Date
July 15, 2025, 2:10 p.m.
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 66.723938] ================================================================== [ 66.724951] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xd8/0x328 [ 66.726133] Read of size 1 at addr ffff8000080fb7f3 by task kunit_try_catch/167 [ 66.726744] [ 66.726948] CPU: 1 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.727627] Hardware name: linux,dummy-virt (DT) [ 66.728019] Call trace: [ 66.728267] dump_backtrace+0x110/0x120 [ 66.728729] show_stack+0x18/0x28 [ 66.729114] dump_stack_lvl+0x68/0x84 [ 66.729815] print_report+0x158/0x484 [ 66.730187] kasan_report+0x98/0xe0 [ 66.730648] __asan_load1+0x68/0x78 [ 66.731028] vmalloc_oob+0xd8/0x328 [ 66.731432] kunit_try_run_case+0x7c/0x120 [ 66.731866] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.732441] kthread+0x1a4/0x1b8 [ 66.732797] ret_from_fork+0x10/0x20 [ 66.733183] [ 66.733391] The buggy address ffff8000080fb7f3 belongs to a vmalloc virtual mapping [ 66.734428] The buggy address belongs to the physical page: [ 66.734896] page:00000000ab988f6b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a11 [ 66.735619] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 66.736214] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 66.736843] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 66.737668] page dumped because: kasan: bad access detected [ 66.738092] [ 66.738276] Memory state around the buggy address: [ 66.738718] ffff8000080fb680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.739299] ffff8000080fb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.739857] >ffff8000080fb780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 66.740401] ^ [ 66.740937] ffff8000080fb800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 66.741523] ffff8000080fb880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 66.742052] ================================================================== [ 66.743119] ================================================================== [ 66.744132] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x100/0x328 [ 66.744712] Read of size 1 at addr ffff8000080fb7f8 by task kunit_try_catch/167 [ 66.745250] [ 66.745458] CPU: 1 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.746404] Hardware name: linux,dummy-virt (DT) [ 66.746772] Call trace: [ 66.747028] dump_backtrace+0x110/0x120 [ 66.747459] show_stack+0x18/0x28 [ 66.747825] dump_stack_lvl+0x68/0x84 [ 66.748248] print_report+0x158/0x484 [ 66.748630] kasan_report+0x98/0xe0 [ 66.749002] __asan_load1+0x68/0x78 [ 66.749392] vmalloc_oob+0x100/0x328 [ 66.750243] kunit_try_run_case+0x7c/0x120 [ 66.750669] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.751171] kthread+0x1a4/0x1b8 [ 66.751525] ret_from_fork+0x10/0x20 [ 66.751903] [ 66.752097] The buggy address ffff8000080fb7f8 belongs to a vmalloc virtual mapping [ 66.752678] The buggy address belongs to the physical page: [ 66.753136] page:00000000ab988f6b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a11 [ 66.754243] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 66.754794] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 66.755405] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 66.756007] page dumped because: kasan: bad access detected [ 66.756458] [ 66.756644] Memory state around the buggy address: [ 66.757096] ffff8000080fb680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.758169] ffff8000080fb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.758733] >ffff8000080fb780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 66.759309] ^ [ 66.759845] ffff8000080fb800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 66.760414] ffff8000080fb880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 66.760963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree
[ 66.684955] ================================================================== [ 66.685693] BUG: KASAN: double-free in kfree+0x5c/0x70 [ 66.686184] Free of addr ffff0000c5a10200 by task kunit_try_catch/165 [ 66.686685] [ 66.686878] CPU: 1 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.688184] Hardware name: linux,dummy-virt (DT) [ 66.688600] Call trace: [ 66.688849] dump_backtrace+0x110/0x120 [ 66.689314] show_stack+0x18/0x28 [ 66.689970] dump_stack_lvl+0x68/0x84 [ 66.690383] print_report+0x158/0x484 [ 66.690767] kasan_report_invalid_free+0x84/0xa0 [ 66.691211] __kasan_slab_free+0x11c/0x158 [ 66.691623] __kmem_cache_free+0x138/0x2b0 [ 66.692036] kfree+0x5c/0x70 [ 66.692390] kfree_sensitive+0x24/0x60 [ 66.692799] kmalloc_double_kzfree+0xdc/0x1d8 [ 66.693217] kunit_try_run_case+0x7c/0x120 [ 66.694194] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.694717] kthread+0x1a4/0x1b8 [ 66.695070] ret_from_fork+0x10/0x20 [ 66.695461] [ 66.695636] Allocated by task 165: [ 66.695942] kasan_save_stack+0x2c/0x58 [ 66.696367] kasan_set_track+0x2c/0x40 [ 66.696736] kasan_save_alloc_info+0x24/0x38 [ 66.697166] __kasan_kmalloc+0xa0/0xb8 [ 66.697582] kmalloc_trace+0x50/0x68 [ 66.698199] kmalloc_double_kzfree+0xa8/0x1d8 [ 66.698660] kunit_try_run_case+0x7c/0x120 [ 66.699089] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.699596] kthread+0x1a4/0x1b8 [ 66.699944] ret_from_fork+0x10/0x20 [ 66.700312] [ 66.700506] Freed by task 165: [ 66.700783] kasan_save_stack+0x2c/0x58 [ 66.701153] kasan_set_track+0x2c/0x40 [ 66.701591] kasan_save_free_info+0x38/0x60 [ 66.702495] __kasan_slab_free+0xe8/0x158 [ 66.702875] __kmem_cache_free+0x138/0x2b0 [ 66.703291] kfree+0x5c/0x70 [ 66.703612] kfree_sensitive+0x4c/0x60 [ 66.704017] kmalloc_double_kzfree+0xc8/0x1d8 [ 66.704464] kunit_try_run_case+0x7c/0x120 [ 66.704881] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.705383] kthread+0x1a4/0x1b8 [ 66.705712] ret_from_fork+0x10/0x20 [ 66.706116] [ 66.706321] The buggy address belongs to the object at ffff0000c5a10200 [ 66.706321] which belongs to the cache kmalloc-128 of size 128 [ 66.707182] The buggy address is located 0 bytes inside of [ 66.707182] 128-byte region [ffff0000c5a10200, ffff0000c5a10280) [ 66.708257] [ 66.708434] The buggy address belongs to the physical page: [ 66.708829] page:000000003e6c9983 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a10 [ 66.710019] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.710645] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.711257] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.711825] page dumped because: kasan: bad access detected [ 66.712266] [ 66.712458] Memory state around the buggy address: [ 66.712862] ffff0000c5a10100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.713450] ffff0000c5a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.714264] >ffff0000c5a10200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.714796] ^ [ 66.715103] ffff0000c5a10280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.715670] ffff0000c5a10300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.716196] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kfree_sensitive
[ 66.652338] ================================================================== [ 66.654401] BUG: KASAN: use-after-free in kfree_sensitive+0x18/0x60 [ 66.655278] Read of size 1 at addr ffff0000c5a10200 by task kunit_try_catch/165 [ 66.655737] [ 66.655918] CPU: 1 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.656438] Hardware name: linux,dummy-virt (DT) [ 66.656758] Call trace: [ 66.657018] dump_backtrace+0x110/0x120 [ 66.657519] show_stack+0x18/0x28 [ 66.657974] dump_stack_lvl+0x68/0x84 [ 66.658619] print_report+0x158/0x484 [ 66.659030] kasan_report+0x98/0xe0 [ 66.659410] __kasan_check_byte+0x58/0x70 [ 66.659803] ksize+0x30/0x80 [ 66.660114] kfree_sensitive+0x18/0x60 [ 66.660518] kmalloc_double_kzfree+0xdc/0x1d8 [ 66.660978] kunit_try_run_case+0x7c/0x120 [ 66.661407] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.661936] kthread+0x1a4/0x1b8 [ 66.662545] ret_from_fork+0x10/0x20 [ 66.662938] [ 66.663119] Allocated by task 165: [ 66.663435] kasan_save_stack+0x2c/0x58 [ 66.663814] kasan_set_track+0x2c/0x40 [ 66.664213] kasan_save_alloc_info+0x24/0x38 [ 66.664655] __kasan_kmalloc+0xa0/0xb8 [ 66.665020] kmalloc_trace+0x50/0x68 [ 66.665414] kmalloc_double_kzfree+0xa8/0x1d8 [ 66.666094] kunit_try_run_case+0x7c/0x120 [ 66.666545] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.667036] kthread+0x1a4/0x1b8 [ 66.667412] ret_from_fork+0x10/0x20 [ 66.667789] [ 66.667966] Freed by task 165: [ 66.668242] kasan_save_stack+0x2c/0x58 [ 66.668640] kasan_set_track+0x2c/0x40 [ 66.669029] kasan_save_free_info+0x38/0x60 [ 66.669725] __kasan_slab_free+0xe8/0x158 [ 66.670137] __kmem_cache_free+0x138/0x2b0 [ 66.670577] kfree+0x5c/0x70 [ 66.670914] kfree_sensitive+0x4c/0x60 [ 66.671326] kmalloc_double_kzfree+0xc8/0x1d8 [ 66.671766] kunit_try_run_case+0x7c/0x120 [ 66.672181] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.672715] kthread+0x1a4/0x1b8 [ 66.673066] ret_from_fork+0x10/0x20 [ 66.673443] [ 66.673643] The buggy address belongs to the object at ffff0000c5a10200 [ 66.673643] which belongs to the cache kmalloc-128 of size 128 [ 66.674491] The buggy address is located 0 bytes inside of [ 66.674491] 128-byte region [ffff0000c5a10200, ffff0000c5a10280) [ 66.675585] [ 66.675799] The buggy address belongs to the physical page: [ 66.676224] page:000000003e6c9983 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a10 [ 66.676956] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.678250] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.678843] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.679432] page dumped because: kasan: bad access detected [ 66.679872] [ 66.680067] Memory state around the buggy address: [ 66.680505] ffff0000c5a10100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.681046] ffff0000c5a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.681938] >ffff0000c5a10200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.682614] ^ [ 66.682932] ffff0000c5a10280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.683504] ffff0000c5a10300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.684032] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 66.475318] ================================================================== [ 66.475841] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x11c/0x780 [ 66.476585] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.477103] [ 66.477321] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.478221] Hardware name: linux,dummy-virt (DT) [ 66.478622] Call trace: [ 66.478844] dump_backtrace+0x110/0x120 [ 66.479312] show_stack+0x18/0x28 [ 66.479722] dump_stack_lvl+0x68/0x84 [ 66.480091] print_report+0x158/0x484 [ 66.480483] kasan_report+0x98/0xe0 [ 66.480847] __asan_load8+0x88/0xb0 [ 66.481204] kasan_bitops_test_and_modify.constprop.4+0x11c/0x780 [ 66.481913] kasan_bitops_generic+0xb8/0x128 [ 66.482372] kunit_try_run_case+0x7c/0x120 [ 66.482802] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.483312] kthread+0x1a4/0x1b8 [ 66.483667] ret_from_fork+0x10/0x20 [ 66.484036] [ 66.484199] Allocated by task 163: [ 66.484532] kasan_save_stack+0x2c/0x58 [ 66.484921] kasan_set_track+0x2c/0x40 [ 66.485322] kasan_save_alloc_info+0x24/0x38 [ 66.485738] __kasan_kmalloc+0xa0/0xb8 [ 66.486103] kmalloc_trace+0x50/0x68 [ 66.486502] kasan_bitops_generic+0x90/0x128 [ 66.486959] kunit_try_run_case+0x7c/0x120 [ 66.487537] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.488044] kthread+0x1a4/0x1b8 [ 66.488409] ret_from_fork+0x10/0x20 [ 66.488766] [ 66.488936] The buggy address belongs to the object at ffff0000c586c700 [ 66.488936] which belongs to the cache kmalloc-128 of size 128 [ 66.490022] The buggy address is located 8 bytes inside of [ 66.490022] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.490844] [ 66.491015] The buggy address belongs to the physical page: [ 66.491445] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.492146] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.492662] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.493328] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.493947] page dumped because: kasan: bad access detected [ 66.494560] [ 66.494762] Memory state around the buggy address: [ 66.495172] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.495748] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.496337] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.496883] ^ [ 66.497193] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.498394] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.498939] ================================================================== [ 66.399977] ================================================================== [ 66.400493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0xb0/0x780 [ 66.401305] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.402034] [ 66.402261] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.402870] Hardware name: linux,dummy-virt (DT) [ 66.403273] Call trace: [ 66.403492] dump_backtrace+0x110/0x120 [ 66.403920] show_stack+0x18/0x28 [ 66.404340] dump_stack_lvl+0x68/0x84 [ 66.404763] print_report+0x158/0x484 [ 66.405131] kasan_report+0x98/0xe0 [ 66.405650] kasan_check_range+0x160/0x1d8 [ 66.406051] __kasan_check_write+0x28/0x38 [ 66.406480] kasan_bitops_test_and_modify.constprop.4+0xb0/0x780 [ 66.407008] kasan_bitops_generic+0xb8/0x128 [ 66.407450] kunit_try_run_case+0x7c/0x120 [ 66.407863] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.408382] kthread+0x1a4/0x1b8 [ 66.408721] ret_from_fork+0x10/0x20 [ 66.409086] [ 66.409290] Allocated by task 163: [ 66.409734] kasan_save_stack+0x2c/0x58 [ 66.410145] kasan_set_track+0x2c/0x40 [ 66.410529] kasan_save_alloc_info+0x24/0x38 [ 66.410955] __kasan_kmalloc+0xa0/0xb8 [ 66.411319] kmalloc_trace+0x50/0x68 [ 66.411699] kasan_bitops_generic+0x90/0x128 [ 66.412138] kunit_try_run_case+0x7c/0x120 [ 66.412563] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.413083] kthread+0x1a4/0x1b8 [ 66.413568] ret_from_fork+0x10/0x20 [ 66.413943] [ 66.414125] The buggy address belongs to the object at ffff0000c586c700 [ 66.414125] which belongs to the cache kmalloc-128 of size 128 [ 66.414980] The buggy address is located 8 bytes inside of [ 66.414980] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.415805] [ 66.415979] The buggy address belongs to the physical page: [ 66.416394] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.417096] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.418353] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.418864] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.419323] page dumped because: kasan: bad access detected [ 66.419880] [ 66.420146] Memory state around the buggy address: [ 66.420551] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.421154] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.421732] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.422428] ^ [ 66.422706] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.423134] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.423655] ================================================================== [ 66.450616] ================================================================== [ 66.451112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x114/0x780 [ 66.451869] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.452460] [ 66.452642] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.453220] Hardware name: linux,dummy-virt (DT) [ 66.453813] Call trace: [ 66.454072] dump_backtrace+0x110/0x120 [ 66.454501] show_stack+0x18/0x28 [ 66.454910] dump_stack_lvl+0x68/0x84 [ 66.455319] print_report+0x158/0x484 [ 66.455697] kasan_report+0x98/0xe0 [ 66.456048] kasan_check_range+0x160/0x1d8 [ 66.456487] __kasan_check_write+0x28/0x38 [ 66.456933] kasan_bitops_test_and_modify.constprop.4+0x114/0x780 [ 66.457547] kasan_bitops_generic+0xb8/0x128 [ 66.457998] kunit_try_run_case+0x7c/0x120 [ 66.458577] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.459093] kthread+0x1a4/0x1b8 [ 66.459481] ret_from_fork+0x10/0x20 [ 66.459849] [ 66.460040] Allocated by task 163: [ 66.460337] kasan_save_stack+0x2c/0x58 [ 66.460694] kasan_set_track+0x2c/0x40 [ 66.461078] kasan_save_alloc_info+0x24/0x38 [ 66.461678] __kasan_kmalloc+0xa0/0xb8 [ 66.462039] kmalloc_trace+0x50/0x68 [ 66.462431] kasan_bitops_generic+0x90/0x128 [ 66.462866] kunit_try_run_case+0x7c/0x120 [ 66.463276] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.463807] kthread+0x1a4/0x1b8 [ 66.464147] ret_from_fork+0x10/0x20 [ 66.464512] [ 66.464694] The buggy address belongs to the object at ffff0000c586c700 [ 66.464694] which belongs to the cache kmalloc-128 of size 128 [ 66.465526] The buggy address is located 8 bytes inside of [ 66.465526] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.466314] [ 66.466505] The buggy address belongs to the physical page: [ 66.466967] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.467808] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.468434] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.469017] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.470257] page dumped because: kasan: bad access detected [ 66.470669] [ 66.470851] Memory state around the buggy address: [ 66.471219] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.471814] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.472371] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.472881] ^ [ 66.473198] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.474020] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.474573] ================================================================== [ 66.524923] ================================================================== [ 66.525495] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x190/0x780 [ 66.526480] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.527050] [ 66.527244] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.527912] Hardware name: linux,dummy-virt (DT) [ 66.528278] Call trace: [ 66.528550] dump_backtrace+0x110/0x120 [ 66.528985] show_stack+0x18/0x28 [ 66.529411] dump_stack_lvl+0x68/0x84 [ 66.529832] print_report+0x158/0x484 [ 66.530189] kasan_report+0x98/0xe0 [ 66.530718] __asan_load8+0x88/0xb0 [ 66.531076] kasan_bitops_test_and_modify.constprop.4+0x190/0x780 [ 66.531619] kasan_bitops_generic+0xb8/0x128 [ 66.532071] kunit_try_run_case+0x7c/0x120 [ 66.532507] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.533019] kthread+0x1a4/0x1b8 [ 66.533378] ret_from_fork+0x10/0x20 [ 66.533894] [ 66.534083] Allocated by task 163: [ 66.534395] kasan_save_stack+0x2c/0x58 [ 66.534788] kasan_set_track+0x2c/0x40 [ 66.535152] kasan_save_alloc_info+0x24/0x38 [ 66.535597] __kasan_kmalloc+0xa0/0xb8 [ 66.535969] kmalloc_trace+0x50/0x68 [ 66.536333] kasan_bitops_generic+0x90/0x128 [ 66.536785] kunit_try_run_case+0x7c/0x120 [ 66.537198] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.537867] kthread+0x1a4/0x1b8 [ 66.538243] ret_from_fork+0x10/0x20 [ 66.538621] [ 66.538794] The buggy address belongs to the object at ffff0000c586c700 [ 66.538794] which belongs to the cache kmalloc-128 of size 128 [ 66.539664] The buggy address is located 8 bytes inside of [ 66.539664] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.540479] [ 66.540668] The buggy address belongs to the physical page: [ 66.541124] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.542003] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.542622] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.543381] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.543930] page dumped because: kasan: bad access detected [ 66.544366] [ 66.544556] Memory state around the buggy address: [ 66.544926] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.546118] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.546671] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.547215] ^ [ 66.547544] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.548108] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.548624] ================================================================== [ 66.575100] ================================================================== [ 66.575789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x1f8/0x780 [ 66.576962] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.577734] [ 66.578050] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.579005] Hardware name: linux,dummy-virt (DT) [ 66.579462] Call trace: [ 66.579691] dump_backtrace+0x110/0x120 [ 66.580182] show_stack+0x18/0x28 [ 66.580575] dump_stack_lvl+0x68/0x84 [ 66.581004] print_report+0x158/0x484 [ 66.581396] kasan_report+0x98/0xe0 [ 66.581769] __asan_load8+0x88/0xb0 [ 66.582138] kasan_bitops_test_and_modify.constprop.4+0x1f8/0x780 [ 66.582694] kasan_bitops_generic+0xb8/0x128 [ 66.583165] kunit_try_run_case+0x7c/0x120 [ 66.583582] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.584070] kthread+0x1a4/0x1b8 [ 66.584441] ret_from_fork+0x10/0x20 [ 66.584825] [ 66.585006] Allocated by task 163: [ 66.585344] kasan_save_stack+0x2c/0x58 [ 66.585728] kasan_set_track+0x2c/0x40 [ 66.586091] kasan_save_alloc_info+0x24/0x38 [ 66.586516] __kasan_kmalloc+0xa0/0xb8 [ 66.586894] kmalloc_trace+0x50/0x68 [ 66.587264] kasan_bitops_generic+0x90/0x128 [ 66.587709] kunit_try_run_case+0x7c/0x120 [ 66.588126] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.588654] kthread+0x1a4/0x1b8 [ 66.588992] ret_from_fork+0x10/0x20 [ 66.589360] [ 66.589529] The buggy address belongs to the object at ffff0000c586c700 [ 66.589529] which belongs to the cache kmalloc-128 of size 128 [ 66.590413] The buggy address is located 8 bytes inside of [ 66.590413] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.591205] [ 66.591392] The buggy address belongs to the physical page: [ 66.591816] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.592520] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.593135] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.593711] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.594285] page dumped because: kasan: bad access detected [ 66.594715] [ 66.594900] Memory state around the buggy address: [ 66.595310] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.595879] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.596424] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.596951] ^ [ 66.597277] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.597832] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.598379] ================================================================== [ 66.499737] ================================================================== [ 66.500276] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x15c/0x780 [ 66.501052] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.501847] [ 66.502060] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.502809] Hardware name: linux,dummy-virt (DT) [ 66.503158] Call trace: [ 66.503429] dump_backtrace+0x110/0x120 [ 66.503876] show_stack+0x18/0x28 [ 66.504279] dump_stack_lvl+0x68/0x84 [ 66.504675] print_report+0x158/0x484 [ 66.505051] kasan_report+0x98/0xe0 [ 66.505592] kasan_check_range+0x160/0x1d8 [ 66.505987] __kasan_check_write+0x28/0x38 [ 66.506426] kasan_bitops_test_and_modify.constprop.4+0x15c/0x780 [ 66.506966] kasan_bitops_generic+0xb8/0x128 [ 66.507418] kunit_try_run_case+0x7c/0x120 [ 66.507817] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.508328] kthread+0x1a4/0x1b8 [ 66.508659] ret_from_fork+0x10/0x20 [ 66.509039] [ 66.509203] Allocated by task 163: [ 66.509721] kasan_save_stack+0x2c/0x58 [ 66.510129] kasan_set_track+0x2c/0x40 [ 66.510502] kasan_save_alloc_info+0x24/0x38 [ 66.510923] __kasan_kmalloc+0xa0/0xb8 [ 66.511286] kmalloc_trace+0x50/0x68 [ 66.511656] kasan_bitops_generic+0x90/0x128 [ 66.512099] kunit_try_run_case+0x7c/0x120 [ 66.512520] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.513031] kthread+0x1a4/0x1b8 [ 66.513378] ret_from_fork+0x10/0x20 [ 66.513738] [ 66.513930] The buggy address belongs to the object at ffff0000c586c700 [ 66.513930] which belongs to the cache kmalloc-128 of size 128 [ 66.514765] The buggy address is located 8 bytes inside of [ 66.514765] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.515793] [ 66.515976] The buggy address belongs to the physical page: [ 66.516416] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.517124] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.518408] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.519020] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.519680] page dumped because: kasan: bad access detected [ 66.520144] [ 66.520367] Memory state around the buggy address: [ 66.520741] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.521350] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.521917] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.522606] ^ [ 66.522953] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.523532] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.524058] ================================================================== [ 66.425361] ================================================================== [ 66.425969] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0xe0/0x780 [ 66.426592] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.427031] [ 66.427200] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.427721] Hardware name: linux,dummy-virt (DT) [ 66.428021] Call trace: [ 66.428224] dump_backtrace+0x110/0x120 [ 66.428946] show_stack+0x18/0x28 [ 66.429446] dump_stack_lvl+0x68/0x84 [ 66.429902] print_report+0x158/0x484 [ 66.430505] kasan_report+0x98/0xe0 [ 66.430922] __asan_load8+0x88/0xb0 [ 66.431355] kasan_bitops_test_and_modify.constprop.4+0xe0/0x780 [ 66.431990] kasan_bitops_generic+0xb8/0x128 [ 66.432514] kunit_try_run_case+0x7c/0x120 [ 66.432970] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.433730] kthread+0x1a4/0x1b8 [ 66.434135] ret_from_fork+0x10/0x20 [ 66.434561] [ 66.434767] Allocated by task 163: [ 66.435139] kasan_save_stack+0x2c/0x58 [ 66.435533] kasan_set_track+0x2c/0x40 [ 66.435953] kasan_save_alloc_info+0x24/0x38 [ 66.436389] __kasan_kmalloc+0xa0/0xb8 [ 66.436795] kmalloc_trace+0x50/0x68 [ 66.437164] kasan_bitops_generic+0x90/0x128 [ 66.437754] kunit_try_run_case+0x7c/0x120 [ 66.438215] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.438759] kthread+0x1a4/0x1b8 [ 66.439100] ret_from_fork+0x10/0x20 [ 66.439486] [ 66.439668] The buggy address belongs to the object at ffff0000c586c700 [ 66.439668] which belongs to the cache kmalloc-128 of size 128 [ 66.440496] The buggy address is located 8 bytes inside of [ 66.440496] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.441329] [ 66.441550] The buggy address belongs to the physical page: [ 66.442124] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.442814] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.443458] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.444056] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.444630] page dumped because: kasan: bad access detected [ 66.445048] [ 66.445399] Memory state around the buggy address: [ 66.446388] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.446955] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.447515] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.448036] ^ [ 66.448364] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.448916] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.449436] ================================================================== [ 66.622488] ================================================================== [ 66.622974] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x25c/0x780 [ 66.623788] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.624362] [ 66.624557] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.625186] Hardware name: linux,dummy-virt (DT) [ 66.625619] Call trace: [ 66.625884] dump_backtrace+0x110/0x120 [ 66.626347] show_stack+0x18/0x28 [ 66.626744] dump_stack_lvl+0x68/0x84 [ 66.627147] print_report+0x158/0x484 [ 66.627543] kasan_report+0x98/0xe0 [ 66.627903] kasan_check_range+0x160/0x1d8 [ 66.628336] __kasan_check_write+0x28/0x38 [ 66.628751] kasan_bitops_test_and_modify.constprop.4+0x25c/0x780 [ 66.629317] kasan_bitops_generic+0xb8/0x128 [ 66.629739] kunit_try_run_case+0x7c/0x120 [ 66.630163] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.630663] kthread+0x1a4/0x1b8 [ 66.631002] ret_from_fork+0x10/0x20 [ 66.631392] [ 66.631575] Allocated by task 163: [ 66.631901] kasan_save_stack+0x2c/0x58 [ 66.632271] kasan_set_track+0x2c/0x40 [ 66.632634] kasan_save_alloc_info+0x24/0x38 [ 66.633071] __kasan_kmalloc+0xa0/0xb8 [ 66.633471] kmalloc_trace+0x50/0x68 [ 66.633857] kasan_bitops_generic+0x90/0x128 [ 66.634342] kunit_try_run_case+0x7c/0x120 [ 66.634763] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.635286] kthread+0x1a4/0x1b8 [ 66.635635] ret_from_fork+0x10/0x20 [ 66.636006] [ 66.636182] The buggy address belongs to the object at ffff0000c586c700 [ 66.636182] which belongs to the cache kmalloc-128 of size 128 [ 66.637050] The buggy address is located 8 bytes inside of [ 66.637050] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.637826] [ 66.638027] The buggy address belongs to the physical page: [ 66.638456] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.639156] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.639767] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.640362] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.640920] page dumped because: kasan: bad access detected [ 66.641367] [ 66.641558] Memory state around the buggy address: [ 66.641955] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.642497] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.643060] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.643622] ^ [ 66.643948] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.644510] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.645027] ================================================================== [ 66.549382] ================================================================== [ 66.550194] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x1c4/0x780 [ 66.550995] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.551562] [ 66.551780] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.552436] Hardware name: linux,dummy-virt (DT) [ 66.552801] Call trace: [ 66.553011] dump_backtrace+0x110/0x120 [ 66.553666] show_stack+0x18/0x28 [ 66.554067] dump_stack_lvl+0x68/0x84 [ 66.554494] print_report+0x158/0x484 [ 66.554878] kasan_report+0x98/0xe0 [ 66.555225] kasan_check_range+0x160/0x1d8 [ 66.555643] __kasan_check_write+0x28/0x38 [ 66.556044] kasan_bitops_test_and_modify.constprop.4+0x1c4/0x780 [ 66.556604] kasan_bitops_generic+0xb8/0x128 [ 66.557052] kunit_try_run_case+0x7c/0x120 [ 66.557523] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.558050] kthread+0x1a4/0x1b8 [ 66.558411] ret_from_fork+0x10/0x20 [ 66.558793] [ 66.558991] Allocated by task 163: [ 66.559455] kasan_save_stack+0x2c/0x58 [ 66.559855] kasan_set_track+0x2c/0x40 [ 66.560237] kasan_save_alloc_info+0x24/0x38 [ 66.560658] __kasan_kmalloc+0xa0/0xb8 [ 66.561018] kmalloc_trace+0x50/0x68 [ 66.561409] kasan_bitops_generic+0x90/0x128 [ 66.561990] kunit_try_run_case+0x7c/0x120 [ 66.562438] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.562916] kthread+0x1a4/0x1b8 [ 66.563283] ret_from_fork+0x10/0x20 [ 66.563658] [ 66.563832] The buggy address belongs to the object at ffff0000c586c700 [ 66.563832] which belongs to the cache kmalloc-128 of size 128 [ 66.564739] The buggy address is located 8 bytes inside of [ 66.564739] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.566142] [ 66.566367] The buggy address belongs to the physical page: [ 66.566774] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.567490] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.568101] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.568736] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.569331] page dumped because: kasan: bad access detected [ 66.569961] [ 66.570160] Memory state around the buggy address: [ 66.570571] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.571127] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.571767] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.572324] ^ [ 66.572625] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.573245] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.574011] ================================================================== [ 66.599327] ================================================================== [ 66.599836] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.4+0x228/0x780 [ 66.600607] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.601166] [ 66.601570] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.602329] Hardware name: linux,dummy-virt (DT) [ 66.602710] Call trace: [ 66.602960] dump_backtrace+0x110/0x120 [ 66.603429] show_stack+0x18/0x28 [ 66.603810] dump_stack_lvl+0x68/0x84 [ 66.604256] print_report+0x158/0x484 [ 66.604614] kasan_report+0x98/0xe0 [ 66.604982] __asan_load8+0x88/0xb0 [ 66.605372] kasan_bitops_test_and_modify.constprop.4+0x228/0x780 [ 66.605906] kasan_bitops_generic+0xb8/0x128 [ 66.606372] kunit_try_run_case+0x7c/0x120 [ 66.606794] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.607281] kthread+0x1a4/0x1b8 [ 66.607631] ret_from_fork+0x10/0x20 [ 66.608005] [ 66.608170] Allocated by task 163: [ 66.608506] kasan_save_stack+0x2c/0x58 [ 66.608900] kasan_set_track+0x2c/0x40 [ 66.609301] kasan_save_alloc_info+0x24/0x38 [ 66.609719] __kasan_kmalloc+0xa0/0xb8 [ 66.610090] kmalloc_trace+0x50/0x68 [ 66.610457] kasan_bitops_generic+0x90/0x128 [ 66.610906] kunit_try_run_case+0x7c/0x120 [ 66.611328] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.611811] kthread+0x1a4/0x1b8 [ 66.612159] ret_from_fork+0x10/0x20 [ 66.612537] [ 66.612722] The buggy address belongs to the object at ffff0000c586c700 [ 66.612722] which belongs to the cache kmalloc-128 of size 128 [ 66.613582] The buggy address is located 8 bytes inside of [ 66.613582] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.614380] [ 66.614553] The buggy address belongs to the physical page: [ 66.614982] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.615671] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.616269] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.616904] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.617481] page dumped because: kasan: bad access detected [ 66.617908] [ 66.618094] Memory state around the buggy address: [ 66.618515] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.619065] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.619673] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.620213] ^ [ 66.620545] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.621106] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.621663] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 66.177015] ================================================================== [ 66.177703] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0xe4/0x6a8 [ 66.178416] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.178961] [ 66.179152] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.179795] Hardware name: linux,dummy-virt (DT) [ 66.180178] Call trace: [ 66.180430] dump_backtrace+0x110/0x120 [ 66.180847] show_stack+0x18/0x28 [ 66.181236] dump_stack_lvl+0x68/0x84 [ 66.181690] print_report+0x158/0x484 [ 66.182218] kasan_report+0x98/0xe0 [ 66.182597] __asan_load8+0x88/0xb0 [ 66.182940] kasan_bitops_modify.constprop.5+0xe4/0x6a8 [ 66.183506] kasan_bitops_generic+0xac/0x128 [ 66.183952] kunit_try_run_case+0x7c/0x120 [ 66.184379] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.184855] kthread+0x1a4/0x1b8 [ 66.185219] ret_from_fork+0x10/0x20 [ 66.185799] [ 66.186000] Allocated by task 163: [ 66.186295] kasan_save_stack+0x2c/0x58 [ 66.186693] kasan_set_track+0x2c/0x40 [ 66.187054] kasan_save_alloc_info+0x24/0x38 [ 66.187487] __kasan_kmalloc+0xa0/0xb8 [ 66.187838] kmalloc_trace+0x50/0x68 [ 66.188208] kasan_bitops_generic+0x90/0x128 [ 66.188686] kunit_try_run_case+0x7c/0x120 [ 66.189091] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.189821] kthread+0x1a4/0x1b8 [ 66.190157] ret_from_fork+0x10/0x20 [ 66.190515] [ 66.190708] The buggy address belongs to the object at ffff0000c586c700 [ 66.190708] which belongs to the cache kmalloc-128 of size 128 [ 66.191554] The buggy address is located 8 bytes inside of [ 66.191554] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.192334] [ 66.192549] The buggy address belongs to the physical page: [ 66.192986] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.193733] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.194947] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.195550] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.196134] page dumped because: kasan: bad access detected [ 66.196548] [ 66.196732] Memory state around the buggy address: [ 66.197113] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.197896] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.198452] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.198988] ^ [ 66.199324] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.199892] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.200438] ================================================================== [ 66.150508] ================================================================== [ 66.151273] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0xb4/0x6a8 [ 66.151975] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.152591] [ 66.152805] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.153536] Hardware name: linux,dummy-virt (DT) [ 66.154068] Call trace: [ 66.154511] dump_backtrace+0x110/0x120 [ 66.154976] show_stack+0x18/0x28 [ 66.155367] dump_stack_lvl+0x68/0x84 [ 66.155797] print_report+0x158/0x484 [ 66.156166] kasan_report+0x98/0xe0 [ 66.156511] kasan_check_range+0x160/0x1d8 [ 66.156853] __kasan_check_write+0x28/0x38 [ 66.157197] kasan_bitops_modify.constprop.5+0xb4/0x6a8 [ 66.157637] kasan_bitops_generic+0xac/0x128 [ 66.158258] kunit_try_run_case+0x7c/0x120 [ 66.158778] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.159325] kthread+0x1a4/0x1b8 [ 66.159716] ret_from_fork+0x10/0x20 [ 66.160083] [ 66.160297] Allocated by task 163: [ 66.160615] kasan_save_stack+0x2c/0x58 [ 66.161012] kasan_set_track+0x2c/0x40 [ 66.161447] kasan_save_alloc_info+0x24/0x38 [ 66.161995] __kasan_kmalloc+0xa0/0xb8 [ 66.162435] kmalloc_trace+0x50/0x68 [ 66.162822] kasan_bitops_generic+0x90/0x128 [ 66.163294] kunit_try_run_case+0x7c/0x120 [ 66.163729] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.164253] kthread+0x1a4/0x1b8 [ 66.164609] ret_from_fork+0x10/0x20 [ 66.164984] [ 66.165205] The buggy address belongs to the object at ffff0000c586c700 [ 66.165205] which belongs to the cache kmalloc-128 of size 128 [ 66.166494] The buggy address is located 8 bytes inside of [ 66.166494] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.167490] [ 66.167821] The buggy address belongs to the physical page: [ 66.168280] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.169049] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.170101] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.170720] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.171292] page dumped because: kasan: bad access detected [ 66.171734] [ 66.171926] Memory state around the buggy address: [ 66.172307] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.172850] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.174081] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.174769] ^ [ 66.175107] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.175672] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.176225] ================================================================== [ 66.201213] ================================================================== [ 66.201774] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x118/0x6a8 [ 66.202553] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.203096] [ 66.203301] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.203969] Hardware name: linux,dummy-virt (DT) [ 66.204601] Call trace: [ 66.204839] dump_backtrace+0x110/0x120 [ 66.205283] show_stack+0x18/0x28 [ 66.205791] dump_stack_lvl+0x68/0x84 [ 66.206196] print_report+0x158/0x484 [ 66.206582] kasan_report+0x98/0xe0 [ 66.206925] kasan_check_range+0x160/0x1d8 [ 66.207353] __kasan_check_write+0x28/0x38 [ 66.207755] kasan_bitops_modify.constprop.5+0x118/0x6a8 [ 66.208242] kasan_bitops_generic+0xac/0x128 [ 66.208690] kunit_try_run_case+0x7c/0x120 [ 66.209111] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.209889] kthread+0x1a4/0x1b8 [ 66.210258] ret_from_fork+0x10/0x20 [ 66.210627] [ 66.210822] Allocated by task 163: [ 66.211101] kasan_save_stack+0x2c/0x58 [ 66.211528] kasan_set_track+0x2c/0x40 [ 66.211854] kasan_save_alloc_info+0x24/0x38 [ 66.212307] __kasan_kmalloc+0xa0/0xb8 [ 66.212673] kmalloc_trace+0x50/0x68 [ 66.213056] kasan_bitops_generic+0x90/0x128 [ 66.213559] kunit_try_run_case+0x7c/0x120 [ 66.213979] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.214648] kthread+0x1a4/0x1b8 [ 66.215004] ret_from_fork+0x10/0x20 [ 66.215385] [ 66.215554] The buggy address belongs to the object at ffff0000c586c700 [ 66.215554] which belongs to the cache kmalloc-128 of size 128 [ 66.216391] The buggy address is located 8 bytes inside of [ 66.216391] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.217195] [ 66.217392] The buggy address belongs to the physical page: [ 66.218083] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.218798] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.219400] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.219972] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.220541] page dumped because: kasan: bad access detected [ 66.220965] [ 66.221152] Memory state around the buggy address: [ 66.222196] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.222750] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.223316] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.223849] ^ [ 66.224155] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.224711] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.225250] ================================================================== [ 66.302065] ================================================================== [ 66.302585] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x1c0/0x6a8 [ 66.303278] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.303814] [ 66.304032] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.304696] Hardware name: linux,dummy-virt (DT) [ 66.305066] Call trace: [ 66.305318] dump_backtrace+0x110/0x120 [ 66.306019] show_stack+0x18/0x28 [ 66.306437] dump_stack_lvl+0x68/0x84 [ 66.306829] print_report+0x158/0x484 [ 66.307195] kasan_report+0x98/0xe0 [ 66.307568] __asan_load8+0x88/0xb0 [ 66.307934] kasan_bitops_modify.constprop.5+0x1c0/0x6a8 [ 66.308450] kasan_bitops_generic+0xac/0x128 [ 66.308890] kunit_try_run_case+0x7c/0x120 [ 66.309314] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.309949] kthread+0x1a4/0x1b8 [ 66.310325] ret_from_fork+0x10/0x20 [ 66.310712] [ 66.310885] Allocated by task 163: [ 66.311184] kasan_save_stack+0x2c/0x58 [ 66.311592] kasan_set_track+0x2c/0x40 [ 66.311959] kasan_save_alloc_info+0x24/0x38 [ 66.312391] __kasan_kmalloc+0xa0/0xb8 [ 66.312727] kmalloc_trace+0x50/0x68 [ 66.313087] kasan_bitops_generic+0x90/0x128 [ 66.313706] kunit_try_run_case+0x7c/0x120 [ 66.314121] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.314653] kthread+0x1a4/0x1b8 [ 66.314994] ret_from_fork+0x10/0x20 [ 66.315374] [ 66.315572] The buggy address belongs to the object at ffff0000c586c700 [ 66.315572] which belongs to the cache kmalloc-128 of size 128 [ 66.316404] The buggy address is located 8 bytes inside of [ 66.316404] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.317208] [ 66.317404] The buggy address belongs to the physical page: [ 66.317863] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.318550] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.319157] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.319880] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.320455] page dumped because: kasan: bad access detected [ 66.320899] [ 66.321090] Memory state around the buggy address: [ 66.321603] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.322186] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.322747] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.323288] ^ [ 66.323594] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.324151] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.324713] ================================================================== [ 66.326063] ================================================================== [ 66.326601] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x1d0/0x6a8 [ 66.327265] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.327824] [ 66.328015] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.328634] Hardware name: linux,dummy-virt (DT) [ 66.329020] Call trace: [ 66.329250] dump_backtrace+0x110/0x120 [ 66.329966] show_stack+0x18/0x28 [ 66.330373] dump_stack_lvl+0x68/0x84 [ 66.330762] print_report+0x158/0x484 [ 66.331134] kasan_report+0x98/0xe0 [ 66.331511] kasan_check_range+0x160/0x1d8 [ 66.331916] __kasan_check_write+0x28/0x38 [ 66.332339] kasan_bitops_modify.constprop.5+0x1d0/0x6a8 [ 66.332818] kasan_bitops_generic+0xac/0x128 [ 66.333291] kunit_try_run_case+0x7c/0x120 [ 66.333713] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.334382] kthread+0x1a4/0x1b8 [ 66.334726] ret_from_fork+0x10/0x20 [ 66.335091] [ 66.335284] Allocated by task 163: [ 66.335591] kasan_save_stack+0x2c/0x58 [ 66.335960] kasan_set_track+0x2c/0x40 [ 66.336326] kasan_save_alloc_info+0x24/0x38 [ 66.336764] __kasan_kmalloc+0xa0/0xb8 [ 66.337119] kmalloc_trace+0x50/0x68 [ 66.337660] kasan_bitops_generic+0x90/0x128 [ 66.338090] kunit_try_run_case+0x7c/0x120 [ 66.338533] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.339075] kthread+0x1a4/0x1b8 [ 66.339413] ret_from_fork+0x10/0x20 [ 66.339787] [ 66.339961] The buggy address belongs to the object at ffff0000c586c700 [ 66.339961] which belongs to the cache kmalloc-128 of size 128 [ 66.340763] The buggy address is located 8 bytes inside of [ 66.340763] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.341733] [ 66.341915] The buggy address belongs to the physical page: [ 66.342354] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.343030] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.343643] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.344253] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.344803] page dumped because: kasan: bad access detected [ 66.345243] [ 66.345434] Memory state around the buggy address: [ 66.345875] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.346422] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.346972] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.347523] ^ [ 66.347827] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.348550] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.349086] ================================================================== [ 66.250309] ================================================================== [ 66.250845] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x180/0x6a8 [ 66.251490] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.252128] [ 66.252309] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.252964] Hardware name: linux,dummy-virt (DT) [ 66.253367] Call trace: [ 66.253638] dump_backtrace+0x110/0x120 [ 66.254071] show_stack+0x18/0x28 [ 66.254518] dump_stack_lvl+0x68/0x84 [ 66.254905] print_report+0x158/0x484 [ 66.255285] kasan_report+0x98/0xe0 [ 66.255750] kasan_check_range+0x160/0x1d8 [ 66.256158] __kasan_check_write+0x28/0x38 [ 66.256584] kasan_bitops_modify.constprop.5+0x180/0x6a8 [ 66.257080] kasan_bitops_generic+0xac/0x128 [ 66.257704] kunit_try_run_case+0x7c/0x120 [ 66.258114] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.258638] kthread+0x1a4/0x1b8 [ 66.259011] ret_from_fork+0x10/0x20 [ 66.259424] [ 66.259607] Allocated by task 163: [ 66.259932] kasan_save_stack+0x2c/0x58 [ 66.260322] kasan_set_track+0x2c/0x40 [ 66.260691] kasan_save_alloc_info+0x24/0x38 [ 66.261106] __kasan_kmalloc+0xa0/0xb8 [ 66.261628] kmalloc_trace+0x50/0x68 [ 66.261992] kasan_bitops_generic+0x90/0x128 [ 66.262454] kunit_try_run_case+0x7c/0x120 [ 66.262907] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.263446] kthread+0x1a4/0x1b8 [ 66.263783] ret_from_fork+0x10/0x20 [ 66.264152] [ 66.264329] The buggy address belongs to the object at ffff0000c586c700 [ 66.264329] which belongs to the cache kmalloc-128 of size 128 [ 66.265172] The buggy address is located 8 bytes inside of [ 66.265172] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.266172] [ 66.266412] The buggy address belongs to the physical page: [ 66.266822] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.267543] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.268171] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.268788] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.269349] page dumped because: kasan: bad access detected [ 66.270301] [ 66.270488] Memory state around the buggy address: [ 66.270915] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.271486] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.272003] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.272537] ^ [ 66.272859] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.273407] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.273966] ================================================================== [ 66.375093] ================================================================== [ 66.375601] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x238/0x6a8 [ 66.376373] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.376961] [ 66.377187] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.378399] Hardware name: linux,dummy-virt (DT) [ 66.378784] Call trace: [ 66.379006] dump_backtrace+0x110/0x120 [ 66.379515] show_stack+0x18/0x28 [ 66.379887] dump_stack_lvl+0x68/0x84 [ 66.380337] print_report+0x158/0x484 [ 66.380704] kasan_report+0x98/0xe0 [ 66.381064] __asan_load8+0x88/0xb0 [ 66.381465] kasan_bitops_modify.constprop.5+0x238/0x6a8 [ 66.382011] kasan_bitops_generic+0xac/0x128 [ 66.382465] kunit_try_run_case+0x7c/0x120 [ 66.382928] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.383471] kthread+0x1a4/0x1b8 [ 66.383808] ret_from_fork+0x10/0x20 [ 66.384199] [ 66.384410] Allocated by task 163: [ 66.384723] kasan_save_stack+0x2c/0x58 [ 66.385079] kasan_set_track+0x2c/0x40 [ 66.385555] kasan_save_alloc_info+0x24/0x38 [ 66.385988] __kasan_kmalloc+0xa0/0xb8 [ 66.386358] kmalloc_trace+0x50/0x68 [ 66.386718] kasan_bitops_generic+0x90/0x128 [ 66.387162] kunit_try_run_case+0x7c/0x120 [ 66.387744] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.388299] kthread+0x1a4/0x1b8 [ 66.388645] ret_from_fork+0x10/0x20 [ 66.389007] [ 66.389186] The buggy address belongs to the object at ffff0000c586c700 [ 66.389186] which belongs to the cache kmalloc-128 of size 128 [ 66.390223] The buggy address is located 8 bytes inside of [ 66.390223] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.391086] [ 66.391261] The buggy address belongs to the physical page: [ 66.391738] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.392415] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.393012] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.393825] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.394410] page dumped because: kasan: bad access detected [ 66.394828] [ 66.395007] Memory state around the buggy address: [ 66.395402] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.395931] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.396522] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.397040] ^ [ 66.397344] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.397926] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.399103] ================================================================== [ 66.226244] ================================================================== [ 66.226752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x14c/0x6a8 [ 66.227485] Read of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.228045] [ 66.228252] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.228928] Hardware name: linux,dummy-virt (DT) [ 66.229338] Call trace: [ 66.229611] dump_backtrace+0x110/0x120 [ 66.230223] show_stack+0x18/0x28 [ 66.230616] dump_stack_lvl+0x68/0x84 [ 66.230986] print_report+0x158/0x484 [ 66.231342] kasan_report+0x98/0xe0 [ 66.231692] __asan_load8+0x88/0xb0 [ 66.232045] kasan_bitops_modify.constprop.5+0x14c/0x6a8 [ 66.232651] kasan_bitops_generic+0xac/0x128 [ 66.233098] kunit_try_run_case+0x7c/0x120 [ 66.233699] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.234194] kthread+0x1a4/0x1b8 [ 66.234552] ret_from_fork+0x10/0x20 [ 66.234935] [ 66.235101] Allocated by task 163: [ 66.235447] kasan_save_stack+0x2c/0x58 [ 66.235826] kasan_set_track+0x2c/0x40 [ 66.236190] kasan_save_alloc_info+0x24/0x38 [ 66.236624] __kasan_kmalloc+0xa0/0xb8 [ 66.236983] kmalloc_trace+0x50/0x68 [ 66.237368] kasan_bitops_generic+0x90/0x128 [ 66.237810] kunit_try_run_case+0x7c/0x120 [ 66.238224] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.238716] kthread+0x1a4/0x1b8 [ 66.239045] ret_from_fork+0x10/0x20 [ 66.239565] [ 66.239758] The buggy address belongs to the object at ffff0000c586c700 [ 66.239758] which belongs to the cache kmalloc-128 of size 128 [ 66.240597] The buggy address is located 8 bytes inside of [ 66.240597] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.241399] [ 66.241568] The buggy address belongs to the physical page: [ 66.242139] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.242868] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.243474] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.244074] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.244634] page dumped because: kasan: bad access detected [ 66.245039] [ 66.245224] Memory state around the buggy address: [ 66.245832] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.246432] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.246985] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.247508] ^ [ 66.247841] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.248413] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.248945] ================================================================== [ 66.350431] ================================================================== [ 66.350944] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x204/0x6a8 [ 66.351668] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.352223] [ 66.352446] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.353039] Hardware name: linux,dummy-virt (DT) [ 66.353455] Call trace: [ 66.353692] dump_backtrace+0x110/0x120 [ 66.354173] show_stack+0x18/0x28 [ 66.354587] dump_stack_lvl+0x68/0x84 [ 66.354993] print_report+0x158/0x484 [ 66.355503] kasan_report+0x98/0xe0 [ 66.355863] kasan_check_range+0x160/0x1d8 [ 66.356276] __kasan_check_write+0x28/0x38 [ 66.356699] kasan_bitops_modify.constprop.5+0x204/0x6a8 [ 66.357218] kasan_bitops_generic+0xac/0x128 [ 66.357911] kunit_try_run_case+0x7c/0x120 [ 66.358360] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.358869] kthread+0x1a4/0x1b8 [ 66.359209] ret_from_fork+0x10/0x20 [ 66.359577] [ 66.359740] Allocated by task 163: [ 66.360078] kasan_save_stack+0x2c/0x58 [ 66.360453] kasan_set_track+0x2c/0x40 [ 66.360816] kasan_save_alloc_info+0x24/0x38 [ 66.361245] __kasan_kmalloc+0xa0/0xb8 [ 66.361753] kmalloc_trace+0x50/0x68 [ 66.362116] kasan_bitops_generic+0x90/0x128 [ 66.362529] kunit_try_run_case+0x7c/0x120 [ 66.362952] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.363487] kthread+0x1a4/0x1b8 [ 66.363841] ret_from_fork+0x10/0x20 [ 66.364211] [ 66.364410] The buggy address belongs to the object at ffff0000c586c700 [ 66.364410] which belongs to the cache kmalloc-128 of size 128 [ 66.365253] The buggy address is located 8 bytes inside of [ 66.365253] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.366205] [ 66.366397] The buggy address belongs to the physical page: [ 66.366848] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.367546] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.368144] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.368780] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.369358] page dumped because: kasan: bad access detected [ 66.370341] [ 66.370534] Memory state around the buggy address: [ 66.370938] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.371513] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.372059] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.372588] ^ [ 66.372892] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.373634] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.374176] ================================================================== [ 66.276390] ================================================================== [ 66.276846] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.5+0x1b8/0x6a8 [ 66.277632] Write of size 8 at addr ffff0000c586c708 by task kunit_try_catch/163 [ 66.278210] [ 66.278406] CPU: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.279423] Hardware name: linux,dummy-virt (DT) [ 66.279922] Call trace: [ 66.280290] dump_backtrace+0x110/0x120 [ 66.280804] show_stack+0x18/0x28 [ 66.281302] dump_stack_lvl+0x68/0x84 [ 66.281846] print_report+0x158/0x484 [ 66.282331] kasan_report+0x98/0xe0 [ 66.282750] kasan_check_range+0x160/0x1d8 [ 66.283278] __kasan_check_write+0x28/0x38 [ 66.283661] kasan_bitops_modify.constprop.5+0x1b8/0x6a8 [ 66.284173] kasan_bitops_generic+0xac/0x128 [ 66.284628] kunit_try_run_case+0x7c/0x120 [ 66.285070] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.285603] kthread+0x1a4/0x1b8 [ 66.286009] ret_from_fork+0x10/0x20 [ 66.286426] [ 66.286585] Allocated by task 163: [ 66.286915] kasan_save_stack+0x2c/0x58 [ 66.287368] kasan_set_track+0x2c/0x40 [ 66.287753] kasan_save_alloc_info+0x24/0x38 [ 66.288165] __kasan_kmalloc+0xa0/0xb8 [ 66.288539] kmalloc_trace+0x50/0x68 [ 66.288910] kasan_bitops_generic+0x90/0x128 [ 66.289369] kunit_try_run_case+0x7c/0x120 [ 66.289894] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.290431] kthread+0x1a4/0x1b8 [ 66.290762] ret_from_fork+0x10/0x20 [ 66.291128] [ 66.291325] The buggy address belongs to the object at ffff0000c586c700 [ 66.291325] which belongs to the cache kmalloc-128 of size 128 [ 66.292159] The buggy address is located 8 bytes inside of [ 66.292159] 128-byte region [ffff0000c586c700, ffff0000c586c780) [ 66.292948] [ 66.293156] The buggy address belongs to the physical page: [ 66.293788] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 66.294474] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.295123] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.295713] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.296293] page dumped because: kasan: bad access detected [ 66.296744] [ 66.296933] Memory state around the buggy address: [ 66.297310] ffff0000c586c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.298575] ffff0000c586c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.299121] >ffff0000c586c700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.299681] ^ [ 66.299988] ffff0000c586c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.300569] ffff0000c586c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.301089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
[ 64.032305] ================================================================== [ 64.033004] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xc8/0x1d0 [ 64.033932] Read of size 1 at addr ffff0000c5994000 by task kunit_try_catch/122 [ 64.034677] [ 64.034929] CPU: 1 PID: 122 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.036009] Hardware name: linux,dummy-virt (DT) [ 64.036620] Call trace: [ 64.037003] dump_backtrace+0x110/0x120 [ 64.037599] show_stack+0x18/0x28 [ 64.038196] dump_stack_lvl+0x68/0x84 [ 64.038803] print_report+0x158/0x484 [ 64.039370] kasan_report+0x98/0xe0 [ 64.039827] __asan_load1+0x68/0x78 [ 64.040134] kmalloc_pagealloc_uaf+0xc8/0x1d0 [ 64.040515] kunit_try_run_case+0x7c/0x120 [ 64.040872] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.041414] kthread+0x1a4/0x1b8 [ 64.042012] ret_from_fork+0x10/0x20 [ 64.042585] [ 64.042862] The buggy address belongs to the physical page: [ 64.043571] page:00000000b32ac4a2 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105994 [ 64.044632] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 64.045573] raw: 0bfffc0000000000 fffffc0003166608 ffff0000dac50ff8 0000000000000000 [ 64.046503] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 64.047369] page dumped because: kasan: bad access detected [ 64.048008] [ 64.048259] Memory state around the buggy address: [ 64.048832] ffff0000c5993f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.049731] ffff0000c5993f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.050670] >ffff0000c5994000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.051592] ^ [ 64.052043] ffff0000c5994080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.052858] ffff0000c5994100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.053759] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strnlen
[ 66.113433] ================================================================== [ 66.114035] BUG: KASAN: use-after-free in strnlen+0x20/0x90 [ 66.114537] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.115140] [ 66.115366] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.115988] Hardware name: linux,dummy-virt (DT) [ 66.116696] Call trace: [ 66.116939] dump_backtrace+0x110/0x120 [ 66.117531] show_stack+0x18/0x28 [ 66.118484] dump_stack_lvl+0x68/0x84 [ 66.119068] print_report+0x158/0x484 [ 66.119449] kasan_report+0x98/0xe0 [ 66.119757] __asan_load1+0x68/0x78 [ 66.120056] strnlen+0x20/0x90 [ 66.120404] kasan_strings+0x1c8/0x4e0 [ 66.120864] kunit_try_run_case+0x7c/0x120 [ 66.121367] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.122084] kthread+0x1a4/0x1b8 [ 66.122609] ret_from_fork+0x10/0x20 [ 66.123004] [ 66.123187] Allocated by task 162: [ 66.123538] kasan_save_stack+0x2c/0x58 [ 66.123966] kasan_set_track+0x2c/0x40 [ 66.124389] kasan_save_alloc_info+0x24/0x38 [ 66.124832] __kasan_kmalloc+0xa0/0xb8 [ 66.125208] kmalloc_trace+0x50/0x68 [ 66.125783] kasan_strings+0xa8/0x4e0 [ 66.126200] kunit_try_run_case+0x7c/0x120 [ 66.127028] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.127613] kthread+0x1a4/0x1b8 [ 66.127981] ret_from_fork+0x10/0x20 [ 66.128373] [ 66.128566] Freed by task 162: [ 66.128907] kasan_save_stack+0x2c/0x58 [ 66.129324] kasan_set_track+0x2c/0x40 [ 66.129948] kasan_save_free_info+0x38/0x60 [ 66.130498] __kasan_slab_free+0xe8/0x158 [ 66.130902] __kmem_cache_free+0x138/0x2b0 [ 66.131377] kfree+0x5c/0x70 [ 66.131716] kasan_strings+0xc8/0x4e0 [ 66.132128] kunit_try_run_case+0x7c/0x120 [ 66.132572] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.133110] kthread+0x1a4/0x1b8 [ 66.133440] ret_from_fork+0x10/0x20 [ 66.133963] [ 66.134659] The buggy address belongs to the object at ffff0000c59bd900 [ 66.134659] which belongs to the cache kmalloc-128 of size 128 [ 66.135595] The buggy address is located 16 bytes inside of [ 66.135595] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.136465] [ 66.136701] The buggy address belongs to the physical page: [ 66.137136] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.138135] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.138796] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.139394] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.139971] page dumped because: kasan: bad access detected [ 66.140432] [ 66.140625] Memory state around the buggy address: [ 66.141022] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.142046] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.142654] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.143197] ^ [ 66.143582] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.144159] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.144737] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strlen
[ 66.081897] ================================================================== [ 66.082447] BUG: KASAN: use-after-free in strlen+0x18/0x68 [ 66.082967] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.083584] [ 66.083818] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.084501] Hardware name: linux,dummy-virt (DT) [ 66.084919] Call trace: [ 66.085166] dump_backtrace+0x110/0x120 [ 66.085695] show_stack+0x18/0x28 [ 66.086167] dump_stack_lvl+0x68/0x84 [ 66.086984] print_report+0x158/0x484 [ 66.087393] kasan_report+0x98/0xe0 [ 66.087755] __asan_load1+0x68/0x78 [ 66.088152] strlen+0x18/0x68 [ 66.088547] kasan_strings+0x19c/0x4e0 [ 66.088978] kunit_try_run_case+0x7c/0x120 [ 66.089426] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.090109] kthread+0x1a4/0x1b8 [ 66.090596] ret_from_fork+0x10/0x20 [ 66.091003] [ 66.091193] Allocated by task 162: [ 66.091552] kasan_save_stack+0x2c/0x58 [ 66.091956] kasan_set_track+0x2c/0x40 [ 66.092350] kasan_save_alloc_info+0x24/0x38 [ 66.092790] __kasan_kmalloc+0xa0/0xb8 [ 66.093169] kmalloc_trace+0x50/0x68 [ 66.093735] kasan_strings+0xa8/0x4e0 [ 66.094128] kunit_try_run_case+0x7c/0x120 [ 66.094911] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.095520] kthread+0x1a4/0x1b8 [ 66.095862] ret_from_fork+0x10/0x20 [ 66.096261] [ 66.096457] Freed by task 162: [ 66.096788] kasan_save_stack+0x2c/0x58 [ 66.097170] kasan_set_track+0x2c/0x40 [ 66.097767] kasan_save_free_info+0x38/0x60 [ 66.098178] __kasan_slab_free+0xe8/0x158 [ 66.098719] __kmem_cache_free+0x138/0x2b0 [ 66.099185] kfree+0x5c/0x70 [ 66.099538] kasan_strings+0xc8/0x4e0 [ 66.099947] kunit_try_run_case+0x7c/0x120 [ 66.100368] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.100920] kthread+0x1a4/0x1b8 [ 66.101280] ret_from_fork+0x10/0x20 [ 66.102111] [ 66.102333] The buggy address belongs to the object at ffff0000c59bd900 [ 66.102333] which belongs to the cache kmalloc-128 of size 128 [ 66.103280] The buggy address is located 16 bytes inside of [ 66.103280] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.104158] [ 66.104347] The buggy address belongs to the physical page: [ 66.104794] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.105697] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.106353] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.107120] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.107724] page dumped because: kasan: bad access detected [ 66.108177] [ 66.108382] Memory state around the buggy address: [ 66.108770] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.109347] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.110495] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.111104] ^ [ 66.111483] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.112073] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.112632] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strncmp
[ 66.048514] ================================================================== [ 66.048945] BUG: KASAN: use-after-free in strncmp+0x30/0xe0 [ 66.049571] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.050528] [ 66.050863] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.051903] Hardware name: linux,dummy-virt (DT) [ 66.052490] Call trace: [ 66.052857] dump_backtrace+0x110/0x120 [ 66.053511] show_stack+0x18/0x28 [ 66.054111] dump_stack_lvl+0x68/0x84 [ 66.054728] print_report+0x158/0x484 [ 66.055292] kasan_report+0x98/0xe0 [ 66.055813] __asan_load1+0x68/0x78 [ 66.056347] strncmp+0x30/0xe0 [ 66.056833] kasan_strings+0x174/0x4e0 [ 66.057434] kunit_try_run_case+0x7c/0x120 [ 66.058136] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.058730] kthread+0x1a4/0x1b8 [ 66.059031] ret_from_fork+0x10/0x20 [ 66.059379] [ 66.059598] Allocated by task 162: [ 66.059902] kasan_save_stack+0x2c/0x58 [ 66.060287] kasan_set_track+0x2c/0x40 [ 66.060692] kasan_save_alloc_info+0x24/0x38 [ 66.061097] __kasan_kmalloc+0xa0/0xb8 [ 66.061643] kmalloc_trace+0x50/0x68 [ 66.062077] kasan_strings+0xa8/0x4e0 [ 66.062810] kunit_try_run_case+0x7c/0x120 [ 66.063235] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.063801] kthread+0x1a4/0x1b8 [ 66.064174] ret_from_fork+0x10/0x20 [ 66.064564] [ 66.064747] Freed by task 162: [ 66.065077] kasan_save_stack+0x2c/0x58 [ 66.065524] kasan_set_track+0x2c/0x40 [ 66.065909] kasan_save_free_info+0x38/0x60 [ 66.066419] __kasan_slab_free+0xe8/0x158 [ 66.067001] __kmem_cache_free+0x138/0x2b0 [ 66.067486] kfree+0x5c/0x70 [ 66.067811] kasan_strings+0xc8/0x4e0 [ 66.068224] kunit_try_run_case+0x7c/0x120 [ 66.068661] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.069209] kthread+0x1a4/0x1b8 [ 66.069790] ret_from_fork+0x10/0x20 [ 66.070168] [ 66.070367] The buggy address belongs to the object at ffff0000c59bd900 [ 66.070367] which belongs to the cache kmalloc-128 of size 128 [ 66.071236] The buggy address is located 16 bytes inside of [ 66.071236] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.072077] [ 66.072640] The buggy address belongs to the physical page: [ 66.073059] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.073999] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.074604] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.075367] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.075948] page dumped because: kasan: bad access detected [ 66.076404] [ 66.076604] Memory state around the buggy address: [ 66.077019] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.077837] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.078380] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.079282] ^ [ 66.079662] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.080235] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.080781] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strcmp
[ 66.007427] ================================================================== [ 66.007951] BUG: KASAN: use-after-free in strcmp+0x2c/0x78 [ 66.008922] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 66.009536] [ 66.010886] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 66.011413] Hardware name: linux,dummy-virt (DT) [ 66.011716] Call trace: [ 66.011914] dump_backtrace+0x110/0x120 [ 66.012293] show_stack+0x18/0x28 [ 66.012634] dump_stack_lvl+0x68/0x84 [ 66.012968] print_report+0x158/0x484 [ 66.013351] kasan_report+0x98/0xe0 [ 66.014485] __asan_load1+0x68/0x78 [ 66.015159] strcmp+0x2c/0x78 [ 66.015790] kasan_strings+0x144/0x4e0 [ 66.016532] kunit_try_run_case+0x7c/0x120 [ 66.017324] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.018333] kthread+0x1a4/0x1b8 [ 66.018996] ret_from_fork+0x10/0x20 [ 66.019692] [ 66.020089] Allocated by task 162: [ 66.020671] kasan_save_stack+0x2c/0x58 [ 66.021353] kasan_set_track+0x2c/0x40 [ 66.022107] kasan_save_alloc_info+0x24/0x38 [ 66.022905] __kasan_kmalloc+0xa0/0xb8 [ 66.023627] kmalloc_trace+0x50/0x68 [ 66.024186] kasan_strings+0xa8/0x4e0 [ 66.024774] kunit_try_run_case+0x7c/0x120 [ 66.025399] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.026249] kthread+0x1a4/0x1b8 [ 66.026789] ret_from_fork+0x10/0x20 [ 66.027355] [ 66.027626] Freed by task 162: [ 66.028052] kasan_save_stack+0x2c/0x58 [ 66.028627] kasan_set_track+0x2c/0x40 [ 66.029156] kasan_save_free_info+0x38/0x60 [ 66.029871] __kasan_slab_free+0xe8/0x158 [ 66.030492] __kmem_cache_free+0x138/0x2b0 [ 66.031127] kfree+0x5c/0x70 [ 66.031603] kasan_strings+0xc8/0x4e0 [ 66.032162] kunit_try_run_case+0x7c/0x120 [ 66.032601] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 66.033019] kthread+0x1a4/0x1b8 [ 66.033330] ret_from_fork+0x10/0x20 [ 66.034121] [ 66.034393] The buggy address belongs to the object at ffff0000c59bd900 [ 66.034393] which belongs to the cache kmalloc-128 of size 128 [ 66.035322] The buggy address is located 16 bytes inside of [ 66.035322] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 66.035938] [ 66.036093] The buggy address belongs to the physical page: [ 66.036659] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.038471] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.039366] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.040260] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.041097] page dumped because: kasan: bad access detected [ 66.042053] [ 66.042326] Memory state around the buggy address: [ 66.042906] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.043727] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.044552] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.045193] ^ [ 66.046005] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.046853] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.047664] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strrchr
[ 65.977351] ================================================================== [ 65.978244] BUG: KASAN: use-after-free in strrchr+0x28/0x58 [ 65.978747] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 65.979319] [ 65.979512] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.980147] Hardware name: linux,dummy-virt (DT) [ 65.980535] Call trace: [ 65.980809] dump_backtrace+0x110/0x120 [ 65.981267] show_stack+0x18/0x28 [ 65.981690] dump_stack_lvl+0x68/0x84 [ 65.982096] print_report+0x158/0x484 [ 65.982462] kasan_report+0x98/0xe0 [ 65.982827] __asan_load1+0x68/0x78 [ 65.983195] strrchr+0x28/0x58 [ 65.983999] kasan_strings+0x110/0x4e0 [ 65.984427] kunit_try_run_case+0x7c/0x120 [ 65.984853] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.985373] kthread+0x1a4/0x1b8 [ 65.985959] ret_from_fork+0x10/0x20 [ 65.986362] [ 65.986549] Allocated by task 162: [ 65.986848] kasan_save_stack+0x2c/0x58 [ 65.987224] kasan_set_track+0x2c/0x40 [ 65.987586] kasan_save_alloc_info+0x24/0x38 [ 65.988041] __kasan_kmalloc+0xa0/0xb8 [ 65.988423] kmalloc_trace+0x50/0x68 [ 65.988815] kasan_strings+0xa8/0x4e0 [ 65.989213] kunit_try_run_case+0x7c/0x120 [ 65.990165] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.990705] kthread+0x1a4/0x1b8 [ 65.991025] ret_from_fork+0x10/0x20 [ 65.991418] [ 65.991606] Freed by task 162: [ 65.991876] kasan_save_stack+0x2c/0x58 [ 65.992254] kasan_set_track+0x2c/0x40 [ 65.992635] kasan_save_free_info+0x38/0x60 [ 65.993046] __kasan_slab_free+0xe8/0x158 [ 65.993599] __kmem_cache_free+0x138/0x2b0 [ 65.994038] kfree+0x5c/0x70 [ 65.994387] kasan_strings+0xc8/0x4e0 [ 65.994779] kunit_try_run_case+0x7c/0x120 [ 65.995180] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.995794] kthread+0x1a4/0x1b8 [ 65.996142] ret_from_fork+0x10/0x20 [ 65.996506] [ 65.996697] The buggy address belongs to the object at ffff0000c59bd900 [ 65.996697] which belongs to the cache kmalloc-128 of size 128 [ 65.997565] The buggy address is located 16 bytes inside of [ 65.997565] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 65.998836] [ 65.999054] The buggy address belongs to the physical page: [ 65.999466] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 66.000182] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 66.000795] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 66.001398] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 66.001962] page dumped because: kasan: bad access detected [ 66.002643] [ 66.002815] Memory state around the buggy address: [ 66.003212] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.003805] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.004380] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 66.004887] ^ [ 66.005206] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.006006] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 66.006548] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strchr
[ 65.943557] ================================================================== [ 65.944776] BUG: KASAN: use-after-free in strchr+0x1c/0x78 [ 65.945204] Read of size 1 at addr ffff0000c59bd910 by task kunit_try_catch/162 [ 65.946625] [ 65.947167] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.948405] Hardware name: linux,dummy-virt (DT) [ 65.949204] Call trace: [ 65.950084] dump_backtrace+0x110/0x120 [ 65.950539] show_stack+0x18/0x28 [ 65.950923] dump_stack_lvl+0x68/0x84 [ 65.951322] print_report+0x158/0x484 [ 65.951782] kasan_report+0x98/0xe0 [ 65.952143] __asan_load1+0x68/0x78 [ 65.952588] strchr+0x1c/0x78 [ 65.952918] kasan_strings+0xe4/0x4e0 [ 65.953339] kunit_try_run_case+0x7c/0x120 [ 65.953759] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.954425] kthread+0x1a4/0x1b8 [ 65.954773] ret_from_fork+0x10/0x20 [ 65.955156] [ 65.955343] Allocated by task 162: [ 65.955624] kasan_save_stack+0x2c/0x58 [ 65.956024] kasan_set_track+0x2c/0x40 [ 65.956390] kasan_save_alloc_info+0x24/0x38 [ 65.956823] __kasan_kmalloc+0xa0/0xb8 [ 65.957187] kmalloc_trace+0x50/0x68 [ 65.957814] kasan_strings+0xa8/0x4e0 [ 65.958204] kunit_try_run_case+0x7c/0x120 [ 65.958656] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.959179] kthread+0x1a4/0x1b8 [ 65.959897] ret_from_fork+0x10/0x20 [ 65.960280] [ 65.960471] Freed by task 162: [ 65.960727] kasan_save_stack+0x2c/0x58 [ 65.961103] kasan_set_track+0x2c/0x40 [ 65.961526] kasan_save_free_info+0x38/0x60 [ 65.962208] __kasan_slab_free+0xe8/0x158 [ 65.962611] __kmem_cache_free+0x138/0x2b0 [ 65.963056] kfree+0x5c/0x70 [ 65.963356] kasan_strings+0xc8/0x4e0 [ 65.963769] kunit_try_run_case+0x7c/0x120 [ 65.964179] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.964714] kthread+0x1a4/0x1b8 [ 65.965059] ret_from_fork+0x10/0x20 [ 65.965439] [ 65.966081] The buggy address belongs to the object at ffff0000c59bd900 [ 65.966081] which belongs to the cache kmalloc-128 of size 128 [ 65.966960] The buggy address is located 16 bytes inside of [ 65.966960] 128-byte region [ffff0000c59bd900, ffff0000c59bd980) [ 65.967778] [ 65.967972] The buggy address belongs to the physical page: [ 65.968389] page:00000000a3aeb2fe refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059bd [ 65.969110] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.970019] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.970642] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.971208] page dumped because: kasan: bad access detected [ 65.971642] [ 65.971817] Memory state around the buggy address: [ 65.972196] ffff0000c59bd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.972715] ffff0000c59bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.973300] >ffff0000c59bd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.974744] ^ [ 65.975083] ffff0000c59bd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.975673] ffff0000c59bda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.976214] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 65.914021] ================================================================== [ 65.914834] BUG: KASAN: slab-out-of-bounds in memcmp+0x34/0xe0 [ 65.915357] Read of size 1 at addr ffff0000c586c318 by task kunit_try_catch/161 [ 65.915966] [ 65.916171] CPU: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.916789] Hardware name: linux,dummy-virt (DT) [ 65.917251] Call trace: [ 65.917504] dump_backtrace+0x110/0x120 [ 65.918051] show_stack+0x18/0x28 [ 65.918470] dump_stack_lvl+0x68/0x84 [ 65.918898] print_report+0x158/0x484 [ 65.919287] kasan_report+0x98/0xe0 [ 65.919667] __asan_load1+0x68/0x78 [ 65.920021] memcmp+0x34/0xe0 [ 65.920385] kasan_memcmp+0x104/0x210 [ 65.920802] kunit_try_run_case+0x7c/0x120 [ 65.921261] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.921859] kthread+0x1a4/0x1b8 [ 65.922321] ret_from_fork+0x10/0x20 [ 65.922695] [ 65.922922] Allocated by task 161: [ 65.923244] kasan_save_stack+0x2c/0x58 [ 65.923671] kasan_set_track+0x2c/0x40 [ 65.924058] kasan_save_alloc_info+0x24/0x38 [ 65.924518] __kasan_kmalloc+0xa0/0xb8 [ 65.924908] kmalloc_trace+0x50/0x68 [ 65.925308] kasan_memcmp+0xb8/0x210 [ 65.925884] kunit_try_run_case+0x7c/0x120 [ 65.926344] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.926903] kthread+0x1a4/0x1b8 [ 65.927267] ret_from_fork+0x10/0x20 [ 65.927663] [ 65.927851] The buggy address belongs to the object at ffff0000c586c300 [ 65.927851] which belongs to the cache kmalloc-128 of size 128 [ 65.928710] The buggy address is located 24 bytes inside of [ 65.928710] 128-byte region [ffff0000c586c300, ffff0000c586c380) [ 65.929718] [ 65.929894] The buggy address belongs to the physical page: [ 65.930303] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 65.931059] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.931790] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.932400] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.932993] page dumped because: kasan: bad access detected [ 65.933591] [ 65.933781] Memory state around the buggy address: [ 65.934160] ffff0000c586c200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.934739] ffff0000c586c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.935307] >ffff0000c586c300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.935834] ^ [ 65.936191] ffff0000c586c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.936750] ffff0000c586c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.937296] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 65.885096] ================================================================== [ 65.886546] BUG: KASAN: slab-out-of-bounds in memchr+0x28/0x78 [ 65.887356] Read of size 1 at addr ffff0000c586c218 by task kunit_try_catch/160 [ 65.888242] [ 65.888535] CPU: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.889521] Hardware name: linux,dummy-virt (DT) [ 65.890104] Call trace: [ 65.890483] dump_backtrace+0x110/0x120 [ 65.891092] show_stack+0x18/0x28 [ 65.891646] dump_stack_lvl+0x68/0x84 [ 65.892221] print_report+0x158/0x484 [ 65.892771] kasan_report+0x98/0xe0 [ 65.893185] __asan_load1+0x68/0x78 [ 65.893512] memchr+0x28/0x78 [ 65.893800] kasan_memchr+0xe0/0x1f0 [ 65.894172] kunit_try_run_case+0x7c/0x120 [ 65.894701] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.895280] kthread+0x1a4/0x1b8 [ 65.895686] ret_from_fork+0x10/0x20 [ 65.896100] [ 65.896318] Allocated by task 160: [ 65.896662] kasan_save_stack+0x2c/0x58 [ 65.897096] kasan_set_track+0x2c/0x40 [ 65.897510] kasan_save_alloc_info+0x24/0x38 [ 65.897945] __kasan_kmalloc+0xa0/0xb8 [ 65.898329] kmalloc_trace+0x50/0x68 [ 65.898688] kasan_memchr+0xa8/0x1f0 [ 65.899073] kunit_try_run_case+0x7c/0x120 [ 65.899482] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.900031] kthread+0x1a4/0x1b8 [ 65.900383] ret_from_fork+0x10/0x20 [ 65.900776] [ 65.900982] The buggy address belongs to the object at ffff0000c586c200 [ 65.900982] which belongs to the cache kmalloc-128 of size 128 [ 65.901869] The buggy address is located 24 bytes inside of [ 65.901869] 128-byte region [ffff0000c586c200, ffff0000c586c280) [ 65.902676] [ 65.902887] The buggy address belongs to the physical page: [ 65.903320] page:000000006cfe4e9f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586c [ 65.904025] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.904615] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.905204] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.905758] page dumped because: kasan: bad access detected [ 65.906127] [ 65.906327] Memory state around the buggy address: [ 65.906773] ffff0000c586c100: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.907364] ffff0000c586c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.907953] >ffff0000c586c200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.908510] ^ [ 65.908907] ffff0000c586c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.909464] ffff0000c586c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.910037] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmem_cache_double_destroy
[ 65.839426] ================================================================== [ 65.840149] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0xe0/0x1c8 [ 65.841293] Read of size 1 at addr ffff0000c59c6480 by task kunit_try_catch/159 [ 65.842184] [ 65.842525] CPU: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.843553] Hardware name: linux,dummy-virt (DT) [ 65.844163] Call trace: [ 65.844556] dump_backtrace+0x110/0x120 [ 65.845044] show_stack+0x18/0x28 [ 65.845393] dump_stack_lvl+0x68/0x84 [ 65.845740] print_report+0x158/0x484 [ 65.846046] kasan_report+0x98/0xe0 [ 65.846575] __kasan_check_byte+0x58/0x70 [ 65.847168] kmem_cache_destroy+0x34/0x178 [ 65.847799] kmem_cache_double_destroy+0xe0/0x1c8 [ 65.848501] kunit_try_run_case+0x7c/0x120 [ 65.849127] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.849918] kthread+0x1a4/0x1b8 [ 65.850430] ret_from_fork+0x10/0x20 [ 65.850975] [ 65.851219] Allocated by task 159: [ 65.851731] kasan_save_stack+0x2c/0x58 [ 65.852305] kasan_set_track+0x2c/0x40 [ 65.852838] kasan_save_alloc_info+0x24/0x38 [ 65.853462] __kasan_slab_alloc+0x74/0x90 [ 65.854032] slab_post_alloc_hook+0x6c/0x260 [ 65.854667] kmem_cache_alloc+0x164/0x270 [ 65.855279] kmem_cache_create_usercopy+0x1ac/0x2c0 [ 65.855945] kmem_cache_create+0x1c/0x28 [ 65.856524] kmem_cache_double_destroy+0xac/0x1c8 [ 65.857195] kunit_try_run_case+0x7c/0x120 [ 65.857814] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.858503] kthread+0x1a4/0x1b8 [ 65.858803] ret_from_fork+0x10/0x20 [ 65.859107] [ 65.859303] Freed by task 159: [ 65.859753] kasan_save_stack+0x2c/0x58 [ 65.860323] kasan_set_track+0x2c/0x40 [ 65.860859] kasan_save_free_info+0x38/0x60 [ 65.861471] __kasan_slab_free+0xe8/0x158 [ 65.862033] kmem_cache_free+0x1b0/0x3a0 [ 65.862631] slab_kmem_cache_release+0x30/0x40 [ 65.863265] kmem_cache_release+0x14/0x20 [ 65.863870] kobject_put+0xe0/0x188 [ 65.864416] sysfs_slab_release+0x28/0x38 [ 65.864981] kmem_cache_destroy+0xe0/0x178 [ 65.865565] kmem_cache_double_destroy+0xcc/0x1c8 [ 65.866257] kunit_try_run_case+0x7c/0x120 [ 65.866699] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.867120] kthread+0x1a4/0x1b8 [ 65.867416] ret_from_fork+0x10/0x20 [ 65.867719] [ 65.867880] The buggy address belongs to the object at ffff0000c59c6480 [ 65.867880] which belongs to the cache kmem_cache of size 216 [ 65.868908] The buggy address is located 0 bytes inside of [ 65.868908] 216-byte region [ffff0000c59c6480, ffff0000c59c6558) [ 65.870193] [ 65.870463] The buggy address belongs to the physical page: [ 65.871136] page:00000000e765158c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059c6 [ 65.872189] head:00000000e765158c order:1 compound_mapcount:0 compound_pincount:0 [ 65.873044] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 65.873991] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002000 [ 65.874897] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 65.875764] page dumped because: kasan: bad access detected [ 65.876433] [ 65.876697] Memory state around the buggy address: [ 65.877311] ffff0000c59c6380: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 65.878166] ffff0000c59c6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.879007] >ffff0000c59c6480: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.879828] ^ [ 65.880188] ffff0000c59c6500: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 65.880636] ffff0000c59c6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.881048] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 65.800406] ================================================================== [ 65.801237] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xf0/0x250 [ 65.801863] Free of addr ffff0000c59ba001 by task kunit_try_catch/158 [ 65.802532] [ 65.802843] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.803537] Hardware name: linux,dummy-virt (DT) [ 65.803905] Call trace: [ 65.804213] dump_backtrace+0x110/0x120 [ 65.804697] show_stack+0x18/0x28 [ 65.805080] dump_stack_lvl+0x68/0x84 [ 65.805678] print_report+0x158/0x484 [ 65.806098] kasan_report_invalid_free+0x84/0xa0 [ 65.806565] __kasan_slab_free+0x144/0x158 [ 65.806988] kmem_cache_free+0x1b0/0x3a0 [ 65.807447] kmem_cache_invalid_free+0xf0/0x250 [ 65.807888] kunit_try_run_case+0x7c/0x120 [ 65.808347] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.808847] kthread+0x1a4/0x1b8 [ 65.809216] ret_from_fork+0x10/0x20 [ 65.809615] [ 65.809807] Allocated by task 158: [ 65.810105] kasan_save_stack+0x2c/0x58 [ 65.810530] kasan_set_track+0x2c/0x40 [ 65.810924] kasan_save_alloc_info+0x24/0x38 [ 65.811491] __kasan_slab_alloc+0x74/0x90 [ 65.811886] slab_post_alloc_hook+0x6c/0x260 [ 65.812352] kmem_cache_alloc+0x164/0x270 [ 65.812762] kmem_cache_invalid_free+0xc8/0x250 [ 65.813255] kunit_try_run_case+0x7c/0x120 [ 65.813840] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.814384] kthread+0x1a4/0x1b8 [ 65.814764] ret_from_fork+0x10/0x20 [ 65.815144] [ 65.815352] The buggy address belongs to the object at ffff0000c59ba000 [ 65.815352] which belongs to the cache test_cache of size 200 [ 65.816203] The buggy address is located 1 bytes inside of [ 65.816203] 200-byte region [ffff0000c59ba000, ffff0000c59ba0c8) [ 65.817010] [ 65.817194] The buggy address belongs to the physical page: [ 65.817637] page:00000000e33fe385 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059ba [ 65.818505] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.819139] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c15cf980 [ 65.819744] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 65.820306] page dumped because: kasan: bad access detected [ 65.820697] [ 65.820876] Memory state around the buggy address: [ 65.821215] ffff0000c59b9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.821894] ffff0000c59b9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.823063] >ffff0000c59ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.823608] ^ [ 65.823908] ffff0000c59ba080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 65.824465] ffff0000c59ba100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.825011] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 65.750373] ================================================================== [ 65.751118] BUG: KASAN: double-free in kmem_cache_double_free+0xf8/0x260 [ 65.752352] Free of addr ffff0000c59b8000 by task kunit_try_catch/157 [ 65.753281] [ 65.753652] CPU: 1 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.754920] Hardware name: linux,dummy-virt (DT) [ 65.755555] Call trace: [ 65.755979] dump_backtrace+0x110/0x120 [ 65.756556] show_stack+0x18/0x28 [ 65.756892] dump_stack_lvl+0x68/0x84 [ 65.757251] print_report+0x158/0x484 [ 65.757953] kasan_report_invalid_free+0x84/0xa0 [ 65.758710] __kasan_slab_free+0x11c/0x158 [ 65.759313] kmem_cache_free+0x1b0/0x3a0 [ 65.759919] kmem_cache_double_free+0xf8/0x260 [ 65.760564] kunit_try_run_case+0x7c/0x120 [ 65.761182] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.762025] kthread+0x1a4/0x1b8 [ 65.762528] ret_from_fork+0x10/0x20 [ 65.763070] [ 65.763344] Allocated by task 157: [ 65.763809] kasan_save_stack+0x2c/0x58 [ 65.764375] kasan_set_track+0x2c/0x40 [ 65.764921] kasan_save_alloc_info+0x24/0x38 [ 65.765545] __kasan_slab_alloc+0x74/0x90 [ 65.766187] slab_post_alloc_hook+0x6c/0x260 [ 65.766575] kmem_cache_alloc+0x164/0x270 [ 65.766931] kmem_cache_double_free+0xc4/0x260 [ 65.767314] kunit_try_run_case+0x7c/0x120 [ 65.767665] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.768084] kthread+0x1a4/0x1b8 [ 65.768579] ret_from_fork+0x10/0x20 [ 65.769116] [ 65.769400] Freed by task 157: [ 65.769849] kasan_save_stack+0x2c/0x58 [ 65.770441] kasan_set_track+0x2c/0x40 [ 65.771020] kasan_save_free_info+0x38/0x60 [ 65.771638] __kasan_slab_free+0xe8/0x158 [ 65.772199] kmem_cache_free+0x1b0/0x3a0 [ 65.772807] kmem_cache_double_free+0xe0/0x260 [ 65.773483] kunit_try_run_case+0x7c/0x120 [ 65.774126] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.774877] kthread+0x1a4/0x1b8 [ 65.775381] ret_from_fork+0x10/0x20 [ 65.775913] [ 65.776178] The buggy address belongs to the object at ffff0000c59b8000 [ 65.776178] which belongs to the cache test_cache of size 200 [ 65.777610] The buggy address is located 0 bytes inside of [ 65.777610] 200-byte region [ffff0000c59b8000, ffff0000c59b80c8) [ 65.779089] [ 65.779368] The buggy address belongs to the physical page: [ 65.780032] page:000000001a4f1f6d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059b8 [ 65.781084] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.781972] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c15cf800 [ 65.782923] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 65.783828] page dumped because: kasan: bad access detected [ 65.784515] [ 65.784787] Memory state around the buggy address: [ 65.785430] ffff0000c59b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.786406] ffff0000c59b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.787273] >ffff0000c59b8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.788096] ^ [ 65.788559] ffff0000c59b8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 65.789012] ffff0000c59b8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.789531] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-ksize_uaf
[ 65.683652] ================================================================== [ 65.684483] BUG: KASAN: use-after-free in ksize_uaf+0x100/0x320 [ 65.685292] Read of size 1 at addr ffff0000c58ade00 by task kunit_try_catch/156 [ 65.686710] [ 65.687008] CPU: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.688006] Hardware name: linux,dummy-virt (DT) [ 65.688590] Call trace: [ 65.688959] dump_backtrace+0x110/0x120 [ 65.689847] show_stack+0x18/0x28 [ 65.690424] dump_stack_lvl+0x68/0x84 [ 65.690862] print_report+0x158/0x484 [ 65.691180] kasan_report+0x98/0xe0 [ 65.691730] __asan_load1+0x68/0x78 [ 65.692261] ksize_uaf+0x100/0x320 [ 65.692802] kunit_try_run_case+0x7c/0x120 [ 65.693435] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.694546] kthread+0x1a4/0x1b8 [ 65.695065] ret_from_fork+0x10/0x20 [ 65.695441] [ 65.695611] Allocated by task 156: [ 65.695865] kasan_save_stack+0x2c/0x58 [ 65.696188] kasan_set_track+0x2c/0x40 [ 65.696525] kasan_save_alloc_info+0x24/0x38 [ 65.696978] __kasan_kmalloc+0xa0/0xb8 [ 65.697407] kmalloc_trace+0x50/0x68 [ 65.697811] ksize_uaf+0xa8/0x320 [ 65.698172] kunit_try_run_case+0x7c/0x120 [ 65.698859] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.699383] kthread+0x1a4/0x1b8 [ 65.699721] ret_from_fork+0x10/0x20 [ 65.700106] [ 65.700297] Freed by task 156: [ 65.700583] kasan_save_stack+0x2c/0x58 [ 65.700901] kasan_set_track+0x2c/0x40 [ 65.701325] kasan_save_free_info+0x38/0x60 [ 65.702182] __kasan_slab_free+0xe8/0x158 [ 65.702588] __kmem_cache_free+0x138/0x2b0 [ 65.702995] kfree+0x5c/0x70 [ 65.703323] ksize_uaf+0xc8/0x320 [ 65.703697] kunit_try_run_case+0x7c/0x120 [ 65.704104] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.704621] kthread+0x1a4/0x1b8 [ 65.704956] ret_from_fork+0x10/0x20 [ 65.705364] [ 65.705560] The buggy address belongs to the object at ffff0000c58ade00 [ 65.705560] which belongs to the cache kmalloc-128 of size 128 [ 65.706656] The buggy address is located 0 bytes inside of [ 65.706656] 128-byte region [ffff0000c58ade00, ffff0000c58ade80) [ 65.707510] [ 65.707693] The buggy address belongs to the physical page: [ 65.708101] page:00000000f12428ca refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 65.708764] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.709373] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.710443] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.711004] page dumped because: kasan: bad access detected [ 65.711417] [ 65.711605] Memory state around the buggy address: [ 65.711987] ffff0000c58add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.712517] ffff0000c58add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.713051] >ffff0000c58ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.713959] ^ [ 65.714257] ffff0000c58ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.714863] ffff0000c58adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.715381] ================================================================== [ 65.716120] ================================================================== [ 65.716642] BUG: KASAN: use-after-free in ksize_uaf+0x128/0x320 [ 65.717262] Read of size 1 at addr ffff0000c58ade78 by task kunit_try_catch/156 [ 65.717821] [ 65.718040] CPU: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.718722] Hardware name: linux,dummy-virt (DT) [ 65.719088] Call trace: [ 65.719331] dump_backtrace+0x110/0x120 [ 65.719761] show_stack+0x18/0x28 [ 65.720138] dump_stack_lvl+0x68/0x84 [ 65.721029] print_report+0x158/0x484 [ 65.721423] kasan_report+0x98/0xe0 [ 65.722018] __asan_load1+0x68/0x78 [ 65.722391] ksize_uaf+0x128/0x320 [ 65.722768] kunit_try_run_case+0x7c/0x120 [ 65.723190] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.723699] kthread+0x1a4/0x1b8 [ 65.724027] ret_from_fork+0x10/0x20 [ 65.724424] [ 65.724609] Allocated by task 156: [ 65.724907] kasan_save_stack+0x2c/0x58 [ 65.725298] kasan_set_track+0x2c/0x40 [ 65.725716] kasan_save_alloc_info+0x24/0x38 [ 65.726598] __kasan_kmalloc+0xa0/0xb8 [ 65.726975] kmalloc_trace+0x50/0x68 [ 65.727366] ksize_uaf+0xa8/0x320 [ 65.727748] kunit_try_run_case+0x7c/0x120 [ 65.728170] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.728662] kthread+0x1a4/0x1b8 [ 65.729013] ret_from_fork+0x10/0x20 [ 65.729415] [ 65.729861] Freed by task 156: [ 65.730151] kasan_save_stack+0x2c/0x58 [ 65.730557] kasan_set_track+0x2c/0x40 [ 65.730917] kasan_save_free_info+0x38/0x60 [ 65.731348] __kasan_slab_free+0xe8/0x158 [ 65.731744] __kmem_cache_free+0x138/0x2b0 [ 65.732204] kfree+0x5c/0x70 [ 65.732535] ksize_uaf+0xc8/0x320 [ 65.732917] kunit_try_run_case+0x7c/0x120 [ 65.733352] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.734315] kthread+0x1a4/0x1b8 [ 65.734663] ret_from_fork+0x10/0x20 [ 65.735018] [ 65.735195] The buggy address belongs to the object at ffff0000c58ade00 [ 65.735195] which belongs to the cache kmalloc-128 of size 128 [ 65.736067] The buggy address is located 120 bytes inside of [ 65.736067] 128-byte region [ffff0000c58ade00, ffff0000c58ade80) [ 65.736895] [ 65.737060] The buggy address belongs to the physical page: [ 65.737733] page:00000000f12428ca refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 65.738463] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.739067] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.739679] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.740254] page dumped because: kasan: bad access detected [ 65.740674] [ 65.740854] Memory state around the buggy address: [ 65.741269] ffff0000c58add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.742004] ffff0000c58add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.742577] >ffff0000c58ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.743088] ^ [ 65.743605] ffff0000c58ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.744185] ffff0000c58adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.744720] ================================================================== [ 65.649025] ================================================================== [ 65.650564] BUG: KASAN: use-after-free in ksize_uaf+0xdc/0x320 [ 65.651519] Read of size 1 at addr ffff0000c58ade00 by task kunit_try_catch/156 [ 65.652512] [ 65.652827] CPU: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.653867] Hardware name: linux,dummy-virt (DT) [ 65.654599] Call trace: [ 65.655005] dump_backtrace+0x110/0x120 [ 65.655653] show_stack+0x18/0x28 [ 65.656214] dump_stack_lvl+0x68/0x84 [ 65.656828] print_report+0x158/0x484 [ 65.657397] kasan_report+0x98/0xe0 [ 65.658119] __kasan_check_byte+0x58/0x70 [ 65.658604] ksize+0x30/0x80 [ 65.658890] ksize_uaf+0xdc/0x320 [ 65.659203] kunit_try_run_case+0x7c/0x120 [ 65.659651] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.660203] kthread+0x1a4/0x1b8 [ 65.660529] ret_from_fork+0x10/0x20 [ 65.660953] [ 65.661126] Allocated by task 156: [ 65.661489] kasan_save_stack+0x2c/0x58 [ 65.662062] kasan_set_track+0x2c/0x40 [ 65.662537] kasan_save_alloc_info+0x24/0x38 [ 65.663263] __kasan_kmalloc+0xa0/0xb8 [ 65.663681] kmalloc_trace+0x50/0x68 [ 65.664073] ksize_uaf+0xa8/0x320 [ 65.664447] kunit_try_run_case+0x7c/0x120 [ 65.664874] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.665403] kthread+0x1a4/0x1b8 [ 65.665857] ret_from_fork+0x10/0x20 [ 65.666448] [ 65.666686] Freed by task 156: [ 65.667004] kasan_save_stack+0x2c/0x58 [ 65.667425] kasan_set_track+0x2c/0x40 [ 65.667827] kasan_save_free_info+0x38/0x60 [ 65.668252] __kasan_slab_free+0xe8/0x158 [ 65.668645] __kmem_cache_free+0x138/0x2b0 [ 65.669073] kfree+0x5c/0x70 [ 65.669442] ksize_uaf+0xc8/0x320 [ 65.670310] kunit_try_run_case+0x7c/0x120 [ 65.670743] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.671278] kthread+0x1a4/0x1b8 [ 65.671636] ret_from_fork+0x10/0x20 [ 65.672009] [ 65.672217] The buggy address belongs to the object at ffff0000c58ade00 [ 65.672217] which belongs to the cache kmalloc-128 of size 128 [ 65.673139] The buggy address is located 0 bytes inside of [ 65.673139] 128-byte region [ffff0000c58ade00, ffff0000c58ade80) [ 65.674244] [ 65.674484] The buggy address belongs to the physical page: [ 65.675155] page:00000000f12428ca refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 65.675845] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.676471] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.677098] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.678218] page dumped because: kasan: bad access detected [ 65.678684] [ 65.678883] Memory state around the buggy address: [ 65.679298] ffff0000c58add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.679894] ffff0000c58add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.680472] >ffff0000c58ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 65.681018] ^ [ 65.681332] ffff0000c58ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.682407] ffff0000c58adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.682832] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 65.613147] ================================================================== [ 65.613875] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0xf0/0x1e8 [ 65.614515] Read of size 1 at addr ffff0000c58add80 by task kunit_try_catch/155 [ 65.615937] [ 65.616399] CPU: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.617589] Hardware name: linux,dummy-virt (DT) [ 65.618334] Call trace: [ 65.618751] dump_backtrace+0x110/0x120 [ 65.619402] show_stack+0x18/0x28 [ 65.619993] dump_stack_lvl+0x68/0x84 [ 65.620628] print_report+0x158/0x484 [ 65.621194] kasan_report+0x98/0xe0 [ 65.621860] __asan_load1+0x68/0x78 [ 65.622490] ksize_unpoisons_memory+0xf0/0x1e8 [ 65.623176] kunit_try_run_case+0x7c/0x120 [ 65.623818] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.624594] kthread+0x1a4/0x1b8 [ 65.625120] ret_from_fork+0x10/0x20 [ 65.625756] [ 65.625951] Allocated by task 155: [ 65.626598] kasan_save_stack+0x2c/0x58 [ 65.627206] kasan_set_track+0x2c/0x40 [ 65.627771] kasan_save_alloc_info+0x24/0x38 [ 65.628292] __kasan_kmalloc+0xa0/0xb8 [ 65.628606] kmalloc_trace+0x50/0x68 [ 65.628920] ksize_unpoisons_memory+0xa8/0x1e8 [ 65.629314] kunit_try_run_case+0x7c/0x120 [ 65.629668] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.630089] kthread+0x1a4/0x1b8 [ 65.630582] ret_from_fork+0x10/0x20 [ 65.631480] [ 65.631774] The buggy address belongs to the object at ffff0000c58add00 [ 65.631774] which belongs to the cache kmalloc-128 of size 128 [ 65.633199] The buggy address is located 0 bytes to the right of [ 65.633199] 128-byte region [ffff0000c58add00, ffff0000c58add80) [ 65.634831] [ 65.635126] The buggy address belongs to the physical page: [ 65.635790] page:00000000f12428ca refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 65.636840] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 65.637983] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 65.638909] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 65.639776] page dumped because: kasan: bad access detected [ 65.640447] [ 65.640708] Memory state around the buggy address: [ 65.641323] ffff0000c58adc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.642286] ffff0000c58add00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.643281] >ffff0000c58add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.644120] ^ [ 65.644585] ffff0000c58ade00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.645299] ffff0000c58ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 65.645712] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 65.591194] ================================================================== [ 65.591978] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x110/0x1f8 [ 65.592623] Read of size 1 at addr ffff800008777c4a by task kunit_try_catch/154 [ 65.593151] [ 65.593358] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.593993] Hardware name: linux,dummy-virt (DT) [ 65.594355] Call trace: [ 65.594606] dump_backtrace+0x110/0x120 [ 65.595013] show_stack+0x18/0x28 [ 65.595440] dump_stack_lvl+0x68/0x84 [ 65.595884] print_report+0x158/0x484 [ 65.596281] kasan_report+0x98/0xe0 [ 65.596629] __asan_load1+0x68/0x78 [ 65.596972] kasan_alloca_oob_right+0x110/0x1f8 [ 65.598053] kunit_try_run_case+0x7c/0x120 [ 65.598504] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.598992] kthread+0x1a4/0x1b8 [ 65.599355] ret_from_fork+0x10/0x20 [ 65.599742] [ 65.599928] The buggy address belongs to stack of task kunit_try_catch/154 [ 65.600482] [ 65.600643] The buggy address ffff800008777c4a belongs to a vmalloc virtual mapping [ 65.601191] The buggy address belongs to the physical page: [ 65.601813] page:00000000596b461c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105820 [ 65.602530] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 65.603090] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 65.603701] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 65.604272] page dumped because: kasan: bad access detected [ 65.604695] [ 65.604870] Memory state around the buggy address: [ 65.605282] ffff800008777b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.605997] ffff800008777b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.606584] >ffff800008777c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 65.607123] ^ [ 65.607572] ffff800008777c80: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 65.608127] ffff800008777d00: 01 f2 f2 f2 f2 f2 f2 f2 04 f2 f2 f2 f2 f2 f2 f2 [ 65.608670] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 65.564092] ================================================================== [ 65.564788] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x104/0x1e0 [ 65.565340] Read of size 1 at addr ffff800008787c3f by task kunit_try_catch/153 [ 65.567108] [ 65.567558] CPU: 1 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.568689] Hardware name: linux,dummy-virt (DT) [ 65.569426] Call trace: [ 65.570004] dump_backtrace+0x110/0x120 [ 65.570668] show_stack+0x18/0x28 [ 65.571238] dump_stack_lvl+0x68/0x84 [ 65.571827] print_report+0x158/0x484 [ 65.572392] kasan_report+0x98/0xe0 [ 65.572940] __asan_load1+0x68/0x78 [ 65.573521] kasan_alloca_oob_left+0x104/0x1e0 [ 65.574288] kunit_try_run_case+0x7c/0x120 [ 65.574923] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.575684] kthread+0x1a4/0x1b8 [ 65.575986] ret_from_fork+0x10/0x20 [ 65.576321] [ 65.576533] The buggy address belongs to stack of task kunit_try_catch/153 [ 65.577054] [ 65.577288] The buggy address ffff800008787c3f belongs to a vmalloc virtual mapping [ 65.577954] The buggy address belongs to the physical page: [ 65.578563] page:00000000ad08535f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059a9 [ 65.579362] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 65.579819] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 65.580299] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 65.581144] page dumped because: kasan: bad access detected [ 65.581878] [ 65.582129] Memory state around the buggy address: [ 65.582788] ffff800008787b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.583626] ffff800008787b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.584456] >ffff800008787c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 65.585250] ^ [ 65.586449] ffff800008787c80: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 65.587299] ffff800008787d00: 01 f2 f2 f2 f2 f2 f2 f2 04 f2 f2 f2 f2 f2 f2 f2 [ 65.587724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 65.539336] ================================================================== [ 65.540390] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc8/0x178 [ 65.541237] Read of size 1 at addr ffff800008777dca by task kunit_try_catch/152 [ 65.541778] [ 65.541989] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.542675] Hardware name: linux,dummy-virt (DT) [ 65.543047] Call trace: [ 65.543320] dump_backtrace+0x110/0x120 [ 65.543770] show_stack+0x18/0x28 [ 65.544161] dump_stack_lvl+0x68/0x84 [ 65.544551] print_report+0x158/0x484 [ 65.544940] kasan_report+0x98/0xe0 [ 65.545328] __asan_load1+0x68/0x78 [ 65.545838] kasan_stack_oob+0xc8/0x178 [ 65.546209] kunit_try_run_case+0x7c/0x120 [ 65.546731] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.547220] kthread+0x1a4/0x1b8 [ 65.547601] ret_from_fork+0x10/0x20 [ 65.547967] [ 65.548202] The buggy address belongs to stack of task kunit_try_catch/152 [ 65.548791] and is located at offset 234 in frame: [ 65.549242] kasan_stack_oob+0x0/0x178 [ 65.549812] [ 65.550074] This frame has 4 objects: [ 65.550458] [32, 33) '__assertion' [ 65.550552] [96, 104) 'array' [ 65.550956] [160, 176) '__assertion' [ 65.551264] [224, 234) 'stack_array' [ 65.551588] [ 65.552045] The buggy address ffff800008777dca belongs to a vmalloc virtual mapping [ 65.552582] The buggy address belongs to the physical page: [ 65.552984] page:00000000596b461c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105820 [ 65.553717] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 65.554397] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 65.554986] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 65.555712] page dumped because: kasan: bad access detected [ 65.556134] [ 65.556353] Memory state around the buggy address: [ 65.556730] ffff800008777c80: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 65.557297] ffff800008777d00: 01 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 f2 f2 f2 [ 65.558001] >ffff800008777d80: 00 00 f2 f2 f2 f2 f2 f2 00 02 f2 f2 00 00 00 00 [ 65.558730] ^ [ 65.559159] ffff800008777e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.559717] ffff800008777e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.560237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 65.514738] ================================================================== [ 65.515443] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xb8/0x168 [ 65.515973] Read of size 1 at addr ffffca3b08365e2d by task kunit_try_catch/150 [ 65.516639] [ 65.516910] CPU: 1 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 65.517842] Hardware name: linux,dummy-virt (DT) [ 65.518213] Call trace: [ 65.518462] dump_backtrace+0x110/0x120 [ 65.518883] show_stack+0x18/0x28 [ 65.519271] dump_stack_lvl+0x68/0x84 [ 65.519691] print_report+0x158/0x484 [ 65.520073] kasan_report+0x98/0xe0 [ 65.520456] __asan_load1+0x68/0x78 [ 65.520810] kasan_global_oob_right+0xb8/0x168 [ 65.521249] kunit_try_run_case+0x7c/0x120 [ 65.521662] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 65.522756] kthread+0x1a4/0x1b8 [ 65.523117] ret_from_fork+0x10/0x20 [ 65.523497] [ 65.523719] The buggy address belongs to the variable: [ 65.524082] global_array+0xd/0x40 [ 65.524632] [ 65.524831] The buggy address ffffca3b08365e2d belongs to a vmalloc virtual mapping [ 65.525388] The buggy address belongs to the physical page: [ 65.525794] page:000000007fbc8aa1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45565 [ 65.526516] flags: 0x3fffc0000001000(reserved|node=0|zone=0|lastcpupid=0xffff) [ 65.527145] raw: 03fffc0000001000 fffffc0000155948 fffffc0000155948 0000000000000000 [ 65.527744] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 65.528304] page dumped because: kasan: bad access detected [ 65.528719] [ 65.528886] Memory state around the buggy address: [ 65.529301] ffffca3b08365d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.530458] ffffca3b08365d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.530995] >ffffca3b08365e00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 65.531529] ^ [ 65.531913] ffffca3b08365e80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 65.532468] ffffca3b08365f00: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 65.532987] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 64.913860] ================================================================== [ 64.915146] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xec/0x268 [ 64.915936] Read of size 1 at addr ffff0000c58b10c8 by task kunit_try_catch/147 [ 64.916733] [ 64.916994] CPU: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.918092] Hardware name: linux,dummy-virt (DT) [ 64.918812] Call trace: [ 64.919074] dump_backtrace+0x110/0x120 [ 64.919459] show_stack+0x18/0x28 [ 64.919792] dump_stack_lvl+0x68/0x84 [ 64.920138] print_report+0x158/0x484 [ 64.920460] kasan_report+0x98/0xe0 [ 64.920759] __asan_load1+0x68/0x78 [ 64.921056] kmem_cache_oob+0xec/0x268 [ 64.921685] kunit_try_run_case+0x7c/0x120 [ 64.922707] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.923440] kthread+0x1a4/0x1b8 [ 64.923925] ret_from_fork+0x10/0x20 [ 64.924451] [ 64.924691] Allocated by task 147: [ 64.924936] kasan_save_stack+0x2c/0x58 [ 64.925263] kasan_set_track+0x2c/0x40 [ 64.925861] kasan_save_alloc_info+0x24/0x38 [ 64.926480] __kasan_slab_alloc+0x74/0x90 [ 64.927023] slab_post_alloc_hook+0x6c/0x260 [ 64.927637] kmem_cache_alloc+0x164/0x270 [ 64.928214] kmem_cache_oob+0xc8/0x268 [ 64.928765] kunit_try_run_case+0x7c/0x120 [ 64.929351] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.930212] kthread+0x1a4/0x1b8 [ 64.930700] ret_from_fork+0x10/0x20 [ 64.931122] [ 64.931292] The buggy address belongs to the object at ffff0000c58b1000 [ 64.931292] which belongs to the cache test_cache of size 200 [ 64.931909] The buggy address is located 0 bytes to the right of [ 64.931909] 200-byte region [ffff0000c58b1000, ffff0000c58b10c8) [ 64.932921] [ 64.933168] The buggy address belongs to the physical page: [ 64.933862] page:00000000c4ca2d38 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b1 [ 64.935308] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.936184] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c59c6000 [ 64.937076] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 64.938022] page dumped because: kasan: bad access detected [ 64.938708] [ 64.938954] Memory state around the buggy address: [ 64.939543] ffff0000c58b0f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.940383] ffff0000c58b1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.941191] >ffff0000c58b1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 64.942150] ^ [ 64.942726] ffff0000c58b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.943159] ffff0000c58b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.943658] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf2
[ 64.865057] ================================================================== [ 64.866460] BUG: KASAN: use-after-free in kmalloc_uaf2+0x110/0x298 [ 64.867112] Read of size 1 at addr ffff0000c59b5128 by task kunit_try_catch/143 [ 64.867566] [ 64.867735] CPU: 1 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.868488] Hardware name: linux,dummy-virt (DT) [ 64.869506] Call trace: [ 64.870217] dump_backtrace+0x110/0x120 [ 64.870996] show_stack+0x18/0x28 [ 64.871668] dump_stack_lvl+0x68/0x84 [ 64.872363] print_report+0x158/0x484 [ 64.873011] kasan_report+0x98/0xe0 [ 64.874180] __asan_load1+0x68/0x78 [ 64.874861] kmalloc_uaf2+0x110/0x298 [ 64.875540] kunit_try_run_case+0x7c/0x120 [ 64.876261] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.877120] kthread+0x1a4/0x1b8 [ 64.878027] ret_from_fork+0x10/0x20 [ 64.878712] [ 64.879017] Allocated by task 143: [ 64.879423] kasan_save_stack+0x2c/0x58 [ 64.879749] kasan_set_track+0x2c/0x40 [ 64.880047] kasan_save_alloc_info+0x24/0x38 [ 64.880596] __kasan_kmalloc+0xa0/0xb8 [ 64.880988] kmalloc_trace+0x50/0x68 [ 64.881411] kmalloc_uaf2+0xb4/0x298 [ 64.882071] kunit_try_run_case+0x7c/0x120 [ 64.882779] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.883590] kthread+0x1a4/0x1b8 [ 64.884121] ret_from_fork+0x10/0x20 [ 64.884674] [ 64.884832] Freed by task 143: [ 64.885060] kasan_save_stack+0x2c/0x58 [ 64.885469] kasan_set_track+0x2c/0x40 [ 64.885939] kasan_save_free_info+0x38/0x60 [ 64.886386] __kasan_slab_free+0xe8/0x158 [ 64.886933] __kmem_cache_free+0x138/0x2b0 [ 64.887442] kfree+0x5c/0x70 [ 64.887806] kmalloc_uaf2+0xcc/0x298 [ 64.888252] kunit_try_run_case+0x7c/0x120 [ 64.888713] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.889290] kthread+0x1a4/0x1b8 [ 64.890123] ret_from_fork+0x10/0x20 [ 64.890556] [ 64.890778] The buggy address belongs to the object at ffff0000c59b5100 [ 64.890778] which belongs to the cache kmalloc-128 of size 128 [ 64.891739] The buggy address is located 40 bytes inside of [ 64.891739] 128-byte region [ffff0000c59b5100, ffff0000c59b5180) [ 64.892631] [ 64.892882] The buggy address belongs to the physical page: [ 64.893368] page:000000007eb50857 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059b5 [ 64.894090] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.894968] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.895596] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.896157] page dumped because: kasan: bad access detected [ 64.896637] [ 64.896823] Memory state around the buggy address: [ 64.897233] ffff0000c59b5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.898044] ffff0000c59b5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.898650] >ffff0000c59b5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.899148] ^ [ 64.899527] ffff0000c59b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.900086] ffff0000c59b5200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 64.900997] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 64.694625] ================================================================== [ 64.695422] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xe4/0x1f0 [ 64.696040] Write of size 16 at addr ffff0000c58b8b69 by task kunit_try_catch/138 [ 64.696686] [ 64.696879] CPU: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.697525] Hardware name: linux,dummy-virt (DT) [ 64.697873] Call trace: [ 64.698132] dump_backtrace+0x110/0x120 [ 64.698569] show_stack+0x18/0x28 [ 64.699011] dump_stack_lvl+0x68/0x84 [ 64.699468] print_report+0x158/0x484 [ 64.699838] kasan_report+0x98/0xe0 [ 64.700173] kasan_check_range+0x160/0x1d8 [ 64.700589] memset+0x3c/0x80 [ 64.700940] kmalloc_oob_memset_16+0xe4/0x1f0 [ 64.701383] kunit_try_run_case+0x7c/0x120 [ 64.701816] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.702359] kthread+0x1a4/0x1b8 [ 64.702734] ret_from_fork+0x10/0x20 [ 64.703114] [ 64.703372] Allocated by task 138: [ 64.703735] kasan_save_stack+0x2c/0x58 [ 64.704112] kasan_set_track+0x2c/0x40 [ 64.704519] kasan_save_alloc_info+0x24/0x38 [ 64.704955] __kasan_kmalloc+0xa0/0xb8 [ 64.705359] kmalloc_trace+0x50/0x68 [ 64.705707] kmalloc_oob_memset_16+0xa8/0x1f0 [ 64.706147] kunit_try_run_case+0x7c/0x120 [ 64.706567] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.707068] kthread+0x1a4/0x1b8 [ 64.707423] ret_from_fork+0x10/0x20 [ 64.707780] [ 64.707962] The buggy address belongs to the object at ffff0000c58b8b00 [ 64.707962] which belongs to the cache kmalloc-128 of size 128 [ 64.708782] The buggy address is located 105 bytes inside of [ 64.708782] 128-byte region [ffff0000c58b8b00, ffff0000c58b8b80) [ 64.709609] [ 64.709803] The buggy address belongs to the physical page: [ 64.710174] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.710925] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.711591] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.712322] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.712866] page dumped because: kasan: bad access detected [ 64.713285] [ 64.713497] Memory state around the buggy address: [ 64.713942] ffff0000c58b8a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 64.714517] ffff0000c58b8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.715149] >ffff0000c58b8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.715710] ^ [ 64.716248] ffff0000c58b8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.716817] ffff0000c58b8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.717289] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf_memset
[ 64.830722] ================================================================== [ 64.831391] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0xe4/0x1e8 [ 64.831877] Write of size 33 at addr ffff0000c3c72400 by task kunit_try_catch/142 [ 64.832416] [ 64.832704] CPU: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.833764] Hardware name: linux,dummy-virt (DT) [ 64.834415] Call trace: [ 64.834782] dump_backtrace+0x110/0x120 [ 64.835396] show_stack+0x18/0x28 [ 64.835927] dump_stack_lvl+0x68/0x84 [ 64.836484] print_report+0x158/0x484 [ 64.836999] kasan_report+0x98/0xe0 [ 64.837524] kasan_check_range+0x160/0x1d8 [ 64.838250] memset+0x3c/0x80 [ 64.838722] kmalloc_uaf_memset+0xe4/0x1e8 [ 64.839318] kunit_try_run_case+0x7c/0x120 [ 64.839894] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.840615] kthread+0x1a4/0x1b8 [ 64.841095] ret_from_fork+0x10/0x20 [ 64.841764] [ 64.842017] Allocated by task 142: [ 64.842466] kasan_save_stack+0x2c/0x58 [ 64.842989] kasan_set_track+0x2c/0x40 [ 64.843471] kasan_save_alloc_info+0x24/0x38 [ 64.843823] __kasan_kmalloc+0xa0/0xb8 [ 64.844129] kmalloc_trace+0x50/0x68 [ 64.844495] kmalloc_uaf_memset+0xa8/0x1e8 [ 64.844941] kunit_try_run_case+0x7c/0x120 [ 64.845399] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.845901] kthread+0x1a4/0x1b8 [ 64.846420] ret_from_fork+0x10/0x20 [ 64.846773] [ 64.846973] Freed by task 142: [ 64.847265] kasan_save_stack+0x2c/0x58 [ 64.847655] kasan_set_track+0x2c/0x40 [ 64.847984] kasan_save_free_info+0x38/0x60 [ 64.848425] __kasan_slab_free+0xe8/0x158 [ 64.848815] __kmem_cache_free+0x138/0x2b0 [ 64.849267] kfree+0x5c/0x70 [ 64.850093] kmalloc_uaf_memset+0xc8/0x1e8 [ 64.850547] kunit_try_run_case+0x7c/0x120 [ 64.850965] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.851455] kthread+0x1a4/0x1b8 [ 64.851804] ret_from_fork+0x10/0x20 [ 64.852182] [ 64.852366] The buggy address belongs to the object at ffff0000c3c72400 [ 64.852366] which belongs to the cache kmalloc-128 of size 128 [ 64.853187] The buggy address is located 0 bytes inside of [ 64.853187] 128-byte region [ffff0000c3c72400, ffff0000c3c72480) [ 64.854216] [ 64.854472] The buggy address belongs to the physical page: [ 64.854900] page:00000000a9204604 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c72 [ 64.855575] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.856184] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.856908] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.857617] page dumped because: kasan: bad access detected [ 64.858034] [ 64.858215] Memory state around the buggy address: [ 64.858648] ffff0000c3c72300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 64.859190] ffff0000c3c72380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.859738] >ffff0000c3c72400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.860217] ^ [ 64.860529] ffff0000c3c72480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.861058] ffff0000c3c72500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.861823] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf
[ 64.784195] ================================================================== [ 64.784935] BUG: KASAN: use-after-free in kmalloc_uaf+0xdc/0x1e8 [ 64.785402] Read of size 1 at addr ffff0000c59aae08 by task kunit_try_catch/141 [ 64.785839] [ 64.786007] CPU: 1 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.787950] Hardware name: linux,dummy-virt (DT) [ 64.788700] Call trace: [ 64.789176] dump_backtrace+0x110/0x120 [ 64.790018] show_stack+0x18/0x28 [ 64.790800] dump_stack_lvl+0x68/0x84 [ 64.791517] print_report+0x158/0x484 [ 64.792219] kasan_report+0x98/0xe0 [ 64.792898] __asan_load1+0x68/0x78 [ 64.793606] kmalloc_uaf+0xdc/0x1e8 [ 64.794321] kunit_try_run_case+0x7c/0x120 [ 64.795112] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.796033] kthread+0x1a4/0x1b8 [ 64.796705] ret_from_fork+0x10/0x20 [ 64.797391] [ 64.797827] Allocated by task 141: [ 64.798467] kasan_save_stack+0x2c/0x58 [ 64.799176] kasan_set_track+0x2c/0x40 [ 64.799890] kasan_save_alloc_info+0x24/0x38 [ 64.800724] __kasan_kmalloc+0xa0/0xb8 [ 64.801354] kmalloc_trace+0x50/0x68 [ 64.802079] kmalloc_uaf+0xa8/0x1e8 [ 64.802774] kunit_try_run_case+0x7c/0x120 [ 64.803541] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.804491] kthread+0x1a4/0x1b8 [ 64.805169] ret_from_fork+0x10/0x20 [ 64.805814] [ 64.806108] Freed by task 141: [ 64.806725] kasan_save_stack+0x2c/0x58 [ 64.807456] kasan_set_track+0x2c/0x40 [ 64.807947] kasan_save_free_info+0x38/0x60 [ 64.808314] __kasan_slab_free+0xe8/0x158 [ 64.808636] __kmem_cache_free+0x138/0x2b0 [ 64.809003] kfree+0x5c/0x70 [ 64.809607] kmalloc_uaf+0xc8/0x1e8 [ 64.810224] kunit_try_run_case+0x7c/0x120 [ 64.811065] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.811878] kthread+0x1a4/0x1b8 [ 64.812566] ret_from_fork+0x10/0x20 [ 64.813338] [ 64.813864] The buggy address belongs to the object at ffff0000c59aae00 [ 64.813864] which belongs to the cache kmalloc-128 of size 128 [ 64.815068] The buggy address is located 8 bytes inside of [ 64.815068] 128-byte region [ffff0000c59aae00, ffff0000c59aae80) [ 64.815702] [ 64.815863] The buggy address belongs to the physical page: [ 64.816193] page:000000007750314d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 64.817222] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.818253] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.819500] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.820359] page dumped because: kasan: bad access detected [ 64.820997] [ 64.821247] Memory state around the buggy address: [ 64.822353] ffff0000c59aad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.823182] ffff0000c59aad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.824013] >ffff0000c59aae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.824806] ^ [ 64.825289] ffff0000c59aae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.826247] ffff0000c59aaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.827174] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 64.748850] ================================================================== [ 64.750542] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xf0/0x1e8 [ 64.751929] Read of size 64 at addr ffff0000c58b8f04 by task kunit_try_catch/140 [ 64.753169] [ 64.753515] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.754613] Hardware name: linux,dummy-virt (DT) [ 64.755115] Call trace: [ 64.755336] dump_backtrace+0x110/0x120 [ 64.755700] show_stack+0x18/0x28 [ 64.756026] dump_stack_lvl+0x68/0x84 [ 64.756648] print_report+0x158/0x484 [ 64.757202] kasan_report+0x98/0xe0 [ 64.757838] kasan_check_range+0x160/0x1d8 [ 64.758527] memmove+0x44/0xb0 [ 64.759032] kmalloc_memmove_invalid_size+0xf0/0x1e8 [ 64.759744] kunit_try_run_case+0x7c/0x120 [ 64.760356] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.761089] kthread+0x1a4/0x1b8 [ 64.761609] ret_from_fork+0x10/0x20 [ 64.762199] [ 64.762481] Allocated by task 140: [ 64.762932] kasan_save_stack+0x2c/0x58 [ 64.763482] kasan_set_track+0x2c/0x40 [ 64.764028] kasan_save_alloc_info+0x24/0x38 [ 64.764651] __kasan_kmalloc+0xa0/0xb8 [ 64.765167] kmalloc_trace+0x50/0x68 [ 64.765737] kmalloc_memmove_invalid_size+0xa8/0x1e8 [ 64.766485] kunit_try_run_case+0x7c/0x120 [ 64.767150] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.767914] kthread+0x1a4/0x1b8 [ 64.768414] ret_from_fork+0x10/0x20 [ 64.768932] [ 64.769199] The buggy address belongs to the object at ffff0000c58b8f00 [ 64.769199] which belongs to the cache kmalloc-128 of size 128 [ 64.770703] The buggy address is located 4 bytes inside of [ 64.770703] 128-byte region [ffff0000c58b8f00, ffff0000c58b8f80) [ 64.771501] [ 64.771662] The buggy address belongs to the physical page: [ 64.771987] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.772509] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.772992] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.773729] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.774168] page dumped because: kasan: bad access detected [ 64.774518] [ 64.774671] Memory state around the buggy address: [ 64.774984] ffff0000c58b8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.775529] ffff0000c58b8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.776157] >ffff0000c58b8f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 64.776716] ^ [ 64.777168] ffff0000c58b8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.777697] ffff0000c58b9000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.778437] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 64.720376] ================================================================== [ 64.721164] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xf0/0x1f8 [ 64.722433] Read of size 18446744073709551614 at addr ffff0000c59aaa04 by task kunit_try_catch/139 [ 64.723001] [ 64.723176] CPU: 1 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.724157] Hardware name: linux,dummy-virt (DT) [ 64.724715] Call trace: [ 64.725062] dump_backtrace+0x110/0x120 [ 64.726286] show_stack+0x18/0x28 [ 64.726770] dump_stack_lvl+0x68/0x84 [ 64.727272] print_report+0x158/0x484 [ 64.727708] kasan_report+0x98/0xe0 [ 64.728075] kasan_check_range+0x160/0x1d8 [ 64.728668] memmove+0x44/0xb0 [ 64.729091] kmalloc_memmove_negative_size+0xf0/0x1f8 [ 64.729805] kunit_try_run_case+0x7c/0x120 [ 64.730334] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.730940] kthread+0x1a4/0x1b8 [ 64.731291] ret_from_fork+0x10/0x20 [ 64.731706] [ 64.731873] Allocated by task 139: [ 64.732161] kasan_save_stack+0x2c/0x58 [ 64.732561] kasan_set_track+0x2c/0x40 [ 64.732888] kasan_save_alloc_info+0x24/0x38 [ 64.733334] __kasan_kmalloc+0xa0/0xb8 [ 64.733730] kmalloc_trace+0x50/0x68 [ 64.734059] kmalloc_memmove_negative_size+0xa8/0x1f8 [ 64.734547] kunit_try_run_case+0x7c/0x120 [ 64.734994] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.735506] kthread+0x1a4/0x1b8 [ 64.735855] ret_from_fork+0x10/0x20 [ 64.736212] [ 64.736437] The buggy address belongs to the object at ffff0000c59aaa00 [ 64.736437] which belongs to the cache kmalloc-128 of size 128 [ 64.737261] The buggy address is located 4 bytes inside of [ 64.737261] 128-byte region [ffff0000c59aaa00, ffff0000c59aaa80) [ 64.738160] [ 64.738371] The buggy address belongs to the physical page: [ 64.738849] page:000000007750314d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 64.739707] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.740311] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.740937] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.741504] page dumped because: kasan: bad access detected [ 64.741944] [ 64.742192] Memory state around the buggy address: [ 64.742650] ffff0000c59aa900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.743252] ffff0000c59aa980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.743853] >ffff0000c59aaa00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 64.744526] ^ [ 64.744819] ffff0000c59aaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.745359] ffff0000c59aab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.745994] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 64.667980] ================================================================== [ 64.668754] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xe4/0x1f0 [ 64.669440] Write of size 8 at addr ffff0000c58b8971 by task kunit_try_catch/137 [ 64.669927] [ 64.670125] CPU: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.670835] Hardware name: linux,dummy-virt (DT) [ 64.671195] Call trace: [ 64.671471] dump_backtrace+0x110/0x120 [ 64.671938] show_stack+0x18/0x28 [ 64.672360] dump_stack_lvl+0x68/0x84 [ 64.672838] print_report+0x158/0x484 [ 64.673194] kasan_report+0x98/0xe0 [ 64.673639] kasan_check_range+0x160/0x1d8 [ 64.674034] memset+0x3c/0x80 [ 64.674416] kmalloc_oob_memset_8+0xe4/0x1f0 [ 64.674953] kunit_try_run_case+0x7c/0x120 [ 64.675370] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.675889] kthread+0x1a4/0x1b8 [ 64.676435] ret_from_fork+0x10/0x20 [ 64.676772] [ 64.676964] Allocated by task 137: [ 64.677297] kasan_save_stack+0x2c/0x58 [ 64.677713] kasan_set_track+0x2c/0x40 [ 64.678078] kasan_save_alloc_info+0x24/0x38 [ 64.678473] __kasan_kmalloc+0xa0/0xb8 [ 64.678839] kmalloc_trace+0x50/0x68 [ 64.679211] kmalloc_oob_memset_8+0xa8/0x1f0 [ 64.679682] kunit_try_run_case+0x7c/0x120 [ 64.680082] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.680563] kthread+0x1a4/0x1b8 [ 64.680894] ret_from_fork+0x10/0x20 [ 64.681264] [ 64.681507] The buggy address belongs to the object at ffff0000c58b8900 [ 64.681507] which belongs to the cache kmalloc-128 of size 128 [ 64.682322] The buggy address is located 113 bytes inside of [ 64.682322] 128-byte region [ffff0000c58b8900, ffff0000c58b8980) [ 64.683126] [ 64.683337] The buggy address belongs to the physical page: [ 64.683769] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.684446] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.685076] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.685736] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.686314] page dumped because: kasan: bad access detected [ 64.686708] [ 64.686893] Memory state around the buggy address: [ 64.687298] ffff0000c58b8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.687826] ffff0000c58b8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.688369] >ffff0000c58b8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.688854] ^ [ 64.689384] ffff0000c58b8980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.689933] ffff0000c58b8a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.690511] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 64.640789] ================================================================== [ 64.641586] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xe4/0x1f8 [ 64.642193] Write of size 4 at addr ffff0000c58b8875 by task kunit_try_catch/136 [ 64.642982] [ 64.643265] CPU: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.643906] Hardware name: linux,dummy-virt (DT) [ 64.644320] Call trace: [ 64.644645] dump_backtrace+0x110/0x120 [ 64.645147] show_stack+0x18/0x28 [ 64.645670] dump_stack_lvl+0x68/0x84 [ 64.646055] print_report+0x158/0x484 [ 64.646460] kasan_report+0x98/0xe0 [ 64.646861] kasan_check_range+0x160/0x1d8 [ 64.647268] memset+0x3c/0x80 [ 64.647598] kmalloc_oob_memset_4+0xe4/0x1f8 [ 64.648056] kunit_try_run_case+0x7c/0x120 [ 64.648470] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.648991] kthread+0x1a4/0x1b8 [ 64.649352] ret_from_fork+0x10/0x20 [ 64.649840] [ 64.650059] Allocated by task 136: [ 64.650372] kasan_save_stack+0x2c/0x58 [ 64.650748] kasan_set_track+0x2c/0x40 [ 64.651144] kasan_save_alloc_info+0x24/0x38 [ 64.651564] __kasan_kmalloc+0xa0/0xb8 [ 64.651938] kmalloc_trace+0x50/0x68 [ 64.652325] kmalloc_oob_memset_4+0xa8/0x1f8 [ 64.652764] kunit_try_run_case+0x7c/0x120 [ 64.653173] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.653823] kthread+0x1a4/0x1b8 [ 64.654184] ret_from_fork+0x10/0x20 [ 64.654554] [ 64.654715] The buggy address belongs to the object at ffff0000c58b8800 [ 64.654715] which belongs to the cache kmalloc-128 of size 128 [ 64.655556] The buggy address is located 117 bytes inside of [ 64.655556] 128-byte region [ffff0000c58b8800, ffff0000c58b8880) [ 64.656362] [ 64.656527] The buggy address belongs to the physical page: [ 64.656936] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.657675] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.658307] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.659070] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.659636] page dumped because: kasan: bad access detected [ 64.660044] [ 64.660222] Memory state around the buggy address: [ 64.660645] ffff0000c58b8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.661190] ffff0000c58b8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.661886] >ffff0000c58b8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.662417] ^ [ 64.662905] ffff0000c58b8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.663612] ffff0000c58b8900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.664118] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 64.613574] ================================================================== [ 64.614518] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xe4/0x1f0 [ 64.615279] Write of size 2 at addr ffff0000c58b8777 by task kunit_try_catch/135 [ 64.615804] [ 64.616010] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.616633] Hardware name: linux,dummy-virt (DT) [ 64.617053] Call trace: [ 64.617322] dump_backtrace+0x110/0x120 [ 64.617905] show_stack+0x18/0x28 [ 64.618318] dump_stack_lvl+0x68/0x84 [ 64.618758] print_report+0x158/0x484 [ 64.619114] kasan_report+0x98/0xe0 [ 64.619461] kasan_check_range+0x160/0x1d8 [ 64.619904] memset+0x3c/0x80 [ 64.620252] kmalloc_oob_memset_2+0xe4/0x1f0 [ 64.620661] kunit_try_run_case+0x7c/0x120 [ 64.621091] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.621617] kthread+0x1a4/0x1b8 [ 64.621982] ret_from_fork+0x10/0x20 [ 64.622359] [ 64.622534] Allocated by task 135: [ 64.622821] kasan_save_stack+0x2c/0x58 [ 64.623248] kasan_set_track+0x2c/0x40 [ 64.623633] kasan_save_alloc_info+0x24/0x38 [ 64.624031] __kasan_kmalloc+0xa0/0xb8 [ 64.624412] kmalloc_trace+0x50/0x68 [ 64.624780] kmalloc_oob_memset_2+0xa8/0x1f0 [ 64.625193] kunit_try_run_case+0x7c/0x120 [ 64.625690] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.626171] kthread+0x1a4/0x1b8 [ 64.626484] ret_from_fork+0x10/0x20 [ 64.626873] [ 64.627078] The buggy address belongs to the object at ffff0000c58b8700 [ 64.627078] which belongs to the cache kmalloc-128 of size 128 [ 64.627997] The buggy address is located 119 bytes inside of [ 64.627997] 128-byte region [ffff0000c58b8700, ffff0000c58b8780) [ 64.629044] [ 64.629251] The buggy address belongs to the physical page: [ 64.629697] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.630334] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.631017] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.631636] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.632177] page dumped because: kasan: bad access detected [ 64.632599] [ 64.632776] Memory state around the buggy address: [ 64.633152] ffff0000c58b8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.633847] ffff0000c58b8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.634385] >ffff0000c58b8700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.634896] ^ [ 64.635465] ffff0000c58b8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.636069] ffff0000c58b8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.636691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 64.588010] ================================================================== [ 64.588783] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xe0/0x1e8 [ 64.589437] Write of size 128 at addr ffff0000c58b8600 by task kunit_try_catch/134 [ 64.589998] [ 64.590262] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.590850] Hardware name: linux,dummy-virt (DT) [ 64.591285] Call trace: [ 64.591498] dump_backtrace+0x110/0x120 [ 64.591931] show_stack+0x18/0x28 [ 64.592344] dump_stack_lvl+0x68/0x84 [ 64.592733] print_report+0x158/0x484 [ 64.593123] kasan_report+0x98/0xe0 [ 64.593570] kasan_check_range+0x160/0x1d8 [ 64.594049] memset+0x3c/0x80 [ 64.594397] kmalloc_oob_in_memset+0xe0/0x1e8 [ 64.594835] kunit_try_run_case+0x7c/0x120 [ 64.595272] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.595765] kthread+0x1a4/0x1b8 [ 64.596105] ret_from_fork+0x10/0x20 [ 64.596494] [ 64.596662] Allocated by task 134: [ 64.596994] kasan_save_stack+0x2c/0x58 [ 64.597376] kasan_set_track+0x2c/0x40 [ 64.597762] kasan_save_alloc_info+0x24/0x38 [ 64.598212] __kasan_kmalloc+0xa0/0xb8 [ 64.598620] kmalloc_trace+0x50/0x68 [ 64.598957] kmalloc_oob_in_memset+0xa8/0x1e8 [ 64.599421] kunit_try_run_case+0x7c/0x120 [ 64.599852] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.600347] kthread+0x1a4/0x1b8 [ 64.600702] ret_from_fork+0x10/0x20 [ 64.601068] [ 64.601264] The buggy address belongs to the object at ffff0000c58b8600 [ 64.601264] which belongs to the cache kmalloc-128 of size 128 [ 64.602068] The buggy address is located 0 bytes inside of [ 64.602068] 128-byte region [ffff0000c58b8600, ffff0000c58b8680) [ 64.603020] [ 64.603258] The buggy address belongs to the physical page: [ 64.603773] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.604397] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.605039] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.605747] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.606319] page dumped because: kasan: bad access detected [ 64.606745] [ 64.606921] Memory state around the buggy address: [ 64.607321] ffff0000c58b8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.607846] ffff0000c58b8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.608394] >ffff0000c58b8600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 64.608902] ^ [ 64.609443] ffff0000c58b8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.610026] ffff0000c58b8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.610573] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 64.057338] ================================================================== [ 64.058924] BUG: KASAN: invalid-free in kfree+0x6c/0x70 [ 64.059659] Free of addr ffff0000c5994001 by task kunit_try_catch/123 [ 64.060418] [ 64.060682] CPU: 1 PID: 123 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.061711] Hardware name: linux,dummy-virt (DT) [ 64.062306] Call trace: [ 64.062646] dump_backtrace+0x110/0x120 [ 64.063224] show_stack+0x18/0x28 [ 64.063750] dump_stack_lvl+0x68/0x84 [ 64.064307] print_report+0x158/0x484 [ 64.064825] kasan_report_invalid_free+0x84/0xa0 [ 64.065502] __kasan_kfree_large+0x54/0xa0 [ 64.066057] free_large_kmalloc+0x58/0xe8 [ 64.066625] kfree+0x6c/0x70 [ 64.067067] kmalloc_pagealloc_invalid_free+0xc0/0x1c0 [ 64.067766] kunit_try_run_case+0x7c/0x120 [ 64.068351] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.069068] kthread+0x1a4/0x1b8 [ 64.069642] ret_from_fork+0x10/0x20 [ 64.070205] [ 64.070489] The buggy address belongs to the physical page: [ 64.071021] page:00000000b32ac4a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105994 [ 64.071544] head:00000000b32ac4a2 order:2 compound_mapcount:0 compound_pincount:0 [ 64.071961] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.072704] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.073674] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.074754] page dumped because: kasan: bad access detected [ 64.075414] [ 64.075678] Memory state around the buggy address: [ 64.076285] ffff0000c5993f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.077125] ffff0000c5993f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.078043] >ffff0000c5994000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.078952] ^ [ 64.079478] ffff0000c5994080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.080343] ffff0000c5994100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.081169] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf_16
[ 64.557018] ================================================================== [ 64.557814] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x110/0x278 [ 64.558380] Read of size 16 at addr ffff0000c58b8500 by task kunit_try_catch/133 [ 64.558918] [ 64.559121] CPU: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.559799] Hardware name: linux,dummy-virt (DT) [ 64.560154] Call trace: [ 64.560410] dump_backtrace+0x110/0x120 [ 64.560841] show_stack+0x18/0x28 [ 64.561242] dump_stack_lvl+0x68/0x84 [ 64.561749] print_report+0x158/0x484 [ 64.562105] kasan_report+0x98/0xe0 [ 64.562527] __asan_load16+0x7c/0xa8 [ 64.562968] kmalloc_uaf_16+0x110/0x278 [ 64.563595] kunit_try_run_case+0x7c/0x120 [ 64.564134] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.564733] kthread+0x1a4/0x1b8 [ 64.565179] ret_from_fork+0x10/0x20 [ 64.565648] [ 64.565902] Allocated by task 133: [ 64.566207] kasan_save_stack+0x2c/0x58 [ 64.566552] kasan_set_track+0x2c/0x40 [ 64.566967] kasan_save_alloc_info+0x24/0x38 [ 64.567378] __kasan_kmalloc+0xa0/0xb8 [ 64.567712] kmalloc_trace+0x50/0x68 [ 64.568087] kmalloc_uaf_16+0xd4/0x278 [ 64.568509] kunit_try_run_case+0x7c/0x120 [ 64.568916] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.569425] kthread+0x1a4/0x1b8 [ 64.569756] ret_from_fork+0x10/0x20 [ 64.570118] [ 64.570318] Freed by task 133: [ 64.570567] kasan_save_stack+0x2c/0x58 [ 64.570956] kasan_set_track+0x2c/0x40 [ 64.571315] kasan_save_free_info+0x38/0x60 [ 64.571718] __kasan_slab_free+0xe8/0x158 [ 64.572119] __kmem_cache_free+0x138/0x2b0 [ 64.572566] kfree+0x5c/0x70 [ 64.572906] kmalloc_uaf_16+0xf4/0x278 [ 64.573303] kunit_try_run_case+0x7c/0x120 [ 64.573727] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.574219] kthread+0x1a4/0x1b8 [ 64.574565] ret_from_fork+0x10/0x20 [ 64.574921] [ 64.575121] The buggy address belongs to the object at ffff0000c58b8500 [ 64.575121] which belongs to the cache kmalloc-128 of size 128 [ 64.575953] The buggy address is located 0 bytes inside of [ 64.575953] 128-byte region [ffff0000c58b8500, ffff0000c58b8580) [ 64.576734] [ 64.576900] The buggy address belongs to the physical page: [ 64.577307] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.578035] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.578645] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.579238] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.579796] page dumped because: kasan: bad access detected [ 64.580204] [ 64.580398] Memory state around the buggy address: [ 64.580788] ffff0000c58b8400: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.581344] ffff0000c58b8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.581874] >ffff0000c58b8500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.582439] ^ [ 64.582729] ffff0000c58b8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.583311] ffff0000c58b8600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.583813] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 64.530617] ================================================================== [ 64.531428] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x104/0x278 [ 64.532027] Write of size 16 at addr ffff0000c58b8200 by task kunit_try_catch/132 [ 64.532551] [ 64.532771] CPU: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.533424] Hardware name: linux,dummy-virt (DT) [ 64.533825] Call trace: [ 64.534064] dump_backtrace+0x110/0x120 [ 64.534521] show_stack+0x18/0x28 [ 64.534913] dump_stack_lvl+0x68/0x84 [ 64.535324] print_report+0x158/0x484 [ 64.535684] kasan_report+0x98/0xe0 [ 64.536043] __asan_store16+0x7c/0xa8 [ 64.536433] kmalloc_oob_16+0x104/0x278 [ 64.536830] kunit_try_run_case+0x7c/0x120 [ 64.537284] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.537853] kthread+0x1a4/0x1b8 [ 64.538224] ret_from_fork+0x10/0x20 [ 64.538609] [ 64.538828] Allocated by task 132: [ 64.539118] kasan_save_stack+0x2c/0x58 [ 64.539563] kasan_set_track+0x2c/0x40 [ 64.539932] kasan_save_alloc_info+0x24/0x38 [ 64.540425] __kasan_kmalloc+0xa0/0xb8 [ 64.540799] kmalloc_trace+0x50/0x68 [ 64.541174] kmalloc_oob_16+0xac/0x278 [ 64.541640] kunit_try_run_case+0x7c/0x120 [ 64.542063] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.542564] kthread+0x1a4/0x1b8 [ 64.542897] ret_from_fork+0x10/0x20 [ 64.543272] [ 64.543449] The buggy address belongs to the object at ffff0000c58b8200 [ 64.543449] which belongs to the cache kmalloc-128 of size 128 [ 64.544299] The buggy address is located 0 bytes inside of [ 64.544299] 128-byte region [ffff0000c58b8200, ffff0000c58b8280) [ 64.545089] [ 64.545261] The buggy address belongs to the physical page: [ 64.545707] page:0000000079d9b0ef refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058b8 [ 64.546367] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 64.547050] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 64.547648] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.548372] page dumped because: kasan: bad access detected [ 64.548805] [ 64.548998] Memory state around the buggy address: [ 64.549384] ffff0000c58b8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.550099] ffff0000c58b8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.550792] >ffff0000c58b8200: 00 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.551296] ^ [ 64.551676] ffff0000c58b8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.552180] ffff0000c58b8300: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.552744] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-krealloc_uaf
[ 64.469020] ================================================================== [ 64.469934] BUG: KASAN: use-after-free in krealloc_uaf+0xec/0x2c8 [ 64.470639] Read of size 1 at addr ffff0000c17a6800 by task kunit_try_catch/131 [ 64.471191] [ 64.471397] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.472022] Hardware name: linux,dummy-virt (DT) [ 64.472379] Call trace: [ 64.472639] dump_backtrace+0x110/0x120 [ 64.473053] show_stack+0x18/0x28 [ 64.473479] dump_stack_lvl+0x68/0x84 [ 64.473919] print_report+0x158/0x484 [ 64.474282] kasan_report+0x98/0xe0 [ 64.474645] __kasan_check_byte+0x58/0x70 [ 64.475075] krealloc+0x48/0x178 [ 64.475465] krealloc_uaf+0xec/0x2c8 [ 64.475847] kunit_try_run_case+0x7c/0x120 [ 64.476270] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.476787] kthread+0x1a4/0x1b8 [ 64.477117] ret_from_fork+0x10/0x20 [ 64.477575] [ 64.477780] Allocated by task 131: [ 64.478115] kasan_save_stack+0x2c/0x58 [ 64.478508] kasan_set_track+0x2c/0x40 [ 64.478866] kasan_save_alloc_info+0x24/0x38 [ 64.479316] __kasan_kmalloc+0xa0/0xb8 [ 64.479702] kmalloc_trace+0x50/0x68 [ 64.480081] krealloc_uaf+0xb0/0x2c8 [ 64.480496] kunit_try_run_case+0x7c/0x120 [ 64.480905] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.481441] kthread+0x1a4/0x1b8 [ 64.481848] ret_from_fork+0x10/0x20 [ 64.482255] [ 64.482419] Freed by task 131: [ 64.482711] kasan_save_stack+0x2c/0x58 [ 64.483097] kasan_set_track+0x2c/0x40 [ 64.483469] kasan_save_free_info+0x38/0x60 [ 64.483836] __kasan_slab_free+0xe8/0x158 [ 64.484265] __kmem_cache_free+0x138/0x2b0 [ 64.484722] kfree+0x5c/0x70 [ 64.485036] krealloc_uaf+0xd0/0x2c8 [ 64.485439] kunit_try_run_case+0x7c/0x120 [ 64.485862] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.486455] kthread+0x1a4/0x1b8 [ 64.486807] ret_from_fork+0x10/0x20 [ 64.487219] [ 64.487422] The buggy address belongs to the object at ffff0000c17a6800 [ 64.487422] which belongs to the cache kmalloc-256 of size 256 [ 64.488239] The buggy address is located 0 bytes inside of [ 64.488239] 256-byte region [ffff0000c17a6800, ffff0000c17a6900) [ 64.488988] [ 64.489201] The buggy address belongs to the physical page: [ 64.489664] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.490573] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.491140] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.491838] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.492468] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.493072] page dumped because: kasan: bad access detected [ 64.493558] [ 64.493909] Memory state around the buggy address: [ 64.494489] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.495036] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.495573] >ffff0000c17a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.496372] ^ [ 64.496770] ffff0000c17a6880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.497462] ffff0000c17a6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.498053] ================================================================== [ 64.499346] ================================================================== [ 64.500186] BUG: KASAN: use-after-free in krealloc_uaf+0x118/0x2c8 [ 64.500881] Read of size 1 at addr ffff0000c17a6800 by task kunit_try_catch/131 [ 64.501649] [ 64.501855] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.502491] Hardware name: linux,dummy-virt (DT) [ 64.502850] Call trace: [ 64.503076] dump_backtrace+0x110/0x120 [ 64.503514] show_stack+0x18/0x28 [ 64.503889] dump_stack_lvl+0x68/0x84 [ 64.504285] print_report+0x158/0x484 [ 64.504667] kasan_report+0x98/0xe0 [ 64.505021] __asan_load1+0x68/0x78 [ 64.505380] krealloc_uaf+0x118/0x2c8 [ 64.505901] kunit_try_run_case+0x7c/0x120 [ 64.506312] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.506800] kthread+0x1a4/0x1b8 [ 64.507168] ret_from_fork+0x10/0x20 [ 64.507550] [ 64.507844] Allocated by task 131: [ 64.508155] kasan_save_stack+0x2c/0x58 [ 64.508587] kasan_set_track+0x2c/0x40 [ 64.508910] kasan_save_alloc_info+0x24/0x38 [ 64.509365] __kasan_kmalloc+0xa0/0xb8 [ 64.509755] kmalloc_trace+0x50/0x68 [ 64.510123] krealloc_uaf+0xb0/0x2c8 [ 64.510543] kunit_try_run_case+0x7c/0x120 [ 64.510966] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.511471] kthread+0x1a4/0x1b8 [ 64.511821] ret_from_fork+0x10/0x20 [ 64.512181] [ 64.512374] Freed by task 131: [ 64.512631] kasan_save_stack+0x2c/0x58 [ 64.513008] kasan_set_track+0x2c/0x40 [ 64.513397] kasan_save_free_info+0x38/0x60 [ 64.513853] __kasan_slab_free+0xe8/0x158 [ 64.514219] __kmem_cache_free+0x138/0x2b0 [ 64.514661] kfree+0x5c/0x70 [ 64.515001] krealloc_uaf+0xd0/0x2c8 [ 64.515410] kunit_try_run_case+0x7c/0x120 [ 64.515815] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.516386] kthread+0x1a4/0x1b8 [ 64.516737] ret_from_fork+0x10/0x20 [ 64.517085] [ 64.517252] The buggy address belongs to the object at ffff0000c17a6800 [ 64.517252] which belongs to the cache kmalloc-256 of size 256 [ 64.518051] The buggy address is located 0 bytes inside of [ 64.518051] 256-byte region [ffff0000c17a6800, ffff0000c17a6900) [ 64.518853] [ 64.519034] The buggy address belongs to the physical page: [ 64.519479] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.520120] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.520695] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.521347] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.522032] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.522575] page dumped because: kasan: bad access detected [ 64.522972] [ 64.523154] Memory state around the buggy address: [ 64.523681] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.524257] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.524820] >ffff0000c17a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.525376] ^ [ 64.525671] ffff0000c17a6880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 64.526201] ffff0000c17a6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.526711] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 64.397006] ================================================================== [ 64.397601] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x150/0x5c0 [ 64.398342] Write of size 1 at addr ffff0000c595e0d0 by task kunit_try_catch/130 [ 64.398884] [ 64.399085] CPU: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.399725] Hardware name: linux,dummy-virt (DT) [ 64.400060] Call trace: [ 64.400371] dump_backtrace+0x110/0x120 [ 64.400802] show_stack+0x18/0x28 [ 64.401200] dump_stack_lvl+0x68/0x84 [ 64.401612] print_report+0x158/0x484 [ 64.402014] kasan_report+0x98/0xe0 [ 64.402395] __asan_store1+0x68/0x78 [ 64.402765] krealloc_less_oob_helper+0x150/0x5c0 [ 64.403301] krealloc_pagealloc_less_oob+0x18/0x28 [ 64.403753] kunit_try_run_case+0x7c/0x120 [ 64.404173] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.404687] kthread+0x1a4/0x1b8 [ 64.405038] ret_from_fork+0x10/0x20 [ 64.405441] [ 64.405620] The buggy address belongs to the physical page: [ 64.406033] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.406716] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.407280] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.407963] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.408601] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.409163] page dumped because: kasan: bad access detected [ 64.409584] [ 64.409772] Memory state around the buggy address: [ 64.410166] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.410699] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.411277] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 64.411789] ^ [ 64.412253] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.412801] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.413336] ================================================================== [ 64.283870] ================================================================== [ 64.284395] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1d0/0x5c0 [ 64.285041] Write of size 1 at addr ffff0000c17a66ea by task kunit_try_catch/128 [ 64.285930] [ 64.286124] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.286783] Hardware name: linux,dummy-virt (DT) [ 64.287123] Call trace: [ 64.287389] dump_backtrace+0x110/0x120 [ 64.287840] show_stack+0x18/0x28 [ 64.288245] dump_stack_lvl+0x68/0x84 [ 64.288656] print_report+0x158/0x484 [ 64.289007] kasan_report+0x98/0xe0 [ 64.289391] __asan_store1+0x68/0x78 [ 64.290200] krealloc_less_oob_helper+0x1d0/0x5c0 [ 64.290677] krealloc_less_oob+0x18/0x28 [ 64.291104] kunit_try_run_case+0x7c/0x120 [ 64.291528] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.292043] kthread+0x1a4/0x1b8 [ 64.292403] ret_from_fork+0x10/0x20 [ 64.292777] [ 64.292943] Allocated by task 128: [ 64.293269] kasan_save_stack+0x2c/0x58 [ 64.293863] kasan_set_track+0x2c/0x40 [ 64.294266] kasan_save_alloc_info+0x24/0x38 [ 64.294684] __kasan_krealloc+0xec/0x120 [ 64.295054] krealloc+0x13c/0x178 [ 64.295398] krealloc_less_oob_helper+0xdc/0x5c0 [ 64.295860] krealloc_less_oob+0x18/0x28 [ 64.296396] kunit_try_run_case+0x7c/0x120 [ 64.296815] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.297322] kthread+0x1a4/0x1b8 [ 64.298120] ret_from_fork+0x10/0x20 [ 64.298514] [ 64.298693] The buggy address belongs to the object at ffff0000c17a6600 [ 64.298693] which belongs to the cache kmalloc-256 of size 256 [ 64.299530] The buggy address is located 234 bytes inside of [ 64.299530] 256-byte region [ffff0000c17a6600, ffff0000c17a6700) [ 64.300337] [ 64.300513] The buggy address belongs to the physical page: [ 64.300981] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.301839] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.302413] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.303041] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.303750] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.304312] page dumped because: kasan: bad access detected [ 64.304721] [ 64.304909] Memory state around the buggy address: [ 64.305294] ffff0000c17a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.306437] ffff0000c17a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.306991] >ffff0000c17a6680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 64.307535] ^ [ 64.308051] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.308621] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.309126] ================================================================== [ 64.431641] ================================================================== [ 64.432145] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1d0/0x5c0 [ 64.432874] Write of size 1 at addr ffff0000c595e0ea by task kunit_try_catch/130 [ 64.433557] [ 64.433780] CPU: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.434542] Hardware name: linux,dummy-virt (DT) [ 64.435022] Call trace: [ 64.435402] dump_backtrace+0x110/0x120 [ 64.435807] show_stack+0x18/0x28 [ 64.436245] dump_stack_lvl+0x68/0x84 [ 64.436655] print_report+0x158/0x484 [ 64.437190] kasan_report+0x98/0xe0 [ 64.437606] __asan_store1+0x68/0x78 [ 64.437975] krealloc_less_oob_helper+0x1d0/0x5c0 [ 64.438453] krealloc_pagealloc_less_oob+0x18/0x28 [ 64.438907] kunit_try_run_case+0x7c/0x120 [ 64.439356] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.439892] kthread+0x1a4/0x1b8 [ 64.440211] ret_from_fork+0x10/0x20 [ 64.440624] [ 64.440814] The buggy address belongs to the physical page: [ 64.441252] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.441918] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.442450] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.443038] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.443679] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.444234] page dumped because: kasan: bad access detected [ 64.444650] [ 64.444831] Memory state around the buggy address: [ 64.445243] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.445883] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.446451] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 64.446959] ^ [ 64.447503] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.448076] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.448634] ================================================================== [ 64.310315] ================================================================== [ 64.310827] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1fc/0x5c0 [ 64.311472] Write of size 1 at addr ffff0000c17a66eb by task kunit_try_catch/128 [ 64.311945] [ 64.312143] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.312825] Hardware name: linux,dummy-virt (DT) [ 64.313193] Call trace: [ 64.313430] dump_backtrace+0x110/0x120 [ 64.313873] show_stack+0x18/0x28 [ 64.314258] dump_stack_lvl+0x68/0x84 [ 64.314673] print_report+0x158/0x484 [ 64.315037] kasan_report+0x98/0xe0 [ 64.315866] __asan_store1+0x68/0x78 [ 64.316268] krealloc_less_oob_helper+0x1fc/0x5c0 [ 64.316751] krealloc_less_oob+0x18/0x28 [ 64.317152] kunit_try_run_case+0x7c/0x120 [ 64.317849] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.318396] kthread+0x1a4/0x1b8 [ 64.318731] ret_from_fork+0x10/0x20 [ 64.319133] [ 64.319325] Allocated by task 128: [ 64.319653] kasan_save_stack+0x2c/0x58 [ 64.320026] kasan_set_track+0x2c/0x40 [ 64.320398] kasan_save_alloc_info+0x24/0x38 [ 64.320821] __kasan_krealloc+0xec/0x120 [ 64.321202] krealloc+0x13c/0x178 [ 64.321620] krealloc_less_oob_helper+0xdc/0x5c0 [ 64.322081] krealloc_less_oob+0x18/0x28 [ 64.322506] kunit_try_run_case+0x7c/0x120 [ 64.322950] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.323452] kthread+0x1a4/0x1b8 [ 64.323794] ret_from_fork+0x10/0x20 [ 64.324165] [ 64.324356] The buggy address belongs to the object at ffff0000c17a6600 [ 64.324356] which belongs to the cache kmalloc-256 of size 256 [ 64.325180] The buggy address is located 235 bytes inside of [ 64.325180] 256-byte region [ffff0000c17a6600, ffff0000c17a6700) [ 64.326690] [ 64.326857] The buggy address belongs to the physical page: [ 64.327283] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.327963] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.328549] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.329192] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.329941] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.330734] page dumped because: kasan: bad access detected [ 64.331147] [ 64.331341] Memory state around the buggy address: [ 64.331716] ffff0000c17a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.332307] ffff0000c17a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.332871] >ffff0000c17a6680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 64.333870] ^ [ 64.334370] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.334940] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.335478] ================================================================== [ 64.257784] ================================================================== [ 64.258330] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a0/0x5c0 [ 64.258972] Write of size 1 at addr ffff0000c17a66da by task kunit_try_catch/128 [ 64.259768] [ 64.259966] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.260593] Hardware name: linux,dummy-virt (DT) [ 64.261004] Call trace: [ 64.261311] dump_backtrace+0x110/0x120 [ 64.261986] show_stack+0x18/0x28 [ 64.262425] dump_stack_lvl+0x68/0x84 [ 64.262813] print_report+0x158/0x484 [ 64.263180] kasan_report+0x98/0xe0 [ 64.263615] __asan_store1+0x68/0x78 [ 64.263945] krealloc_less_oob_helper+0x1a0/0x5c0 [ 64.264472] krealloc_less_oob+0x18/0x28 [ 64.264859] kunit_try_run_case+0x7c/0x120 [ 64.265307] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.265821] kthread+0x1a4/0x1b8 [ 64.266169] ret_from_fork+0x10/0x20 [ 64.266543] [ 64.266720] Allocated by task 128: [ 64.267033] kasan_save_stack+0x2c/0x58 [ 64.267858] kasan_set_track+0x2c/0x40 [ 64.268251] kasan_save_alloc_info+0x24/0x38 [ 64.268679] __kasan_krealloc+0xec/0x120 [ 64.269076] krealloc+0x13c/0x178 [ 64.269441] krealloc_less_oob_helper+0xdc/0x5c0 [ 64.270129] krealloc_less_oob+0x18/0x28 [ 64.270570] kunit_try_run_case+0x7c/0x120 [ 64.270997] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.271486] kthread+0x1a4/0x1b8 [ 64.271812] ret_from_fork+0x10/0x20 [ 64.272184] [ 64.272373] The buggy address belongs to the object at ffff0000c17a6600 [ 64.272373] which belongs to the cache kmalloc-256 of size 256 [ 64.273161] The buggy address is located 218 bytes inside of [ 64.273161] 256-byte region [ffff0000c17a6600, ffff0000c17a6700) [ 64.274161] [ 64.274348] The buggy address belongs to the physical page: [ 64.274771] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.275757] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.276335] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.276957] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.277806] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.278350] page dumped because: kasan: bad access detected [ 64.278774] [ 64.278953] Memory state around the buggy address: [ 64.279322] ffff0000c17a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.279899] ffff0000c17a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.280440] >ffff0000c17a6680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 64.280957] ^ [ 64.281445] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.282031] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.282608] ================================================================== [ 64.201676] ================================================================== [ 64.203048] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x11c/0x5c0 [ 64.204968] Write of size 1 at addr ffff0000c17a66c9 by task kunit_try_catch/128 [ 64.206677] [ 64.206892] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.207536] Hardware name: linux,dummy-virt (DT) [ 64.207909] Call trace: [ 64.208157] dump_backtrace+0x110/0x120 [ 64.208621] show_stack+0x18/0x28 [ 64.209016] dump_stack_lvl+0x68/0x84 [ 64.209585] print_report+0x158/0x484 [ 64.209974] kasan_report+0x98/0xe0 [ 64.210349] __asan_store1+0x68/0x78 [ 64.210704] krealloc_less_oob_helper+0x11c/0x5c0 [ 64.211173] krealloc_less_oob+0x18/0x28 [ 64.211917] kunit_try_run_case+0x7c/0x120 [ 64.212337] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.212854] kthread+0x1a4/0x1b8 [ 64.213188] ret_from_fork+0x10/0x20 [ 64.213912] [ 64.214085] Allocated by task 128: [ 64.214418] kasan_save_stack+0x2c/0x58 [ 64.214841] kasan_set_track+0x2c/0x40 [ 64.215205] kasan_save_alloc_info+0x24/0x38 [ 64.215620] __kasan_krealloc+0xec/0x120 [ 64.215998] krealloc+0x13c/0x178 [ 64.216382] krealloc_less_oob_helper+0xdc/0x5c0 [ 64.216869] krealloc_less_oob+0x18/0x28 [ 64.217292] kunit_try_run_case+0x7c/0x120 [ 64.217711] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.218179] kthread+0x1a4/0x1b8 [ 64.218995] ret_from_fork+0x10/0x20 [ 64.219368] [ 64.219562] The buggy address belongs to the object at ffff0000c17a6600 [ 64.219562] which belongs to the cache kmalloc-256 of size 256 [ 64.220371] The buggy address is located 201 bytes inside of [ 64.220371] 256-byte region [ffff0000c17a6600, ffff0000c17a6700) [ 64.221174] [ 64.221391] The buggy address belongs to the physical page: [ 64.222099] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.222806] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.223314] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.224000] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.224597] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.225143] page dumped because: kasan: bad access detected [ 64.225732] [ 64.225902] Memory state around the buggy address: [ 64.226302] ffff0000c17a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.226846] ffff0000c17a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.227731] >ffff0000c17a6680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 64.228275] ^ [ 64.228676] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.229266] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.230048] ================================================================== [ 64.379515] ================================================================== [ 64.380356] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x11c/0x5c0 [ 64.380999] Write of size 1 at addr ffff0000c595e0c9 by task kunit_try_catch/130 [ 64.381632] [ 64.381828] CPU: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.382613] Hardware name: linux,dummy-virt (DT) [ 64.382952] Call trace: [ 64.383218] dump_backtrace+0x110/0x120 [ 64.383744] show_stack+0x18/0x28 [ 64.384104] dump_stack_lvl+0x68/0x84 [ 64.384532] print_report+0x158/0x484 [ 64.384934] kasan_report+0x98/0xe0 [ 64.385314] __asan_store1+0x68/0x78 [ 64.385689] krealloc_less_oob_helper+0x11c/0x5c0 [ 64.386174] krealloc_pagealloc_less_oob+0x18/0x28 [ 64.386643] kunit_try_run_case+0x7c/0x120 [ 64.387062] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.387593] kthread+0x1a4/0x1b8 [ 64.387960] ret_from_fork+0x10/0x20 [ 64.388339] [ 64.388531] The buggy address belongs to the physical page: [ 64.388957] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.389642] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.390168] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.390745] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.391355] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.391895] page dumped because: kasan: bad access detected [ 64.392301] [ 64.392490] Memory state around the buggy address: [ 64.392874] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.393447] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.394037] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 64.394570] ^ [ 64.395001] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.395558] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.396074] ================================================================== [ 64.449352] ================================================================== [ 64.449855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1fc/0x5c0 [ 64.450585] Write of size 1 at addr ffff0000c595e0eb by task kunit_try_catch/130 [ 64.451127] [ 64.451331] CPU: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.451928] Hardware name: linux,dummy-virt (DT) [ 64.452319] Call trace: [ 64.452579] dump_backtrace+0x110/0x120 [ 64.452982] show_stack+0x18/0x28 [ 64.453439] dump_stack_lvl+0x68/0x84 [ 64.453842] print_report+0x158/0x484 [ 64.454238] kasan_report+0x98/0xe0 [ 64.454575] __asan_store1+0x68/0x78 [ 64.455007] krealloc_less_oob_helper+0x1fc/0x5c0 [ 64.455477] krealloc_pagealloc_less_oob+0x18/0x28 [ 64.456003] kunit_try_run_case+0x7c/0x120 [ 64.456512] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.457034] kthread+0x1a4/0x1b8 [ 64.457401] ret_from_fork+0x10/0x20 [ 64.457763] [ 64.457934] The buggy address belongs to the physical page: [ 64.458355] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.459049] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.459596] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.460183] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.460791] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.461356] page dumped because: kasan: bad access detected [ 64.461813] [ 64.462029] Memory state around the buggy address: [ 64.462436] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.462982] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.463526] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 64.464024] ^ [ 64.464548] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.465097] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.465655] ================================================================== [ 64.414930] ================================================================== [ 64.415462] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a0/0x5c0 [ 64.416066] Write of size 1 at addr ffff0000c595e0da by task kunit_try_catch/130 [ 64.416586] [ 64.416792] CPU: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.417456] Hardware name: linux,dummy-virt (DT) [ 64.417899] Call trace: [ 64.418152] dump_backtrace+0x110/0x120 [ 64.418575] show_stack+0x18/0x28 [ 64.418999] dump_stack_lvl+0x68/0x84 [ 64.419408] print_report+0x158/0x484 [ 64.419782] kasan_report+0x98/0xe0 [ 64.420145] __asan_store1+0x68/0x78 [ 64.420519] krealloc_less_oob_helper+0x1a0/0x5c0 [ 64.420987] krealloc_pagealloc_less_oob+0x18/0x28 [ 64.421498] kunit_try_run_case+0x7c/0x120 [ 64.421906] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.422397] kthread+0x1a4/0x1b8 [ 64.422738] ret_from_fork+0x10/0x20 [ 64.423109] [ 64.423295] The buggy address belongs to the physical page: [ 64.423718] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.424385] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.424925] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.425529] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.426121] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.426694] page dumped because: kasan: bad access detected [ 64.427115] [ 64.427297] Memory state around the buggy address: [ 64.427678] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.428212] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.428745] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 64.429263] ^ [ 64.429745] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.430329] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.430860] ================================================================== [ 64.231362] ================================================================== [ 64.231879] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x150/0x5c0 [ 64.232540] Write of size 1 at addr ffff0000c17a66d0 by task kunit_try_catch/128 [ 64.233050] [ 64.233266] CPU: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.234022] Hardware name: linux,dummy-virt (DT) [ 64.234432] Call trace: [ 64.234672] dump_backtrace+0x110/0x120 [ 64.235114] show_stack+0x18/0x28 [ 64.235518] dump_stack_lvl+0x68/0x84 [ 64.235909] print_report+0x158/0x484 [ 64.236773] kasan_report+0x98/0xe0 [ 64.237155] __asan_store1+0x68/0x78 [ 64.237586] krealloc_less_oob_helper+0x150/0x5c0 [ 64.238317] krealloc_less_oob+0x18/0x28 [ 64.238744] kunit_try_run_case+0x7c/0x120 [ 64.239156] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.239642] kthread+0x1a4/0x1b8 [ 64.239984] ret_from_fork+0x10/0x20 [ 64.240352] [ 64.240531] Allocated by task 128: [ 64.240863] kasan_save_stack+0x2c/0x58 [ 64.241258] kasan_set_track+0x2c/0x40 [ 64.242070] kasan_save_alloc_info+0x24/0x38 [ 64.242494] __kasan_krealloc+0xec/0x120 [ 64.242892] krealloc+0x13c/0x178 [ 64.243249] krealloc_less_oob_helper+0xdc/0x5c0 [ 64.243709] krealloc_less_oob+0x18/0x28 [ 64.244137] kunit_try_run_case+0x7c/0x120 [ 64.244588] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.245106] kthread+0x1a4/0x1b8 [ 64.245714] ret_from_fork+0x10/0x20 [ 64.246079] [ 64.246278] The buggy address belongs to the object at ffff0000c17a6600 [ 64.246278] which belongs to the cache kmalloc-256 of size 256 [ 64.247117] The buggy address is located 208 bytes inside of [ 64.247117] 256-byte region [ffff0000c17a6600, ffff0000c17a6700) [ 64.247949] [ 64.248125] The buggy address belongs to the physical page: [ 64.248575] page:00000000d35011b9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017a6 [ 64.249264] head:00000000d35011b9 order:1 compound_mapcount:0 compound_pincount:0 [ 64.250341] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.250964] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.251584] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.252134] page dumped because: kasan: bad access detected [ 64.252586] [ 64.252774] Memory state around the buggy address: [ 64.253152] ffff0000c17a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.253932] ffff0000c17a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.254683] >ffff0000c17a6680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 64.255301] ^ [ 64.255829] ffff0000c17a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.256469] ffff0000c17a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.257013] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 64.358189] ================================================================== [ 64.358711] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x178/0x388 [ 64.359466] Write of size 1 at addr ffff0000c595e0f0 by task kunit_try_catch/129 [ 64.360151] [ 64.360422] CPU: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.361147] Hardware name: linux,dummy-virt (DT) [ 64.361719] Call trace: [ 64.362110] dump_backtrace+0x110/0x120 [ 64.362644] show_stack+0x18/0x28 [ 64.363131] dump_stack_lvl+0x68/0x84 [ 64.363519] print_report+0x158/0x484 [ 64.363921] kasan_report+0x98/0xe0 [ 64.364281] __asan_store1+0x68/0x78 [ 64.364655] krealloc_more_oob_helper+0x178/0x388 [ 64.365096] krealloc_pagealloc_more_oob+0x18/0x28 [ 64.365648] kunit_try_run_case+0x7c/0x120 [ 64.366046] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.366711] kthread+0x1a4/0x1b8 [ 64.367033] ret_from_fork+0x10/0x20 [ 64.367411] [ 64.367626] The buggy address belongs to the physical page: [ 64.368150] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.368828] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.369528] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.370323] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.371044] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.371581] page dumped because: kasan: bad access detected [ 64.372057] [ 64.372279] Memory state around the buggy address: [ 64.372684] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.373220] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.373830] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 64.374421] ^ [ 64.374978] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.375508] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.375992] ================================================================== [ 64.173810] ================================================================== [ 64.174310] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x178/0x388 [ 64.174981] Write of size 1 at addr ffff0000c55e46f0 by task kunit_try_catch/127 [ 64.175503] [ 64.175698] CPU: 1 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.176386] Hardware name: linux,dummy-virt (DT) [ 64.176744] Call trace: [ 64.176975] dump_backtrace+0x110/0x120 [ 64.177433] show_stack+0x18/0x28 [ 64.177820] dump_stack_lvl+0x68/0x84 [ 64.178216] print_report+0x158/0x484 [ 64.178597] kasan_report+0x98/0xe0 [ 64.178955] __asan_store1+0x68/0x78 [ 64.179577] krealloc_more_oob_helper+0x178/0x388 [ 64.180067] krealloc_more_oob+0x18/0x28 [ 64.180493] kunit_try_run_case+0x7c/0x120 [ 64.180919] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.181589] kthread+0x1a4/0x1b8 [ 64.181933] ret_from_fork+0x10/0x20 [ 64.182330] [ 64.182519] Allocated by task 127: [ 64.182822] kasan_save_stack+0x2c/0x58 [ 64.183200] kasan_set_track+0x2c/0x40 [ 64.183576] kasan_save_alloc_info+0x24/0x38 [ 64.184001] __kasan_krealloc+0xec/0x120 [ 64.184391] krealloc+0x13c/0x178 [ 64.184735] krealloc_more_oob_helper+0xdc/0x388 [ 64.185180] krealloc_more_oob+0x18/0x28 [ 64.185824] kunit_try_run_case+0x7c/0x120 [ 64.186243] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.186775] kthread+0x1a4/0x1b8 [ 64.187115] ret_from_fork+0x10/0x20 [ 64.187506] [ 64.187685] The buggy address belongs to the object at ffff0000c55e4600 [ 64.187685] which belongs to the cache kmalloc-256 of size 256 [ 64.188511] The buggy address is located 240 bytes inside of [ 64.188511] 256-byte region [ffff0000c55e4600, ffff0000c55e4700) [ 64.189362] [ 64.189691] The buggy address belongs to the physical page: [ 64.190140] page:000000007e8e1d6e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1055e4 [ 64.190873] head:000000007e8e1d6e order:1 compound_mapcount:0 compound_pincount:0 [ 64.191440] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.192064] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.192685] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.193283] page dumped because: kasan: bad access detected [ 64.193763] [ 64.193961] Memory state around the buggy address: [ 64.194325] ffff0000c55e4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.194872] ffff0000c55e4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.195640] >ffff0000c55e4680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 64.196143] ^ [ 64.196644] ffff0000c55e4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.197192] ffff0000c55e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.198360] ================================================================== [ 64.147159] ================================================================== [ 64.147990] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x144/0x388 [ 64.148674] Write of size 1 at addr ffff0000c55e46eb by task kunit_try_catch/127 [ 64.149207] [ 64.149464] CPU: 1 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.150106] Hardware name: linux,dummy-virt (DT) [ 64.150661] Call trace: [ 64.150933] dump_backtrace+0x110/0x120 [ 64.151397] show_stack+0x18/0x28 [ 64.151813] dump_stack_lvl+0x68/0x84 [ 64.152253] print_report+0x158/0x484 [ 64.152642] kasan_report+0x98/0xe0 [ 64.153021] __asan_store1+0x68/0x78 [ 64.153421] krealloc_more_oob_helper+0x144/0x388 [ 64.153949] krealloc_more_oob+0x18/0x28 [ 64.154529] kunit_try_run_case+0x7c/0x120 [ 64.154995] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.155544] kthread+0x1a4/0x1b8 [ 64.155920] ret_from_fork+0x10/0x20 [ 64.156320] [ 64.156507] Allocated by task 127: [ 64.156831] kasan_save_stack+0x2c/0x58 [ 64.157277] kasan_set_track+0x2c/0x40 [ 64.157798] kasan_save_alloc_info+0x24/0x38 [ 64.158252] __kasan_krealloc+0xec/0x120 [ 64.158653] krealloc+0x13c/0x178 [ 64.158996] krealloc_more_oob_helper+0xdc/0x388 [ 64.159490] krealloc_more_oob+0x18/0x28 [ 64.159894] kunit_try_run_case+0x7c/0x120 [ 64.160343] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.160861] kthread+0x1a4/0x1b8 [ 64.161202] ret_from_fork+0x10/0x20 [ 64.161752] [ 64.161962] The buggy address belongs to the object at ffff0000c55e4600 [ 64.161962] which belongs to the cache kmalloc-256 of size 256 [ 64.162875] The buggy address is located 235 bytes inside of [ 64.162875] 256-byte region [ffff0000c55e4600, ffff0000c55e4700) [ 64.163722] [ 64.163931] The buggy address belongs to the physical page: [ 64.164448] page:000000007e8e1d6e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1055e4 [ 64.165186] head:000000007e8e1d6e order:1 compound_mapcount:0 compound_pincount:0 [ 64.165960] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.166649] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 64.167249] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 64.167827] page dumped because: kasan: bad access detected [ 64.168283] [ 64.168470] Memory state around the buggy address: [ 64.168851] ffff0000c55e4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.169639] ffff0000c55e4600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.170196] >ffff0000c55e4680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 64.170707] ^ [ 64.171219] ffff0000c55e4700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.172208] ffff0000c55e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.172748] ================================================================== [ 64.339206] ================================================================== [ 64.340009] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x144/0x388 [ 64.340673] Write of size 1 at addr ffff0000c595e0eb by task kunit_try_catch/129 [ 64.341168] [ 64.341403] CPU: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.342021] Hardware name: linux,dummy-virt (DT) [ 64.342426] Call trace: [ 64.342687] dump_backtrace+0x110/0x120 [ 64.343139] show_stack+0x18/0x28 [ 64.343568] dump_stack_lvl+0x68/0x84 [ 64.344070] print_report+0x158/0x484 [ 64.344488] kasan_report+0x98/0xe0 [ 64.344847] __asan_store1+0x68/0x78 [ 64.345213] krealloc_more_oob_helper+0x144/0x388 [ 64.345819] krealloc_pagealloc_more_oob+0x18/0x28 [ 64.346307] kunit_try_run_case+0x7c/0x120 [ 64.346796] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.347431] kthread+0x1a4/0x1b8 [ 64.347784] ret_from_fork+0x10/0x20 [ 64.348142] [ 64.348356] The buggy address belongs to the physical page: [ 64.348756] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.349443] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.349996] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.350645] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.351438] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.352003] page dumped because: kasan: bad access detected [ 64.352437] [ 64.352627] Memory state around the buggy address: [ 64.353001] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.353596] ffff0000c595e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.354162] >ffff0000c595e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 64.354833] ^ [ 64.355349] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.355916] ffff0000c595e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.356629] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 64.113003] ================================================================== [ 64.114513] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xd8/0x1f0 [ 64.115810] Write of size 1 at addr ffff0000c17ddf00 by task kunit_try_catch/126 [ 64.117002] [ 64.117327] CPU: 0 PID: 126 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.118501] Hardware name: linux,dummy-virt (DT) [ 64.119065] Call trace: [ 64.119438] dump_backtrace+0x110/0x120 [ 64.120100] show_stack+0x18/0x28 [ 64.120668] dump_stack_lvl+0x68/0x84 [ 64.121251] print_report+0x158/0x484 [ 64.121883] kasan_report+0x98/0xe0 [ 64.122492] __asan_store1+0x68/0x78 [ 64.123072] kmalloc_large_oob_right+0xd8/0x1f0 [ 64.123769] kunit_try_run_case+0x7c/0x120 [ 64.124382] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.124913] kthread+0x1a4/0x1b8 [ 64.125209] ret_from_fork+0x10/0x20 [ 64.125613] [ 64.125785] Allocated by task 126: [ 64.126082] kasan_save_stack+0x2c/0x58 [ 64.126653] kasan_set_track+0x2c/0x40 [ 64.127245] kasan_save_alloc_info+0x24/0x38 [ 64.127682] __kasan_kmalloc+0xa0/0xb8 [ 64.128072] kmalloc_trace+0x50/0x68 [ 64.128456] kmalloc_large_oob_right+0xa8/0x1f0 [ 64.128892] kunit_try_run_case+0x7c/0x120 [ 64.129334] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.130364] kthread+0x1a4/0x1b8 [ 64.130729] ret_from_fork+0x10/0x20 [ 64.131114] [ 64.131321] The buggy address belongs to the object at ffff0000c17dc000 [ 64.131321] which belongs to the cache kmalloc-8k of size 8192 [ 64.132208] The buggy address is located 7936 bytes inside of [ 64.132208] 8192-byte region [ffff0000c17dc000, ffff0000c17de000) [ 64.133086] [ 64.133324] The buggy address belongs to the physical page: [ 64.133918] page:0000000063f2cd7d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017d8 [ 64.134776] head:0000000063f2cd7d order:3 compound_mapcount:0 compound_pincount:0 [ 64.135366] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 64.136001] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 64.136631] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 64.137185] page dumped because: kasan: bad access detected [ 64.138074] [ 64.138297] Memory state around the buggy address: [ 64.138733] ffff0000c17dde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.139316] ffff0000c17dde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.139893] >ffff0000c17ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.140461] ^ [ 64.140768] ffff0000c17ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.141362] ffff0000c17de000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.142172] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
[ 64.088287] ================================================================== [ 64.090000] BUG: KASAN: use-after-free in pagealloc_uaf+0xe8/0x208 [ 64.090917] Read of size 1 at addr ffff0000c59b0000 by task kunit_try_catch/125 [ 64.091715] [ 64.091892] CPU: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.092665] Hardware name: linux,dummy-virt (DT) [ 64.093248] Call trace: [ 64.093672] dump_backtrace+0x110/0x120 [ 64.094387] show_stack+0x18/0x28 [ 64.094922] dump_stack_lvl+0x68/0x84 [ 64.095503] print_report+0x158/0x484 [ 64.096040] kasan_report+0x98/0xe0 [ 64.096564] __asan_load1+0x68/0x78 [ 64.097089] pagealloc_uaf+0xe8/0x208 [ 64.097745] kunit_try_run_case+0x7c/0x120 [ 64.098398] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.099116] kthread+0x1a4/0x1b8 [ 64.099429] ret_from_fork+0x10/0x20 [ 64.099742] [ 64.099902] The buggy address belongs to the physical page: [ 64.100244] page:0000000052409ff8 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1059b0 [ 64.100781] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 64.101260] raw: 0bfffc0000000000 ffff0000ff7f59a0 ffff0000ff7f59a0 0000000000000000 [ 64.102249] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000 [ 64.103292] page dumped because: kasan: bad access detected [ 64.103945] [ 64.104214] Memory state around the buggy address: [ 64.104825] ffff0000c59aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.105744] ffff0000c59aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.106680] >ffff0000c59b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.107544] ^ [ 64.107999] ffff0000c59b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.108840] ffff0000c59b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 64.109763] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
[ 64.007779] ================================================================== [ 64.009095] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xc4/0x1d8 [ 64.009818] Write of size 1 at addr ffff0000c595e00a by task kunit_try_catch/121 [ 64.010276] [ 64.010451] CPU: 0 PID: 121 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 64.010936] Hardware name: linux,dummy-virt (DT) [ 64.011253] Call trace: [ 64.011609] dump_backtrace+0x110/0x120 [ 64.012249] show_stack+0x18/0x28 [ 64.012939] dump_stack_lvl+0x68/0x84 [ 64.013575] print_report+0x158/0x484 [ 64.014145] kasan_report+0x98/0xe0 [ 64.014806] __asan_store1+0x68/0x78 [ 64.015374] kmalloc_pagealloc_oob_right+0xc4/0x1d8 [ 64.016069] kunit_try_run_case+0x7c/0x120 [ 64.016704] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 64.017477] kthread+0x1a4/0x1b8 [ 64.018186] ret_from_fork+0x10/0x20 [ 64.018849] [ 64.019112] The buggy address belongs to the physical page: [ 64.019945] page:000000002033b139 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 64.021014] head:000000002033b139 order:2 compound_mapcount:0 compound_pincount:0 [ 64.022014] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 64.023093] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 64.024025] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 64.024687] page dumped because: kasan: bad access detected [ 64.025018] [ 64.025172] Memory state around the buggy address: [ 64.025775] ffff0000c595df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.026249] ffff0000c595df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.026786] >ffff0000c595e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.027243] ^ [ 64.027643] ffff0000c595e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.028218] ffff0000c595e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 64.028775] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 63.971548] ================================================================== [ 63.972204] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xdc/0x1f0 [ 63.973026] Read of size 1 at addr ffff0000c5907000 by task kunit_try_catch/120 [ 63.974344] [ 63.974781] CPU: 1 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.975649] Hardware name: linux,dummy-virt (DT) [ 63.975956] Call trace: [ 63.976156] dump_backtrace+0x110/0x120 [ 63.976529] show_stack+0x18/0x28 [ 63.976855] dump_stack_lvl+0x68/0x84 [ 63.977187] print_report+0x158/0x484 [ 63.978281] kasan_report+0x98/0xe0 [ 63.978861] __asan_load1+0x68/0x78 [ 63.979435] kmalloc_node_oob_right+0xdc/0x1f0 [ 63.980127] kunit_try_run_case+0x7c/0x120 [ 63.980773] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.981591] kthread+0x1a4/0x1b8 [ 63.982193] ret_from_fork+0x10/0x20 [ 63.982787] [ 63.983089] Allocated by task 120: [ 63.983591] kasan_save_stack+0x2c/0x58 [ 63.984187] kasan_set_track+0x2c/0x40 [ 63.984761] kasan_save_alloc_info+0x24/0x38 [ 63.985435] __kasan_kmalloc+0xa0/0xb8 [ 63.986075] kmalloc_node_trace+0x48/0x60 [ 63.986694] kmalloc_node_oob_right+0xac/0x1f0 [ 63.987363] kunit_try_run_case+0x7c/0x120 [ 63.987994] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.988736] kthread+0x1a4/0x1b8 [ 63.989225] ret_from_fork+0x10/0x20 [ 63.989775] [ 63.990082] The buggy address belongs to the object at ffff0000c5906000 [ 63.990082] which belongs to the cache kmalloc-4k of size 4096 [ 63.991475] The buggy address is located 0 bytes to the right of [ 63.991475] 4096-byte region [ffff0000c5906000, ffff0000c5907000) [ 63.992817] [ 63.993090] The buggy address belongs to the physical page: [ 63.993808] page:000000002773b70c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105900 [ 63.994875] head:000000002773b70c order:3 compound_mapcount:0 compound_pincount:0 [ 63.995473] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 63.996418] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002a80 [ 63.997306] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 63.998430] page dumped because: kasan: bad access detected [ 63.999040] [ 63.999329] Memory state around the buggy address: [ 63.999875] ffff0000c5906f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.000312] ffff0000c5906f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 64.000736] >ffff0000c5907000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.001134] ^ [ 64.001655] ffff0000c5907080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.002654] ffff0000c5907100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 64.003495] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 63.932914] ================================================================== [ 63.934144] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xd4/0x1e8 [ 63.934755] Read of size 1 at addr ffff0000c580feff by task kunit_try_catch/119 [ 63.935289] [ 63.935507] CPU: 0 PID: 119 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.936144] Hardware name: linux,dummy-virt (DT) [ 63.936582] Call trace: [ 63.936874] dump_backtrace+0x110/0x120 [ 63.937302] show_stack+0x18/0x28 [ 63.938151] dump_stack_lvl+0x68/0x84 [ 63.938567] print_report+0x158/0x484 [ 63.938966] kasan_report+0x98/0xe0 [ 63.939355] __asan_load1+0x68/0x78 [ 63.939744] kmalloc_oob_left+0xd4/0x1e8 [ 63.940167] kunit_try_run_case+0x7c/0x120 [ 63.940611] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.941091] kthread+0x1a4/0x1b8 [ 63.941606] ret_from_fork+0x10/0x20 [ 63.941978] [ 63.942158] Allocated by task 1: [ 63.942523] kasan_save_stack+0x2c/0x58 [ 63.942891] kasan_set_track+0x2c/0x40 [ 63.943422] kasan_save_alloc_info+0x24/0x38 [ 63.943844] __kasan_kmalloc+0xa0/0xb8 [ 63.944213] kmalloc_trace+0x50/0x68 [ 63.944601] __kthread_create_on_node+0xc8/0x2c0 [ 63.945044] kthread_create_on_node+0xa4/0xd8 [ 63.945937] kunit_try_catch_run+0xe8/0x348 [ 63.946378] kunit_run_case_catch_errors+0x150/0x1c8 [ 63.946872] kunit_run_tests+0x2d4/0x7a0 [ 63.947272] __kunit_test_suites_init+0x84/0xb8 [ 63.947733] kunit_run_all_tests+0x188/0x2f0 [ 63.948183] kernel_init_freeable+0x2f4/0x338 [ 63.948650] kernel_init+0x24/0x148 [ 63.949004] ret_from_fork+0x10/0x20 [ 63.949387] [ 63.949839] Freed by task 1: [ 63.950129] kasan_save_stack+0x2c/0x58 [ 63.950519] kasan_set_track+0x2c/0x40 [ 63.950901] kasan_save_free_info+0x38/0x60 [ 63.951356] __kasan_slab_free+0xe8/0x158 [ 63.951709] __kmem_cache_free+0x138/0x2b0 [ 63.952164] kfree+0x5c/0x70 [ 63.952494] __kthread_create_on_node+0x18c/0x2c0 [ 63.952918] kthread_create_on_node+0xa4/0xd8 [ 63.953326] kunit_try_catch_run+0xe8/0x348 [ 63.953755] kunit_run_case_catch_errors+0x150/0x1c8 [ 63.954224] kunit_run_tests+0x2d4/0x7a0 [ 63.954639] __kunit_test_suites_init+0x84/0xb8 [ 63.955075] kunit_run_all_tests+0x188/0x2f0 [ 63.955957] kernel_init_freeable+0x2f4/0x338 [ 63.956421] kernel_init+0x24/0x148 [ 63.956784] ret_from_fork+0x10/0x20 [ 63.957162] [ 63.957360] The buggy address belongs to the object at ffff0000c580fe00 [ 63.957360] which belongs to the cache kmalloc-128 of size 128 [ 63.958458] The buggy address is located 127 bytes to the right of [ 63.958458] 128-byte region [ffff0000c580fe00, ffff0000c580fe80) [ 63.959318] [ 63.959500] The buggy address belongs to the physical page: [ 63.959910] page:0000000019561651 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10580f [ 63.960649] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.961256] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.962510] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.963047] page dumped because: kasan: bad access detected [ 63.963504] [ 63.963691] Memory state around the buggy address: [ 63.964077] ffff0000c580fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.964632] ffff0000c580fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.965196] >ffff0000c580fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.966107] ^ [ 63.966624] ffff0000c580ff00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.967182] ffff0000c580ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.967725] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 63.902585] ================================================================== [ 63.903441] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x12c/0x328 [ 63.904418] Read of size 1 at addr ffff0000c586de80 by task kunit_try_catch/118 [ 63.905249] [ 63.905664] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.906753] Hardware name: linux,dummy-virt (DT) [ 63.907322] Call trace: [ 63.907667] dump_backtrace+0x110/0x120 [ 63.908254] show_stack+0x18/0x28 [ 63.908736] dump_stack_lvl+0x68/0x84 [ 63.909079] print_report+0x158/0x484 [ 63.909401] kasan_report+0x98/0xe0 [ 63.909746] __asan_load1+0x68/0x78 [ 63.910052] kmalloc_oob_right+0x12c/0x328 [ 63.910782] kunit_try_run_case+0x7c/0x120 [ 63.911251] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.911772] kthread+0x1a4/0x1b8 [ 63.912095] ret_from_fork+0x10/0x20 [ 63.912496] [ 63.912665] Allocated by task 118: [ 63.913001] kasan_save_stack+0x2c/0x58 [ 63.913389] kasan_set_track+0x2c/0x40 [ 63.914070] kasan_save_alloc_info+0x24/0x38 [ 63.914518] __kasan_kmalloc+0xa0/0xb8 [ 63.914889] kmalloc_trace+0x50/0x68 [ 63.915265] kmalloc_oob_right+0xa8/0x328 [ 63.915702] kunit_try_run_case+0x7c/0x120 [ 63.916123] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.916630] kthread+0x1a4/0x1b8 [ 63.916956] ret_from_fork+0x10/0x20 [ 63.917351] [ 63.917689] The buggy address belongs to the object at ffff0000c586de00 [ 63.917689] which belongs to the cache kmalloc-128 of size 128 [ 63.918560] The buggy address is located 0 bytes to the right of [ 63.918560] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.919428] [ 63.919595] The buggy address belongs to the physical page: [ 63.920005] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.920693] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.921307] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.922241] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.922773] page dumped because: kasan: bad access detected [ 63.923193] [ 63.923370] Memory state around the buggy address: [ 63.923784] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.924333] ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.924902] >ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.926244] ^ [ 63.926557] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.927108] ffff0000c586df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.927637] ================================================================== [ 63.876042] ================================================================== [ 63.876847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x100/0x328 [ 63.877785] Write of size 1 at addr ffff0000c586de78 by task kunit_try_catch/118 [ 63.878805] [ 63.879081] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 63.879879] Hardware name: linux,dummy-virt (DT) [ 63.880181] Call trace: [ 63.880412] dump_backtrace+0x110/0x120 [ 63.880844] show_stack+0x18/0x28 [ 63.881175] dump_stack_lvl+0x68/0x84 [ 63.881752] print_report+0x158/0x484 [ 63.882349] kasan_report+0x98/0xe0 [ 63.882851] __asan_store1+0x68/0x78 [ 63.883363] kmalloc_oob_right+0x100/0x328 [ 63.883951] kunit_try_run_case+0x7c/0x120 [ 63.884547] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.885269] kthread+0x1a4/0x1b8 [ 63.885746] ret_from_fork+0x10/0x20 [ 63.886222] [ 63.886394] Allocated by task 118: [ 63.886642] kasan_save_stack+0x2c/0x58 [ 63.886958] kasan_set_track+0x2c/0x40 [ 63.887276] kasan_save_alloc_info+0x24/0x38 [ 63.887750] __kasan_kmalloc+0xa0/0xb8 [ 63.888128] kmalloc_trace+0x50/0x68 [ 63.888517] kmalloc_oob_right+0xa8/0x328 [ 63.888902] kunit_try_run_case+0x7c/0x120 [ 63.889368] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.889975] kthread+0x1a4/0x1b8 [ 63.890279] ret_from_fork+0x10/0x20 [ 63.890585] [ 63.890745] The buggy address belongs to the object at ffff0000c586de00 [ 63.890745] which belongs to the cache kmalloc-128 of size 128 [ 63.891387] The buggy address is located 120 bytes inside of [ 63.891387] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.892006] [ 63.892162] The buggy address belongs to the physical page: [ 63.892579] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.893126] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.893629] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.894626] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.895628] page dumped because: kasan: bad access detected [ 63.896271] [ 63.896514] Memory state around the buggy address: [ 63.897097] ffff0000c586dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.897925] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.898874] >ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.899729] ^ [ 63.900431] ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.900864] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.901307] ================================================================== [ 63.843339] ================================================================== [ 63.844264] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xd4/0x328 [ 63.845371] Write of size 1 at addr ffff0000c586de73 by task kunit_try_catch/118 [ 63.846125] [ 63.846684] CPU: 1 PID: 118 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 63.847766] Hardware name: linux,dummy-virt (DT) [ 63.848278] Call trace: [ 63.848512] dump_backtrace+0x110/0x120 [ 63.848908] show_stack+0x18/0x28 [ 63.849256] dump_stack_lvl+0x68/0x84 [ 63.849627] print_report+0x158/0x484 [ 63.850305] kasan_report+0x98/0xe0 [ 63.850767] __asan_store1+0x68/0x78 [ 63.851154] kmalloc_oob_right+0xd4/0x328 [ 63.851685] kunit_try_run_case+0x7c/0x120 [ 63.852043] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.852669] kthread+0x1a4/0x1b8 [ 63.852971] ret_from_fork+0x10/0x20 [ 63.853403] [ 63.853609] Allocated by task 118: [ 63.854073] kasan_save_stack+0x2c/0x58 [ 63.854733] kasan_set_track+0x2c/0x40 [ 63.855264] kasan_save_alloc_info+0x24/0x38 [ 63.855844] __kasan_kmalloc+0xa0/0xb8 [ 63.856362] kmalloc_trace+0x50/0x68 [ 63.856868] kmalloc_oob_right+0xa8/0x328 [ 63.857481] kunit_try_run_case+0x7c/0x120 [ 63.858077] kunit_generic_run_threadfn_adapter+0x30/0x50 [ 63.858812] kthread+0x1a4/0x1b8 [ 63.859292] ret_from_fork+0x10/0x20 [ 63.859849] [ 63.860150] The buggy address belongs to the object at ffff0000c586de00 [ 63.860150] which belongs to the cache kmalloc-128 of size 128 [ 63.860834] The buggy address is located 115 bytes inside of [ 63.860834] 128-byte region [ffff0000c586de00, ffff0000c586de80) [ 63.861651] [ 63.862251] The buggy address belongs to the physical page: [ 63.862756] page:00000000f16aa132 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10586d [ 63.863732] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 63.864978] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 63.866029] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 63.866958] page dumped because: kasan: bad access detected [ 63.867642] [ 63.867898] Memory state around the buggy address: [ 63.868655] ffff0000c586dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.869545] ffff0000c586dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.870524] >ffff0000c586de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 63.871340] ^ [ 63.872179] ffff0000c586de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.872894] ffff0000c586df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.873359] ==================================================================