_free+0xf0/0x470 [ 35.116889] kmem_cache_double_free+0x190/0x3c8 [ 35.117646] kunit_try_run_case+0x14c/0x3d0 [ 35.118596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.119575] kthread+0x24c/0x2d0 [ 35.120192] ret_from_fork+0x10/0x20 [ 35.120833] [ 35.121700] Allocated by task 198: [ 35.122185] kasan_save_stack+0x3c/0x68 [ 35.122999] kasan_save_track+0x20/0x40 [ 35.123739] kasan_save_alloc_info+0x40/0x58 [ 35.124509] __kasan_slab_alloc+0xa8/0xb0 [ 35.125521] kmem_cache_alloc_noprof+0x108/0x3a0 [ 35.126769] kmem_cache_double_free+0x12c/0x3c8 [ 35.127835] kunit_try_run_case+0x14c/0x3d0 [ 35.128663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.130558] kthread+0x24c/0x2d0 [ 35.131487] ret_from_fork+0x10/0x20 [ 35.132272] [ 35.133019] Freed by task 198: [ 35.133488] kasan_save_stack+0x3c/0x68 [ 35.134589] kasan_save_track+0x20/0x40 [ 35.135090] kasan_save_free_info+0x4c/0x78 [ 35.136597] __kasan_slab_free+0x6c/0x98 [ 35.137158] kmem_cache_free+0x118/0x470 [ 35.137974] kmem_cache_double_free+0x140/0x3c8 [ 35.138713] kunit_try_run_case+0x14c/0x3d0 [ 35.139424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.140245] kthread+0x24c/0x2d0 [ 35.140854] ret_from_fork+0x10/0x20 [ 35.141561] [ 35.141832] The buggy address belongs to the object at fff00000c6af7000 [ 35.141832] which belongs to the cache test_cache of size 200 [ 35.143561] The buggy address is located 0 bytes inside of [ 35.143561] 200-byte region [fff00000c6af7000, fff00000c6af70c8) [ 35.145265] [ 35.145834] The buggy address belongs to the physical page: [ 35.146651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106af7 [ 35.147892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.148799] page_type: f5(slab) [ 35.149337] raw: 0bfffe0000000000 fff00000c408c3c0 dead000000000122 0000000000000000 [ 35.150529] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 35.151572] page dumped because: kasan: bad access detected [ 35.152278] [ 35.152650] Memory state around the buggy address: [ 35.153281] fff00000c6af6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.154101] fff00000c6af6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.155509] >fff00000c6af7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 35.156848] ^ [ 35.157636] fff00000c6af7080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 35.158767] fff00000c6af7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.159895] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 35.007310] ================================================================== [ 35.008636] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x33c/0x428 [ 35.009553] Read of size 1 at addr fff00000c6af50c8 by task kunit_try_catch/196 [ 35.010466] [ 35.010952] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 35.012128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.013104] Hardware name: linux,dummy-virt (DT) [ 35.013889] Call trace: [ 35.014684] show_stack+0x20/0x38 (C) [ 35.015665] dump_stack_lvl+0x8c/0xd0 [ 35.017102] print_report+0x118/0x5e0 [ 35.018074] kasan_report+0xc8/0x118 [ 35.019127] __asan_report_load1_noabort+0x20/0x30 [ 35.019928] kmem_cache_oob+0x33c/0x428 [ 35.020739] kunit_try_run_case+0x14c/0x3d0 [ 35.022319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.023371] kthread+0x24c/0x2d0 [ 35.024118] ret_from_fork+0x10/0x20 [ 35.025582] [ 35.026070] Allocated by task 196: [ 35.026619] kasan_save_stack+0x3c/0x68 [ 35.027164] kasan_save_track+0x20/0x40 [ 35.027880] kasan_save_alloc_info+0x40/0x58 [ 35.028540] __kasan_slab_alloc+0xa8/0xb0 [ 35.029180] kmem_cache_alloc_noprof+0x108/0x3a0 [ 35.029752] kmem_cache_oob+0x12c/0x428 [ 35.031148] kunit_try_run_case+0x14c/0x3d0 [ 35.031985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 35.032692] kthread+0x24c/0x2d0 [ 35.033321] ret_from_fork+0x10/0x20 [ 35.034535] [ 35.034896] The buggy address belongs to the object at fff00000c6af5000 [ 35.034896] which belongs to the cache test_cache of size 200 [ 35.036333] The buggy address is located 0 bytes to the right of [ 35.036333] allocated 200-byte region [fff00000c6af5000, fff00000c6af50c8) [ 35.038795] [ 35.039234] The buggy address belongs to the physical page: [ 35.040043] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106af5 [ 35.041730] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 35.042365] page_type: f5(slab) [ 35.043035] raw: 0bfffe0000000000 fff00000c408c280 dead000000000122 0000000000000000 [ 35.044171] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 35.045558] page dumped because: kasan: bad access detected [ 35.046409] [ 35.047207] Memory state around the buggy address: [ 35.049279] fff00000c6af4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.051375] fff00000c6af5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 35.053498] >fff00000c6af5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 35.054768] ^ [ 35.055512] fff00000c6af5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.056845] fff00000c6af5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 35.057695] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 34.332551] ================================================================== [ 34.333751] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 34.334543] Free of addr fff00000c6105320 by task kunit_try_catch/181 [ 34.335307] [ 34.335893] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.337876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.338584] Hardware name: linux,dummy-virt (DT) [ 34.339360] Call trace: [ 34.339785] show_stack+0x20/0x38 (C) [ 34.340926] dump_stack_lvl+0x8c/0xd0 [ 34.341837] print_report+0x118/0x5e0 [ 34.343002] kasan_report_invalid_free+0xb0/0xd8 [ 34.343903] check_slab_allocation+0xd4/0x108 [ 34.344839] __kasan_slab_pre_free+0x2c/0x48 [ 34.345687] kfree+0xe8/0x3d0 [ 34.346894] kfree_sensitive+0x3c/0xb0 [ 34.347580] kmalloc_double_kzfree+0x168/0x308 [ 34.348366] kunit_try_run_case+0x14c/0x3d0 [ 34.349793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.351848] kthread+0x24c/0x2d0 [ 34.353164] ret_from_fork+0x10/0x20 [ 34.353654] [ 34.354120] Allocated by task 181: [ 34.354560] kasan_save_stack+0x3c/0x68 [ 34.355424] kasan_save_track+0x20/0x40 [ 34.356098] kasan_save_alloc_info+0x40/0x58 [ 34.356766] __kasan_kmalloc+0xd4/0xd8 [ 34.357718] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.358738] kmalloc_double_kzfree+0xb8/0x308 [ 34.359221] kunit_try_run_case+0x14c/0x3d0 [ 34.360168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.361712] kthread+0x24c/0x2d0 [ 34.362129] ret_from_fork+0x10/0x20 [ 34.363037] [ 34.363564] Freed by task 181: [ 34.364290] kasan_save_stack+0x3c/0x68 [ 34.365221] kasan_save_track+0x20/0x40 [ 34.366175] kasan_save_free_info+0x4c/0x78 [ 34.366694] __kasan_slab_free+0x6c/0x98 [ 34.367113] kfree+0x114/0x3d0 [ 34.368232] kfree_sensitive+0x80/0xb0 [ 34.369461] kmalloc_double_kzfree+0x11c/0x308 [ 34.371237] kunit_try_run_case+0x14c/0x3d0 [ 34.372617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.373983] kthread+0x24c/0x2d0 [ 34.374886] ret_from_fork+0x10/0x20 [ 34.375820] [ 34.376297] The buggy address belongs to the object at fff00000c6105320 [ 34.376297] which belongs to the cache kmalloc-16 of size 16 [ 34.378937] The buggy address is located 0 bytes inside of [ 34.378937] 16-byte region [fff00000c6105320, fff00000c6105330) [ 34.381295] [ 34.382139] The buggy address belongs to the physical page: [ 34.383770] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106105 [ 34.385882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.387193] page_type: f5(slab) [ 34.387963] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.390378] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.391339] page dumped because: kasan: bad access detected [ 34.393083] [ 34.393628] Memory state around the buggy address: [ 34.394255] fff00000c6105200: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 34.395285] fff00000c6105280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.397414] >fff00000c6105300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 34.398717] ^ [ 34.399409] fff00000c6105380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.400378] fff00000c6105400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.401342] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 34.269309] ================================================================== [ 34.271334] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 34.272287] Read of size 1 at addr fff00000c6105320 by task kunit_try_catch/181 [ 34.273980] [ 34.274568] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.275946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.276686] Hardware name: linux,dummy-virt (DT) [ 34.277184] Call trace: [ 34.278416] show_stack+0x20/0x38 (C) [ 34.279094] dump_stack_lvl+0x8c/0xd0 [ 34.279761] print_report+0x118/0x5e0 [ 34.280909] kasan_report+0xc8/0x118 [ 34.281359] __kasan_check_byte+0x54/0x70 [ 34.282099] kfree_sensitive+0x30/0xb0 [ 34.282803] kmalloc_double_kzfree+0x168/0x308 [ 34.283609] kunit_try_run_case+0x14c/0x3d0 [ 34.284367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.285585] kthread+0x24c/0x2d0 [ 34.286357] ret_from_fork+0x10/0x20 [ 34.286828] [ 34.287080] Allocated by task 181: [ 34.287465] kasan_save_stack+0x3c/0x68 [ 34.288848] kasan_save_track+0x20/0x40 [ 34.289657] kasan_save_alloc_info+0x40/0x58 [ 34.290975] __kasan_kmalloc+0xd4/0xd8 [ 34.291732] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.292733] kmalloc_double_kzfree+0xb8/0x308 [ 34.294411] kunit_try_run_case+0x14c/0x3d0 [ 34.294961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.295910] kthread+0x24c/0x2d0 [ 34.296183] ret_from_fork+0x10/0x20 [ 34.296668] [ 34.297404] Freed by task 181: [ 34.298410] kasan_save_stack+0x3c/0x68 [ 34.299204] kasan_save_track+0x20/0x40 [ 34.299824] kasan_save_free_info+0x4c/0x78 [ 34.300797] __kasan_slab_free+0x6c/0x98 [ 34.301654] kfree+0x114/0x3d0 [ 34.302062] kfree_sensitive+0x80/0xb0 [ 34.302492] kmalloc_double_kzfree+0x11c/0x308 [ 34.303040] kunit_try_run_case+0x14c/0x3d0 [ 34.303670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.304757] kthread+0x24c/0x2d0 [ 34.305690] ret_from_fork+0x10/0x20 [ 34.307139] [ 34.307674] The buggy address belongs to the object at fff00000c6105320 [ 34.307674] which belongs to the cache kmalloc-16 of size 16 [ 34.309109] The buggy address is located 0 bytes inside of [ 34.309109] freed 16-byte region [fff00000c6105320, fff00000c6105330) [ 34.310417] [ 34.310954] The buggy address belongs to the physical page: [ 34.313126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106105 [ 34.314576] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.315725] page_type: f5(slab) [ 34.316134] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.318621] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.319855] page dumped because: kasan: bad access detected [ 34.321172] [ 34.321605] Memory state around the buggy address: [ 34.322083] fff00000c6105200: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 34.323422] fff00000c6105280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.324587] >fff00000c6105300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 34.325948] ^ [ 34.326607] fff00000c6105380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.327459] fff00000c6105400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.328803] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 34.110508] ================================================================== [ 34.111558] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 34.112473] Write of size 33 at addr fff00000c63c3780 by task kunit_try_catch/175 [ 34.113316] [ 34.113825] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.115053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.116184] Hardware name: linux,dummy-virt (DT) [ 34.117176] Call trace: [ 34.117602] show_stack+0x20/0x38 (C) [ 34.118312] dump_stack_lvl+0x8c/0xd0 [ 34.119075] print_report+0x118/0x5e0 [ 34.119778] kasan_report+0xc8/0x118 [ 34.120306] kasan_check_range+0x100/0x1a8 [ 34.121489] __asan_memset+0x34/0x78 [ 34.122091] kmalloc_uaf_memset+0x170/0x310 [ 34.122828] kunit_try_run_case+0x14c/0x3d0 [ 34.123570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.124909] kthread+0x24c/0x2d0 [ 34.125455] ret_from_fork+0x10/0x20 [ 34.126125] [ 34.126424] Allocated by task 175: [ 34.126872] kasan_save_stack+0x3c/0x68 [ 34.127587] kasan_save_track+0x20/0x40 [ 34.128342] kasan_save_alloc_info+0x40/0x58 [ 34.129821] __kasan_kmalloc+0xd4/0xd8 [ 34.130559] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.131360] kmalloc_uaf_memset+0xb8/0x310 [ 34.131896] kunit_try_run_case+0x14c/0x3d0 [ 34.133057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.133839] kthread+0x24c/0x2d0 [ 34.134356] ret_from_fork+0x10/0x20 [ 34.135001] [ 34.135338] Freed by task 175: [ 34.135880] kasan_save_stack+0x3c/0x68 [ 34.136494] kasan_save_track+0x20/0x40 [ 34.137072] kasan_save_free_info+0x4c/0x78 [ 34.138181] __kasan_slab_free+0x6c/0x98 [ 34.138944] kfree+0x114/0x3d0 [ 34.139563] kmalloc_uaf_memset+0x11c/0x310 [ 34.140209] kunit_try_run_case+0x14c/0x3d0 [ 34.141512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.142385] kthread+0x24c/0x2d0 [ 34.142883] ret_from_fork+0x10/0x20 [ 34.143552] [ 34.143830] The buggy address belongs to the object at fff00000c63c3780 [ 34.143830] which belongs to the cache kmalloc-64 of size 64 [ 34.145698] The buggy address is located 0 bytes inside of [ 34.145698] freed 64-byte region [fff00000c63c3780, fff00000c63c37c0) [ 34.147187] [ 34.147637] The buggy address belongs to the physical page: [ 34.148382] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c3 [ 34.150500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.151204] page_type: f5(slab) [ 34.152002] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.153063] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.154656] page dumped because: kasan: bad access detected [ 34.155373] [ 34.155611] Memory state around the buggy address: [ 34.156356] fff00000c63c3680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.157836] fff00000c63c3700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.158666] >fff00000c63c3780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.160091] ^ [ 34.160891] fff00000c63c3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.162674] fff00000c63c3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.163259] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 33.987285] ================================================================== [ 33.988643] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e8 [ 33.989625] Read of size 64 at addr fff00000c63c3684 by task kunit_try_catch/171 [ 33.991161] [ 33.991570] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.993355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.994050] Hardware name: linux,dummy-virt (DT) [ 33.994724] Call trace: [ 33.995305] show_stack+0x20/0x38 (C) [ 33.996179] dump_stack_lvl+0x8c/0xd0 [ 33.997124] print_report+0x118/0x5e0 [ 33.998153] kasan_report+0xc8/0x118 [ 33.998791] kasan_check_range+0x100/0x1a8 [ 33.999511] __asan_memmove+0x3c/0x98 [ 34.000184] kmalloc_memmove_invalid_size+0x154/0x2e8 [ 34.001487] kunit_try_run_case+0x14c/0x3d0 [ 34.002572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.003630] kthread+0x24c/0x2d0 [ 34.004149] ret_from_fork+0x10/0x20 [ 34.004811] [ 34.005128] Allocated by task 171: [ 34.006302] kasan_save_stack+0x3c/0x68 [ 34.006938] kasan_save_track+0x20/0x40 [ 34.007502] kasan_save_alloc_info+0x40/0x58 [ 34.008242] __kasan_kmalloc+0xd4/0xd8 [ 34.009532] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.011104] kmalloc_memmove_invalid_size+0xb0/0x2e8 [ 34.012108] kunit_try_run_case+0x14c/0x3d0 [ 34.012729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.013979] kthread+0x24c/0x2d0 [ 34.014475] ret_from_fork+0x10/0x20 [ 34.014854] [ 34.016107] The buggy address belongs to the object at fff00000c63c3680 [ 34.016107] which belongs to the cache kmalloc-64 of size 64 [ 34.018128] The buggy address is located 4 bytes inside of [ 34.018128] allocated 64-byte region [fff00000c63c3680, fff00000c63c36c0) [ 34.019880] [ 34.020512] The buggy address belongs to the physical page: [ 34.021498] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c3 [ 34.022662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.023641] page_type: f5(slab) [ 34.024368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.025670] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.026835] page dumped because: kasan: bad access detected [ 34.027764] [ 34.028145] Memory state around the buggy address: [ 34.028920] fff00000c63c3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.030073] fff00000c63c3600: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 34.031483] >fff00000c63c3680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 34.032960] ^ [ 34.034566] fff00000c63c3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.035612] fff00000c63c3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.036749] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 33.923674] ================================================================== [ 33.925305] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 33.926248] Read of size 18446744073709551614 at addr fff00000c6132b84 by task kunit_try_catch/169 [ 33.928183] [ 33.929646] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.931026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.931601] Hardware name: linux,dummy-virt (DT) [ 33.932202] Call trace: [ 33.932779] show_stack+0x20/0x38 (C) [ 33.933804] dump_stack_lvl+0x8c/0xd0 [ 33.934488] print_report+0x118/0x5e0 [ 33.935143] kasan_report+0xc8/0x118 [ 33.935742] kasan_check_range+0x100/0x1a8 [ 33.936318] __asan_memmove+0x3c/0x98 [ 33.936927] kmalloc_memmove_negative_size+0x154/0x2e0 [ 33.937935] kunit_try_run_case+0x14c/0x3d0 [ 33.938732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.939998] kthread+0x24c/0x2d0 [ 33.940780] ret_from_fork+0x10/0x20 [ 33.941989] [ 33.942407] Allocated by task 169: [ 33.942983] kasan_save_stack+0x3c/0x68 [ 33.943566] kasan_save_track+0x20/0x40 [ 33.944222] kasan_save_alloc_info+0x40/0x58 [ 33.945468] __kasan_kmalloc+0xd4/0xd8 [ 33.946719] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.947334] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 33.948076] kunit_try_run_case+0x14c/0x3d0 [ 33.948655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.950384] kthread+0x24c/0x2d0 [ 33.951111] ret_from_fork+0x10/0x20 [ 33.951712] [ 33.952040] The buggy address belongs to the object at fff00000c6132b80 [ 33.952040] which belongs to the cache kmalloc-64 of size 64 [ 33.954206] The buggy address is located 4 bytes inside of [ 33.954206] 64-byte region [fff00000c6132b80, fff00000c6132bc0) [ 33.955929] [ 33.956418] The buggy address belongs to the physical page: [ 33.957230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106132 [ 33.958874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.959770] page_type: f5(slab) [ 33.960353] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 33.962421] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 33.963764] page dumped because: kasan: bad access detected [ 33.964823] [ 33.965710] Memory state around the buggy address: [ 33.966334] fff00000c6132a80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 33.967391] fff00000c6132b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 33.968798] >fff00000c6132b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 33.969701] ^ [ 33.970284] fff00000c6132c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.971930] fff00000c6132c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.972851] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 33.740314] ================================================================== [ 33.741810] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 33.743560] Write of size 4 at addr fff00000c6357475 by task kunit_try_catch/163 [ 33.744963] [ 33.745593] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.746833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.747381] Hardware name: linux,dummy-virt (DT) [ 33.748799] Call trace: [ 33.749584] show_stack+0x20/0x38 (C) [ 33.750278] dump_stack_lvl+0x8c/0xd0 [ 33.750724] print_report+0x118/0x5e0 [ 33.751465] kasan_report+0xc8/0x118 [ 33.751975] kasan_check_range+0x100/0x1a8 [ 33.752995] __asan_memset+0x34/0x78 [ 33.753808] kmalloc_oob_memset_4+0x150/0x300 [ 33.754422] kunit_try_run_case+0x14c/0x3d0 [ 33.755084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.755743] kthread+0x24c/0x2d0 [ 33.756342] ret_from_fork+0x10/0x20 [ 33.757525] [ 33.757889] Allocated by task 163: [ 33.758656] kasan_save_stack+0x3c/0x68 [ 33.759319] kasan_save_track+0x20/0x40 [ 33.759988] kasan_save_alloc_info+0x40/0x58 [ 33.760731] __kasan_kmalloc+0xd4/0xd8 [ 33.761527] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.762277] kmalloc_oob_memset_4+0xb0/0x300 [ 33.763214] kunit_try_run_case+0x14c/0x3d0 [ 33.763957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.765033] kthread+0x24c/0x2d0 [ 33.765964] ret_from_fork+0x10/0x20 [ 33.766516] [ 33.766806] The buggy address belongs to the object at fff00000c6357400 [ 33.766806] which belongs to the cache kmalloc-128 of size 128 [ 33.769734] The buggy address is located 117 bytes inside of [ 33.769734] allocated 120-byte region [fff00000c6357400, fff00000c6357478) [ 33.771624] [ 33.771956] The buggy address belongs to the physical page: [ 33.773038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 33.774273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.775323] page_type: f5(slab) [ 33.776019] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.777336] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.778260] page dumped because: kasan: bad access detected [ 33.778935] [ 33.779216] Memory state around the buggy address: [ 33.779733] fff00000c6357300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.781189] fff00000c6357380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.783635] >fff00000c6357400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.785090] ^ [ 33.786338] fff00000c6357480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.787244] fff00000c6357500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.788108] ================================================================== [ 33.800134] ================================================================== [ 33.801756] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 33.804522] Write of size 8 at addr fff00000c6357571 by task kunit_try_catch/165 [ 33.806032] [ 33.806557] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.807864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.808382] Hardware name: linux,dummy-virt (DT) [ 33.809832] Call trace: [ 33.810060] show_stack+0x20/0x38 (C) [ 33.810369] dump_stack_lvl+0x8c/0xd0 [ 33.810806] print_report+0x118/0x5e0 [ 33.811714] kasan_report+0xc8/0x118 [ 33.812227] kasan_check_range+0x100/0x1a8 [ 33.813057] __asan_memset+0x34/0x78 [ 33.813975] kmalloc_oob_memset_8+0x150/0x2f8 [ 33.815062] kunit_try_run_case+0x14c/0x3d0 [ 33.815820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.817144] kthread+0x24c/0x2d0 [ 33.817644] ret_from_fork+0x10/0x20 [ 33.818214] [ 33.818522] Allocated by task 165: [ 33.819038] kasan_save_stack+0x3c/0x68 [ 33.819658] kasan_save_track+0x20/0x40 [ 33.820106] kasan_save_alloc_info+0x40/0x58 [ 33.821310] __kasan_kmalloc+0xd4/0xd8 [ 33.821896] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.823235] kmalloc_oob_memset_8+0xb0/0x2f8 [ 33.823870] kunit_try_run_case+0x14c/0x3d0 [ 33.824976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.825735] kthread+0x24c/0x2d0 [ 33.826253] ret_from_fork+0x10/0x20 [ 33.826808] [ 33.827253] The buggy address belongs to the object at fff00000c6357500 [ 33.827253] which belongs to the cache kmalloc-128 of size 128 [ 33.828721] The buggy address is located 113 bytes inside of [ 33.828721] allocated 120-byte region [fff00000c6357500, fff00000c6357578) [ 33.830492] [ 33.830933] The buggy address belongs to the physical page: [ 33.831841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 33.833260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.834422] page_type: f5(slab) [ 33.835242] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.836272] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.837793] page dumped because: kasan: bad access detected [ 33.838373] [ 33.838633] Memory state around the buggy address: [ 33.839267] fff00000c6357400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.840027] fff00000c6357480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.841133] >fff00000c6357500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.841960] ^ [ 33.843268] fff00000c6357580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.845109] fff00000c6357600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.846482] ================================================================== [ 33.859218] ================================================================== [ 33.860589] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 33.861679] Write of size 16 at addr fff00000c6a6f469 by task kunit_try_catch/167 [ 33.862495] [ 33.863937] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.865219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.865861] Hardware name: linux,dummy-virt (DT) [ 33.867124] Call trace: [ 33.867933] show_stack+0x20/0x38 (C) [ 33.869175] dump_stack_lvl+0x8c/0xd0 [ 33.870475] print_report+0x118/0x5e0 [ 33.871246] kasan_report+0xc8/0x118 [ 33.871907] kasan_check_range+0x100/0x1a8 [ 33.872692] __asan_memset+0x34/0x78 [ 33.873473] kmalloc_oob_memset_16+0x150/0x2f8 [ 33.874715] kunit_try_run_case+0x14c/0x3d0 [ 33.875522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.876382] kthread+0x24c/0x2d0 [ 33.877396] ret_from_fork+0x10/0x20 [ 33.878252] [ 33.878780] Allocated by task 167: [ 33.879628] kasan_save_stack+0x3c/0x68 [ 33.880780] kasan_save_track+0x20/0x40 [ 33.881384] kasan_save_alloc_info+0x40/0x58 [ 33.882398] __kasan_kmalloc+0xd4/0xd8 [ 33.883022] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.883826] kmalloc_oob_memset_16+0xb0/0x2f8 [ 33.884613] kunit_try_run_case+0x14c/0x3d0 [ 33.885667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.886283] kthread+0x24c/0x2d0 [ 33.886753] ret_from_fork+0x10/0x20 [ 33.887247] [ 33.887715] The buggy address belongs to the object at fff00000c6a6f400 [ 33.887715] which belongs to the cache kmalloc-128 of size 128 [ 33.891858] The buggy address is located 105 bytes inside of [ 33.891858] allocated 120-byte region [fff00000c6a6f400, fff00000c6a6f478) [ 33.893759] [ 33.894066] The buggy address belongs to the physical page: [ 33.897989] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a6f [ 33.898830] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.899407] page_type: f5(slab) [ 33.901746] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.902769] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.903560] page dumped because: kasan: bad access detected [ 33.904187] [ 33.905061] Memory state around the buggy address: [ 33.905535] fff00000c6a6f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 33.906126] fff00000c6a6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.906759] >fff00000c6a6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.907367] ^ [ 33.909128] fff00000c6a6f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.911281] fff00000c6a6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.912211] ================================================================== [ 33.680265] ================================================================== [ 33.683006] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 33.683781] Write of size 2 at addr fff00000c6357377 by task kunit_try_catch/161 [ 33.685362] [ 33.685984] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.687358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.687950] Hardware name: linux,dummy-virt (DT) [ 33.688713] Call trace: [ 33.689107] show_stack+0x20/0x38 (C) [ 33.689821] dump_stack_lvl+0x8c/0xd0 [ 33.690877] print_report+0x118/0x5e0 [ 33.691568] kasan_report+0xc8/0x118 [ 33.691985] kasan_check_range+0x100/0x1a8 [ 33.693036] __asan_memset+0x34/0x78 [ 33.693906] kmalloc_oob_memset_2+0x150/0x2f8 [ 33.694762] kunit_try_run_case+0x14c/0x3d0 [ 33.695526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.696357] kthread+0x24c/0x2d0 [ 33.697133] ret_from_fork+0x10/0x20 [ 33.698096] [ 33.698548] Allocated by task 161: [ 33.699309] kasan_save_stack+0x3c/0x68 [ 33.699928] kasan_save_track+0x20/0x40 [ 33.701050] kasan_save_alloc_info+0x40/0x58 [ 33.702062] __kasan_kmalloc+0xd4/0xd8 [ 33.702375] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.702978] kmalloc_oob_memset_2+0xb0/0x2f8 [ 33.703730] kunit_try_run_case+0x14c/0x3d0 [ 33.704400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.705121] kthread+0x24c/0x2d0 [ 33.705758] ret_from_fork+0x10/0x20 [ 33.706910] [ 33.707363] The buggy address belongs to the object at fff00000c6357300 [ 33.707363] which belongs to the cache kmalloc-128 of size 128 [ 33.709114] The buggy address is located 119 bytes inside of [ 33.709114] allocated 120-byte region [fff00000c6357300, fff00000c6357378) [ 33.710699] [ 33.711376] The buggy address belongs to the physical page: [ 33.712279] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 33.713987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.714976] page_type: f5(slab) [ 33.715553] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.716865] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.718030] page dumped because: kasan: bad access detected [ 33.718600] [ 33.718994] Memory state around the buggy address: [ 33.719621] fff00000c6357200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.720689] fff00000c6357280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.722621] >fff00000c6357300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.723568] ^ [ 33.724528] fff00000c6357380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.726249] fff00000c6357400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.726931] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 33.600393] ================================================================== [ 33.601788] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 33.602996] Write of size 128 at addr fff00000c6305b00 by task kunit_try_catch/159 [ 33.604181] [ 33.604612] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.606373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.607776] Hardware name: linux,dummy-virt (DT) [ 33.608409] Call trace: [ 33.609516] show_stack+0x20/0x38 (C) [ 33.610033] dump_stack_lvl+0x8c/0xd0 [ 33.610505] print_report+0x118/0x5e0 [ 33.611633] kasan_report+0xc8/0x118 [ 33.612769] kasan_check_range+0x100/0x1a8 [ 33.614042] __asan_memset+0x34/0x78 [ 33.614998] kmalloc_oob_in_memset+0x144/0x2d0 [ 33.615947] kunit_try_run_case+0x14c/0x3d0 [ 33.616340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.619171] kthread+0x24c/0x2d0 [ 33.620374] ret_from_fork+0x10/0x20 [ 33.621080] [ 33.621334] Allocated by task 159: [ 33.624069] kasan_save_stack+0x3c/0x68 [ 33.625800] kasan_save_track+0x20/0x40 [ 33.628827] kasan_save_alloc_info+0x40/0x58 [ 33.629348] __kasan_kmalloc+0xd4/0xd8 [ 33.631066] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.633289] kmalloc_oob_in_memset+0xb0/0x2d0 [ 33.635064] kunit_try_run_case+0x14c/0x3d0 [ 33.637428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.638085] kthread+0x24c/0x2d0 [ 33.640553] ret_from_fork+0x10/0x20 [ 33.641931] [ 33.643516] The buggy address belongs to the object at fff00000c6305b00 [ 33.643516] which belongs to the cache kmalloc-128 of size 128 [ 33.646880] The buggy address is located 0 bytes inside of [ 33.646880] allocated 120-byte region [fff00000c6305b00, fff00000c6305b78) [ 33.649609] [ 33.650277] The buggy address belongs to the physical page: [ 33.651140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106305 [ 33.651860] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.652267] page_type: f5(slab) [ 33.653156] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 33.654867] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.655536] page dumped because: kasan: bad access detected [ 33.656538] [ 33.657686] Memory state around the buggy address: [ 33.658586] fff00000c6305a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 33.659676] fff00000c6305a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.661392] >fff00000c6305b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 33.663478] ^ [ 33.664533] fff00000c6305b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.665422] fff00000c6305c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.667525] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 34.048348] ================================================================== [ 34.049938] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 34.050843] Read of size 1 at addr fff00000c5ce67e8 by task kunit_try_catch/173 [ 34.051996] [ 34.052310] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.053966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.054817] Hardware name: linux,dummy-virt (DT) [ 34.055777] Call trace: [ 34.056169] show_stack+0x20/0x38 (C) [ 34.057170] dump_stack_lvl+0x8c/0xd0 [ 34.057791] print_report+0x118/0x5e0 [ 34.058478] kasan_report+0xc8/0x118 [ 34.059060] __asan_report_load1_noabort+0x20/0x30 [ 34.059848] kmalloc_uaf+0x300/0x338 [ 34.060478] kunit_try_run_case+0x14c/0x3d0 [ 34.061208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.062056] kthread+0x24c/0x2d0 [ 34.062749] ret_from_fork+0x10/0x20 [ 34.063410] [ 34.063748] Allocated by task 173: [ 34.064371] kasan_save_stack+0x3c/0x68 [ 34.065363] kasan_save_track+0x20/0x40 [ 34.065914] kasan_save_alloc_info+0x40/0x58 [ 34.066582] __kasan_kmalloc+0xd4/0xd8 [ 34.067207] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.068005] kmalloc_uaf+0xb8/0x338 [ 34.068947] kunit_try_run_case+0x14c/0x3d0 [ 34.069629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.070359] kthread+0x24c/0x2d0 [ 34.070890] ret_from_fork+0x10/0x20 [ 34.071501] [ 34.071819] Freed by task 173: [ 34.072367] kasan_save_stack+0x3c/0x68 [ 34.074056] kasan_save_track+0x20/0x40 [ 34.074715] kasan_save_free_info+0x4c/0x78 [ 34.075292] __kasan_slab_free+0x6c/0x98 [ 34.075874] kfree+0x114/0x3d0 [ 34.076544] kmalloc_uaf+0x11c/0x338 [ 34.077503] kunit_try_run_case+0x14c/0x3d0 [ 34.078319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.079131] kthread+0x24c/0x2d0 [ 34.079761] ret_from_fork+0x10/0x20 [ 34.080390] [ 34.081164] The buggy address belongs to the object at fff00000c5ce67e0 [ 34.081164] which belongs to the cache kmalloc-16 of size 16 [ 34.082494] The buggy address is located 8 bytes inside of [ 34.082494] freed 16-byte region [fff00000c5ce67e0, fff00000c5ce67f0) [ 34.083755] [ 34.084046] The buggy address belongs to the physical page: [ 34.085341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ce6 [ 34.086410] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.087218] page_type: f5(slab) [ 34.087765] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.089155] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 34.089926] page dumped because: kasan: bad access detected [ 34.090611] [ 34.091030] Memory state around the buggy address: [ 34.091693] fff00000c5ce6680: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 34.092606] fff00000c5ce6700: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.094056] >fff00000c5ce6780: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 34.094959] ^ [ 34.096897] fff00000c5ce6800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.097683] fff00000c5ce6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.098654] ================================================================== [ 33.529192] ================================================================== [ 33.530783] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 33.531865] Read of size 16 at addr fff00000c6105300 by task kunit_try_catch/157 [ 33.532604] [ 33.532923] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.535035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.535825] Hardware name: linux,dummy-virt (DT) [ 33.536407] Call trace: [ 33.536976] show_stack+0x20/0x38 (C) [ 33.538062] dump_stack_lvl+0x8c/0xd0 [ 33.539281] print_report+0x118/0x5e0 [ 33.540344] kasan_report+0xc8/0x118 [ 33.541569] __asan_report_load16_noabort+0x20/0x30 [ 33.542290] kmalloc_uaf_16+0x3bc/0x438 [ 33.542788] kunit_try_run_case+0x14c/0x3d0 [ 33.544095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.545131] kthread+0x24c/0x2d0 [ 33.545996] ret_from_fork+0x10/0x20 [ 33.547159] [ 33.547633] Allocated by task 157: [ 33.548877] kasan_save_stack+0x3c/0x68 [ 33.549867] kasan_save_track+0x20/0x40 [ 33.550712] kasan_save_alloc_info+0x40/0x58 [ 33.551408] __kasan_kmalloc+0xd4/0xd8 [ 33.552085] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.553623] kmalloc_uaf_16+0x140/0x438 [ 33.554633] kunit_try_run_case+0x14c/0x3d0 [ 33.555212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.556301] kthread+0x24c/0x2d0 [ 33.557019] ret_from_fork+0x10/0x20 [ 33.557749] [ 33.558336] Freed by task 157: [ 33.558772] kasan_save_stack+0x3c/0x68 [ 33.559762] kasan_save_track+0x20/0x40 [ 33.560576] kasan_save_free_info+0x4c/0x78 [ 33.561237] __kasan_slab_free+0x6c/0x98 [ 33.561846] kfree+0x114/0x3d0 [ 33.562874] kmalloc_uaf_16+0x190/0x438 [ 33.563723] kunit_try_run_case+0x14c/0x3d0 [ 33.564561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.565498] kthread+0x24c/0x2d0 [ 33.566343] ret_from_fork+0x10/0x20 [ 33.567402] [ 33.567722] The buggy address belongs to the object at fff00000c6105300 [ 33.567722] which belongs to the cache kmalloc-16 of size 16 [ 33.570193] The buggy address is located 0 bytes inside of [ 33.570193] freed 16-byte region [fff00000c6105300, fff00000c6105310) [ 33.572625] [ 33.573018] The buggy address belongs to the physical page: [ 33.574491] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106105 [ 33.574976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.575372] page_type: f5(slab) [ 33.575961] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 33.577549] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 33.578749] page dumped because: kasan: bad access detected [ 33.579461] [ 33.579940] Memory state around the buggy address: [ 33.581134] fff00000c6105200: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 33.582532] fff00000c6105280: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 33.583797] >fff00000c6105300: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.584920] ^ [ 33.585860] fff00000c6105380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.587375] fff00000c6105400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.588992] ================================================================== [ 34.183030] ================================================================== [ 34.184318] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 34.185128] Read of size 1 at addr fff00000c6a9b128 by task kunit_try_catch/177 [ 34.186959] [ 34.187383] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 34.189030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.189578] Hardware name: linux,dummy-virt (DT) [ 34.190334] Call trace: [ 34.190879] show_stack+0x20/0x38 (C) [ 34.192316] dump_stack_lvl+0x8c/0xd0 [ 34.192984] print_report+0x118/0x5e0 [ 34.193535] kasan_report+0xc8/0x118 [ 34.194229] __asan_report_load1_noabort+0x20/0x30 [ 34.195538] kmalloc_uaf2+0x3f4/0x468 [ 34.196044] kunit_try_run_case+0x14c/0x3d0 [ 34.197721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.198475] kthread+0x24c/0x2d0 [ 34.198895] ret_from_fork+0x10/0x20 [ 34.199632] [ 34.199925] Allocated by task 177: [ 34.200535] kasan_save_stack+0x3c/0x68 [ 34.201361] kasan_save_track+0x20/0x40 [ 34.202678] kasan_save_alloc_info+0x40/0x58 [ 34.203375] __kasan_kmalloc+0xd4/0xd8 [ 34.203976] __kmalloc_cache_noprof+0x15c/0x3c8 [ 34.204623] kmalloc_uaf2+0xc4/0x468 [ 34.205655] kunit_try_run_case+0x14c/0x3d0 [ 34.206273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.206965] kthread+0x24c/0x2d0 [ 34.208197] ret_from_fork+0x10/0x20 [ 34.208667] [ 34.209154] Freed by task 177: [ 34.210609] kasan_save_stack+0x3c/0x68 [ 34.211244] kasan_save_track+0x20/0x40 [ 34.212023] kasan_save_free_info+0x4c/0x78 [ 34.213264] __kasan_slab_free+0x6c/0x98 [ 34.214031] kfree+0x114/0x3d0 [ 34.214907] kmalloc_uaf2+0x134/0x468 [ 34.215867] kunit_try_run_case+0x14c/0x3d0 [ 34.216933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.217972] kthread+0x24c/0x2d0 [ 34.218751] ret_from_fork+0x10/0x20 [ 34.219413] [ 34.219808] The buggy address belongs to the object at fff00000c6a9b100 [ 34.219808] which belongs to the cache kmalloc-64 of size 64 [ 34.221717] The buggy address is located 40 bytes inside of [ 34.221717] freed 64-byte region [fff00000c6a9b100, fff00000c6a9b140) [ 34.223993] [ 34.224329] The buggy address belongs to the physical page: [ 34.225795] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a9b [ 34.226990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.228125] page_type: f5(slab) [ 34.228649] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 34.229870] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 34.231926] page dumped because: kasan: bad access detected [ 34.232925] [ 34.233370] Memory state around the buggy address: [ 34.235079] fff00000c6a9b000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.235889] fff00000c6a9b080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.237658] >fff00000c6a9b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 34.238877] ^ [ 34.239946] fff00000c6a9b180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 34.241623] fff00000c6a9b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.243691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 33.461977] ================================================================== [ 33.463597] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 33.464796] Write of size 16 at addr fff00000c61052a0 by task kunit_try_catch/155 [ 33.466391] [ 33.467458] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.469278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.471160] Hardware name: linux,dummy-virt (DT) [ 33.471854] Call trace: [ 33.472260] show_stack+0x20/0x38 (C) [ 33.472927] dump_stack_lvl+0x8c/0xd0 [ 33.473901] print_report+0x118/0x5e0 [ 33.474511] kasan_report+0xc8/0x118 [ 33.475188] __asan_report_store16_noabort+0x20/0x30 [ 33.475925] kmalloc_oob_16+0x3a0/0x3f8 [ 33.476724] kunit_try_run_case+0x14c/0x3d0 [ 33.477857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.478992] kthread+0x24c/0x2d0 [ 33.479886] ret_from_fork+0x10/0x20 [ 33.481055] [ 33.481787] Allocated by task 155: [ 33.482283] kasan_save_stack+0x3c/0x68 [ 33.482720] kasan_save_track+0x20/0x40 [ 33.483154] kasan_save_alloc_info+0x40/0x58 [ 33.483817] __kasan_kmalloc+0xd4/0xd8 [ 33.484256] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.486544] kmalloc_oob_16+0xb4/0x3f8 [ 33.487063] kunit_try_run_case+0x14c/0x3d0 [ 33.488105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.489539] kthread+0x24c/0x2d0 [ 33.490744] ret_from_fork+0x10/0x20 [ 33.491536] [ 33.492170] The buggy address belongs to the object at fff00000c61052a0 [ 33.492170] which belongs to the cache kmalloc-16 of size 16 [ 33.496087] The buggy address is located 0 bytes inside of [ 33.496087] allocated 13-byte region [fff00000c61052a0, fff00000c61052ad) [ 33.499034] [ 33.499471] The buggy address belongs to the physical page: [ 33.500239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106105 [ 33.501233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 33.502967] page_type: f5(slab) [ 33.503754] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 33.505547] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 33.507145] page dumped because: kasan: bad access detected [ 33.507943] [ 33.508243] Memory state around the buggy address: [ 33.508847] fff00000c6105180: fa fb fc fc 00 05 fc fc 00 05 fc fc 00 00 fc fc [ 33.509973] fff00000c6105200: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 33.511306] >fff00000c6105280: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 33.512284] ^ [ 33.513169] fff00000c6105300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.514105] fff00000c6105380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.515648] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 33.400041] ================================================================== [ 33.401347] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 33.402368] Read of size 1 at addr fff00000c17b8800 by task kunit_try_catch/153 [ 33.404364] [ 33.405102] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.406421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.407166] Hardware name: linux,dummy-virt (DT) [ 33.407813] Call trace: [ 33.408187] show_stack+0x20/0x38 (C) [ 33.408878] dump_stack_lvl+0x8c/0xd0 [ 33.409472] print_report+0x118/0x5e0 [ 33.410041] kasan_report+0xc8/0x118 [ 33.410632] __asan_report_load1_noabort+0x20/0x30 [ 33.411258] krealloc_uaf+0x4c8/0x520 [ 33.411800] kunit_try_run_case+0x14c/0x3d0 [ 33.412569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.413456] kthread+0x24c/0x2d0 [ 33.413984] ret_from_fork+0x10/0x20 [ 33.414614] [ 33.414974] Allocated by task 153: [ 33.415518] kasan_save_stack+0x3c/0x68 [ 33.416181] kasan_save_track+0x20/0x40 [ 33.416766] kasan_save_alloc_info+0x40/0x58 [ 33.417469] __kasan_kmalloc+0xd4/0xd8 [ 33.418130] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.418673] krealloc_uaf+0xc8/0x520 [ 33.419335] kunit_try_run_case+0x14c/0x3d0 [ 33.420057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.420680] kthread+0x24c/0x2d0 [ 33.421215] ret_from_fork+0x10/0x20 [ 33.421856] [ 33.422249] Freed by task 153: [ 33.422799] kasan_save_stack+0x3c/0x68 [ 33.423324] kasan_save_track+0x20/0x40 [ 33.424070] kasan_save_free_info+0x4c/0x78 [ 33.424693] __kasan_slab_free+0x6c/0x98 [ 33.425240] kfree+0x114/0x3d0 [ 33.425742] krealloc_uaf+0x12c/0x520 [ 33.426390] kunit_try_run_case+0x14c/0x3d0 [ 33.427021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.427770] kthread+0x24c/0x2d0 [ 33.428228] ret_from_fork+0x10/0x20 [ 33.428983] [ 33.429283] The buggy address belongs to the object at fff00000c17b8800 [ 33.429283] which belongs to the cache kmalloc-256 of size 256 [ 33.430784] The buggy address is located 0 bytes inside of [ 33.430784] freed 256-byte region [fff00000c17b8800, fff00000c17b8900) [ 33.432246] [ 33.432571] The buggy address belongs to the physical page: [ 33.433327] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b8 [ 33.434305] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.435268] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.436174] page_type: f5(slab) [ 33.436733] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 33.437654] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.438693] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 33.439654] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.440609] head: 0bfffe0000000001 ffffc1ffc305ee01 ffffffffffffffff 0000000000000000 [ 33.441568] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 33.442501] page dumped because: kasan: bad access detected [ 33.443098] [ 33.443473] Memory state around the buggy address: [ 33.444189] fff00000c17b8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.445062] fff00000c17b8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.445925] >fff00000c17b8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.446831] ^ [ 33.447402] fff00000c17b8880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.448392] fff00000c17b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.449240] ================================================================== [ 33.333833] ================================================================== [ 33.335531] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 33.337237] Read of size 1 at addr fff00000c17b8800 by task kunit_try_catch/153 [ 33.338094] [ 33.338538] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.340097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.340716] Hardware name: linux,dummy-virt (DT) [ 33.341967] Call trace: [ 33.342503] show_stack+0x20/0x38 (C) [ 33.343133] dump_stack_lvl+0x8c/0xd0 [ 33.343881] print_report+0x118/0x5e0 [ 33.344802] kasan_report+0xc8/0x118 [ 33.345539] __kasan_check_byte+0x54/0x70 [ 33.346131] krealloc_noprof+0x44/0x360 [ 33.346742] krealloc_uaf+0x180/0x520 [ 33.347307] kunit_try_run_case+0x14c/0x3d0 [ 33.347937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.350124] kthread+0x24c/0x2d0 [ 33.350631] ret_from_fork+0x10/0x20 [ 33.351045] [ 33.351503] Allocated by task 153: [ 33.351867] kasan_save_stack+0x3c/0x68 [ 33.354143] kasan_save_track+0x20/0x40 [ 33.354760] kasan_save_alloc_info+0x40/0x58 [ 33.355711] __kasan_kmalloc+0xd4/0xd8 [ 33.357876] __kmalloc_cache_noprof+0x15c/0x3c8 [ 33.360168] krealloc_uaf+0xc8/0x520 [ 33.361377] kunit_try_run_case+0x14c/0x3d0 [ 33.363224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.364742] kthread+0x24c/0x2d0 [ 33.366623] ret_from_fork+0x10/0x20 [ 33.367115] [ 33.367376] Freed by task 153: [ 33.367787] kasan_save_stack+0x3c/0x68 [ 33.368345] kasan_save_track+0x20/0x40 [ 33.369937] kasan_save_free_info+0x4c/0x78 [ 33.370733] __kasan_slab_free+0x6c/0x98 [ 33.371510] kfree+0x114/0x3d0 [ 33.372059] krealloc_uaf+0x12c/0x520 [ 33.372902] kunit_try_run_case+0x14c/0x3d0 [ 33.373708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.374848] kthread+0x24c/0x2d0 [ 33.375509] ret_from_fork+0x10/0x20 [ 33.376339] [ 33.376814] The buggy address belongs to the object at fff00000c17b8800 [ 33.376814] which belongs to the cache kmalloc-256 of size 256 [ 33.378635] The buggy address is located 0 bytes inside of [ 33.378635] freed 256-byte region [fff00000c17b8800, fff00000c17b8900) [ 33.379900] [ 33.380456] The buggy address belongs to the physical page: [ 33.381211] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017b8 [ 33.382523] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.383377] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.384232] page_type: f5(slab) [ 33.384748] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 33.385979] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.387094] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 33.388074] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 33.389091] head: 0bfffe0000000001 ffffc1ffc305ee01 ffffffffffffffff 0000000000000000 [ 33.390062] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 33.391042] page dumped because: kasan: bad access detected [ 33.391664] [ 33.392013] Memory state around the buggy address: [ 33.392691] fff00000c17b8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.393573] fff00000c17b8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.394546] >fff00000c17b8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.395377] ^ [ 33.395890] fff00000c17b8880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 33.396874] fff00000c17b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.397794] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 32.817800] ================================================================== [ 32.818426] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 32.819355] Write of size 1 at addr fff00000c5c6f4da by task kunit_try_catch/147 [ 32.822652] [ 32.823908] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.826820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.828404] Hardware name: linux,dummy-virt (DT) [ 32.830726] Call trace: [ 32.831384] show_stack+0x20/0x38 (C) [ 32.832709] dump_stack_lvl+0x8c/0xd0 [ 32.833824] print_report+0x118/0x5e0 [ 32.834676] kasan_report+0xc8/0x118 [ 32.835913] __asan_report_store1_noabort+0x20/0x30 [ 32.837412] krealloc_less_oob_helper+0xa80/0xc50 [ 32.838015] krealloc_less_oob+0x20/0x38 [ 32.838787] kunit_try_run_case+0x14c/0x3d0 [ 32.839223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.840073] kthread+0x24c/0x2d0 [ 32.840959] ret_from_fork+0x10/0x20 [ 32.841857] [ 32.842402] Allocated by task 147: [ 32.843139] kasan_save_stack+0x3c/0x68 [ 32.844074] kasan_save_track+0x20/0x40 [ 32.844974] kasan_save_alloc_info+0x40/0x58 [ 32.845876] __kasan_krealloc+0x118/0x178 [ 32.846480] krealloc_noprof+0x128/0x360 [ 32.847157] krealloc_less_oob_helper+0x168/0xc50 [ 32.847869] krealloc_less_oob+0x20/0x38 [ 32.848291] kunit_try_run_case+0x14c/0x3d0 [ 32.849327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.850152] kthread+0x24c/0x2d0 [ 32.850815] ret_from_fork+0x10/0x20 [ 32.852109] [ 32.852781] The buggy address belongs to the object at fff00000c5c6f400 [ 32.852781] which belongs to the cache kmalloc-256 of size 256 [ 32.854705] The buggy address is located 17 bytes to the right of [ 32.854705] allocated 201-byte region [fff00000c5c6f400, fff00000c5c6f4c9) [ 32.855760] [ 32.856049] The buggy address belongs to the physical page: [ 32.858011] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.859139] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.861051] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.862271] page_type: f5(slab) [ 32.862763] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.864107] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.865367] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.867107] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.868404] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.870080] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.871756] page dumped because: kasan: bad access detected [ 32.872735] [ 32.873154] Memory state around the buggy address: [ 32.874486] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.875562] fff00000c5c6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.876320] >fff00000c5c6f480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 32.879337] ^ [ 32.880187] fff00000c5c6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.881970] fff00000c5c6f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.882876] ================================================================== [ 33.114537] ================================================================== [ 33.116098] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 33.117821] Write of size 1 at addr fff00000c69fa0c9 by task kunit_try_catch/151 [ 33.118783] [ 33.119169] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.120333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.121106] Hardware name: linux,dummy-virt (DT) [ 33.121667] Call trace: [ 33.122601] show_stack+0x20/0x38 (C) [ 33.123261] dump_stack_lvl+0x8c/0xd0 [ 33.123717] print_report+0x118/0x5e0 [ 33.124241] kasan_report+0xc8/0x118 [ 33.125679] __asan_report_store1_noabort+0x20/0x30 [ 33.126647] krealloc_less_oob_helper+0xa48/0xc50 [ 33.127272] krealloc_large_less_oob+0x20/0x38 [ 33.128032] kunit_try_run_case+0x14c/0x3d0 [ 33.129184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.130238] kthread+0x24c/0x2d0 [ 33.130665] ret_from_fork+0x10/0x20 [ 33.131480] [ 33.131951] The buggy address belongs to the physical page: [ 33.132757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f8 [ 33.133906] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.135004] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.136122] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.137242] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.138522] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.139713] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.140492] head: 0bfffe0000000002 ffffc1ffc31a7e01 ffffffffffffffff 0000000000000000 [ 33.142114] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.143206] page dumped because: kasan: bad access detected [ 33.144213] [ 33.144773] Memory state around the buggy address: [ 33.145633] fff00000c69f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.146941] fff00000c69fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.147792] >fff00000c69fa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.148844] ^ [ 33.150019] fff00000c69fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.151875] fff00000c69fa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.153455] ================================================================== [ 33.155960] ================================================================== [ 33.157705] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 33.159917] Write of size 1 at addr fff00000c69fa0d0 by task kunit_try_catch/151 [ 33.162611] [ 33.163682] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.165265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.166268] Hardware name: linux,dummy-virt (DT) [ 33.167059] Call trace: [ 33.167374] show_stack+0x20/0x38 (C) [ 33.168207] dump_stack_lvl+0x8c/0xd0 [ 33.169311] print_report+0x118/0x5e0 [ 33.170680] kasan_report+0xc8/0x118 [ 33.171282] __asan_report_store1_noabort+0x20/0x30 [ 33.172228] krealloc_less_oob_helper+0xb9c/0xc50 [ 33.173594] krealloc_large_less_oob+0x20/0x38 [ 33.174176] kunit_try_run_case+0x14c/0x3d0 [ 33.175407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.176208] kthread+0x24c/0x2d0 [ 33.177307] ret_from_fork+0x10/0x20 [ 33.178019] [ 33.178391] The buggy address belongs to the physical page: [ 33.179299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f8 [ 33.180517] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.181977] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.182909] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.185085] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.186478] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.187705] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.188630] head: 0bfffe0000000002 ffffc1ffc31a7e01 ffffffffffffffff 0000000000000000 [ 33.189672] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.190343] page dumped because: kasan: bad access detected [ 33.191832] [ 33.192685] Memory state around the buggy address: [ 33.193776] fff00000c69f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.195007] fff00000c69fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.196385] >fff00000c69fa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.197796] ^ [ 33.198793] fff00000c69fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.201239] fff00000c69fa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.203017] ================================================================== [ 33.206783] ================================================================== [ 33.207660] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 33.210530] Write of size 1 at addr fff00000c69fa0da by task kunit_try_catch/151 [ 33.212010] [ 33.212370] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.214064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.214517] Hardware name: linux,dummy-virt (DT) [ 33.214883] Call trace: [ 33.215090] show_stack+0x20/0x38 (C) [ 33.215394] dump_stack_lvl+0x8c/0xd0 [ 33.216351] print_report+0x118/0x5e0 [ 33.217625] kasan_report+0xc8/0x118 [ 33.218603] __asan_report_store1_noabort+0x20/0x30 [ 33.219317] krealloc_less_oob_helper+0xa80/0xc50 [ 33.220113] krealloc_large_less_oob+0x20/0x38 [ 33.221094] kunit_try_run_case+0x14c/0x3d0 [ 33.221906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.222712] kthread+0x24c/0x2d0 [ 33.223225] ret_from_fork+0x10/0x20 [ 33.224336] [ 33.225003] The buggy address belongs to the physical page: [ 33.226747] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f8 [ 33.227972] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.229760] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.231179] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.232101] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.233365] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.234966] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.236060] head: 0bfffe0000000002 ffffc1ffc31a7e01 ffffffffffffffff 0000000000000000 [ 33.236992] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.238470] page dumped because: kasan: bad access detected [ 33.239327] [ 33.239726] Memory state around the buggy address: [ 33.240995] fff00000c69f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.242031] fff00000c69fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.243043] >fff00000c69fa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.243978] ^ [ 33.244851] fff00000c69fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.246072] fff00000c69fa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.247317] ================================================================== [ 32.695210] ================================================================== [ 32.696892] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 32.698378] Write of size 1 at addr fff00000c5c6f4c9 by task kunit_try_catch/147 [ 32.700152] [ 32.700972] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.702571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.703340] Hardware name: linux,dummy-virt (DT) [ 32.704991] Call trace: [ 32.705400] show_stack+0x20/0x38 (C) [ 32.706019] dump_stack_lvl+0x8c/0xd0 [ 32.706928] print_report+0x118/0x5e0 [ 32.707652] kasan_report+0xc8/0x118 [ 32.708252] __asan_report_store1_noabort+0x20/0x30 [ 32.710045] krealloc_less_oob_helper+0xa48/0xc50 [ 32.710815] krealloc_less_oob+0x20/0x38 [ 32.711397] kunit_try_run_case+0x14c/0x3d0 [ 32.713127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.713956] kthread+0x24c/0x2d0 [ 32.714681] ret_from_fork+0x10/0x20 [ 32.715481] [ 32.716006] Allocated by task 147: [ 32.716789] kasan_save_stack+0x3c/0x68 [ 32.717364] kasan_save_track+0x20/0x40 [ 32.717918] kasan_save_alloc_info+0x40/0x58 [ 32.718711] __kasan_krealloc+0x118/0x178 [ 32.719499] krealloc_noprof+0x128/0x360 [ 32.720148] krealloc_less_oob_helper+0x168/0xc50 [ 32.721176] krealloc_less_oob+0x20/0x38 [ 32.722076] kunit_try_run_case+0x14c/0x3d0 [ 32.723368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.724198] kthread+0x24c/0x2d0 [ 32.725066] ret_from_fork+0x10/0x20 [ 32.725620] [ 32.725925] The buggy address belongs to the object at fff00000c5c6f400 [ 32.725925] which belongs to the cache kmalloc-256 of size 256 [ 32.727389] The buggy address is located 0 bytes to the right of [ 32.727389] allocated 201-byte region [fff00000c5c6f400, fff00000c5c6f4c9) [ 32.729961] [ 32.730341] The buggy address belongs to the physical page: [ 32.731154] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.732522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.734750] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.735916] page_type: f5(slab) [ 32.736783] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.738289] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.739304] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.740321] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.741645] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.742614] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.744031] page dumped because: kasan: bad access detected [ 32.744818] [ 32.745178] Memory state around the buggy address: [ 32.746088] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.746884] fff00000c5c6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.748149] >fff00000c5c6f480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 32.749059] ^ [ 32.750322] fff00000c5c6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.751214] fff00000c5c6f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.752548] ================================================================== [ 33.250989] ================================================================== [ 33.252002] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 33.253288] Write of size 1 at addr fff00000c69fa0ea by task kunit_try_catch/151 [ 33.255570] [ 33.256062] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.257333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.257996] Hardware name: linux,dummy-virt (DT) [ 33.258715] Call trace: [ 33.259216] show_stack+0x20/0x38 (C) [ 33.259870] dump_stack_lvl+0x8c/0xd0 [ 33.260611] print_report+0x118/0x5e0 [ 33.261251] kasan_report+0xc8/0x118 [ 33.261899] __asan_report_store1_noabort+0x20/0x30 [ 33.262653] krealloc_less_oob_helper+0xae4/0xc50 [ 33.263415] krealloc_large_less_oob+0x20/0x38 [ 33.264142] kunit_try_run_case+0x14c/0x3d0 [ 33.264945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.265777] kthread+0x24c/0x2d0 [ 33.266391] ret_from_fork+0x10/0x20 [ 33.267067] [ 33.267418] The buggy address belongs to the physical page: [ 33.268265] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f8 [ 33.269301] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.270306] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.271288] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.272254] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.273205] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.274221] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.275256] head: 0bfffe0000000002 ffffc1ffc31a7e01 ffffffffffffffff 0000000000000000 [ 33.276247] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.277245] page dumped because: kasan: bad access detected [ 33.278187] [ 33.278700] Memory state around the buggy address: [ 33.279324] fff00000c69f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.280300] fff00000c69fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.281243] >fff00000c69fa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.282146] ^ [ 33.283026] fff00000c69fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.284064] fff00000c69fa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.285006] ================================================================== [ 32.755660] ================================================================== [ 32.756565] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 32.757411] Write of size 1 at addr fff00000c5c6f4d0 by task kunit_try_catch/147 [ 32.758335] [ 32.759589] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.761366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.761886] Hardware name: linux,dummy-virt (DT) [ 32.762323] Call trace: [ 32.763037] show_stack+0x20/0x38 (C) [ 32.763625] dump_stack_lvl+0x8c/0xd0 [ 32.764372] print_report+0x118/0x5e0 [ 32.765175] kasan_report+0xc8/0x118 [ 32.766244] __asan_report_store1_noabort+0x20/0x30 [ 32.767456] krealloc_less_oob_helper+0xb9c/0xc50 [ 32.768093] krealloc_less_oob+0x20/0x38 [ 32.768404] kunit_try_run_case+0x14c/0x3d0 [ 32.769222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.769987] kthread+0x24c/0x2d0 [ 32.771168] ret_from_fork+0x10/0x20 [ 32.771800] [ 32.772144] Allocated by task 147: [ 32.772884] kasan_save_stack+0x3c/0x68 [ 32.773635] kasan_save_track+0x20/0x40 [ 32.774354] kasan_save_alloc_info+0x40/0x58 [ 32.774895] __kasan_krealloc+0x118/0x178 [ 32.775534] krealloc_noprof+0x128/0x360 [ 32.777544] krealloc_less_oob_helper+0x168/0xc50 [ 32.778763] krealloc_less_oob+0x20/0x38 [ 32.779625] kunit_try_run_case+0x14c/0x3d0 [ 32.780670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.782834] kthread+0x24c/0x2d0 [ 32.783408] ret_from_fork+0x10/0x20 [ 32.783833] [ 32.784899] The buggy address belongs to the object at fff00000c5c6f400 [ 32.784899] which belongs to the cache kmalloc-256 of size 256 [ 32.787003] The buggy address is located 7 bytes to the right of [ 32.787003] allocated 201-byte region [fff00000c5c6f400, fff00000c5c6f4c9) [ 32.788992] [ 32.789984] The buggy address belongs to the physical page: [ 32.790623] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.792150] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.794009] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.794808] page_type: f5(slab) [ 32.795246] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.796205] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.797795] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.798907] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.799643] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.801706] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.802660] page dumped because: kasan: bad access detected [ 32.803497] [ 32.804060] Memory state around the buggy address: [ 32.805367] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.806272] fff00000c5c6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.809402] >fff00000c5c6f480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 32.811235] ^ [ 32.811833] fff00000c5c6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.812423] fff00000c5c6f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.815537] ================================================================== [ 33.286966] ================================================================== [ 33.287778] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 33.289361] Write of size 1 at addr fff00000c69fa0eb by task kunit_try_catch/151 [ 33.290676] [ 33.291013] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.292517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.293020] Hardware name: linux,dummy-virt (DT) [ 33.293971] Call trace: [ 33.294462] show_stack+0x20/0x38 (C) [ 33.295161] dump_stack_lvl+0x8c/0xd0 [ 33.295973] print_report+0x118/0x5e0 [ 33.296835] kasan_report+0xc8/0x118 [ 33.297730] __asan_report_store1_noabort+0x20/0x30 [ 33.298319] krealloc_less_oob_helper+0xa58/0xc50 [ 33.299687] krealloc_large_less_oob+0x20/0x38 [ 33.300585] kunit_try_run_case+0x14c/0x3d0 [ 33.301220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.302501] kthread+0x24c/0x2d0 [ 33.303148] ret_from_fork+0x10/0x20 [ 33.303640] [ 33.304064] The buggy address belongs to the physical page: [ 33.305127] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f8 [ 33.305937] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.307105] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.308109] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.309220] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.310241] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.311206] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.312255] head: 0bfffe0000000002 ffffc1ffc31a7e01 ffffffffffffffff 0000000000000000 [ 33.313186] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.314127] page dumped because: kasan: bad access detected [ 33.314818] [ 33.315177] Memory state around the buggy address: [ 33.315842] fff00000c69f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.316885] fff00000c69fa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.317672] >fff00000c69fa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 33.318549] ^ [ 33.319546] fff00000c69fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.320391] fff00000c69fa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.321296] ================================================================== [ 32.946714] ================================================================== [ 32.947629] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 32.948577] Write of size 1 at addr fff00000c5c6f4eb by task kunit_try_catch/147 [ 32.949487] [ 32.949916] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.951242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.951671] Hardware name: linux,dummy-virt (DT) [ 32.953388] Call trace: [ 32.954115] show_stack+0x20/0x38 (C) [ 32.955167] dump_stack_lvl+0x8c/0xd0 [ 32.955983] print_report+0x118/0x5e0 [ 32.957045] kasan_report+0xc8/0x118 [ 32.958083] __asan_report_store1_noabort+0x20/0x30 [ 32.959300] krealloc_less_oob_helper+0xa58/0xc50 [ 32.960315] krealloc_less_oob+0x20/0x38 [ 32.961365] kunit_try_run_case+0x14c/0x3d0 [ 32.962508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.963411] kthread+0x24c/0x2d0 [ 32.964319] ret_from_fork+0x10/0x20 [ 32.965233] [ 32.965620] Allocated by task 147: [ 32.966366] kasan_save_stack+0x3c/0x68 [ 32.967395] kasan_save_track+0x20/0x40 [ 32.967856] kasan_save_alloc_info+0x40/0x58 [ 32.968318] __kasan_krealloc+0x118/0x178 [ 32.969247] krealloc_noprof+0x128/0x360 [ 32.970209] krealloc_less_oob_helper+0x168/0xc50 [ 32.971350] krealloc_less_oob+0x20/0x38 [ 32.972496] kunit_try_run_case+0x14c/0x3d0 [ 32.973655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.975010] kthread+0x24c/0x2d0 [ 32.975802] ret_from_fork+0x10/0x20 [ 32.976841] [ 32.977461] The buggy address belongs to the object at fff00000c5c6f400 [ 32.977461] which belongs to the cache kmalloc-256 of size 256 [ 32.979802] The buggy address is located 34 bytes to the right of [ 32.979802] allocated 201-byte region [fff00000c5c6f400, fff00000c5c6f4c9) [ 32.982235] [ 32.982651] The buggy address belongs to the physical page: [ 32.983947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.985468] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.986391] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.988168] page_type: f5(slab) [ 32.988988] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.989989] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.991259] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.992287] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.994258] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.995396] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.996404] page dumped because: kasan: bad access detected [ 32.997175] [ 32.997882] Memory state around the buggy address: [ 32.998922] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.999909] fff00000c5c6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.001259] >fff00000c5c6f480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 33.002106] ^ [ 33.003883] fff00000c5c6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.005316] fff00000c5c6f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 33.006263] ================================================================== [ 32.885518] ================================================================== [ 32.886574] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 32.887312] Write of size 1 at addr fff00000c5c6f4ea by task kunit_try_catch/147 [ 32.888383] [ 32.889826] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.891130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.891944] Hardware name: linux,dummy-virt (DT) [ 32.892578] Call trace: [ 32.892924] show_stack+0x20/0x38 (C) [ 32.893663] dump_stack_lvl+0x8c/0xd0 [ 32.894430] print_report+0x118/0x5e0 [ 32.896069] kasan_report+0xc8/0x118 [ 32.896500] __asan_report_store1_noabort+0x20/0x30 [ 32.897381] krealloc_less_oob_helper+0xae4/0xc50 [ 32.898091] krealloc_less_oob+0x20/0x38 [ 32.899176] kunit_try_run_case+0x14c/0x3d0 [ 32.900116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.901724] kthread+0x24c/0x2d0 [ 32.902936] ret_from_fork+0x10/0x20 [ 32.903393] [ 32.903667] Allocated by task 147: [ 32.903950] kasan_save_stack+0x3c/0x68 [ 32.904250] kasan_save_track+0x20/0x40 [ 32.905784] kasan_save_alloc_info+0x40/0x58 [ 32.906804] __kasan_krealloc+0x118/0x178 [ 32.907906] krealloc_noprof+0x128/0x360 [ 32.908885] krealloc_less_oob_helper+0x168/0xc50 [ 32.909557] krealloc_less_oob+0x20/0x38 [ 32.910189] kunit_try_run_case+0x14c/0x3d0 [ 32.910944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.911794] kthread+0x24c/0x2d0 [ 32.912551] ret_from_fork+0x10/0x20 [ 32.913023] [ 32.913616] The buggy address belongs to the object at fff00000c5c6f400 [ 32.913616] which belongs to the cache kmalloc-256 of size 256 [ 32.915719] The buggy address is located 33 bytes to the right of [ 32.915719] allocated 201-byte region [fff00000c5c6f400, fff00000c5c6f4c9) [ 32.918198] [ 32.918858] The buggy address belongs to the physical page: [ 32.919768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.920920] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.921972] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.923497] page_type: f5(slab) [ 32.924296] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.925659] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.926979] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.928210] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.929205] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.931055] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.933107] page dumped because: kasan: bad access detected [ 32.935237] [ 32.935929] Memory state around the buggy address: [ 32.936949] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.938460] fff00000c5c6f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.939534] >fff00000c5c6f480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 32.940277] ^ [ 32.941086] fff00000c5c6f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.942870] fff00000c5c6f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.943853] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 33.057851] ================================================================== [ 33.058892] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 33.059602] Write of size 1 at addr fff00000c69f60f0 by task kunit_try_catch/149 [ 33.060029] [ 33.060211] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.062551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.063476] Hardware name: linux,dummy-virt (DT) [ 33.064770] Call trace: [ 33.065366] show_stack+0x20/0x38 (C) [ 33.066521] dump_stack_lvl+0x8c/0xd0 [ 33.067209] print_report+0x118/0x5e0 [ 33.067772] kasan_report+0xc8/0x118 [ 33.068289] __asan_report_store1_noabort+0x20/0x30 [ 33.069277] krealloc_more_oob_helper+0x5c8/0x680 [ 33.070280] krealloc_large_more_oob+0x20/0x38 [ 33.071548] kunit_try_run_case+0x14c/0x3d0 [ 33.072040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.073005] kthread+0x24c/0x2d0 [ 33.073940] ret_from_fork+0x10/0x20 [ 33.074367] [ 33.074864] The buggy address belongs to the physical page: [ 33.075887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f4 [ 33.077362] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.078835] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.080831] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.081528] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.082158] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.082860] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.086176] head: 0bfffe0000000002 ffffc1ffc31a7d01 ffffffffffffffff 0000000000000000 [ 33.089301] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.091163] page dumped because: kasan: bad access detected [ 33.091693] [ 33.091940] Memory state around the buggy address: [ 33.092375] fff00000c69f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.096598] fff00000c69f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.098782] >fff00000c69f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 33.099891] ^ [ 33.100855] fff00000c69f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.101600] fff00000c69f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.102273] ================================================================== [ 32.626724] ================================================================== [ 32.627720] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 32.629025] Write of size 1 at addr fff00000c5c6f2f0 by task kunit_try_catch/145 [ 32.631927] [ 32.632335] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.635340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.635843] Hardware name: linux,dummy-virt (DT) [ 32.636937] Call trace: [ 32.637925] show_stack+0x20/0x38 (C) [ 32.639146] dump_stack_lvl+0x8c/0xd0 [ 32.639705] print_report+0x118/0x5e0 [ 32.640320] kasan_report+0xc8/0x118 [ 32.640877] __asan_report_store1_noabort+0x20/0x30 [ 32.641847] krealloc_more_oob_helper+0x5c8/0x680 [ 32.642840] krealloc_more_oob+0x20/0x38 [ 32.644020] kunit_try_run_case+0x14c/0x3d0 [ 32.644794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.646079] kthread+0x24c/0x2d0 [ 32.646920] ret_from_fork+0x10/0x20 [ 32.647567] [ 32.647894] Allocated by task 145: [ 32.648420] kasan_save_stack+0x3c/0x68 [ 32.649636] kasan_save_track+0x20/0x40 [ 32.650109] kasan_save_alloc_info+0x40/0x58 [ 32.651932] __kasan_krealloc+0x118/0x178 [ 32.653181] krealloc_noprof+0x128/0x360 [ 32.653997] krealloc_more_oob_helper+0x168/0x680 [ 32.654869] krealloc_more_oob+0x20/0x38 [ 32.655427] kunit_try_run_case+0x14c/0x3d0 [ 32.656119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.657348] kthread+0x24c/0x2d0 [ 32.658398] ret_from_fork+0x10/0x20 [ 32.659468] [ 32.659770] The buggy address belongs to the object at fff00000c5c6f200 [ 32.659770] which belongs to the cache kmalloc-256 of size 256 [ 32.662320] The buggy address is located 5 bytes to the right of [ 32.662320] allocated 235-byte region [fff00000c5c6f200, fff00000c5c6f2eb) [ 32.664039] [ 32.664409] The buggy address belongs to the physical page: [ 32.665803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.666485] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.667465] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.668343] page_type: f5(slab) [ 32.669076] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.670171] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.671264] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.672142] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.673281] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.674501] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.675690] page dumped because: kasan: bad access detected [ 32.676232] [ 32.676537] Memory state around the buggy address: [ 32.677555] fff00000c5c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.678392] fff00000c5c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.679678] >fff00000c5c6f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 32.680784] ^ [ 32.681570] fff00000c5c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.682901] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.683799] ================================================================== [ 33.017103] ================================================================== [ 33.018499] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 33.019401] Write of size 1 at addr fff00000c69f60eb by task kunit_try_catch/149 [ 33.020466] [ 33.021233] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 33.022835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.023339] Hardware name: linux,dummy-virt (DT) [ 33.023890] Call trace: [ 33.024350] show_stack+0x20/0x38 (C) [ 33.025102] dump_stack_lvl+0x8c/0xd0 [ 33.026545] print_report+0x118/0x5e0 [ 33.027248] kasan_report+0xc8/0x118 [ 33.028014] __asan_report_store1_noabort+0x20/0x30 [ 33.028757] krealloc_more_oob_helper+0x614/0x680 [ 33.029361] krealloc_large_more_oob+0x20/0x38 [ 33.030603] kunit_try_run_case+0x14c/0x3d0 [ 33.031234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.032055] kthread+0x24c/0x2d0 [ 33.033148] ret_from_fork+0x10/0x20 [ 33.033693] [ 33.034028] The buggy address belongs to the physical page: [ 33.034589] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f4 [ 33.035702] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 33.036761] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 33.037799] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.038781] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.039791] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 33.040621] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 33.041677] head: 0bfffe0000000002 ffffc1ffc31a7d01 ffffffffffffffff 0000000000000000 [ 33.042635] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 33.044018] page dumped because: kasan: bad access detected [ 33.044951] [ 33.045243] Memory state around the buggy address: [ 33.045981] fff00000c69f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.046796] fff00000c69f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 33.048341] >fff00000c69f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 33.049729] ^ [ 33.050700] fff00000c69f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.051728] fff00000c69f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 33.053098] ================================================================== [ 32.569385] ================================================================== [ 32.570844] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 32.572127] Write of size 1 at addr fff00000c5c6f2eb by task kunit_try_catch/145 [ 32.573050] [ 32.574087] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.576472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.577088] Hardware name: linux,dummy-virt (DT) [ 32.577749] Call trace: [ 32.578132] show_stack+0x20/0x38 (C) [ 32.579316] dump_stack_lvl+0x8c/0xd0 [ 32.580188] print_report+0x118/0x5e0 [ 32.582295] kasan_report+0xc8/0x118 [ 32.582761] __asan_report_store1_noabort+0x20/0x30 [ 32.583805] krealloc_more_oob_helper+0x614/0x680 [ 32.584731] krealloc_more_oob+0x20/0x38 [ 32.585271] kunit_try_run_case+0x14c/0x3d0 [ 32.586020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.587281] kthread+0x24c/0x2d0 [ 32.588131] ret_from_fork+0x10/0x20 [ 32.588976] [ 32.589286] Allocated by task 145: [ 32.589964] kasan_save_stack+0x3c/0x68 [ 32.590542] kasan_save_track+0x20/0x40 [ 32.591096] kasan_save_alloc_info+0x40/0x58 [ 32.591812] __kasan_krealloc+0x118/0x178 [ 32.592421] krealloc_noprof+0x128/0x360 [ 32.593313] krealloc_more_oob_helper+0x168/0x680 [ 32.594227] krealloc_more_oob+0x20/0x38 [ 32.595390] kunit_try_run_case+0x14c/0x3d0 [ 32.596052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.597405] kthread+0x24c/0x2d0 [ 32.598457] ret_from_fork+0x10/0x20 [ 32.599351] [ 32.599801] The buggy address belongs to the object at fff00000c5c6f200 [ 32.599801] which belongs to the cache kmalloc-256 of size 256 [ 32.601087] The buggy address is located 0 bytes to the right of [ 32.601087] allocated 235-byte region [fff00000c5c6f200, fff00000c5c6f2eb) [ 32.602547] [ 32.603023] The buggy address belongs to the physical page: [ 32.603814] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c6e [ 32.604805] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.605524] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.606815] page_type: f5(slab) [ 32.607316] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.609024] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.610666] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 32.611648] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.613298] head: 0bfffe0000000001 ffffc1ffc3171b81 ffffffffffffffff 0000000000000000 [ 32.614950] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 32.615831] page dumped because: kasan: bad access detected [ 32.616175] [ 32.616337] Memory state around the buggy address: [ 32.617560] fff00000c5c6f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.618293] fff00000c5c6f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.619850] >fff00000c5c6f280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 32.621415] ^ [ 32.622419] fff00000c5c6f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.623305] fff00000c5c6f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.624246] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 32.520031] ================================================================== [ 32.522250] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 32.524062] Read of size 1 at addr fff00000c6a30000 by task kunit_try_catch/143 [ 32.525660] [ 32.526048] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.527285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.528319] Hardware name: linux,dummy-virt (DT) [ 32.529407] Call trace: [ 32.529755] show_stack+0x20/0x38 (C) [ 32.530525] dump_stack_lvl+0x8c/0xd0 [ 32.531468] print_report+0x118/0x5e0 [ 32.531989] kasan_report+0xc8/0x118 [ 32.532608] __asan_report_load1_noabort+0x20/0x30 [ 32.533209] page_alloc_uaf+0x328/0x350 [ 32.533911] kunit_try_run_case+0x14c/0x3d0 [ 32.534514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.535301] kthread+0x24c/0x2d0 [ 32.535913] ret_from_fork+0x10/0x20 [ 32.536342] [ 32.536698] The buggy address belongs to the physical page: [ 32.538782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a30 [ 32.539644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.541783] page_type: f0(buddy) [ 32.542417] raw: 0bfffe0000000000 fff00000ff6150e0 fff00000ff6150e0 0000000000000000 [ 32.543093] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 32.543775] page dumped because: kasan: bad access detected [ 32.545004] [ 32.545588] Memory state around the buggy address: [ 32.548037] fff00000c6a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.550731] fff00000c6a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.552589] >fff00000c6a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.553600] ^ [ 32.554001] fff00000c6a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.556943] fff00000c6a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.558148] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 32.410984] ================================================================== [ 32.413231] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 32.414986] Read of size 1 at addr fff00000c69f0000 by task kunit_try_catch/137 [ 32.416277] [ 32.417186] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.419823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.421039] Hardware name: linux,dummy-virt (DT) [ 32.422504] Call trace: [ 32.423170] show_stack+0x20/0x38 (C) [ 32.423848] dump_stack_lvl+0x8c/0xd0 [ 32.424854] print_report+0x118/0x5e0 [ 32.425371] kasan_report+0xc8/0x118 [ 32.426653] __asan_report_load1_noabort+0x20/0x30 [ 32.427384] kmalloc_large_uaf+0x2cc/0x2f8 [ 32.428133] kunit_try_run_case+0x14c/0x3d0 [ 32.428834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.429606] kthread+0x24c/0x2d0 [ 32.430142] ret_from_fork+0x10/0x20 [ 32.431333] [ 32.431667] The buggy address belongs to the physical page: [ 32.433605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1069f0 [ 32.434690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.435865] raw: 0bfffe0000000000 ffffc1ffc31a7d08 fff00000da505f80 0000000000000000 [ 32.437857] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 32.438737] page dumped because: kasan: bad access detected [ 32.439474] [ 32.439856] Memory state around the buggy address: [ 32.440946] fff00000c69eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.441637] fff00000c69eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.442613] >fff00000c69f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.443915] ^ [ 32.444418] fff00000c69f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.445353] fff00000c69f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 32.445959] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 32.362683] ================================================================== [ 32.364186] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 32.365679] Write of size 1 at addr fff00000c699600a by task kunit_try_catch/135 [ 32.367217] [ 32.368068] CPU: 0 UID: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.370384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.371274] Hardware name: linux,dummy-virt (DT) [ 32.371915] Call trace: [ 32.372303] show_stack+0x20/0x38 (C) [ 32.373325] dump_stack_lvl+0x8c/0xd0 [ 32.373985] print_report+0x118/0x5e0 [ 32.374555] kasan_report+0xc8/0x118 [ 32.375103] __asan_report_store1_noabort+0x20/0x30 [ 32.375921] kmalloc_large_oob_right+0x278/0x2b8 [ 32.376578] kunit_try_run_case+0x14c/0x3d0 [ 32.377653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.378534] kthread+0x24c/0x2d0 [ 32.379188] ret_from_fork+0x10/0x20 [ 32.379851] [ 32.380239] The buggy address belongs to the physical page: [ 32.381045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106994 [ 32.382152] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.383400] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.384199] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 32.385650] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.386788] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 32.388853] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 32.389977] head: 0bfffe0000000002 ffffc1ffc31a6501 ffffffffffffffff 0000000000000000 [ 32.391103] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 32.391996] page dumped because: kasan: bad access detected [ 32.393299] [ 32.393693] Memory state around the buggy address: [ 32.394071] fff00000c6995f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.394570] fff00000c6995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.395668] >fff00000c6996000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 32.396805] ^ [ 32.397321] fff00000c6996080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 32.398563] fff00000c6996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 32.399818] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 32.295349] ================================================================== [ 32.297275] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 32.298586] Write of size 1 at addr fff00000c1615f00 by task kunit_try_catch/133 [ 32.299899] [ 32.300230] CPU: 0 UID: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.302559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.303107] Hardware name: linux,dummy-virt (DT) [ 32.303777] Call trace: [ 32.304167] show_stack+0x20/0x38 (C) [ 32.305542] dump_stack_lvl+0x8c/0xd0 [ 32.306404] print_report+0x118/0x5e0 [ 32.307048] kasan_report+0xc8/0x118 [ 32.307892] __asan_report_store1_noabort+0x20/0x30 [ 32.308813] kmalloc_big_oob_right+0x2a4/0x2f0 [ 32.309702] kunit_try_run_case+0x14c/0x3d0 [ 32.310639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.311628] kthread+0x24c/0x2d0 [ 32.312368] ret_from_fork+0x10/0x20 [ 32.313427] [ 32.313696] Allocated by task 133: [ 32.314071] kasan_save_stack+0x3c/0x68 [ 32.315379] kasan_save_track+0x20/0x40 [ 32.316196] kasan_save_alloc_info+0x40/0x58 [ 32.317402] __kasan_kmalloc+0xd4/0xd8 [ 32.318196] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.318803] kmalloc_big_oob_right+0xb8/0x2f0 [ 32.319375] kunit_try_run_case+0x14c/0x3d0 [ 32.320332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.322093] kthread+0x24c/0x2d0 [ 32.322677] ret_from_fork+0x10/0x20 [ 32.323127] [ 32.323611] The buggy address belongs to the object at fff00000c1614000 [ 32.323611] which belongs to the cache kmalloc-8k of size 8192 [ 32.325847] The buggy address is located 0 bytes to the right of [ 32.325847] allocated 7936-byte region [fff00000c1614000, fff00000c1615f00) [ 32.327276] [ 32.327635] The buggy address belongs to the physical page: [ 32.328340] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101610 [ 32.330231] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.331188] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.332138] page_type: f5(slab) [ 32.332831] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 32.334922] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 32.335869] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 32.337303] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 32.339042] head: 0bfffe0000000003 ffffc1ffc3058401 ffffffffffffffff 0000000000000000 [ 32.340253] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 32.341834] page dumped because: kasan: bad access detected [ 32.342780] [ 32.343192] Memory state around the buggy address: [ 32.344187] fff00000c1615e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.345254] fff00000c1615e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.346607] >fff00000c1615f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.347921] ^ [ 32.349091] fff00000c1615f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.350297] fff00000c1616000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.351157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 32.233292] ================================================================== [ 32.234355] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x420/0x490 [ 32.235859] Write of size 1 at addr fff00000c63b6578 by task kunit_try_catch/131 [ 32.237394] [ 32.238007] CPU: 0 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.239253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.240054] Hardware name: linux,dummy-virt (DT) [ 32.240632] Call trace: [ 32.241127] show_stack+0x20/0x38 (C) [ 32.242262] dump_stack_lvl+0x8c/0xd0 [ 32.242863] print_report+0x118/0x5e0 [ 32.243538] kasan_report+0xc8/0x118 [ 32.244025] __asan_report_store1_noabort+0x20/0x30 [ 32.245301] kmalloc_track_caller_oob_right+0x420/0x490 [ 32.246057] kunit_try_run_case+0x14c/0x3d0 [ 32.246829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.247591] kthread+0x24c/0x2d0 [ 32.248168] ret_from_fork+0x10/0x20 [ 32.249051] [ 32.249383] Allocated by task 131: [ 32.249894] kasan_save_stack+0x3c/0x68 [ 32.250996] kasan_save_track+0x20/0x40 [ 32.251575] kasan_save_alloc_info+0x40/0x58 [ 32.252148] __kasan_kmalloc+0xd4/0xd8 [ 32.253055] __kmalloc_node_track_caller_noprof+0x184/0x4b8 [ 32.254168] kmalloc_track_caller_oob_right+0x184/0x490 [ 32.255295] kunit_try_run_case+0x14c/0x3d0 [ 32.255819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.257615] kthread+0x24c/0x2d0 [ 32.258072] ret_from_fork+0x10/0x20 [ 32.258680] [ 32.258996] The buggy address belongs to the object at fff00000c63b6500 [ 32.258996] which belongs to the cache kmalloc-128 of size 128 [ 32.261011] The buggy address is located 0 bytes to the right of [ 32.261011] allocated 120-byte region [fff00000c63b6500, fff00000c63b6578) [ 32.262792] [ 32.263101] The buggy address belongs to the physical page: [ 32.263817] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b6 [ 32.264551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.267913] page_type: f5(slab) [ 32.268359] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.269042] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.270101] page dumped because: kasan: bad access detected [ 32.271184] [ 32.272180] Memory state around the buggy address: [ 32.272939] fff00000c63b6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.275196] fff00000c63b6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.276116] >fff00000c63b6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.277086] ^ [ 32.279585] fff00000c63b6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.281250] fff00000c63b6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.282054] ================================================================== [ 32.182868] ================================================================== [ 32.184206] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x414/0x490 [ 32.185314] Write of size 1 at addr fff00000c63b6478 by task kunit_try_catch/131 [ 32.186968] [ 32.187286] CPU: 0 UID: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.189312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.189968] Hardware name: linux,dummy-virt (DT) [ 32.190566] Call trace: [ 32.190913] show_stack+0x20/0x38 (C) [ 32.191636] dump_stack_lvl+0x8c/0xd0 [ 32.192427] print_report+0x118/0x5e0 [ 32.193212] kasan_report+0xc8/0x118 [ 32.194172] __asan_report_store1_noabort+0x20/0x30 [ 32.195074] kmalloc_track_caller_oob_right+0x414/0x490 [ 32.195833] kunit_try_run_case+0x14c/0x3d0 [ 32.196752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.197703] kthread+0x24c/0x2d0 [ 32.198304] ret_from_fork+0x10/0x20 [ 32.198978] [ 32.199385] Allocated by task 131: [ 32.199952] kasan_save_stack+0x3c/0x68 [ 32.200704] kasan_save_track+0x20/0x40 [ 32.201683] kasan_save_alloc_info+0x40/0x58 [ 32.202965] __kasan_kmalloc+0xd4/0xd8 [ 32.203413] __kmalloc_node_track_caller_noprof+0x184/0x4b8 [ 32.204251] kmalloc_track_caller_oob_right+0xa8/0x490 [ 32.205318] kunit_try_run_case+0x14c/0x3d0 [ 32.206406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.207172] kthread+0x24c/0x2d0 [ 32.207676] ret_from_fork+0x10/0x20 [ 32.208210] [ 32.208924] The buggy address belongs to the object at fff00000c63b6400 [ 32.208924] which belongs to the cache kmalloc-128 of size 128 [ 32.210978] The buggy address is located 0 bytes to the right of [ 32.210978] allocated 120-byte region [fff00000c63b6400, fff00000c63b6478) [ 32.213979] [ 32.214567] The buggy address belongs to the physical page: [ 32.215946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b6 [ 32.217846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.219023] page_type: f5(slab) [ 32.219643] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.220100] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.220853] page dumped because: kasan: bad access detected [ 32.222104] [ 32.222374] Memory state around the buggy address: [ 32.223144] fff00000c63b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 32.225399] fff00000c63b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.226311] >fff00000c63b6400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.227377] ^ [ 32.228398] fff00000c63b6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.229662] fff00000c63b6500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.230527] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 32.117761] ================================================================== [ 32.119008] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 32.119865] Read of size 1 at addr fff00000c5e1d000 by task kunit_try_catch/129 [ 32.120746] [ 32.121068] CPU: 1 UID: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.123082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.123675] Hardware name: linux,dummy-virt (DT) [ 32.124339] Call trace: [ 32.124775] show_stack+0x20/0x38 (C) [ 32.126133] dump_stack_lvl+0x8c/0xd0 [ 32.126931] print_report+0x118/0x5e0 [ 32.128132] kasan_report+0xc8/0x118 [ 32.128709] __asan_report_load1_noabort+0x20/0x30 [ 32.129083] kmalloc_node_oob_right+0x2f4/0x330 [ 32.129404] kunit_try_run_case+0x14c/0x3d0 [ 32.130008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.131657] kthread+0x24c/0x2d0 [ 32.132202] ret_from_fork+0x10/0x20 [ 32.133250] [ 32.133662] Allocated by task 129: [ 32.134278] kasan_save_stack+0x3c/0x68 [ 32.134879] kasan_save_track+0x20/0x40 [ 32.135412] kasan_save_alloc_info+0x40/0x58 [ 32.137079] __kasan_kmalloc+0xd4/0xd8 [ 32.137375] __kmalloc_cache_node_noprof+0x164/0x3d0 [ 32.137902] kmalloc_node_oob_right+0xbc/0x330 [ 32.139375] kunit_try_run_case+0x14c/0x3d0 [ 32.140067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.140696] kthread+0x24c/0x2d0 [ 32.142109] ret_from_fork+0x10/0x20 [ 32.142946] [ 32.143218] The buggy address belongs to the object at fff00000c5e1c000 [ 32.143218] which belongs to the cache kmalloc-4k of size 4096 [ 32.145454] The buggy address is located 0 bytes to the right of [ 32.145454] allocated 4096-byte region [fff00000c5e1c000, fff00000c5e1d000) [ 32.146966] [ 32.147304] The buggy address belongs to the physical page: [ 32.148325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e18 [ 32.149675] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 32.151065] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 32.151774] page_type: f5(slab) [ 32.152545] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 32.153788] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 32.154950] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 32.156699] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 32.157699] head: 0bfffe0000000003 ffffc1ffc3178601 ffffffffffffffff 0000000000000000 [ 32.159417] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 32.161394] page dumped because: kasan: bad access detected [ 32.162047] [ 32.162310] Memory state around the buggy address: [ 32.162936] fff00000c5e1cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.164549] fff00000c5e1cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 32.166813] >fff00000c5e1d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.167676] ^ [ 32.168380] fff00000c5e1d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.169961] fff00000c5e1d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.171712] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 32.049356] ================================================================== [ 32.050693] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 32.051606] Read of size 1 at addr fff00000c610527f by task kunit_try_catch/127 [ 32.052778] [ 32.053135] CPU: 0 UID: 0 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.055238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.056065] Hardware name: linux,dummy-virt (DT) [ 32.057200] Call trace: [ 32.057978] show_stack+0x20/0x38 (C) [ 32.058508] dump_stack_lvl+0x8c/0xd0 [ 32.059017] print_report+0x118/0x5e0 [ 32.059613] kasan_report+0xc8/0x118 [ 32.060378] __asan_report_load1_noabort+0x20/0x30 [ 32.061960] kmalloc_oob_left+0x2ec/0x320 [ 32.062527] kunit_try_run_case+0x14c/0x3d0 [ 32.063234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.064059] kthread+0x24c/0x2d0 [ 32.064725] ret_from_fork+0x10/0x20 [ 32.065323] [ 32.066545] Allocated by task 28: [ 32.066952] kasan_save_stack+0x3c/0x68 [ 32.067721] kasan_save_track+0x20/0x40 [ 32.068790] kasan_save_alloc_info+0x40/0x58 [ 32.069681] __kasan_kmalloc+0xd4/0xd8 [ 32.070678] __kmalloc_node_track_caller_noprof+0x184/0x4b8 [ 32.071760] kstrdup+0x54/0xc8 [ 32.072466] devtmpfs_work_loop+0x384/0x590 [ 32.073904] devtmpfsd+0x50/0x58 [ 32.074373] kthread+0x24c/0x2d0 [ 32.074840] ret_from_fork+0x10/0x20 [ 32.075610] [ 32.076087] Freed by task 28: [ 32.076967] kasan_save_stack+0x3c/0x68 [ 32.077715] kasan_save_track+0x20/0x40 [ 32.078622] kasan_save_free_info+0x4c/0x78 [ 32.079224] __kasan_slab_free+0x6c/0x98 [ 32.079922] kfree+0x114/0x3d0 [ 32.080336] devtmpfs_work_loop+0x498/0x590 [ 32.081157] devtmpfsd+0x50/0x58 [ 32.082122] kthread+0x24c/0x2d0 [ 32.082546] ret_from_fork+0x10/0x20 [ 32.083254] [ 32.083763] The buggy address belongs to the object at fff00000c6105260 [ 32.083763] which belongs to the cache kmalloc-16 of size 16 [ 32.085411] The buggy address is located 15 bytes to the right of [ 32.085411] allocated 16-byte region [fff00000c6105260, fff00000c6105270) [ 32.087148] [ 32.087697] The buggy address belongs to the physical page: [ 32.088539] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106105 [ 32.090532] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.091540] page_type: f5(slab) [ 32.092078] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.093823] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 32.095083] page dumped because: kasan: bad access detected [ 32.096111] [ 32.097144] Memory state around the buggy address: [ 32.098082] fff00000c6105100: fa fb fc fc fa fb fc fc 00 04 fc fc 00 04 fc fc [ 32.098936] fff00000c6105180: fa fb fc fc 00 05 fc fc 00 05 fc fc 00 00 fc fc [ 32.099929] >fff00000c6105200: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 32.101503] ^ [ 32.103273] fff00000c6105280: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.104264] fff00000c6105300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.105656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 31.993473] ================================================================== [ 31.994381] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 31.995847] Read of size 1 at addr fff00000c6112f80 by task kunit_try_catch/125 [ 31.997962] [ 31.999205] CPU: 1 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 32.000069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.000787] Hardware name: linux,dummy-virt (DT) [ 32.003291] Call trace: [ 32.003676] show_stack+0x20/0x38 (C) [ 32.004124] dump_stack_lvl+0x8c/0xd0 [ 32.004555] print_report+0x118/0x5e0 [ 32.004959] kasan_report+0xc8/0x118 [ 32.005360] __asan_report_load1_noabort+0x20/0x30 [ 32.007137] kmalloc_oob_right+0x5d0/0x660 [ 32.008945] kunit_try_run_case+0x14c/0x3d0 [ 32.009593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.011551] kthread+0x24c/0x2d0 [ 32.012190] ret_from_fork+0x10/0x20 [ 32.013664] [ 32.014173] Allocated by task 125: [ 32.014914] kasan_save_stack+0x3c/0x68 [ 32.015659] kasan_save_track+0x20/0x40 [ 32.016288] kasan_save_alloc_info+0x40/0x58 [ 32.017071] __kasan_kmalloc+0xd4/0xd8 [ 32.017777] __kmalloc_cache_noprof+0x15c/0x3c8 [ 32.018549] kmalloc_oob_right+0xb0/0x660 [ 32.019177] kunit_try_run_case+0x14c/0x3d0 [ 32.019866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.020614] kthread+0x24c/0x2d0 [ 32.021292] ret_from_fork+0x10/0x20 [ 32.022019] [ 32.022485] The buggy address belongs to the object at fff00000c6112f00 [ 32.022485] which belongs to the cache kmalloc-128 of size 128 [ 32.024133] The buggy address is located 13 bytes to the right of [ 32.024133] allocated 115-byte region [fff00000c6112f00, fff00000c6112f73) [ 32.025699] [ 32.026028] The buggy address belongs to the physical page: [ 32.026961] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106112 [ 32.027923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.028914] page_type: f5(slab) [ 32.029336] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 32.030339] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 32.031271] page dumped because: kasan: bad access detected [ 32.031977] [ 32.032308] Memory state around the buggy address: [ 32.032899] fff00000c6112e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.033858] fff00000c6112f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 32.034702] >fff00000c6112f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.035596] ^ [ 32.036177] fff00000c6113000: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 32.037041] fff00000c6113080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.037877] ================================================================== [ 31.886718] ================================================================== [ 31.888464] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 31.890863] Write of size 1 at addr fff00000c6112f73 by task kunit_try_catch/125 [ 31.892096] [ 31.894252] CPU: 0 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G N 6.12.0-next-20241122 #1 [ 31.895840] Tainted: [N]=TEST [ 31.896569] Hardware name: linux,dummy-virt (DT) [ 31.897608] Call trace: [ 31.898899] show_stack+0x20/0x38 (C) [ 31.899915] dump_stack_lvl+0x8c/0xd0 [ 31.900921] print_report+0x118/0x5e0 [ 31.901469] kasan_report+0xc8/0x118 [ 31.902733] __asan_report_store1_noabort+0x20/0x30 [ 31.903955] kmalloc_oob_right+0x5a4/0x660 [ 31.905023] kunit_try_run_case+0x14c/0x3d0 [ 31.906226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.907064] kthread+0x24c/0x2d0 [ 31.907721] ret_from_fork+0x10/0x20 [ 31.908765] [ 31.909245] Allocated by task 125: [ 31.910177] kasan_save_stack+0x3c/0x68 [ 31.910846] kasan_save_track+0x20/0x40 [ 31.911722] kasan_save_alloc_info+0x40/0x58 [ 31.913160] __kasan_kmalloc+0xd4/0xd8 [ 31.913616] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.914101] kmalloc_oob_right+0xb0/0x660 [ 31.914659] kunit_try_run_case+0x14c/0x3d0 [ 31.915248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.916478] kthread+0x24c/0x2d0 [ 31.917579] ret_from_fork+0x10/0x20 [ 31.918419] [ 31.918991] The buggy address belongs to the object at fff00000c6112f00 [ 31.918991] which belongs to the cache kmalloc-128 of size 128 [ 31.921216] The buggy address is located 0 bytes to the right of [ 31.921216] allocated 115-byte region [fff00000c6112f00, fff00000c6112f73) [ 31.923966] [ 31.925017] The buggy address belongs to the physical page: [ 31.926267] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106112 [ 31.927613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.929640] page_type: f5(slab) [ 31.930691] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.931668] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.933781] page dumped because: kasan: bad access detected [ 31.934896] [ 31.935104] Memory state around the buggy address: [ 31.935907] fff00000c6112e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.936710] fff00000c6112e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.937891] >fff00000c6112f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 31.939491] ^ [ 31.941131] fff00000c6112f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.941934] fff00000c6113000: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 31.943384] ================================================================== [ 31.948075] ================================================================== [ 31.949270] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 31.949962] Write of size 1 at addr fff00000c6112f78 by task kunit_try_catch/125 [ 31.950911] [ 31.951289] CPU: 1 UID: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 31.953471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.954130] Hardware name: linux,dummy-virt (DT) [ 31.954733] Call trace: [ 31.955153] show_stack+0x20/0x38 (C) [ 31.955668] dump_stack_lvl+0x8c/0xd0 [ 31.956327] print_report+0x118/0x5e0 [ 31.956944] kasan_report+0xc8/0x118 [ 31.957950] __asan_report_store1_noabort+0x20/0x30 [ 31.958663] kmalloc_oob_right+0x538/0x660 [ 31.959299] kunit_try_run_case+0x14c/0x3d0 [ 31.960101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.961196] kthread+0x24c/0x2d0 [ 31.961951] ret_from_fork+0x10/0x20 [ 31.962512] [ 31.962797] Allocated by task 125: [ 31.963274] kasan_save_stack+0x3c/0x68 [ 31.964312] kasan_save_track+0x20/0x40 [ 31.965485] kasan_save_alloc_info+0x40/0x58 [ 31.966188] __kasan_kmalloc+0xd4/0xd8 [ 31.966794] __kmalloc_cache_noprof+0x15c/0x3c8 [ 31.967382] kmalloc_oob_right+0xb0/0x660 [ 31.968218] kunit_try_run_case+0x14c/0x3d0 [ 31.968698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.970605] kthread+0x24c/0x2d0 [ 31.971281] ret_from_fork+0x10/0x20 [ 31.972062] [ 31.972349] The buggy address belongs to the object at fff00000c6112f00 [ 31.972349] which belongs to the cache kmalloc-128 of size 128 [ 31.973718] The buggy address is located 5 bytes to the right of [ 31.973718] allocated 115-byte region [fff00000c6112f00, fff00000c6112f73) [ 31.975882] [ 31.976365] The buggy address belongs to the physical page: [ 31.977371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106112 [ 31.978419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.979356] page_type: f5(slab) [ 31.980051] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 31.981375] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 31.982295] page dumped because: kasan: bad access detected [ 31.982981] [ 31.983298] Memory state around the buggy address: [ 31.984077] fff00000c6112e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.985337] fff00000c6112e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.986183] >fff00000c6112f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 31.987335] ^ [ 31.988252] fff00000c6112f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.989320] fff00000c6113000: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 31.990366] ==================================================================
Failure - log-parser-boot - internal-error-oops-oops-preempt-smp
KNOWN ISSUE - kunit_test_null_dereference internal oops on qemu-arm64 KUNIT KASAN
[ 151.048943] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 151.050463] Modules linked in: [ 151.051895] CPU: 1 UID: 0 PID: 621 Comm: kunit_try_catch Tainted: G B N 6.12.0-next-20241122 #1 [ 151.054226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 151.054812] Hardware name: linux,dummy-virt (DT) [ 151.055703] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 151.056760] pc : kunit_test_null_dereference+0x70/0x170 [ 151.058291] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 151.059092] sp : ffff800083447dc0 [ 151.059627] x29: ffff800083447e20 x28: 0000000000000000 x27: 0000000000000000 [ 151.060838] x26: 0000000000000000 x25: 0000000000000000 x24: fff00000c6132900 [ 151.061378] x23: ffffa3d127bc6590 x22: ffffa3d127bcf150 x21: fff00000c6132908 [ 151.062946] x20: 1ffff00010688fb8 x19: ffff8000800879f0 x18: 00000000392faf41 [ 151.064070] x17: 0000000000000001 x16: fff00000da501ca0 x15: 00000000db2e85af [ 151.065304] x14: 00000000370398c3 x13: fff00000da501c98 x12: fffd80001937c8b2 [ 151.066172] x11: 1ffe00001937c8b1 x10: fffd80001937c8b1 x9 : ffffa3d127bc6618 [ 151.068267] x8 : ffff800083447cb8 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 151.069486] x5 : ffff700010688fb8 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 151.070643] x2 : dfff800000000000 x1 : fff00000c9be3cc0 x0 : ffff8000800879f0 [ 151.071961] Call trace: [ 151.072404] kunit_test_null_dereference+0x70/0x170 (P) [ 151.073269] kunit_generic_run_threadfn_adapter+0x88/0x100 (L) [ 151.074161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 151.074959] kthread+0x24c/0x2d0 [ 151.075421] ret_from_fork+0x10/0x20 [ 151.076642] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 151.077968] ---[ end trace 0000000000000000 ]---