Date
July 15, 2025, 2:10 p.m.
Failure - log-parser-boot - internal-error-oops-oops-preempt-smp
[ 134.191655] Internal error: Oops: 0000000086000004 [#1] PREEMPT SMP [ 134.192441] Modules linked in: [ 134.193690] CPU: 1 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 134.194398] Hardware name: linux,dummy-virt (DT) [ 134.194948] pstate: 62402809 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=-c) [ 134.195603] pc : 0x0 [ 134.195953] lr : test_longest_symbol_kallsyms+0x17c/0x1d0 [ 134.196595] sp : ffff800008db7ca0 [ 134.196930] x29: ffff800008db7de0 x28: 0000000000000000 x27: 0000000000000000 [ 134.197893] x26: 0000000000000000 x25: 0000000000000000 x24: ffff800008087a78 [ 134.198735] x23: ffffafe567558840 x22: ffffafe566e136d4 x21: 1ffff000011b6f94 [ 134.199503] x20: ffff800008087a60 x19: ffffafe568b411c0 x18: 000000007899b38c [ 134.200343] x17: 736d79736c6c616b x16: 206c6f626d79735f x15: 747365676e6f6c5f [ 134.201524] x14: 74736574203a736d x13: 0a0a646572657473 x12: ffff7000011b6f68 [ 134.202311] x11: 1ffff000011b6f67 x10: ffff7000011b6f67 x9 : ffffafe566ddb3e4 [ 134.203155] x8 : ffff800008db7b40 x7 : fefefefefefefefe x6 : 0000000000000001 [ 134.203923] x5 : ffffafe56be03000 x4 : dfff800000000000 x3 : 0000000000000000 [ 134.205496] x2 : 0000000000000000 x1 : ffff0000c93e6900 x0 : 0000000000000000 [ 134.206320] Call trace: [ 134.206660] 0x0 [ 134.206952] kunit_try_run_case+0x8c/0x124 [ 134.207469] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 134.208077] kthread+0x15c/0x170 [ 134.208679] ret_from_fork+0x10/0x20 [ 134.209471] Code: bad PC value [ 134.209997] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 132.158616] ================================================================== [ 132.159316] BUG: KFENCE: use-after-free read in test_krealloc+0x3bc/0x454 [ 132.159316] [ 132.160125] Use-after-free read at 0x0000000042142bad (in kfence-#200): [ 132.160795] test_krealloc+0x3bc/0x454 [ 132.161275] kunit_try_run_case+0x8c/0x124 [ 132.161831] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 132.162472] kthread+0x15c/0x170 [ 132.162925] ret_from_fork+0x10/0x20 [ 132.163359] [ 132.163569] kfence-#200: 0x0000000042142bad-0x000000001dfcd44f, size=32, cache=kmalloc-128 [ 132.163569] [ 132.164440] allocated by task 282 on cpu 0 at 132.157187s: [ 132.165121] test_alloc+0x1e8/0x3b4 [ 132.165523] test_krealloc+0xc0/0x454 [ 132.165967] kunit_try_run_case+0x8c/0x124 [ 132.166430] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 132.167029] kthread+0x15c/0x170 [ 132.167439] ret_from_fork+0x10/0x20 [ 132.167877] [ 132.168087] freed by task 282 on cpu 0 at 132.157814s: [ 132.168771] krealloc+0xbc/0x1c0 [ 132.169165] test_krealloc+0x180/0x454 [ 132.169614] kunit_try_run_case+0x8c/0x124 [ 132.170115] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 132.170703] kthread+0x15c/0x170 [ 132.171111] ret_from_fork+0x10/0x20 [ 132.171566] [ 132.171824] CPU: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 132.172591] Hardware name: linux,dummy-virt (DT) [ 132.173055] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 132.069704] ================================================================== [ 132.070391] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x1c0/0x300 [ 132.070391] [ 132.071360] Use-after-free read at 0x000000000c2189ad (in kfence-#199): [ 132.072005] test_memcache_typesafe_by_rcu+0x1c0/0x300 [ 132.072741] kunit_try_run_case+0x8c/0x124 [ 132.073308] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 132.073943] kthread+0x15c/0x170 [ 132.074401] ret_from_fork+0x10/0x20 [ 132.074862] [ 132.075091] kfence-#199: 0x000000000c2189ad-0x00000000c66183ae, size=32, cache=test [ 132.075091] [ 132.075900] allocated by task 281 on cpu 0 at 132.053161s: [ 132.076561] test_alloc+0x1d8/0x3b4 [ 132.076999] test_memcache_typesafe_by_rcu+0x124/0x300 [ 132.077535] kunit_try_run_case+0x8c/0x124 [ 132.078034] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 132.078626] kthread+0x15c/0x170 [ 132.079103] ret_from_fork+0x10/0x20 [ 132.079561] [ 132.079801] freed by task 0 on cpu 0 at 132.068842s: [ 132.081084] rcu_guarded_free+0x34/0x44 [ 132.081519] rcu_core+0x400/0xea0 [ 132.081944] rcu_core_si+0x18/0x2c [ 132.082365] handle_softirqs+0x248/0x680 [ 132.082845] __do_softirq+0x1c/0x28 [ 132.083247] ____do_softirq+0x18/0x24 [ 132.083682] call_on_irq_stack+0x24/0x30 [ 132.084175] do_softirq_own_stack+0x24/0x3c [ 132.084640] __irq_exit_rcu+0xe8/0x140 [ 132.085121] irq_exit_rcu+0x1c/0x50 [ 132.085562] el1_interrupt+0x38/0x5c [ 132.086011] el1h_64_irq_handler+0x18/0x24 [ 132.086451] el1h_64_irq+0x64/0x68 [ 132.086892] arch_local_irq_enable+0xc/0x20 [ 132.087356] default_idle_call+0x78/0x214 [ 132.087912] do_idle+0x31c/0x3a0 [ 132.088328] cpu_startup_entry+0x44/0x4c [ 132.088818] rest_init+0x11c/0x120 [ 132.089223] arch_post_acpi_subsys_init+0x0/0x28 [ 132.089769] start_kernel+0x3b8/0x3f0 [ 132.090236] __primary_switched+0xc0/0xc8 [ 132.090691] [ 132.090956] CPU: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 132.091739] Hardware name: linux,dummy-virt (DT) [ 132.092200] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 114.909239] ================================================================== [ 114.910287] BUG: KFENCE: invalid read in test_invalid_access+0xb4/0x14c [ 114.910287] [ 114.911171] Invalid read at 0x000000003546b7e4: [ 114.911706] test_invalid_access+0xb4/0x14c [ 114.912339] kunit_try_run_case+0x8c/0x124 [ 114.913325] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.913988] kthread+0x15c/0x170 [ 114.914541] ret_from_fork+0x10/0x20 [ 114.915030] [ 114.915341] CPU: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 114.916146] Hardware name: linux,dummy-virt (DT) [ 114.917080] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 114.686406] ================================================================== [ 114.687130] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x138/0x1c0 [ 114.687130] [ 114.687968] Corrupted memory at 0x000000005dcb7963 [ ! . . . . . . . . . . . . . . . ] (in kfence-#195): [ 114.689940] test_kmalloc_aligned_oob_write+0x138/0x1c0 [ 114.690534] kunit_try_run_case+0x8c/0x124 [ 114.691036] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.691659] kthread+0x15c/0x170 [ 114.692127] ret_from_fork+0x10/0x20 [ 114.692579] [ 114.692806] kfence-#195: 0x0000000066cff05c-0x000000000f6d4a99, size=73, cache=kmalloc-128 [ 114.692806] [ 114.693613] allocated by task 276 on cpu 0 at 114.685175s: [ 114.694245] test_alloc+0x1e8/0x3b4 [ 114.694647] test_kmalloc_aligned_oob_write+0xb4/0x1c0 [ 114.695211] kunit_try_run_case+0x8c/0x124 [ 114.695728] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.696358] kthread+0x15c/0x170 [ 114.696777] ret_from_fork+0x10/0x20 [ 114.697239] [ 114.697462] freed by task 276 on cpu 0 at 114.685721s: [ 114.698162] test_kmalloc_aligned_oob_write+0x138/0x1c0 [ 114.698704] kunit_try_run_case+0x8c/0x124 [ 114.699227] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.699837] kthread+0x15c/0x170 [ 114.700234] ret_from_fork+0x10/0x20 [ 114.700684] [ 114.700917] CPU: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 114.701670] Hardware name: linux,dummy-virt (DT) [ 114.702149] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 114.477897] ================================================================== [ 114.478557] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x18c/0x240 [ 114.478557] [ 114.479322] Out-of-bounds read at 0x0000000045916c13 (201B right of kfence-#193): [ 114.479922] test_kmalloc_aligned_oob_read+0x18c/0x240 [ 114.480571] kunit_try_run_case+0x8c/0x124 [ 114.481164] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.481825] kthread+0x15c/0x170 [ 114.482279] ret_from_fork+0x10/0x20 [ 114.482762] [ 114.483010] kfence-#193: 0x00000000f9a1b62a-0x00000000ca863223, size=73, cache=kmalloc-128 [ 114.483010] [ 114.483893] allocated by task 275 on cpu 0 at 114.477249s: [ 114.484616] test_alloc+0x1e8/0x3b4 [ 114.485063] test_kmalloc_aligned_oob_read+0xd4/0x240 [ 114.485629] kunit_try_run_case+0x8c/0x124 [ 114.486228] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 114.486825] kthread+0x15c/0x170 [ 114.487248] ret_from_fork+0x10/0x20 [ 114.487677] [ 114.487918] CPU: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 114.488678] Hardware name: linux,dummy-virt (DT) [ 114.489163] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 110.214485] ================================================================== [ 110.215225] BUG: KFENCE: memory corruption in test_corruption+0x1a4/0x234 [ 110.215225] [ 110.215997] Corrupted memory at 0x000000008ba87987 [ ! ] (in kfence-#152): [ 110.216916] test_corruption+0x1a4/0x234 [ 110.217436] kunit_try_run_case+0x8c/0x124 [ 110.217990] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.218620] kthread+0x15c/0x170 [ 110.219074] ret_from_fork+0x10/0x20 [ 110.219514] [ 110.219722] kfence-#152: 0x000000006d0983b7-0x00000000cebf6ddb, size=32, cache=kmalloc-128 [ 110.219722] [ 110.220541] allocated by task 269 on cpu 0 at 110.213227s: [ 110.221213] test_alloc+0x1e8/0x3b4 [ 110.221616] test_corruption+0x170/0x234 [ 110.222115] kunit_try_run_case+0x8c/0x124 [ 110.222592] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.223193] kthread+0x15c/0x170 [ 110.223629] ret_from_fork+0x10/0x20 [ 110.224091] [ 110.224305] freed by task 269 on cpu 0 at 110.213765s: [ 110.225010] test_corruption+0x1a4/0x234 [ 110.225442] kunit_try_run_case+0x8c/0x124 [ 110.225963] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.226559] kthread+0x15c/0x170 [ 110.227002] ret_from_fork+0x10/0x20 [ 110.227424] [ 110.227651] CPU: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 110.228441] Hardware name: linux,dummy-virt (DT) [ 110.228928] ================================================================== [ 110.422245] ================================================================== [ 110.422982] BUG: KFENCE: memory corruption in test_corruption+0x108/0x234 [ 110.422982] [ 110.423688] Corrupted memory at 0x00000000911b3aef [ ! . . . . . . . . . . . . . . . ] (in kfence-#154): [ 110.425645] test_corruption+0x108/0x234 [ 110.426131] kunit_try_run_case+0x8c/0x124 [ 110.426648] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.427252] kthread+0x15c/0x170 [ 110.427671] ret_from_fork+0x10/0x20 [ 110.428138] [ 110.428355] kfence-#154: 0x00000000b07dd599-0x0000000040f2daa4, size=32, cache=test [ 110.428355] [ 110.429192] allocated by task 270 on cpu 0 at 110.421523s: [ 110.429810] test_alloc+0x1d8/0x3b4 [ 110.430261] test_corruption+0xdc/0x234 [ 110.430687] kunit_try_run_case+0x8c/0x124 [ 110.431164] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.431740] kthread+0x15c/0x170 [ 110.432173] ret_from_fork+0x10/0x20 [ 110.432641] [ 110.432878] freed by task 270 on cpu 0 at 110.422034s: [ 110.433538] test_corruption+0x108/0x234 [ 110.433974] kunit_try_run_case+0x8c/0x124 [ 110.434449] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.435092] kthread+0x15c/0x170 [ 110.435537] ret_from_fork+0x10/0x20 [ 110.435967] [ 110.436203] CPU: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 110.436983] Hardware name: linux,dummy-virt (DT) [ 110.437435] ================================================================== [ 110.838471] ================================================================== [ 110.839199] BUG: KFENCE: memory corruption in test_corruption+0x198/0x234 [ 110.839199] [ 110.839964] Corrupted memory at 0x00000000e1c5d8af [ ! ] (in kfence-#158): [ 110.840880] test_corruption+0x198/0x234 [ 110.841353] kunit_try_run_case+0x8c/0x124 [ 110.841911] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.842513] kthread+0x15c/0x170 [ 110.842930] ret_from_fork+0x10/0x20 [ 110.843365] [ 110.843601] kfence-#158: 0x000000000e3969ee-0x000000008d45ba9b, size=32, cache=test [ 110.843601] [ 110.844419] allocated by task 270 on cpu 0 at 110.837303s: [ 110.845056] test_alloc+0x1d8/0x3b4 [ 110.845479] test_corruption+0x170/0x234 [ 110.845926] kunit_try_run_case+0x8c/0x124 [ 110.846420] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.847019] kthread+0x15c/0x170 [ 110.847452] ret_from_fork+0x10/0x20 [ 110.847882] [ 110.848093] freed by task 270 on cpu 0 at 110.837820s: [ 110.848771] test_corruption+0x198/0x234 [ 110.849203] kunit_try_run_case+0x8c/0x124 [ 110.849711] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.850323] kthread+0x15c/0x170 [ 110.850774] ret_from_fork+0x10/0x20 [ 110.851193] [ 110.851418] CPU: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 110.852180] Hardware name: linux,dummy-virt (DT) [ 110.852656] ================================================================== [ 110.110147] ================================================================== [ 110.110830] BUG: KFENCE: memory corruption in test_corruption+0x114/0x234 [ 110.110830] [ 110.111531] Corrupted memory at 0x000000004a5e6d59 [ ! . . . . . . . . . . . . . . . ] (in kfence-#151): [ 110.114051] test_corruption+0x114/0x234 [ 110.114533] kunit_try_run_case+0x8c/0x124 [ 110.115047] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.115643] kthread+0x15c/0x170 [ 110.116140] ret_from_fork+0x10/0x20 [ 110.116568] [ 110.116805] kfence-#151: 0x000000009f9db701-0x00000000077d506b, size=32, cache=kmalloc-128 [ 110.116805] [ 110.117615] allocated by task 269 on cpu 0 at 110.109280s: [ 110.118307] test_alloc+0x1e8/0x3b4 [ 110.118696] test_corruption+0xdc/0x234 [ 110.119172] kunit_try_run_case+0x8c/0x124 [ 110.119653] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.120261] kthread+0x15c/0x170 [ 110.120685] ret_from_fork+0x10/0x20 [ 110.121148] [ 110.121371] freed by task 269 on cpu 0 at 110.109832s: [ 110.122057] test_corruption+0x114/0x234 [ 110.122495] kunit_try_run_case+0x8c/0x124 [ 110.122979] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 110.123572] kthread+0x15c/0x170 [ 110.123983] ret_from_fork+0x10/0x20 [ 110.124404] [ 110.124648] CPU: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 110.125397] Hardware name: linux,dummy-virt (DT) [ 110.125877] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 109.901907] ================================================================== [ 109.902605] BUG: KFENCE: invalid free in test_invalid_addr_free+0xf8/0x1b0 [ 109.902605] [ 109.903341] Invalid free of 0x000000006771c65b (in kfence-#149): [ 109.903975] test_invalid_addr_free+0xf8/0x1b0 [ 109.904467] kunit_try_run_case+0x8c/0x124 [ 109.905060] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.905697] kthread+0x15c/0x170 [ 109.906121] ret_from_fork+0x10/0x20 [ 109.906550] [ 109.906820] kfence-#149: 0x0000000099b9122f-0x00000000f4f5632f, size=32, cache=test [ 109.906820] [ 109.907630] allocated by task 268 on cpu 1 at 109.901221s: [ 109.908272] test_alloc+0x1d8/0x3b4 [ 109.908723] test_invalid_addr_free+0xe0/0x1b0 [ 109.909218] kunit_try_run_case+0x8c/0x124 [ 109.909736] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.910362] kthread+0x15c/0x170 [ 109.910817] ret_from_fork+0x10/0x20 [ 109.911268] [ 109.911502] CPU: 1 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.912263] Hardware name: linux,dummy-virt (DT) [ 109.912721] ================================================================== [ 109.797906] ================================================================== [ 109.798585] BUG: KFENCE: invalid free in test_invalid_addr_free+0x104/0x1b0 [ 109.798585] [ 109.799381] Invalid free of 0x0000000039afe6cc (in kfence-#148): [ 109.799945] test_invalid_addr_free+0x104/0x1b0 [ 109.800520] kunit_try_run_case+0x8c/0x124 [ 109.801102] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.801689] kthread+0x15c/0x170 [ 109.802140] ret_from_fork+0x10/0x20 [ 109.802601] [ 109.802843] kfence-#148: 0x00000000e60586af-0x00000000c748a6c0, size=32, cache=kmalloc-128 [ 109.802843] [ 109.803687] allocated by task 267 on cpu 1 at 109.797156s: [ 109.804352] test_alloc+0x1e8/0x3b4 [ 109.804787] test_invalid_addr_free+0xe0/0x1b0 [ 109.805269] kunit_try_run_case+0x8c/0x124 [ 109.805777] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.806361] kthread+0x15c/0x170 [ 109.806805] ret_from_fork+0x10/0x20 [ 109.807246] [ 109.807504] CPU: 1 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.808295] Hardware name: linux,dummy-virt (DT) [ 109.808737] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 109.590436] ================================================================== [ 109.591084] BUG: KFENCE: invalid free in test_double_free+0x120/0x1b0 [ 109.591084] [ 109.591721] Invalid free of 0x000000003906e69e (in kfence-#146): [ 109.592868] test_double_free+0x120/0x1b0 [ 109.593366] kunit_try_run_case+0x8c/0x124 [ 109.593900] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.594570] kthread+0x15c/0x170 [ 109.595040] ret_from_fork+0x10/0x20 [ 109.595505] [ 109.595768] kfence-#146: 0x000000003906e69e-0x000000008c5e567e, size=32, cache=kmalloc-128 [ 109.595768] [ 109.596597] allocated by task 265 on cpu 0 at 109.589096s: [ 109.597274] test_alloc+0x1e8/0x3b4 [ 109.597673] test_double_free+0xe0/0x1b0 [ 109.598159] kunit_try_run_case+0x8c/0x124 [ 109.598631] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.599221] kthread+0x15c/0x170 [ 109.599632] ret_from_fork+0x10/0x20 [ 109.600069] [ 109.600282] freed by task 265 on cpu 0 at 109.589618s: [ 109.600981] test_double_free+0x104/0x1b0 [ 109.601424] kunit_try_run_case+0x8c/0x124 [ 109.601948] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.602544] kthread+0x15c/0x170 [ 109.603005] ret_from_fork+0x10/0x20 [ 109.603453] [ 109.603690] CPU: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.604449] Hardware name: linux,dummy-virt (DT) [ 109.604926] ================================================================== [ 109.694450] ================================================================== [ 109.695195] BUG: KFENCE: invalid free in test_double_free+0x114/0x1b0 [ 109.695195] [ 109.695997] Invalid free of 0x000000009b89da6e (in kfence-#147): [ 109.696653] test_double_free+0x114/0x1b0 [ 109.697299] kunit_try_run_case+0x8c/0x124 [ 109.697856] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.698460] kthread+0x15c/0x170 [ 109.698913] ret_from_fork+0x10/0x20 [ 109.699416] [ 109.699630] kfence-#147: 0x000000009b89da6e-0x00000000fae13731, size=32, cache=test [ 109.699630] [ 109.700436] allocated by task 266 on cpu 0 at 109.693219s: [ 109.701063] test_alloc+0x1d8/0x3b4 [ 109.701503] test_double_free+0xe0/0x1b0 [ 109.701937] kunit_try_run_case+0x8c/0x124 [ 109.702451] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.703046] kthread+0x15c/0x170 [ 109.703446] ret_from_fork+0x10/0x20 [ 109.703914] [ 109.704136] freed by task 266 on cpu 0 at 109.693731s: [ 109.704790] test_double_free+0xfc/0x1b0 [ 109.705224] kunit_try_run_case+0x8c/0x124 [ 109.705735] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.706342] kthread+0x15c/0x170 [ 109.706752] ret_from_fork+0x10/0x20 [ 109.707217] [ 109.707467] CPU: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.708225] Hardware name: linux,dummy-virt (DT) [ 109.708710] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 109.382310] ================================================================== [ 109.383115] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x10c/0x1a0 [ 109.383115] [ 109.384038] Use-after-free read at 0x00000000abb0795d (in kfence-#144): [ 109.384713] test_use_after_free_read+0x10c/0x1a0 [ 109.385377] kunit_try_run_case+0x8c/0x124 [ 109.385908] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.386528] kthread+0x15c/0x170 [ 109.386978] ret_from_fork+0x10/0x20 [ 109.387414] [ 109.387640] kfence-#144: 0x00000000abb0795d-0x00000000339a965f, size=32, cache=kmalloc-128 [ 109.387640] [ 109.388455] allocated by task 263 on cpu 1 at 109.381175s: [ 109.389136] test_alloc+0x1e8/0x3b4 [ 109.389520] test_use_after_free_read+0xdc/0x1a0 [ 109.390029] kunit_try_run_case+0x8c/0x124 [ 109.390500] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.391117] kthread+0x15c/0x170 [ 109.391544] ret_from_fork+0x10/0x20 [ 109.391963] [ 109.392196] freed by task 263 on cpu 1 at 109.381704s: [ 109.392871] test_use_after_free_read+0x104/0x1a0 [ 109.393366] kunit_try_run_case+0x8c/0x124 [ 109.393853] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.394434] kthread+0x15c/0x170 [ 109.394876] ret_from_fork+0x10/0x20 [ 109.395293] [ 109.395531] CPU: 1 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.396285] Hardware name: linux,dummy-virt (DT) [ 109.396727] ================================================================== [ 109.486270] ================================================================== [ 109.487003] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x10c/0x1a0 [ 109.487003] [ 109.487884] Use-after-free read at 0x000000008f8528c3 (in kfence-#145): [ 109.488558] test_use_after_free_read+0x10c/0x1a0 [ 109.489093] kunit_try_run_case+0x8c/0x124 [ 109.489583] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.490186] kthread+0x15c/0x170 [ 109.490608] ret_from_fork+0x10/0x20 [ 109.491053] [ 109.491270] kfence-#145: 0x000000008f8528c3-0x000000007223424f, size=32, cache=test [ 109.491270] [ 109.492085] allocated by task 264 on cpu 1 at 109.485170s: [ 109.492715] test_alloc+0x1d8/0x3b4 [ 109.493160] test_use_after_free_read+0xdc/0x1a0 [ 109.493637] kunit_try_run_case+0x8c/0x124 [ 109.494124] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.494703] kthread+0x15c/0x170 [ 109.495124] ret_from_fork+0x10/0x20 [ 109.495573] [ 109.495802] freed by task 264 on cpu 1 at 109.485673s: [ 109.496493] test_use_after_free_read+0xfc/0x1a0 [ 109.497011] kunit_try_run_case+0x8c/0x124 [ 109.497473] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.498075] kthread+0x15c/0x170 [ 109.498478] ret_from_fork+0x10/0x20 [ 109.498950] [ 109.499193] CPU: 1 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.499941] Hardware name: linux,dummy-virt (DT) [ 109.500392] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 109.070168] ================================================================== [ 109.070827] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xe8/0x19c [ 109.070827] [ 109.071536] Out-of-bounds write at 0x0000000084613f02 (1B left of kfence-#141): [ 109.072113] test_out_of_bounds_write+0xe8/0x19c [ 109.072770] kunit_try_run_case+0x8c/0x124 [ 109.073437] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.074120] kthread+0x15c/0x170 [ 109.074541] ret_from_fork+0x10/0x20 [ 109.074996] [ 109.075247] kfence-#141: 0x00000000a9ce6219-0x000000001531dffa, size=32, cache=kmalloc-128 [ 109.075247] [ 109.076099] allocated by task 261 on cpu 1 at 109.069569s: [ 109.076794] test_alloc+0x1e8/0x3b4 [ 109.077190] test_out_of_bounds_write+0xd4/0x19c [ 109.077691] kunit_try_run_case+0x8c/0x124 [ 109.078180] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.078800] kthread+0x15c/0x170 [ 109.079213] ret_from_fork+0x10/0x20 [ 109.079625] [ 109.079891] CPU: 1 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.080688] Hardware name: linux,dummy-virt (DT) [ 109.081167] ================================================================== [ 109.277816] ================================================================== [ 109.278460] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xe8/0x19c [ 109.278460] [ 109.279566] Out-of-bounds write at 0x00000000b0ef18ae (1B left of kfence-#143): [ 109.280251] test_out_of_bounds_write+0xe8/0x19c [ 109.280841] kunit_try_run_case+0x8c/0x124 [ 109.281415] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.282064] kthread+0x15c/0x170 [ 109.282480] ret_from_fork+0x10/0x20 [ 109.282923] [ 109.283143] kfence-#143: 0x00000000c8a5721b-0x000000003217a809, size=32, cache=test [ 109.283143] [ 109.283978] allocated by task 262 on cpu 0 at 109.277255s: [ 109.284598] test_alloc+0x1d8/0x3b4 [ 109.285011] test_out_of_bounds_write+0xd4/0x19c [ 109.285524] kunit_try_run_case+0x8c/0x124 [ 109.285997] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 109.286594] kthread+0x15c/0x170 [ 109.287011] ret_from_fork+0x10/0x20 [ 109.287472] [ 109.287714] CPU: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 109.288487] Hardware name: linux,dummy-virt (DT) [ 109.288952] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 108.133904] ================================================================== [ 108.134596] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x254 [ 108.134596] [ 108.135644] Out-of-bounds read at 0x00000000200489cb (1B left of kfence-#132): [ 108.136550] test_out_of_bounds_read+0x114/0x254 [ 108.137282] kunit_try_run_case+0x8c/0x124 [ 108.137781] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.138378] kthread+0x15c/0x170 [ 108.138841] ret_from_fork+0x10/0x20 [ 108.139267] [ 108.139499] kfence-#132: 0x00000000f80d9385-0x00000000c38895a8, size=128, cache=kmalloc-128 [ 108.139499] [ 108.140356] allocated by task 259 on cpu 0 at 108.133150s: [ 108.141023] test_alloc+0x1e8/0x3b4 [ 108.141430] test_out_of_bounds_read+0x104/0x254 [ 108.141944] kunit_try_run_case+0x8c/0x124 [ 108.142439] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.143041] kthread+0x15c/0x170 [ 108.143479] ret_from_fork+0x10/0x20 [ 108.143932] [ 108.144190] CPU: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.144968] Hardware name: linux,dummy-virt (DT) [ 108.145417] ================================================================== [ 108.653728] ================================================================== [ 108.654430] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x254 [ 108.654430] [ 108.655292] Out-of-bounds read at 0x0000000073ff6230 (1B left of kfence-#137): [ 108.655992] test_out_of_bounds_read+0x114/0x254 [ 108.656563] kunit_try_run_case+0x8c/0x124 [ 108.657129] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.657795] kthread+0x15c/0x170 [ 108.658212] ret_from_fork+0x10/0x20 [ 108.658688] [ 108.658938] kfence-#137: 0x00000000a76bb786-0x000000009b13b413, size=32, cache=test [ 108.658938] [ 108.659759] allocated by task 260 on cpu 0 at 108.653186s: [ 108.660455] test_alloc+0x1d8/0x3b4 [ 108.660915] test_out_of_bounds_read+0x104/0x254 [ 108.661403] kunit_try_run_case+0x8c/0x124 [ 108.661934] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.662518] kthread+0x15c/0x170 [ 108.662939] ret_from_fork+0x10/0x20 [ 108.663370] [ 108.663620] CPU: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.664408] Hardware name: linux,dummy-virt (DT) [ 108.664909] ================================================================== [ 108.341814] ================================================================== [ 108.342521] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1a0/0x254 [ 108.342521] [ 108.343428] Out-of-bounds read at 0x000000004ca02042 (128B right of kfence-#134): [ 108.344193] test_out_of_bounds_read+0x1a0/0x254 [ 108.344781] kunit_try_run_case+0x8c/0x124 [ 108.345350] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.345971] kthread+0x15c/0x170 [ 108.346382] ret_from_fork+0x10/0x20 [ 108.346864] [ 108.347091] kfence-#134: 0x000000000ad13016-0x0000000075f5b4d0, size=128, cache=kmalloc-128 [ 108.347091] [ 108.347927] allocated by task 259 on cpu 0 at 108.341171s: [ 108.348588] test_alloc+0x1e8/0x3b4 [ 108.348996] test_out_of_bounds_read+0x190/0x254 [ 108.349488] kunit_try_run_case+0x8c/0x124 [ 108.349989] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.350570] kthread+0x15c/0x170 [ 108.351017] ret_from_fork+0x10/0x20 [ 108.351439] [ 108.351692] CPU: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.352477] Hardware name: linux,dummy-virt (DT) [ 108.352946] ================================================================== [ 108.757786] ================================================================== [ 108.758493] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1a0/0x254 [ 108.758493] [ 108.759362] Out-of-bounds read at 0x000000002089b208 (32B right of kfence-#138): [ 108.760085] test_out_of_bounds_read+0x1a0/0x254 [ 108.760670] kunit_try_run_case+0x8c/0x124 [ 108.761223] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.761861] kthread+0x15c/0x170 [ 108.762288] ret_from_fork+0x10/0x20 [ 108.762721] [ 108.762982] kfence-#138: 0x0000000034fd4c21-0x00000000f65eae12, size=32, cache=test [ 108.762982] [ 108.763809] allocated by task 260 on cpu 0 at 108.757236s: [ 108.764444] test_alloc+0x1d8/0x3b4 [ 108.764870] test_out_of_bounds_read+0x190/0x254 [ 108.765377] kunit_try_run_case+0x8c/0x124 [ 108.765887] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.766516] kthread+0x15c/0x170 [ 108.766935] ret_from_fork+0x10/0x20 [ 108.767353] [ 108.767603] CPU: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.768421] Hardware name: linux,dummy-virt (DT) [ 108.768888] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-ksize_uaf
[ 106.830549] ================================================================== [ 106.832072] BUG: KFENCE: use-after-free read in ksize_uaf+0xe8/0x330 [ 106.832072] [ 106.833159] Use-after-free read at 0x000000003a195194 (in kfence-#125): [ 106.833776] ksize_uaf+0xe8/0x330 [ 106.834276] kunit_try_run_case+0x8c/0x124 [ 106.834796] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.835355] kthread+0x15c/0x170 [ 106.835815] ret_from_fork+0x10/0x20 [ 106.836243] [ 106.836829] kfence-#125: 0x000000003a195194-0x000000004805e587, size=120, cache=kmalloc-128 [ 106.836829] [ 106.837684] allocated by task 242 on cpu 1 at 106.825393s: [ 106.838842] __kmem_cache_alloc_node+0x2dc/0x32c [ 106.839341] kmalloc_trace+0x58/0x150 [ 106.839788] ksize_uaf+0x9c/0x330 [ 106.840205] kunit_try_run_case+0x8c/0x124 [ 106.840877] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.841466] kthread+0x15c/0x170 [ 106.841895] ret_from_fork+0x10/0x20 [ 106.842325] [ 106.842585] freed by task 242 on cpu 1 at 106.825894s: [ 106.843299] ksize_uaf+0xbc/0x330 [ 106.843716] kunit_try_run_case+0x8c/0x124 [ 106.844198] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.845003] kthread+0x15c/0x170 [ 106.845402] ret_from_fork+0x10/0x20 [ 106.845871] [ 106.846109] CPU: 1 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.846866] Hardware name: linux,dummy-virt (DT) [ 106.847305] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 108.035690] ================================================================== [ 108.036307] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xe8/0x310 [ 108.037221] Read of size 1 at addr ffff8000080fb7f8 by task kunit_try_catch/253 [ 108.038112] [ 108.038456] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.039259] Hardware name: linux,dummy-virt (DT) [ 108.039783] Call trace: [ 108.040158] dump_backtrace+0xe0/0x134 [ 108.040798] show_stack+0x20/0x2c [ 108.041296] dump_stack_lvl+0x88/0xb4 [ 108.041884] print_report+0x158/0x44c [ 108.042373] kasan_report+0xc8/0x180 [ 108.042795] __asan_load1+0x68/0x74 [ 108.043227] vmalloc_oob+0xe8/0x310 [ 108.043647] kunit_try_run_case+0x8c/0x124 [ 108.044142] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.044724] kthread+0x15c/0x170 [ 108.045193] ret_from_fork+0x10/0x20 [ 108.045623] [ 108.045848] The buggy address ffff8000080fb7f8 belongs to a vmalloc virtual mapping [ 108.046462] The buggy address belongs to the physical page: [ 108.046953] page:00000000a9d5ccdc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c1 [ 108.047665] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 108.048275] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 108.048971] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 108.049840] page dumped because: kasan: bad access detected [ 108.050308] [ 108.050506] Memory state around the buggy address: [ 108.051226] ffff8000080fb680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.051945] ffff8000080fb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.052762] >ffff8000080fb780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 108.053653] ^ [ 108.054345] ffff8000080fb800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.055088] ffff8000080fb880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.055725] ================================================================== [ 108.010509] ================================================================== [ 108.012292] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xc8/0x310 [ 108.014214] Read of size 1 at addr ffff8000080fb7f3 by task kunit_try_catch/253 [ 108.015099] [ 108.015311] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 108.015976] Hardware name: linux,dummy-virt (DT) [ 108.016780] Call trace: [ 108.017113] dump_backtrace+0xe0/0x134 [ 108.017606] show_stack+0x20/0x2c [ 108.018032] dump_stack_lvl+0x88/0xb4 [ 108.018520] print_report+0x158/0x44c [ 108.019028] kasan_report+0xc8/0x180 [ 108.019476] __asan_load1+0x68/0x74 [ 108.019931] vmalloc_oob+0xc8/0x310 [ 108.020407] kunit_try_run_case+0x8c/0x124 [ 108.021107] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 108.021722] kthread+0x15c/0x170 [ 108.022183] ret_from_fork+0x10/0x20 [ 108.022661] [ 108.022908] The buggy address ffff8000080fb7f3 belongs to a vmalloc virtual mapping [ 108.023557] The buggy address belongs to the physical page: [ 108.024074] page:00000000a9d5ccdc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c1 [ 108.025050] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 108.025737] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 108.026403] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 108.027063] page dumped because: kasan: bad access detected [ 108.027567] [ 108.027792] Memory state around the buggy address: [ 108.028274] ffff8000080fb680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.028977] ffff8000080fb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.030857] >ffff8000080fb780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 108.031441] ^ [ 108.032095] ffff8000080fb800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.033058] ffff8000080fb880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.033672] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-__kmem_cache_free
[ 107.963370] ================================================================== [ 107.963915] BUG: KASAN: double-free in __kmem_cache_free+0x15c/0x2a0 [ 107.964579] Free of addr ffff0000c66abb00 by task kunit_try_catch/251 [ 107.965328] [ 107.965563] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.966319] Hardware name: linux,dummy-virt (DT) [ 107.966793] Call trace: [ 107.967104] dump_backtrace+0xe0/0x134 [ 107.967551] show_stack+0x20/0x2c [ 107.968266] dump_stack_lvl+0x88/0xb4 [ 107.968928] print_report+0x158/0x44c [ 107.969314] kasan_report_invalid_free+0xa8/0x13c [ 107.969823] __kasan_slab_free+0x134/0x170 [ 107.970272] slab_free_freelist_hook+0xd8/0x1c0 [ 107.970768] __kmem_cache_free+0x15c/0x2a0 [ 107.971230] kfree+0x88/0x150 [ 107.971601] kfree_sensitive+0x2c/0x64 [ 107.972068] kmalloc_double_kzfree+0xcc/0x1e0 [ 107.972768] kunit_try_run_case+0x8c/0x124 [ 107.973248] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.973806] kthread+0x15c/0x170 [ 107.974202] ret_from_fork+0x10/0x20 [ 107.974644] [ 107.974861] Allocated by task 251: [ 107.975236] kasan_save_stack+0x3c/0x70 [ 107.975654] kasan_set_track+0x2c/0x40 [ 107.976117] kasan_save_alloc_info+0x24/0x34 [ 107.976791] __kasan_kmalloc+0xd4/0xe0 [ 107.977220] kmalloc_trace+0x8c/0x150 [ 107.977659] kmalloc_double_kzfree+0x9c/0x1e0 [ 107.978137] kunit_try_run_case+0x8c/0x124 [ 107.978585] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.979143] kthread+0x15c/0x170 [ 107.979534] ret_from_fork+0x10/0x20 [ 107.979972] [ 107.980163] Freed by task 251: [ 107.980692] kasan_save_stack+0x3c/0x70 [ 107.981152] kasan_set_track+0x2c/0x40 [ 107.981598] kasan_save_free_info+0x38/0x5c [ 107.982101] __kasan_slab_free+0x100/0x170 [ 107.982567] slab_free_freelist_hook+0xd8/0x1c0 [ 107.983066] __kmem_cache_free+0x15c/0x2a0 [ 107.983528] kfree+0x88/0x150 [ 107.983922] kfree_sensitive+0x54/0x64 [ 107.984379] kmalloc_double_kzfree+0xbc/0x1e0 [ 107.984895] kunit_try_run_case+0x8c/0x124 [ 107.985379] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.985944] kthread+0x15c/0x170 [ 107.986400] ret_from_fork+0x10/0x20 [ 107.987898] [ 107.988415] The buggy address belongs to the object at ffff0000c66abb00 [ 107.988415] which belongs to the cache kmalloc-128 of size 128 [ 107.989625] The buggy address is located 0 bytes inside of [ 107.989625] 128-byte region [ffff0000c66abb00, ffff0000c66abb80) [ 107.990610] [ 107.990880] The buggy address belongs to the physical page: [ 107.991410] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.992274] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.993215] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.993897] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.994534] page dumped because: kasan: bad access detected [ 107.994930] [ 107.995117] Memory state around the buggy address: [ 107.995487] ffff0000c66aba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.996274] ffff0000c66aba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.997320] >ffff0000c66abb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.998215] ^ [ 107.998726] ffff0000c66abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.999635] ffff0000c66abc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 108.000539] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kfree_sensitive
[ 107.927611] ================================================================== [ 107.928799] BUG: KASAN: use-after-free in kfree_sensitive+0x20/0x64 [ 107.929402] Read of size 1 at addr ffff0000c66abb00 by task kunit_try_catch/251 [ 107.930010] [ 107.930232] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.930967] Hardware name: linux,dummy-virt (DT) [ 107.931421] Call trace: [ 107.931687] dump_backtrace+0xe0/0x134 [ 107.932126] show_stack+0x20/0x2c [ 107.932578] dump_stack_lvl+0x88/0xb4 [ 107.933094] print_report+0x158/0x44c [ 107.933510] kasan_report+0xc8/0x180 [ 107.933928] __kasan_check_byte+0x54/0x70 [ 107.934384] ksize+0x44/0xb0 [ 107.934783] kfree_sensitive+0x20/0x64 [ 107.935258] kmalloc_double_kzfree+0xcc/0x1e0 [ 107.935750] kunit_try_run_case+0x8c/0x124 [ 107.936215] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.937010] kthread+0x15c/0x170 [ 107.937413] ret_from_fork+0x10/0x20 [ 107.937826] [ 107.938043] Allocated by task 251: [ 107.938390] kasan_save_stack+0x3c/0x70 [ 107.938851] kasan_set_track+0x2c/0x40 [ 107.939259] kasan_save_alloc_info+0x24/0x34 [ 107.939724] __kasan_kmalloc+0xd4/0xe0 [ 107.940132] kmalloc_trace+0x8c/0x150 [ 107.940734] kmalloc_double_kzfree+0x9c/0x1e0 [ 107.941246] kunit_try_run_case+0x8c/0x124 [ 107.941730] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.942351] kthread+0x15c/0x170 [ 107.942807] ret_from_fork+0x10/0x20 [ 107.943200] [ 107.943424] Freed by task 251: [ 107.943754] kasan_save_stack+0x3c/0x70 [ 107.944226] kasan_set_track+0x2c/0x40 [ 107.944873] kasan_save_free_info+0x38/0x5c [ 107.945389] __kasan_slab_free+0x100/0x170 [ 107.945825] slab_free_freelist_hook+0xd8/0x1c0 [ 107.946237] __kmem_cache_free+0x15c/0x2a0 [ 107.946767] kfree+0x88/0x150 [ 107.947196] kfree_sensitive+0x54/0x64 [ 107.947671] kmalloc_double_kzfree+0xbc/0x1e0 [ 107.948233] kunit_try_run_case+0x8c/0x124 [ 107.948779] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.949406] kthread+0x15c/0x170 [ 107.949833] ret_from_fork+0x10/0x20 [ 107.950307] [ 107.950559] The buggy address belongs to the object at ffff0000c66abb00 [ 107.950559] which belongs to the cache kmalloc-128 of size 128 [ 107.951730] The buggy address is located 0 bytes inside of [ 107.951730] 128-byte region [ffff0000c66abb00, ffff0000c66abb80) [ 107.953058] [ 107.953294] The buggy address belongs to the physical page: [ 107.953766] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.954551] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.955279] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.955978] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.956933] page dumped because: kasan: bad access detected [ 107.957391] [ 107.957600] Memory state around the buggy address: [ 107.958073] ffff0000c66aba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.959065] ffff0000c66aba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.959658] >ffff0000c66abb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.960348] ^ [ 107.960871] ffff0000c66abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.961674] ffff0000c66abc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.962269] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 107.866979] ================================================================== [ 107.867550] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1e4/0x770 [ 107.868419] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.869112] [ 107.869331] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.870085] Hardware name: linux,dummy-virt (DT) [ 107.870481] Call trace: [ 107.870785] dump_backtrace+0xe0/0x134 [ 107.871200] show_stack+0x20/0x2c [ 107.871590] dump_stack_lvl+0x88/0xb4 [ 107.872071] print_report+0x158/0x44c [ 107.872477] kasan_report+0xc8/0x180 [ 107.872907] __asan_load8+0x80/0xac [ 107.873310] kasan_bitops_test_and_modify.constprop.0+0x1e4/0x770 [ 107.873927] kasan_bitops_generic+0xc0/0x140 [ 107.874370] kunit_try_run_case+0x8c/0x124 [ 107.874881] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.875435] kthread+0x15c/0x170 [ 107.875842] ret_from_fork+0x10/0x20 [ 107.876290] [ 107.876492] Allocated by task 249: [ 107.876840] kasan_save_stack+0x3c/0x70 [ 107.877328] kasan_set_track+0x2c/0x40 [ 107.877729] kasan_save_alloc_info+0x24/0x34 [ 107.878218] __kasan_kmalloc+0xd4/0xe0 [ 107.878619] kmalloc_trace+0x8c/0x150 [ 107.879057] kasan_bitops_generic+0x98/0x140 [ 107.879522] kunit_try_run_case+0x8c/0x124 [ 107.880008] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.880579] kthread+0x15c/0x170 [ 107.881016] ret_from_fork+0x10/0x20 [ 107.881450] [ 107.881686] The buggy address belongs to the object at ffff0000c66ab600 [ 107.881686] which belongs to the cache kmalloc-128 of size 128 [ 107.882635] The buggy address is located 8 bytes inside of [ 107.882635] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.883550] [ 107.883787] The buggy address belongs to the physical page: [ 107.884265] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.885056] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.885736] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.886396] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.887035] page dumped because: kasan: bad access detected [ 107.887512] [ 107.887715] Memory state around the buggy address: [ 107.888146] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.888803] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.889413] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.890010] ^ [ 107.890375] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.890999] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.891601] ================================================================== [ 107.812051] ================================================================== [ 107.812918] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x190/0x770 [ 107.813711] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.814305] [ 107.814513] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.815192] Hardware name: linux,dummy-virt (DT) [ 107.815619] Call trace: [ 107.815897] dump_backtrace+0xe0/0x134 [ 107.816357] show_stack+0x20/0x2c [ 107.816795] dump_stack_lvl+0x88/0xb4 [ 107.817231] print_report+0x158/0x44c [ 107.817641] kasan_report+0xc8/0x180 [ 107.818089] kasan_check_range+0xe4/0x190 [ 107.818522] __kasan_check_write+0x28/0x3c [ 107.819034] kasan_bitops_test_and_modify.constprop.0+0x190/0x770 [ 107.819605] kasan_bitops_generic+0xc0/0x140 [ 107.820066] kunit_try_run_case+0x8c/0x124 [ 107.821226] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.821765] kthread+0x15c/0x170 [ 107.822386] ret_from_fork+0x10/0x20 [ 107.822853] [ 107.823054] Allocated by task 249: [ 107.823372] kasan_save_stack+0x3c/0x70 [ 107.823862] kasan_set_track+0x2c/0x40 [ 107.824350] kasan_save_alloc_info+0x24/0x34 [ 107.824897] __kasan_kmalloc+0xd4/0xe0 [ 107.825378] kmalloc_trace+0x8c/0x150 [ 107.825805] kasan_bitops_generic+0x98/0x140 [ 107.826282] kunit_try_run_case+0x8c/0x124 [ 107.826758] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.827330] kthread+0x15c/0x170 [ 107.827820] ret_from_fork+0x10/0x20 [ 107.828233] [ 107.828469] The buggy address belongs to the object at ffff0000c66ab600 [ 107.828469] which belongs to the cache kmalloc-128 of size 128 [ 107.829546] The buggy address is located 8 bytes inside of [ 107.829546] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.830606] [ 107.830922] The buggy address belongs to the physical page: [ 107.831495] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.832379] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.833235] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.833983] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.834585] page dumped because: kasan: bad access detected [ 107.835158] [ 107.835355] Memory state around the buggy address: [ 107.836004] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.836606] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.837309] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.837996] ^ [ 107.838447] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.839150] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.839817] ================================================================== [ 107.683027] ================================================================== [ 107.683543] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xcc/0x770 [ 107.684482] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.685111] [ 107.685361] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.686047] Hardware name: linux,dummy-virt (DT) [ 107.686516] Call trace: [ 107.686799] dump_backtrace+0xe0/0x134 [ 107.687213] show_stack+0x20/0x2c [ 107.687607] dump_stack_lvl+0x88/0xb4 [ 107.688115] print_report+0x158/0x44c [ 107.688527] kasan_report+0xc8/0x180 [ 107.688968] __asan_load8+0x80/0xac [ 107.689382] kasan_bitops_test_and_modify.constprop.0+0xcc/0x770 [ 107.689997] kasan_bitops_generic+0xc0/0x140 [ 107.690454] kunit_try_run_case+0x8c/0x124 [ 107.690905] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.691499] kthread+0x15c/0x170 [ 107.691912] ret_from_fork+0x10/0x20 [ 107.692313] [ 107.692515] Allocated by task 249: [ 107.692851] kasan_save_stack+0x3c/0x70 [ 107.693277] kasan_set_track+0x2c/0x40 [ 107.693714] kasan_save_alloc_info+0x24/0x34 [ 107.694194] __kasan_kmalloc+0xd4/0xe0 [ 107.694635] kmalloc_trace+0x8c/0x150 [ 107.695080] kasan_bitops_generic+0x98/0x140 [ 107.695536] kunit_try_run_case+0x8c/0x124 [ 107.695993] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.696583] kthread+0x15c/0x170 [ 107.697026] ret_from_fork+0x10/0x20 [ 107.697415] [ 107.697614] The buggy address belongs to the object at ffff0000c66ab600 [ 107.697614] which belongs to the cache kmalloc-128 of size 128 [ 107.698541] The buggy address is located 8 bytes inside of [ 107.698541] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.699425] [ 107.699651] The buggy address belongs to the physical page: [ 107.700133] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.700894] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.701580] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.702222] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.702820] page dumped because: kasan: bad access detected [ 107.703289] [ 107.703503] Memory state around the buggy address: [ 107.703916] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.704552] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.705178] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.705774] ^ [ 107.706132] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.706762] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.707342] ================================================================== [ 107.708564] ================================================================== [ 107.709170] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xf8/0x770 [ 107.710042] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.710637] [ 107.710860] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.711588] Hardware name: linux,dummy-virt (DT) [ 107.712023] Call trace: [ 107.712288] dump_backtrace+0xe0/0x134 [ 107.712718] show_stack+0x20/0x2c [ 107.713123] dump_stack_lvl+0x88/0xb4 [ 107.713584] print_report+0x158/0x44c [ 107.714019] kasan_report+0xc8/0x180 [ 107.714456] kasan_check_range+0xe4/0x190 [ 107.714911] __kasan_check_write+0x28/0x3c [ 107.715386] kasan_bitops_test_and_modify.constprop.0+0xf8/0x770 [ 107.715987] kasan_bitops_generic+0xc0/0x140 [ 107.716474] kunit_try_run_case+0x8c/0x124 [ 107.716978] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.717715] kthread+0x15c/0x170 [ 107.718175] ret_from_fork+0x10/0x20 [ 107.718621] [ 107.718818] Allocated by task 249: [ 107.719453] kasan_save_stack+0x3c/0x70 [ 107.720015] kasan_set_track+0x2c/0x40 [ 107.720561] kasan_save_alloc_info+0x24/0x34 [ 107.721176] __kasan_kmalloc+0xd4/0xe0 [ 107.721721] kmalloc_trace+0x8c/0x150 [ 107.722261] kasan_bitops_generic+0x98/0x140 [ 107.722833] kunit_try_run_case+0x8c/0x124 [ 107.723449] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.724125] kthread+0x15c/0x170 [ 107.724637] ret_from_fork+0x10/0x20 [ 107.725096] [ 107.725301] The buggy address belongs to the object at ffff0000c66ab600 [ 107.725301] which belongs to the cache kmalloc-128 of size 128 [ 107.726225] The buggy address is located 8 bytes inside of [ 107.726225] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.727136] [ 107.727339] The buggy address belongs to the physical page: [ 107.727811] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.728568] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.729209] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.729877] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.730484] page dumped because: kasan: bad access detected [ 107.730970] [ 107.731166] Memory state around the buggy address: [ 107.731634] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.732267] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.732892] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.733478] ^ [ 107.733842] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.734463] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.735058] ================================================================== [ 107.892590] ================================================================== [ 107.893142] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x210/0x770 [ 107.893963] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.894590] [ 107.894817] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.895513] Hardware name: linux,dummy-virt (DT) [ 107.895931] Call trace: [ 107.896209] dump_backtrace+0xe0/0x134 [ 107.896695] show_stack+0x20/0x2c [ 107.897142] dump_stack_lvl+0x88/0xb4 [ 107.897621] print_report+0x158/0x44c [ 107.898054] kasan_report+0xc8/0x180 [ 107.898488] kasan_check_range+0xe4/0x190 [ 107.898945] __kasan_check_write+0x28/0x3c [ 107.899425] kasan_bitops_test_and_modify.constprop.0+0x210/0x770 [ 107.900011] kasan_bitops_generic+0xc0/0x140 [ 107.900452] kunit_try_run_case+0x8c/0x124 [ 107.900910] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.901484] kthread+0x15c/0x170 [ 107.901943] ret_from_fork+0x10/0x20 [ 107.902346] [ 107.902558] Allocated by task 249: [ 107.902897] kasan_save_stack+0x3c/0x70 [ 107.903346] kasan_set_track+0x2c/0x40 [ 107.903806] kasan_save_alloc_info+0x24/0x34 [ 107.904281] __kasan_kmalloc+0xd4/0xe0 [ 107.904726] kmalloc_trace+0x8c/0x150 [ 107.905157] kasan_bitops_generic+0x98/0x140 [ 107.905630] kunit_try_run_case+0x8c/0x124 [ 107.906133] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.906757] kthread+0x15c/0x170 [ 107.907153] ret_from_fork+0x10/0x20 [ 107.907579] [ 107.907798] The buggy address belongs to the object at ffff0000c66ab600 [ 107.907798] which belongs to the cache kmalloc-128 of size 128 [ 107.908753] The buggy address is located 8 bytes inside of [ 107.908753] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.909671] [ 107.909917] The buggy address belongs to the physical page: [ 107.910392] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.911169] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.911831] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.912510] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.913158] page dumped because: kasan: bad access detected [ 107.913641] [ 107.913862] Memory state around the buggy address: [ 107.914308] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.914934] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.915581] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.916182] ^ [ 107.916561] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.917210] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.917812] ================================================================== [ 107.761057] ================================================================== [ 107.761660] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x138/0x770 [ 107.762481] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.763080] [ 107.763316] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.764043] Hardware name: linux,dummy-virt (DT) [ 107.764509] Call trace: [ 107.764789] dump_backtrace+0xe0/0x134 [ 107.765216] show_stack+0x20/0x2c [ 107.765653] dump_stack_lvl+0x88/0xb4 [ 107.766158] print_report+0x158/0x44c [ 107.766573] kasan_report+0xc8/0x180 [ 107.766998] kasan_check_range+0xe4/0x190 [ 107.767442] __kasan_check_write+0x28/0x3c [ 107.767909] kasan_bitops_test_and_modify.constprop.0+0x138/0x770 [ 107.768481] kasan_bitops_generic+0xc0/0x140 [ 107.768946] kunit_try_run_case+0x8c/0x124 [ 107.769398] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.769994] kthread+0x15c/0x170 [ 107.770382] ret_from_fork+0x10/0x20 [ 107.770810] [ 107.771011] Allocated by task 249: [ 107.771341] kasan_save_stack+0x3c/0x70 [ 107.771813] kasan_set_track+0x2c/0x40 [ 107.772244] kasan_save_alloc_info+0x24/0x34 [ 107.772736] __kasan_kmalloc+0xd4/0xe0 [ 107.773180] kmalloc_trace+0x8c/0x150 [ 107.773605] kasan_bitops_generic+0x98/0x140 [ 107.774031] kunit_try_run_case+0x8c/0x124 [ 107.774487] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.775053] kthread+0x15c/0x170 [ 107.775445] ret_from_fork+0x10/0x20 [ 107.775879] [ 107.776077] The buggy address belongs to the object at ffff0000c66ab600 [ 107.776077] which belongs to the cache kmalloc-128 of size 128 [ 107.777019] The buggy address is located 8 bytes inside of [ 107.777019] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.777907] [ 107.778135] The buggy address belongs to the physical page: [ 107.778598] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.779358] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.780012] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.780659] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.781276] page dumped because: kasan: bad access detected [ 107.781759] [ 107.781948] Memory state around the buggy address: [ 107.782414] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.783036] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.783635] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.784214] ^ [ 107.784572] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.785204] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.785800] ================================================================== [ 107.786854] ================================================================== [ 107.787452] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x164/0x770 [ 107.788324] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.788988] [ 107.789232] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.789938] Hardware name: linux,dummy-virt (DT) [ 107.790327] Call trace: [ 107.790596] dump_backtrace+0xe0/0x134 [ 107.791074] show_stack+0x20/0x2c [ 107.791459] dump_stack_lvl+0x88/0xb4 [ 107.791908] print_report+0x158/0x44c [ 107.792332] kasan_report+0xc8/0x180 [ 107.792777] __asan_load8+0x80/0xac [ 107.793178] kasan_bitops_test_and_modify.constprop.0+0x164/0x770 [ 107.793757] kasan_bitops_generic+0xc0/0x140 [ 107.794227] kunit_try_run_case+0x8c/0x124 [ 107.794665] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.795223] kthread+0x15c/0x170 [ 107.795610] ret_from_fork+0x10/0x20 [ 107.796045] [ 107.796270] Allocated by task 249: [ 107.796619] kasan_save_stack+0x3c/0x70 [ 107.797100] kasan_set_track+0x2c/0x40 [ 107.797524] kasan_save_alloc_info+0x24/0x34 [ 107.797988] __kasan_kmalloc+0xd4/0xe0 [ 107.798436] kmalloc_trace+0x8c/0x150 [ 107.798876] kasan_bitops_generic+0x98/0x140 [ 107.799345] kunit_try_run_case+0x8c/0x124 [ 107.799832] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.800380] kthread+0x15c/0x170 [ 107.800825] ret_from_fork+0x10/0x20 [ 107.801250] [ 107.801457] The buggy address belongs to the object at ffff0000c66ab600 [ 107.801457] which belongs to the cache kmalloc-128 of size 128 [ 107.802413] The buggy address is located 8 bytes inside of [ 107.802413] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.803266] [ 107.803497] The buggy address belongs to the physical page: [ 107.803974] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.804758] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.805394] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.806028] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.806649] page dumped because: kasan: bad access detected [ 107.807125] [ 107.807313] Memory state around the buggy address: [ 107.807753] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.808387] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.809004] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.809576] ^ [ 107.809943] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.810568] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.811144] ================================================================== [ 107.841132] ================================================================== [ 107.841692] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1bc/0x770 [ 107.842589] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.843353] [ 107.843565] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.844350] Hardware name: linux,dummy-virt (DT) [ 107.844831] Call trace: [ 107.845101] dump_backtrace+0xe0/0x134 [ 107.845539] show_stack+0x20/0x2c [ 107.845942] dump_stack_lvl+0x88/0xb4 [ 107.846381] print_report+0x158/0x44c [ 107.846801] kasan_report+0xc8/0x180 [ 107.847191] __asan_load8+0x80/0xac [ 107.847594] kasan_bitops_test_and_modify.constprop.0+0x1bc/0x770 [ 107.848193] kasan_bitops_generic+0xc0/0x140 [ 107.848657] kunit_try_run_case+0x8c/0x124 [ 107.849154] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.849718] kthread+0x15c/0x170 [ 107.850135] ret_from_fork+0x10/0x20 [ 107.850573] [ 107.850788] Allocated by task 249: [ 107.851113] kasan_save_stack+0x3c/0x70 [ 107.851572] kasan_set_track+0x2c/0x40 [ 107.851981] kasan_save_alloc_info+0x24/0x34 [ 107.852474] __kasan_kmalloc+0xd4/0xe0 [ 107.852922] kmalloc_trace+0x8c/0x150 [ 107.853349] kasan_bitops_generic+0x98/0x140 [ 107.853818] kunit_try_run_case+0x8c/0x124 [ 107.854326] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.854877] kthread+0x15c/0x170 [ 107.855234] ret_from_fork+0x10/0x20 [ 107.855594] [ 107.855930] The buggy address belongs to the object at ffff0000c66ab600 [ 107.855930] which belongs to the cache kmalloc-128 of size 128 [ 107.856899] The buggy address is located 8 bytes inside of [ 107.856899] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.857820] [ 107.858070] The buggy address belongs to the physical page: [ 107.858554] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.859334] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.860006] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.860668] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.861307] page dumped because: kasan: bad access detected [ 107.861787] [ 107.861985] Memory state around the buggy address: [ 107.862424] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.863068] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.863682] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.864286] ^ [ 107.864645] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.865297] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.865897] ================================================================== [ 107.735898] ================================================================== [ 107.736455] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x100/0x770 [ 107.737262] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.737930] [ 107.738154] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.738801] Hardware name: linux,dummy-virt (DT) [ 107.739238] Call trace: [ 107.739518] dump_backtrace+0xe0/0x134 [ 107.739986] show_stack+0x20/0x2c [ 107.740386] dump_stack_lvl+0x88/0xb4 [ 107.740884] print_report+0x158/0x44c [ 107.741327] kasan_report+0xc8/0x180 [ 107.741733] __asan_load8+0x80/0xac [ 107.742162] kasan_bitops_test_and_modify.constprop.0+0x100/0x770 [ 107.742737] kasan_bitops_generic+0xc0/0x140 [ 107.743214] kunit_try_run_case+0x8c/0x124 [ 107.743664] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.744223] kthread+0x15c/0x170 [ 107.744606] ret_from_fork+0x10/0x20 [ 107.745013] [ 107.745227] Allocated by task 249: [ 107.745571] kasan_save_stack+0x3c/0x70 [ 107.746053] kasan_set_track+0x2c/0x40 [ 107.746462] kasan_save_alloc_info+0x24/0x34 [ 107.746969] __kasan_kmalloc+0xd4/0xe0 [ 107.747403] kmalloc_trace+0x8c/0x150 [ 107.747848] kasan_bitops_generic+0x98/0x140 [ 107.748313] kunit_try_run_case+0x8c/0x124 [ 107.748759] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.749300] kthread+0x15c/0x170 [ 107.749713] ret_from_fork+0x10/0x20 [ 107.750133] [ 107.750328] The buggy address belongs to the object at ffff0000c66ab600 [ 107.750328] which belongs to the cache kmalloc-128 of size 128 [ 107.751255] The buggy address is located 8 bytes inside of [ 107.751255] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.752143] [ 107.752348] The buggy address belongs to the physical page: [ 107.752823] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.753588] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.754264] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.754925] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.755547] page dumped because: kasan: bad access detected [ 107.756025] [ 107.756251] Memory state around the buggy address: [ 107.756714] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.757317] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.757965] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.758555] ^ [ 107.758915] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.759535] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.760135] ================================================================== [ 107.648637] ================================================================== [ 107.649534] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa4/0x770 [ 107.650626] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.651134] [ 107.651332] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.652045] Hardware name: linux,dummy-virt (DT) [ 107.652681] Call trace: [ 107.653072] dump_backtrace+0xe0/0x134 [ 107.653700] show_stack+0x20/0x2c [ 107.654249] dump_stack_lvl+0x88/0xb4 [ 107.655058] print_report+0x158/0x44c [ 107.655647] kasan_report+0xc8/0x180 [ 107.656252] kasan_check_range+0xe4/0x190 [ 107.656887] __kasan_check_write+0x28/0x3c [ 107.657538] kasan_bitops_test_and_modify.constprop.0+0xa4/0x770 [ 107.658356] kasan_bitops_generic+0xc0/0x140 [ 107.658986] kunit_try_run_case+0x8c/0x124 [ 107.659622] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.660434] kthread+0x15c/0x170 [ 107.661036] ret_from_fork+0x10/0x20 [ 107.661629] [ 107.661959] Allocated by task 249: [ 107.662453] kasan_save_stack+0x3c/0x70 [ 107.663099] kasan_set_track+0x2c/0x40 [ 107.663530] kasan_save_alloc_info+0x24/0x34 [ 107.663958] __kasan_kmalloc+0xd4/0xe0 [ 107.664337] kmalloc_trace+0x8c/0x150 [ 107.664700] kasan_bitops_generic+0x98/0x140 [ 107.665324] kunit_try_run_case+0x8c/0x124 [ 107.665958] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.666726] kthread+0x15c/0x170 [ 107.667281] ret_from_fork+0x10/0x20 [ 107.667877] [ 107.668151] The buggy address belongs to the object at ffff0000c66ab600 [ 107.668151] which belongs to the cache kmalloc-128 of size 128 [ 107.669759] The buggy address is located 8 bytes inside of [ 107.669759] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.671236] [ 107.671524] The buggy address belongs to the physical page: [ 107.672288] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.673401] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.674348] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.675316] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.676235] page dumped because: kasan: bad access detected [ 107.677001] [ 107.677205] Memory state around the buggy address: [ 107.677859] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.678814] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.679781] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.680622] ^ [ 107.680944] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.681432] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.681946] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 107.496387] ================================================================== [ 107.497905] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x180/0x68c [ 107.498521] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.499028] [ 107.499225] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.499837] Hardware name: linux,dummy-virt (DT) [ 107.500390] Call trace: [ 107.500773] dump_backtrace+0xe0/0x134 [ 107.501422] show_stack+0x20/0x2c [ 107.501890] dump_stack_lvl+0x88/0xb4 [ 107.502397] print_report+0x158/0x44c [ 107.502863] kasan_report+0xc8/0x180 [ 107.503310] kasan_check_range+0xe4/0x190 [ 107.503801] __kasan_check_write+0x28/0x3c [ 107.504307] kasan_bitops_modify.constprop.0+0x180/0x68c [ 107.504945] kasan_bitops_generic+0xb4/0x140 [ 107.505495] kunit_try_run_case+0x8c/0x124 [ 107.506012] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.506587] kthread+0x15c/0x170 [ 107.507004] ret_from_fork+0x10/0x20 [ 107.507456] [ 107.507672] Allocated by task 249: [ 107.508093] kasan_save_stack+0x3c/0x70 [ 107.508622] kasan_set_track+0x2c/0x40 [ 107.509061] kasan_save_alloc_info+0x24/0x34 [ 107.509554] __kasan_kmalloc+0xd4/0xe0 [ 107.510020] kmalloc_trace+0x8c/0x150 [ 107.510448] kasan_bitops_generic+0x98/0x140 [ 107.510922] kunit_try_run_case+0x8c/0x124 [ 107.511400] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.511985] kthread+0x15c/0x170 [ 107.512400] ret_from_fork+0x10/0x20 [ 107.512873] [ 107.513109] The buggy address belongs to the object at ffff0000c66ab600 [ 107.513109] which belongs to the cache kmalloc-128 of size 128 [ 107.514049] The buggy address is located 8 bytes inside of [ 107.514049] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.514979] [ 107.515231] The buggy address belongs to the physical page: [ 107.515741] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.516506] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.517190] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.517835] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.518453] page dumped because: kasan: bad access detected [ 107.518906] [ 107.519125] Memory state around the buggy address: [ 107.519603] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.520241] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.520894] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.521516] ^ [ 107.521903] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.522538] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.523149] ================================================================== [ 107.413780] ================================================================== [ 107.414335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xf8/0x68c [ 107.414969] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.415695] [ 107.415911] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.416590] Hardware name: linux,dummy-virt (DT) [ 107.417039] Call trace: [ 107.417342] dump_backtrace+0xe0/0x134 [ 107.417810] show_stack+0x20/0x2c [ 107.418213] dump_stack_lvl+0x88/0xb4 [ 107.418766] print_report+0x158/0x44c [ 107.419218] kasan_report+0xc8/0x180 [ 107.419721] kasan_check_range+0xe4/0x190 [ 107.420414] __kasan_check_write+0x28/0x3c [ 107.421157] kasan_bitops_modify.constprop.0+0xf8/0x68c [ 107.421788] kasan_bitops_generic+0xb4/0x140 [ 107.422315] kunit_try_run_case+0x8c/0x124 [ 107.422879] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.423535] kthread+0x15c/0x170 [ 107.423946] ret_from_fork+0x10/0x20 [ 107.424376] [ 107.424632] Allocated by task 249: [ 107.424967] kasan_save_stack+0x3c/0x70 [ 107.425452] kasan_set_track+0x2c/0x40 [ 107.425913] kasan_save_alloc_info+0x24/0x34 [ 107.426398] __kasan_kmalloc+0xd4/0xe0 [ 107.426812] kmalloc_trace+0x8c/0x150 [ 107.427305] kasan_bitops_generic+0x98/0x140 [ 107.427808] kunit_try_run_case+0x8c/0x124 [ 107.428274] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.428889] kthread+0x15c/0x170 [ 107.429313] ret_from_fork+0x10/0x20 [ 107.429754] [ 107.429981] The buggy address belongs to the object at ffff0000c66ab600 [ 107.429981] which belongs to the cache kmalloc-128 of size 128 [ 107.430934] The buggy address is located 8 bytes inside of [ 107.430934] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.431814] [ 107.432041] The buggy address belongs to the physical page: [ 107.432518] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.433434] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.434093] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.434828] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.435459] page dumped because: kasan: bad access detected [ 107.435900] [ 107.436114] Memory state around the buggy address: [ 107.436640] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.437292] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.437949] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.438552] ^ [ 107.438934] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.439535] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.440143] ================================================================== [ 107.346887] ================================================================== [ 107.348208] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4/0x68c [ 107.349339] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.350297] [ 107.350606] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.351649] Hardware name: linux,dummy-virt (DT) [ 107.352276] Call trace: [ 107.352559] dump_backtrace+0xe0/0x134 [ 107.352944] show_stack+0x20/0x2c [ 107.353283] dump_stack_lvl+0x88/0xb4 [ 107.353952] print_report+0x158/0x44c [ 107.354534] kasan_report+0xc8/0x180 [ 107.355142] kasan_check_range+0xe4/0x190 [ 107.355799] __kasan_check_write+0x28/0x3c [ 107.356469] kasan_bitops_modify.constprop.0+0xa4/0x68c [ 107.357237] kasan_bitops_generic+0xb4/0x140 [ 107.357903] kunit_try_run_case+0x8c/0x124 [ 107.358560] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.359373] kthread+0x15c/0x170 [ 107.359959] ret_from_fork+0x10/0x20 [ 107.360616] [ 107.360945] Allocated by task 249: [ 107.361518] kasan_save_stack+0x3c/0x70 [ 107.362154] kasan_set_track+0x2c/0x40 [ 107.362841] kasan_save_alloc_info+0x24/0x34 [ 107.363434] __kasan_kmalloc+0xd4/0xe0 [ 107.363866] kmalloc_trace+0x8c/0x150 [ 107.364462] kasan_bitops_generic+0x98/0x140 [ 107.365113] kunit_try_run_case+0x8c/0x124 [ 107.365774] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.366572] kthread+0x15c/0x170 [ 107.367137] ret_from_fork+0x10/0x20 [ 107.367724] [ 107.368034] The buggy address belongs to the object at ffff0000c66ab600 [ 107.368034] which belongs to the cache kmalloc-128 of size 128 [ 107.369449] The buggy address is located 8 bytes inside of [ 107.369449] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.370467] [ 107.370754] The buggy address belongs to the physical page: [ 107.371516] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.372636] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.373347] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.373992] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.374916] page dumped because: kasan: bad access detected [ 107.375610] [ 107.375909] Memory state around the buggy address: [ 107.376563] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.377579] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.378561] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.379396] ^ [ 107.379707] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.380208] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.380673] ================================================================== [ 107.554862] ================================================================== [ 107.555427] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x198/0x68c [ 107.556506] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.558024] [ 107.558250] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.558966] Hardware name: linux,dummy-virt (DT) [ 107.559419] Call trace: [ 107.559691] dump_backtrace+0xe0/0x134 [ 107.560152] show_stack+0x20/0x2c [ 107.560542] dump_stack_lvl+0x88/0xb4 [ 107.561033] print_report+0x158/0x44c [ 107.561442] kasan_report+0xc8/0x180 [ 107.561892] kasan_check_range+0xe4/0x190 [ 107.562422] __kasan_check_write+0x28/0x3c [ 107.562924] kasan_bitops_modify.constprop.0+0x198/0x68c [ 107.563455] kasan_bitops_generic+0xb4/0x140 [ 107.563948] kunit_try_run_case+0x8c/0x124 [ 107.564428] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.565094] kthread+0x15c/0x170 [ 107.565548] ret_from_fork+0x10/0x20 [ 107.566008] [ 107.566262] Allocated by task 249: [ 107.566617] kasan_save_stack+0x3c/0x70 [ 107.567105] kasan_set_track+0x2c/0x40 [ 107.567568] kasan_save_alloc_info+0x24/0x34 [ 107.568123] __kasan_kmalloc+0xd4/0xe0 [ 107.568594] kmalloc_trace+0x8c/0x150 [ 107.569039] kasan_bitops_generic+0x98/0x140 [ 107.569516] kunit_try_run_case+0x8c/0x124 [ 107.570001] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.570582] kthread+0x15c/0x170 [ 107.571007] ret_from_fork+0x10/0x20 [ 107.571371] [ 107.571550] The buggy address belongs to the object at ffff0000c66ab600 [ 107.571550] which belongs to the cache kmalloc-128 of size 128 [ 107.572279] The buggy address is located 8 bytes inside of [ 107.572279] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.573861] [ 107.574189] The buggy address belongs to the physical page: [ 107.574919] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.576144] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.577126] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.578096] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.579018] page dumped because: kasan: bad access detected [ 107.579735] [ 107.580034] Memory state around the buggy address: [ 107.580766] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.581768] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.582718] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.583595] ^ [ 107.584124] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.585040] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.585614] ================================================================== [ 107.586491] ================================================================== [ 107.587057] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1c4/0x68c [ 107.587802] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.588501] [ 107.588768] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.589536] Hardware name: linux,dummy-virt (DT) [ 107.590142] Call trace: [ 107.590405] dump_backtrace+0xe0/0x134 [ 107.590866] show_stack+0x20/0x2c [ 107.591324] dump_stack_lvl+0x88/0xb4 [ 107.591817] print_report+0x158/0x44c [ 107.592309] kasan_report+0xc8/0x180 [ 107.592828] kasan_check_range+0xe4/0x190 [ 107.593391] __kasan_check_write+0x28/0x3c [ 107.593954] kasan_bitops_modify.constprop.0+0x1c4/0x68c [ 107.594486] kasan_bitops_generic+0xb4/0x140 [ 107.595020] kunit_try_run_case+0x8c/0x124 [ 107.595559] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.596139] kthread+0x15c/0x170 [ 107.596645] ret_from_fork+0x10/0x20 [ 107.597188] [ 107.597420] Allocated by task 249: [ 107.597823] kasan_save_stack+0x3c/0x70 [ 107.598282] kasan_set_track+0x2c/0x40 [ 107.598825] kasan_save_alloc_info+0x24/0x34 [ 107.599358] __kasan_kmalloc+0xd4/0xe0 [ 107.599800] kmalloc_trace+0x8c/0x150 [ 107.600391] kasan_bitops_generic+0x98/0x140 [ 107.600914] kunit_try_run_case+0x8c/0x124 [ 107.601396] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.601980] kthread+0x15c/0x170 [ 107.602377] ret_from_fork+0x10/0x20 [ 107.602831] [ 107.603060] The buggy address belongs to the object at ffff0000c66ab600 [ 107.603060] which belongs to the cache kmalloc-128 of size 128 [ 107.604055] The buggy address is located 8 bytes inside of [ 107.604055] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.605028] [ 107.605286] The buggy address belongs to the physical page: [ 107.605797] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.606562] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.607362] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.608082] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.608842] page dumped because: kasan: bad access detected [ 107.609397] [ 107.609658] Memory state around the buggy address: [ 107.610139] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.610792] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.611403] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.612023] ^ [ 107.612443] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.613221] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.613855] ================================================================== [ 107.441226] ================================================================== [ 107.441822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x124/0x68c [ 107.442604] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.443250] [ 107.443471] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.444124] Hardware name: linux,dummy-virt (DT) [ 107.444619] Call trace: [ 107.444910] dump_backtrace+0xe0/0x134 [ 107.445342] show_stack+0x20/0x2c [ 107.445753] dump_stack_lvl+0x88/0xb4 [ 107.446215] print_report+0x158/0x44c [ 107.446646] kasan_report+0xc8/0x180 [ 107.447073] __asan_load8+0x80/0xac [ 107.447530] kasan_bitops_modify.constprop.0+0x124/0x68c [ 107.448055] kasan_bitops_generic+0xb4/0x140 [ 107.448511] kunit_try_run_case+0x8c/0x124 [ 107.449005] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.449674] kthread+0x15c/0x170 [ 107.450148] ret_from_fork+0x10/0x20 [ 107.450553] [ 107.450809] Allocated by task 249: [ 107.451146] kasan_save_stack+0x3c/0x70 [ 107.451589] kasan_set_track+0x2c/0x40 [ 107.452068] kasan_save_alloc_info+0x24/0x34 [ 107.452586] __kasan_kmalloc+0xd4/0xe0 [ 107.453172] kmalloc_trace+0x8c/0x150 [ 107.453638] kasan_bitops_generic+0x98/0x140 [ 107.454178] kunit_try_run_case+0x8c/0x124 [ 107.454643] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.455207] kthread+0x15c/0x170 [ 107.455635] ret_from_fork+0x10/0x20 [ 107.456066] [ 107.456287] The buggy address belongs to the object at ffff0000c66ab600 [ 107.456287] which belongs to the cache kmalloc-128 of size 128 [ 107.457342] The buggy address is located 8 bytes inside of [ 107.457342] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.458285] [ 107.458518] The buggy address belongs to the physical page: [ 107.458939] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.459678] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.460419] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.461228] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.461891] page dumped because: kasan: bad access detected [ 107.462428] [ 107.462644] Memory state around the buggy address: [ 107.463127] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.463739] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.464352] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.465067] ^ [ 107.465416] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.466187] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.466701] ================================================================== [ 107.614791] ================================================================== [ 107.615407] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1f0/0x68c [ 107.616233] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.618162] [ 107.618381] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.618963] Hardware name: linux,dummy-virt (DT) [ 107.619304] Call trace: [ 107.619539] dump_backtrace+0xe0/0x134 [ 107.620443] show_stack+0x20/0x2c [ 107.620891] dump_stack_lvl+0x88/0xb4 [ 107.621630] print_report+0x158/0x44c [ 107.622130] kasan_report+0xc8/0x180 [ 107.622675] __asan_load8+0x80/0xac [ 107.623126] kasan_bitops_modify.constprop.0+0x1f0/0x68c [ 107.623701] kasan_bitops_generic+0xb4/0x140 [ 107.624195] kunit_try_run_case+0x8c/0x124 [ 107.624677] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.625256] kthread+0x15c/0x170 [ 107.625704] ret_from_fork+0x10/0x20 [ 107.626178] [ 107.626414] Allocated by task 249: [ 107.626787] kasan_save_stack+0x3c/0x70 [ 107.627277] kasan_set_track+0x2c/0x40 [ 107.627710] kasan_save_alloc_info+0x24/0x34 [ 107.628188] __kasan_kmalloc+0xd4/0xe0 [ 107.629376] kmalloc_trace+0x8c/0x150 [ 107.629906] kasan_bitops_generic+0x98/0x140 [ 107.630308] kunit_try_run_case+0x8c/0x124 [ 107.630712] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.631214] kthread+0x15c/0x170 [ 107.631567] ret_from_fork+0x10/0x20 [ 107.632130] [ 107.632406] The buggy address belongs to the object at ffff0000c66ab600 [ 107.632406] which belongs to the cache kmalloc-128 of size 128 [ 107.633789] The buggy address is located 8 bytes inside of [ 107.633789] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.635099] [ 107.635383] The buggy address belongs to the physical page: [ 107.636055] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.637245] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.638315] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.639388] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.640443] page dumped because: kasan: bad access detected [ 107.641148] [ 107.641453] Memory state around the buggy address: [ 107.642096] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.643006] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.643906] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.644818] ^ [ 107.645431] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.646454] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.647371] ================================================================== [ 107.382258] ================================================================== [ 107.383141] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xcc/0x68c [ 107.384205] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.385237] [ 107.385531] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.386673] Hardware name: linux,dummy-virt (DT) [ 107.387285] Call trace: [ 107.387689] dump_backtrace+0xe0/0x134 [ 107.388575] show_stack+0x20/0x2c [ 107.389114] dump_stack_lvl+0x88/0xb4 [ 107.389720] print_report+0x158/0x44c [ 107.390285] kasan_report+0xc8/0x180 [ 107.390864] __asan_load8+0x80/0xac [ 107.391424] kasan_bitops_modify.constprop.0+0xcc/0x68c [ 107.392167] kasan_bitops_generic+0xb4/0x140 [ 107.392894] kunit_try_run_case+0x8c/0x124 [ 107.393643] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.394346] kthread+0x15c/0x170 [ 107.394707] ret_from_fork+0x10/0x20 [ 107.395153] [ 107.395350] Allocated by task 249: [ 107.395662] kasan_save_stack+0x3c/0x70 [ 107.396116] kasan_set_track+0x2c/0x40 [ 107.396584] kasan_save_alloc_info+0x24/0x34 [ 107.397053] __kasan_kmalloc+0xd4/0xe0 [ 107.397481] kmalloc_trace+0x8c/0x150 [ 107.397906] kasan_bitops_generic+0x98/0x140 [ 107.398365] kunit_try_run_case+0x8c/0x124 [ 107.398848] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.399428] kthread+0x15c/0x170 [ 107.399852] ret_from_fork+0x10/0x20 [ 107.400287] [ 107.400489] The buggy address belongs to the object at ffff0000c66ab600 [ 107.400489] which belongs to the cache kmalloc-128 of size 128 [ 107.402615] The buggy address is located 8 bytes inside of [ 107.402615] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.403339] [ 107.403528] The buggy address belongs to the physical page: [ 107.403914] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.404512] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.405684] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.406233] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.406705] page dumped because: kasan: bad access detected [ 107.407081] [ 107.407263] Memory state around the buggy address: [ 107.407617] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.408855] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.410205] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.410919] ^ [ 107.411371] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.412093] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.412788] ================================================================== [ 107.467606] ================================================================== [ 107.468262] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x150/0x68c [ 107.469124] Write of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.469824] [ 107.470105] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.470800] Hardware name: linux,dummy-virt (DT) [ 107.471245] Call trace: [ 107.471525] dump_backtrace+0xe0/0x134 [ 107.472370] show_stack+0x20/0x2c [ 107.472969] dump_stack_lvl+0x88/0xb4 [ 107.473570] print_report+0x158/0x44c [ 107.474058] kasan_report+0xc8/0x180 [ 107.474583] kasan_check_range+0xe4/0x190 [ 107.475145] __kasan_check_write+0x28/0x3c [ 107.475670] kasan_bitops_modify.constprop.0+0x150/0x68c [ 107.476214] kasan_bitops_generic+0xb4/0x140 [ 107.476696] kunit_try_run_case+0x8c/0x124 [ 107.477142] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.477691] kthread+0x15c/0x170 [ 107.478091] ret_from_fork+0x10/0x20 [ 107.478531] [ 107.478762] Allocated by task 249: [ 107.479096] kasan_save_stack+0x3c/0x70 [ 107.479555] kasan_set_track+0x2c/0x40 [ 107.480010] kasan_save_alloc_info+0x24/0x34 [ 107.480471] __kasan_kmalloc+0xd4/0xe0 [ 107.480904] kmalloc_trace+0x8c/0x150 [ 107.481337] kasan_bitops_generic+0x98/0x140 [ 107.481862] kunit_try_run_case+0x8c/0x124 [ 107.482388] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.483134] kthread+0x15c/0x170 [ 107.483555] ret_from_fork+0x10/0x20 [ 107.484067] [ 107.484585] The buggy address belongs to the object at ffff0000c66ab600 [ 107.484585] which belongs to the cache kmalloc-128 of size 128 [ 107.485731] The buggy address is located 8 bytes inside of [ 107.485731] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.486544] [ 107.486789] The buggy address belongs to the physical page: [ 107.487299] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.488061] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.488829] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.489567] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.490358] page dumped because: kasan: bad access detected [ 107.490732] [ 107.491028] Memory state around the buggy address: [ 107.491683] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.492359] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.493089] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.493700] ^ [ 107.494080] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.494707] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.495314] ================================================================== [ 107.525597] ================================================================== [ 107.526564] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x188/0x68c [ 107.527673] Read of size 8 at addr ffff0000c66ab608 by task kunit_try_catch/249 [ 107.528555] [ 107.528768] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.529330] Hardware name: linux,dummy-virt (DT) [ 107.529670] Call trace: [ 107.529909] dump_backtrace+0xe0/0x134 [ 107.530278] show_stack+0x20/0x2c [ 107.530614] dump_stack_lvl+0x88/0xb4 [ 107.531037] print_report+0x158/0x44c [ 107.531546] kasan_report+0xc8/0x180 [ 107.532035] __asan_load8+0x80/0xac [ 107.532548] kasan_bitops_modify.constprop.0+0x188/0x68c [ 107.533183] kasan_bitops_generic+0xb4/0x140 [ 107.533573] kunit_try_run_case+0x8c/0x124 [ 107.534046] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.534740] kthread+0x15c/0x170 [ 107.535298] ret_from_fork+0x10/0x20 [ 107.535785] [ 107.536300] Allocated by task 249: [ 107.536661] kasan_save_stack+0x3c/0x70 [ 107.537096] kasan_set_track+0x2c/0x40 [ 107.537536] kasan_save_alloc_info+0x24/0x34 [ 107.538020] __kasan_kmalloc+0xd4/0xe0 [ 107.538490] kmalloc_trace+0x8c/0x150 [ 107.538935] kasan_bitops_generic+0x98/0x140 [ 107.539359] kunit_try_run_case+0x8c/0x124 [ 107.539839] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.540585] kthread+0x15c/0x170 [ 107.541003] ret_from_fork+0x10/0x20 [ 107.541434] [ 107.541629] The buggy address belongs to the object at ffff0000c66ab600 [ 107.541629] which belongs to the cache kmalloc-128 of size 128 [ 107.542583] The buggy address is located 8 bytes inside of [ 107.542583] 128-byte region [ffff0000c66ab600, ffff0000c66ab680) [ 107.544248] [ 107.544458] The buggy address belongs to the physical page: [ 107.544857] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.546001] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.546777] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.547439] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.548077] page dumped because: kasan: bad access detected [ 107.548596] [ 107.548799] Memory state around the buggy address: [ 107.549210] ffff0000c66ab500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.549840] ffff0000c66ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.550618] >ffff0000c66ab600: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.551316] ^ [ 107.551978] ffff0000c66ab680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.552661] ffff0000c66ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.553789] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strnlen
[ 107.298090] ================================================================== [ 107.299072] BUG: KASAN: use-after-free in strnlen+0x3c/0x6c [ 107.299938] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.301013] [ 107.301391] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.302454] Hardware name: linux,dummy-virt (DT) [ 107.303075] Call trace: [ 107.303481] dump_backtrace+0xe0/0x134 [ 107.304088] show_stack+0x20/0x2c [ 107.304674] dump_stack_lvl+0x88/0xb4 [ 107.305477] print_report+0x158/0x44c [ 107.306175] kasan_report+0xc8/0x180 [ 107.306795] __asan_load1+0x68/0x74 [ 107.307525] strnlen+0x3c/0x6c [ 107.308099] kasan_strings+0x194/0x530 [ 107.308653] kunit_try_run_case+0x8c/0x124 [ 107.309079] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.309573] kthread+0x15c/0x170 [ 107.309972] ret_from_fork+0x10/0x20 [ 107.310379] [ 107.310617] Allocated by task 248: [ 107.311011] kasan_save_stack+0x3c/0x70 [ 107.311451] kasan_set_track+0x2c/0x40 [ 107.311895] kasan_save_alloc_info+0x24/0x34 [ 107.312529] __kasan_kmalloc+0xd4/0xe0 [ 107.313255] kmalloc_trace+0x8c/0x150 [ 107.314023] kasan_strings+0xa0/0x530 [ 107.314643] kunit_try_run_case+0x8c/0x124 [ 107.315306] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.316095] kthread+0x15c/0x170 [ 107.316645] ret_from_fork+0x10/0x20 [ 107.317216] [ 107.317486] Freed by task 248: [ 107.317933] kasan_save_stack+0x3c/0x70 [ 107.318519] kasan_set_track+0x2c/0x40 [ 107.319148] kasan_save_free_info+0x38/0x5c [ 107.319800] __kasan_slab_free+0x100/0x170 [ 107.320422] slab_free_freelist_hook+0xd8/0x1c0 [ 107.321255] __kmem_cache_free+0x15c/0x2a0 [ 107.321919] kfree+0x88/0x150 [ 107.322424] kasan_strings+0xc0/0x530 [ 107.323053] kunit_try_run_case+0x8c/0x124 [ 107.323711] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.324515] kthread+0x15c/0x170 [ 107.325062] ret_from_fork+0x10/0x20 [ 107.325613] [ 107.325891] The buggy address belongs to the object at ffff0000c66ab400 [ 107.325891] which belongs to the cache kmalloc-128 of size 128 [ 107.327307] The buggy address is located 16 bytes inside of [ 107.327307] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.328697] [ 107.329030] The buggy address belongs to the physical page: [ 107.329954] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.331328] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.332316] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.332868] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.333355] page dumped because: kasan: bad access detected [ 107.333722] [ 107.334191] Memory state around the buggy address: [ 107.335025] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.335936] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.336920] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.337926] ^ [ 107.338522] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.339528] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.340508] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strlen
[ 107.256166] ================================================================== [ 107.256781] BUG: KASAN: use-after-free in strlen+0x18/0x64 [ 107.257403] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.258091] [ 107.258297] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.259872] Hardware name: linux,dummy-virt (DT) [ 107.260325] Call trace: [ 107.261101] dump_backtrace+0xe0/0x134 [ 107.261551] show_stack+0x20/0x2c [ 107.261981] dump_stack_lvl+0x88/0xb4 [ 107.262414] print_report+0x158/0x44c [ 107.262862] kasan_report+0xc8/0x180 [ 107.263319] __asan_load1+0x68/0x74 [ 107.263768] strlen+0x18/0x64 [ 107.264154] kasan_strings+0x170/0x530 [ 107.265499] kunit_try_run_case+0x8c/0x124 [ 107.265949] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.266445] kthread+0x15c/0x170 [ 107.266821] ret_from_fork+0x10/0x20 [ 107.267199] [ 107.267387] Allocated by task 248: [ 107.267801] kasan_save_stack+0x3c/0x70 [ 107.268702] kasan_set_track+0x2c/0x40 [ 107.269099] kasan_save_alloc_info+0x24/0x34 [ 107.269510] __kasan_kmalloc+0xd4/0xe0 [ 107.270159] kmalloc_trace+0x8c/0x150 [ 107.270815] kasan_strings+0xa0/0x530 [ 107.271495] kunit_try_run_case+0x8c/0x124 [ 107.272197] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.273171] kthread+0x15c/0x170 [ 107.273843] ret_from_fork+0x10/0x20 [ 107.274506] [ 107.274901] Freed by task 248: [ 107.275421] kasan_save_stack+0x3c/0x70 [ 107.276137] kasan_set_track+0x2c/0x40 [ 107.276781] kasan_save_free_info+0x38/0x5c [ 107.277450] __kasan_slab_free+0x100/0x170 [ 107.278102] slab_free_freelist_hook+0xd8/0x1c0 [ 107.278780] __kmem_cache_free+0x15c/0x2a0 [ 107.279369] kfree+0x88/0x150 [ 107.279694] kasan_strings+0xc0/0x530 [ 107.280102] kunit_try_run_case+0x8c/0x124 [ 107.280705] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.281626] kthread+0x15c/0x170 [ 107.282222] ret_from_fork+0x10/0x20 [ 107.282840] [ 107.283132] The buggy address belongs to the object at ffff0000c66ab400 [ 107.283132] which belongs to the cache kmalloc-128 of size 128 [ 107.284704] The buggy address is located 16 bytes inside of [ 107.284704] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.286038] [ 107.286319] The buggy address belongs to the physical page: [ 107.287074] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.288188] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.289179] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.290198] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.291059] page dumped because: kasan: bad access detected [ 107.291807] [ 107.292131] Memory state around the buggy address: [ 107.292769] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.293532] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.294039] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.294498] ^ [ 107.294839] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.295697] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.296545] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strncmp
[ 107.219300] ================================================================== [ 107.219893] BUG: KASAN: use-after-free in strncmp+0x3c/0x90 [ 107.220636] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.221664] [ 107.221967] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.222897] Hardware name: linux,dummy-virt (DT) [ 107.223300] Call trace: [ 107.223546] dump_backtrace+0xe0/0x134 [ 107.224003] show_stack+0x20/0x2c [ 107.224793] dump_stack_lvl+0x88/0xb4 [ 107.225253] print_report+0x158/0x44c [ 107.225674] kasan_report+0xc8/0x180 [ 107.226127] __asan_load1+0x68/0x74 [ 107.226559] strncmp+0x3c/0x90 [ 107.226959] kasan_strings+0x150/0x530 [ 107.227395] kunit_try_run_case+0x8c/0x124 [ 107.227879] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.229253] kthread+0x15c/0x170 [ 107.229651] ret_from_fork+0x10/0x20 [ 107.230097] [ 107.230289] Allocated by task 248: [ 107.230658] kasan_save_stack+0x3c/0x70 [ 107.231120] kasan_set_track+0x2c/0x40 [ 107.231551] kasan_save_alloc_info+0x24/0x34 [ 107.232065] __kasan_kmalloc+0xd4/0xe0 [ 107.232866] kmalloc_trace+0x8c/0x150 [ 107.233296] kasan_strings+0xa0/0x530 [ 107.233755] kunit_try_run_case+0x8c/0x124 [ 107.234234] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.234789] kthread+0x15c/0x170 [ 107.235193] ret_from_fork+0x10/0x20 [ 107.235625] [ 107.235840] Freed by task 248: [ 107.236191] kasan_save_stack+0x3c/0x70 [ 107.237497] kasan_set_track+0x2c/0x40 [ 107.237939] kasan_save_free_info+0x38/0x5c [ 107.238388] __kasan_slab_free+0x100/0x170 [ 107.238881] slab_free_freelist_hook+0xd8/0x1c0 [ 107.239371] __kmem_cache_free+0x15c/0x2a0 [ 107.239841] kfree+0x88/0x150 [ 107.240234] kasan_strings+0xc0/0x530 [ 107.241026] kunit_try_run_case+0x8c/0x124 [ 107.241530] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.242096] kthread+0x15c/0x170 [ 107.242486] ret_from_fork+0x10/0x20 [ 107.242914] [ 107.243129] The buggy address belongs to the object at ffff0000c66ab400 [ 107.243129] which belongs to the cache kmalloc-128 of size 128 [ 107.244074] The buggy address is located 16 bytes inside of [ 107.244074] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.245089] [ 107.245320] The buggy address belongs to the physical page: [ 107.245800] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.246565] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.248025] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.248849] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.249454] page dumped because: kasan: bad access detected [ 107.249935] [ 107.250128] Memory state around the buggy address: [ 107.250558] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.251407] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.252048] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.253518] ^ [ 107.253901] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.254548] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.255181] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strcmp
[ 107.181239] ================================================================== [ 107.182177] BUG: KASAN: use-after-free in strcmp+0x2c/0x80 [ 107.183235] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.184239] [ 107.184716] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.185859] Hardware name: linux,dummy-virt (DT) [ 107.186205] Call trace: [ 107.186436] dump_backtrace+0xe0/0x134 [ 107.186823] show_stack+0x20/0x2c [ 107.187363] dump_stack_lvl+0x88/0xb4 [ 107.187821] print_report+0x158/0x44c [ 107.188305] kasan_report+0xc8/0x180 [ 107.188754] __asan_load1+0x68/0x74 [ 107.189222] strcmp+0x2c/0x80 [ 107.189618] kasan_strings+0x128/0x530 [ 107.190108] kunit_try_run_case+0x8c/0x124 [ 107.190569] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.191157] kthread+0x15c/0x170 [ 107.191568] ret_from_fork+0x10/0x20 [ 107.192009] [ 107.192236] Allocated by task 248: [ 107.192591] kasan_save_stack+0x3c/0x70 [ 107.193065] kasan_set_track+0x2c/0x40 [ 107.193693] kasan_save_alloc_info+0x24/0x34 [ 107.194191] __kasan_kmalloc+0xd4/0xe0 [ 107.194627] kmalloc_trace+0x8c/0x150 [ 107.195063] kasan_strings+0xa0/0x530 [ 107.195495] kunit_try_run_case+0x8c/0x124 [ 107.195940] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.196565] kthread+0x15c/0x170 [ 107.196956] ret_from_fork+0x10/0x20 [ 107.197536] [ 107.197763] Freed by task 248: [ 107.198071] kasan_save_stack+0x3c/0x70 [ 107.198536] kasan_set_track+0x2c/0x40 [ 107.198950] kasan_save_free_info+0x38/0x5c [ 107.199450] __kasan_slab_free+0x100/0x170 [ 107.199969] slab_free_freelist_hook+0xd8/0x1c0 [ 107.200472] __kmem_cache_free+0x15c/0x2a0 [ 107.200955] kfree+0x88/0x150 [ 107.201327] kasan_strings+0xc0/0x530 [ 107.201740] kunit_try_run_case+0x8c/0x124 [ 107.202247] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.202807] kthread+0x15c/0x170 [ 107.203308] ret_from_fork+0x10/0x20 [ 107.203852] [ 107.204172] The buggy address belongs to the object at ffff0000c66ab400 [ 107.204172] which belongs to the cache kmalloc-128 of size 128 [ 107.205537] The buggy address is located 16 bytes inside of [ 107.205537] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.206794] [ 107.207127] The buggy address belongs to the physical page: [ 107.207721] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.208640] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.209525] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.210289] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.211024] page dumped because: kasan: bad access detected [ 107.211585] [ 107.211916] Memory state around the buggy address: [ 107.212430] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.213050] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.213960] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.214648] ^ [ 107.215173] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.215915] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.216618] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strrchr
[ 107.141520] ================================================================== [ 107.142786] BUG: KASAN: use-after-free in strrchr+0x28/0x54 [ 107.143643] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.144632] [ 107.145029] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.145998] Hardware name: linux,dummy-virt (DT) [ 107.146337] Call trace: [ 107.146568] dump_backtrace+0xe0/0x134 [ 107.146946] show_stack+0x20/0x2c [ 107.147464] dump_stack_lvl+0x88/0xb4 [ 107.148005] print_report+0x158/0x44c [ 107.148496] kasan_report+0xc8/0x180 [ 107.148963] __asan_load1+0x68/0x74 [ 107.149451] strrchr+0x28/0x54 [ 107.149909] kasan_strings+0xfc/0x530 [ 107.150357] kunit_try_run_case+0x8c/0x124 [ 107.150948] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.151490] kthread+0x15c/0x170 [ 107.151976] ret_from_fork+0x10/0x20 [ 107.152599] [ 107.152907] Allocated by task 248: [ 107.153493] kasan_save_stack+0x3c/0x70 [ 107.154185] kasan_set_track+0x2c/0x40 [ 107.154784] kasan_save_alloc_info+0x24/0x34 [ 107.155520] __kasan_kmalloc+0xd4/0xe0 [ 107.156120] kmalloc_trace+0x8c/0x150 [ 107.156718] kasan_strings+0xa0/0x530 [ 107.157537] kunit_try_run_case+0x8c/0x124 [ 107.157965] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.158459] kthread+0x15c/0x170 [ 107.158823] ret_from_fork+0x10/0x20 [ 107.159192] [ 107.159371] Freed by task 248: [ 107.159637] kasan_save_stack+0x3c/0x70 [ 107.160029] kasan_set_track+0x2c/0x40 [ 107.160537] kasan_save_free_info+0x38/0x5c [ 107.161801] __kasan_slab_free+0x100/0x170 [ 107.162306] slab_free_freelist_hook+0xd8/0x1c0 [ 107.162717] __kmem_cache_free+0x15c/0x2a0 [ 107.163333] kfree+0x88/0x150 [ 107.163886] kasan_strings+0xc0/0x530 [ 107.164434] kunit_try_run_case+0x8c/0x124 [ 107.165189] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.165854] kthread+0x15c/0x170 [ 107.166214] ret_from_fork+0x10/0x20 [ 107.166576] [ 107.166769] The buggy address belongs to the object at ffff0000c66ab400 [ 107.166769] which belongs to the cache kmalloc-128 of size 128 [ 107.167476] The buggy address is located 16 bytes inside of [ 107.167476] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.168275] [ 107.168533] The buggy address belongs to the physical page: [ 107.169058] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.169918] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.170812] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.171507] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.172053] page dumped because: kasan: bad access detected [ 107.172594] [ 107.172858] Memory state around the buggy address: [ 107.173307] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.174313] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.175074] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.175982] ^ [ 107.176636] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.177642] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.178737] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-strchr
[ 107.097974] ================================================================== [ 107.099280] BUG: KASAN: use-after-free in strchr+0x20/0x80 [ 107.100089] Read of size 1 at addr ffff0000c66ab410 by task kunit_try_catch/248 [ 107.101811] [ 107.102050] CPU: 1 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.102610] Hardware name: linux,dummy-virt (DT) [ 107.102993] Call trace: [ 107.103343] dump_backtrace+0xe0/0x134 [ 107.104075] show_stack+0x20/0x2c [ 107.104672] dump_stack_lvl+0x88/0xb4 [ 107.105276] print_report+0x158/0x44c [ 107.105783] kasan_report+0xc8/0x180 [ 107.106350] __asan_load1+0x68/0x74 [ 107.106884] strchr+0x20/0x80 [ 107.107394] kasan_strings+0xd8/0x530 [ 107.107961] kunit_try_run_case+0x8c/0x124 [ 107.108613] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.109328] kthread+0x15c/0x170 [ 107.109791] ret_from_fork+0x10/0x20 [ 107.110196] [ 107.110410] Allocated by task 248: [ 107.110767] kasan_save_stack+0x3c/0x70 [ 107.111222] kasan_set_track+0x2c/0x40 [ 107.111683] kasan_save_alloc_info+0x24/0x34 [ 107.112150] __kasan_kmalloc+0xd4/0xe0 [ 107.112628] kmalloc_trace+0x8c/0x150 [ 107.113038] kasan_strings+0xa0/0x530 [ 107.113517] kunit_try_run_case+0x8c/0x124 [ 107.113989] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.114603] kthread+0x15c/0x170 [ 107.115016] ret_from_fork+0x10/0x20 [ 107.115444] [ 107.115637] Freed by task 248: [ 107.116764] kasan_save_stack+0x3c/0x70 [ 107.117554] kasan_set_track+0x2c/0x40 [ 107.118158] kasan_save_free_info+0x38/0x5c [ 107.118812] __kasan_slab_free+0x100/0x170 [ 107.119430] slab_free_freelist_hook+0xd8/0x1c0 [ 107.120088] __kmem_cache_free+0x15c/0x2a0 [ 107.121552] kfree+0x88/0x150 [ 107.122081] kasan_strings+0xc0/0x530 [ 107.122686] kunit_try_run_case+0x8c/0x124 [ 107.123318] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.124104] kthread+0x15c/0x170 [ 107.125016] ret_from_fork+0x10/0x20 [ 107.125600] [ 107.125887] The buggy address belongs to the object at ffff0000c66ab400 [ 107.125887] which belongs to the cache kmalloc-128 of size 128 [ 107.126866] The buggy address is located 16 bytes inside of [ 107.126866] 128-byte region [ffff0000c66ab400, ffff0000c66ab480) [ 107.127563] [ 107.127753] The buggy address belongs to the physical page: [ 107.128129] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.129697] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.130807] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.131812] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.132880] page dumped because: kasan: bad access detected [ 107.133561] [ 107.133992] Memory state around the buggy address: [ 107.134787] ffff0000c66ab300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.135822] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.136849] >ffff0000c66ab400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.137953] ^ [ 107.138286] ffff0000c66ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.138788] ffff0000c66ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.139958] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 107.054786] ================================================================== [ 107.055633] BUG: KASAN: slab-out-of-bounds in memcmp+0x44/0xd0 [ 107.056712] Read of size 1 at addr ffff0000c66ab318 by task kunit_try_catch/247 [ 107.058035] [ 107.058463] CPU: 1 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.059609] Hardware name: linux,dummy-virt (DT) [ 107.060259] Call trace: [ 107.060606] dump_backtrace+0xe0/0x134 [ 107.061007] show_stack+0x20/0x2c [ 107.061498] dump_stack_lvl+0x88/0xb4 [ 107.062174] print_report+0x158/0x44c [ 107.062786] kasan_report+0xc8/0x180 [ 107.063394] __asan_load1+0x68/0x74 [ 107.064009] memcmp+0x44/0xd0 [ 107.064686] kasan_memcmp+0x100/0x210 [ 107.065678] kunit_try_run_case+0x8c/0x124 [ 107.066323] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.066925] kthread+0x15c/0x170 [ 107.067607] ret_from_fork+0x10/0x20 [ 107.068248] [ 107.068700] Allocated by task 247: [ 107.069506] kasan_save_stack+0x3c/0x70 [ 107.070243] kasan_set_track+0x2c/0x40 [ 107.070867] kasan_save_alloc_info+0x24/0x34 [ 107.071639] __kasan_kmalloc+0xd4/0xe0 [ 107.072341] kmalloc_trace+0x8c/0x150 [ 107.073118] kasan_memcmp+0xbc/0x210 [ 107.073776] kunit_try_run_case+0x8c/0x124 [ 107.074200] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.074687] kthread+0x15c/0x170 [ 107.075483] ret_from_fork+0x10/0x20 [ 107.076093] [ 107.076485] The buggy address belongs to the object at ffff0000c66ab300 [ 107.076485] which belongs to the cache kmalloc-128 of size 128 [ 107.078256] The buggy address is located 24 bytes inside of [ 107.078256] 128-byte region [ffff0000c66ab300, ffff0000c66ab380) [ 107.080024] [ 107.080422] The buggy address belongs to the physical page: [ 107.081324] page:0000000069500412 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ab [ 107.082550] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.083709] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.084827] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.085840] page dumped because: kasan: bad access detected [ 107.086227] [ 107.086406] Memory state around the buggy address: [ 107.086788] ffff0000c66ab200: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.087956] ffff0000c66ab280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.088969] >ffff0000c66ab300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.089900] ^ [ 107.090502] ffff0000c66ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.091417] ffff0000c66ab400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.092298] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 107.020204] ================================================================== [ 107.021814] BUG: KASAN: slab-out-of-bounds in memchr+0x28/0x80 [ 107.022407] Read of size 1 at addr ffff0000c66ad218 by task kunit_try_catch/246 [ 107.023009] [ 107.023265] CPU: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 107.023993] Hardware name: linux,dummy-virt (DT) [ 107.024507] Call trace: [ 107.024884] dump_backtrace+0xe0/0x134 [ 107.025498] show_stack+0x20/0x2c [ 107.025917] dump_stack_lvl+0x88/0xb4 [ 107.026353] print_report+0x158/0x44c [ 107.026776] kasan_report+0xc8/0x180 [ 107.027211] __asan_load1+0x68/0x74 [ 107.027612] memchr+0x28/0x80 [ 107.027987] kasan_memchr+0xd4/0x200 [ 107.028438] kunit_try_run_case+0x8c/0x124 [ 107.029003] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.029561] kthread+0x15c/0x170 [ 107.030003] ret_from_fork+0x10/0x20 [ 107.030407] [ 107.030605] Allocated by task 246: [ 107.030959] kasan_save_stack+0x3c/0x70 [ 107.031418] kasan_set_track+0x2c/0x40 [ 107.031824] kasan_save_alloc_info+0x24/0x34 [ 107.032286] __kasan_kmalloc+0xd4/0xe0 [ 107.032871] kmalloc_trace+0x8c/0x150 [ 107.033313] kasan_memchr+0xa0/0x200 [ 107.033728] kunit_try_run_case+0x8c/0x124 [ 107.034208] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 107.034814] kthread+0x15c/0x170 [ 107.035206] ret_from_fork+0x10/0x20 [ 107.035627] [ 107.035854] The buggy address belongs to the object at ffff0000c66ad200 [ 107.035854] which belongs to the cache kmalloc-128 of size 128 [ 107.037038] The buggy address is located 24 bytes inside of [ 107.037038] 128-byte region [ffff0000c66ad200, ffff0000c66ad280) [ 107.037886] [ 107.038077] The buggy address belongs to the physical page: [ 107.038447] page:00000000f51d9fab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ad [ 107.039367] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 107.040297] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 107.041978] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.042576] page dumped because: kasan: bad access detected [ 107.043070] [ 107.043291] Memory state around the buggy address: [ 107.043716] ffff0000c66ad100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 107.044393] ffff0000c66ad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.045157] >ffff0000c66ad200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.045863] ^ [ 107.046453] ffff0000c66ad280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.047191] ffff0000c66ad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.047649] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmem_cache_double_destroy
[ 106.969271] ================================================================== [ 106.970062] BUG: KASAN: use-after-free in kmem_cache_double_destroy+0xd4/0x1d0 [ 106.970674] Read of size 1 at addr ffff0000c6446780 by task kunit_try_catch/245 [ 106.971180] [ 106.971378] CPU: 1 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.972024] Hardware name: linux,dummy-virt (DT) [ 106.972440] Call trace: [ 106.972859] dump_backtrace+0xe0/0x134 [ 106.973376] show_stack+0x20/0x2c [ 106.974585] dump_stack_lvl+0x88/0xb4 [ 106.975363] print_report+0x158/0x44c [ 106.976176] kasan_report+0xc8/0x180 [ 106.976914] __kasan_check_byte+0x54/0x70 [ 106.977323] kmem_cache_destroy+0x100/0x1a4 [ 106.978008] kmem_cache_double_destroy+0xd4/0x1d0 [ 106.978758] kunit_try_run_case+0x8c/0x124 [ 106.979416] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.980231] kthread+0x15c/0x170 [ 106.980911] ret_from_fork+0x10/0x20 [ 106.981554] [ 106.981879] Allocated by task 245: [ 106.982391] kasan_save_stack+0x3c/0x70 [ 106.982859] kasan_set_track+0x2c/0x40 [ 106.983235] kasan_save_alloc_info+0x24/0x34 [ 106.983649] __kasan_slab_alloc+0xa8/0xac [ 106.984293] kmem_cache_alloc+0x194/0x3b0 [ 106.985035] kmem_cache_create_usercopy+0x14c/0x280 [ 106.985815] kmem_cache_create+0x24/0x30 [ 106.986443] kmem_cache_double_destroy+0xa4/0x1d0 [ 106.987236] kunit_try_run_case+0x8c/0x124 [ 106.987897] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.988805] kthread+0x15c/0x170 [ 106.989391] ret_from_fork+0x10/0x20 [ 106.989991] [ 106.990285] Freed by task 245: [ 106.990760] kasan_save_stack+0x3c/0x70 [ 106.991381] kasan_set_track+0x2c/0x40 [ 106.991983] kasan_save_free_info+0x38/0x5c [ 106.992731] __kasan_slab_free+0x100/0x170 [ 106.993313] slab_free_freelist_hook+0xd8/0x1c0 [ 106.993729] kmem_cache_free+0x194/0x42c [ 106.994198] slab_kmem_cache_release+0x38/0x50 [ 106.994722] kmem_cache_release+0x1c/0x2c [ 106.995103] kobject_put+0x104/0x2c0 [ 106.995453] sysfs_slab_release+0x30/0x40 [ 106.995840] kmem_cache_destroy+0xd8/0x1a4 [ 106.996227] kmem_cache_double_destroy+0xc4/0x1d0 [ 106.997224] kunit_try_run_case+0x8c/0x124 [ 106.997958] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.998738] kthread+0x15c/0x170 [ 106.999291] ret_from_fork+0x10/0x20 [ 106.999866] [ 107.000141] The buggy address belongs to the object at ffff0000c6446780 [ 107.000141] which belongs to the cache kmem_cache of size 216 [ 107.001725] The buggy address is located 0 bytes inside of [ 107.001725] 216-byte region [ffff0000c6446780, ffff0000c6446858) [ 107.003196] [ 107.003474] The buggy address belongs to the physical page: [ 107.004154] page:0000000031a37b1f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106446 [ 107.005389] head:0000000031a37b1f order:1 compound_mapcount:0 compound_pincount:0 [ 107.006419] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 107.007394] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002000 [ 107.008353] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 107.009380] page dumped because: kasan: bad access detected [ 107.010176] [ 107.010459] Memory state around the buggy address: [ 107.010943] ffff0000c6446680: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 107.011444] ffff0000c6446700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.011970] >ffff0000c6446780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 107.012638] ^ [ 107.013298] ffff0000c6446800: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 107.013973] ffff0000c6446880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.014612] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_free
[ 106.915337] ================================================================== [ 106.916139] BUG: KASAN: invalid-free in kmem_cache_free+0x194/0x42c [ 106.917443] Free of addr ffff0000c66ad001 by task kunit_try_catch/244 [ 106.918267] [ 106.918582] CPU: 1 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.919621] Hardware name: linux,dummy-virt (DT) [ 106.920246] Call trace: [ 106.920677] dump_backtrace+0xe0/0x134 [ 106.921346] show_stack+0x20/0x2c [ 106.921797] dump_stack_lvl+0x88/0xb4 [ 106.922212] print_report+0x158/0x44c [ 106.922559] kasan_report_invalid_free+0xa8/0x13c [ 106.923315] __kasan_slab_free+0x164/0x170 [ 106.923978] slab_free_freelist_hook+0xd8/0x1c0 [ 106.924724] kmem_cache_free+0x194/0x42c [ 106.925486] kmem_cache_invalid_free+0xe0/0x230 [ 106.926247] kunit_try_run_case+0x8c/0x124 [ 106.926917] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.927711] kthread+0x15c/0x170 [ 106.928273] ret_from_fork+0x10/0x20 [ 106.928927] [ 106.929366] Allocated by task 244: [ 106.929858] kasan_save_stack+0x3c/0x70 [ 106.930451] kasan_set_track+0x2c/0x40 [ 106.931036] kasan_save_alloc_info+0x24/0x34 [ 106.931688] __kasan_slab_alloc+0xa8/0xac [ 106.932311] kmem_cache_alloc+0x194/0x3b0 [ 106.932855] kmem_cache_invalid_free+0xbc/0x230 [ 106.933307] kunit_try_run_case+0x8c/0x124 [ 106.933708] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.934224] kthread+0x15c/0x170 [ 106.934579] ret_from_fork+0x10/0x20 [ 106.935155] [ 106.935425] The buggy address belongs to the object at ffff0000c66ad000 [ 106.935425] which belongs to the cache test_cache of size 200 [ 106.936959] The buggy address is located 1 bytes inside of [ 106.936959] 200-byte region [ffff0000c66ad000, ffff0000c66ad0c8) [ 106.938405] [ 106.938716] The buggy address belongs to the physical page: [ 106.939468] page:00000000f51d9fab refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066ad [ 106.940409] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.941367] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c6446600 [ 106.942347] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 106.943305] page dumped because: kasan: bad access detected [ 106.943793] [ 106.943980] Memory state around the buggy address: [ 106.944347] ffff0000c66acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.945338] ffff0000c66acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.946366] >ffff0000c66ad000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.947226] ^ [ 106.947698] ffff0000c66ad080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 106.948614] ffff0000c66ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.949585] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_free
[ 106.863414] ================================================================== [ 106.864300] BUG: KASAN: double-free in kmem_cache_free+0x194/0x42c [ 106.864938] Free of addr ffff0000c670d000 by task kunit_try_catch/243 [ 106.865512] [ 106.865722] CPU: 1 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.866411] Hardware name: linux,dummy-virt (DT) [ 106.866837] Call trace: [ 106.867121] dump_backtrace+0xe0/0x134 [ 106.867546] show_stack+0x20/0x2c [ 106.867979] dump_stack_lvl+0x88/0xb4 [ 106.868475] print_report+0x158/0x44c [ 106.868910] kasan_report_invalid_free+0xa8/0x13c [ 106.869429] __kasan_slab_free+0x134/0x170 [ 106.869917] slab_free_freelist_hook+0xd8/0x1c0 [ 106.870360] kmem_cache_free+0x194/0x42c [ 106.870798] kmem_cache_double_free+0xec/0x250 [ 106.871286] kunit_try_run_case+0x8c/0x124 [ 106.871755] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.872308] kthread+0x15c/0x170 [ 106.872705] ret_from_fork+0x10/0x20 [ 106.873161] [ 106.873361] Allocated by task 243: [ 106.873701] kasan_save_stack+0x3c/0x70 [ 106.874191] kasan_set_track+0x2c/0x40 [ 106.874641] kasan_save_alloc_info+0x24/0x34 [ 106.875153] __kasan_slab_alloc+0xa8/0xac [ 106.875620] kmem_cache_alloc+0x194/0x3b0 [ 106.876091] kmem_cache_double_free+0xbc/0x250 [ 106.876580] kunit_try_run_case+0x8c/0x124 [ 106.877029] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.877581] kthread+0x15c/0x170 [ 106.877991] ret_from_fork+0x10/0x20 [ 106.878375] [ 106.878593] Freed by task 243: [ 106.878914] kasan_save_stack+0x3c/0x70 [ 106.879360] kasan_set_track+0x2c/0x40 [ 106.879813] kasan_save_free_info+0x38/0x5c [ 106.880272] __kasan_slab_free+0x100/0x170 [ 106.880781] slab_free_freelist_hook+0xd8/0x1c0 [ 106.881277] kmem_cache_free+0x194/0x42c [ 106.881717] kmem_cache_double_free+0xd8/0x250 [ 106.882262] kunit_try_run_case+0x8c/0x124 [ 106.882699] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.883304] kthread+0x15c/0x170 [ 106.883724] ret_from_fork+0x10/0x20 [ 106.884121] [ 106.884338] The buggy address belongs to the object at ffff0000c670d000 [ 106.884338] which belongs to the cache test_cache of size 200 [ 106.885264] The buggy address is located 0 bytes inside of [ 106.885264] 200-byte region [ffff0000c670d000, ffff0000c670d0c8) [ 106.886180] [ 106.886381] The buggy address belongs to the physical page: [ 106.886851] page:00000000a4258f4d refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10670d [ 106.887639] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.888315] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c6446480 [ 106.888988] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 106.889664] page dumped because: kasan: bad access detected [ 106.890151] [ 106.890338] Memory state around the buggy address: [ 106.890816] ffff0000c670cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.891449] ffff0000c670cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.892079] >ffff0000c670d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 106.892686] ^ [ 106.893047] ffff0000c670d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 106.893674] ffff0000c670d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.894284] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 106.792992] ================================================================== [ 106.793867] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0xe4/0x1f0 [ 106.794550] Read of size 1 at addr ffff0000c6629b80 by task kunit_try_catch/241 [ 106.795134] [ 106.795379] CPU: 1 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.796102] Hardware name: linux,dummy-virt (DT) [ 106.797475] Call trace: [ 106.797768] dump_backtrace+0xe0/0x134 [ 106.798217] show_stack+0x20/0x2c [ 106.798613] dump_stack_lvl+0x88/0xb4 [ 106.799060] print_report+0x158/0x44c [ 106.799477] kasan_report+0xc8/0x180 [ 106.799905] __asan_load1+0x68/0x74 [ 106.800314] ksize_unpoisons_memory+0xe4/0x1f0 [ 106.800872] kunit_try_run_case+0x8c/0x124 [ 106.801356] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.802584] kthread+0x15c/0x170 [ 106.803034] ret_from_fork+0x10/0x20 [ 106.803440] [ 106.803655] Allocated by task 241: [ 106.803991] kasan_save_stack+0x3c/0x70 [ 106.804667] kasan_set_track+0x2c/0x40 [ 106.805103] kasan_save_alloc_info+0x24/0x34 [ 106.805599] __kasan_kmalloc+0xd4/0xe0 [ 106.805999] kmalloc_trace+0x8c/0x150 [ 106.806445] ksize_unpoisons_memory+0xa0/0x1f0 [ 106.806976] kunit_try_run_case+0x8c/0x124 [ 106.807414] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.807988] kthread+0x15c/0x170 [ 106.808369] ret_from_fork+0x10/0x20 [ 106.808831] [ 106.809037] The buggy address belongs to the object at ffff0000c6629b00 [ 106.809037] which belongs to the cache kmalloc-128 of size 128 [ 106.810006] The buggy address is located 0 bytes to the right of [ 106.810006] 128-byte region [ffff0000c6629b00, ffff0000c6629b80) [ 106.811142] [ 106.811367] The buggy address belongs to the physical page: [ 106.811845] page:0000000080e159f7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106629 [ 106.812852] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.813533] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 106.814217] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 106.814847] page dumped because: kasan: bad access detected [ 106.815330] [ 106.815534] Memory state around the buggy address: [ 106.816009] ffff0000c6629a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.816838] ffff0000c6629b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.817444] >ffff0000c6629b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.818052] ^ [ 106.818387] ffff0000c6629c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.819667] ffff0000c6629c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.820300] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 106.762268] ================================================================== [ 106.763243] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x114/0x200 [ 106.763946] Read of size 1 at addr ffff800008ac7cca by task kunit_try_catch/240 [ 106.764485] [ 106.764907] CPU: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.765484] Hardware name: linux,dummy-virt (DT) [ 106.765842] Call trace: [ 106.766087] dump_backtrace+0xe0/0x134 [ 106.766584] show_stack+0x20/0x2c [ 106.766957] dump_stack_lvl+0x88/0xb4 [ 106.767467] print_report+0x158/0x44c [ 106.767867] kasan_report+0xc8/0x180 [ 106.768333] __asan_load1+0x68/0x74 [ 106.769546] kasan_alloca_oob_right+0x114/0x200 [ 106.770116] kunit_try_run_case+0x8c/0x124 [ 106.770585] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.771148] kthread+0x15c/0x170 [ 106.771573] ret_from_fork+0x10/0x20 [ 106.772030] [ 106.772225] The buggy address belongs to stack of task kunit_try_catch/240 [ 106.773166] [ 106.773364] The buggy address ffff800008ac7cca belongs to a vmalloc virtual mapping [ 106.773987] The buggy address belongs to the physical page: [ 106.774475] page:00000000baa18535 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10667b [ 106.775263] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 106.775922] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 106.777424] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 106.778069] page dumped because: kasan: bad access detected [ 106.778562] [ 106.778765] Memory state around the buggy address: [ 106.779201] ffff800008ac7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.779846] ffff800008ac7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.780837] >ffff800008ac7c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 106.781403] ^ [ 106.781918] ffff800008ac7d00: 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 [ 106.782574] ffff800008ac7d80: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.783171] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 106.726484] ================================================================== [ 106.727797] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x108/0x1e4 [ 106.728897] Read of size 1 at addr ffff800008a97cdf by task kunit_try_catch/239 [ 106.730037] [ 106.730605] CPU: 1 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.731791] Hardware name: linux,dummy-virt (DT) [ 106.732660] Call trace: [ 106.733239] dump_backtrace+0xe0/0x134 [ 106.734019] show_stack+0x20/0x2c [ 106.734771] dump_stack_lvl+0x88/0xb4 [ 106.735572] print_report+0x158/0x44c [ 106.736317] kasan_report+0xc8/0x180 [ 106.737164] __asan_load1+0x68/0x74 [ 106.738031] kasan_alloca_oob_left+0x108/0x1e4 [ 106.738608] kunit_try_run_case+0x8c/0x124 [ 106.739050] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.739546] kthread+0x15c/0x170 [ 106.740198] ret_from_fork+0x10/0x20 [ 106.741088] [ 106.741526] The buggy address belongs to stack of task kunit_try_catch/239 [ 106.742734] [ 106.743038] The buggy address ffff800008a97cdf belongs to a vmalloc virtual mapping [ 106.743985] The buggy address belongs to the physical page: [ 106.744381] page:00000000a9d5ccdc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c1 [ 106.746049] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 106.747124] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 106.748513] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 106.749697] page dumped because: kasan: bad access detected [ 106.750484] [ 106.750675] Memory state around the buggy address: [ 106.751601] ffff800008a97b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.752866] ffff800008a97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.754070] >ffff800008a97c80: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 106.754791] ^ [ 106.755223] ffff800008a97d00: cb cb cb cb f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 106.755711] ffff800008a97d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.756845] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 106.694630] ================================================================== [ 106.695573] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc4/0x180 [ 106.696425] Read of size 1 at addr ffff800008ac7daa by task kunit_try_catch/238 [ 106.697178] [ 106.697438] CPU: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.698197] Hardware name: linux,dummy-virt (DT) [ 106.698653] Call trace: [ 106.698981] dump_backtrace+0xe0/0x134 [ 106.699366] show_stack+0x20/0x2c [ 106.699828] dump_stack_lvl+0x88/0xb4 [ 106.700346] print_report+0x158/0x44c [ 106.700837] kasan_report+0xc8/0x180 [ 106.701300] __asan_load1+0x68/0x74 [ 106.701796] kasan_stack_oob+0xc4/0x180 [ 106.702298] kunit_try_run_case+0x8c/0x124 [ 106.702813] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.703380] kthread+0x15c/0x170 [ 106.703870] ret_from_fork+0x10/0x20 [ 106.704388] [ 106.704716] The buggy address belongs to stack of task kunit_try_catch/238 [ 106.705335] and is located at offset 138 in frame: [ 106.706184] kasan_stack_oob+0x0/0x180 [ 106.706879] [ 106.707143] This frame has 4 objects: [ 106.707650] [48, 49) '__assertion' [ 106.707763] [64, 72) 'array' [ 106.708099] [96, 112) '__assertion' [ 106.708535] [128, 138) 'stack_array' [ 106.708960] [ 106.709532] The buggy address ffff800008ac7daa belongs to a vmalloc virtual mapping [ 106.710934] The buggy address belongs to the physical page: [ 106.711453] page:00000000baa18535 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10667b [ 106.712278] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 106.712976] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 106.714032] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 106.714654] page dumped because: kasan: bad access detected [ 106.715182] [ 106.715416] Memory state around the buggy address: [ 106.715872] ffff800008ac7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.717332] ffff800008ac7d00: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 106.718003] >ffff800008ac7d80: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 106.718621] ^ [ 106.719101] ffff800008ac7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.719761] ffff800008ac7e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.720389] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 106.662692] ================================================================== [ 106.663685] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa8/0x160 [ 106.664853] Read of size 1 at addr ffffafe56d3e7e2d by task kunit_try_catch/236 [ 106.665465] [ 106.665716] CPU: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.666595] Hardware name: linux,dummy-virt (DT) [ 106.667075] Call trace: [ 106.667370] dump_backtrace+0xe0/0x134 [ 106.667829] show_stack+0x20/0x2c [ 106.668188] dump_stack_lvl+0x88/0xb4 [ 106.669007] print_report+0x158/0x44c [ 106.669451] kasan_report+0xc8/0x180 [ 106.669904] __asan_load1+0x68/0x74 [ 106.670357] kasan_global_oob_right+0xa8/0x160 [ 106.670889] kunit_try_run_case+0x8c/0x124 [ 106.671388] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.671975] kthread+0x15c/0x170 [ 106.672392] ret_from_fork+0x10/0x20 [ 106.673186] [ 106.673458] The buggy address belongs to the variable: [ 106.673936] global_array+0xd/0x40 [ 106.674423] [ 106.674669] The buggy address ffffafe56d3e7e2d belongs to a vmalloc virtual mapping [ 106.675363] The buggy address belongs to the physical page: [ 106.675876] page:000000001ada928f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x469e7 [ 106.676976] flags: 0x3fffc0000001000(reserved|node=0|zone=0|lastcpupid=0xffff) [ 106.677712] raw: 03fffc0000001000 fffffc00001a79c8 fffffc00001a79c8 0000000000000000 [ 106.678381] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 106.679047] page dumped because: kasan: bad access detected [ 106.679543] [ 106.679790] Memory state around the buggy address: [ 106.680279] ffffafe56d3e7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.680949] ffffafe56d3e7d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.681918] >ffffafe56d3e7e00: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 106.682527] ^ [ 106.682982] ffffafe56d3e7e80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 106.683623] ffffafe56d3e7f00: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 106.684260] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 106.035687] ================================================================== [ 106.038030] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xdc/0x260 [ 106.038681] Read of size 1 at addr ffff0000c65e00c8 by task kunit_try_catch/233 [ 106.039510] [ 106.039872] CPU: 1 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 106.040764] Hardware name: linux,dummy-virt (DT) [ 106.041384] Call trace: [ 106.041785] dump_backtrace+0xe0/0x134 [ 106.042364] show_stack+0x20/0x2c [ 106.042892] dump_stack_lvl+0x88/0xb4 [ 106.043343] print_report+0x158/0x44c [ 106.043769] kasan_report+0xc8/0x180 [ 106.044168] __asan_load1+0x68/0x74 [ 106.044973] kmem_cache_oob+0xdc/0x260 [ 106.045474] kunit_try_run_case+0x8c/0x124 [ 106.045939] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.046486] kthread+0x15c/0x170 [ 106.046892] ret_from_fork+0x10/0x20 [ 106.047373] [ 106.047599] Allocated by task 233: [ 106.047943] kasan_save_stack+0x3c/0x70 [ 106.048412] kasan_set_track+0x2c/0x40 [ 106.048853] kasan_save_alloc_info+0x24/0x34 [ 106.049328] __kasan_slab_alloc+0xa8/0xac [ 106.049783] kmem_cache_alloc+0x194/0x3b0 [ 106.050250] kmem_cache_oob+0xbc/0x260 [ 106.050680] kunit_try_run_case+0x8c/0x124 [ 106.051966] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.052882] kthread+0x15c/0x170 [ 106.053288] ret_from_fork+0x10/0x20 [ 106.053712] [ 106.053920] The buggy address belongs to the object at ffff0000c65e0000 [ 106.053920] which belongs to the cache test_cache of size 200 [ 106.054893] The buggy address is located 0 bytes to the right of [ 106.054893] 200-byte region [ffff0000c65e0000, ffff0000c65e00c8) [ 106.056033] [ 106.056315] The buggy address belongs to the physical page: [ 106.058253] page:000000006f441834 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065e0 [ 106.058878] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.059714] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c6446300 [ 106.060412] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 106.061209] page dumped because: kasan: bad access detected [ 106.061959] [ 106.062157] Memory state around the buggy address: [ 106.062519] ffff0000c65dff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.063424] ffff0000c65e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 106.064352] >ffff0000c65e0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 106.066125] ^ [ 106.066861] ffff0000c65e0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.067761] ffff0000c65e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.068530] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf2
[ 105.975078] ================================================================== [ 105.976041] BUG: KASAN: use-after-free in kmalloc_uaf2+0x10c/0x2a0 [ 105.977352] Read of size 1 at addr ffff0000c65d8628 by task kunit_try_catch/229 [ 105.978737] [ 105.979132] CPU: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.980507] Hardware name: linux,dummy-virt (DT) [ 105.981485] Call trace: [ 105.982024] dump_backtrace+0xe0/0x134 [ 105.982855] show_stack+0x20/0x2c [ 105.983657] dump_stack_lvl+0x88/0xb4 [ 105.984575] print_report+0x158/0x44c [ 105.985316] kasan_report+0xc8/0x180 [ 105.986163] __asan_load1+0x68/0x74 [ 105.987067] kmalloc_uaf2+0x10c/0x2a0 [ 105.987761] kunit_try_run_case+0x8c/0x124 [ 105.988186] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.988978] kthread+0x15c/0x170 [ 105.989393] ret_from_fork+0x10/0x20 [ 105.989869] [ 105.990071] Allocated by task 229: [ 105.990418] kasan_save_stack+0x3c/0x70 [ 105.990851] kasan_set_track+0x2c/0x40 [ 105.991279] kasan_save_alloc_info+0x24/0x34 [ 105.991761] __kasan_kmalloc+0xd4/0xe0 [ 105.992186] kmalloc_trace+0x8c/0x150 [ 105.992633] kmalloc_uaf2+0xb4/0x2a0 [ 105.993078] kunit_try_run_case+0x8c/0x124 [ 105.993563] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.994119] kthread+0x15c/0x170 [ 105.994547] ret_from_fork+0x10/0x20 [ 105.995172] [ 105.995396] Freed by task 229: [ 105.995777] kasan_save_stack+0x3c/0x70 [ 105.996219] kasan_set_track+0x2c/0x40 [ 105.997792] kasan_save_free_info+0x38/0x5c [ 105.998250] __kasan_slab_free+0x100/0x170 [ 105.998724] slab_free_freelist_hook+0xd8/0x1c0 [ 105.999176] __kmem_cache_free+0x15c/0x2a0 [ 105.999669] kfree+0x88/0x150 [ 106.000034] kmalloc_uaf2+0xcc/0x2a0 [ 106.000724] kunit_try_run_case+0x8c/0x124 [ 106.001236] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 106.001820] kthread+0x15c/0x170 [ 106.002229] ret_from_fork+0x10/0x20 [ 106.002614] [ 106.002848] The buggy address belongs to the object at ffff0000c65d8600 [ 106.002848] which belongs to the cache kmalloc-128 of size 128 [ 106.003828] The buggy address is located 40 bytes inside of [ 106.003828] 128-byte region [ffff0000c65d8600, ffff0000c65d8680) [ 106.004921] [ 106.005130] The buggy address belongs to the physical page: [ 106.005626] page:00000000d460a56f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065d8 [ 106.006397] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 106.007083] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 106.007722] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 106.008358] page dumped because: kasan: bad access detected [ 106.009034] [ 106.009246] Memory state around the buggy address: [ 106.009670] ffff0000c65d8500: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.010299] ffff0000c65d8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.010940] >ffff0000c65d8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 106.011522] ^ [ 106.011949] ffff0000c65d8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 106.012808] ffff0000c65d8700: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 106.013448] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
[ 104.987162] ================================================================== [ 104.988666] BUG: KASAN: use-after-free in pagealloc_uaf+0xd4/0x210 [ 104.989227] Read of size 1 at addr ffff0000c6860000 by task kunit_try_catch/211 [ 104.990077] [ 104.990299] CPU: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.991078] Hardware name: linux,dummy-virt (DT) [ 104.991525] Call trace: [ 104.991873] dump_backtrace+0xe0/0x134 [ 104.992365] show_stack+0x20/0x2c [ 104.992834] dump_stack_lvl+0x88/0xb4 [ 104.993395] print_report+0x158/0x44c [ 104.993923] kasan_report+0xc8/0x180 [ 104.994392] __asan_load1+0x68/0x74 [ 104.994768] pagealloc_uaf+0xd4/0x210 [ 104.995267] kunit_try_run_case+0x8c/0x124 [ 104.995735] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.996291] kthread+0x15c/0x170 [ 104.996797] ret_from_fork+0x10/0x20 [ 104.997347] [ 104.997563] The buggy address belongs to the physical page: [ 104.998072] page:0000000051b64075 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x106860 [ 104.998905] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 104.999582] raw: 0bfffc0000000000 ffff0000ff5faa08 ffff0000ff5faa08 0000000000000000 [ 105.000225] raw: 0000000000000000 0000000000000005 00000000ffffff7f 0000000000000000 [ 105.001051] page dumped because: kasan: bad access detected [ 105.001547] [ 105.001782] Memory state around the buggy address: [ 105.002233] ffff0000c685ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 105.002869] ffff0000c685ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 105.003494] >ffff0000c6860000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 105.004105] ^ [ 105.004448] ffff0000c6860080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 105.005088] ffff0000c6860100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 105.005680] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf_memset
[ 105.925910] ================================================================== [ 105.926966] BUG: KASAN: use-after-free in kmalloc_uaf_memset+0xd4/0x1f0 [ 105.927523] Write of size 33 at addr ffff0000c66f6b00 by task kunit_try_catch/228 [ 105.928428] [ 105.928771] CPU: 1 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.929913] Hardware name: linux,dummy-virt (DT) [ 105.930568] Call trace: [ 105.930971] dump_backtrace+0xe0/0x134 [ 105.931582] show_stack+0x20/0x2c [ 105.932133] dump_stack_lvl+0x88/0xb4 [ 105.932883] print_report+0x158/0x44c [ 105.933575] kasan_report+0xc8/0x180 [ 105.934229] kasan_check_range+0xe4/0x190 [ 105.934899] memset+0x40/0x70 [ 105.935444] kmalloc_uaf_memset+0xd4/0x1f0 [ 105.936127] kunit_try_run_case+0x8c/0x124 [ 105.936907] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.937647] kthread+0x15c/0x170 [ 105.938028] ret_from_fork+0x10/0x20 [ 105.938397] [ 105.938577] Allocated by task 228: [ 105.938900] kasan_save_stack+0x3c/0x70 [ 105.939447] kasan_set_track+0x2c/0x40 [ 105.939981] kasan_save_alloc_info+0x24/0x34 [ 105.940694] __kasan_kmalloc+0xd4/0xe0 [ 105.941181] kmalloc_trace+0x8c/0x150 [ 105.941617] kmalloc_uaf_memset+0x9c/0x1f0 [ 105.942068] kunit_try_run_case+0x8c/0x124 [ 105.942472] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.943109] kthread+0x15c/0x170 [ 105.943551] ret_from_fork+0x10/0x20 [ 105.944032] [ 105.944251] Freed by task 228: [ 105.944628] kasan_save_stack+0x3c/0x70 [ 105.945176] kasan_set_track+0x2c/0x40 [ 105.945838] kasan_save_free_info+0x38/0x5c [ 105.946400] __kasan_slab_free+0x100/0x170 [ 105.946801] slab_free_freelist_hook+0xd8/0x1c0 [ 105.947198] __kmem_cache_free+0x15c/0x2a0 [ 105.947579] kfree+0x88/0x150 [ 105.948079] kmalloc_uaf_memset+0xbc/0x1f0 [ 105.948958] kunit_try_run_case+0x8c/0x124 [ 105.949643] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.950448] kthread+0x15c/0x170 [ 105.951047] ret_from_fork+0x10/0x20 [ 105.951612] [ 105.951891] The buggy address belongs to the object at ffff0000c66f6b00 [ 105.951891] which belongs to the cache kmalloc-128 of size 128 [ 105.953535] The buggy address is located 0 bytes inside of [ 105.953535] 128-byte region [ffff0000c66f6b00, ffff0000c66f6b80) [ 105.955076] [ 105.955358] The buggy address belongs to the physical page: [ 105.956040] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.957992] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.958917] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.959756] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.960239] page dumped because: kasan: bad access detected [ 105.961089] [ 105.961369] Memory state around the buggy address: [ 105.962206] ffff0000c66f6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.963094] ffff0000c66f6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.963966] >ffff0000c66f6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.965664] ^ [ 105.966158] ffff0000c66f6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.966648] ffff0000c66f6c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.967233] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf
[ 105.875576] ================================================================== [ 105.876371] BUG: KASAN: use-after-free in kmalloc_uaf+0xcc/0x1f0 [ 105.877667] Read of size 1 at addr ffff0000c66f6a08 by task kunit_try_catch/227 [ 105.878912] [ 105.879249] CPU: 1 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.880297] Hardware name: linux,dummy-virt (DT) [ 105.881086] Call trace: [ 105.881668] dump_backtrace+0xe0/0x134 [ 105.882436] show_stack+0x20/0x2c [ 105.883125] dump_stack_lvl+0x88/0xb4 [ 105.883704] print_report+0x158/0x44c [ 105.884079] kasan_report+0xc8/0x180 [ 105.884448] __asan_load1+0x68/0x74 [ 105.884888] kmalloc_uaf+0xcc/0x1f0 [ 105.885783] kunit_try_run_case+0x8c/0x124 [ 105.886555] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.887388] kthread+0x15c/0x170 [ 105.887968] ret_from_fork+0x10/0x20 [ 105.888664] [ 105.888983] Allocated by task 227: [ 105.889593] kasan_save_stack+0x3c/0x70 [ 105.890327] kasan_set_track+0x2c/0x40 [ 105.891114] kasan_save_alloc_info+0x24/0x34 [ 105.891886] __kasan_kmalloc+0xd4/0xe0 [ 105.892620] kmalloc_trace+0x8c/0x150 [ 105.893287] kmalloc_uaf+0x9c/0x1f0 [ 105.893922] kunit_try_run_case+0x8c/0x124 [ 105.894600] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.895452] kthread+0x15c/0x170 [ 105.896047] ret_from_fork+0x10/0x20 [ 105.896689] [ 105.897032] Freed by task 227: [ 105.897532] kasan_save_stack+0x3c/0x70 [ 105.898182] kasan_set_track+0x2c/0x40 [ 105.898801] kasan_save_free_info+0x38/0x5c [ 105.899215] __kasan_slab_free+0x100/0x170 [ 105.899607] slab_free_freelist_hook+0xd8/0x1c0 [ 105.900365] __kmem_cache_free+0x15c/0x2a0 [ 105.901089] kfree+0x88/0x150 [ 105.901635] kmalloc_uaf+0xbc/0x1f0 [ 105.902261] kunit_try_run_case+0x8c/0x124 [ 105.902940] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.903770] kthread+0x15c/0x170 [ 105.904356] ret_from_fork+0x10/0x20 [ 105.905016] [ 105.905355] The buggy address belongs to the object at ffff0000c66f6a00 [ 105.905355] which belongs to the cache kmalloc-128 of size 128 [ 105.907145] The buggy address is located 8 bytes inside of [ 105.907145] 128-byte region [ffff0000c66f6a00, ffff0000c66f6a80) [ 105.908787] [ 105.909099] The buggy address belongs to the physical page: [ 105.909997] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.910848] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.911401] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.912146] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.913224] page dumped because: kasan: bad access detected [ 105.914021] [ 105.914390] Memory state around the buggy address: [ 105.915095] ffff0000c66f6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 105.916072] ffff0000c66f6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.917078] >ffff0000c66f6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.918103] ^ [ 105.918690] ffff0000c66f6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.919605] ffff0000c66f6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.920492] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 105.843045] ================================================================== [ 105.843980] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xe4/0x1e4 [ 105.844788] Read of size 64 at addr ffff0000c67cdf04 by task kunit_try_catch/226 [ 105.845347] [ 105.845601] CPU: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.846320] Hardware name: linux,dummy-virt (DT) [ 105.846719] Call trace: [ 105.847973] dump_backtrace+0xe0/0x134 [ 105.848422] show_stack+0x20/0x2c [ 105.849066] dump_stack_lvl+0x88/0xb4 [ 105.849516] print_report+0x158/0x44c [ 105.849954] kasan_report+0xc8/0x180 [ 105.850385] kasan_check_range+0xe4/0x190 [ 105.850838] memmove+0x44/0xc0 [ 105.851250] kmalloc_memmove_invalid_size+0xe4/0x1e4 [ 105.851809] kunit_try_run_case+0x8c/0x124 [ 105.852290] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.853063] kthread+0x15c/0x170 [ 105.853489] ret_from_fork+0x10/0x20 [ 105.853917] [ 105.854105] Allocated by task 226: [ 105.854467] kasan_save_stack+0x3c/0x70 [ 105.854937] kasan_set_track+0x2c/0x40 [ 105.855386] kasan_save_alloc_info+0x24/0x34 [ 105.855850] __kasan_kmalloc+0xd4/0xe0 [ 105.856299] kmalloc_trace+0x8c/0x150 [ 105.856905] kmalloc_memmove_invalid_size+0xa0/0x1e4 [ 105.857451] kunit_try_run_case+0x8c/0x124 [ 105.857931] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.858491] kthread+0x15c/0x170 [ 105.858924] ret_from_fork+0x10/0x20 [ 105.859369] [ 105.859569] The buggy address belongs to the object at ffff0000c67cdf00 [ 105.859569] which belongs to the cache kmalloc-128 of size 128 [ 105.860479] The buggy address is located 4 bytes inside of [ 105.860479] 128-byte region [ffff0000c67cdf00, ffff0000c67cdf80) [ 105.861513] [ 105.861763] The buggy address belongs to the physical page: [ 105.862214] page:00000000e8cb511a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067cd [ 105.863703] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.864390] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.865241] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.865853] page dumped because: kasan: bad access detected [ 105.866366] [ 105.866564] Memory state around the buggy address: [ 105.867021] ffff0000c67cde00: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.867660] ffff0000c67cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.868281] >ffff0000c67cdf00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 105.869074] ^ [ 105.869561] ffff0000c67cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.870204] ffff0000c67ce000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.870814] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 105.806804] ================================================================== [ 105.807684] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xe4/0x1fc [ 105.808412] Read of size 18446744073709551614 at addr ffff0000c66f6504 by task kunit_try_catch/225 [ 105.809775] [ 105.810007] CPU: 1 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.810767] Hardware name: linux,dummy-virt (DT) [ 105.811190] Call trace: [ 105.811465] dump_backtrace+0xe0/0x134 [ 105.811931] show_stack+0x20/0x2c [ 105.812339] dump_stack_lvl+0x88/0xb4 [ 105.812780] print_report+0x158/0x44c [ 105.813195] kasan_report+0xc8/0x180 [ 105.813588] kasan_check_range+0xe4/0x190 [ 105.814036] memmove+0x44/0xc0 [ 105.814421] kmalloc_memmove_negative_size+0xe4/0x1fc [ 105.815300] kunit_try_run_case+0x8c/0x124 [ 105.815783] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.816361] kthread+0x15c/0x170 [ 105.817114] ret_from_fork+0x10/0x20 [ 105.817545] [ 105.817734] Allocated by task 225: [ 105.818100] kasan_save_stack+0x3c/0x70 [ 105.818565] kasan_set_track+0x2c/0x40 [ 105.818981] kasan_save_alloc_info+0x24/0x34 [ 105.819438] __kasan_kmalloc+0xd4/0xe0 [ 105.819900] kmalloc_trace+0x8c/0x150 [ 105.820324] kmalloc_memmove_negative_size+0xa0/0x1fc [ 105.821225] kunit_try_run_case+0x8c/0x124 [ 105.821668] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.822249] kthread+0x15c/0x170 [ 105.822675] ret_from_fork+0x10/0x20 [ 105.823119] [ 105.823304] The buggy address belongs to the object at ffff0000c66f6500 [ 105.823304] which belongs to the cache kmalloc-128 of size 128 [ 105.824251] The buggy address is located 4 bytes inside of [ 105.824251] 128-byte region [ffff0000c66f6500, ffff0000c66f6580) [ 105.825528] [ 105.825762] The buggy address belongs to the physical page: [ 105.826243] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.827031] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.827708] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.828364] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.829007] page dumped because: kasan: bad access detected [ 105.829488] [ 105.829683] Memory state around the buggy address: [ 105.830124] ffff0000c66f6400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 105.831121] ffff0000c66f6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.831730] >ffff0000c66f6500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 105.832332] ^ [ 105.833055] ffff0000c66f6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.833659] ffff0000c66f6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.834267] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 105.768944] ================================================================== [ 105.770052] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xd8/0x200 [ 105.770815] Write of size 16 at addr ffff0000c66f6369 by task kunit_try_catch/224 [ 105.771457] [ 105.771698] CPU: 1 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.772375] Hardware name: linux,dummy-virt (DT) [ 105.773641] Call trace: [ 105.773917] dump_backtrace+0xe0/0x134 [ 105.774385] show_stack+0x20/0x2c [ 105.774802] dump_stack_lvl+0x88/0xb4 [ 105.775218] print_report+0x158/0x44c [ 105.775565] kasan_report+0xc8/0x180 [ 105.775943] kasan_check_range+0xe4/0x190 [ 105.776433] memset+0x40/0x70 [ 105.776864] kmalloc_oob_memset_16+0xd8/0x200 [ 105.777447] kunit_try_run_case+0x8c/0x124 [ 105.777999] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.778613] kthread+0x15c/0x170 [ 105.779847] ret_from_fork+0x10/0x20 [ 105.780283] [ 105.780484] Allocated by task 224: [ 105.781150] kasan_save_stack+0x3c/0x70 [ 105.781605] kasan_set_track+0x2c/0x40 [ 105.782017] kasan_save_alloc_info+0x24/0x34 [ 105.782509] __kasan_kmalloc+0xd4/0xe0 [ 105.782925] kmalloc_trace+0x8c/0x150 [ 105.783347] kmalloc_oob_memset_16+0xa0/0x200 [ 105.783878] kunit_try_run_case+0x8c/0x124 [ 105.784509] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.786111] kthread+0x15c/0x170 [ 105.786652] ret_from_fork+0x10/0x20 [ 105.787225] [ 105.787496] The buggy address belongs to the object at ffff0000c66f6300 [ 105.787496] which belongs to the cache kmalloc-128 of size 128 [ 105.788303] The buggy address is located 105 bytes inside of [ 105.788303] 128-byte region [ffff0000c66f6300, ffff0000c66f6380) [ 105.790012] [ 105.790291] The buggy address belongs to the physical page: [ 105.790969] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.792050] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.793552] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.794168] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.794814] page dumped because: kasan: bad access detected [ 105.795291] [ 105.795490] Memory state around the buggy address: [ 105.795952] ffff0000c66f6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.796662] ffff0000c66f6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.797305] >ffff0000c66f6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.797913] ^ [ 105.798503] ffff0000c66f6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.799501] ffff0000c66f6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.800110] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 105.732955] ================================================================== [ 105.733717] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd8/0x200 [ 105.734458] Write of size 8 at addr ffff0000c66f6271 by task kunit_try_catch/223 [ 105.734964] [ 105.735162] CPU: 1 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.735713] Hardware name: linux,dummy-virt (DT) [ 105.738126] Call trace: [ 105.738837] dump_backtrace+0xe0/0x134 [ 105.739646] show_stack+0x20/0x2c [ 105.740435] dump_stack_lvl+0x88/0xb4 [ 105.741171] print_report+0x158/0x44c [ 105.741737] kasan_report+0xc8/0x180 [ 105.742130] kasan_check_range+0xe4/0x190 [ 105.742699] memset+0x40/0x70 [ 105.743124] kmalloc_oob_memset_8+0xd8/0x200 [ 105.743563] kunit_try_run_case+0x8c/0x124 [ 105.744110] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.744783] kthread+0x15c/0x170 [ 105.745566] ret_from_fork+0x10/0x20 [ 105.746011] [ 105.746252] Allocated by task 223: [ 105.746626] kasan_save_stack+0x3c/0x70 [ 105.747083] kasan_set_track+0x2c/0x40 [ 105.747546] kasan_save_alloc_info+0x24/0x34 [ 105.748029] __kasan_kmalloc+0xd4/0xe0 [ 105.748500] kmalloc_trace+0x8c/0x150 [ 105.748960] kmalloc_oob_memset_8+0xa0/0x200 [ 105.749456] kunit_try_run_case+0x8c/0x124 [ 105.750343] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.751011] kthread+0x15c/0x170 [ 105.751425] ret_from_fork+0x10/0x20 [ 105.751894] [ 105.752132] The buggy address belongs to the object at ffff0000c66f6200 [ 105.752132] which belongs to the cache kmalloc-128 of size 128 [ 105.753289] The buggy address is located 113 bytes inside of [ 105.753289] 128-byte region [ffff0000c66f6200, ffff0000c66f6280) [ 105.754208] [ 105.754623] The buggy address belongs to the physical page: [ 105.755068] page:000000008cb3a959 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066f6 [ 105.755855] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.756580] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.757372] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.758023] page dumped because: kasan: bad access detected [ 105.758511] [ 105.758716] Memory state around the buggy address: [ 105.759645] ffff0000c66f6100: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.760306] ffff0000c66f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.761280] >ffff0000c66f6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.761877] ^ [ 105.762458] ffff0000c66f6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.763072] ffff0000c66f6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.763666] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 105.700559] ================================================================== [ 105.702089] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xd8/0x200 [ 105.702799] Write of size 4 at addr ffff0000c67cd775 by task kunit_try_catch/222 [ 105.703458] [ 105.703679] CPU: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.704359] Hardware name: linux,dummy-virt (DT) [ 105.704806] Call trace: [ 105.705106] dump_backtrace+0xe0/0x134 [ 105.705529] show_stack+0x20/0x2c [ 105.705966] dump_stack_lvl+0x88/0xb4 [ 105.706414] print_report+0x158/0x44c [ 105.706839] kasan_report+0xc8/0x180 [ 105.707261] kasan_check_range+0xe4/0x190 [ 105.707698] memset+0x40/0x70 [ 105.708078] kmalloc_oob_memset_4+0xd8/0x200 [ 105.708551] kunit_try_run_case+0x8c/0x124 [ 105.709023] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.709579] kthread+0x15c/0x170 [ 105.710002] ret_from_fork+0x10/0x20 [ 105.710396] [ 105.710608] Allocated by task 222: [ 105.710983] kasan_save_stack+0x3c/0x70 [ 105.711426] kasan_set_track+0x2c/0x40 [ 105.711828] kasan_save_alloc_info+0x24/0x34 [ 105.712289] __kasan_kmalloc+0xd4/0xe0 [ 105.712740] kmalloc_trace+0x8c/0x150 [ 105.713184] kmalloc_oob_memset_4+0xa0/0x200 [ 105.713657] kunit_try_run_case+0x8c/0x124 [ 105.714139] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.714691] kthread+0x15c/0x170 [ 105.715117] ret_from_fork+0x10/0x20 [ 105.715500] [ 105.715708] The buggy address belongs to the object at ffff0000c67cd700 [ 105.715708] which belongs to the cache kmalloc-128 of size 128 [ 105.716627] The buggy address is located 117 bytes inside of [ 105.716627] 128-byte region [ffff0000c67cd700, ffff0000c67cd780) [ 105.717553] [ 105.717782] The buggy address belongs to the physical page: [ 105.718218] page:00000000e8cb511a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067cd [ 105.719044] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.719680] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.720345] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.720989] page dumped because: kasan: bad access detected [ 105.721461] [ 105.721643] Memory state around the buggy address: [ 105.722116] ffff0000c67cd600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.722751] ffff0000c67cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.723367] >ffff0000c67cd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.723967] ^ [ 105.725201] ffff0000c67cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.726019] ffff0000c67cd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.726582] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 105.664204] ================================================================== [ 105.665947] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xd8/0x200 [ 105.666636] Write of size 2 at addr ffff0000c67cd677 by task kunit_try_catch/221 [ 105.667246] [ 105.667490] CPU: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.668224] Hardware name: linux,dummy-virt (DT) [ 105.669509] Call trace: [ 105.669799] dump_backtrace+0xe0/0x134 [ 105.670261] show_stack+0x20/0x2c [ 105.670691] dump_stack_lvl+0x88/0xb4 [ 105.671174] print_report+0x158/0x44c [ 105.671625] kasan_report+0xc8/0x180 [ 105.672090] kasan_check_range+0xe4/0x190 [ 105.673437] memset+0x40/0x70 [ 105.673852] kmalloc_oob_memset_2+0xd8/0x200 [ 105.674349] kunit_try_run_case+0x8c/0x124 [ 105.674850] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.675401] kthread+0x15c/0x170 [ 105.675808] ret_from_fork+0x10/0x20 [ 105.676241] [ 105.676442] Allocated by task 221: [ 105.676788] kasan_save_stack+0x3c/0x70 [ 105.677290] kasan_set_track+0x2c/0x40 [ 105.677688] kasan_save_alloc_info+0x24/0x34 [ 105.678653] __kasan_kmalloc+0xd4/0xe0 [ 105.679108] kmalloc_trace+0x8c/0x150 [ 105.679544] kmalloc_oob_memset_2+0xa0/0x200 [ 105.680079] kunit_try_run_case+0x8c/0x124 [ 105.681427] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.682019] kthread+0x15c/0x170 [ 105.682441] ret_from_fork+0x10/0x20 [ 105.682878] [ 105.683070] The buggy address belongs to the object at ffff0000c67cd600 [ 105.683070] which belongs to the cache kmalloc-128 of size 128 [ 105.684024] The buggy address is located 119 bytes inside of [ 105.684024] 128-byte region [ffff0000c67cd600, ffff0000c67cd680) [ 105.685020] [ 105.685263] The buggy address belongs to the physical page: [ 105.685738] page:00000000e8cb511a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067cd [ 105.686528] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.687217] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.688247] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.689641] page dumped because: kasan: bad access detected [ 105.690147] [ 105.690332] Memory state around the buggy address: [ 105.690804] ffff0000c67cd500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.691424] ffff0000c67cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.692042] >ffff0000c67cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.693046] ^ [ 105.693614] ffff0000c67cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.694266] ffff0000c67cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.694862] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 104.951794] ================================================================== [ 104.953285] BUG: KASAN: invalid-free in kfree+0x144/0x150 [ 104.954090] Free of addr ffff0000c683c001 by task kunit_try_catch/209 [ 104.954833] [ 104.955162] CPU: 1 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.956001] Hardware name: linux,dummy-virt (DT) [ 104.956345] Call trace: [ 104.956830] dump_backtrace+0xe0/0x134 [ 104.957490] show_stack+0x20/0x2c [ 104.958061] dump_stack_lvl+0x88/0xb4 [ 104.958697] print_report+0x158/0x44c [ 104.959384] kasan_report_invalid_free+0xa8/0x13c [ 104.960109] __kasan_kfree_large+0x54/0xa0 [ 104.960799] free_large_kmalloc+0x64/0xcc [ 104.961517] kfree+0x144/0x150 [ 104.962061] kmalloc_pagealloc_invalid_free+0xa8/0x1c0 [ 104.962852] kunit_try_run_case+0x8c/0x124 [ 104.963448] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.964001] kthread+0x15c/0x170 [ 104.964369] ret_from_fork+0x10/0x20 [ 104.965078] [ 104.965414] The buggy address belongs to the physical page: [ 104.966193] page:00000000e328b301 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10683c [ 104.967477] head:00000000e328b301 order:2 compound_mapcount:0 compound_pincount:0 [ 104.968413] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 104.969489] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 104.970377] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 104.970998] page dumped because: kasan: bad access detected [ 104.971682] [ 104.971989] Memory state around the buggy address: [ 104.972697] ffff0000c683bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.973721] ffff0000c683bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.974693] >ffff0000c683c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.975620] ^ [ 104.976129] ffff0000c683c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.977076] ffff0000c683c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.977897] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 105.632055] ================================================================== [ 105.633302] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xd4/0x200 [ 105.634043] Write of size 128 at addr ffff0000c67cd500 by task kunit_try_catch/220 [ 105.634687] [ 105.634916] CPU: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.635586] Hardware name: linux,dummy-virt (DT) [ 105.636052] Call trace: [ 105.636359] dump_backtrace+0xe0/0x134 [ 105.636797] show_stack+0x20/0x2c [ 105.637205] dump_stack_lvl+0x88/0xb4 [ 105.637639] print_report+0x158/0x44c [ 105.638077] kasan_report+0xc8/0x180 [ 105.638502] kasan_check_range+0xe4/0x190 [ 105.639285] memset+0x40/0x70 [ 105.639685] kmalloc_oob_in_memset+0xd4/0x200 [ 105.640194] kunit_try_run_case+0x8c/0x124 [ 105.640990] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.641547] kthread+0x15c/0x170 [ 105.641952] ret_from_fork+0x10/0x20 [ 105.642397] [ 105.642598] Allocated by task 220: [ 105.642936] kasan_save_stack+0x3c/0x70 [ 105.643419] kasan_set_track+0x2c/0x40 [ 105.643870] kasan_save_alloc_info+0x24/0x34 [ 105.644374] __kasan_kmalloc+0xd4/0xe0 [ 105.644821] kmalloc_trace+0x8c/0x150 [ 105.645261] kmalloc_oob_in_memset+0xa0/0x200 [ 105.645791] kunit_try_run_case+0x8c/0x124 [ 105.646279] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.647238] kthread+0x15c/0x170 [ 105.647654] ret_from_fork+0x10/0x20 [ 105.648090] [ 105.648308] The buggy address belongs to the object at ffff0000c67cd500 [ 105.648308] which belongs to the cache kmalloc-128 of size 128 [ 105.649546] The buggy address is located 0 bytes inside of [ 105.649546] 128-byte region [ffff0000c67cd500, ffff0000c67cd580) [ 105.650465] [ 105.650679] The buggy address belongs to the physical page: [ 105.651178] page:00000000e8cb511a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067cd [ 105.651954] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.652879] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.653523] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.654162] page dumped because: kasan: bad access detected [ 105.654651] [ 105.655048] Memory state around the buggy address: [ 105.655476] ffff0000c67cd400: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.656132] ffff0000c67cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.657193] >ffff0000c67cd500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 105.657789] ^ [ 105.658387] ffff0000c67cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.659008] ffff0000c67cd600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.659626] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_uaf_16
[ 105.586206] ================================================================== [ 105.586997] BUG: KASAN: use-after-free in kmalloc_uaf_16+0x104/0x2a0 [ 105.587606] Read of size 16 at addr ffff0000c67f5900 by task kunit_try_catch/219 [ 105.588107] [ 105.588308] CPU: 1 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.588889] Hardware name: linux,dummy-virt (DT) [ 105.589363] Call trace: [ 105.590095] dump_backtrace+0xe0/0x134 [ 105.590655] show_stack+0x20/0x2c [ 105.591087] dump_stack_lvl+0x88/0xb4 [ 105.591572] print_report+0x158/0x44c [ 105.592000] kasan_report+0xc8/0x180 [ 105.592568] __asan_load16+0x68/0x9c [ 105.593205] kmalloc_uaf_16+0x104/0x2a0 [ 105.593707] kunit_try_run_case+0x8c/0x124 [ 105.594218] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.594826] kthread+0x15c/0x170 [ 105.595256] ret_from_fork+0x10/0x20 [ 105.595739] [ 105.595998] Allocated by task 219: [ 105.596384] kasan_save_stack+0x3c/0x70 [ 105.597039] kasan_set_track+0x2c/0x40 [ 105.597537] kasan_save_alloc_info+0x24/0x34 [ 105.598050] __kasan_kmalloc+0xd4/0xe0 [ 105.598552] kmalloc_trace+0x8c/0x150 [ 105.598998] kmalloc_uaf_16+0xcc/0x2a0 [ 105.599470] kunit_try_run_case+0x8c/0x124 [ 105.599961] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.600699] kthread+0x15c/0x170 [ 105.601110] ret_from_fork+0x10/0x20 [ 105.601672] [ 105.601920] Freed by task 219: [ 105.602267] kasan_save_stack+0x3c/0x70 [ 105.602775] kasan_set_track+0x2c/0x40 [ 105.603245] kasan_save_free_info+0x38/0x5c [ 105.603776] __kasan_slab_free+0x100/0x170 [ 105.604279] slab_free_freelist_hook+0xd8/0x1c0 [ 105.605127] __kmem_cache_free+0x15c/0x2a0 [ 105.605580] kfree+0x88/0x150 [ 105.606014] kmalloc_uaf_16+0xec/0x2a0 [ 105.606484] kunit_try_run_case+0x8c/0x124 [ 105.607034] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.607605] kthread+0x15c/0x170 [ 105.608061] ret_from_fork+0x10/0x20 [ 105.608765] [ 105.609011] The buggy address belongs to the object at ffff0000c67f5900 [ 105.609011] which belongs to the cache kmalloc-128 of size 128 [ 105.609994] The buggy address is located 0 bytes inside of [ 105.609994] 128-byte region [ffff0000c67f5900, ffff0000c67f5980) [ 105.610930] [ 105.611175] The buggy address belongs to the physical page: [ 105.611650] page:00000000678f5464 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f5 [ 105.612415] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.613130] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.614030] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.614520] page dumped because: kasan: bad access detected [ 105.614908] [ 105.615132] Memory state around the buggy address: [ 105.615564] ffff0000c67f5800: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.616186] ffff0000c67f5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.617067] >ffff0000c67f5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.617672] ^ [ 105.618014] ffff0000c67f5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.618649] ffff0000c67f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.619316] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 105.553261] ================================================================== [ 105.554013] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x2a0 [ 105.554872] Write of size 16 at addr ffff0000c67f5600 by task kunit_try_catch/218 [ 105.555371] [ 105.555567] CPU: 1 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.556248] Hardware name: linux,dummy-virt (DT) [ 105.556691] Call trace: [ 105.557014] dump_backtrace+0xe0/0x134 [ 105.557695] show_stack+0x20/0x2c [ 105.558177] dump_stack_lvl+0x88/0xb4 [ 105.558670] print_report+0x158/0x44c [ 105.559258] kasan_report+0xc8/0x180 [ 105.559725] __asan_store16+0x68/0x94 [ 105.560125] kmalloc_oob_16+0xf8/0x2a0 [ 105.560552] kunit_try_run_case+0x8c/0x124 [ 105.561109] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.561703] kthread+0x15c/0x170 [ 105.562138] ret_from_fork+0x10/0x20 [ 105.562575] [ 105.562797] Allocated by task 218: [ 105.563158] kasan_save_stack+0x3c/0x70 [ 105.563597] kasan_set_track+0x2c/0x40 [ 105.564235] kasan_save_alloc_info+0x24/0x34 [ 105.564906] __kasan_kmalloc+0xd4/0xe0 [ 105.565346] kmalloc_trace+0x8c/0x150 [ 105.565791] kmalloc_oob_16+0xa4/0x2a0 [ 105.566227] kunit_try_run_case+0x8c/0x124 [ 105.566660] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.567225] kthread+0x15c/0x170 [ 105.567644] ret_from_fork+0x10/0x20 [ 105.568081] [ 105.568270] The buggy address belongs to the object at ffff0000c67f5600 [ 105.568270] which belongs to the cache kmalloc-128 of size 128 [ 105.569333] The buggy address is located 0 bytes inside of [ 105.569333] 128-byte region [ffff0000c67f5600, ffff0000c67f5680) [ 105.570258] [ 105.570455] The buggy address belongs to the physical page: [ 105.570916] page:00000000678f5464 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f5 [ 105.571709] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 105.572408] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 105.573283] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.573887] page dumped because: kasan: bad access detected [ 105.574363] [ 105.574569] Memory state around the buggy address: [ 105.575048] ffff0000c67f5500: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.575649] ffff0000c67f5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.576278] >ffff0000c67f5600: 00 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.576923] ^ [ 105.577280] ffff0000c67f5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.577911] ffff0000c67f5700: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.578490] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-krealloc_uaf
[ 105.509978] ================================================================== [ 105.510575] BUG: KASAN: use-after-free in krealloc_uaf+0x10c/0x2f0 [ 105.511197] Read of size 1 at addr ffff0000c6260800 by task kunit_try_catch/217 [ 105.513397] [ 105.513642] CPU: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.514385] Hardware name: linux,dummy-virt (DT) [ 105.514807] Call trace: [ 105.515099] dump_backtrace+0xe0/0x134 [ 105.515531] show_stack+0x20/0x2c [ 105.515943] dump_stack_lvl+0x88/0xb4 [ 105.516384] print_report+0x158/0x44c [ 105.516808] kasan_report+0xc8/0x180 [ 105.517256] __asan_load1+0x68/0x74 [ 105.517674] krealloc_uaf+0x10c/0x2f0 [ 105.518994] kunit_try_run_case+0x8c/0x124 [ 105.519489] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.520048] kthread+0x15c/0x170 [ 105.520851] ret_from_fork+0x10/0x20 [ 105.521293] [ 105.521518] Allocated by task 217: [ 105.521853] kasan_save_stack+0x3c/0x70 [ 105.522346] kasan_set_track+0x2c/0x40 [ 105.522790] kasan_save_alloc_info+0x24/0x34 [ 105.523259] __kasan_kmalloc+0xd4/0xe0 [ 105.523704] kmalloc_trace+0x8c/0x150 [ 105.524181] krealloc_uaf+0xb0/0x2f0 [ 105.525457] kunit_try_run_case+0x8c/0x124 [ 105.525943] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.526494] kthread+0x15c/0x170 [ 105.526884] ret_from_fork+0x10/0x20 [ 105.527336] [ 105.527526] Freed by task 217: [ 105.527867] kasan_save_stack+0x3c/0x70 [ 105.528332] kasan_set_track+0x2c/0x40 [ 105.528943] kasan_save_free_info+0x38/0x5c [ 105.529416] __kasan_slab_free+0x100/0x170 [ 105.529894] slab_free_freelist_hook+0xd8/0x1c0 [ 105.530366] __kmem_cache_free+0x15c/0x2a0 [ 105.530985] kfree+0x88/0x150 [ 105.531357] krealloc_uaf+0xd0/0x2f0 [ 105.531834] kunit_try_run_case+0x8c/0x124 [ 105.532316] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.533683] kthread+0x15c/0x170 [ 105.534113] ret_from_fork+0x10/0x20 [ 105.534497] [ 105.534720] The buggy address belongs to the object at ffff0000c6260800 [ 105.534720] which belongs to the cache kmalloc-256 of size 256 [ 105.535686] The buggy address is located 0 bytes inside of [ 105.535686] 256-byte region [ffff0000c6260800, ffff0000c6260900) [ 105.536959] [ 105.537160] The buggy address belongs to the physical page: [ 105.537638] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.538422] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.539023] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.539722] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.540406] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.541041] page dumped because: kasan: bad access detected [ 105.541512] [ 105.541699] Memory state around the buggy address: [ 105.542166] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.543602] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.544222] >ffff0000c6260800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.545132] ^ [ 105.545489] ffff0000c6260880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.546123] ffff0000c6260900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.546727] ================================================================== [ 105.470438] ================================================================== [ 105.471397] BUG: KASAN: use-after-free in krealloc_uaf+0xe8/0x2f0 [ 105.472197] Read of size 1 at addr ffff0000c6260800 by task kunit_try_catch/217 [ 105.473920] [ 105.474220] CPU: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.475236] Hardware name: linux,dummy-virt (DT) [ 105.475834] Call trace: [ 105.476209] dump_backtrace+0xe0/0x134 [ 105.477016] show_stack+0x20/0x2c [ 105.477368] dump_stack_lvl+0x88/0xb4 [ 105.477787] print_report+0x158/0x44c [ 105.478171] kasan_report+0xc8/0x180 [ 105.478644] __kasan_check_byte+0x54/0x70 [ 105.479137] krealloc+0xec/0x1c0 [ 105.479512] krealloc_uaf+0xe8/0x2f0 [ 105.479963] kunit_try_run_case+0x8c/0x124 [ 105.480420] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.480989] kthread+0x15c/0x170 [ 105.481388] ret_from_fork+0x10/0x20 [ 105.481826] [ 105.482015] Allocated by task 217: [ 105.482336] kasan_save_stack+0x3c/0x70 [ 105.483649] kasan_set_track+0x2c/0x40 [ 105.484104] kasan_save_alloc_info+0x24/0x34 [ 105.485000] __kasan_kmalloc+0xd4/0xe0 [ 105.485428] kmalloc_trace+0x8c/0x150 [ 105.485872] krealloc_uaf+0xb0/0x2f0 [ 105.486297] kunit_try_run_case+0x8c/0x124 [ 105.486785] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.487321] kthread+0x15c/0x170 [ 105.487753] ret_from_fork+0x10/0x20 [ 105.488194] [ 105.488416] Freed by task 217: [ 105.489587] kasan_save_stack+0x3c/0x70 [ 105.490046] kasan_set_track+0x2c/0x40 [ 105.490506] kasan_save_free_info+0x38/0x5c [ 105.491012] __kasan_slab_free+0x100/0x170 [ 105.491469] slab_free_freelist_hook+0xd8/0x1c0 [ 105.491964] __kmem_cache_free+0x15c/0x2a0 [ 105.492420] kfree+0x88/0x150 [ 105.492816] krealloc_uaf+0xd0/0x2f0 [ 105.493298] kunit_try_run_case+0x8c/0x124 [ 105.494125] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.494695] kthread+0x15c/0x170 [ 105.495123] ret_from_fork+0x10/0x20 [ 105.495530] [ 105.495760] The buggy address belongs to the object at ffff0000c6260800 [ 105.495760] which belongs to the cache kmalloc-256 of size 256 [ 105.497486] The buggy address is located 0 bytes inside of [ 105.497486] 256-byte region [ffff0000c6260800, ffff0000c6260900) [ 105.498377] [ 105.498614] The buggy address belongs to the physical page: [ 105.499101] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.499892] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.500672] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.501397] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.502087] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.502694] page dumped because: kasan: bad access detected [ 105.503348] [ 105.503553] Memory state around the buggy address: [ 105.504021] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.505503] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.506126] >ffff0000c6260800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.506720] ^ [ 105.507082] ffff0000c6260880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 105.507699] ffff0000c6260900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.508304] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 105.159714] ================================================================== [ 105.161761] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x5b0 [ 105.162793] Write of size 1 at addr ffff0000c62606d0 by task kunit_try_catch/214 [ 105.163675] [ 105.163950] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.164775] Hardware name: linux,dummy-virt (DT) [ 105.165441] Call trace: [ 105.165848] dump_backtrace+0xe0/0x134 [ 105.166434] show_stack+0x20/0x2c [ 105.166964] dump_stack_lvl+0x88/0xb4 [ 105.167567] print_report+0x158/0x44c [ 105.168129] kasan_report+0xc8/0x180 [ 105.168827] __asan_store1+0x68/0x7c [ 105.169215] krealloc_less_oob_helper+0x140/0x5b0 [ 105.169680] krealloc_less_oob+0x20/0x30 [ 105.170061] kunit_try_run_case+0x8c/0x124 [ 105.170468] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.170982] kthread+0x15c/0x170 [ 105.171458] ret_from_fork+0x10/0x20 [ 105.171923] [ 105.172136] Allocated by task 214: [ 105.172495] kasan_save_stack+0x3c/0x70 [ 105.173294] kasan_set_track+0x2c/0x40 [ 105.173900] kasan_save_alloc_info+0x24/0x34 [ 105.174547] __kasan_krealloc+0x10c/0x140 [ 105.175165] krealloc+0x158/0x1c0 [ 105.175692] krealloc_less_oob_helper+0xd8/0x5b0 [ 105.176570] krealloc_less_oob+0x20/0x30 [ 105.177250] kunit_try_run_case+0x8c/0x124 [ 105.177898] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.178674] kthread+0x15c/0x170 [ 105.179222] ret_from_fork+0x10/0x20 [ 105.179791] [ 105.180069] The buggy address belongs to the object at ffff0000c6260600 [ 105.180069] which belongs to the cache kmalloc-256 of size 256 [ 105.182350] The buggy address is located 208 bytes inside of [ 105.182350] 256-byte region [ffff0000c6260600, ffff0000c6260700) [ 105.183275] [ 105.183461] The buggy address belongs to the physical page: [ 105.183847] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.185001] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.185495] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.186247] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.186823] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.187306] page dumped because: kasan: bad access detected [ 105.187680] [ 105.187963] Memory state around the buggy address: [ 105.188806] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.189681] ffff0000c6260600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.190570] >ffff0000c6260680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 105.191410] ^ [ 105.192135] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.193336] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.194237] ================================================================== [ 105.225303] ================================================================== [ 105.225910] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b0/0x5b0 [ 105.226684] Write of size 1 at addr ffff0000c62606ea by task kunit_try_catch/214 [ 105.227283] [ 105.227526] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.228274] Hardware name: linux,dummy-virt (DT) [ 105.229455] Call trace: [ 105.229764] dump_backtrace+0xe0/0x134 [ 105.230222] show_stack+0x20/0x2c [ 105.230611] dump_stack_lvl+0x88/0xb4 [ 105.231103] print_report+0x158/0x44c [ 105.231525] kasan_report+0xc8/0x180 [ 105.231952] __asan_store1+0x68/0x7c [ 105.232411] krealloc_less_oob_helper+0x1b0/0x5b0 [ 105.232949] krealloc_less_oob+0x20/0x30 [ 105.233390] kunit_try_run_case+0x8c/0x124 [ 105.233874] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.234423] kthread+0x15c/0x170 [ 105.235035] ret_from_fork+0x10/0x20 [ 105.235482] [ 105.235687] Allocated by task 214: [ 105.236030] kasan_save_stack+0x3c/0x70 [ 105.236691] kasan_set_track+0x2c/0x40 [ 105.237128] kasan_save_alloc_info+0x24/0x34 [ 105.237631] __kasan_krealloc+0x10c/0x140 [ 105.238112] krealloc+0x158/0x1c0 [ 105.238521] krealloc_less_oob_helper+0xd8/0x5b0 [ 105.239023] krealloc_less_oob+0x20/0x30 [ 105.239455] kunit_try_run_case+0x8c/0x124 [ 105.239921] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.240663] kthread+0x15c/0x170 [ 105.241080] ret_from_fork+0x10/0x20 [ 105.241511] [ 105.241708] The buggy address belongs to the object at ffff0000c6260600 [ 105.241708] which belongs to the cache kmalloc-256 of size 256 [ 105.242622] The buggy address is located 234 bytes inside of [ 105.242622] 256-byte region [ffff0000c6260600, ffff0000c6260700) [ 105.243524] [ 105.243760] The buggy address belongs to the physical page: [ 105.244221] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.245192] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.245823] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.246496] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.247170] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.247800] page dumped because: kasan: bad access detected [ 105.248276] [ 105.249314] Memory state around the buggy address: [ 105.249754] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.250362] ffff0000c6260600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.250988] >ffff0000c6260680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 105.251570] ^ [ 105.252132] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.253078] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.253646] ================================================================== [ 105.442803] ================================================================== [ 105.443374] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1d4/0x5b0 [ 105.444511] Write of size 1 at addr ffff0000c68420eb by task kunit_try_catch/216 [ 105.445658] [ 105.445957] CPU: 1 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.446517] Hardware name: linux,dummy-virt (DT) [ 105.446866] Call trace: [ 105.447176] dump_backtrace+0xe0/0x134 [ 105.447567] show_stack+0x20/0x2c [ 105.448027] dump_stack_lvl+0x88/0xb4 [ 105.448552] print_report+0x158/0x44c [ 105.448920] kasan_report+0xc8/0x180 [ 105.449288] __asan_store1+0x68/0x7c [ 105.449775] krealloc_less_oob_helper+0x1d4/0x5b0 [ 105.450398] krealloc_pagealloc_less_oob+0x20/0x30 [ 105.450968] kunit_try_run_case+0x8c/0x124 [ 105.451497] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.452105] kthread+0x15c/0x170 [ 105.452524] ret_from_fork+0x10/0x20 [ 105.453005] [ 105.453585] The buggy address belongs to the physical page: [ 105.453989] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.454584] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.455438] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.456215] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.457365] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.458090] page dumped because: kasan: bad access detected [ 105.458515] [ 105.458701] Memory state around the buggy address: [ 105.459317] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.459953] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.460932] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 105.461490] ^ [ 105.462050] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.462677] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.463257] ================================================================== [ 105.254674] ================================================================== [ 105.255222] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1d4/0x5b0 [ 105.255955] Write of size 1 at addr ffff0000c62606eb by task kunit_try_catch/214 [ 105.256897] [ 105.257151] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.257841] Hardware name: linux,dummy-virt (DT) [ 105.258267] Call trace: [ 105.258528] dump_backtrace+0xe0/0x134 [ 105.259002] show_stack+0x20/0x2c [ 105.259362] dump_stack_lvl+0x88/0xb4 [ 105.259834] print_report+0x158/0x44c [ 105.260261] kasan_report+0xc8/0x180 [ 105.260704] __asan_store1+0x68/0x7c [ 105.261120] krealloc_less_oob_helper+0x1d4/0x5b0 [ 105.261631] krealloc_less_oob+0x20/0x30 [ 105.262051] kunit_try_run_case+0x8c/0x124 [ 105.262508] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.263296] kthread+0x15c/0x170 [ 105.263728] ret_from_fork+0x10/0x20 [ 105.264142] [ 105.264359] Allocated by task 214: [ 105.264908] kasan_save_stack+0x3c/0x70 [ 105.265361] kasan_set_track+0x2c/0x40 [ 105.265773] kasan_save_alloc_info+0x24/0x34 [ 105.266270] __kasan_krealloc+0x10c/0x140 [ 105.266694] krealloc+0x158/0x1c0 [ 105.267117] krealloc_less_oob_helper+0xd8/0x5b0 [ 105.267620] krealloc_less_oob+0x20/0x30 [ 105.268052] kunit_try_run_case+0x8c/0x124 [ 105.268683] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.269248] kthread+0x15c/0x170 [ 105.269664] ret_from_fork+0x10/0x20 [ 105.270102] [ 105.270297] The buggy address belongs to the object at ffff0000c6260600 [ 105.270297] which belongs to the cache kmalloc-256 of size 256 [ 105.271284] The buggy address is located 235 bytes inside of [ 105.271284] 256-byte region [ffff0000c6260600, ffff0000c6260700) [ 105.272196] [ 105.272609] The buggy address belongs to the physical page: [ 105.273127] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.273866] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.274486] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.275160] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.275830] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.277702] page dumped because: kasan: bad access detected [ 105.278209] [ 105.278403] Memory state around the buggy address: [ 105.278885] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.279503] ffff0000c6260600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.280149] >ffff0000c6260680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 105.281038] ^ [ 105.281594] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.282227] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.282828] ================================================================== [ 105.195379] ================================================================== [ 105.196249] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x188/0x5b0 [ 105.197831] Write of size 1 at addr ffff0000c62606da by task kunit_try_catch/214 [ 105.198338] [ 105.198537] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.199184] Hardware name: linux,dummy-virt (DT) [ 105.199621] Call trace: [ 105.199942] dump_backtrace+0xe0/0x134 [ 105.200406] show_stack+0x20/0x2c [ 105.200812] dump_stack_lvl+0x88/0xb4 [ 105.201314] print_report+0x158/0x44c [ 105.201719] kasan_report+0xc8/0x180 [ 105.202336] __asan_store1+0x68/0x7c [ 105.202731] krealloc_less_oob_helper+0x188/0x5b0 [ 105.203275] krealloc_less_oob+0x20/0x30 [ 105.203715] kunit_try_run_case+0x8c/0x124 [ 105.204203] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.204962] kthread+0x15c/0x170 [ 105.205377] ret_from_fork+0x10/0x20 [ 105.205816] [ 105.206027] Allocated by task 214: [ 105.206376] kasan_save_stack+0x3c/0x70 [ 105.206840] kasan_set_track+0x2c/0x40 [ 105.207287] kasan_save_alloc_info+0x24/0x34 [ 105.207764] __kasan_krealloc+0x10c/0x140 [ 105.208224] krealloc+0x158/0x1c0 [ 105.208809] krealloc_less_oob_helper+0xd8/0x5b0 [ 105.209383] krealloc_less_oob+0x20/0x30 [ 105.209827] kunit_try_run_case+0x8c/0x124 [ 105.210306] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.210868] kthread+0x15c/0x170 [ 105.211284] ret_from_fork+0x10/0x20 [ 105.211707] [ 105.211944] The buggy address belongs to the object at ffff0000c6260600 [ 105.211944] which belongs to the cache kmalloc-256 of size 256 [ 105.213157] The buggy address is located 218 bytes inside of [ 105.213157] 256-byte region [ffff0000c6260600, ffff0000c6260700) [ 105.214092] [ 105.214300] The buggy address belongs to the physical page: [ 105.214764] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.215545] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.216176] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.217802] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.218479] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.219115] page dumped because: kasan: bad access detected [ 105.219616] [ 105.219825] Memory state around the buggy address: [ 105.220300] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.221168] ffff0000c6260600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.221794] >ffff0000c6260680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 105.222385] ^ [ 105.222903] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.223524] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.224124] ================================================================== [ 105.371222] ================================================================== [ 105.371688] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x5b0 [ 105.373223] Write of size 1 at addr ffff0000c68420d0 by task kunit_try_catch/216 [ 105.373941] [ 105.374177] CPU: 1 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.374918] Hardware name: linux,dummy-virt (DT) [ 105.375370] Call trace: [ 105.375645] dump_backtrace+0xe0/0x134 [ 105.376118] show_stack+0x20/0x2c [ 105.376723] dump_stack_lvl+0x88/0xb4 [ 105.377197] print_report+0x158/0x44c [ 105.378476] kasan_report+0xc8/0x180 [ 105.378964] __asan_store1+0x68/0x7c [ 105.379435] krealloc_less_oob_helper+0x140/0x5b0 [ 105.379990] krealloc_pagealloc_less_oob+0x20/0x30 [ 105.380948] kunit_try_run_case+0x8c/0x124 [ 105.381487] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.382068] kthread+0x15c/0x170 [ 105.382516] ret_from_fork+0x10/0x20 [ 105.383009] [ 105.383228] The buggy address belongs to the physical page: [ 105.383732] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.384686] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.385301] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.386675] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.387390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.388047] page dumped because: kasan: bad access detected [ 105.388590] [ 105.388803] Memory state around the buggy address: [ 105.389268] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.389951] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.390527] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 105.391504] ^ [ 105.392077] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.393504] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.394161] ================================================================== [ 105.395636] ================================================================== [ 105.397013] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x188/0x5b0 [ 105.397796] Write of size 1 at addr ffff0000c68420da by task kunit_try_catch/216 [ 105.398488] [ 105.398762] CPU: 1 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.399555] Hardware name: linux,dummy-virt (DT) [ 105.400037] Call trace: [ 105.400358] dump_backtrace+0xe0/0x134 [ 105.400820] show_stack+0x20/0x2c [ 105.402020] dump_stack_lvl+0x88/0xb4 [ 105.402490] print_report+0x158/0x44c [ 105.402938] kasan_report+0xc8/0x180 [ 105.403366] __asan_store1+0x68/0x7c [ 105.403838] krealloc_less_oob_helper+0x188/0x5b0 [ 105.404392] krealloc_pagealloc_less_oob+0x20/0x30 [ 105.404931] kunit_try_run_case+0x8c/0x124 [ 105.405770] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.406351] kthread+0x15c/0x170 [ 105.406814] ret_from_fork+0x10/0x20 [ 105.407285] [ 105.407503] The buggy address belongs to the physical page: [ 105.408030] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.409608] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.410242] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.410946] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.411642] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.412266] page dumped because: kasan: bad access detected [ 105.413075] [ 105.413323] Memory state around the buggy address: [ 105.413814] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.414459] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.415114] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 105.415713] ^ [ 105.416281] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.417703] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.418346] ================================================================== [ 105.342897] ================================================================== [ 105.343707] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x114/0x5b0 [ 105.344345] Write of size 1 at addr ffff0000c68420c9 by task kunit_try_catch/216 [ 105.345992] [ 105.346317] CPU: 1 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.347421] Hardware name: linux,dummy-virt (DT) [ 105.348041] Call trace: [ 105.348442] dump_backtrace+0xe0/0x134 [ 105.349429] show_stack+0x20/0x2c [ 105.350000] dump_stack_lvl+0x88/0xb4 [ 105.350634] print_report+0x158/0x44c [ 105.351210] kasan_report+0xc8/0x180 [ 105.351812] __asan_store1+0x68/0x7c [ 105.352646] krealloc_less_oob_helper+0x114/0x5b0 [ 105.353579] krealloc_pagealloc_less_oob+0x20/0x30 [ 105.354296] kunit_try_run_case+0x8c/0x124 [ 105.354965] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.355781] kthread+0x15c/0x170 [ 105.356218] ret_from_fork+0x10/0x20 [ 105.357288] [ 105.357609] The buggy address belongs to the physical page: [ 105.358321] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.359135] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.359617] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.360165] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.361412] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.362340] page dumped because: kasan: bad access detected [ 105.363048] [ 105.363345] Memory state around the buggy address: [ 105.363996] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.365129] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.366242] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 105.367128] ^ [ 105.367851] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.368970] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.370022] ================================================================== [ 105.419356] ================================================================== [ 105.419954] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b0/0x5b0 [ 105.420827] Write of size 1 at addr ffff0000c68420ea by task kunit_try_catch/216 [ 105.421999] [ 105.422476] CPU: 1 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.423196] Hardware name: linux,dummy-virt (DT) [ 105.423644] Call trace: [ 105.423919] dump_backtrace+0xe0/0x134 [ 105.424375] show_stack+0x20/0x2c [ 105.425580] dump_stack_lvl+0x88/0xb4 [ 105.426056] print_report+0x158/0x44c [ 105.426497] kasan_report+0xc8/0x180 [ 105.426939] __asan_store1+0x68/0x7c [ 105.427411] krealloc_less_oob_helper+0x1b0/0x5b0 [ 105.428005] krealloc_pagealloc_less_oob+0x20/0x30 [ 105.428702] kunit_try_run_case+0x8c/0x124 [ 105.429269] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.430006] kthread+0x15c/0x170 [ 105.430434] ret_from_fork+0x10/0x20 [ 105.430900] [ 105.431120] The buggy address belongs to the physical page: [ 105.431585] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.432363] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.433810] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.434515] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.435221] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.435844] page dumped because: kasan: bad access detected [ 105.436334] [ 105.436626] Memory state around the buggy address: [ 105.437383] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.438026] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.438676] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 105.439263] ^ [ 105.439861] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.440484] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.441102] ================================================================== [ 105.128376] ================================================================== [ 105.129952] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x114/0x5b0 [ 105.130981] Write of size 1 at addr ffff0000c62606c9 by task kunit_try_catch/214 [ 105.131870] [ 105.132157] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.133296] Hardware name: linux,dummy-virt (DT) [ 105.134003] Call trace: [ 105.134318] dump_backtrace+0xe0/0x134 [ 105.134689] show_stack+0x20/0x2c [ 105.135105] dump_stack_lvl+0x88/0xb4 [ 105.135533] print_report+0x158/0x44c [ 105.135992] kasan_report+0xc8/0x180 [ 105.136643] __asan_store1+0x68/0x7c [ 105.137077] krealloc_less_oob_helper+0x114/0x5b0 [ 105.137591] krealloc_less_oob+0x20/0x30 [ 105.138042] kunit_try_run_case+0x8c/0x124 [ 105.138489] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.139035] kthread+0x15c/0x170 [ 105.139413] ret_from_fork+0x10/0x20 [ 105.139813] [ 105.140028] Allocated by task 214: [ 105.140368] kasan_save_stack+0x3c/0x70 [ 105.140839] kasan_set_track+0x2c/0x40 [ 105.141279] kasan_save_alloc_info+0x24/0x34 [ 105.141734] __kasan_krealloc+0x10c/0x140 [ 105.142204] krealloc+0x158/0x1c0 [ 105.142610] krealloc_less_oob_helper+0xd8/0x5b0 [ 105.143324] krealloc_less_oob+0x20/0x30 [ 105.143779] kunit_try_run_case+0x8c/0x124 [ 105.144209] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.145606] kthread+0x15c/0x170 [ 105.146068] ret_from_fork+0x10/0x20 [ 105.146510] [ 105.146701] The buggy address belongs to the object at ffff0000c6260600 [ 105.146701] which belongs to the cache kmalloc-256 of size 256 [ 105.147651] The buggy address is located 201 bytes inside of [ 105.147651] 256-byte region [ffff0000c6260600, ffff0000c6260700) [ 105.148769] [ 105.148985] The buggy address belongs to the physical page: [ 105.149442] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.150210] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.150845] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.151546] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.152180] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.153052] page dumped because: kasan: bad access detected [ 105.153536] [ 105.153721] Memory state around the buggy address: [ 105.154216] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.154853] ffff0000c6260600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.155457] >ffff0000c6260680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 105.156060] ^ [ 105.156825] ffff0000c6260700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.157422] ffff0000c6260780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.158157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 105.315484] ================================================================== [ 105.316042] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x374 [ 105.317325] Write of size 1 at addr ffff0000c68420f0 by task kunit_try_catch/215 [ 105.317852] [ 105.318058] CPU: 1 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.319170] Hardware name: linux,dummy-virt (DT) [ 105.319688] Call trace: [ 105.320105] dump_backtrace+0xe0/0x134 [ 105.320779] show_stack+0x20/0x2c [ 105.321397] dump_stack_lvl+0x88/0xb4 [ 105.321977] print_report+0x158/0x44c [ 105.322333] kasan_report+0xc8/0x180 [ 105.322700] __asan_store1+0x68/0x7c [ 105.323134] krealloc_more_oob_helper+0x168/0x374 [ 105.323623] krealloc_pagealloc_more_oob+0x20/0x2c [ 105.324173] kunit_try_run_case+0x8c/0x124 [ 105.324712] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.326150] kthread+0x15c/0x170 [ 105.326608] ret_from_fork+0x10/0x20 [ 105.327038] [ 105.327259] The buggy address belongs to the physical page: [ 105.327783] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.328724] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.329422] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.330262] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.330964] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.331585] page dumped because: kasan: bad access detected [ 105.332105] [ 105.332335] Memory state around the buggy address: [ 105.333583] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.334265] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.334907] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 105.335482] ^ [ 105.336133] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.337236] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.338115] ================================================================== [ 105.289993] ================================================================== [ 105.290771] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x13c/0x374 [ 105.292781] Write of size 1 at addr ffff0000c68420eb by task kunit_try_catch/215 [ 105.294238] [ 105.294737] CPU: 1 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.295900] Hardware name: linux,dummy-virt (DT) [ 105.296949] Call trace: [ 105.297640] dump_backtrace+0xe0/0x134 [ 105.298076] show_stack+0x20/0x2c [ 105.298512] dump_stack_lvl+0x88/0xb4 [ 105.298990] print_report+0x158/0x44c [ 105.299419] kasan_report+0xc8/0x180 [ 105.299912] __asan_store1+0x68/0x7c [ 105.300367] krealloc_more_oob_helper+0x13c/0x374 [ 105.300852] krealloc_pagealloc_more_oob+0x20/0x2c [ 105.301358] kunit_try_run_case+0x8c/0x124 [ 105.302699] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.303296] kthread+0x15c/0x170 [ 105.303692] ret_from_fork+0x10/0x20 [ 105.304136] [ 105.304337] The buggy address belongs to the physical page: [ 105.305179] page:00000000c34535d9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106840 [ 105.305937] head:00000000c34535d9 order:2 compound_mapcount:0 compound_pincount:0 [ 105.306553] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 105.307234] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 105.307911] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 105.309380] page dumped because: kasan: bad access detected [ 105.309868] [ 105.310064] Memory state around the buggy address: [ 105.310529] ffff0000c6841f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.311170] ffff0000c6842000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.311776] >ffff0000c6842080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 105.312354] ^ [ 105.313294] ffff0000c6842100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.313932] ffff0000c6842180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 105.314559] ================================================================== [ 105.087376] ================================================================== [ 105.088524] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x374 [ 105.089871] Write of size 1 at addr ffff0000c62604f0 by task kunit_try_catch/213 [ 105.091263] [ 105.091644] CPU: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.092730] Hardware name: linux,dummy-virt (DT) [ 105.093298] Call trace: [ 105.093693] dump_backtrace+0xe0/0x134 [ 105.094296] show_stack+0x20/0x2c [ 105.094859] dump_stack_lvl+0x88/0xb4 [ 105.095413] print_report+0x158/0x44c [ 105.095776] kasan_report+0xc8/0x180 [ 105.096144] __asan_store1+0x68/0x7c [ 105.096528] krealloc_more_oob_helper+0x168/0x374 [ 105.097291] krealloc_more_oob+0x20/0x30 [ 105.098057] kunit_try_run_case+0x8c/0x124 [ 105.098751] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.099579] kthread+0x15c/0x170 [ 105.100171] ret_from_fork+0x10/0x20 [ 105.100910] [ 105.101296] Allocated by task 213: [ 105.101829] kasan_save_stack+0x3c/0x70 [ 105.102462] kasan_set_track+0x2c/0x40 [ 105.103090] kasan_save_alloc_info+0x24/0x34 [ 105.103801] __kasan_krealloc+0x10c/0x140 [ 105.104493] krealloc+0x158/0x1c0 [ 105.105092] krealloc_more_oob_helper+0xd8/0x374 [ 105.105779] krealloc_more_oob+0x20/0x30 [ 105.106392] kunit_try_run_case+0x8c/0x124 [ 105.107057] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.107867] kthread+0x15c/0x170 [ 105.109292] ret_from_fork+0x10/0x20 [ 105.109895] [ 105.110083] The buggy address belongs to the object at ffff0000c6260400 [ 105.110083] which belongs to the cache kmalloc-256 of size 256 [ 105.110820] The buggy address is located 240 bytes inside of [ 105.110820] 256-byte region [ffff0000c6260400, ffff0000c6260500) [ 105.111812] [ 105.112049] The buggy address belongs to the physical page: [ 105.112812] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.113646] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.114370] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.115181] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.116127] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.117297] page dumped because: kasan: bad access detected [ 105.117996] [ 105.118273] Memory state around the buggy address: [ 105.118897] ffff0000c6260380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.119767] ffff0000c6260400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.120906] >ffff0000c6260480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 105.121691] ^ [ 105.122148] ffff0000c6260500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.122625] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.123520] ================================================================== [ 105.052949] ================================================================== [ 105.053712] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x13c/0x374 [ 105.054367] Write of size 1 at addr ffff0000c62604eb by task kunit_try_catch/213 [ 105.054997] [ 105.055226] CPU: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.055915] Hardware name: linux,dummy-virt (DT) [ 105.056343] Call trace: [ 105.057379] dump_backtrace+0xe0/0x134 [ 105.057839] show_stack+0x20/0x2c [ 105.058232] dump_stack_lvl+0x88/0xb4 [ 105.058671] print_report+0x158/0x44c [ 105.059099] kasan_report+0xc8/0x180 [ 105.059523] __asan_store1+0x68/0x7c [ 105.059973] krealloc_more_oob_helper+0x13c/0x374 [ 105.060687] krealloc_more_oob+0x20/0x30 [ 105.061127] kunit_try_run_case+0x8c/0x124 [ 105.061626] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.062195] kthread+0x15c/0x170 [ 105.062584] ret_from_fork+0x10/0x20 [ 105.063043] [ 105.063237] Allocated by task 213: [ 105.063618] kasan_save_stack+0x3c/0x70 [ 105.064095] kasan_set_track+0x2c/0x40 [ 105.064753] kasan_save_alloc_info+0x24/0x34 [ 105.065216] __kasan_krealloc+0x10c/0x140 [ 105.065690] krealloc+0x158/0x1c0 [ 105.066106] krealloc_more_oob_helper+0xd8/0x374 [ 105.066637] krealloc_more_oob+0x20/0x30 [ 105.067217] kunit_try_run_case+0x8c/0x124 [ 105.067858] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.068854] kthread+0x15c/0x170 [ 105.069408] ret_from_fork+0x10/0x20 [ 105.069982] [ 105.070261] The buggy address belongs to the object at ffff0000c6260400 [ 105.070261] which belongs to the cache kmalloc-256 of size 256 [ 105.071643] The buggy address is located 235 bytes inside of [ 105.071643] 256-byte region [ffff0000c6260400, ffff0000c6260500) [ 105.073853] [ 105.074142] The buggy address belongs to the physical page: [ 105.074829] page:0000000090416edb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106260 [ 105.075916] head:0000000090416edb order:1 compound_mapcount:0 compound_pincount:0 [ 105.077007] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.077943] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002480 [ 105.078477] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 105.079106] page dumped because: kasan: bad access detected [ 105.079784] [ 105.080054] Memory state around the buggy address: [ 105.080907] ffff0000c6260380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.081795] ffff0000c6260400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.082652] >ffff0000c6260480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 105.083497] ^ [ 105.084307] ffff0000c6260500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.085387] ffff0000c6260580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.085870] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 105.012715] ================================================================== [ 105.013687] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xc8/0x200 [ 105.014440] Write of size 1 at addr ffff0000c654df00 by task kunit_try_catch/212 [ 105.015065] [ 105.015312] CPU: 1 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 105.016104] Hardware name: linux,dummy-virt (DT) [ 105.017036] Call trace: [ 105.017330] dump_backtrace+0xe0/0x134 [ 105.017796] show_stack+0x20/0x2c [ 105.018196] dump_stack_lvl+0x88/0xb4 [ 105.018677] print_report+0x158/0x44c [ 105.019113] kasan_report+0xc8/0x180 [ 105.019546] __asan_store1+0x68/0x7c [ 105.019959] kmalloc_large_oob_right+0xc8/0x200 [ 105.021374] kunit_try_run_case+0x8c/0x124 [ 105.021848] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.022411] kthread+0x15c/0x170 [ 105.022807] ret_from_fork+0x10/0x20 [ 105.023212] [ 105.023423] Allocated by task 212: [ 105.023788] kasan_save_stack+0x3c/0x70 [ 105.024266] kasan_set_track+0x2c/0x40 [ 105.024673] kasan_save_alloc_info+0x24/0x34 [ 105.025188] __kasan_kmalloc+0xd4/0xe0 [ 105.025625] kmalloc_trace+0x8c/0x150 [ 105.026401] kmalloc_large_oob_right+0x9c/0x200 [ 105.026944] kunit_try_run_case+0x8c/0x124 [ 105.027390] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 105.027979] kthread+0x15c/0x170 [ 105.028365] ret_from_fork+0x10/0x20 [ 105.029580] [ 105.029804] The buggy address belongs to the object at ffff0000c654c000 [ 105.029804] which belongs to the cache kmalloc-8k of size 8192 [ 105.030729] The buggy address is located 7936 bytes inside of [ 105.030729] 8192-byte region [ffff0000c654c000, ffff0000c654e000) [ 105.031638] [ 105.031874] The buggy address belongs to the physical page: [ 105.032346] page:000000000a5b8ac5 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106548 [ 105.033637] head:000000000a5b8ac5 order:3 compound_mapcount:0 compound_pincount:0 [ 105.034263] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 105.034971] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002c00 [ 105.035598] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 105.036244] page dumped because: kasan: bad access detected [ 105.037477] [ 105.037706] Memory state around the buggy address: [ 105.038177] ffff0000c654de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.038815] ffff0000c654de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 105.039437] >ffff0000c654df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.040014] ^ [ 105.040335] ffff0000c654df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.040967] ffff0000c654e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 105.041561] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
[ 104.923313] ================================================================== [ 104.924175] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xb0/0x1d0 [ 104.925380] Read of size 1 at addr ffff0000c683c000 by task kunit_try_catch/208 [ 104.926364] [ 104.926661] CPU: 1 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.927707] Hardware name: linux,dummy-virt (DT) [ 104.928348] Call trace: [ 104.928864] dump_backtrace+0xe0/0x134 [ 104.929539] show_stack+0x20/0x2c [ 104.930124] dump_stack_lvl+0x88/0xb4 [ 104.930777] print_report+0x158/0x44c [ 104.931404] kasan_report+0xc8/0x180 [ 104.932002] __asan_load1+0x68/0x74 [ 104.932674] kmalloc_pagealloc_uaf+0xb0/0x1d0 [ 104.933441] kunit_try_run_case+0x8c/0x124 [ 104.933919] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.934408] kthread+0x15c/0x170 [ 104.934783] ret_from_fork+0x10/0x20 [ 104.935393] [ 104.935697] The buggy address belongs to the physical page: [ 104.936482] page:00000000e328b301 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10683c [ 104.937702] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 104.938609] raw: 0bfffc0000000000 fffffc00031a1008 ffff0000da7b76b8 0000000000000000 [ 104.939568] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 104.940527] page dumped because: kasan: bad access detected [ 104.941284] [ 104.941574] Memory state around the buggy address: [ 104.942235] ffff0000c683bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.943133] ffff0000c683bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.944028] >ffff0000c683c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 104.944944] ^ [ 104.945427] ffff0000c683c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 104.946198] ffff0000c683c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 104.947049] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
[ 104.895961] ================================================================== [ 104.897245] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xac/0x1e0 [ 104.898056] Write of size 1 at addr ffff0000c67c200a by task kunit_try_catch/207 [ 104.898669] [ 104.898930] CPU: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.899736] Hardware name: linux,dummy-virt (DT) [ 104.900211] Call trace: [ 104.900641] dump_backtrace+0xe0/0x134 [ 104.901083] show_stack+0x20/0x2c [ 104.901503] dump_stack_lvl+0x88/0xb4 [ 104.901953] print_report+0x158/0x44c [ 104.902329] kasan_report+0xc8/0x180 [ 104.902870] __asan_store1+0x68/0x7c [ 104.903336] kmalloc_pagealloc_oob_right+0xac/0x1e0 [ 104.903906] kunit_try_run_case+0x8c/0x124 [ 104.904611] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.905208] kthread+0x15c/0x170 [ 104.905660] ret_from_fork+0x10/0x20 [ 104.906105] [ 104.906329] The buggy address belongs to the physical page: [ 104.906935] page:00000000c0b1eb2b refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067c0 [ 104.907685] head:00000000c0b1eb2b order:2 compound_mapcount:0 compound_pincount:0 [ 104.908338] flags: 0xbfffc0000010000(head|node=0|zone=2|lastcpupid=0xffff) [ 104.909212] raw: 0bfffc0000010000 0000000000000000 dead000000000122 0000000000000000 [ 104.909929] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 104.910567] page dumped because: kasan: bad access detected [ 104.911074] [ 104.911289] Memory state around the buggy address: [ 104.911734] ffff0000c67c1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.912385] ffff0000c67c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.913050] >ffff0000c67c2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 104.914228] ^ [ 104.914626] ffff0000c67c2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 104.915275] ffff0000c67c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 104.916100] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 104.856922] ================================================================== [ 104.858586] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd0/0x1f0 [ 104.860049] Read of size 1 at addr ffff0000c67a3000 by task kunit_try_catch/206 [ 104.861624] [ 104.862264] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.863466] Hardware name: linux,dummy-virt (DT) [ 104.864299] Call trace: [ 104.864943] dump_backtrace+0xe0/0x134 [ 104.865855] show_stack+0x20/0x2c [ 104.866575] dump_stack_lvl+0x88/0xb4 [ 104.867298] print_report+0x158/0x44c [ 104.868138] kasan_report+0xc8/0x180 [ 104.868923] __asan_load1+0x68/0x74 [ 104.869640] kmalloc_node_oob_right+0xd0/0x1f0 [ 104.870366] kunit_try_run_case+0x8c/0x124 [ 104.871243] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.872224] kthread+0x15c/0x170 [ 104.872887] ret_from_fork+0x10/0x20 [ 104.873271] [ 104.873454] Allocated by task 206: [ 104.873732] kasan_save_stack+0x3c/0x70 [ 104.874246] kasan_set_track+0x2c/0x40 [ 104.874808] kasan_save_alloc_info+0x24/0x34 [ 104.875354] __kasan_kmalloc+0xd4/0xe0 [ 104.875878] kmalloc_node_trace+0x90/0x150 [ 104.876385] kmalloc_node_oob_right+0xa4/0x1f0 [ 104.876854] kunit_try_run_case+0x8c/0x124 [ 104.877322] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.877885] kthread+0x15c/0x170 [ 104.878311] ret_from_fork+0x10/0x20 [ 104.879619] [ 104.879868] The buggy address belongs to the object at ffff0000c67a2000 [ 104.879868] which belongs to the cache kmalloc-4k of size 4096 [ 104.881118] The buggy address is located 0 bytes to the right of [ 104.881118] 4096-byte region [ffff0000c67a2000, ffff0000c67a3000) [ 104.882166] [ 104.882407] The buggy address belongs to the physical page: [ 104.883003] page:00000000a5b8441f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067a0 [ 104.883833] head:00000000a5b8441f order:3 compound_mapcount:0 compound_pincount:0 [ 104.884472] flags: 0xbfffc0000010200(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 104.885203] raw: 0bfffc0000010200 0000000000000000 dead000000000122 ffff0000c0002a80 [ 104.886082] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 104.886740] page dumped because: kasan: bad access detected [ 104.887261] [ 104.887477] Memory state around the buggy address: [ 104.887955] ffff0000c67a2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.888805] ffff0000c67a2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 104.889425] >ffff0000c67a3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.890046] ^ [ 104.890421] ffff0000c67a3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.891057] ffff0000c67a3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.891657] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 104.811215] ================================================================== [ 104.812011] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xc8/0x200 [ 104.813000] Read of size 1 at addr ffff0000c67feeff by task kunit_try_catch/205 [ 104.814099] [ 104.814445] CPU: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.815496] Hardware name: linux,dummy-virt (DT) [ 104.816216] Call trace: [ 104.816757] dump_backtrace+0xe0/0x134 [ 104.817424] show_stack+0x20/0x2c [ 104.817999] dump_stack_lvl+0x88/0xb4 [ 104.818666] print_report+0x158/0x44c [ 104.819289] kasan_report+0xc8/0x180 [ 104.819917] __asan_load1+0x68/0x74 [ 104.820587] kmalloc_oob_left+0xc8/0x200 [ 104.821305] kunit_try_run_case+0x8c/0x124 [ 104.822006] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.822669] kthread+0x15c/0x170 [ 104.823047] ret_from_fork+0x10/0x20 [ 104.823419] [ 104.823601] Allocated by task 1: [ 104.823951] kasan_save_stack+0x3c/0x70 [ 104.824536] kasan_set_track+0x2c/0x40 [ 104.825047] kasan_save_alloc_info+0x24/0x34 [ 104.825735] __kasan_kmalloc+0xd4/0xe0 [ 104.826126] __kmalloc_node_track_caller+0x70/0x1c0 [ 104.826562] kvasprintf+0xe8/0x190 [ 104.826997] __kthread_create_on_node+0x290/0x300 [ 104.827555] kthread_create_on_node+0xe4/0x130 [ 104.828204] kunit_try_catch_run+0xec/0x34c [ 104.829024] kunit_run_case_catch_errors+0x15c/0x1e8 [ 104.829897] kunit_run_tests+0x324/0x6c4 [ 104.830555] __kunit_test_suites_init+0x88/0xbc [ 104.831288] kunit_run_all_tests+0x18c/0x2f0 [ 104.831797] kernel_init_freeable+0x33c/0x380 [ 104.832219] kernel_init+0x2c/0x150 [ 104.832941] ret_from_fork+0x10/0x20 [ 104.833615] [ 104.833956] The buggy address belongs to the object at ffff0000c67fee00 [ 104.833956] which belongs to the cache kmalloc-128 of size 128 [ 104.835430] The buggy address is located 127 bytes to the right of [ 104.835430] 128-byte region [ffff0000c67fee00, ffff0000c67fee80) [ 104.836985] [ 104.837372] The buggy address belongs to the physical page: [ 104.838109] page:0000000038e10ea4 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067fe [ 104.839251] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.839943] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.840482] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.840982] page dumped because: kasan: bad access detected [ 104.841355] [ 104.841533] Memory state around the buggy address: [ 104.842467] ffff0000c67fed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.843733] ffff0000c67fee00: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.845066] >ffff0000c67fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.846289] ^ [ 104.847558] ffff0000c67fef00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.848915] ffff0000c67fef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.850031] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 104.726053] ================================================================== [ 104.727309] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xec/0x350 [ 104.729174] Write of size 1 at addr ffff0000c67f6178 by task kunit_try_catch/204 [ 104.730104] [ 104.730318] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.730889] Hardware name: linux,dummy-virt (DT) [ 104.731223] Call trace: [ 104.731453] dump_backtrace+0xe0/0x134 [ 104.732886] show_stack+0x20/0x2c [ 104.733511] dump_stack_lvl+0x88/0xb4 [ 104.734522] print_report+0x158/0x44c [ 104.735410] kasan_report+0xc8/0x180 [ 104.736373] __asan_store1+0x68/0x7c [ 104.737383] kmalloc_oob_right+0xec/0x350 [ 104.738435] kunit_try_run_case+0x8c/0x124 [ 104.739465] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.741065] kthread+0x15c/0x170 [ 104.741772] ret_from_fork+0x10/0x20 [ 104.742739] [ 104.743609] Allocated by task 204: [ 104.744250] kasan_save_stack+0x3c/0x70 [ 104.745336] kasan_set_track+0x2c/0x40 [ 104.746321] kasan_save_alloc_info+0x24/0x34 [ 104.747380] __kasan_kmalloc+0xd4/0xe0 [ 104.748360] kmalloc_trace+0x8c/0x150 [ 104.749576] kmalloc_oob_right+0xa0/0x350 [ 104.750272] kunit_try_run_case+0x8c/0x124 [ 104.751279] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.752223] kthread+0x15c/0x170 [ 104.753227] ret_from_fork+0x10/0x20 [ 104.754182] [ 104.754808] The buggy address belongs to the object at ffff0000c67f6100 [ 104.754808] which belongs to the cache kmalloc-128 of size 128 [ 104.756714] The buggy address is located 120 bytes inside of [ 104.756714] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.757784] [ 104.757995] The buggy address belongs to the physical page: [ 104.758645] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.759354] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.759998] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.761067] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.762098] page dumped because: kasan: bad access detected [ 104.762866] [ 104.763156] Memory state around the buggy address: [ 104.763775] ffff0000c67f6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 104.764682] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.765621] >ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.766356] ^ [ 104.767252] ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.768134] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.768839] ================================================================== [ 104.769685] ================================================================== [ 104.770189] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x110/0x350 [ 104.770989] Read of size 1 at addr ffff0000c67f6180 by task kunit_try_catch/204 [ 104.771509] [ 104.771704] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.1.146-rc1 #1 [ 104.773547] Hardware name: linux,dummy-virt (DT) [ 104.774163] Call trace: [ 104.774533] dump_backtrace+0xe0/0x134 [ 104.775114] show_stack+0x20/0x2c [ 104.775629] dump_stack_lvl+0x88/0xb4 [ 104.776251] print_report+0x158/0x44c [ 104.776829] kasan_report+0xc8/0x180 [ 104.777447] __asan_load1+0x68/0x74 [ 104.778122] kmalloc_oob_right+0x110/0x350 [ 104.778797] kunit_try_run_case+0x8c/0x124 [ 104.779428] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.780138] kthread+0x15c/0x170 [ 104.780535] ret_from_fork+0x10/0x20 [ 104.781168] [ 104.781446] Allocated by task 204: [ 104.781946] kasan_save_stack+0x3c/0x70 [ 104.782544] kasan_set_track+0x2c/0x40 [ 104.782964] kasan_save_alloc_info+0x24/0x34 [ 104.783380] __kasan_kmalloc+0xd4/0xe0 [ 104.783761] kmalloc_trace+0x8c/0x150 [ 104.784381] kmalloc_oob_right+0xa0/0x350 [ 104.785084] kunit_try_run_case+0x8c/0x124 [ 104.785900] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.786675] kthread+0x15c/0x170 [ 104.787216] ret_from_fork+0x10/0x20 [ 104.787786] [ 104.788058] The buggy address belongs to the object at ffff0000c67f6100 [ 104.788058] which belongs to the cache kmalloc-128 of size 128 [ 104.789727] The buggy address is located 0 bytes to the right of [ 104.789727] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.791454] [ 104.791709] The buggy address belongs to the physical page: [ 104.792092] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.793129] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.794284] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.795360] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.796357] page dumped because: kasan: bad access detected [ 104.797403] [ 104.797848] Memory state around the buggy address: [ 104.798572] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.799701] ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.800677] >ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.801611] ^ [ 104.802192] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.803290] ffff0000c67f6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.804161] ================================================================== [ 104.685407] ================================================================== [ 104.686238] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xc8/0x350 [ 104.687616] Write of size 1 at addr ffff0000c67f6173 by task kunit_try_catch/204 [ 104.688167] [ 104.688871] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G N 6.1.146-rc1 #1 [ 104.690951] Hardware name: linux,dummy-virt (DT) [ 104.691959] Call trace: [ 104.692672] dump_backtrace+0xe0/0x134 [ 104.693595] show_stack+0x20/0x2c [ 104.694245] dump_stack_lvl+0x88/0xb4 [ 104.695048] print_report+0x158/0x44c [ 104.695800] kasan_report+0xc8/0x180 [ 104.696563] __asan_store1+0x68/0x7c [ 104.697369] kmalloc_oob_right+0xc8/0x350 [ 104.698234] kunit_try_run_case+0x8c/0x124 [ 104.699157] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.700080] kthread+0x15c/0x170 [ 104.700938] ret_from_fork+0x10/0x20 [ 104.701891] [ 104.702389] Allocated by task 204: [ 104.703094] kasan_save_stack+0x3c/0x70 [ 104.703597] kasan_set_track+0x2c/0x40 [ 104.704028] kasan_save_alloc_info+0x24/0x34 [ 104.704760] __kasan_kmalloc+0xd4/0xe0 [ 104.705202] kmalloc_trace+0x8c/0x150 [ 104.705871] kmalloc_oob_right+0xa0/0x350 [ 104.706513] kunit_try_run_case+0x8c/0x124 [ 104.706939] kunit_generic_run_threadfn_adapter+0x38/0x54 [ 104.707424] kthread+0x15c/0x170 [ 104.707790] ret_from_fork+0x10/0x20 [ 104.708384] [ 104.708755] The buggy address belongs to the object at ffff0000c67f6100 [ 104.708755] which belongs to the cache kmalloc-128 of size 128 [ 104.710420] The buggy address is located 115 bytes inside of [ 104.710420] 128-byte region [ffff0000c67f6100, ffff0000c67f6180) [ 104.711813] [ 104.712185] The buggy address belongs to the physical page: [ 104.713191] page:00000000e3cb17d3 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1067f6 [ 104.714639] flags: 0xbfffc0000000200(slab|node=0|zone=2|lastcpupid=0xffff) [ 104.715974] raw: 0bfffc0000000200 0000000000000000 dead000000000122 ffff0000c0002300 [ 104.717064] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 104.717732] page dumped because: kasan: bad access detected [ 104.718148] [ 104.718341] Memory state around the buggy address: [ 104.718877] ffff0000c67f6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 104.719559] ffff0000c67f6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.720067] >ffff0000c67f6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 104.720581] ^ [ 104.721250] ffff0000c67f6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.722225] ffff0000c67f6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 104.723113] ==================================================================
Failure - kunit - longest-symbol_longest-symbol
<8>[ 809.799519] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=longest-symbol_longest-symbol RESULT=fail>
Failure - kunit - longest-symbol_test_longest_symbol_kallsyms
<8>[ 809.428196] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=longest-symbol_test_longest_symbol_kallsyms RESULT=fail>
Failure - kunit - _kasan
<8>[ 691.063646] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=_kasan RESULT=fail> _kasan_bitops_generic pass _kasan_bitops_tags skip _kasan fail