Date
June 2, 2025, 2:13 p.m.
Failure - log-parser-boot - internal-error-oops-oops-preempt-smp
[ 101.573350] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 101.574230] Modules linked in: [ 101.574882] CPU: 0 UID: 0 PID: 622 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 101.576130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 101.576460] Hardware name: linux,dummy-virt (DT) [ 101.577066] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 101.577748] pc : kunit_test_null_dereference+0x70/0x170 [ 101.578446] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 101.578891] sp : ffff800083327d30 [ 101.579242] x29: ffff800083327d90 x28: 0000000000000000 x27: 0000000000000000 [ 101.580035] x26: 1ffe000018fc7081 x25: 0000000000000000 x24: fff00000c3efe900 [ 101.580541] x23: ffffab5b455dd378 x22: ffffab5b455e5f78 x21: fff00000c3efe908 [ 101.581075] x20: 1ffff00010664fa6 x19: ffff800080087990 x18: ffffc1ffc3199800 [ 101.581655] x17: 0000000000000001 x16: fff00000da4acd20 x15: 0000000035fdd98d [ 101.582367] x14: 1ffe00001b495988 x13: fff00000da4acd18 x12: fffd800018c743a4 [ 101.583313] x11: 1ffe000018c743a3 x10: fffd800018c743a3 x9 : ffffab5b455dd400 [ 101.584005] x8 : ffff800083327c28 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 101.584630] x5 : ffff700010664fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 101.585645] x2 : dfff800000000000 x1 : fff00000c63a1440 x0 : ffff800080087990 [ 101.586449] Call trace: [ 101.586663] kunit_test_null_dereference+0x70/0x170 (P) [ 101.586949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 101.587228] kthread+0x318/0x620 [ 101.587433] ret_from_fork+0x10/0x20 [ 101.587925] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 101.589820] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.159728] ================================================================== [ 50.160077] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.160077] [ 50.160428] Use-after-free read at 0x00000000bde44b7a (in kfence-#176): [ 50.161020] test_krealloc+0x51c/0x830 [ 50.161230] kunit_try_run_case+0x170/0x3f0 [ 50.161537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.161962] kthread+0x318/0x620 [ 50.162183] ret_from_fork+0x10/0x20 [ 50.162485] [ 50.162666] kfence-#176: 0x00000000bde44b7a-0x00000000ed9cae4b, size=32, cache=kmalloc-32 [ 50.162666] [ 50.163136] allocated by task 327 on cpu 1 at 50.158869s (0.004261s ago): [ 50.163449] test_alloc+0x29c/0x628 [ 50.163751] test_krealloc+0xc0/0x830 [ 50.163970] kunit_try_run_case+0x170/0x3f0 [ 50.164712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.165370] kthread+0x318/0x620 [ 50.165612] ret_from_fork+0x10/0x20 [ 50.165841] [ 50.166012] freed by task 327 on cpu 1 at 50.159218s (0.006787s ago): [ 50.166427] krealloc_noprof+0x148/0x360 [ 50.166675] test_krealloc+0x1dc/0x830 [ 50.166930] kunit_try_run_case+0x170/0x3f0 [ 50.167563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.168063] kthread+0x318/0x620 [ 50.168286] ret_from_fork+0x10/0x20 [ 50.168480] [ 50.168660] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 50.169019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.169336] Hardware name: linux,dummy-virt (DT) [ 50.169571] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.095413] ================================================================== [ 50.095870] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.095870] [ 50.096212] Use-after-free read at 0x0000000063d66247 (in kfence-#175): [ 50.096677] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.096875] kunit_try_run_case+0x170/0x3f0 [ 50.097232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.097683] kthread+0x318/0x620 [ 50.097912] ret_from_fork+0x10/0x20 [ 50.098339] [ 50.098535] kfence-#175: 0x0000000063d66247-0x000000009027e666, size=32, cache=test [ 50.098535] [ 50.099270] allocated by task 325 on cpu 0 at 50.050910s (0.048354s ago): [ 50.099596] test_alloc+0x230/0x628 [ 50.099813] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.099994] kunit_try_run_case+0x170/0x3f0 [ 50.100221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.100475] kthread+0x318/0x620 [ 50.100708] ret_from_fork+0x10/0x20 [ 50.100907] [ 50.101083] freed by task 325 on cpu 0 at 50.051115s (0.049962s ago): [ 50.101367] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.101665] kunit_try_run_case+0x170/0x3f0 [ 50.101959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.102229] kthread+0x318/0x620 [ 50.102496] ret_from_fork+0x10/0x20 [ 50.102762] [ 50.102966] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 50.103399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.103658] Hardware name: linux,dummy-virt (DT) [ 50.103934] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 29.376937] ================================================================== [ 29.377653] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 29.377653] [ 29.378316] Invalid read at 0x000000007bab9fd5: [ 29.378712] test_invalid_access+0xdc/0x1f0 [ 29.379436] kunit_try_run_case+0x170/0x3f0 [ 29.380060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.380653] kthread+0x318/0x620 [ 29.380933] ret_from_fork+0x10/0x20 [ 29.381316] [ 29.381583] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 29.382083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.382646] Hardware name: linux,dummy-virt (DT) [ 29.383001] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 29.147149] ================================================================== [ 29.147648] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.147648] [ 29.147957] Corrupted memory at 0x000000008d9a707a [ ! . . . . . . . . . . . . . . . ] (in kfence-#171): [ 29.149206] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.149562] kunit_try_run_case+0x170/0x3f0 [ 29.149857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.150346] kthread+0x318/0x620 [ 29.150665] ret_from_fork+0x10/0x20 [ 29.150841] [ 29.151045] kfence-#171: 0x00000000fc738f5d-0x000000004095f1b5, size=73, cache=kmalloc-96 [ 29.151045] [ 29.151553] allocated by task 315 on cpu 1 at 29.146864s (0.004683s ago): [ 29.151909] test_alloc+0x29c/0x628 [ 29.152198] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 29.152498] kunit_try_run_case+0x170/0x3f0 [ 29.152775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.153052] kthread+0x318/0x620 [ 29.153235] ret_from_fork+0x10/0x20 [ 29.153504] [ 29.153698] freed by task 315 on cpu 1 at 29.147033s (0.006659s ago): [ 29.154079] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.154361] kunit_try_run_case+0x170/0x3f0 [ 29.154645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.154970] kthread+0x318/0x620 [ 29.155270] ret_from_fork+0x10/0x20 [ 29.155438] [ 29.155654] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 29.156119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.156403] Hardware name: linux,dummy-virt (DT) [ 29.156718] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.043359] ================================================================== [ 29.043870] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.043870] [ 29.044433] Out-of-bounds read at 0x0000000083c662b8 (105B right of kfence-#170): [ 29.044875] test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.045437] kunit_try_run_case+0x170/0x3f0 [ 29.045812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.046590] kthread+0x318/0x620 [ 29.046966] ret_from_fork+0x10/0x20 [ 29.047287] [ 29.047556] kfence-#170: 0x00000000f845ba6f-0x000000002375806f, size=73, cache=kmalloc-96 [ 29.047556] [ 29.048407] allocated by task 313 on cpu 1 at 29.042905s (0.005491s ago): [ 29.048972] test_alloc+0x29c/0x628 [ 29.049420] test_kmalloc_aligned_oob_read+0x100/0x468 [ 29.049998] kunit_try_run_case+0x170/0x3f0 [ 29.050458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.051033] kthread+0x318/0x620 [ 29.051438] ret_from_fork+0x10/0x20 [ 29.051861] [ 29.052120] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 29.052855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.053320] Hardware name: linux,dummy-virt (DT) [ 29.053776] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.571145] ================================================================== [ 24.571706] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.571706] [ 24.572015] Corrupted memory at 0x0000000019128ea1 [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 24.573611] test_corruption+0x120/0x378 [ 24.574239] kunit_try_run_case+0x170/0x3f0 [ 24.574787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.575227] kthread+0x318/0x620 [ 24.575682] ret_from_fork+0x10/0x20 [ 24.576136] [ 24.576470] kfence-#127: 0x00000000056aa6f8-0x00000000fabed531, size=32, cache=test [ 24.576470] [ 24.577285] allocated by task 303 on cpu 1 at 24.570887s (0.006385s ago): [ 24.577997] test_alloc+0x230/0x628 [ 24.578496] test_corruption+0xdc/0x378 [ 24.578941] kunit_try_run_case+0x170/0x3f0 [ 24.579292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.579912] kthread+0x318/0x620 [ 24.580336] ret_from_fork+0x10/0x20 [ 24.580752] [ 24.581063] freed by task 303 on cpu 1 at 24.570986s (0.010065s ago): [ 24.581645] test_corruption+0x120/0x378 [ 24.582180] kunit_try_run_case+0x170/0x3f0 [ 24.582733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.583312] kthread+0x318/0x620 [ 24.583756] ret_from_fork+0x10/0x20 [ 24.584134] [ 24.584501] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 24.585294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.585718] Hardware name: linux,dummy-virt (DT) [ 24.586204] ================================================================== [ 24.363385] ================================================================== [ 24.364050] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.364050] [ 24.364712] Corrupted memory at 0x0000000084cd0b39 [ ! ] (in kfence-#125): [ 24.365699] test_corruption+0x284/0x378 [ 24.366219] kunit_try_run_case+0x170/0x3f0 [ 24.366800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.367446] kthread+0x318/0x620 [ 24.367866] ret_from_fork+0x10/0x20 [ 24.368285] [ 24.368607] kfence-#125: 0x000000003e12cefb-0x0000000086e41162, size=32, cache=kmalloc-32 [ 24.368607] [ 24.369335] allocated by task 301 on cpu 1 at 24.362904s (0.006419s ago): [ 24.370040] test_alloc+0x29c/0x628 [ 24.370562] test_corruption+0x198/0x378 [ 24.371041] kunit_try_run_case+0x170/0x3f0 [ 24.371511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.372024] kthread+0x318/0x620 [ 24.372452] ret_from_fork+0x10/0x20 [ 24.372861] [ 24.373134] freed by task 301 on cpu 1 at 24.363069s (0.010053s ago): [ 24.373799] test_corruption+0x284/0x378 [ 24.374277] kunit_try_run_case+0x170/0x3f0 [ 24.374699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.375202] kthread+0x318/0x620 [ 24.375529] ret_from_fork+0x10/0x20 [ 24.375971] [ 24.376313] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 24.377147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.377668] Hardware name: linux,dummy-virt (DT) [ 24.378123] ================================================================== [ 24.883092] ================================================================== [ 24.883695] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.883695] [ 24.884197] Corrupted memory at 0x000000009a35bb8a [ ! ] (in kfence-#130): [ 24.884914] test_corruption+0x1d8/0x378 [ 24.885430] kunit_try_run_case+0x170/0x3f0 [ 24.885939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.886394] kthread+0x318/0x620 [ 24.886737] ret_from_fork+0x10/0x20 [ 24.887238] [ 24.887540] kfence-#130: 0x000000002138d3ab-0x000000008c9e8dd0, size=32, cache=test [ 24.887540] [ 24.888402] allocated by task 303 on cpu 1 at 24.882844s (0.005547s ago): [ 24.889125] test_alloc+0x230/0x628 [ 24.889568] test_corruption+0x198/0x378 [ 24.890018] kunit_try_run_case+0x170/0x3f0 [ 24.890497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.891034] kthread+0x318/0x620 [ 24.891429] ret_from_fork+0x10/0x20 [ 24.891820] [ 24.892089] freed by task 303 on cpu 1 at 24.882936s (0.009143s ago): [ 24.892697] test_corruption+0x1d8/0x378 [ 24.893147] kunit_try_run_case+0x170/0x3f0 [ 24.893564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.894130] kthread+0x318/0x620 [ 24.894565] ret_from_fork+0x10/0x20 [ 24.894926] [ 24.895255] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 24.895931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.896347] Hardware name: linux,dummy-virt (DT) [ 24.896833] ================================================================== [ 24.051187] ================================================================== [ 24.051560] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.051560] [ 24.051851] Corrupted memory at 0x000000006a83a612 [ ! . . . . . . . . . . . . . . . ] (in kfence-#122): [ 24.052699] test_corruption+0x278/0x378 [ 24.052875] kunit_try_run_case+0x170/0x3f0 [ 24.053041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.053251] kthread+0x318/0x620 [ 24.053537] ret_from_fork+0x10/0x20 [ 24.053770] [ 24.053947] kfence-#122: 0x00000000503f0c0a-0x00000000ebaa3262, size=32, cache=kmalloc-32 [ 24.053947] [ 24.054486] allocated by task 301 on cpu 1 at 24.050930s (0.003547s ago): [ 24.054856] test_alloc+0x29c/0x628 [ 24.055139] test_corruption+0xdc/0x378 [ 24.055400] kunit_try_run_case+0x170/0x3f0 [ 24.055662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.055863] kthread+0x318/0x620 [ 24.056161] ret_from_fork+0x10/0x20 [ 24.056414] [ 24.056522] freed by task 301 on cpu 1 at 24.051059s (0.005458s ago): [ 24.057002] test_corruption+0x278/0x378 [ 24.057218] kunit_try_run_case+0x170/0x3f0 [ 24.057607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.057878] kthread+0x318/0x620 [ 24.058163] ret_from_fork+0x10/0x20 [ 24.058385] [ 24.058582] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 24.058941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.059261] Hardware name: linux,dummy-virt (DT) [ 24.059537] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.843187] ================================================================== [ 23.844004] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.844004] [ 23.844608] Invalid free of 0x0000000005a31536 (in kfence-#120): [ 23.845054] test_invalid_addr_free+0x1ac/0x238 [ 23.845860] kunit_try_run_case+0x170/0x3f0 [ 23.846470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.847303] kthread+0x318/0x620 [ 23.847790] ret_from_fork+0x10/0x20 [ 23.848290] [ 23.848603] kfence-#120: 0x00000000b9f8a7b4-0x00000000a92d3548, size=32, cache=kmalloc-32 [ 23.848603] [ 23.849307] allocated by task 297 on cpu 1 at 23.842912s (0.006383s ago): [ 23.850040] test_alloc+0x29c/0x628 [ 23.850372] test_invalid_addr_free+0xd4/0x238 [ 23.850773] kunit_try_run_case+0x170/0x3f0 [ 23.851136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.851737] kthread+0x318/0x620 [ 23.852057] ret_from_fork+0x10/0x20 [ 23.852532] [ 23.852813] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.853581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.854059] Hardware name: linux,dummy-virt (DT) [ 23.854522] ================================================================== [ 23.946968] ================================================================== [ 23.947497] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.947497] [ 23.947826] Invalid free of 0x000000008e3b10d6 (in kfence-#121): [ 23.948172] test_invalid_addr_free+0xec/0x238 [ 23.948442] kunit_try_run_case+0x170/0x3f0 [ 23.948826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.949117] kthread+0x318/0x620 [ 23.949366] ret_from_fork+0x10/0x20 [ 23.949540] [ 23.949655] kfence-#121: 0x000000003ee8a27c-0x00000000ffad0754, size=32, cache=test [ 23.949655] [ 23.949916] allocated by task 299 on cpu 1 at 23.946793s (0.003117s ago): [ 23.950482] test_alloc+0x230/0x628 [ 23.950805] test_invalid_addr_free+0xd4/0x238 [ 23.951197] kunit_try_run_case+0x170/0x3f0 [ 23.951573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.952005] kthread+0x318/0x620 [ 23.952227] ret_from_fork+0x10/0x20 [ 23.952502] [ 23.952656] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.953209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.953439] Hardware name: linux,dummy-virt (DT) [ 23.953761] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.635482] ================================================================== [ 23.636095] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.636095] [ 23.636688] Invalid free of 0x0000000037f14d8c (in kfence-#118): [ 23.637316] test_double_free+0x1bc/0x238 [ 23.637840] kunit_try_run_case+0x170/0x3f0 [ 23.638412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.638931] kthread+0x318/0x620 [ 23.639398] ret_from_fork+0x10/0x20 [ 23.639744] [ 23.640033] kfence-#118: 0x0000000037f14d8c-0x000000009667eef0, size=32, cache=kmalloc-32 [ 23.640033] [ 23.640794] allocated by task 293 on cpu 0 at 23.634988s (0.005792s ago): [ 23.641392] test_alloc+0x29c/0x628 [ 23.641806] test_double_free+0xd4/0x238 [ 23.642292] kunit_try_run_case+0x170/0x3f0 [ 23.642786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.643350] kthread+0x318/0x620 [ 23.643749] ret_from_fork+0x10/0x20 [ 23.644133] [ 23.644425] freed by task 293 on cpu 0 at 23.635113s (0.009299s ago): [ 23.645105] test_double_free+0x1ac/0x238 [ 23.645627] kunit_try_run_case+0x170/0x3f0 [ 23.646041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.646560] kthread+0x318/0x620 [ 23.646942] ret_from_fork+0x10/0x20 [ 23.647389] [ 23.647713] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.648460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.648843] Hardware name: linux,dummy-virt (DT) [ 23.649297] ================================================================== [ 23.739346] ================================================================== [ 23.739980] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.739980] [ 23.740605] Invalid free of 0x000000002fea8791 (in kfence-#119): [ 23.741949] test_double_free+0x100/0x238 [ 23.742405] kunit_try_run_case+0x170/0x3f0 [ 23.742832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.743324] kthread+0x318/0x620 [ 23.743663] ret_from_fork+0x10/0x20 [ 23.744025] [ 23.744601] kfence-#119: 0x000000002fea8791-0x00000000893cce45, size=32, cache=test [ 23.744601] [ 23.744937] allocated by task 295 on cpu 0 at 23.738933s (0.005997s ago): [ 23.745226] test_alloc+0x230/0x628 [ 23.745859] test_double_free+0xd4/0x238 [ 23.746219] kunit_try_run_case+0x170/0x3f0 [ 23.746575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.747021] kthread+0x318/0x620 [ 23.747350] ret_from_fork+0x10/0x20 [ 23.747666] [ 23.747890] freed by task 295 on cpu 0 at 23.739041s (0.008839s ago): [ 23.748562] test_double_free+0xf0/0x238 [ 23.749079] kunit_try_run_case+0x170/0x3f0 [ 23.749608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.750239] kthread+0x318/0x620 [ 23.750666] ret_from_fork+0x10/0x20 [ 23.751124] [ 23.751461] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.752127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.752615] Hardware name: linux,dummy-virt (DT) [ 23.753192] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.323356] ================================================================== [ 23.323908] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.323908] [ 23.324492] Use-after-free read at 0x00000000b3eb8da3 (in kfence-#115): [ 23.324899] test_use_after_free_read+0x114/0x248 [ 23.325434] kunit_try_run_case+0x170/0x3f0 [ 23.325965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.326420] kthread+0x318/0x620 [ 23.326868] ret_from_fork+0x10/0x20 [ 23.327358] [ 23.327614] kfence-#115: 0x00000000b3eb8da3-0x00000000074baaa7, size=32, cache=test [ 23.327614] [ 23.328477] allocated by task 287 on cpu 0 at 23.323010s (0.005454s ago): [ 23.329043] test_alloc+0x230/0x628 [ 23.329550] test_use_after_free_read+0xd0/0x248 [ 23.330020] kunit_try_run_case+0x170/0x3f0 [ 23.330467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.330910] kthread+0x318/0x620 [ 23.331378] ret_from_fork+0x10/0x20 [ 23.331723] [ 23.331961] freed by task 287 on cpu 0 at 23.323117s (0.008833s ago): [ 23.332477] test_use_after_free_read+0xf0/0x248 [ 23.333014] kunit_try_run_case+0x170/0x3f0 [ 23.333676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.334068] kthread+0x318/0x620 [ 23.334729] ret_from_fork+0x10/0x20 [ 23.335209] [ 23.335526] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.336081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.336811] Hardware name: linux,dummy-virt (DT) [ 23.337140] ================================================================== [ 23.219303] ================================================================== [ 23.219836] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.219836] [ 23.220456] Use-after-free read at 0x00000000d171f372 (in kfence-#114): [ 23.220836] test_use_after_free_read+0x114/0x248 [ 23.221353] kunit_try_run_case+0x170/0x3f0 [ 23.221826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.222301] kthread+0x318/0x620 [ 23.222694] ret_from_fork+0x10/0x20 [ 23.223119] [ 23.223394] kfence-#114: 0x00000000d171f372-0x00000000896c6e04, size=32, cache=kmalloc-32 [ 23.223394] [ 23.224089] allocated by task 285 on cpu 0 at 23.218834s (0.005243s ago): [ 23.224575] test_alloc+0x29c/0x628 [ 23.225020] test_use_after_free_read+0xd0/0x248 [ 23.225536] kunit_try_run_case+0x170/0x3f0 [ 23.226045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.226583] kthread+0x318/0x620 [ 23.226932] ret_from_fork+0x10/0x20 [ 23.227361] [ 23.227631] freed by task 285 on cpu 0 at 23.218956s (0.008663s ago): [ 23.228129] test_use_after_free_read+0x1c0/0x248 [ 23.228678] kunit_try_run_case+0x170/0x3f0 [ 23.229067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.229662] kthread+0x318/0x620 [ 23.230100] ret_from_fork+0x10/0x20 [ 23.230454] [ 23.230759] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.231449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.231855] Hardware name: linux,dummy-virt (DT) [ 23.232364] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.115036] ================================================================== [ 23.115617] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.115617] [ 23.116212] Out-of-bounds write at 0x00000000f0f76ed1 (1B left of kfence-#113): [ 23.116745] test_out_of_bounds_write+0x100/0x240 [ 23.117118] kunit_try_run_case+0x170/0x3f0 [ 23.117610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.118236] kthread+0x318/0x620 [ 23.118690] ret_from_fork+0x10/0x20 [ 23.119065] [ 23.119372] kfence-#113: 0x0000000059ef09bd-0x000000008a3efeee, size=32, cache=test [ 23.119372] [ 23.120028] allocated by task 283 on cpu 1 at 23.114881s (0.005135s ago): [ 23.120624] test_alloc+0x230/0x628 [ 23.121076] test_out_of_bounds_write+0xc8/0x240 [ 23.121454] kunit_try_run_case+0x170/0x3f0 [ 23.121948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.122523] kthread+0x318/0x620 [ 23.122946] ret_from_fork+0x10/0x20 [ 23.123299] [ 23.123624] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.124307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.124714] Hardware name: linux,dummy-virt (DT) [ 23.125222] ================================================================== [ 23.011196] ================================================================== [ 23.011722] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.011722] [ 23.012406] Out-of-bounds write at 0x0000000090791f25 (1B left of kfence-#112): [ 23.012874] test_out_of_bounds_write+0x100/0x240 [ 23.013298] kunit_try_run_case+0x170/0x3f0 [ 23.013708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.014218] kthread+0x318/0x620 [ 23.014532] ret_from_fork+0x10/0x20 [ 23.015022] [ 23.015308] kfence-#112: 0x00000000783bc624-0x00000000e1ddff33, size=32, cache=kmalloc-32 [ 23.015308] [ 23.015846] allocated by task 281 on cpu 1 at 23.010903s (0.004932s ago): [ 23.016719] test_alloc+0x29c/0x628 [ 23.017249] test_out_of_bounds_write+0xc8/0x240 [ 23.017852] kunit_try_run_case+0x170/0x3f0 [ 23.018413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.018977] kthread+0x318/0x620 [ 23.019499] ret_from_fork+0x10/0x20 [ 23.019997] [ 23.020364] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.021142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.021635] Hardware name: linux,dummy-virt (DT) [ 23.022142] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.763603] ================================================================== [ 21.763938] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.763938] [ 21.764470] Out-of-bounds read at 0x00000000ce2cd54b (1B left of kfence-#100): [ 21.765089] test_out_of_bounds_read+0x114/0x3e0 [ 21.765478] kunit_try_run_case+0x170/0x3f0 [ 21.765826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.766316] kthread+0x318/0x620 [ 21.766552] ret_from_fork+0x10/0x20 [ 21.766851] [ 21.767118] kfence-#100: 0x00000000c1885aa4-0x00000000cd171be2, size=32, cache=kmalloc-32 [ 21.767118] [ 21.767572] allocated by task 277 on cpu 1 at 21.762606s (0.004959s ago): [ 21.768049] test_alloc+0x29c/0x628 [ 21.768241] test_out_of_bounds_read+0xdc/0x3e0 [ 21.768430] kunit_try_run_case+0x170/0x3f0 [ 21.768606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.768805] kthread+0x318/0x620 [ 21.768963] ret_from_fork+0x10/0x20 [ 21.769169] [ 21.769360] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.769924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.770227] Hardware name: linux,dummy-virt (DT) [ 21.770589] ================================================================== [ 21.971125] ================================================================== [ 21.971551] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.971551] [ 21.971876] Out-of-bounds read at 0x000000009827faa8 (32B right of kfence-#102): [ 21.972602] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.973470] kunit_try_run_case+0x170/0x3f0 [ 21.973908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.974180] kthread+0x318/0x620 [ 21.974588] ret_from_fork+0x10/0x20 [ 21.974866] [ 21.975077] kfence-#102: 0x000000003f305cf1-0x000000005b7f041a, size=32, cache=kmalloc-32 [ 21.975077] [ 21.975610] allocated by task 277 on cpu 1 at 21.970836s (0.004767s ago): [ 21.976024] test_alloc+0x29c/0x628 [ 21.976391] test_out_of_bounds_read+0x198/0x3e0 [ 21.976693] kunit_try_run_case+0x170/0x3f0 [ 21.976944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.977346] kthread+0x318/0x620 [ 21.977578] ret_from_fork+0x10/0x20 [ 21.977856] [ 21.978034] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.978643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.978922] Hardware name: linux,dummy-virt (DT) [ 21.979209] ================================================================== [ 22.595288] ================================================================== [ 22.595804] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.595804] [ 22.596116] Out-of-bounds read at 0x000000004e763f62 (1B left of kfence-#108): [ 22.596920] test_out_of_bounds_read+0x114/0x3e0 [ 22.597479] kunit_try_run_case+0x170/0x3f0 [ 22.598126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.598864] kthread+0x318/0x620 [ 22.599249] ret_from_fork+0x10/0x20 [ 22.599566] [ 22.599900] kfence-#108: 0x00000000c0468fb5-0x00000000e2fd1296, size=32, cache=test [ 22.599900] [ 22.600572] allocated by task 279 on cpu 1 at 22.595111s (0.005449s ago): [ 22.601328] test_alloc+0x230/0x628 [ 22.601716] test_out_of_bounds_read+0xdc/0x3e0 [ 22.602116] kunit_try_run_case+0x170/0x3f0 [ 22.602635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.603150] kthread+0x318/0x620 [ 22.603569] ret_from_fork+0x10/0x20 [ 22.603994] [ 22.604324] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 22.605077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.605499] Hardware name: linux,dummy-virt (DT) [ 22.605959] ================================================================== [ 22.906914] ================================================================== [ 22.907437] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.907437] [ 22.907888] Out-of-bounds read at 0x000000005ff1c04a (32B right of kfence-#111): [ 22.908356] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.908669] kunit_try_run_case+0x170/0x3f0 [ 22.908900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.909220] kthread+0x318/0x620 [ 22.909372] ret_from_fork+0x10/0x20 [ 22.909700] [ 22.909811] kfence-#111: 0x00000000107184c4-0x0000000043316bf5, size=32, cache=test [ 22.909811] [ 22.910149] allocated by task 279 on cpu 1 at 22.906813s (0.003331s ago): [ 22.910676] test_alloc+0x230/0x628 [ 22.910954] test_out_of_bounds_read+0x198/0x3e0 [ 22.911245] kunit_try_run_case+0x170/0x3f0 [ 22.911496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.911676] kthread+0x318/0x620 [ 22.911944] ret_from_fork+0x10/0x20 [ 22.912221] [ 22.912421] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 22.912761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.913037] Hardware name: linux,dummy-virt (DT) [ 22.913347] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kasan_atomics
[ 21.413504] ================================================================== [ 21.415183] BUG: KFENCE: memory corruption in kasan_atomics+0x1a0/0x2e8 [ 21.415183] [ 21.415807] Corrupted memory at 0x00000000dc33d2c3 [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#96): [ 21.418774] kasan_atomics+0x1a0/0x2e8 [ 21.419456] kunit_try_run_case+0x170/0x3f0 [ 21.420315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.420833] kthread+0x318/0x620 [ 21.421102] ret_from_fork+0x10/0x20 [ 21.421365] [ 21.421723] kfence-#96: 0x000000007272cca2-0x000000007294c21c, size=48, cache=kmalloc-64 [ 21.421723] [ 21.423176] allocated by task 255 on cpu 1 at 21.333376s (0.089704s ago): [ 21.423792] kasan_atomics+0xb8/0x2e8 [ 21.424069] kunit_try_run_case+0x170/0x3f0 [ 21.424442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.424862] kthread+0x318/0x620 [ 21.425168] ret_from_fork+0x10/0x20 [ 21.425617] [ 21.425910] freed by task 255 on cpu 1 at 21.412806s (0.012993s ago): [ 21.427162] kasan_atomics+0x1a0/0x2e8 [ 21.428189] kunit_try_run_case+0x170/0x3f0 [ 21.428476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.428687] kthread+0x318/0x620 [ 21.428974] ret_from_fork+0x10/0x20 [ 21.429300] [ 21.429523] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.430004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.430853] Hardware name: linux,dummy-virt (DT) [ 21.431342] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.695054] ================================================================== [ 21.695482] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.695843] Write of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.696202] [ 21.696413] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.696512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.696546] Hardware name: linux,dummy-virt (DT) [ 21.696604] Call trace: [ 21.696634] show_stack+0x20/0x38 (C) [ 21.696695] dump_stack_lvl+0x8c/0xd0 [ 21.696763] print_report+0x118/0x608 [ 21.696822] kasan_report+0xdc/0x128 [ 21.696874] kasan_check_range+0x100/0x1a8 [ 21.696930] __kasan_check_write+0x20/0x30 [ 21.696981] strncpy_from_user+0x3c/0x2a0 [ 21.697035] copy_user_test_oob+0x5c0/0xec0 [ 21.697089] kunit_try_run_case+0x170/0x3f0 [ 21.697144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.697225] kthread+0x318/0x620 [ 21.697278] ret_from_fork+0x10/0x20 [ 21.697333] [ 21.700841] Allocated by task 275: [ 21.701057] kasan_save_stack+0x3c/0x68 [ 21.701447] kasan_save_track+0x20/0x40 [ 21.701704] kasan_save_alloc_info+0x40/0x58 [ 21.701999] __kasan_kmalloc+0xd4/0xd8 [ 21.702261] __kmalloc_noprof+0x198/0x4c8 [ 21.702442] kunit_kmalloc_array+0x34/0x88 [ 21.702619] copy_user_test_oob+0xac/0xec0 [ 21.702792] kunit_try_run_case+0x170/0x3f0 [ 21.703187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.703710] kthread+0x318/0x620 [ 21.704001] ret_from_fork+0x10/0x20 [ 21.704165] [ 21.704356] The buggy address belongs to the object at fff00000c65b6300 [ 21.704356] which belongs to the cache kmalloc-128 of size 128 [ 21.705098] The buggy address is located 0 bytes inside of [ 21.705098] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.705809] [ 21.705957] The buggy address belongs to the physical page: [ 21.706356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.706788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.707197] page_type: f5(slab) [ 21.707488] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.707968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.708423] page dumped because: kasan: bad access detected [ 21.708690] [ 21.708825] Memory state around the buggy address: [ 21.709102] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.709570] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.709975] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.710391] ^ [ 21.710760] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.711111] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.711443] ================================================================== [ 21.712428] ================================================================== [ 21.712694] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.713296] Write of size 1 at addr fff00000c65b6378 by task kunit_try_catch/275 [ 21.713649] [ 21.713857] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.713964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.714010] Hardware name: linux,dummy-virt (DT) [ 21.714048] Call trace: [ 21.714076] show_stack+0x20/0x38 (C) [ 21.714137] dump_stack_lvl+0x8c/0xd0 [ 21.714206] print_report+0x118/0x608 [ 21.714275] kasan_report+0xdc/0x128 [ 21.714329] __asan_report_store1_noabort+0x20/0x30 [ 21.714383] strncpy_from_user+0x270/0x2a0 [ 21.714437] copy_user_test_oob+0x5c0/0xec0 [ 21.714491] kunit_try_run_case+0x170/0x3f0 [ 21.714542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.714601] kthread+0x318/0x620 [ 21.714649] ret_from_fork+0x10/0x20 [ 21.714703] [ 21.717989] Allocated by task 275: [ 21.718326] kasan_save_stack+0x3c/0x68 [ 21.718611] kasan_save_track+0x20/0x40 [ 21.718927] kasan_save_alloc_info+0x40/0x58 [ 21.719196] __kasan_kmalloc+0xd4/0xd8 [ 21.719515] __kmalloc_noprof+0x198/0x4c8 [ 21.719782] kunit_kmalloc_array+0x34/0x88 [ 21.719997] copy_user_test_oob+0xac/0xec0 [ 21.720348] kunit_try_run_case+0x170/0x3f0 [ 21.720596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.720922] kthread+0x318/0x620 [ 21.721213] ret_from_fork+0x10/0x20 [ 21.721517] [ 21.721727] The buggy address belongs to the object at fff00000c65b6300 [ 21.721727] which belongs to the cache kmalloc-128 of size 128 [ 21.722330] The buggy address is located 0 bytes to the right of [ 21.722330] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.722900] [ 21.723109] The buggy address belongs to the physical page: [ 21.723686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.724030] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.724262] page_type: f5(slab) [ 21.724443] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.724686] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.724933] page dumped because: kasan: bad access detected [ 21.725563] [ 21.725790] Memory state around the buggy address: [ 21.726105] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.726410] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.726782] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.727522] ^ [ 21.727776] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728005] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728552] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.617428] ================================================================== [ 21.617913] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec0 [ 21.618649] Write of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.619222] [ 21.619571] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.619676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.619711] Hardware name: linux,dummy-virt (DT) [ 21.619827] Call trace: [ 21.619937] show_stack+0x20/0x38 (C) [ 21.620072] dump_stack_lvl+0x8c/0xd0 [ 21.620134] print_report+0x118/0x608 [ 21.620209] kasan_report+0xdc/0x128 [ 21.620263] kasan_check_range+0x100/0x1a8 [ 21.620314] __kasan_check_write+0x20/0x30 [ 21.620366] copy_user_test_oob+0x35c/0xec0 [ 21.620419] kunit_try_run_case+0x170/0x3f0 [ 21.620473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.620532] kthread+0x318/0x620 [ 21.620584] ret_from_fork+0x10/0x20 [ 21.620640] [ 21.624671] Allocated by task 275: [ 21.625035] kasan_save_stack+0x3c/0x68 [ 21.625406] kasan_save_track+0x20/0x40 [ 21.625744] kasan_save_alloc_info+0x40/0x58 [ 21.626094] __kasan_kmalloc+0xd4/0xd8 [ 21.626493] __kmalloc_noprof+0x198/0x4c8 [ 21.626803] kunit_kmalloc_array+0x34/0x88 [ 21.627163] copy_user_test_oob+0xac/0xec0 [ 21.627502] kunit_try_run_case+0x170/0x3f0 [ 21.627738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.628043] kthread+0x318/0x620 [ 21.628434] ret_from_fork+0x10/0x20 [ 21.628735] [ 21.628966] The buggy address belongs to the object at fff00000c65b6300 [ 21.628966] which belongs to the cache kmalloc-128 of size 128 [ 21.629816] The buggy address is located 0 bytes inside of [ 21.629816] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.630271] [ 21.630576] The buggy address belongs to the physical page: [ 21.630891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.631325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.631663] page_type: f5(slab) [ 21.631886] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.632494] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.632854] page dumped because: kasan: bad access detected [ 21.633368] [ 21.633602] Memory state around the buggy address: [ 21.634032] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.634534] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.635033] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.635555] ^ [ 21.636017] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.636483] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.636938] ================================================================== [ 21.638469] ================================================================== [ 21.638861] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec0 [ 21.639270] Read of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.639549] [ 21.639723] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.639812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.639843] Hardware name: linux,dummy-virt (DT) [ 21.639882] Call trace: [ 21.639911] show_stack+0x20/0x38 (C) [ 21.639966] dump_stack_lvl+0x8c/0xd0 [ 21.640019] print_report+0x118/0x608 [ 21.640069] kasan_report+0xdc/0x128 [ 21.640119] kasan_check_range+0x100/0x1a8 [ 21.640184] __kasan_check_read+0x20/0x30 [ 21.640238] copy_user_test_oob+0x3c8/0xec0 [ 21.640287] kunit_try_run_case+0x170/0x3f0 [ 21.640337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.640392] kthread+0x318/0x620 [ 21.640440] ret_from_fork+0x10/0x20 [ 21.640493] [ 21.644825] Allocated by task 275: [ 21.645232] kasan_save_stack+0x3c/0x68 [ 21.645604] kasan_save_track+0x20/0x40 [ 21.645950] kasan_save_alloc_info+0x40/0x58 [ 21.646307] __kasan_kmalloc+0xd4/0xd8 [ 21.646643] __kmalloc_noprof+0x198/0x4c8 [ 21.646977] kunit_kmalloc_array+0x34/0x88 [ 21.647268] copy_user_test_oob+0xac/0xec0 [ 21.647621] kunit_try_run_case+0x170/0x3f0 [ 21.647961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.648505] kthread+0x318/0x620 [ 21.648789] ret_from_fork+0x10/0x20 [ 21.649116] [ 21.649360] The buggy address belongs to the object at fff00000c65b6300 [ 21.649360] which belongs to the cache kmalloc-128 of size 128 [ 21.649978] The buggy address is located 0 bytes inside of [ 21.649978] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.650541] [ 21.650699] The buggy address belongs to the physical page: [ 21.650998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.651740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.652106] page_type: f5(slab) [ 21.652418] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.653013] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.653557] page dumped because: kasan: bad access detected [ 21.653956] [ 21.654193] Memory state around the buggy address: [ 21.654526] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.655036] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.655499] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.656029] ^ [ 21.656478] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.656963] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.657452] ================================================================== [ 21.592549] ================================================================== [ 21.592982] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec0 [ 21.593472] Read of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.594054] [ 21.594264] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.594367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.594403] Hardware name: linux,dummy-virt (DT) [ 21.594443] Call trace: [ 21.594474] show_stack+0x20/0x38 (C) [ 21.594535] dump_stack_lvl+0x8c/0xd0 [ 21.594587] print_report+0x118/0x608 [ 21.594638] kasan_report+0xdc/0x128 [ 21.594689] kasan_check_range+0x100/0x1a8 [ 21.594740] __kasan_check_read+0x20/0x30 [ 21.594793] copy_user_test_oob+0x728/0xec0 [ 21.594847] kunit_try_run_case+0x170/0x3f0 [ 21.594901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.594960] kthread+0x318/0x620 [ 21.595009] ret_from_fork+0x10/0x20 [ 21.595066] [ 21.599385] Allocated by task 275: [ 21.599686] kasan_save_stack+0x3c/0x68 [ 21.600070] kasan_save_track+0x20/0x40 [ 21.600499] kasan_save_alloc_info+0x40/0x58 [ 21.600822] __kasan_kmalloc+0xd4/0xd8 [ 21.601085] __kmalloc_noprof+0x198/0x4c8 [ 21.601342] kunit_kmalloc_array+0x34/0x88 [ 21.601576] copy_user_test_oob+0xac/0xec0 [ 21.601819] kunit_try_run_case+0x170/0x3f0 [ 21.602303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.602535] kthread+0x318/0x620 [ 21.602869] ret_from_fork+0x10/0x20 [ 21.603138] [ 21.603359] The buggy address belongs to the object at fff00000c65b6300 [ 21.603359] which belongs to the cache kmalloc-128 of size 128 [ 21.603966] The buggy address is located 0 bytes inside of [ 21.603966] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.604665] [ 21.604849] The buggy address belongs to the physical page: [ 21.605119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.605680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.605926] page_type: f5(slab) [ 21.606272] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.606927] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.607396] page dumped because: kasan: bad access detected [ 21.607796] [ 21.607975] Memory state around the buggy address: [ 21.608233] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.608644] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.609072] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.609482] ^ [ 21.609852] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.610604] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.610870] ================================================================== [ 21.677651] ================================================================== [ 21.678115] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec0 [ 21.678594] Read of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.679106] [ 21.679268] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.679374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.679435] Hardware name: linux,dummy-virt (DT) [ 21.679497] Call trace: [ 21.679532] show_stack+0x20/0x38 (C) [ 21.679602] dump_stack_lvl+0x8c/0xd0 [ 21.679671] print_report+0x118/0x608 [ 21.679725] kasan_report+0xdc/0x128 [ 21.679776] kasan_check_range+0x100/0x1a8 [ 21.679828] __kasan_check_read+0x20/0x30 [ 21.679877] copy_user_test_oob+0x4a0/0xec0 [ 21.679928] kunit_try_run_case+0x170/0x3f0 [ 21.679979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.680033] kthread+0x318/0x620 [ 21.680082] ret_from_fork+0x10/0x20 [ 21.680134] [ 21.682848] Allocated by task 275: [ 21.683139] kasan_save_stack+0x3c/0x68 [ 21.683563] kasan_save_track+0x20/0x40 [ 21.683916] kasan_save_alloc_info+0x40/0x58 [ 21.684204] __kasan_kmalloc+0xd4/0xd8 [ 21.684374] __kmalloc_noprof+0x198/0x4c8 [ 21.684651] kunit_kmalloc_array+0x34/0x88 [ 21.685055] copy_user_test_oob+0xac/0xec0 [ 21.685462] kunit_try_run_case+0x170/0x3f0 [ 21.685874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.686143] kthread+0x318/0x620 [ 21.686462] ret_from_fork+0x10/0x20 [ 21.686705] [ 21.686875] The buggy address belongs to the object at fff00000c65b6300 [ 21.686875] which belongs to the cache kmalloc-128 of size 128 [ 21.687457] The buggy address is located 0 bytes inside of [ 21.687457] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.688168] [ 21.688341] The buggy address belongs to the physical page: [ 21.688617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.689045] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.689503] page_type: f5(slab) [ 21.689756] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.690209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.690703] page dumped because: kasan: bad access detected [ 21.690970] [ 21.691147] Memory state around the buggy address: [ 21.691479] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.691866] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.692315] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.692731] ^ [ 21.693179] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.693602] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.694000] ================================================================== [ 21.659008] ================================================================== [ 21.659343] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec0 [ 21.660027] Write of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.660428] [ 21.660607] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.660712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.660761] Hardware name: linux,dummy-virt (DT) [ 21.660810] Call trace: [ 21.660840] show_stack+0x20/0x38 (C) [ 21.660901] dump_stack_lvl+0x8c/0xd0 [ 21.660957] print_report+0x118/0x608 [ 21.661014] kasan_report+0xdc/0x128 [ 21.661068] kasan_check_range+0x100/0x1a8 [ 21.661122] __kasan_check_write+0x20/0x30 [ 21.661282] copy_user_test_oob+0x434/0xec0 [ 21.661374] kunit_try_run_case+0x170/0x3f0 [ 21.661430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.661491] kthread+0x318/0x620 [ 21.661567] ret_from_fork+0x10/0x20 [ 21.661631] [ 21.664804] Allocated by task 275: [ 21.665166] kasan_save_stack+0x3c/0x68 [ 21.665484] kasan_save_track+0x20/0x40 [ 21.665808] kasan_save_alloc_info+0x40/0x58 [ 21.666123] __kasan_kmalloc+0xd4/0xd8 [ 21.666313] __kmalloc_noprof+0x198/0x4c8 [ 21.666492] kunit_kmalloc_array+0x34/0x88 [ 21.666661] copy_user_test_oob+0xac/0xec0 [ 21.666839] kunit_try_run_case+0x170/0x3f0 [ 21.667011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.667256] kthread+0x318/0x620 [ 21.667449] ret_from_fork+0x10/0x20 [ 21.667664] [ 21.667876] The buggy address belongs to the object at fff00000c65b6300 [ 21.667876] which belongs to the cache kmalloc-128 of size 128 [ 21.668875] The buggy address is located 0 bytes inside of [ 21.668875] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.669591] [ 21.669706] The buggy address belongs to the physical page: [ 21.670212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.670770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.671358] page_type: f5(slab) [ 21.671716] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.672199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.672636] page dumped because: kasan: bad access detected [ 21.672984] [ 21.673149] Memory state around the buggy address: [ 21.673480] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.673965] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.674411] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.674860] ^ [ 21.675311] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.675743] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.676183] ================================================================== [ 21.567254] ================================================================== [ 21.568048] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec0 [ 21.568798] Write of size 121 at addr fff00000c65b6300 by task kunit_try_catch/275 [ 21.569360] [ 21.569582] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.569696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.569733] Hardware name: linux,dummy-virt (DT) [ 21.569774] Call trace: [ 21.569804] show_stack+0x20/0x38 (C) [ 21.569877] dump_stack_lvl+0x8c/0xd0 [ 21.569938] print_report+0x118/0x608 [ 21.569994] kasan_report+0xdc/0x128 [ 21.570047] kasan_check_range+0x100/0x1a8 [ 21.570347] __kasan_check_write+0x20/0x30 [ 21.570632] copy_user_test_oob+0x234/0xec0 [ 21.570688] kunit_try_run_case+0x170/0x3f0 [ 21.570745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.570800] kthread+0x318/0x620 [ 21.570852] ret_from_fork+0x10/0x20 [ 21.570906] [ 21.574884] Allocated by task 275: [ 21.575253] kasan_save_stack+0x3c/0x68 [ 21.575709] kasan_save_track+0x20/0x40 [ 21.576044] kasan_save_alloc_info+0x40/0x58 [ 21.576422] __kasan_kmalloc+0xd4/0xd8 [ 21.576625] __kmalloc_noprof+0x198/0x4c8 [ 21.576841] kunit_kmalloc_array+0x34/0x88 [ 21.577064] copy_user_test_oob+0xac/0xec0 [ 21.577656] kunit_try_run_case+0x170/0x3f0 [ 21.577928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.578443] kthread+0x318/0x620 [ 21.578800] ret_from_fork+0x10/0x20 [ 21.579118] [ 21.579300] The buggy address belongs to the object at fff00000c65b6300 [ 21.579300] which belongs to the cache kmalloc-128 of size 128 [ 21.579971] The buggy address is located 0 bytes inside of [ 21.579971] allocated 120-byte region [fff00000c65b6300, fff00000c65b6378) [ 21.580576] [ 21.580813] The buggy address belongs to the physical page: [ 21.581208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.581825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.582331] page_type: f5(slab) [ 21.583092] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.583503] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.583967] page dumped because: kasan: bad access detected [ 21.584225] [ 21.584356] Memory state around the buggy address: [ 21.584533] fff00000c65b6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.584862] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.585490] >fff00000c65b6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.585965] ^ [ 21.586377] fff00000c65b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.586847] fff00000c65b6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.587079] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.523123] ================================================================== [ 21.523771] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.524374] Write of size 8 at addr fff00000c65b6278 by task kunit_try_catch/271 [ 21.524858] [ 21.525035] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.525140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.525196] Hardware name: linux,dummy-virt (DT) [ 21.525241] Call trace: [ 21.525272] show_stack+0x20/0x38 (C) [ 21.525361] dump_stack_lvl+0x8c/0xd0 [ 21.525429] print_report+0x118/0x608 [ 21.525488] kasan_report+0xdc/0x128 [ 21.525575] kasan_check_range+0x100/0x1a8 [ 21.525638] __kasan_check_write+0x20/0x30 [ 21.525692] copy_to_kernel_nofault+0x8c/0x250 [ 21.525779] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.525837] kunit_try_run_case+0x170/0x3f0 [ 21.525896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.525996] kthread+0x318/0x620 [ 21.526058] ret_from_fork+0x10/0x20 [ 21.526718] [ 21.530434] Allocated by task 271: [ 21.530701] kasan_save_stack+0x3c/0x68 [ 21.530884] kasan_save_track+0x20/0x40 [ 21.531046] kasan_save_alloc_info+0x40/0x58 [ 21.531444] __kasan_kmalloc+0xd4/0xd8 [ 21.531812] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.532246] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.532700] kunit_try_run_case+0x170/0x3f0 [ 21.533068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.533371] kthread+0x318/0x620 [ 21.533682] ret_from_fork+0x10/0x20 [ 21.533950] [ 21.534303] The buggy address belongs to the object at fff00000c65b6200 [ 21.534303] which belongs to the cache kmalloc-128 of size 128 [ 21.535307] The buggy address is located 0 bytes to the right of [ 21.535307] allocated 120-byte region [fff00000c65b6200, fff00000c65b6278) [ 21.536104] [ 21.536310] The buggy address belongs to the physical page: [ 21.536794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.537408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.537907] page_type: f5(slab) [ 21.538493] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.538950] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.539411] page dumped because: kasan: bad access detected [ 21.539911] [ 21.540188] Memory state around the buggy address: [ 21.540588] fff00000c65b6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.541162] fff00000c65b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.541568] >fff00000c65b6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.542088] ^ [ 21.543533] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.544042] fff00000c65b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.544627] ================================================================== [ 21.501387] ================================================================== [ 21.501859] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.502957] Read of size 8 at addr fff00000c65b6278 by task kunit_try_catch/271 [ 21.503493] [ 21.503942] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.504054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.504089] Hardware name: linux,dummy-virt (DT) [ 21.504129] Call trace: [ 21.504169] show_stack+0x20/0x38 (C) [ 21.504237] dump_stack_lvl+0x8c/0xd0 [ 21.504291] print_report+0x118/0x608 [ 21.504343] kasan_report+0xdc/0x128 [ 21.504394] __asan_report_load8_noabort+0x20/0x30 [ 21.504446] copy_to_kernel_nofault+0x204/0x250 [ 21.504502] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.504553] kunit_try_run_case+0x170/0x3f0 [ 21.504607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.504666] kthread+0x318/0x620 [ 21.504720] ret_from_fork+0x10/0x20 [ 21.504774] [ 21.509827] Allocated by task 271: [ 21.510038] kasan_save_stack+0x3c/0x68 [ 21.510478] kasan_save_track+0x20/0x40 [ 21.510792] kasan_save_alloc_info+0x40/0x58 [ 21.511225] __kasan_kmalloc+0xd4/0xd8 [ 21.511401] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.511586] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.512003] kunit_try_run_case+0x170/0x3f0 [ 21.512493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.512724] kthread+0x318/0x620 [ 21.512944] ret_from_fork+0x10/0x20 [ 21.513107] [ 21.513226] The buggy address belongs to the object at fff00000c65b6200 [ 21.513226] which belongs to the cache kmalloc-128 of size 128 [ 21.514952] The buggy address is located 0 bytes to the right of [ 21.514952] allocated 120-byte region [fff00000c65b6200, fff00000c65b6278) [ 21.515515] [ 21.515658] The buggy address belongs to the physical page: [ 21.515854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 21.516161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.516400] page_type: f5(slab) [ 21.516567] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.517050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.518114] page dumped because: kasan: bad access detected [ 21.518506] [ 21.518644] Memory state around the buggy address: [ 21.519006] fff00000c65b6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.519306] fff00000c65b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.519738] >fff00000c65b6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.520098] ^ [ 21.520445] fff00000c65b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.520832] fff00000c65b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.521313] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.444894] ================================================================== [ 21.445398] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.446107] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/259 [ 21.446627] [ 21.446917] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.447022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.447056] Hardware name: linux,dummy-virt (DT) [ 21.447099] Call trace: [ 21.447129] show_stack+0x20/0x38 (C) [ 21.447212] dump_stack_lvl+0x8c/0xd0 [ 21.447271] print_report+0x310/0x608 [ 21.447327] kasan_report+0xdc/0x128 [ 21.447379] __asan_report_load1_noabort+0x20/0x30 [ 21.447435] vmalloc_oob+0x578/0x5d0 [ 21.447485] kunit_try_run_case+0x170/0x3f0 [ 21.447539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.447596] kthread+0x318/0x620 [ 21.447649] ret_from_fork+0x10/0x20 [ 21.447704] [ 21.450776] The buggy address belongs to the virtual mapping at [ 21.450776] [ffff80008010b000, ffff80008010d000) created by: [ 21.450776] vmalloc_oob+0x98/0x5d0 [ 21.451465] [ 21.451587] The buggy address belongs to the physical page: [ 21.451954] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106533 [ 21.452410] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.452925] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.453450] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.453935] page dumped because: kasan: bad access detected [ 21.454422] [ 21.454864] Memory state around the buggy address: [ 21.455108] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.455378] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.455875] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.456208] ^ [ 21.456573] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.456862] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.457196] ================================================================== [ 21.458342] ================================================================== [ 21.458875] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.459440] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/259 [ 21.459737] [ 21.459861] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.459961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.459998] Hardware name: linux,dummy-virt (DT) [ 21.460038] Call trace: [ 21.460067] show_stack+0x20/0x38 (C) [ 21.460130] dump_stack_lvl+0x8c/0xd0 [ 21.460203] print_report+0x310/0x608 [ 21.460262] kasan_report+0xdc/0x128 [ 21.460315] __asan_report_load1_noabort+0x20/0x30 [ 21.460373] vmalloc_oob+0x51c/0x5d0 [ 21.460425] kunit_try_run_case+0x170/0x3f0 [ 21.460482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.460541] kthread+0x318/0x620 [ 21.460596] ret_from_fork+0x10/0x20 [ 21.460655] [ 21.464166] The buggy address belongs to the virtual mapping at [ 21.464166] [ffff80008010b000, ffff80008010d000) created by: [ 21.464166] vmalloc_oob+0x98/0x5d0 [ 21.464769] [ 21.464937] The buggy address belongs to the physical page: [ 21.465396] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106533 [ 21.465795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.466866] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.467264] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.467540] page dumped because: kasan: bad access detected [ 21.467871] [ 21.468007] Memory state around the buggy address: [ 21.468249] ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.468576] ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.468973] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.469538] ^ [ 21.469865] ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.470117] ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.470846] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.142591] ================================================================== [ 21.143043] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 21.144334] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.144663] [ 21.144802] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.144907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.144941] Hardware name: linux,dummy-virt (DT) [ 21.144983] Call trace: [ 21.145013] show_stack+0x20/0x38 (C) [ 21.145078] dump_stack_lvl+0x8c/0xd0 [ 21.145137] print_report+0x118/0x608 [ 21.145209] kasan_report+0xdc/0x128 [ 21.145265] kasan_check_range+0x100/0x1a8 [ 21.145318] __kasan_check_write+0x20/0x30 [ 21.145372] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 21.145437] kasan_bitops_generic+0x11c/0x1c8 [ 21.145492] kunit_try_run_case+0x170/0x3f0 [ 21.145564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.145625] kthread+0x318/0x620 [ 21.145678] ret_from_fork+0x10/0x20 [ 21.145737] [ 21.149592] Allocated by task 251: [ 21.150899] kasan_save_stack+0x3c/0x68 [ 21.151128] kasan_save_track+0x20/0x40 [ 21.151640] kasan_save_alloc_info+0x40/0x58 [ 21.151825] __kasan_kmalloc+0xd4/0xd8 [ 21.151998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.152194] kasan_bitops_generic+0xa0/0x1c8 [ 21.152414] kunit_try_run_case+0x170/0x3f0 [ 21.152593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.152875] kthread+0x318/0x620 [ 21.153061] ret_from_fork+0x10/0x20 [ 21.154693] [ 21.154838] The buggy address belongs to the object at fff00000c3e60680 [ 21.154838] which belongs to the cache kmalloc-16 of size 16 [ 21.155472] The buggy address is located 8 bytes inside of [ 21.155472] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.155977] [ 21.156143] The buggy address belongs to the physical page: [ 21.157175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.157725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.158417] page_type: f5(slab) [ 21.158684] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.159066] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.159460] page dumped because: kasan: bad access detected [ 21.159706] [ 21.159870] Memory state around the buggy address: [ 21.160146] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.161556] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.162057] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.162577] ^ [ 21.162942] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.163489] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.163932] ================================================================== [ 21.259442] ================================================================== [ 21.259895] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 21.260844] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.261364] [ 21.261627] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.261826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.261865] Hardware name: linux,dummy-virt (DT) [ 21.261909] Call trace: [ 21.261942] show_stack+0x20/0x38 (C) [ 21.262009] dump_stack_lvl+0x8c/0xd0 [ 21.262113] print_report+0x118/0x608 [ 21.262196] kasan_report+0xdc/0x128 [ 21.262256] kasan_check_range+0x100/0x1a8 [ 21.262311] __kasan_check_write+0x20/0x30 [ 21.262368] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 21.262434] kasan_bitops_generic+0x11c/0x1c8 [ 21.262492] kunit_try_run_case+0x170/0x3f0 [ 21.262551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.262613] kthread+0x318/0x620 [ 21.262669] ret_from_fork+0x10/0x20 [ 21.262730] [ 21.267248] Allocated by task 251: [ 21.267488] kasan_save_stack+0x3c/0x68 [ 21.267894] kasan_save_track+0x20/0x40 [ 21.268265] kasan_save_alloc_info+0x40/0x58 [ 21.268524] __kasan_kmalloc+0xd4/0xd8 [ 21.268905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.269294] kasan_bitops_generic+0xa0/0x1c8 [ 21.269549] kunit_try_run_case+0x170/0x3f0 [ 21.269958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.270401] kthread+0x318/0x620 [ 21.270707] ret_from_fork+0x10/0x20 [ 21.270934] [ 21.271204] The buggy address belongs to the object at fff00000c3e60680 [ 21.271204] which belongs to the cache kmalloc-16 of size 16 [ 21.271989] The buggy address is located 8 bytes inside of [ 21.271989] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.272710] [ 21.272936] The buggy address belongs to the physical page: [ 21.273330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.273788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.274151] page_type: f5(slab) [ 21.274398] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.274772] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.275281] page dumped because: kasan: bad access detected [ 21.275874] [ 21.276089] Memory state around the buggy address: [ 21.276448] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.276961] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.277455] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.277994] ^ [ 21.278277] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.278854] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279194] ================================================================== [ 21.184619] ================================================================== [ 21.185066] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 21.185972] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.186368] [ 21.187514] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.187633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.187669] Hardware name: linux,dummy-virt (DT) [ 21.187710] Call trace: [ 21.187740] show_stack+0x20/0x38 (C) [ 21.187808] dump_stack_lvl+0x8c/0xd0 [ 21.187863] print_report+0x118/0x608 [ 21.187919] kasan_report+0xdc/0x128 [ 21.187970] kasan_check_range+0x100/0x1a8 [ 21.188023] __kasan_check_write+0x20/0x30 [ 21.188075] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 21.188134] kasan_bitops_generic+0x11c/0x1c8 [ 21.188206] kunit_try_run_case+0x170/0x3f0 [ 21.188262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.188319] kthread+0x318/0x620 [ 21.188372] ret_from_fork+0x10/0x20 [ 21.188427] [ 21.192636] Allocated by task 251: [ 21.192925] kasan_save_stack+0x3c/0x68 [ 21.193171] kasan_save_track+0x20/0x40 [ 21.193465] kasan_save_alloc_info+0x40/0x58 [ 21.193728] __kasan_kmalloc+0xd4/0xd8 [ 21.193969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.194386] kasan_bitops_generic+0xa0/0x1c8 [ 21.194728] kunit_try_run_case+0x170/0x3f0 [ 21.195019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.195381] kthread+0x318/0x620 [ 21.195602] ret_from_fork+0x10/0x20 [ 21.195855] [ 21.195984] The buggy address belongs to the object at fff00000c3e60680 [ 21.195984] which belongs to the cache kmalloc-16 of size 16 [ 21.196619] The buggy address is located 8 bytes inside of [ 21.196619] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.197214] [ 21.197405] The buggy address belongs to the physical page: [ 21.197657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.198160] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.198538] page_type: f5(slab) [ 21.198807] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.199208] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.199616] page dumped because: kasan: bad access detected [ 21.199905] [ 21.200086] Memory state around the buggy address: [ 21.200379] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.200710] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.201091] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.201575] ^ [ 21.201799] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.202250] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.202501] ================================================================== [ 21.299744] ================================================================== [ 21.300138] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 21.300579] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.300855] [ 21.301049] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.301145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.301191] Hardware name: linux,dummy-virt (DT) [ 21.301232] Call trace: [ 21.301263] show_stack+0x20/0x38 (C) [ 21.301324] dump_stack_lvl+0x8c/0xd0 [ 21.301380] print_report+0x118/0x608 [ 21.301437] kasan_report+0xdc/0x128 [ 21.301492] __asan_report_load8_noabort+0x20/0x30 [ 21.301563] kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 21.301628] kasan_bitops_generic+0x11c/0x1c8 [ 21.301684] kunit_try_run_case+0x170/0x3f0 [ 21.301740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.301801] kthread+0x318/0x620 [ 21.301852] ret_from_fork+0x10/0x20 [ 21.301910] [ 21.306403] Allocated by task 251: [ 21.306832] kasan_save_stack+0x3c/0x68 [ 21.307169] kasan_save_track+0x20/0x40 [ 21.307410] kasan_save_alloc_info+0x40/0x58 [ 21.307822] __kasan_kmalloc+0xd4/0xd8 [ 21.308250] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.308646] kasan_bitops_generic+0xa0/0x1c8 [ 21.308979] kunit_try_run_case+0x170/0x3f0 [ 21.309334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.309717] kthread+0x318/0x620 [ 21.310043] ret_from_fork+0x10/0x20 [ 21.310216] [ 21.310527] The buggy address belongs to the object at fff00000c3e60680 [ 21.310527] which belongs to the cache kmalloc-16 of size 16 [ 21.311051] The buggy address is located 8 bytes inside of [ 21.311051] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.311788] [ 21.311971] The buggy address belongs to the physical page: [ 21.312295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.312700] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.312995] page_type: f5(slab) [ 21.313539] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.314047] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.314632] page dumped because: kasan: bad access detected [ 21.315060] [ 21.315211] Memory state around the buggy address: [ 21.315412] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.315936] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.316351] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.316701] ^ [ 21.316871] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.317455] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.317904] ================================================================== [ 21.280742] ================================================================== [ 21.281215] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 21.281964] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.282337] [ 21.282480] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.282582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.282615] Hardware name: linux,dummy-virt (DT) [ 21.282657] Call trace: [ 21.282686] show_stack+0x20/0x38 (C) [ 21.282748] dump_stack_lvl+0x8c/0xd0 [ 21.282809] print_report+0x118/0x608 [ 21.282866] kasan_report+0xdc/0x128 [ 21.282923] __asan_report_load8_noabort+0x20/0x30 [ 21.282979] kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 21.283042] kasan_bitops_generic+0x11c/0x1c8 [ 21.283098] kunit_try_run_case+0x170/0x3f0 [ 21.283168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.283236] kthread+0x318/0x620 [ 21.283291] ret_from_fork+0x10/0x20 [ 21.283351] [ 21.287545] Allocated by task 251: [ 21.287905] kasan_save_stack+0x3c/0x68 [ 21.288236] kasan_save_track+0x20/0x40 [ 21.288562] kasan_save_alloc_info+0x40/0x58 [ 21.288891] __kasan_kmalloc+0xd4/0xd8 [ 21.289203] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.289556] kasan_bitops_generic+0xa0/0x1c8 [ 21.289898] kunit_try_run_case+0x170/0x3f0 [ 21.290274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.290593] kthread+0x318/0x620 [ 21.290804] ret_from_fork+0x10/0x20 [ 21.291033] [ 21.291436] The buggy address belongs to the object at fff00000c3e60680 [ 21.291436] which belongs to the cache kmalloc-16 of size 16 [ 21.292084] The buggy address is located 8 bytes inside of [ 21.292084] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.292435] [ 21.292545] The buggy address belongs to the physical page: [ 21.292892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.293410] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.293873] page_type: f5(slab) [ 21.294206] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.294618] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.295013] page dumped because: kasan: bad access detected [ 21.295438] [ 21.295651] Memory state around the buggy address: [ 21.295968] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.296488] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.296948] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.297425] ^ [ 21.297696] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.298163] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.298692] ================================================================== [ 21.203926] ================================================================== [ 21.204357] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 21.204868] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.205255] [ 21.205431] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.205541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.205579] Hardware name: linux,dummy-virt (DT) [ 21.205622] Call trace: [ 21.205652] show_stack+0x20/0x38 (C) [ 21.205716] dump_stack_lvl+0x8c/0xd0 [ 21.205777] print_report+0x118/0x608 [ 21.205835] kasan_report+0xdc/0x128 [ 21.205893] __asan_report_load8_noabort+0x20/0x30 [ 21.205952] kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 21.206018] kasan_bitops_generic+0x11c/0x1c8 [ 21.206119] kunit_try_run_case+0x170/0x3f0 [ 21.206203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.206269] kthread+0x318/0x620 [ 21.206323] ret_from_fork+0x10/0x20 [ 21.206386] [ 21.210063] Allocated by task 251: [ 21.210431] kasan_save_stack+0x3c/0x68 [ 21.210859] kasan_save_track+0x20/0x40 [ 21.211202] kasan_save_alloc_info+0x40/0x58 [ 21.211584] __kasan_kmalloc+0xd4/0xd8 [ 21.211835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.212097] kasan_bitops_generic+0xa0/0x1c8 [ 21.212361] kunit_try_run_case+0x170/0x3f0 [ 21.212603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.212912] kthread+0x318/0x620 [ 21.213140] ret_from_fork+0x10/0x20 [ 21.213768] [ 21.213891] The buggy address belongs to the object at fff00000c3e60680 [ 21.213891] which belongs to the cache kmalloc-16 of size 16 [ 21.214875] The buggy address is located 8 bytes inside of [ 21.214875] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.215574] [ 21.215696] The buggy address belongs to the physical page: [ 21.216148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.216685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.217140] page_type: f5(slab) [ 21.217435] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.217983] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.218514] page dumped because: kasan: bad access detected [ 21.218904] [ 21.219139] Memory state around the buggy address: [ 21.219558] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.219959] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.220353] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.220734] ^ [ 21.220973] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.221645] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.222091] ================================================================== [ 21.164881] ================================================================== [ 21.165684] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 21.166659] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.167234] [ 21.167401] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.167508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.167541] Hardware name: linux,dummy-virt (DT) [ 21.167584] Call trace: [ 21.167616] show_stack+0x20/0x38 (C) [ 21.167683] dump_stack_lvl+0x8c/0xd0 [ 21.167743] print_report+0x118/0x608 [ 21.167800] kasan_report+0xdc/0x128 [ 21.167856] __asan_report_load8_noabort+0x20/0x30 [ 21.167913] kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 21.167979] kasan_bitops_generic+0x11c/0x1c8 [ 21.168037] kunit_try_run_case+0x170/0x3f0 [ 21.168095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.168220] kthread+0x318/0x620 [ 21.168339] ret_from_fork+0x10/0x20 [ 21.168403] [ 21.170587] Allocated by task 251: [ 21.170917] kasan_save_stack+0x3c/0x68 [ 21.171293] kasan_save_track+0x20/0x40 [ 21.171632] kasan_save_alloc_info+0x40/0x58 [ 21.171993] __kasan_kmalloc+0xd4/0xd8 [ 21.173573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.173889] kasan_bitops_generic+0xa0/0x1c8 [ 21.174439] kunit_try_run_case+0x170/0x3f0 [ 21.174643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.174873] kthread+0x318/0x620 [ 21.175039] ret_from_fork+0x10/0x20 [ 21.175218] [ 21.175353] The buggy address belongs to the object at fff00000c3e60680 [ 21.175353] which belongs to the cache kmalloc-16 of size 16 [ 21.175778] The buggy address is located 8 bytes inside of [ 21.175778] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.177282] [ 21.177426] The buggy address belongs to the physical page: [ 21.177722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.178639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.178930] page_type: f5(slab) [ 21.179090] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.179344] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.179566] page dumped because: kasan: bad access detected [ 21.179749] [ 21.179853] Memory state around the buggy address: [ 21.180023] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.181046] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.181583] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.181972] ^ [ 21.182894] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.183309] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.183766] ================================================================== [ 21.239384] ================================================================== [ 21.240050] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 21.240462] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.240831] [ 21.241026] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.241124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.241170] Hardware name: linux,dummy-virt (DT) [ 21.241216] Call trace: [ 21.241247] show_stack+0x20/0x38 (C) [ 21.241312] dump_stack_lvl+0x8c/0xd0 [ 21.241370] print_report+0x118/0x608 [ 21.241426] kasan_report+0xdc/0x128 [ 21.241482] __asan_report_load8_noabort+0x20/0x30 [ 21.241553] kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 21.241621] kasan_bitops_generic+0x11c/0x1c8 [ 21.241678] kunit_try_run_case+0x170/0x3f0 [ 21.241736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.241798] kthread+0x318/0x620 [ 21.241850] ret_from_fork+0x10/0x20 [ 21.241907] [ 21.244685] Allocated by task 251: [ 21.244959] kasan_save_stack+0x3c/0x68 [ 21.245310] kasan_save_track+0x20/0x40 [ 21.245599] kasan_save_alloc_info+0x40/0x58 [ 21.245842] __kasan_kmalloc+0xd4/0xd8 [ 21.246091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.246290] kasan_bitops_generic+0xa0/0x1c8 [ 21.247068] kunit_try_run_case+0x170/0x3f0 [ 21.247396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.247837] kthread+0x318/0x620 [ 21.248015] ret_from_fork+0x10/0x20 [ 21.248671] [ 21.249179] The buggy address belongs to the object at fff00000c3e60680 [ 21.249179] which belongs to the cache kmalloc-16 of size 16 [ 21.249539] The buggy address is located 8 bytes inside of [ 21.249539] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.249874] [ 21.249980] The buggy address belongs to the physical page: [ 21.250173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.250431] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.250652] page_type: f5(slab) [ 21.250809] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.251059] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.253048] page dumped because: kasan: bad access detected [ 21.253881] [ 21.254403] Memory state around the buggy address: [ 21.255058] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.255794] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.256597] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.256890] ^ [ 21.257051] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.257654] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.258167] ================================================================== [ 21.223299] ================================================================== [ 21.223579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 21.224880] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.225348] [ 21.225555] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.225661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.225699] Hardware name: linux,dummy-virt (DT) [ 21.225742] Call trace: [ 21.225775] show_stack+0x20/0x38 (C) [ 21.225841] dump_stack_lvl+0x8c/0xd0 [ 21.225900] print_report+0x118/0x608 [ 21.225958] kasan_report+0xdc/0x128 [ 21.226015] kasan_check_range+0x100/0x1a8 [ 21.226068] __kasan_check_write+0x20/0x30 [ 21.226142] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 21.226226] kasan_bitops_generic+0x11c/0x1c8 [ 21.226282] kunit_try_run_case+0x170/0x3f0 [ 21.226340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.226402] kthread+0x318/0x620 [ 21.226453] ret_from_fork+0x10/0x20 [ 21.226511] [ 21.229274] Allocated by task 251: [ 21.229556] kasan_save_stack+0x3c/0x68 [ 21.229832] kasan_save_track+0x20/0x40 [ 21.230116] kasan_save_alloc_info+0x40/0x58 [ 21.230426] __kasan_kmalloc+0xd4/0xd8 [ 21.230746] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.231019] kasan_bitops_generic+0xa0/0x1c8 [ 21.231241] kunit_try_run_case+0x170/0x3f0 [ 21.231522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.231725] kthread+0x318/0x620 [ 21.231923] ret_from_fork+0x10/0x20 [ 21.232254] [ 21.232372] The buggy address belongs to the object at fff00000c3e60680 [ 21.232372] which belongs to the cache kmalloc-16 of size 16 [ 21.232821] The buggy address is located 8 bytes inside of [ 21.232821] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.233468] [ 21.233660] The buggy address belongs to the physical page: [ 21.233948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.234346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.234697] page_type: f5(slab) [ 21.235020] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.235446] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.235811] page dumped because: kasan: bad access detected [ 21.236137] [ 21.236257] Memory state around the buggy address: [ 21.236514] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.236856] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.237242] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.237539] ^ [ 21.237827] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.238088] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.238487] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.951064] ================================================================== [ 20.951483] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 20.951787] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 20.952111] [ 20.952372] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.952486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952524] Hardware name: linux,dummy-virt (DT) [ 20.952593] Call trace: [ 20.952625] show_stack+0x20/0x38 (C) [ 20.952688] dump_stack_lvl+0x8c/0xd0 [ 20.952746] print_report+0x118/0x608 [ 20.952801] kasan_report+0xdc/0x128 [ 20.952856] __asan_report_load8_noabort+0x20/0x30 [ 20.952911] kasan_bitops_modify.constprop.0+0xa4c/0xbc8 [ 20.952997] kasan_bitops_generic+0x110/0x1c8 [ 20.953059] kunit_try_run_case+0x170/0x3f0 [ 20.953116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.953186] kthread+0x318/0x620 [ 20.953258] ret_from_fork+0x10/0x20 [ 20.953331] [ 20.957566] Allocated by task 251: [ 20.957821] kasan_save_stack+0x3c/0x68 [ 20.958487] kasan_save_track+0x20/0x40 [ 20.958940] kasan_save_alloc_info+0x40/0x58 [ 20.959371] __kasan_kmalloc+0xd4/0xd8 [ 20.959855] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.960238] kasan_bitops_generic+0xa0/0x1c8 [ 20.960580] kunit_try_run_case+0x170/0x3f0 [ 20.960944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.961389] kthread+0x318/0x620 [ 20.961724] ret_from_fork+0x10/0x20 [ 20.961958] [ 20.962591] The buggy address belongs to the object at fff00000c3e60680 [ 20.962591] which belongs to the cache kmalloc-16 of size 16 [ 20.963273] The buggy address is located 8 bytes inside of [ 20.963273] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 20.963804] [ 20.963945] The buggy address belongs to the physical page: [ 20.964207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 20.964619] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.964967] page_type: f5(slab) [ 20.966042] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.966480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.967539] page dumped because: kasan: bad access detected [ 20.968038] [ 20.968268] Memory state around the buggy address: [ 20.968574] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.969059] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.969566] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.970208] ^ [ 20.970442] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.970740] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.971125] ================================================================== [ 20.972689] ================================================================== [ 20.973050] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 20.973635] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 20.974080] [ 20.974249] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.974353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.974388] Hardware name: linux,dummy-virt (DT) [ 20.974433] Call trace: [ 20.974462] show_stack+0x20/0x38 (C) [ 20.974531] dump_stack_lvl+0x8c/0xd0 [ 20.974589] print_report+0x118/0x608 [ 20.974646] kasan_report+0xdc/0x128 [ 20.974699] kasan_check_range+0x100/0x1a8 [ 20.974749] __kasan_check_write+0x20/0x30 [ 20.974802] kasan_bitops_modify.constprop.0+0x1dc/0xbc8 [ 20.974861] kasan_bitops_generic+0x110/0x1c8 [ 20.974966] kunit_try_run_case+0x170/0x3f0 [ 20.975031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.975091] kthread+0x318/0x620 [ 20.975143] ret_from_fork+0x10/0x20 [ 20.975219] [ 20.979361] Allocated by task 251: [ 20.979687] kasan_save_stack+0x3c/0x68 [ 20.980015] kasan_save_track+0x20/0x40 [ 20.980369] kasan_save_alloc_info+0x40/0x58 [ 20.980563] __kasan_kmalloc+0xd4/0xd8 [ 20.980825] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.981130] kasan_bitops_generic+0xa0/0x1c8 [ 20.981412] kunit_try_run_case+0x170/0x3f0 [ 20.981690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.982030] kthread+0x318/0x620 [ 20.982544] ret_from_fork+0x10/0x20 [ 20.982791] [ 20.982971] The buggy address belongs to the object at fff00000c3e60680 [ 20.982971] which belongs to the cache kmalloc-16 of size 16 [ 20.983521] The buggy address is located 8 bytes inside of [ 20.983521] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 20.984173] [ 20.984363] The buggy address belongs to the physical page: [ 20.984666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 20.985062] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.985526] page_type: f5(slab) [ 20.985724] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.986145] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.986390] page dumped because: kasan: bad access detected [ 20.987196] [ 20.987443] Memory state around the buggy address: [ 20.988084] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.988823] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.989071] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.989302] ^ [ 20.989461] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.989695] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.989913] ================================================================== [ 21.101943] ================================================================== [ 21.102528] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 21.103128] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.103379] [ 21.103518] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.103621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.103654] Hardware name: linux,dummy-virt (DT) [ 21.103695] Call trace: [ 21.103724] show_stack+0x20/0x38 (C) [ 21.103786] dump_stack_lvl+0x8c/0xd0 [ 21.103843] print_report+0x118/0x608 [ 21.103899] kasan_report+0xdc/0x128 [ 21.103950] kasan_check_range+0x100/0x1a8 [ 21.104003] __kasan_check_write+0x20/0x30 [ 21.104056] kasan_bitops_modify.constprop.0+0x3b0/0xbc8 [ 21.104112] kasan_bitops_generic+0x110/0x1c8 [ 21.104184] kunit_try_run_case+0x170/0x3f0 [ 21.104242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.104301] kthread+0x318/0x620 [ 21.104354] ret_from_fork+0x10/0x20 [ 21.104409] [ 21.109637] Allocated by task 251: [ 21.109926] kasan_save_stack+0x3c/0x68 [ 21.110672] kasan_save_track+0x20/0x40 [ 21.110943] kasan_save_alloc_info+0x40/0x58 [ 21.111490] __kasan_kmalloc+0xd4/0xd8 [ 21.111698] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.112130] kasan_bitops_generic+0xa0/0x1c8 [ 21.112504] kunit_try_run_case+0x170/0x3f0 [ 21.112834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.113230] kthread+0x318/0x620 [ 21.113460] ret_from_fork+0x10/0x20 [ 21.113708] [ 21.113850] The buggy address belongs to the object at fff00000c3e60680 [ 21.113850] which belongs to the cache kmalloc-16 of size 16 [ 21.114810] The buggy address is located 8 bytes inside of [ 21.114810] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.115449] [ 21.115712] The buggy address belongs to the physical page: [ 21.116095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.116556] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.116875] page_type: f5(slab) [ 21.117096] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.117518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.118020] page dumped because: kasan: bad access detected [ 21.118324] [ 21.119480] Memory state around the buggy address: [ 21.119744] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.120021] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.120311] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.120569] ^ [ 21.120752] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121026] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.121926] ================================================================== [ 20.991578] ================================================================== [ 20.991853] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 20.992110] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 20.994328] [ 20.994844] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.994969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.995006] Hardware name: linux,dummy-virt (DT) [ 20.995048] Call trace: [ 20.995077] show_stack+0x20/0x38 (C) [ 20.995146] dump_stack_lvl+0x8c/0xd0 [ 20.995223] print_report+0x118/0x608 [ 20.995283] kasan_report+0xdc/0x128 [ 20.995644] __asan_report_load8_noabort+0x20/0x30 [ 20.995718] kasan_bitops_modify.constprop.0+0xa88/0xbc8 [ 20.995778] kasan_bitops_generic+0x110/0x1c8 [ 20.995831] kunit_try_run_case+0x170/0x3f0 [ 20.995884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.995942] kthread+0x318/0x620 [ 20.995992] ret_from_fork+0x10/0x20 [ 20.996046] [ 21.000065] Allocated by task 251: [ 21.000445] kasan_save_stack+0x3c/0x68 [ 21.000688] kasan_save_track+0x20/0x40 [ 21.001013] kasan_save_alloc_info+0x40/0x58 [ 21.001318] __kasan_kmalloc+0xd4/0xd8 [ 21.001557] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.001824] kasan_bitops_generic+0xa0/0x1c8 [ 21.002082] kunit_try_run_case+0x170/0x3f0 [ 21.002327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.002628] kthread+0x318/0x620 [ 21.002844] ret_from_fork+0x10/0x20 [ 21.003090] [ 21.004504] The buggy address belongs to the object at fff00000c3e60680 [ 21.004504] which belongs to the cache kmalloc-16 of size 16 [ 21.005383] The buggy address is located 8 bytes inside of [ 21.005383] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.006330] [ 21.006548] The buggy address belongs to the physical page: [ 21.007092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.007539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.008010] page_type: f5(slab) [ 21.008312] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.008827] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.009355] page dumped because: kasan: bad access detected [ 21.009834] [ 21.009971] Memory state around the buggy address: [ 21.010988] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.011651] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.012254] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.012721] ^ [ 21.012956] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.013570] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.014052] ================================================================== [ 21.123393] ================================================================== [ 21.123775] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 21.124226] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.124637] [ 21.124838] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.124944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.124978] Hardware name: linux,dummy-virt (DT) [ 21.125020] Call trace: [ 21.125049] show_stack+0x20/0x38 (C) [ 21.125113] dump_stack_lvl+0x8c/0xd0 [ 21.125185] print_report+0x118/0x608 [ 21.125245] kasan_report+0xdc/0x128 [ 21.125302] __asan_report_load8_noabort+0x20/0x30 [ 21.125359] kasan_bitops_modify.constprop.0+0xa28/0xbc8 [ 21.125421] kasan_bitops_generic+0x110/0x1c8 [ 21.125479] kunit_try_run_case+0x170/0x3f0 [ 21.125550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.125615] kthread+0x318/0x620 [ 21.125670] ret_from_fork+0x10/0x20 [ 21.125730] [ 21.129216] Allocated by task 251: [ 21.129553] kasan_save_stack+0x3c/0x68 [ 21.129931] kasan_save_track+0x20/0x40 [ 21.130128] kasan_save_alloc_info+0x40/0x58 [ 21.130960] __kasan_kmalloc+0xd4/0xd8 [ 21.131135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.131388] kasan_bitops_generic+0xa0/0x1c8 [ 21.131759] kunit_try_run_case+0x170/0x3f0 [ 21.132023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.132303] kthread+0x318/0x620 [ 21.132540] ret_from_fork+0x10/0x20 [ 21.132772] [ 21.132927] The buggy address belongs to the object at fff00000c3e60680 [ 21.132927] which belongs to the cache kmalloc-16 of size 16 [ 21.134785] The buggy address is located 8 bytes inside of [ 21.134785] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.135166] [ 21.135337] The buggy address belongs to the physical page: [ 21.135732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.136075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.136537] page_type: f5(slab) [ 21.136759] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.137130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.137480] page dumped because: kasan: bad access detected [ 21.137787] [ 21.137960] Memory state around the buggy address: [ 21.138538] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.138919] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.139241] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.139549] ^ [ 21.139763] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.140070] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.140933] ================================================================== [ 21.015553] ================================================================== [ 21.015896] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 21.016331] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.016638] [ 21.016830] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.016928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.016963] Hardware name: linux,dummy-virt (DT) [ 21.017003] Call trace: [ 21.017031] show_stack+0x20/0x38 (C) [ 21.017092] dump_stack_lvl+0x8c/0xd0 [ 21.017150] print_report+0x118/0x608 [ 21.017336] kasan_report+0xdc/0x128 [ 21.017399] kasan_check_range+0x100/0x1a8 [ 21.017455] __kasan_check_write+0x20/0x30 [ 21.017526] kasan_bitops_modify.constprop.0+0x2b4/0xbc8 [ 21.017594] kasan_bitops_generic+0x110/0x1c8 [ 21.017653] kunit_try_run_case+0x170/0x3f0 [ 21.017712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.017774] kthread+0x318/0x620 [ 21.017835] ret_from_fork+0x10/0x20 [ 21.017894] [ 21.022404] Allocated by task 251: [ 21.023033] kasan_save_stack+0x3c/0x68 [ 21.023398] kasan_save_track+0x20/0x40 [ 21.023726] kasan_save_alloc_info+0x40/0x58 [ 21.024115] __kasan_kmalloc+0xd4/0xd8 [ 21.024474] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.024866] kasan_bitops_generic+0xa0/0x1c8 [ 21.025254] kunit_try_run_case+0x170/0x3f0 [ 21.025640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.026089] kthread+0x318/0x620 [ 21.026329] ret_from_fork+0x10/0x20 [ 21.027210] [ 21.027354] The buggy address belongs to the object at fff00000c3e60680 [ 21.027354] which belongs to the cache kmalloc-16 of size 16 [ 21.028065] The buggy address is located 8 bytes inside of [ 21.028065] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.028694] [ 21.028886] The buggy address belongs to the physical page: [ 21.029179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.029776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.030402] page_type: f5(slab) [ 21.030597] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.031246] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.031790] page dumped because: kasan: bad access detected [ 21.032052] [ 21.032407] Memory state around the buggy address: [ 21.032774] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.033291] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.033591] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.034044] ^ [ 21.035125] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.035643] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.036117] ================================================================== [ 21.060814] ================================================================== [ 21.061416] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 21.061883] Read of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.062946] [ 21.063289] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.063400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.063436] Hardware name: linux,dummy-virt (DT) [ 21.063477] Call trace: [ 21.063508] show_stack+0x20/0x38 (C) [ 21.063576] dump_stack_lvl+0x8c/0xd0 [ 21.063635] print_report+0x118/0x608 [ 21.063712] kasan_report+0xdc/0x128 [ 21.063878] __asan_report_load8_noabort+0x20/0x30 [ 21.063938] kasan_bitops_modify.constprop.0+0xaf4/0xbc8 [ 21.063999] kasan_bitops_generic+0x110/0x1c8 [ 21.064056] kunit_try_run_case+0x170/0x3f0 [ 21.064113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.064195] kthread+0x318/0x620 [ 21.064253] ret_from_fork+0x10/0x20 [ 21.064313] [ 21.068359] Allocated by task 251: [ 21.068643] kasan_save_stack+0x3c/0x68 [ 21.069074] kasan_save_track+0x20/0x40 [ 21.069452] kasan_save_alloc_info+0x40/0x58 [ 21.069655] __kasan_kmalloc+0xd4/0xd8 [ 21.069828] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.070017] kasan_bitops_generic+0xa0/0x1c8 [ 21.070667] kunit_try_run_case+0x170/0x3f0 [ 21.070876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.071080] kthread+0x318/0x620 [ 21.071251] ret_from_fork+0x10/0x20 [ 21.071525] [ 21.071693] The buggy address belongs to the object at fff00000c3e60680 [ 21.071693] which belongs to the cache kmalloc-16 of size 16 [ 21.072271] The buggy address is located 8 bytes inside of [ 21.072271] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.072978] [ 21.073102] The buggy address belongs to the physical page: [ 21.073417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.073891] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.074538] page_type: f5(slab) [ 21.074918] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.075570] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.075834] page dumped because: kasan: bad access detected [ 21.076009] [ 21.076113] Memory state around the buggy address: [ 21.076311] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.076544] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.076761] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.076968] ^ [ 21.077119] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.077537] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.078717] ================================================================== [ 20.931563] ================================================================== [ 20.932128] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 20.932771] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 20.933309] [ 20.933456] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.933579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.933887] Hardware name: linux,dummy-virt (DT) [ 20.933938] Call trace: [ 20.933973] show_stack+0x20/0x38 (C) [ 20.934040] dump_stack_lvl+0x8c/0xd0 [ 20.934232] print_report+0x118/0x608 [ 20.934335] kasan_report+0xdc/0x128 [ 20.934391] kasan_check_range+0x100/0x1a8 [ 20.934463] __kasan_check_write+0x20/0x30 [ 20.934567] kasan_bitops_modify.constprop.0+0x100/0xbc8 [ 20.934630] kasan_bitops_generic+0x110/0x1c8 [ 20.934686] kunit_try_run_case+0x170/0x3f0 [ 20.934743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.934802] kthread+0x318/0x620 [ 20.934855] ret_from_fork+0x10/0x20 [ 20.934914] [ 20.939960] Allocated by task 251: [ 20.940189] kasan_save_stack+0x3c/0x68 [ 20.940475] kasan_save_track+0x20/0x40 [ 20.940918] kasan_save_alloc_info+0x40/0x58 [ 20.941344] __kasan_kmalloc+0xd4/0xd8 [ 20.941590] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.941905] kasan_bitops_generic+0xa0/0x1c8 [ 20.942502] kunit_try_run_case+0x170/0x3f0 [ 20.942731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.942931] kthread+0x318/0x620 [ 20.943089] ret_from_fork+0x10/0x20 [ 20.943340] [ 20.943529] The buggy address belongs to the object at fff00000c3e60680 [ 20.943529] which belongs to the cache kmalloc-16 of size 16 [ 20.943881] The buggy address is located 8 bytes inside of [ 20.943881] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 20.944594] [ 20.944793] The buggy address belongs to the physical page: [ 20.945122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 20.945612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.945979] page_type: f5(slab) [ 20.946269] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.946653] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.947193] page dumped because: kasan: bad access detected [ 20.947454] [ 20.947641] Memory state around the buggy address: [ 20.947867] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.948295] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.948640] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.949075] ^ [ 20.949337] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.949690] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.950207] ================================================================== [ 21.037221] ================================================================== [ 21.037874] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 21.038634] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.039197] [ 21.039643] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.039756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.039790] Hardware name: linux,dummy-virt (DT) [ 21.039931] Call trace: [ 21.039964] show_stack+0x20/0x38 (C) [ 21.040034] dump_stack_lvl+0x8c/0xd0 [ 21.040092] print_report+0x118/0x608 [ 21.040149] kasan_report+0xdc/0x128 [ 21.040227] kasan_check_range+0x100/0x1a8 [ 21.040282] __kasan_check_write+0x20/0x30 [ 21.040335] kasan_bitops_modify.constprop.0+0x320/0xbc8 [ 21.040394] kasan_bitops_generic+0x110/0x1c8 [ 21.040451] kunit_try_run_case+0x170/0x3f0 [ 21.040507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040568] kthread+0x318/0x620 [ 21.040622] ret_from_fork+0x10/0x20 [ 21.040681] [ 21.045887] Allocated by task 251: [ 21.046449] kasan_save_stack+0x3c/0x68 [ 21.047081] kasan_save_track+0x20/0x40 [ 21.047372] kasan_save_alloc_info+0x40/0x58 [ 21.047774] __kasan_kmalloc+0xd4/0xd8 [ 21.048094] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.048349] kasan_bitops_generic+0xa0/0x1c8 [ 21.048723] kunit_try_run_case+0x170/0x3f0 [ 21.049039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.049369] kthread+0x318/0x620 [ 21.049751] ret_from_fork+0x10/0x20 [ 21.050187] [ 21.050348] The buggy address belongs to the object at fff00000c3e60680 [ 21.050348] which belongs to the cache kmalloc-16 of size 16 [ 21.051654] The buggy address is located 8 bytes inside of [ 21.051654] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.052336] [ 21.052573] The buggy address belongs to the physical page: [ 21.052866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.053434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.053980] page_type: f5(slab) [ 21.054500] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.055016] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.055587] page dumped because: kasan: bad access detected [ 21.056039] [ 21.056163] Memory state around the buggy address: [ 21.056565] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.057068] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.057448] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.057980] ^ [ 21.058426] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.059567] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.059958] ================================================================== [ 21.079779] ================================================================== [ 21.080047] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 21.080314] Write of size 8 at addr fff00000c3e60688 by task kunit_try_catch/251 [ 21.080540] [ 21.080660] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 21.080755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.080789] Hardware name: linux,dummy-virt (DT) [ 21.080830] Call trace: [ 21.080858] show_stack+0x20/0x38 (C) [ 21.080917] dump_stack_lvl+0x8c/0xd0 [ 21.080974] print_report+0x118/0x608 [ 21.081028] kasan_report+0xdc/0x128 [ 21.081081] kasan_check_range+0x100/0x1a8 [ 21.081133] __kasan_check_write+0x20/0x30 [ 21.081216] kasan_bitops_modify.constprop.0+0x344/0xbc8 [ 21.081274] kasan_bitops_generic+0x110/0x1c8 [ 21.081329] kunit_try_run_case+0x170/0x3f0 [ 21.081385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.081446] kthread+0x318/0x620 [ 21.081848] ret_from_fork+0x10/0x20 [ 21.081923] [ 21.088473] Allocated by task 251: [ 21.088696] kasan_save_stack+0x3c/0x68 [ 21.088924] kasan_save_track+0x20/0x40 [ 21.089128] kasan_save_alloc_info+0x40/0x58 [ 21.089394] __kasan_kmalloc+0xd4/0xd8 [ 21.089646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.089905] kasan_bitops_generic+0xa0/0x1c8 [ 21.091281] kunit_try_run_case+0x170/0x3f0 [ 21.091501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.091960] kthread+0x318/0x620 [ 21.092274] ret_from_fork+0x10/0x20 [ 21.092870] [ 21.093107] The buggy address belongs to the object at fff00000c3e60680 [ 21.093107] which belongs to the cache kmalloc-16 of size 16 [ 21.093815] The buggy address is located 8 bytes inside of [ 21.093815] allocated 9-byte region [fff00000c3e60680, fff00000c3e60689) [ 21.095001] [ 21.095186] The buggy address belongs to the physical page: [ 21.095373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 21.095698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.095966] page_type: f5(slab) [ 21.096197] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.096553] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.097041] page dumped because: kasan: bad access detected [ 21.097423] [ 21.097609] Memory state around the buggy address: [ 21.097944] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.098819] fff00000c3e60600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.099282] >fff00000c3e60680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.099526] ^ [ 21.099920] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100272] fff00000c3e60780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.100541] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.897945] ================================================================== [ 20.899271] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.899778] Read of size 1 at addr fff00000c3f46150 by task kunit_try_catch/249 [ 20.900294] [ 20.900569] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.900674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.900711] Hardware name: linux,dummy-virt (DT) [ 20.900753] Call trace: [ 20.900782] show_stack+0x20/0x38 (C) [ 20.900849] dump_stack_lvl+0x8c/0xd0 [ 20.900908] print_report+0x118/0x608 [ 20.900967] kasan_report+0xdc/0x128 [ 20.901022] __asan_report_load1_noabort+0x20/0x30 [ 20.901079] strnlen+0x80/0x88 [ 20.901129] kasan_strings+0x364/0x8d8 [ 20.901327] kunit_try_run_case+0x170/0x3f0 [ 20.901417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.901482] kthread+0x318/0x620 [ 20.901555] ret_from_fork+0x10/0x20 [ 20.901619] [ 20.905749] Allocated by task 249: [ 20.906319] kasan_save_stack+0x3c/0x68 [ 20.906609] kasan_save_track+0x20/0x40 [ 20.906854] kasan_save_alloc_info+0x40/0x58 [ 20.907096] __kasan_kmalloc+0xd4/0xd8 [ 20.907335] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.907592] kasan_strings+0xb0/0x8d8 [ 20.907827] kunit_try_run_case+0x170/0x3f0 [ 20.908065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.908488] kthread+0x318/0x620 [ 20.908722] ret_from_fork+0x10/0x20 [ 20.909065] [ 20.909239] Freed by task 249: [ 20.909447] kasan_save_stack+0x3c/0x68 [ 20.909740] kasan_save_track+0x20/0x40 [ 20.909991] kasan_save_free_info+0x4c/0x78 [ 20.910312] __kasan_slab_free+0x6c/0x98 [ 20.910628] kfree+0x214/0x3c8 [ 20.911224] kasan_strings+0x124/0x8d8 [ 20.911685] kunit_try_run_case+0x170/0x3f0 [ 20.911976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.912218] kthread+0x318/0x620 [ 20.912425] ret_from_fork+0x10/0x20 [ 20.912656] [ 20.912772] The buggy address belongs to the object at fff00000c3f46140 [ 20.912772] which belongs to the cache kmalloc-32 of size 32 [ 20.913717] The buggy address is located 16 bytes inside of [ 20.913717] freed 32-byte region [fff00000c3f46140, fff00000c3f46160) [ 20.914072] [ 20.914696] The buggy address belongs to the physical page: [ 20.915086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f46 [ 20.915578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.916111] page_type: f5(slab) [ 20.916490] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.916953] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.917483] page dumped because: kasan: bad access detected [ 20.917891] [ 20.918055] Memory state around the buggy address: [ 20.919417] fff00000c3f46000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.919940] fff00000c3f46080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.920307] >fff00000c3f46100: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.920813] ^ [ 20.921259] fff00000c3f46180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.921763] fff00000c3f46200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.922088] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.873613] ================================================================== [ 20.874138] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.874488] Read of size 1 at addr fff00000c3f46150 by task kunit_try_catch/249 [ 20.874858] [ 20.875118] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.875265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.875302] Hardware name: linux,dummy-virt (DT) [ 20.875344] Call trace: [ 20.875375] show_stack+0x20/0x38 (C) [ 20.875455] dump_stack_lvl+0x8c/0xd0 [ 20.875515] print_report+0x118/0x608 [ 20.875577] kasan_report+0xdc/0x128 [ 20.875636] __asan_report_load1_noabort+0x20/0x30 [ 20.875694] strlen+0xa8/0xb0 [ 20.875745] kasan_strings+0x304/0x8d8 [ 20.875802] kunit_try_run_case+0x170/0x3f0 [ 20.875860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.875922] kthread+0x318/0x620 [ 20.875977] ret_from_fork+0x10/0x20 [ 20.876038] [ 20.880205] Allocated by task 249: [ 20.880594] kasan_save_stack+0x3c/0x68 [ 20.880848] kasan_save_track+0x20/0x40 [ 20.881060] kasan_save_alloc_info+0x40/0x58 [ 20.881294] __kasan_kmalloc+0xd4/0xd8 [ 20.881538] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.881800] kasan_strings+0xb0/0x8d8 [ 20.882026] kunit_try_run_case+0x170/0x3f0 [ 20.882847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.883329] kthread+0x318/0x620 [ 20.883628] ret_from_fork+0x10/0x20 [ 20.883898] [ 20.884104] Freed by task 249: [ 20.884383] kasan_save_stack+0x3c/0x68 [ 20.884611] kasan_save_track+0x20/0x40 [ 20.884999] kasan_save_free_info+0x4c/0x78 [ 20.885372] __kasan_slab_free+0x6c/0x98 [ 20.885605] kfree+0x214/0x3c8 [ 20.885814] kasan_strings+0x124/0x8d8 [ 20.886040] kunit_try_run_case+0x170/0x3f0 [ 20.886623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.886879] kthread+0x318/0x620 [ 20.887092] ret_from_fork+0x10/0x20 [ 20.887337] [ 20.887471] The buggy address belongs to the object at fff00000c3f46140 [ 20.887471] which belongs to the cache kmalloc-32 of size 32 [ 20.888008] The buggy address is located 16 bytes inside of [ 20.888008] freed 32-byte region [fff00000c3f46140, fff00000c3f46160) [ 20.888927] [ 20.889223] The buggy address belongs to the physical page: [ 20.889757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f46 [ 20.890495] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.891617] page_type: f5(slab) [ 20.891801] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.892401] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.892972] page dumped because: kasan: bad access detected [ 20.893396] [ 20.893600] Memory state around the buggy address: [ 20.893996] fff00000c3f46000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.894548] fff00000c3f46080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.895099] >fff00000c3f46100: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.895660] ^ [ 20.896057] fff00000c3f46180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.896518] fff00000c3f46200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.896963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.850468] ================================================================== [ 20.850794] BUG: KASAN: slab-use-after-free in kasan_strings+0x838/0x8d8 [ 20.851033] Read of size 1 at addr fff00000c3f46150 by task kunit_try_catch/249 [ 20.851478] [ 20.851678] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.851773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.851806] Hardware name: linux,dummy-virt (DT) [ 20.851844] Call trace: [ 20.851872] show_stack+0x20/0x38 (C) [ 20.851928] dump_stack_lvl+0x8c/0xd0 [ 20.851981] print_report+0x118/0x608 [ 20.852033] kasan_report+0xdc/0x128 [ 20.852086] __asan_report_load1_noabort+0x20/0x30 [ 20.852141] kasan_strings+0x838/0x8d8 [ 20.852802] kunit_try_run_case+0x170/0x3f0 [ 20.852863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.852924] kthread+0x318/0x620 [ 20.852975] ret_from_fork+0x10/0x20 [ 20.853033] [ 20.855758] Allocated by task 249: [ 20.855956] kasan_save_stack+0x3c/0x68 [ 20.856933] kasan_save_track+0x20/0x40 [ 20.857338] kasan_save_alloc_info+0x40/0x58 [ 20.857623] __kasan_kmalloc+0xd4/0xd8 [ 20.857819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.858199] kasan_strings+0xb0/0x8d8 [ 20.858705] kunit_try_run_case+0x170/0x3f0 [ 20.859183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.859452] kthread+0x318/0x620 [ 20.859652] ret_from_fork+0x10/0x20 [ 20.859867] [ 20.860006] Freed by task 249: [ 20.860191] kasan_save_stack+0x3c/0x68 [ 20.860400] kasan_save_track+0x20/0x40 [ 20.860613] kasan_save_free_info+0x4c/0x78 [ 20.860833] __kasan_slab_free+0x6c/0x98 [ 20.861042] kfree+0x214/0x3c8 [ 20.861798] kasan_strings+0x124/0x8d8 [ 20.862025] kunit_try_run_case+0x170/0x3f0 [ 20.862641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.862912] kthread+0x318/0x620 [ 20.863233] ret_from_fork+0x10/0x20 [ 20.863450] [ 20.863631] The buggy address belongs to the object at fff00000c3f46140 [ 20.863631] which belongs to the cache kmalloc-32 of size 32 [ 20.864141] The buggy address is located 16 bytes inside of [ 20.864141] freed 32-byte region [fff00000c3f46140, fff00000c3f46160) [ 20.864590] [ 20.864787] The buggy address belongs to the physical page: [ 20.865178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f46 [ 20.865656] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.865895] page_type: f5(slab) [ 20.866059] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.866905] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.867273] page dumped because: kasan: bad access detected [ 20.867544] [ 20.867678] Memory state around the buggy address: [ 20.867909] fff00000c3f46000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.869180] fff00000c3f46080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.869603] >fff00000c3f46100: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.869982] ^ [ 20.871404] fff00000c3f46180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.871831] fff00000c3f46200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.872170] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.824741] ================================================================== [ 20.825800] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.826346] Read of size 1 at addr fff00000c3f46150 by task kunit_try_catch/249 [ 20.826805] [ 20.827027] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.827131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.827179] Hardware name: linux,dummy-virt (DT) [ 20.827223] Call trace: [ 20.827253] show_stack+0x20/0x38 (C) [ 20.827319] dump_stack_lvl+0x8c/0xd0 [ 20.827378] print_report+0x118/0x608 [ 20.827438] kasan_report+0xdc/0x128 [ 20.827494] __asan_report_load1_noabort+0x20/0x30 [ 20.827553] strcmp+0xc0/0xc8 [ 20.827602] kasan_strings+0x228/0x8d8 [ 20.827655] kunit_try_run_case+0x170/0x3f0 [ 20.827709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.827770] kthread+0x318/0x620 [ 20.827824] ret_from_fork+0x10/0x20 [ 20.827883] [ 20.831831] Allocated by task 249: [ 20.832163] kasan_save_stack+0x3c/0x68 [ 20.832511] kasan_save_track+0x20/0x40 [ 20.832752] kasan_save_alloc_info+0x40/0x58 [ 20.833024] __kasan_kmalloc+0xd4/0xd8 [ 20.833680] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.834039] kasan_strings+0xb0/0x8d8 [ 20.834639] kunit_try_run_case+0x170/0x3f0 [ 20.835013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.835470] kthread+0x318/0x620 [ 20.835776] ret_from_fork+0x10/0x20 [ 20.836099] [ 20.836245] Freed by task 249: [ 20.836431] kasan_save_stack+0x3c/0x68 [ 20.836737] kasan_save_track+0x20/0x40 [ 20.836965] kasan_save_free_info+0x4c/0x78 [ 20.837282] __kasan_slab_free+0x6c/0x98 [ 20.837596] kfree+0x214/0x3c8 [ 20.837851] kasan_strings+0x124/0x8d8 [ 20.838116] kunit_try_run_case+0x170/0x3f0 [ 20.838697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.839012] kthread+0x318/0x620 [ 20.839230] ret_from_fork+0x10/0x20 [ 20.839448] [ 20.839593] The buggy address belongs to the object at fff00000c3f46140 [ 20.839593] which belongs to the cache kmalloc-32 of size 32 [ 20.840051] The buggy address is located 16 bytes inside of [ 20.840051] freed 32-byte region [fff00000c3f46140, fff00000c3f46160) [ 20.840482] [ 20.840618] The buggy address belongs to the physical page: [ 20.840852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f46 [ 20.841763] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.842599] page_type: f5(slab) [ 20.842866] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.843120] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.843379] page dumped because: kasan: bad access detected [ 20.843572] [ 20.843678] Memory state around the buggy address: [ 20.843862] fff00000c3f46000: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.844098] fff00000c3f46080: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.844351] >fff00000c3f46100: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.844605] ^ [ 20.845046] fff00000c3f46180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.845471] fff00000c3f46200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.845958] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.794641] ================================================================== [ 20.795213] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.795577] Read of size 1 at addr fff00000c3f60218 by task kunit_try_catch/247 [ 20.795834] [ 20.795966] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.796073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.796106] Hardware name: linux,dummy-virt (DT) [ 20.796148] Call trace: [ 20.796444] show_stack+0x20/0x38 (C) [ 20.796542] dump_stack_lvl+0x8c/0xd0 [ 20.796606] print_report+0x118/0x608 [ 20.796668] kasan_report+0xdc/0x128 [ 20.796724] __asan_report_load1_noabort+0x20/0x30 [ 20.796781] memcmp+0x198/0x1d8 [ 20.796832] kasan_memcmp+0x16c/0x300 [ 20.796886] kunit_try_run_case+0x170/0x3f0 [ 20.796945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.797007] kthread+0x318/0x620 [ 20.797063] ret_from_fork+0x10/0x20 [ 20.797125] [ 20.801177] Allocated by task 247: [ 20.801401] kasan_save_stack+0x3c/0x68 [ 20.801785] kasan_save_track+0x20/0x40 [ 20.802172] kasan_save_alloc_info+0x40/0x58 [ 20.802677] __kasan_kmalloc+0xd4/0xd8 [ 20.803444] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.803740] kasan_memcmp+0xbc/0x300 [ 20.804015] kunit_try_run_case+0x170/0x3f0 [ 20.804372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.804732] kthread+0x318/0x620 [ 20.805044] ret_from_fork+0x10/0x20 [ 20.805262] [ 20.805492] The buggy address belongs to the object at fff00000c3f60200 [ 20.805492] which belongs to the cache kmalloc-32 of size 32 [ 20.806244] The buggy address is located 0 bytes to the right of [ 20.806244] allocated 24-byte region [fff00000c3f60200, fff00000c3f60218) [ 20.807225] [ 20.807383] The buggy address belongs to the physical page: [ 20.807765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f60 [ 20.808205] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.808768] page_type: f5(slab) [ 20.809105] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.809589] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.810058] page dumped because: kasan: bad access detected [ 20.810466] [ 20.811130] Memory state around the buggy address: [ 20.811361] fff00000c3f60100: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.811963] fff00000c3f60180: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.812371] >fff00000c3f60200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.812842] ^ [ 20.813134] fff00000c3f60280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.813517] fff00000c3f60300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.813869] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.764621] ================================================================== [ 20.765396] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2e4/0x348 [ 20.766122] Read of size 1 at addr ffff800080b47b4a by task kunit_try_catch/243 [ 20.767623] [ 20.767801] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.767915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.767952] Hardware name: linux,dummy-virt (DT) [ 20.767997] Call trace: [ 20.768029] show_stack+0x20/0x38 (C) [ 20.768104] dump_stack_lvl+0x8c/0xd0 [ 20.768191] print_report+0x310/0x608 [ 20.768256] kasan_report+0xdc/0x128 [ 20.768311] __asan_report_load1_noabort+0x20/0x30 [ 20.768368] kasan_alloca_oob_right+0x2e4/0x348 [ 20.768427] kunit_try_run_case+0x170/0x3f0 [ 20.768487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.768548] kthread+0x318/0x620 [ 20.768612] ret_from_fork+0x10/0x20 [ 20.768673] [ 20.771129] The buggy address belongs to stack of task kunit_try_catch/243 [ 20.771538] [ 20.771664] The buggy address belongs to the virtual mapping at [ 20.771664] [ffff800080b40000, ffff800080b49000) created by: [ 20.771664] kernel_clone+0x150/0x7a8 [ 20.772732] [ 20.772854] The buggy address belongs to the physical page: [ 20.773042] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f44 [ 20.773901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.774286] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.774704] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.775077] page dumped because: kasan: bad access detected [ 20.776255] [ 20.776433] Memory state around the buggy address: [ 20.776668] ffff800080b47a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.776948] ffff800080b47a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.777250] >ffff800080b47b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.777612] ^ [ 20.777924] ffff800080b47b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.778686] ffff800080b47c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.779442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.739062] ================================================================== [ 20.739557] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.740249] Read of size 1 at addr ffff800080b47b5f by task kunit_try_catch/241 [ 20.740757] [ 20.741135] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.741267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.741403] Hardware name: linux,dummy-virt (DT) [ 20.741452] Call trace: [ 20.741486] show_stack+0x20/0x38 (C) [ 20.741572] dump_stack_lvl+0x8c/0xd0 [ 20.741634] print_report+0x310/0x608 [ 20.741691] kasan_report+0xdc/0x128 [ 20.741746] __asan_report_load1_noabort+0x20/0x30 [ 20.741804] kasan_alloca_oob_left+0x2b8/0x310 [ 20.741861] kunit_try_run_case+0x170/0x3f0 [ 20.741919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.741981] kthread+0x318/0x620 [ 20.742035] ret_from_fork+0x10/0x20 [ 20.742631] [ 20.747176] The buggy address belongs to stack of task kunit_try_catch/241 [ 20.747769] [ 20.747959] The buggy address belongs to the virtual mapping at [ 20.747959] [ffff800080b40000, ffff800080b49000) created by: [ 20.747959] kernel_clone+0x150/0x7a8 [ 20.748685] [ 20.748981] The buggy address belongs to the physical page: [ 20.749504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f44 [ 20.750111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.750531] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.750992] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.751794] page dumped because: kasan: bad access detected [ 20.752271] [ 20.752523] Memory state around the buggy address: [ 20.752983] ffff800080b47a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.753542] ffff800080b47a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.754083] >ffff800080b47b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.754745] ^ [ 20.755281] ffff800080b47b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.755723] ffff800080b47c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.756335] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.711871] ================================================================== [ 20.712553] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.712878] Read of size 1 at addr ffff800080b47c2a by task kunit_try_catch/239 [ 20.714063] [ 20.714494] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.714608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.714640] Hardware name: linux,dummy-virt (DT) [ 20.714774] Call trace: [ 20.714809] show_stack+0x20/0x38 (C) [ 20.714880] dump_stack_lvl+0x8c/0xd0 [ 20.714937] print_report+0x310/0x608 [ 20.714989] kasan_report+0xdc/0x128 [ 20.715040] __asan_report_load1_noabort+0x20/0x30 [ 20.715091] kasan_stack_oob+0x238/0x270 [ 20.715139] kunit_try_run_case+0x170/0x3f0 [ 20.715218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.715277] kthread+0x318/0x620 [ 20.715327] ret_from_fork+0x10/0x20 [ 20.715383] [ 20.719254] The buggy address belongs to stack of task kunit_try_catch/239 [ 20.719786] and is located at offset 138 in frame: [ 20.720127] kasan_stack_oob+0x0/0x270 [ 20.720491] [ 20.720632] This frame has 4 objects: [ 20.720934] [48, 49) '__assertion' [ 20.721002] [64, 72) 'array' [ 20.721689] [96, 112) '__assertion' [ 20.722049] [128, 138) 'stack_array' [ 20.722607] [ 20.723103] The buggy address belongs to the virtual mapping at [ 20.723103] [ffff800080b40000, ffff800080b49000) created by: [ 20.723103] kernel_clone+0x150/0x7a8 [ 20.724297] [ 20.724571] The buggy address belongs to the physical page: [ 20.724917] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f44 [ 20.725557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.725815] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.726038] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.726275] page dumped because: kasan: bad access detected [ 20.726449] [ 20.726678] Memory state around the buggy address: [ 20.726842] ffff800080b47b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.727082] ffff800080b47b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.728280] >ffff800080b47c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.728887] ^ [ 20.729542] ffff800080b47c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.730172] ffff800080b47d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.730769] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.683545] ================================================================== [ 20.683998] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.684734] Read of size 1 at addr ffffab5b4bc780cd by task kunit_try_catch/235 [ 20.685376] [ 20.685659] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.685850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.685883] Hardware name: linux,dummy-virt (DT) [ 20.685921] Call trace: [ 20.685949] show_stack+0x20/0x38 (C) [ 20.686018] dump_stack_lvl+0x8c/0xd0 [ 20.686205] print_report+0x310/0x608 [ 20.686351] kasan_report+0xdc/0x128 [ 20.686412] __asan_report_load1_noabort+0x20/0x30 [ 20.686488] kasan_global_oob_right+0x230/0x270 [ 20.686545] kunit_try_run_case+0x170/0x3f0 [ 20.686607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.686666] kthread+0x318/0x620 [ 20.686725] ret_from_fork+0x10/0x20 [ 20.686812] [ 20.690373] The buggy address belongs to the variable: [ 20.690569] global_array+0xd/0x40 [ 20.690924] [ 20.691249] The buggy address belongs to the virtual mapping at [ 20.691249] [ffffab5b49f00000, ffffab5b4bd31000) created by: [ 20.691249] paging_init+0x66c/0x7d0 [ 20.692160] [ 20.692532] The buggy address belongs to the physical page: [ 20.692996] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47a78 [ 20.693455] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.694034] raw: 03fffe0000002000 ffffc1ffc01e9e08 ffffc1ffc01e9e08 0000000000000000 [ 20.694656] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.695061] page dumped because: kasan: bad access detected [ 20.695360] [ 20.695532] Memory state around the buggy address: [ 20.695939] ffffab5b4bc77f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.696366] ffffab5b4bc78000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.696820] >ffffab5b4bc78080: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.697304] ^ [ 20.697700] ffffab5b4bc78100: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.698307] ffffab5b4bc78180: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.698683] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.660585] ================================================================== [ 20.661223] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 20.661778] Free of addr fff00000c66e8001 by task kunit_try_catch/233 [ 20.662088] [ 20.662910] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.663038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.663072] Hardware name: linux,dummy-virt (DT) [ 20.663110] Call trace: [ 20.663137] show_stack+0x20/0x38 (C) [ 20.663228] dump_stack_lvl+0x8c/0xd0 [ 20.663284] print_report+0x118/0x608 [ 20.663341] kasan_report_invalid_free+0xc0/0xe8 [ 20.663396] __kasan_mempool_poison_object+0xfc/0x150 [ 20.663453] mempool_free+0x28c/0x328 [ 20.663509] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 20.663566] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.663623] kunit_try_run_case+0x170/0x3f0 [ 20.663678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.663736] kthread+0x318/0x620 [ 20.663787] ret_from_fork+0x10/0x20 [ 20.663844] [ 20.668750] The buggy address belongs to the physical page: [ 20.669183] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066e8 [ 20.669674] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.670091] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.671004] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.671410] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.671844] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.672235] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.672616] head: 0bfffe0000000002 ffffc1ffc319ba01 ffffffffffffffff 0000000000000000 [ 20.673006] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.673801] page dumped because: kasan: bad access detected [ 20.674461] [ 20.674645] Memory state around the buggy address: [ 20.674861] fff00000c66e7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.675349] fff00000c66e7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.675765] >fff00000c66e8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.676187] ^ [ 20.676384] fff00000c66e8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.676753] fff00000c66e8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.677065] ================================================================== [ 20.631689] ================================================================== [ 20.632287] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 20.632902] Free of addr fff00000c3f2db01 by task kunit_try_catch/231 [ 20.633397] [ 20.633617] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.633742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.633777] Hardware name: linux,dummy-virt (DT) [ 20.633817] Call trace: [ 20.633845] show_stack+0x20/0x38 (C) [ 20.633904] dump_stack_lvl+0x8c/0xd0 [ 20.633961] print_report+0x118/0x608 [ 20.634009] kasan_report_invalid_free+0xc0/0xe8 [ 20.634534] check_slab_allocation+0xfc/0x108 [ 20.634604] __kasan_mempool_poison_object+0x78/0x150 [ 20.634661] mempool_free+0x28c/0x328 [ 20.634718] mempool_kmalloc_invalid_free_helper+0x118/0x2a0 [ 20.634777] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.634832] kunit_try_run_case+0x170/0x3f0 [ 20.634883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.634940] kthread+0x318/0x620 [ 20.634991] ret_from_fork+0x10/0x20 [ 20.635046] [ 20.639362] Allocated by task 231: [ 20.639621] kasan_save_stack+0x3c/0x68 [ 20.639838] kasan_save_track+0x20/0x40 [ 20.640217] kasan_save_alloc_info+0x40/0x58 [ 20.640626] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.641004] remove_element+0x130/0x1f8 [ 20.641361] mempool_alloc_preallocated+0x58/0xc0 [ 20.641666] mempool_kmalloc_invalid_free_helper+0x94/0x2a0 [ 20.642035] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.642536] kunit_try_run_case+0x170/0x3f0 [ 20.642796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.643139] kthread+0x318/0x620 [ 20.643389] ret_from_fork+0x10/0x20 [ 20.643623] [ 20.643814] The buggy address belongs to the object at fff00000c3f2db00 [ 20.643814] which belongs to the cache kmalloc-128 of size 128 [ 20.644378] The buggy address is located 1 bytes inside of [ 20.644378] 128-byte region [fff00000c3f2db00, fff00000c3f2db80) [ 20.644970] [ 20.645190] The buggy address belongs to the physical page: [ 20.645462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2d [ 20.645903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.646474] page_type: f5(slab) [ 20.647098] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.647621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.647991] page dumped because: kasan: bad access detected [ 20.648364] [ 20.648471] Memory state around the buggy address: [ 20.648811] fff00000c3f2da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.649212] fff00000c3f2da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.649722] >fff00000c3f2db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.650095] ^ [ 20.650561] fff00000c3f2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.650851] fff00000c3f2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.651183] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.560476] ================================================================== [ 20.560912] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 20.561629] Free of addr fff00000c3f2d700 by task kunit_try_catch/225 [ 20.562257] [ 20.562564] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.562671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.562702] Hardware name: linux,dummy-virt (DT) [ 20.562741] Call trace: [ 20.562768] show_stack+0x20/0x38 (C) [ 20.562839] dump_stack_lvl+0x8c/0xd0 [ 20.562892] print_report+0x118/0x608 [ 20.562949] kasan_report_invalid_free+0xc0/0xe8 [ 20.563007] check_slab_allocation+0xd4/0x108 [ 20.563061] __kasan_mempool_poison_object+0x78/0x150 [ 20.563245] mempool_free+0x28c/0x328 [ 20.563307] mempool_double_free_helper+0x150/0x2e0 [ 20.563362] mempool_kmalloc_double_free+0xc0/0x118 [ 20.563418] kunit_try_run_case+0x170/0x3f0 [ 20.563471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.563528] kthread+0x318/0x620 [ 20.563579] ret_from_fork+0x10/0x20 [ 20.563632] [ 20.567707] Allocated by task 225: [ 20.567915] kasan_save_stack+0x3c/0x68 [ 20.568133] kasan_save_track+0x20/0x40 [ 20.568354] kasan_save_alloc_info+0x40/0x58 [ 20.568565] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.568807] remove_element+0x130/0x1f8 [ 20.569004] mempool_alloc_preallocated+0x58/0xc0 [ 20.570632] mempool_double_free_helper+0x94/0x2e0 [ 20.570861] mempool_kmalloc_double_free+0xc0/0x118 [ 20.571409] kunit_try_run_case+0x170/0x3f0 [ 20.571703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.572056] kthread+0x318/0x620 [ 20.572456] ret_from_fork+0x10/0x20 [ 20.572654] [ 20.572776] Freed by task 225: [ 20.572941] kasan_save_stack+0x3c/0x68 [ 20.573148] kasan_save_track+0x20/0x40 [ 20.573378] kasan_save_free_info+0x4c/0x78 [ 20.573623] __kasan_mempool_poison_object+0xc0/0x150 [ 20.573893] mempool_free+0x28c/0x328 [ 20.575081] mempool_double_free_helper+0x100/0x2e0 [ 20.575512] mempool_kmalloc_double_free+0xc0/0x118 [ 20.575866] kunit_try_run_case+0x170/0x3f0 [ 20.576173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.576532] kthread+0x318/0x620 [ 20.576802] ret_from_fork+0x10/0x20 [ 20.577070] [ 20.577327] The buggy address belongs to the object at fff00000c3f2d700 [ 20.577327] which belongs to the cache kmalloc-128 of size 128 [ 20.577988] The buggy address is located 0 bytes inside of [ 20.577988] 128-byte region [fff00000c3f2d700, fff00000c3f2d780) [ 20.578687] [ 20.579051] The buggy address belongs to the physical page: [ 20.579381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2d [ 20.579856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.580264] page_type: f5(slab) [ 20.580531] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.581000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.581498] page dumped because: kasan: bad access detected [ 20.581909] [ 20.582409] Memory state around the buggy address: [ 20.582644] fff00000c3f2d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.582862] fff00000c3f2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.583128] >fff00000c3f2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.583367] ^ [ 20.583531] fff00000c3f2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.583790] fff00000c3f2d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.584038] ================================================================== [ 20.613115] ================================================================== [ 20.613679] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 20.614218] Free of addr fff00000c6698000 by task kunit_try_catch/229 [ 20.614725] [ 20.615068] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.615203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.615238] Hardware name: linux,dummy-virt (DT) [ 20.615276] Call trace: [ 20.615302] show_stack+0x20/0x38 (C) [ 20.615367] dump_stack_lvl+0x8c/0xd0 [ 20.615422] print_report+0x118/0x608 [ 20.615475] kasan_report_invalid_free+0xc0/0xe8 [ 20.615530] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.615587] mempool_free+0x24c/0x328 [ 20.615638] mempool_double_free_helper+0x150/0x2e0 [ 20.615693] mempool_page_alloc_double_free+0xbc/0x118 [ 20.615748] kunit_try_run_case+0x170/0x3f0 [ 20.615804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.615862] kthread+0x318/0x620 [ 20.615910] ret_from_fork+0x10/0x20 [ 20.615961] [ 20.620330] The buggy address belongs to the physical page: [ 20.620630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698 [ 20.621082] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.621562] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.621941] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.622436] page dumped because: kasan: bad access detected [ 20.622948] [ 20.623085] Memory state around the buggy address: [ 20.623380] fff00000c6697f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.623770] fff00000c6697f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.624292] >fff00000c6698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.624659] ^ [ 20.624831] fff00000c6698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.625253] fff00000c6698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.625582] ================================================================== [ 20.592380] ================================================================== [ 20.592929] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e0 [ 20.593747] Free of addr fff00000c6698000 by task kunit_try_catch/227 [ 20.594091] [ 20.595038] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.595169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.595205] Hardware name: linux,dummy-virt (DT) [ 20.595244] Call trace: [ 20.595272] show_stack+0x20/0x38 (C) [ 20.595340] dump_stack_lvl+0x8c/0xd0 [ 20.595408] print_report+0x118/0x608 [ 20.595460] kasan_report_invalid_free+0xc0/0xe8 [ 20.595561] __kasan_mempool_poison_object+0x14c/0x150 [ 20.595620] mempool_free+0x28c/0x328 [ 20.595676] mempool_double_free_helper+0x150/0x2e0 [ 20.595731] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.595790] kunit_try_run_case+0x170/0x3f0 [ 20.595843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.595901] kthread+0x318/0x620 [ 20.595951] ret_from_fork+0x10/0x20 [ 20.596010] [ 20.600575] The buggy address belongs to the physical page: [ 20.600803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698 [ 20.601098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.601443] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.601801] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.603312] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.603578] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.604113] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.604351] head: 0bfffe0000000002 ffffc1ffc319a601 ffffffffffffffff 0000000000000000 [ 20.604905] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.605173] page dumped because: kasan: bad access detected [ 20.605592] [ 20.605788] Memory state around the buggy address: [ 20.606023] fff00000c6697f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.606540] fff00000c6697f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.606818] >fff00000c6698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.607076] ^ [ 20.607285] fff00000c6698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.607627] fff00000c6698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.607931] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.540124] ================================================================== [ 20.540753] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.541221] Read of size 1 at addr fff00000c6604000 by task kunit_try_catch/223 [ 20.541705] [ 20.541834] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.541961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.541997] Hardware name: linux,dummy-virt (DT) [ 20.542051] Call trace: [ 20.542083] show_stack+0x20/0x38 (C) [ 20.542150] dump_stack_lvl+0x8c/0xd0 [ 20.542276] print_report+0x118/0x608 [ 20.542337] kasan_report+0xdc/0x128 [ 20.542393] __asan_report_load1_noabort+0x20/0x30 [ 20.542449] mempool_uaf_helper+0x314/0x340 [ 20.542505] mempool_page_alloc_uaf+0xc0/0x118 [ 20.542561] kunit_try_run_case+0x170/0x3f0 [ 20.542621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.542674] kthread+0x318/0x620 [ 20.542723] ret_from_fork+0x10/0x20 [ 20.542775] [ 20.546711] The buggy address belongs to the physical page: [ 20.547053] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106604 [ 20.547498] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.547887] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.548337] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.548778] page dumped because: kasan: bad access detected [ 20.549093] [ 20.549255] Memory state around the buggy address: [ 20.549454] fff00000c6603f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.549701] fff00000c6603f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.550365] >fff00000c6604000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.551458] ^ [ 20.551717] fff00000c6604080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.552133] fff00000c6604100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.552513] ================================================================== [ 20.478385] ================================================================== [ 20.478979] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.479448] Read of size 1 at addr fff00000c6698000 by task kunit_try_catch/219 [ 20.479653] [ 20.479761] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.479850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.479880] Hardware name: linux,dummy-virt (DT) [ 20.479916] Call trace: [ 20.479941] show_stack+0x20/0x38 (C) [ 20.479992] dump_stack_lvl+0x8c/0xd0 [ 20.480043] print_report+0x118/0x608 [ 20.480089] kasan_report+0xdc/0x128 [ 20.480135] __asan_report_load1_noabort+0x20/0x30 [ 20.480211] mempool_uaf_helper+0x314/0x340 [ 20.480258] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.480307] kunit_try_run_case+0x170/0x3f0 [ 20.480355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.480409] kthread+0x318/0x620 [ 20.480454] ret_from_fork+0x10/0x20 [ 20.480506] [ 20.484378] The buggy address belongs to the physical page: [ 20.484626] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698 [ 20.484930] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.486987] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.487473] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.487819] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.488321] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.488796] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.489272] head: 0bfffe0000000002 ffffc1ffc319a601 ffffffffffffffff 0000000000000000 [ 20.489794] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.490323] page dumped because: kasan: bad access detected [ 20.490544] [ 20.490671] Memory state around the buggy address: [ 20.490854] fff00000c6697f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.491193] fff00000c6697f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.491516] >fff00000c6698000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.491816] ^ [ 20.491999] fff00000c6698080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.492779] fff00000c6698100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.493551] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.503592] ================================================================== [ 20.504178] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.504951] Read of size 1 at addr fff00000c3f26240 by task kunit_try_catch/221 [ 20.505213] [ 20.505337] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.505473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.505515] Hardware name: linux,dummy-virt (DT) [ 20.505576] Call trace: [ 20.505605] show_stack+0x20/0x38 (C) [ 20.505668] dump_stack_lvl+0x8c/0xd0 [ 20.505724] print_report+0x118/0x608 [ 20.505778] kasan_report+0xdc/0x128 [ 20.505829] __asan_report_load1_noabort+0x20/0x30 [ 20.505883] mempool_uaf_helper+0x314/0x340 [ 20.505935] mempool_slab_uaf+0xc0/0x118 [ 20.505988] kunit_try_run_case+0x170/0x3f0 [ 20.506043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.506279] kthread+0x318/0x620 [ 20.506358] ret_from_fork+0x10/0x20 [ 20.506420] [ 20.509748] Allocated by task 221: [ 20.510083] kasan_save_stack+0x3c/0x68 [ 20.510285] kasan_save_track+0x20/0x40 [ 20.510633] kasan_save_alloc_info+0x40/0x58 [ 20.510863] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.511125] remove_element+0x16c/0x1f8 [ 20.511539] mempool_alloc_preallocated+0x58/0xc0 [ 20.511721] mempool_uaf_helper+0xa4/0x340 [ 20.512024] mempool_slab_uaf+0xc0/0x118 [ 20.512293] kunit_try_run_case+0x170/0x3f0 [ 20.512616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.512932] kthread+0x318/0x620 [ 20.513222] ret_from_fork+0x10/0x20 [ 20.513539] [ 20.513732] Freed by task 221: [ 20.513935] kasan_save_stack+0x3c/0x68 [ 20.514328] kasan_save_track+0x20/0x40 [ 20.514610] kasan_save_free_info+0x4c/0x78 [ 20.514903] __kasan_mempool_poison_object+0xc0/0x150 [ 20.515231] mempool_free+0x28c/0x328 [ 20.515470] mempool_uaf_helper+0x104/0x340 [ 20.515732] mempool_slab_uaf+0xc0/0x118 [ 20.515948] kunit_try_run_case+0x170/0x3f0 [ 20.516151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.516580] kthread+0x318/0x620 [ 20.516802] ret_from_fork+0x10/0x20 [ 20.517031] [ 20.517226] The buggy address belongs to the object at fff00000c3f26240 [ 20.517226] which belongs to the cache test_cache of size 123 [ 20.517801] The buggy address is located 0 bytes inside of [ 20.517801] freed 123-byte region [fff00000c3f26240, fff00000c3f262bb) [ 20.518497] [ 20.518696] The buggy address belongs to the physical page: [ 20.518984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f26 [ 20.519493] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.519939] page_type: f5(slab) [ 20.520175] raw: 0bfffe0000000000 fff00000c3f5c3c0 dead000000000122 0000000000000000 [ 20.520526] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.520938] page dumped because: kasan: bad access detected [ 20.521260] [ 20.521471] Memory state around the buggy address: [ 20.521728] fff00000c3f26100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.522521] fff00000c3f26180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.522928] >fff00000c3f26200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.523234] ^ [ 20.523489] fff00000c3f26280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.523858] fff00000c3f26300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.524212] ================================================================== [ 20.445297] ================================================================== [ 20.445908] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.446937] Read of size 1 at addr fff00000c3f2d300 by task kunit_try_catch/217 [ 20.447334] [ 20.447521] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.447614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.447643] Hardware name: linux,dummy-virt (DT) [ 20.447679] Call trace: [ 20.447705] show_stack+0x20/0x38 (C) [ 20.447765] dump_stack_lvl+0x8c/0xd0 [ 20.447816] print_report+0x118/0x608 [ 20.447865] kasan_report+0xdc/0x128 [ 20.447910] __asan_report_load1_noabort+0x20/0x30 [ 20.447958] mempool_uaf_helper+0x314/0x340 [ 20.448003] mempool_kmalloc_uaf+0xc4/0x120 [ 20.448047] kunit_try_run_case+0x170/0x3f0 [ 20.448096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.448148] kthread+0x318/0x620 [ 20.448535] ret_from_fork+0x10/0x20 [ 20.448595] [ 20.452397] Allocated by task 217: [ 20.452670] kasan_save_stack+0x3c/0x68 [ 20.452973] kasan_save_track+0x20/0x40 [ 20.453188] kasan_save_alloc_info+0x40/0x58 [ 20.453417] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.453663] remove_element+0x130/0x1f8 [ 20.453899] mempool_alloc_preallocated+0x58/0xc0 [ 20.454626] mempool_uaf_helper+0xa4/0x340 [ 20.454814] mempool_kmalloc_uaf+0xc4/0x120 [ 20.455189] kunit_try_run_case+0x170/0x3f0 [ 20.455440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.455694] kthread+0x318/0x620 [ 20.455905] ret_from_fork+0x10/0x20 [ 20.456098] [ 20.456209] Freed by task 217: [ 20.456411] kasan_save_stack+0x3c/0x68 [ 20.456651] kasan_save_track+0x20/0x40 [ 20.456847] kasan_save_free_info+0x4c/0x78 [ 20.457072] __kasan_mempool_poison_object+0xc0/0x150 [ 20.457861] mempool_free+0x28c/0x328 [ 20.458319] mempool_uaf_helper+0x104/0x340 [ 20.458510] mempool_kmalloc_uaf+0xc4/0x120 [ 20.458674] kunit_try_run_case+0x170/0x3f0 [ 20.458831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.459162] kthread+0x318/0x620 [ 20.459442] ret_from_fork+0x10/0x20 [ 20.459664] [ 20.459782] The buggy address belongs to the object at fff00000c3f2d300 [ 20.459782] which belongs to the cache kmalloc-128 of size 128 [ 20.460792] The buggy address is located 0 bytes inside of [ 20.460792] freed 128-byte region [fff00000c3f2d300, fff00000c3f2d380) [ 20.461320] [ 20.461437] The buggy address belongs to the physical page: [ 20.462016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2d [ 20.463423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.463715] page_type: f5(slab) [ 20.463865] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.464090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.464322] page dumped because: kasan: bad access detected [ 20.464497] [ 20.464594] Memory state around the buggy address: [ 20.464756] fff00000c3f2d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.464972] fff00000c3f2d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.465249] >fff00000c3f2d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.467526] ^ [ 20.468255] fff00000c3f2d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.468796] fff00000c3f2d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.469279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.412478] ================================================================== [ 20.413002] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.413781] Read of size 1 at addr fff00000c3f2b2bb by task kunit_try_catch/215 [ 20.414376] [ 20.414515] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.414610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.414642] Hardware name: linux,dummy-virt (DT) [ 20.414678] Call trace: [ 20.414706] show_stack+0x20/0x38 (C) [ 20.414770] dump_stack_lvl+0x8c/0xd0 [ 20.414822] print_report+0x118/0x608 [ 20.414877] kasan_report+0xdc/0x128 [ 20.414926] __asan_report_load1_noabort+0x20/0x30 [ 20.414980] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.415031] mempool_slab_oob_right+0xc0/0x118 [ 20.415085] kunit_try_run_case+0x170/0x3f0 [ 20.415138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.415925] kthread+0x318/0x620 [ 20.416026] ret_from_fork+0x10/0x20 [ 20.416088] [ 20.419377] Allocated by task 215: [ 20.419605] kasan_save_stack+0x3c/0x68 [ 20.419828] kasan_save_track+0x20/0x40 [ 20.419979] kasan_save_alloc_info+0x40/0x58 [ 20.420334] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.420651] remove_element+0x16c/0x1f8 [ 20.420826] mempool_alloc_preallocated+0x58/0xc0 [ 20.421238] mempool_oob_right_helper+0x98/0x2f0 [ 20.421623] mempool_slab_oob_right+0xc0/0x118 [ 20.421849] kunit_try_run_case+0x170/0x3f0 [ 20.422295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.422681] kthread+0x318/0x620 [ 20.422958] ret_from_fork+0x10/0x20 [ 20.423306] [ 20.423464] The buggy address belongs to the object at fff00000c3f2b240 [ 20.423464] which belongs to the cache test_cache of size 123 [ 20.423904] The buggy address is located 0 bytes to the right of [ 20.423904] allocated 123-byte region [fff00000c3f2b240, fff00000c3f2b2bb) [ 20.424403] [ 20.424542] The buggy address belongs to the physical page: [ 20.424809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2b [ 20.425681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.425977] page_type: f5(slab) [ 20.426670] raw: 0bfffe0000000000 fff00000c3f5c280 dead000000000122 0000000000000000 [ 20.426994] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.427274] page dumped because: kasan: bad access detected [ 20.427482] [ 20.427596] Memory state around the buggy address: [ 20.427797] fff00000c3f2b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.428062] fff00000c3f2b200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.428798] >fff00000c3f2b280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.429055] ^ [ 20.429422] fff00000c3f2b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.429765] fff00000c3f2b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.430245] ================================================================== [ 20.391448] ================================================================== [ 20.391934] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.392548] Read of size 1 at addr fff00000c669a001 by task kunit_try_catch/213 [ 20.392962] [ 20.393113] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.393231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.393266] Hardware name: linux,dummy-virt (DT) [ 20.393305] Call trace: [ 20.393332] show_stack+0x20/0x38 (C) [ 20.393396] dump_stack_lvl+0x8c/0xd0 [ 20.393454] print_report+0x118/0x608 [ 20.393530] kasan_report+0xdc/0x128 [ 20.393588] __asan_report_load1_noabort+0x20/0x30 [ 20.393643] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.393698] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.393754] kunit_try_run_case+0x170/0x3f0 [ 20.393812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.393871] kthread+0x318/0x620 [ 20.393924] ret_from_fork+0x10/0x20 [ 20.393981] [ 20.397554] The buggy address belongs to the physical page: [ 20.397843] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106698 [ 20.398103] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.398344] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.398594] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.399958] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.400244] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.400479] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.400714] head: 0bfffe0000000002 ffffc1ffc319a601 ffffffffffffffff 0000000000000000 [ 20.400982] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.401274] page dumped because: kasan: bad access detected [ 20.401529] [ 20.401666] Memory state around the buggy address: [ 20.401847] fff00000c6699f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.402086] fff00000c6699f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.403357] >fff00000c669a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.403589] ^ [ 20.403732] fff00000c669a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.403995] fff00000c669a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.404281] ================================================================== [ 20.365427] ================================================================== [ 20.366024] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.366545] Read of size 1 at addr fff00000c5a72f73 by task kunit_try_catch/211 [ 20.366901] [ 20.367021] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 20.367117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.367159] Hardware name: linux,dummy-virt (DT) [ 20.367206] Call trace: [ 20.367234] show_stack+0x20/0x38 (C) [ 20.367295] dump_stack_lvl+0x8c/0xd0 [ 20.367352] print_report+0x118/0x608 [ 20.367406] kasan_report+0xdc/0x128 [ 20.367455] __asan_report_load1_noabort+0x20/0x30 [ 20.367504] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.367567] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.367619] kunit_try_run_case+0x170/0x3f0 [ 20.367679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.367733] kthread+0x318/0x620 [ 20.367829] ret_from_fork+0x10/0x20 [ 20.367910] [ 20.372147] Allocated by task 211: [ 20.372376] kasan_save_stack+0x3c/0x68 [ 20.372559] kasan_save_track+0x20/0x40 [ 20.372915] kasan_save_alloc_info+0x40/0x58 [ 20.373257] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.373538] remove_element+0x130/0x1f8 [ 20.373742] mempool_alloc_preallocated+0x58/0xc0 [ 20.374038] mempool_oob_right_helper+0x98/0x2f0 [ 20.374387] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.374688] kunit_try_run_case+0x170/0x3f0 [ 20.374918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.375340] kthread+0x318/0x620 [ 20.375508] ret_from_fork+0x10/0x20 [ 20.375775] [ 20.375950] The buggy address belongs to the object at fff00000c5a72f00 [ 20.375950] which belongs to the cache kmalloc-128 of size 128 [ 20.376722] The buggy address is located 0 bytes to the right of [ 20.376722] allocated 115-byte region [fff00000c5a72f00, fff00000c5a72f73) [ 20.377263] [ 20.377440] The buggy address belongs to the physical page: [ 20.377728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 20.378105] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.378431] page_type: f5(slab) [ 20.378643] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.379076] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 20.379470] page dumped because: kasan: bad access detected [ 20.379815] [ 20.379989] Memory state around the buggy address: [ 20.380392] fff00000c5a72e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.380762] fff00000c5a72e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.381107] >fff00000c5a72f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.381482] ^ [ 20.381877] fff00000c5a72f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.382702] fff00000c5a73000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.383336] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.787650] ================================================================== [ 19.788313] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x17c/0x2f8 [ 19.788797] Read of size 1 at addr fff00000c1b49a00 by task kunit_try_catch/205 [ 19.789139] [ 19.789320] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.789421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.789455] Hardware name: linux,dummy-virt (DT) [ 19.789495] Call trace: [ 19.789538] show_stack+0x20/0x38 (C) [ 19.789603] dump_stack_lvl+0x8c/0xd0 [ 19.789663] print_report+0x118/0x608 [ 19.789718] kasan_report+0xdc/0x128 [ 19.789768] __kasan_check_byte+0x54/0x70 [ 19.789821] kmem_cache_destroy+0x34/0x218 [ 19.789875] kmem_cache_double_destroy+0x17c/0x2f8 [ 19.789929] kunit_try_run_case+0x170/0x3f0 [ 19.789983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.790040] kthread+0x318/0x620 [ 19.790123] ret_from_fork+0x10/0x20 [ 19.790189] [ 19.793130] Allocated by task 205: [ 19.793457] kasan_save_stack+0x3c/0x68 [ 19.793666] kasan_save_track+0x20/0x40 [ 19.793959] kasan_save_alloc_info+0x40/0x58 [ 19.794251] __kasan_slab_alloc+0xa8/0xb0 [ 19.794503] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.794762] __kmem_cache_create_args+0x18c/0x2b0 [ 19.795180] kmem_cache_double_destroy+0xc8/0x2f8 [ 19.795423] kunit_try_run_case+0x170/0x3f0 [ 19.795784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.796025] kthread+0x318/0x620 [ 19.796355] ret_from_fork+0x10/0x20 [ 19.796583] [ 19.796757] Freed by task 205: [ 19.796923] kasan_save_stack+0x3c/0x68 [ 19.797237] kasan_save_track+0x20/0x40 [ 19.797460] kasan_save_free_info+0x4c/0x78 [ 19.797733] __kasan_slab_free+0x6c/0x98 [ 19.797992] kmem_cache_free+0x260/0x468 [ 19.798246] slab_kmem_cache_release+0x38/0x50 [ 19.798532] kmem_cache_release+0x1c/0x30 [ 19.798794] kobject_put+0x17c/0x420 [ 19.799022] sysfs_slab_release+0x1c/0x30 [ 19.799268] kmem_cache_destroy+0x118/0x218 [ 19.799552] kmem_cache_double_destroy+0x130/0x2f8 [ 19.799837] kunit_try_run_case+0x170/0x3f0 [ 19.800062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.800347] kthread+0x318/0x620 [ 19.800596] ret_from_fork+0x10/0x20 [ 19.800855] [ 19.801007] The buggy address belongs to the object at fff00000c1b49a00 [ 19.801007] which belongs to the cache kmem_cache of size 208 [ 19.801561] The buggy address is located 0 bytes inside of [ 19.801561] freed 208-byte region [fff00000c1b49a00, fff00000c1b49ad0) [ 19.802122] [ 19.802330] The buggy address belongs to the physical page: [ 19.802547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b49 [ 19.802927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.803330] page_type: f5(slab) [ 19.803597] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.803970] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.804324] page dumped because: kasan: bad access detected [ 19.804579] [ 19.804764] Memory state around the buggy address: [ 19.805027] fff00000c1b49900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.805407] fff00000c1b49980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.805723] >fff00000c1b49a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.806276] ^ [ 19.806558] fff00000c1b49a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.807036] fff00000c1b49b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.807542] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.726742] ================================================================== [ 19.727415] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x390/0x468 [ 19.727961] Read of size 1 at addr fff00000c3f5a000 by task kunit_try_catch/203 [ 19.728816] [ 19.728999] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.729104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.729135] Hardware name: linux,dummy-virt (DT) [ 19.729190] Call trace: [ 19.729218] show_stack+0x20/0x38 (C) [ 19.729287] dump_stack_lvl+0x8c/0xd0 [ 19.729344] print_report+0x118/0x608 [ 19.729583] kasan_report+0xdc/0x128 [ 19.729648] __asan_report_load1_noabort+0x20/0x30 [ 19.729704] kmem_cache_rcu_uaf+0x390/0x468 [ 19.729757] kunit_try_run_case+0x170/0x3f0 [ 19.729812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.729867] kthread+0x318/0x620 [ 19.729916] ret_from_fork+0x10/0x20 [ 19.729971] [ 19.732680] Allocated by task 203: [ 19.732878] kasan_save_stack+0x3c/0x68 [ 19.733095] kasan_save_track+0x20/0x40 [ 19.733378] kasan_save_alloc_info+0x40/0x58 [ 19.733560] __kasan_slab_alloc+0xa8/0xb0 [ 19.733726] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.733896] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.735007] kunit_try_run_case+0x170/0x3f0 [ 19.735638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.735892] kthread+0x318/0x620 [ 19.736068] ret_from_fork+0x10/0x20 [ 19.736255] [ 19.736385] Freed by task 0: [ 19.736538] kasan_save_stack+0x3c/0x68 [ 19.736721] kasan_save_track+0x20/0x40 [ 19.736911] kasan_save_free_info+0x4c/0x78 [ 19.737093] __kasan_slab_free+0x6c/0x98 [ 19.738478] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.738737] rcu_core+0x9f4/0x1e20 [ 19.739034] rcu_core_si+0x18/0x30 [ 19.739637] handle_softirqs+0x374/0xb28 [ 19.739818] __do_softirq+0x1c/0x28 [ 19.739962] [ 19.740071] Last potentially related work creation: [ 19.740247] kasan_save_stack+0x3c/0x68 [ 19.740447] kasan_record_aux_stack+0xb4/0xc8 [ 19.740656] kmem_cache_free+0x120/0x468 [ 19.740871] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.741077] kunit_try_run_case+0x170/0x3f0 [ 19.742629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.742948] kthread+0x318/0x620 [ 19.743107] ret_from_fork+0x10/0x20 [ 19.743278] [ 19.743393] The buggy address belongs to the object at fff00000c3f5a000 [ 19.743393] which belongs to the cache test_cache of size 200 [ 19.743856] The buggy address is located 0 bytes inside of [ 19.743856] freed 200-byte region [fff00000c3f5a000, fff00000c3f5a0c8) [ 19.744674] [ 19.744834] The buggy address belongs to the physical page: [ 19.745287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f5a [ 19.745813] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.746092] page_type: f5(slab) [ 19.746344] raw: 0bfffe0000000000 fff00000c3f5c000 dead000000000122 0000000000000000 [ 19.746705] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.747043] page dumped because: kasan: bad access detected [ 19.748073] [ 19.748527] Memory state around the buggy address: [ 19.748839] fff00000c3f59f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.749702] fff00000c3f59f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.750482] >fff00000c3f5a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.751190] ^ [ 19.751470] fff00000c3f5a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.752645] fff00000c3f5a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.753199] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 19.644777] ================================================================== [ 19.645390] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3b8 [ 19.646100] Free of addr fff00000c3f5e001 by task kunit_try_catch/201 [ 19.647098] [ 19.647310] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.647557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.647603] Hardware name: linux,dummy-virt (DT) [ 19.647658] Call trace: [ 19.647689] show_stack+0x20/0x38 (C) [ 19.647761] dump_stack_lvl+0x8c/0xd0 [ 19.647821] print_report+0x118/0x608 [ 19.647878] kasan_report_invalid_free+0xc0/0xe8 [ 19.647934] check_slab_allocation+0xfc/0x108 [ 19.647988] __kasan_slab_pre_free+0x2c/0x48 [ 19.648043] kmem_cache_free+0xf0/0x468 [ 19.648096] kmem_cache_invalid_free+0x184/0x3b8 [ 19.648150] kunit_try_run_case+0x170/0x3f0 [ 19.648227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.648288] kthread+0x318/0x620 [ 19.648342] ret_from_fork+0x10/0x20 [ 19.648398] [ 19.651766] Allocated by task 201: [ 19.652076] kasan_save_stack+0x3c/0x68 [ 19.652356] kasan_save_track+0x20/0x40 [ 19.652744] kasan_save_alloc_info+0x40/0x58 [ 19.652975] __kasan_slab_alloc+0xa8/0xb0 [ 19.653267] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.653629] kmem_cache_invalid_free+0x12c/0x3b8 [ 19.653927] kunit_try_run_case+0x170/0x3f0 [ 19.654435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.655080] kthread+0x318/0x620 [ 19.655257] ret_from_fork+0x10/0x20 [ 19.655406] [ 19.655511] The buggy address belongs to the object at fff00000c3f5e000 [ 19.655511] which belongs to the cache test_cache of size 200 [ 19.656707] The buggy address is located 1 bytes inside of [ 19.656707] 200-byte region [fff00000c3f5e000, fff00000c3f5e0c8) [ 19.657531] [ 19.657791] The buggy address belongs to the physical page: [ 19.658210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f5e [ 19.658944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.659286] page_type: f5(slab) [ 19.659581] raw: 0bfffe0000000000 fff00000c1b498c0 dead000000000122 0000000000000000 [ 19.659962] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.660315] page dumped because: kasan: bad access detected [ 19.660561] [ 19.660702] Memory state around the buggy address: [ 19.660884] fff00000c3f5df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.661862] fff00000c3f5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.662231] >fff00000c3f5e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.662452] ^ [ 19.662600] fff00000c3f5e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.662876] fff00000c3f5e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.663407] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.606756] ================================================================== [ 19.607330] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 19.607614] Free of addr fff00000c3f52000 by task kunit_try_catch/199 [ 19.608259] [ 19.608619] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.608729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.608759] Hardware name: linux,dummy-virt (DT) [ 19.608799] Call trace: [ 19.608825] show_stack+0x20/0x38 (C) [ 19.608892] dump_stack_lvl+0x8c/0xd0 [ 19.608950] print_report+0x118/0x608 [ 19.609009] kasan_report_invalid_free+0xc0/0xe8 [ 19.609065] check_slab_allocation+0xd4/0x108 [ 19.609118] __kasan_slab_pre_free+0x2c/0x48 [ 19.609191] kmem_cache_free+0xf0/0x468 [ 19.609249] kmem_cache_double_free+0x190/0x3c8 [ 19.609305] kunit_try_run_case+0x170/0x3f0 [ 19.609365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.609425] kthread+0x318/0x620 [ 19.609479] ret_from_fork+0x10/0x20 [ 19.609551] [ 19.613954] Allocated by task 199: [ 19.614586] kasan_save_stack+0x3c/0x68 [ 19.615193] kasan_save_track+0x20/0x40 [ 19.615585] kasan_save_alloc_info+0x40/0x58 [ 19.615892] __kasan_slab_alloc+0xa8/0xb0 [ 19.616131] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.616405] kmem_cache_double_free+0x12c/0x3c8 [ 19.616652] kunit_try_run_case+0x170/0x3f0 [ 19.616881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.617548] kthread+0x318/0x620 [ 19.617777] ret_from_fork+0x10/0x20 [ 19.618009] [ 19.618283] Freed by task 199: [ 19.618889] kasan_save_stack+0x3c/0x68 [ 19.619126] kasan_save_track+0x20/0x40 [ 19.619350] kasan_save_free_info+0x4c/0x78 [ 19.619537] __kasan_slab_free+0x6c/0x98 [ 19.619726] kmem_cache_free+0x260/0x468 [ 19.619909] kmem_cache_double_free+0x140/0x3c8 [ 19.620105] kunit_try_run_case+0x170/0x3f0 [ 19.620286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.620941] kthread+0x318/0x620 [ 19.621424] ret_from_fork+0x10/0x20 [ 19.621712] [ 19.621854] The buggy address belongs to the object at fff00000c3f52000 [ 19.621854] which belongs to the cache test_cache of size 200 [ 19.622741] The buggy address is located 0 bytes inside of [ 19.622741] 200-byte region [fff00000c3f52000, fff00000c3f520c8) [ 19.623068] [ 19.623191] The buggy address belongs to the physical page: [ 19.623364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f52 [ 19.623610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.623824] page_type: f5(slab) [ 19.623973] raw: 0bfffe0000000000 fff00000c1b49780 dead000000000122 0000000000000000 [ 19.624276] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.625198] page dumped because: kasan: bad access detected [ 19.625641] [ 19.625793] Memory state around the buggy address: [ 19.626493] fff00000c3f51f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627614] fff00000c3f51f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628106] >fff00000c3f52000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.628538] ^ [ 19.628777] fff00000c3f52080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.629001] fff00000c3f52100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.629467] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.551044] ================================================================== [ 19.551448] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x33c/0x428 [ 19.551779] Read of size 1 at addr fff00000c3f220c8 by task kunit_try_catch/197 [ 19.552033] [ 19.552174] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.552272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.552302] Hardware name: linux,dummy-virt (DT) [ 19.552342] Call trace: [ 19.552366] show_stack+0x20/0x38 (C) [ 19.552442] dump_stack_lvl+0x8c/0xd0 [ 19.552495] print_report+0x118/0x608 [ 19.552548] kasan_report+0xdc/0x128 [ 19.552597] __asan_report_load1_noabort+0x20/0x30 [ 19.552650] kmem_cache_oob+0x33c/0x428 [ 19.552698] kunit_try_run_case+0x170/0x3f0 [ 19.552751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.552806] kthread+0x318/0x620 [ 19.552856] ret_from_fork+0x10/0x20 [ 19.552910] [ 19.557151] Allocated by task 197: [ 19.557341] kasan_save_stack+0x3c/0x68 [ 19.557688] kasan_save_track+0x20/0x40 [ 19.557987] kasan_save_alloc_info+0x40/0x58 [ 19.558303] __kasan_slab_alloc+0xa8/0xb0 [ 19.559554] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.559860] kmem_cache_oob+0x12c/0x428 [ 19.560021] kunit_try_run_case+0x170/0x3f0 [ 19.560243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.560494] kthread+0x318/0x620 [ 19.560679] ret_from_fork+0x10/0x20 [ 19.560864] [ 19.560993] The buggy address belongs to the object at fff00000c3f22000 [ 19.560993] which belongs to the cache test_cache of size 200 [ 19.562735] The buggy address is located 0 bytes to the right of [ 19.562735] allocated 200-byte region [fff00000c3f22000, fff00000c3f220c8) [ 19.563328] [ 19.563491] The buggy address belongs to the physical page: [ 19.563762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f22 [ 19.564594] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.564934] page_type: f5(slab) [ 19.565201] raw: 0bfffe0000000000 fff00000c463bdc0 dead000000000122 0000000000000000 [ 19.565704] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.566658] page dumped because: kasan: bad access detected [ 19.566961] [ 19.567066] Memory state around the buggy address: [ 19.567527] fff00000c3f21f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.568280] fff00000c3f22000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.568670] >fff00000c3f22080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.569316] ^ [ 19.569581] fff00000c3f22100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.570022] fff00000c3f22180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.570345] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.508825] ================================================================== [ 19.509290] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 19.509554] Read of size 8 at addr fff00000c65c6dc0 by task kunit_try_catch/190 [ 19.509988] [ 19.510879] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.510996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.511025] Hardware name: linux,dummy-virt (DT) [ 19.511062] Call trace: [ 19.511087] show_stack+0x20/0x38 (C) [ 19.511179] dump_stack_lvl+0x8c/0xd0 [ 19.511234] print_report+0x118/0x608 [ 19.511285] kasan_report+0xdc/0x128 [ 19.511331] __asan_report_load8_noabort+0x20/0x30 [ 19.511381] workqueue_uaf+0x480/0x4a8 [ 19.511426] kunit_try_run_case+0x170/0x3f0 [ 19.511477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.511530] kthread+0x318/0x620 [ 19.511577] ret_from_fork+0x10/0x20 [ 19.511626] [ 19.514511] Allocated by task 190: [ 19.514741] kasan_save_stack+0x3c/0x68 [ 19.514926] kasan_save_track+0x20/0x40 [ 19.515512] kasan_save_alloc_info+0x40/0x58 [ 19.515918] __kasan_kmalloc+0xd4/0xd8 [ 19.516222] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.516576] workqueue_uaf+0x13c/0x4a8 [ 19.516740] kunit_try_run_case+0x170/0x3f0 [ 19.517016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.517370] kthread+0x318/0x620 [ 19.517573] ret_from_fork+0x10/0x20 [ 19.517813] [ 19.517984] Freed by task 9: [ 19.518362] kasan_save_stack+0x3c/0x68 [ 19.518628] kasan_save_track+0x20/0x40 [ 19.518831] kasan_save_free_info+0x4c/0x78 [ 19.519040] __kasan_slab_free+0x6c/0x98 [ 19.519360] kfree+0x214/0x3c8 [ 19.519564] workqueue_uaf_work+0x18/0x30 [ 19.519864] process_one_work+0x530/0xf98 [ 19.520218] worker_thread+0x610/0xf18 [ 19.520447] kthread+0x318/0x620 [ 19.520661] ret_from_fork+0x10/0x20 [ 19.520897] [ 19.521073] Last potentially related work creation: [ 19.521302] kasan_save_stack+0x3c/0x68 [ 19.521632] kasan_record_aux_stack+0xb4/0xc8 [ 19.521877] __queue_work+0x65c/0x1008 [ 19.522371] queue_work_on+0xbc/0xf8 [ 19.522580] workqueue_uaf+0x210/0x4a8 [ 19.522868] kunit_try_run_case+0x170/0x3f0 [ 19.523207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.523472] kthread+0x318/0x620 [ 19.523661] ret_from_fork+0x10/0x20 [ 19.523926] [ 19.524108] The buggy address belongs to the object at fff00000c65c6dc0 [ 19.524108] which belongs to the cache kmalloc-32 of size 32 [ 19.524660] The buggy address is located 0 bytes inside of [ 19.524660] freed 32-byte region [fff00000c65c6dc0, fff00000c65c6de0) [ 19.525143] [ 19.525327] The buggy address belongs to the physical page: [ 19.525643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c6 [ 19.526305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.526728] page_type: f5(slab) [ 19.526925] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.527295] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.527705] page dumped because: kasan: bad access detected [ 19.528056] [ 19.528196] Memory state around the buggy address: [ 19.528449] fff00000c65c6c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.528799] fff00000c65c6d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.529162] >fff00000c65c6d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.529468] ^ [ 19.529792] fff00000c65c6e00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.530425] fff00000c65c6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.530732] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.470837] ================================================================== [ 19.471493] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.471952] Read of size 4 at addr fff00000c65c6d00 by task swapper/0/0 [ 19.472370] [ 19.472494] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.14.10-rc1 #1 [ 19.472585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.472618] Hardware name: linux,dummy-virt (DT) [ 19.472686] Call trace: [ 19.472738] show_stack+0x20/0x38 (C) [ 19.472814] dump_stack_lvl+0x8c/0xd0 [ 19.472902] print_report+0x118/0x608 [ 19.472972] kasan_report+0xdc/0x128 [ 19.473023] __asan_report_load4_noabort+0x20/0x30 [ 19.473104] rcu_uaf_reclaim+0x64/0x70 [ 19.473168] rcu_core+0x9f4/0x1e20 [ 19.473224] rcu_core_si+0x18/0x30 [ 19.473271] handle_softirqs+0x374/0xb28 [ 19.473322] __do_softirq+0x1c/0x28 [ 19.473369] ____do_softirq+0x18/0x30 [ 19.473416] call_on_irq_stack+0x24/0x58 [ 19.473466] do_softirq_own_stack+0x24/0x38 [ 19.473532] __irq_exit_rcu+0x1fc/0x318 [ 19.473586] irq_exit_rcu+0x1c/0x80 [ 19.473633] el1_interrupt+0x38/0x58 [ 19.473686] el1h_64_irq_handler+0x18/0x28 [ 19.473740] el1h_64_irq+0x6c/0x70 [ 19.473854] arch_local_irq_enable+0x4/0x8 (P) [ 19.473917] do_idle+0x384/0x4e8 [ 19.473964] cpu_startup_entry+0x68/0x80 [ 19.474014] rest_init+0x160/0x188 [ 19.474060] start_kernel+0x308/0x3d0 [ 19.474140] __primary_switched+0x8c/0xa0 [ 19.474220] [ 19.480262] Allocated by task 188: [ 19.480535] kasan_save_stack+0x3c/0x68 [ 19.480892] kasan_save_track+0x20/0x40 [ 19.481253] kasan_save_alloc_info+0x40/0x58 [ 19.481586] __kasan_kmalloc+0xd4/0xd8 [ 19.481928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.482194] rcu_uaf+0xb0/0x2d0 [ 19.482456] kunit_try_run_case+0x170/0x3f0 [ 19.482748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.483172] kthread+0x318/0x620 [ 19.483385] ret_from_fork+0x10/0x20 [ 19.483626] [ 19.483822] Freed by task 0: [ 19.483980] kasan_save_stack+0x3c/0x68 [ 19.484299] kasan_save_track+0x20/0x40 [ 19.484638] kasan_save_free_info+0x4c/0x78 [ 19.484917] __kasan_slab_free+0x6c/0x98 [ 19.485222] kfree+0x214/0x3c8 [ 19.485530] rcu_uaf_reclaim+0x28/0x70 [ 19.485805] rcu_core+0x9f4/0x1e20 [ 19.486116] rcu_core_si+0x18/0x30 [ 19.486390] handle_softirqs+0x374/0xb28 [ 19.486645] __do_softirq+0x1c/0x28 [ 19.486915] [ 19.487115] Last potentially related work creation: [ 19.487421] kasan_save_stack+0x3c/0x68 [ 19.487680] kasan_record_aux_stack+0xb4/0xc8 [ 19.487945] __call_rcu_common.constprop.0+0x74/0xa10 [ 19.488186] call_rcu+0x18/0x30 [ 19.488421] rcu_uaf+0x14c/0x2d0 [ 19.488640] kunit_try_run_case+0x170/0x3f0 [ 19.488884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.489146] kthread+0x318/0x620 [ 19.489465] ret_from_fork+0x10/0x20 [ 19.489644] [ 19.489766] The buggy address belongs to the object at fff00000c65c6d00 [ 19.489766] which belongs to the cache kmalloc-32 of size 32 [ 19.490681] The buggy address is located 0 bytes inside of [ 19.490681] freed 32-byte region [fff00000c65c6d00, fff00000c65c6d20) [ 19.491355] [ 19.491583] The buggy address belongs to the physical page: [ 19.491921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c6 [ 19.492434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.492812] page_type: f5(slab) [ 19.493009] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.493392] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.493888] page dumped because: kasan: bad access detected [ 19.494196] [ 19.494401] Memory state around the buggy address: [ 19.494671] fff00000c65c6c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.495067] fff00000c65c6c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.495460] >fff00000c65c6d00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 19.495779] ^ [ 19.496003] fff00000c65c6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496359] fff00000c65c6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496704] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.318961] ================================================================== [ 19.319612] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x600 [ 19.320298] Read of size 1 at addr fff00000c65b6100 by task kunit_try_catch/186 [ 19.321027] [ 19.321387] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.321645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321719] Hardware name: linux,dummy-virt (DT) [ 19.321800] Call trace: [ 19.321856] show_stack+0x20/0x38 (C) [ 19.322020] dump_stack_lvl+0x8c/0xd0 [ 19.322924] print_report+0x118/0x608 [ 19.323002] kasan_report+0xdc/0x128 [ 19.323052] __kasan_check_byte+0x54/0x70 [ 19.323101] ksize+0x30/0x88 [ 19.323176] ksize_uaf+0x168/0x600 [ 19.323237] kunit_try_run_case+0x170/0x3f0 [ 19.323293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.323351] kthread+0x318/0x620 [ 19.323401] ret_from_fork+0x10/0x20 [ 19.323457] [ 19.329404] Allocated by task 186: [ 19.329709] kasan_save_stack+0x3c/0x68 [ 19.330423] kasan_save_track+0x20/0x40 [ 19.330744] kasan_save_alloc_info+0x40/0x58 [ 19.331031] __kasan_kmalloc+0xd4/0xd8 [ 19.331318] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.332939] ksize_uaf+0xb8/0x600 [ 19.333372] kunit_try_run_case+0x170/0x3f0 [ 19.333742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334905] kthread+0x318/0x620 [ 19.335251] ret_from_fork+0x10/0x20 [ 19.335445] [ 19.335550] Freed by task 186: [ 19.335681] kasan_save_stack+0x3c/0x68 [ 19.335847] kasan_save_track+0x20/0x40 [ 19.336002] kasan_save_free_info+0x4c/0x78 [ 19.336188] __kasan_slab_free+0x6c/0x98 [ 19.336539] kfree+0x214/0x3c8 [ 19.336927] ksize_uaf+0x11c/0x600 [ 19.337440] kunit_try_run_case+0x170/0x3f0 [ 19.337852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.338510] kthread+0x318/0x620 [ 19.339186] ret_from_fork+0x10/0x20 [ 19.339661] [ 19.339895] The buggy address belongs to the object at fff00000c65b6100 [ 19.339895] which belongs to the cache kmalloc-128 of size 128 [ 19.340869] The buggy address is located 0 bytes inside of [ 19.340869] freed 128-byte region [fff00000c65b6100, fff00000c65b6180) [ 19.342837] [ 19.343060] The buggy address belongs to the physical page: [ 19.343939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 19.344641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.345227] page_type: f5(slab) [ 19.345594] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.346353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.347070] page dumped because: kasan: bad access detected [ 19.347842] [ 19.348005] Memory state around the buggy address: [ 19.348278] fff00000c65b6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.348628] fff00000c65b6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348966] >fff00000c65b6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.349940] ^ [ 19.350755] fff00000c65b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.351400] fff00000c65b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.351905] ================================================================== [ 19.353900] ================================================================== [ 19.354556] BUG: KASAN: slab-use-after-free in ksize_uaf+0x59c/0x600 [ 19.354966] Read of size 1 at addr fff00000c65b6100 by task kunit_try_catch/186 [ 19.355442] [ 19.356452] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.356686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.356724] Hardware name: linux,dummy-virt (DT) [ 19.356764] Call trace: [ 19.356794] show_stack+0x20/0x38 (C) [ 19.356864] dump_stack_lvl+0x8c/0xd0 [ 19.356922] print_report+0x118/0x608 [ 19.356978] kasan_report+0xdc/0x128 [ 19.357030] __asan_report_load1_noabort+0x20/0x30 [ 19.357085] ksize_uaf+0x59c/0x600 [ 19.357132] kunit_try_run_case+0x170/0x3f0 [ 19.357215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.357274] kthread+0x318/0x620 [ 19.357324] ret_from_fork+0x10/0x20 [ 19.357380] [ 19.362889] Allocated by task 186: [ 19.363622] kasan_save_stack+0x3c/0x68 [ 19.364095] kasan_save_track+0x20/0x40 [ 19.364468] kasan_save_alloc_info+0x40/0x58 [ 19.364853] __kasan_kmalloc+0xd4/0xd8 [ 19.365660] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.366081] ksize_uaf+0xb8/0x600 [ 19.366710] kunit_try_run_case+0x170/0x3f0 [ 19.367330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.368023] kthread+0x318/0x620 [ 19.368440] ret_from_fork+0x10/0x20 [ 19.368969] [ 19.369227] Freed by task 186: [ 19.369535] kasan_save_stack+0x3c/0x68 [ 19.369885] kasan_save_track+0x20/0x40 [ 19.370650] kasan_save_free_info+0x4c/0x78 [ 19.370980] __kasan_slab_free+0x6c/0x98 [ 19.371364] kfree+0x214/0x3c8 [ 19.371810] ksize_uaf+0x11c/0x600 [ 19.372323] kunit_try_run_case+0x170/0x3f0 [ 19.372845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373660] kthread+0x318/0x620 [ 19.374590] ret_from_fork+0x10/0x20 [ 19.374924] [ 19.375181] The buggy address belongs to the object at fff00000c65b6100 [ 19.375181] which belongs to the cache kmalloc-128 of size 128 [ 19.376187] The buggy address is located 0 bytes inside of [ 19.376187] freed 128-byte region [fff00000c65b6100, fff00000c65b6180) [ 19.377107] [ 19.377360] The buggy address belongs to the physical page: [ 19.377814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 19.379227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.379871] page_type: f5(slab) [ 19.380284] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.380984] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.381618] page dumped because: kasan: bad access detected [ 19.382106] [ 19.382391] Memory state around the buggy address: [ 19.382805] fff00000c65b6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.383716] fff00000c65b6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.384328] >fff00000c65b6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.384932] ^ [ 19.385332] fff00000c65b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386015] fff00000c65b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386673] ================================================================== [ 19.388558] ================================================================== [ 19.389556] BUG: KASAN: slab-use-after-free in ksize_uaf+0x548/0x600 [ 19.389978] Read of size 1 at addr fff00000c65b6178 by task kunit_try_catch/186 [ 19.391388] [ 19.391714] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.391892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.391954] Hardware name: linux,dummy-virt (DT) [ 19.392014] Call trace: [ 19.392061] show_stack+0x20/0x38 (C) [ 19.392172] dump_stack_lvl+0x8c/0xd0 [ 19.392476] print_report+0x118/0x608 [ 19.392541] kasan_report+0xdc/0x128 [ 19.392591] __asan_report_load1_noabort+0x20/0x30 [ 19.392643] ksize_uaf+0x548/0x600 [ 19.392688] kunit_try_run_case+0x170/0x3f0 [ 19.392740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.392794] kthread+0x318/0x620 [ 19.392840] ret_from_fork+0x10/0x20 [ 19.392892] [ 19.397908] Allocated by task 186: [ 19.399270] kasan_save_stack+0x3c/0x68 [ 19.399929] kasan_save_track+0x20/0x40 [ 19.400334] kasan_save_alloc_info+0x40/0x58 [ 19.400854] __kasan_kmalloc+0xd4/0xd8 [ 19.401328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.401731] ksize_uaf+0xb8/0x600 [ 19.402059] kunit_try_run_case+0x170/0x3f0 [ 19.402924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.403589] kthread+0x318/0x620 [ 19.403912] ret_from_fork+0x10/0x20 [ 19.404215] [ 19.404426] Freed by task 186: [ 19.404739] kasan_save_stack+0x3c/0x68 [ 19.405065] kasan_save_track+0x20/0x40 [ 19.405933] kasan_save_free_info+0x4c/0x78 [ 19.406610] __kasan_slab_free+0x6c/0x98 [ 19.407350] kfree+0x214/0x3c8 [ 19.407729] ksize_uaf+0x11c/0x600 [ 19.407978] kunit_try_run_case+0x170/0x3f0 [ 19.408427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.408842] kthread+0x318/0x620 [ 19.409121] ret_from_fork+0x10/0x20 [ 19.409998] [ 19.410709] The buggy address belongs to the object at fff00000c65b6100 [ 19.410709] which belongs to the cache kmalloc-128 of size 128 [ 19.411464] The buggy address is located 120 bytes inside of [ 19.411464] freed 128-byte region [fff00000c65b6100, fff00000c65b6180) [ 19.412169] [ 19.412366] The buggy address belongs to the physical page: [ 19.412757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 19.413337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.413944] page_type: f5(slab) [ 19.414955] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.415526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.416516] page dumped because: kasan: bad access detected [ 19.417026] [ 19.417364] Memory state around the buggy address: [ 19.417836] fff00000c65b6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.418944] fff00000c65b6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.419595] >fff00000c65b6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.420170] ^ [ 19.420756] fff00000c65b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.421363] fff00000c65b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.421978] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.224042] ================================================================== [ 19.224899] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x638/0x750 [ 19.225975] Read of size 1 at addr fff00000c5a72c73 by task kunit_try_catch/184 [ 19.226822] [ 19.227216] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.227459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.227530] Hardware name: linux,dummy-virt (DT) [ 19.227612] Call trace: [ 19.227646] show_stack+0x20/0x38 (C) [ 19.227721] dump_stack_lvl+0x8c/0xd0 [ 19.227777] print_report+0x118/0x608 [ 19.227832] kasan_report+0xdc/0x128 [ 19.227886] __asan_report_load1_noabort+0x20/0x30 [ 19.227940] ksize_unpoisons_memory+0x638/0x750 [ 19.227994] kunit_try_run_case+0x170/0x3f0 [ 19.228048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.228105] kthread+0x318/0x620 [ 19.228182] ret_from_fork+0x10/0x20 [ 19.228242] [ 19.232740] Allocated by task 184: [ 19.233226] kasan_save_stack+0x3c/0x68 [ 19.233789] kasan_save_track+0x20/0x40 [ 19.234243] kasan_save_alloc_info+0x40/0x58 [ 19.234665] __kasan_kmalloc+0xd4/0xd8 [ 19.235213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.235776] ksize_unpoisons_memory+0xc0/0x750 [ 19.236349] kunit_try_run_case+0x170/0x3f0 [ 19.236838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237375] kthread+0x318/0x620 [ 19.237865] ret_from_fork+0x10/0x20 [ 19.238368] [ 19.238646] The buggy address belongs to the object at fff00000c5a72c00 [ 19.238646] which belongs to the cache kmalloc-128 of size 128 [ 19.239671] The buggy address is located 0 bytes to the right of [ 19.239671] allocated 115-byte region [fff00000c5a72c00, fff00000c5a72c73) [ 19.240638] [ 19.240935] The buggy address belongs to the physical page: [ 19.241477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 19.242176] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.242784] page_type: f5(slab) [ 19.243135] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.243856] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.244516] page dumped because: kasan: bad access detected [ 19.245092] [ 19.245361] Memory state around the buggy address: [ 19.245820] fff00000c5a72b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.246460] fff00000c5a72b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.247098] >fff00000c5a72c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.247688] ^ [ 19.248290] fff00000c5a72c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.248804] fff00000c5a72d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.249356] ================================================================== [ 19.280929] ================================================================== [ 19.281393] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x6a0/0x750 [ 19.281817] Read of size 1 at addr fff00000c5a72c7f by task kunit_try_catch/184 [ 19.282200] [ 19.282494] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.282777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.282839] Hardware name: linux,dummy-virt (DT) [ 19.282918] Call trace: [ 19.282962] show_stack+0x20/0x38 (C) [ 19.283105] dump_stack_lvl+0x8c/0xd0 [ 19.283240] print_report+0x118/0x608 [ 19.283354] kasan_report+0xdc/0x128 [ 19.283497] __asan_report_load1_noabort+0x20/0x30 [ 19.283640] ksize_unpoisons_memory+0x6a0/0x750 [ 19.283782] kunit_try_run_case+0x170/0x3f0 [ 19.283912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.284048] kthread+0x318/0x620 [ 19.284181] ret_from_fork+0x10/0x20 [ 19.284253] [ 19.289599] Allocated by task 184: [ 19.289881] kasan_save_stack+0x3c/0x68 [ 19.290171] kasan_save_track+0x20/0x40 [ 19.291673] kasan_save_alloc_info+0x40/0x58 [ 19.292203] __kasan_kmalloc+0xd4/0xd8 [ 19.292620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.293123] ksize_unpoisons_memory+0xc0/0x750 [ 19.293625] kunit_try_run_case+0x170/0x3f0 [ 19.293994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.294573] kthread+0x318/0x620 [ 19.294992] ret_from_fork+0x10/0x20 [ 19.295393] [ 19.295667] The buggy address belongs to the object at fff00000c5a72c00 [ 19.295667] which belongs to the cache kmalloc-128 of size 128 [ 19.296510] The buggy address is located 12 bytes to the right of [ 19.296510] allocated 115-byte region [fff00000c5a72c00, fff00000c5a72c73) [ 19.297578] [ 19.297904] The buggy address belongs to the physical page: [ 19.298331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 19.299118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.299704] page_type: f5(slab) [ 19.300035] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.300708] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.301341] page dumped because: kasan: bad access detected [ 19.301833] [ 19.302118] Memory state around the buggy address: [ 19.302565] fff00000c5a72b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.303190] fff00000c5a72b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.303794] >fff00000c5a72c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.304409] ^ [ 19.305015] fff00000c5a72c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305657] fff00000c5a72d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306306] ================================================================== [ 19.252240] ================================================================== [ 19.252748] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x750 [ 19.253314] Read of size 1 at addr fff00000c5a72c78 by task kunit_try_catch/184 [ 19.254001] [ 19.254582] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.254763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.254795] Hardware name: linux,dummy-virt (DT) [ 19.254833] Call trace: [ 19.254861] show_stack+0x20/0x38 (C) [ 19.254929] dump_stack_lvl+0x8c/0xd0 [ 19.254984] print_report+0x118/0x608 [ 19.255039] kasan_report+0xdc/0x128 [ 19.255089] __asan_report_load1_noabort+0x20/0x30 [ 19.255144] ksize_unpoisons_memory+0x628/0x750 [ 19.255261] kunit_try_run_case+0x170/0x3f0 [ 19.255355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.255466] kthread+0x318/0x620 [ 19.255550] ret_from_fork+0x10/0x20 [ 19.255650] [ 19.261884] Allocated by task 184: [ 19.262269] kasan_save_stack+0x3c/0x68 [ 19.262614] kasan_save_track+0x20/0x40 [ 19.262932] kasan_save_alloc_info+0x40/0x58 [ 19.263282] __kasan_kmalloc+0xd4/0xd8 [ 19.263645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.264015] ksize_unpoisons_memory+0xc0/0x750 [ 19.264999] kunit_try_run_case+0x170/0x3f0 [ 19.265646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.266306] kthread+0x318/0x620 [ 19.266831] ret_from_fork+0x10/0x20 [ 19.267415] [ 19.267806] The buggy address belongs to the object at fff00000c5a72c00 [ 19.267806] which belongs to the cache kmalloc-128 of size 128 [ 19.268766] The buggy address is located 5 bytes to the right of [ 19.268766] allocated 115-byte region [fff00000c5a72c00, fff00000c5a72c73) [ 19.269787] [ 19.270127] The buggy address belongs to the physical page: [ 19.270647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 19.271372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.272023] page_type: f5(slab) [ 19.272424] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.273096] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.273766] page dumped because: kasan: bad access detected [ 19.274351] [ 19.274649] Memory state around the buggy address: [ 19.275120] fff00000c5a72b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.275693] fff00000c5a72b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.276407] >fff00000c5a72c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.276969] ^ [ 19.277597] fff00000c5a72c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278256] fff00000c5a72d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278863] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.176542] ================================================================== [ 19.179187] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.181824] Free of addr fff00000c58f5f40 by task kunit_try_catch/182 [ 19.182415] [ 19.182867] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.183076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.183166] Hardware name: linux,dummy-virt (DT) [ 19.183255] Call trace: [ 19.183305] show_stack+0x20/0x38 (C) [ 19.183384] dump_stack_lvl+0x8c/0xd0 [ 19.183435] print_report+0x118/0x608 [ 19.183487] kasan_report_invalid_free+0xc0/0xe8 [ 19.183539] check_slab_allocation+0xd4/0x108 [ 19.183587] __kasan_slab_pre_free+0x2c/0x48 [ 19.183638] kfree+0xe8/0x3c8 [ 19.183683] kfree_sensitive+0x3c/0xb0 [ 19.183733] kmalloc_double_kzfree+0x168/0x308 [ 19.183781] kunit_try_run_case+0x170/0x3f0 [ 19.183827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.183878] kthread+0x318/0x620 [ 19.183924] ret_from_fork+0x10/0x20 [ 19.183977] [ 19.189372] Allocated by task 182: [ 19.189792] kasan_save_stack+0x3c/0x68 [ 19.190738] kasan_save_track+0x20/0x40 [ 19.191163] kasan_save_alloc_info+0x40/0x58 [ 19.191564] __kasan_kmalloc+0xd4/0xd8 [ 19.191920] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.192773] kmalloc_double_kzfree+0xb8/0x308 [ 19.193360] kunit_try_run_case+0x170/0x3f0 [ 19.193964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194841] kthread+0x318/0x620 [ 19.195487] ret_from_fork+0x10/0x20 [ 19.195869] [ 19.196109] Freed by task 182: [ 19.196454] kasan_save_stack+0x3c/0x68 [ 19.196831] kasan_save_track+0x20/0x40 [ 19.197844] kasan_save_free_info+0x4c/0x78 [ 19.198435] __kasan_slab_free+0x6c/0x98 [ 19.198632] kfree+0x214/0x3c8 [ 19.198775] kfree_sensitive+0x80/0xb0 [ 19.198934] kmalloc_double_kzfree+0x11c/0x308 [ 19.199097] kunit_try_run_case+0x170/0x3f0 [ 19.199353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.200272] kthread+0x318/0x620 [ 19.200527] ret_from_fork+0x10/0x20 [ 19.201097] [ 19.201449] The buggy address belongs to the object at fff00000c58f5f40 [ 19.201449] which belongs to the cache kmalloc-16 of size 16 [ 19.202467] The buggy address is located 0 bytes inside of [ 19.202467] 16-byte region [fff00000c58f5f40, fff00000c58f5f50) [ 19.203036] [ 19.203199] The buggy address belongs to the physical page: [ 19.203466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f5 [ 19.203833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.204151] page_type: f5(slab) [ 19.204468] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.204932] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.206410] page dumped because: kasan: bad access detected [ 19.206891] [ 19.207123] Memory state around the buggy address: [ 19.207495] fff00000c58f5e00: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.208010] fff00000c58f5e80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.208949] >fff00000c58f5f00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.209672] ^ [ 19.210458] fff00000c58f5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211251] fff00000c58f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.211949] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.133566] ================================================================== [ 19.134848] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.136033] Read of size 1 at addr fff00000c58f5f40 by task kunit_try_catch/182 [ 19.136338] [ 19.136464] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.136562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.136595] Hardware name: linux,dummy-virt (DT) [ 19.136634] Call trace: [ 19.136661] show_stack+0x20/0x38 (C) [ 19.136726] dump_stack_lvl+0x8c/0xd0 [ 19.136781] print_report+0x118/0x608 [ 19.136834] kasan_report+0xdc/0x128 [ 19.136885] __kasan_check_byte+0x54/0x70 [ 19.136937] kfree_sensitive+0x30/0xb0 [ 19.136989] kmalloc_double_kzfree+0x168/0x308 [ 19.137042] kunit_try_run_case+0x170/0x3f0 [ 19.137096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.137174] kthread+0x318/0x620 [ 19.137278] ret_from_fork+0x10/0x20 [ 19.137396] [ 19.143671] Allocated by task 182: [ 19.144023] kasan_save_stack+0x3c/0x68 [ 19.144753] kasan_save_track+0x20/0x40 [ 19.145301] kasan_save_alloc_info+0x40/0x58 [ 19.145893] __kasan_kmalloc+0xd4/0xd8 [ 19.146655] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.147209] kmalloc_double_kzfree+0xb8/0x308 [ 19.147619] kunit_try_run_case+0x170/0x3f0 [ 19.148013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.148476] kthread+0x318/0x620 [ 19.148810] ret_from_fork+0x10/0x20 [ 19.149128] [ 19.149861] Freed by task 182: [ 19.150125] kasan_save_stack+0x3c/0x68 [ 19.150763] kasan_save_track+0x20/0x40 [ 19.151106] kasan_save_free_info+0x4c/0x78 [ 19.151831] __kasan_slab_free+0x6c/0x98 [ 19.152409] kfree+0x214/0x3c8 [ 19.152899] kfree_sensitive+0x80/0xb0 [ 19.153411] kmalloc_double_kzfree+0x11c/0x308 [ 19.154013] kunit_try_run_case+0x170/0x3f0 [ 19.155592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.156234] kthread+0x318/0x620 [ 19.156745] ret_from_fork+0x10/0x20 [ 19.157289] [ 19.157544] The buggy address belongs to the object at fff00000c58f5f40 [ 19.157544] which belongs to the cache kmalloc-16 of size 16 [ 19.158681] The buggy address is located 0 bytes inside of [ 19.158681] freed 16-byte region [fff00000c58f5f40, fff00000c58f5f50) [ 19.159237] [ 19.159394] The buggy address belongs to the physical page: [ 19.159665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f5 [ 19.160025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.161572] page_type: f5(slab) [ 19.161969] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.162601] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.163763] page dumped because: kasan: bad access detected [ 19.164236] [ 19.164515] Memory state around the buggy address: [ 19.165127] fff00000c58f5e00: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.165583] fff00000c58f5e80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.166997] >fff00000c58f5f00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.168212] ^ [ 19.169322] fff00000c58f5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.170659] fff00000c58f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.173896] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.087011] ================================================================== [ 19.087784] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.088621] Read of size 1 at addr fff00000c65b1fa8 by task kunit_try_catch/178 [ 19.089215] [ 19.089819] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.090008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.090243] Hardware name: linux,dummy-virt (DT) [ 19.090329] Call trace: [ 19.090376] show_stack+0x20/0x38 (C) [ 19.090499] dump_stack_lvl+0x8c/0xd0 [ 19.090599] print_report+0x118/0x608 [ 19.090709] kasan_report+0xdc/0x128 [ 19.090808] __asan_report_load1_noabort+0x20/0x30 [ 19.090900] kmalloc_uaf2+0x3f4/0x468 [ 19.090950] kunit_try_run_case+0x170/0x3f0 [ 19.091005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.091063] kthread+0x318/0x620 [ 19.091116] ret_from_fork+0x10/0x20 [ 19.091202] [ 19.095138] Allocated by task 178: [ 19.095569] kasan_save_stack+0x3c/0x68 [ 19.096003] kasan_save_track+0x20/0x40 [ 19.096580] kasan_save_alloc_info+0x40/0x58 [ 19.097046] __kasan_kmalloc+0xd4/0xd8 [ 19.097705] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.098406] kmalloc_uaf2+0xc4/0x468 [ 19.098750] kunit_try_run_case+0x170/0x3f0 [ 19.099068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.099461] kthread+0x318/0x620 [ 19.099898] ret_from_fork+0x10/0x20 [ 19.101034] [ 19.101342] Freed by task 178: [ 19.101620] kasan_save_stack+0x3c/0x68 [ 19.101965] kasan_save_track+0x20/0x40 [ 19.103491] kasan_save_free_info+0x4c/0x78 [ 19.103909] __kasan_slab_free+0x6c/0x98 [ 19.104266] kfree+0x214/0x3c8 [ 19.104565] kmalloc_uaf2+0x134/0x468 [ 19.104896] kunit_try_run_case+0x170/0x3f0 [ 19.105654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.105998] kthread+0x318/0x620 [ 19.106855] ret_from_fork+0x10/0x20 [ 19.107218] [ 19.107458] The buggy address belongs to the object at fff00000c65b1f80 [ 19.107458] which belongs to the cache kmalloc-64 of size 64 [ 19.108597] The buggy address is located 40 bytes inside of [ 19.108597] freed 64-byte region [fff00000c65b1f80, fff00000c65b1fc0) [ 19.109320] [ 19.109786] The buggy address belongs to the physical page: [ 19.110138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b1 [ 19.111180] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.111598] page_type: f5(slab) [ 19.111869] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.112365] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 19.113115] page dumped because: kasan: bad access detected [ 19.113978] [ 19.114329] Memory state around the buggy address: [ 19.114657] fff00000c65b1e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.115602] fff00000c65b1f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.116382] >fff00000c65b1f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.116894] ^ [ 19.117524] fff00000c65b2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.118263] fff00000c65b2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.119006] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.045299] ================================================================== [ 19.046037] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.046931] Write of size 33 at addr fff00000c65a7e80 by task kunit_try_catch/176 [ 19.047385] [ 19.047616] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.047776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.047810] Hardware name: linux,dummy-virt (DT) [ 19.047851] Call trace: [ 19.047878] show_stack+0x20/0x38 (C) [ 19.047947] dump_stack_lvl+0x8c/0xd0 [ 19.048004] print_report+0x118/0x608 [ 19.048057] kasan_report+0xdc/0x128 [ 19.048109] kasan_check_range+0x100/0x1a8 [ 19.048184] __asan_memset+0x34/0x78 [ 19.048316] kmalloc_uaf_memset+0x170/0x310 [ 19.048411] kunit_try_run_case+0x170/0x3f0 [ 19.048528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.048637] kthread+0x318/0x620 [ 19.048769] ret_from_fork+0x10/0x20 [ 19.048888] [ 19.052975] Allocated by task 176: [ 19.054445] kasan_save_stack+0x3c/0x68 [ 19.055191] kasan_save_track+0x20/0x40 [ 19.055710] kasan_save_alloc_info+0x40/0x58 [ 19.055973] __kasan_kmalloc+0xd4/0xd8 [ 19.056220] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.056691] kmalloc_uaf_memset+0xb8/0x310 [ 19.057124] kunit_try_run_case+0x170/0x3f0 [ 19.057638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.058226] kthread+0x318/0x620 [ 19.058677] ret_from_fork+0x10/0x20 [ 19.059082] [ 19.059516] Freed by task 176: [ 19.060046] kasan_save_stack+0x3c/0x68 [ 19.060612] kasan_save_track+0x20/0x40 [ 19.060852] kasan_save_free_info+0x4c/0x78 [ 19.061094] __kasan_slab_free+0x6c/0x98 [ 19.061346] kfree+0x214/0x3c8 [ 19.061722] kmalloc_uaf_memset+0x11c/0x310 [ 19.062282] kunit_try_run_case+0x170/0x3f0 [ 19.062967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.063576] kthread+0x318/0x620 [ 19.063843] ret_from_fork+0x10/0x20 [ 19.064068] [ 19.064216] The buggy address belongs to the object at fff00000c65a7e80 [ 19.064216] which belongs to the cache kmalloc-64 of size 64 [ 19.064711] The buggy address is located 0 bytes inside of [ 19.064711] freed 64-byte region [fff00000c65a7e80, fff00000c65a7ec0) [ 19.066005] [ 19.066660] The buggy address belongs to the physical page: [ 19.067035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a7 [ 19.067809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.069052] page_type: f5(slab) [ 19.069674] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.070890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.071523] page dumped because: kasan: bad access detected [ 19.071963] [ 19.072200] Memory state around the buggy address: [ 19.072617] fff00000c65a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.073695] fff00000c65a7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.074388] >fff00000c65a7e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.074773] ^ [ 19.074994] fff00000c65a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.075341] fff00000c65a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.075669] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.003050] ================================================================== [ 19.003818] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.004730] Read of size 1 at addr fff00000c58f5f28 by task kunit_try_catch/174 [ 19.005833] [ 19.006410] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.006586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.006905] Hardware name: linux,dummy-virt (DT) [ 19.006991] Call trace: [ 19.007023] show_stack+0x20/0x38 (C) [ 19.007097] dump_stack_lvl+0x8c/0xd0 [ 19.007166] print_report+0x118/0x608 [ 19.007227] kasan_report+0xdc/0x128 [ 19.007277] __asan_report_load1_noabort+0x20/0x30 [ 19.007330] kmalloc_uaf+0x300/0x338 [ 19.007378] kunit_try_run_case+0x170/0x3f0 [ 19.007430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.007486] kthread+0x318/0x620 [ 19.007534] ret_from_fork+0x10/0x20 [ 19.007589] [ 19.012390] Allocated by task 174: [ 19.012783] kasan_save_stack+0x3c/0x68 [ 19.013330] kasan_save_track+0x20/0x40 [ 19.013767] kasan_save_alloc_info+0x40/0x58 [ 19.014604] __kasan_kmalloc+0xd4/0xd8 [ 19.015146] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.015607] kmalloc_uaf+0xb8/0x338 [ 19.016059] kunit_try_run_case+0x170/0x3f0 [ 19.016530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.017074] kthread+0x318/0x620 [ 19.017505] ret_from_fork+0x10/0x20 [ 19.017927] [ 19.018247] Freed by task 174: [ 19.018623] kasan_save_stack+0x3c/0x68 [ 19.019280] kasan_save_track+0x20/0x40 [ 19.019706] kasan_save_free_info+0x4c/0x78 [ 19.020137] __kasan_slab_free+0x6c/0x98 [ 19.020539] kfree+0x214/0x3c8 [ 19.020984] kmalloc_uaf+0x11c/0x338 [ 19.021458] kunit_try_run_case+0x170/0x3f0 [ 19.021938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.022689] kthread+0x318/0x620 [ 19.023142] ret_from_fork+0x10/0x20 [ 19.023634] [ 19.023927] The buggy address belongs to the object at fff00000c58f5f20 [ 19.023927] which belongs to the cache kmalloc-16 of size 16 [ 19.024820] The buggy address is located 8 bytes inside of [ 19.024820] freed 16-byte region [fff00000c58f5f20, fff00000c58f5f30) [ 19.025756] [ 19.026345] The buggy address belongs to the physical page: [ 19.026876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f5 [ 19.028321] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.028892] page_type: f5(slab) [ 19.029386] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.030055] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.030826] page dumped because: kasan: bad access detected [ 19.031595] [ 19.031869] Memory state around the buggy address: [ 19.032285] fff00000c58f5e00: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.032926] fff00000c58f5e80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.033639] >fff00000c58f5f00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.034467] ^ [ 19.034961] fff00000c58f5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.035584] fff00000c58f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.036305] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.967455] ================================================================== [ 18.968141] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e8 [ 18.969427] Read of size 64 at addr fff00000c65a7e04 by task kunit_try_catch/172 [ 18.970512] [ 18.970726] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.970832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.970864] Hardware name: linux,dummy-virt (DT) [ 18.970905] Call trace: [ 18.970933] show_stack+0x20/0x38 (C) [ 18.971171] dump_stack_lvl+0x8c/0xd0 [ 18.971354] print_report+0x118/0x608 [ 18.971422] kasan_report+0xdc/0x128 [ 18.971477] kasan_check_range+0x100/0x1a8 [ 18.971528] __asan_memmove+0x3c/0x98 [ 18.971577] kmalloc_memmove_invalid_size+0x154/0x2e8 [ 18.971634] kunit_try_run_case+0x170/0x3f0 [ 18.971688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.971747] kthread+0x318/0x620 [ 18.971797] ret_from_fork+0x10/0x20 [ 18.971855] [ 18.975963] Allocated by task 172: [ 18.976321] kasan_save_stack+0x3c/0x68 [ 18.976640] kasan_save_track+0x20/0x40 [ 18.977055] kasan_save_alloc_info+0x40/0x58 [ 18.977494] __kasan_kmalloc+0xd4/0xd8 [ 18.977744] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.977984] kmalloc_memmove_invalid_size+0xb0/0x2e8 [ 18.978201] kunit_try_run_case+0x170/0x3f0 [ 18.979467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.979786] kthread+0x318/0x620 [ 18.979953] ret_from_fork+0x10/0x20 [ 18.980427] [ 18.980696] The buggy address belongs to the object at fff00000c65a7e00 [ 18.980696] which belongs to the cache kmalloc-64 of size 64 [ 18.981390] The buggy address is located 4 bytes inside of [ 18.981390] allocated 64-byte region [fff00000c65a7e00, fff00000c65a7e40) [ 18.982928] [ 18.983143] The buggy address belongs to the physical page: [ 18.983657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a7 [ 18.984352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.984905] page_type: f5(slab) [ 18.985611] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.986440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.987460] page dumped because: kasan: bad access detected [ 18.988089] [ 18.988519] Memory state around the buggy address: [ 18.989088] fff00000c65a7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.989902] fff00000c65a7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.990671] >fff00000c65a7e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.991489] ^ [ 18.991886] fff00000c65a7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.992563] fff00000c65a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.993089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.928119] ================================================================== [ 18.928805] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.929822] Read of size 18446744073709551614 at addr fff00000c65a7d84 by task kunit_try_catch/170 [ 18.931174] [ 18.931847] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.931997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.932064] Hardware name: linux,dummy-virt (DT) [ 18.932228] Call trace: [ 18.932306] show_stack+0x20/0x38 (C) [ 18.932411] dump_stack_lvl+0x8c/0xd0 [ 18.932467] print_report+0x118/0x608 [ 18.932521] kasan_report+0xdc/0x128 [ 18.932572] kasan_check_range+0x100/0x1a8 [ 18.932621] __asan_memmove+0x3c/0x98 [ 18.932669] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.932723] kunit_try_run_case+0x170/0x3f0 [ 18.932776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.932831] kthread+0x318/0x620 [ 18.932881] ret_from_fork+0x10/0x20 [ 18.932936] [ 18.938170] Allocated by task 170: [ 18.938757] kasan_save_stack+0x3c/0x68 [ 18.939294] kasan_save_track+0x20/0x40 [ 18.939774] kasan_save_alloc_info+0x40/0x58 [ 18.940415] __kasan_kmalloc+0xd4/0xd8 [ 18.940946] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.941582] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.942417] kunit_try_run_case+0x170/0x3f0 [ 18.942822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.943627] kthread+0x318/0x620 [ 18.944183] ret_from_fork+0x10/0x20 [ 18.944710] [ 18.945104] The buggy address belongs to the object at fff00000c65a7d80 [ 18.945104] which belongs to the cache kmalloc-64 of size 64 [ 18.947088] The buggy address is located 4 bytes inside of [ 18.947088] 64-byte region [fff00000c65a7d80, fff00000c65a7dc0) [ 18.948255] [ 18.948518] The buggy address belongs to the physical page: [ 18.948843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a7 [ 18.949706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.950372] page_type: f5(slab) [ 18.950769] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.951353] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.951907] page dumped because: kasan: bad access detected [ 18.952959] [ 18.953400] Memory state around the buggy address: [ 18.953697] fff00000c65a7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.954748] fff00000c65a7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.955283] >fff00000c65a7d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.955788] ^ [ 18.956640] fff00000c65a7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.956899] fff00000c65a7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.957108] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.885950] ================================================================== [ 18.887141] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.887846] Write of size 16 at addr fff00000c65b6069 by task kunit_try_catch/168 [ 18.889017] [ 18.889431] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.889622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.889699] Hardware name: linux,dummy-virt (DT) [ 18.889744] Call trace: [ 18.889790] show_stack+0x20/0x38 (C) [ 18.889857] dump_stack_lvl+0x8c/0xd0 [ 18.889911] print_report+0x118/0x608 [ 18.889963] kasan_report+0xdc/0x128 [ 18.890012] kasan_check_range+0x100/0x1a8 [ 18.890068] __asan_memset+0x34/0x78 [ 18.890163] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.890258] kunit_try_run_case+0x170/0x3f0 [ 18.890357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.890603] kthread+0x318/0x620 [ 18.890664] ret_from_fork+0x10/0x20 [ 18.890723] [ 18.895841] Allocated by task 168: [ 18.896067] kasan_save_stack+0x3c/0x68 [ 18.896336] kasan_save_track+0x20/0x40 [ 18.896671] kasan_save_alloc_info+0x40/0x58 [ 18.897997] __kasan_kmalloc+0xd4/0xd8 [ 18.898542] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.899252] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.899908] kunit_try_run_case+0x170/0x3f0 [ 18.900212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.900913] kthread+0x318/0x620 [ 18.901460] ret_from_fork+0x10/0x20 [ 18.901771] [ 18.901991] The buggy address belongs to the object at fff00000c65b6000 [ 18.901991] which belongs to the cache kmalloc-128 of size 128 [ 18.902769] The buggy address is located 105 bytes inside of [ 18.902769] allocated 120-byte region [fff00000c65b6000, fff00000c65b6078) [ 18.903388] [ 18.903583] The buggy address belongs to the physical page: [ 18.903887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065b6 [ 18.905849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.906939] page_type: f5(slab) [ 18.907248] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.907610] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.907951] page dumped because: kasan: bad access detected [ 18.911315] [ 18.911950] Memory state around the buggy address: [ 18.913291] fff00000c65b5f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.915009] fff00000c65b5f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.915539] >fff00000c65b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.916020] ^ [ 18.917135] fff00000c65b6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.917813] fff00000c65b6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.918531] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.849637] ================================================================== [ 18.850298] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.851849] Write of size 8 at addr fff00000c5a72b71 by task kunit_try_catch/166 [ 18.852304] [ 18.852625] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.852731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.852765] Hardware name: linux,dummy-virt (DT) [ 18.852831] Call trace: [ 18.852858] show_stack+0x20/0x38 (C) [ 18.852926] dump_stack_lvl+0x8c/0xd0 [ 18.852980] print_report+0x118/0x608 [ 18.853032] kasan_report+0xdc/0x128 [ 18.853082] kasan_check_range+0x100/0x1a8 [ 18.853130] __asan_memset+0x34/0x78 [ 18.853237] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.853347] kunit_try_run_case+0x170/0x3f0 [ 18.853447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.853588] kthread+0x318/0x620 [ 18.853712] ret_from_fork+0x10/0x20 [ 18.853840] [ 18.858022] Allocated by task 166: [ 18.858754] kasan_save_stack+0x3c/0x68 [ 18.859258] kasan_save_track+0x20/0x40 [ 18.859731] kasan_save_alloc_info+0x40/0x58 [ 18.860225] __kasan_kmalloc+0xd4/0xd8 [ 18.860677] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.861044] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.861551] kunit_try_run_case+0x170/0x3f0 [ 18.862039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.862934] kthread+0x318/0x620 [ 18.863381] ret_from_fork+0x10/0x20 [ 18.863805] [ 18.864059] The buggy address belongs to the object at fff00000c5a72b00 [ 18.864059] which belongs to the cache kmalloc-128 of size 128 [ 18.864763] The buggy address is located 113 bytes inside of [ 18.864763] allocated 120-byte region [fff00000c5a72b00, fff00000c5a72b78) [ 18.865850] [ 18.866845] The buggy address belongs to the physical page: [ 18.867758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 18.868439] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.868947] page_type: f5(slab) [ 18.869636] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.870386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.871285] page dumped because: kasan: bad access detected [ 18.871699] [ 18.871925] Memory state around the buggy address: [ 18.872387] fff00000c5a72a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.872914] fff00000c5a72a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.873849] >fff00000c5a72b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.874677] ^ [ 18.875403] fff00000c5a72b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.876096] fff00000c5a72c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.876761] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.811416] ================================================================== [ 18.812008] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.812365] Write of size 4 at addr fff00000c3e3ef75 by task kunit_try_catch/164 [ 18.812677] [ 18.812821] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.812912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.812942] Hardware name: linux,dummy-virt (DT) [ 18.812976] Call trace: [ 18.813001] show_stack+0x20/0x38 (C) [ 18.813056] dump_stack_lvl+0x8c/0xd0 [ 18.813106] print_report+0x118/0x608 [ 18.814378] kasan_report+0xdc/0x128 [ 18.814479] kasan_check_range+0x100/0x1a8 [ 18.814531] __asan_memset+0x34/0x78 [ 18.814578] kmalloc_oob_memset_4+0x150/0x300 [ 18.814629] kunit_try_run_case+0x170/0x3f0 [ 18.814683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.814737] kthread+0x318/0x620 [ 18.814785] ret_from_fork+0x10/0x20 [ 18.814840] [ 18.821667] Allocated by task 164: [ 18.822147] kasan_save_stack+0x3c/0x68 [ 18.822872] kasan_save_track+0x20/0x40 [ 18.823828] kasan_save_alloc_info+0x40/0x58 [ 18.824259] __kasan_kmalloc+0xd4/0xd8 [ 18.824742] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.825121] kmalloc_oob_memset_4+0xb0/0x300 [ 18.825529] kunit_try_run_case+0x170/0x3f0 [ 18.825897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826894] kthread+0x318/0x620 [ 18.827413] ret_from_fork+0x10/0x20 [ 18.827826] [ 18.828178] The buggy address belongs to the object at fff00000c3e3ef00 [ 18.828178] which belongs to the cache kmalloc-128 of size 128 [ 18.829070] The buggy address is located 117 bytes inside of [ 18.829070] allocated 120-byte region [fff00000c3e3ef00, fff00000c3e3ef78) [ 18.829987] [ 18.831020] The buggy address belongs to the physical page: [ 18.831322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e3e [ 18.832101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.832620] page_type: f5(slab) [ 18.833050] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.833750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.834515] page dumped because: kasan: bad access detected [ 18.835410] [ 18.835814] Memory state around the buggy address: [ 18.836454] fff00000c3e3ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.837005] fff00000c3e3ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.837597] >fff00000c3e3ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.838115] ^ [ 18.839596] fff00000c3e3ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.840336] fff00000c3e3f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.841019] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.774519] ================================================================== [ 18.775490] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.776430] Write of size 2 at addr fff00000c5a72a77 by task kunit_try_catch/162 [ 18.777496] [ 18.777945] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.778456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.778528] Hardware name: linux,dummy-virt (DT) [ 18.778571] Call trace: [ 18.778600] show_stack+0x20/0x38 (C) [ 18.778668] dump_stack_lvl+0x8c/0xd0 [ 18.778722] print_report+0x118/0x608 [ 18.778774] kasan_report+0xdc/0x128 [ 18.778823] kasan_check_range+0x100/0x1a8 [ 18.778871] __asan_memset+0x34/0x78 [ 18.778918] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.778967] kunit_try_run_case+0x170/0x3f0 [ 18.779017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.779071] kthread+0x318/0x620 [ 18.779119] ret_from_fork+0x10/0x20 [ 18.779207] [ 18.785919] Allocated by task 162: [ 18.786650] kasan_save_stack+0x3c/0x68 [ 18.786941] kasan_save_track+0x20/0x40 [ 18.787406] kasan_save_alloc_info+0x40/0x58 [ 18.787743] __kasan_kmalloc+0xd4/0xd8 [ 18.788065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.788593] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.788969] kunit_try_run_case+0x170/0x3f0 [ 18.789448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.789915] kthread+0x318/0x620 [ 18.790634] ret_from_fork+0x10/0x20 [ 18.791058] [ 18.791345] The buggy address belongs to the object at fff00000c5a72a00 [ 18.791345] which belongs to the cache kmalloc-128 of size 128 [ 18.792175] The buggy address is located 119 bytes inside of [ 18.792175] allocated 120-byte region [fff00000c5a72a00, fff00000c5a72a78) [ 18.792980] [ 18.793268] The buggy address belongs to the physical page: [ 18.793779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 18.794889] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.795304] page_type: f5(slab) [ 18.795674] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.796404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.797122] page dumped because: kasan: bad access detected [ 18.797675] [ 18.797930] Memory state around the buggy address: [ 18.798650] fff00000c5a72900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.799206] fff00000c5a72980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.799774] >fff00000c5a72a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.800353] ^ [ 18.800900] fff00000c5a72a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.801541] fff00000c5a72b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.802396] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.739116] ================================================================== [ 18.739872] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.740773] Write of size 128 at addr fff00000c5a72900 by task kunit_try_catch/160 [ 18.741914] [ 18.742395] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.742604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.742660] Hardware name: linux,dummy-virt (DT) [ 18.742729] Call trace: [ 18.742774] show_stack+0x20/0x38 (C) [ 18.742895] dump_stack_lvl+0x8c/0xd0 [ 18.742988] print_report+0x118/0x608 [ 18.743085] kasan_report+0xdc/0x128 [ 18.743405] kasan_check_range+0x100/0x1a8 [ 18.743474] __asan_memset+0x34/0x78 [ 18.743523] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.743574] kunit_try_run_case+0x170/0x3f0 [ 18.743627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.743682] kthread+0x318/0x620 [ 18.743732] ret_from_fork+0x10/0x20 [ 18.743786] [ 18.749580] Allocated by task 160: [ 18.749876] kasan_save_stack+0x3c/0x68 [ 18.750781] kasan_save_track+0x20/0x40 [ 18.751427] kasan_save_alloc_info+0x40/0x58 [ 18.751849] __kasan_kmalloc+0xd4/0xd8 [ 18.752440] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.753025] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.753539] kunit_try_run_case+0x170/0x3f0 [ 18.753879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.754558] kthread+0x318/0x620 [ 18.755115] ret_from_fork+0x10/0x20 [ 18.755715] [ 18.756127] The buggy address belongs to the object at fff00000c5a72900 [ 18.756127] which belongs to the cache kmalloc-128 of size 128 [ 18.757081] The buggy address is located 0 bytes inside of [ 18.757081] allocated 120-byte region [fff00000c5a72900, fff00000c5a72978) [ 18.758612] [ 18.759089] The buggy address belongs to the physical page: [ 18.759482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 18.759759] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.759964] page_type: f5(slab) [ 18.760113] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.760360] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.760572] page dumped because: kasan: bad access detected [ 18.760745] [ 18.760842] Memory state around the buggy address: [ 18.761001] fff00000c5a72800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.761274] fff00000c5a72880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.761594] >fff00000c5a72900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.761918] ^ [ 18.762265] fff00000c5a72980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.762853] fff00000c5a72a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.763423] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.695993] ================================================================== [ 18.696746] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.697760] Read of size 16 at addr fff00000c58f5f00 by task kunit_try_catch/158 [ 18.698882] [ 18.699121] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.699310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.699375] Hardware name: linux,dummy-virt (DT) [ 18.699453] Call trace: [ 18.699482] show_stack+0x20/0x38 (C) [ 18.699554] dump_stack_lvl+0x8c/0xd0 [ 18.699641] print_report+0x118/0x608 [ 18.699696] kasan_report+0xdc/0x128 [ 18.699747] __asan_report_load16_noabort+0x20/0x30 [ 18.699798] kmalloc_uaf_16+0x3bc/0x438 [ 18.699847] kunit_try_run_case+0x170/0x3f0 [ 18.699899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.699955] kthread+0x318/0x620 [ 18.700006] ret_from_fork+0x10/0x20 [ 18.700063] [ 18.704071] Allocated by task 158: [ 18.704618] kasan_save_stack+0x3c/0x68 [ 18.705005] kasan_save_track+0x20/0x40 [ 18.705516] kasan_save_alloc_info+0x40/0x58 [ 18.705883] __kasan_kmalloc+0xd4/0xd8 [ 18.707316] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.707779] kmalloc_uaf_16+0x140/0x438 [ 18.708172] kunit_try_run_case+0x170/0x3f0 [ 18.708550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.709308] kthread+0x318/0x620 [ 18.709675] ret_from_fork+0x10/0x20 [ 18.710480] [ 18.710967] Freed by task 158: [ 18.711213] kasan_save_stack+0x3c/0x68 [ 18.711632] kasan_save_track+0x20/0x40 [ 18.712252] kasan_save_free_info+0x4c/0x78 [ 18.712664] __kasan_slab_free+0x6c/0x98 [ 18.713202] kfree+0x214/0x3c8 [ 18.713592] kmalloc_uaf_16+0x190/0x438 [ 18.715076] kunit_try_run_case+0x170/0x3f0 [ 18.715427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.715891] kthread+0x318/0x620 [ 18.716562] ret_from_fork+0x10/0x20 [ 18.717093] [ 18.717357] The buggy address belongs to the object at fff00000c58f5f00 [ 18.717357] which belongs to the cache kmalloc-16 of size 16 [ 18.718702] The buggy address is located 0 bytes inside of [ 18.718702] freed 16-byte region [fff00000c58f5f00, fff00000c58f5f10) [ 18.719671] [ 18.720047] The buggy address belongs to the physical page: [ 18.720377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f5 [ 18.721191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.721814] page_type: f5(slab) [ 18.722450] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.723439] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.724222] page dumped because: kasan: bad access detected [ 18.724647] [ 18.725079] Memory state around the buggy address: [ 18.725403] fff00000c58f5e00: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.726441] fff00000c58f5e80: fa fb fc fc fa fb fc fc 00 04 fc fc 00 00 fc fc [ 18.726986] >fff00000c58f5f00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.727781] ^ [ 18.728241] fff00000c58f5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.728897] fff00000c58f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.729608] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.657144] ================================================================== [ 18.658562] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.659501] Write of size 16 at addr fff00000c3e60640 by task kunit_try_catch/156 [ 18.659937] [ 18.660192] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.660382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.660442] Hardware name: linux,dummy-virt (DT) [ 18.660516] Call trace: [ 18.660564] show_stack+0x20/0x38 (C) [ 18.660636] dump_stack_lvl+0x8c/0xd0 [ 18.660692] print_report+0x118/0x608 [ 18.660746] kasan_report+0xdc/0x128 [ 18.660798] __asan_report_store16_noabort+0x20/0x30 [ 18.660852] kmalloc_oob_16+0x3a0/0x3f8 [ 18.660902] kunit_try_run_case+0x170/0x3f0 [ 18.660956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.661013] kthread+0x318/0x620 [ 18.661063] ret_from_fork+0x10/0x20 [ 18.661120] [ 18.668064] Allocated by task 156: [ 18.668320] kasan_save_stack+0x3c/0x68 [ 18.668567] kasan_save_track+0x20/0x40 [ 18.668798] kasan_save_alloc_info+0x40/0x58 [ 18.669040] __kasan_kmalloc+0xd4/0xd8 [ 18.670808] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.671377] kmalloc_oob_16+0xb4/0x3f8 [ 18.671868] kunit_try_run_case+0x170/0x3f0 [ 18.672251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.672702] kthread+0x318/0x620 [ 18.673017] ret_from_fork+0x10/0x20 [ 18.673843] [ 18.674324] The buggy address belongs to the object at fff00000c3e60640 [ 18.674324] which belongs to the cache kmalloc-16 of size 16 [ 18.676139] The buggy address is located 0 bytes inside of [ 18.676139] allocated 13-byte region [fff00000c3e60640, fff00000c3e6064d) [ 18.677123] [ 18.677385] The buggy address belongs to the physical page: [ 18.677685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 18.678600] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.679284] page_type: f5(slab) [ 18.679530] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.679891] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.680250] page dumped because: kasan: bad access detected [ 18.680521] [ 18.680662] Memory state around the buggy address: [ 18.680911] fff00000c3e60500: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 18.683190] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 18.683570] >fff00000c3e60600: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 18.684354] ^ [ 18.685001] fff00000c3e60680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.685604] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.686139] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.560652] ================================================================== [ 18.561270] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.561613] Read of size 1 at addr fff00000c1789e00 by task kunit_try_catch/154 [ 18.561948] [ 18.563276] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.563469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.563529] Hardware name: linux,dummy-virt (DT) [ 18.563598] Call trace: [ 18.563643] show_stack+0x20/0x38 (C) [ 18.563758] dump_stack_lvl+0x8c/0xd0 [ 18.563851] print_report+0x118/0x608 [ 18.563944] kasan_report+0xdc/0x128 [ 18.564031] __kasan_check_byte+0x54/0x70 [ 18.564122] krealloc_noprof+0x44/0x360 [ 18.564237] krealloc_uaf+0x180/0x520 [ 18.564304] kunit_try_run_case+0x170/0x3f0 [ 18.564371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.564427] kthread+0x318/0x620 [ 18.564478] ret_from_fork+0x10/0x20 [ 18.564534] [ 18.568930] Allocated by task 154: [ 18.569736] kasan_save_stack+0x3c/0x68 [ 18.571181] kasan_save_track+0x20/0x40 [ 18.571442] kasan_save_alloc_info+0x40/0x58 [ 18.571876] __kasan_kmalloc+0xd4/0xd8 [ 18.572317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.572662] krealloc_uaf+0xc8/0x520 [ 18.573087] kunit_try_run_case+0x170/0x3f0 [ 18.573610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.574102] kthread+0x318/0x620 [ 18.574460] ret_from_fork+0x10/0x20 [ 18.574905] [ 18.575124] Freed by task 154: [ 18.575518] kasan_save_stack+0x3c/0x68 [ 18.575906] kasan_save_track+0x20/0x40 [ 18.576760] kasan_save_free_info+0x4c/0x78 [ 18.577213] __kasan_slab_free+0x6c/0x98 [ 18.577669] kfree+0x214/0x3c8 [ 18.578493] krealloc_uaf+0x12c/0x520 [ 18.579248] kunit_try_run_case+0x170/0x3f0 [ 18.579558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.580233] kthread+0x318/0x620 [ 18.580599] ret_from_fork+0x10/0x20 [ 18.581214] [ 18.581495] The buggy address belongs to the object at fff00000c1789e00 [ 18.581495] which belongs to the cache kmalloc-256 of size 256 [ 18.582911] The buggy address is located 0 bytes inside of [ 18.582911] freed 256-byte region [fff00000c1789e00, fff00000c1789f00) [ 18.583424] [ 18.583559] The buggy address belongs to the physical page: [ 18.583808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.584139] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.585801] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.586664] page_type: f5(slab) [ 18.587261] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.587939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.588804] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.589414] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.590032] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.590965] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.591850] page dumped because: kasan: bad access detected [ 18.592472] [ 18.592871] Memory state around the buggy address: [ 18.593523] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.594288] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.595709] >fff00000c1789e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.596277] ^ [ 18.596578] fff00000c1789e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.597101] fff00000c1789f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.597665] ================================================================== [ 18.600461] ================================================================== [ 18.601006] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.601578] Read of size 1 at addr fff00000c1789e00 by task kunit_try_catch/154 [ 18.602038] [ 18.602465] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.602678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.602732] Hardware name: linux,dummy-virt (DT) [ 18.602819] Call trace: [ 18.602865] show_stack+0x20/0x38 (C) [ 18.602989] dump_stack_lvl+0x8c/0xd0 [ 18.603166] print_report+0x118/0x608 [ 18.603268] kasan_report+0xdc/0x128 [ 18.603347] __asan_report_load1_noabort+0x20/0x30 [ 18.603444] krealloc_uaf+0x4c8/0x520 [ 18.603536] kunit_try_run_case+0x170/0x3f0 [ 18.603633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.603735] kthread+0x318/0x620 [ 18.603831] ret_from_fork+0x10/0x20 [ 18.603933] [ 18.609378] Allocated by task 154: [ 18.609909] kasan_save_stack+0x3c/0x68 [ 18.610609] kasan_save_track+0x20/0x40 [ 18.610980] kasan_save_alloc_info+0x40/0x58 [ 18.611342] __kasan_kmalloc+0xd4/0xd8 [ 18.611673] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.612074] krealloc_uaf+0xc8/0x520 [ 18.612535] kunit_try_run_case+0x170/0x3f0 [ 18.612965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.613445] kthread+0x318/0x620 [ 18.613902] ret_from_fork+0x10/0x20 [ 18.615343] [ 18.615523] Freed by task 154: [ 18.615971] kasan_save_stack+0x3c/0x68 [ 18.616540] kasan_save_track+0x20/0x40 [ 18.617080] kasan_save_free_info+0x4c/0x78 [ 18.617642] __kasan_slab_free+0x6c/0x98 [ 18.618312] kfree+0x214/0x3c8 [ 18.618663] krealloc_uaf+0x12c/0x520 [ 18.619034] kunit_try_run_case+0x170/0x3f0 [ 18.619435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.619867] kthread+0x318/0x620 [ 18.620297] ret_from_fork+0x10/0x20 [ 18.620861] [ 18.621314] The buggy address belongs to the object at fff00000c1789e00 [ 18.621314] which belongs to the cache kmalloc-256 of size 256 [ 18.622455] The buggy address is located 0 bytes inside of [ 18.622455] freed 256-byte region [fff00000c1789e00, fff00000c1789f00) [ 18.624054] [ 18.624387] The buggy address belongs to the physical page: [ 18.624984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.625770] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.626773] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.627413] page_type: f5(slab) [ 18.627797] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.628588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.629318] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.629993] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.631055] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.631495] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.632535] page dumped because: kasan: bad access detected [ 18.633221] [ 18.633630] Memory state around the buggy address: [ 18.634028] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.634620] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.635572] >fff00000c1789e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.636098] ^ [ 18.639149] fff00000c1789e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.640570] fff00000c1789f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.640980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.505849] ================================================================== [ 18.507010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.508041] Write of size 1 at addr fff00000c65f20ea by task kunit_try_catch/152 [ 18.508826] [ 18.509116] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.509487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509534] Hardware name: linux,dummy-virt (DT) [ 18.509574] Call trace: [ 18.509601] show_stack+0x20/0x38 (C) [ 18.509669] dump_stack_lvl+0x8c/0xd0 [ 18.509724] print_report+0x118/0x608 [ 18.509778] kasan_report+0xdc/0x128 [ 18.509830] __asan_report_store1_noabort+0x20/0x30 [ 18.509884] krealloc_less_oob_helper+0xae4/0xc50 [ 18.509937] krealloc_large_less_oob+0x20/0x38 [ 18.509990] kunit_try_run_case+0x170/0x3f0 [ 18.510043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.510249] kthread+0x318/0x620 [ 18.510350] ret_from_fork+0x10/0x20 [ 18.510440] [ 18.512983] The buggy address belongs to the physical page: [ 18.513228] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f0 [ 18.514064] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.514851] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.516943] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.517769] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.518719] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.519450] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.519878] head: 0bfffe0000000002 ffffc1ffc3197c01 ffffffffffffffff 0000000000000000 [ 18.520672] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.521358] page dumped because: kasan: bad access detected [ 18.521804] [ 18.521978] Memory state around the buggy address: [ 18.523316] fff00000c65f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.524039] fff00000c65f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.524640] >fff00000c65f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.524977] ^ [ 18.525414] fff00000c65f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.525932] fff00000c65f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.527829] ================================================================== [ 18.479887] ================================================================== [ 18.481597] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.483040] Write of size 1 at addr fff00000c65f20da by task kunit_try_catch/152 [ 18.483620] [ 18.483918] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.484143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.484224] Hardware name: linux,dummy-virt (DT) [ 18.484299] Call trace: [ 18.484349] show_stack+0x20/0x38 (C) [ 18.484419] dump_stack_lvl+0x8c/0xd0 [ 18.484473] print_report+0x118/0x608 [ 18.484525] kasan_report+0xdc/0x128 [ 18.484575] __asan_report_store1_noabort+0x20/0x30 [ 18.484627] krealloc_less_oob_helper+0xa80/0xc50 [ 18.484681] krealloc_large_less_oob+0x20/0x38 [ 18.484733] kunit_try_run_case+0x170/0x3f0 [ 18.484784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.484840] kthread+0x318/0x620 [ 18.484890] ret_from_fork+0x10/0x20 [ 18.484944] [ 18.488646] The buggy address belongs to the physical page: [ 18.488930] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f0 [ 18.491391] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.491904] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.492599] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.493351] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.494013] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.495343] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.496392] head: 0bfffe0000000002 ffffc1ffc3197c01 ffffffffffffffff 0000000000000000 [ 18.497393] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.498520] page dumped because: kasan: bad access detected [ 18.499178] [ 18.499602] Memory state around the buggy address: [ 18.500014] fff00000c65f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.500621] fff00000c65f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.501534] >fff00000c65f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.502057] ^ [ 18.502765] fff00000c65f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.503297] fff00000c65f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.503795] ================================================================== [ 18.429202] ================================================================== [ 18.430477] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.430997] Write of size 1 at addr fff00000c65f20c9 by task kunit_try_catch/152 [ 18.431369] [ 18.431531] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.431631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.431661] Hardware name: linux,dummy-virt (DT) [ 18.431698] Call trace: [ 18.431725] show_stack+0x20/0x38 (C) [ 18.431785] dump_stack_lvl+0x8c/0xd0 [ 18.431840] print_report+0x118/0x608 [ 18.431892] kasan_report+0xdc/0x128 [ 18.431941] __asan_report_store1_noabort+0x20/0x30 [ 18.431993] krealloc_less_oob_helper+0xa48/0xc50 [ 18.432046] krealloc_large_less_oob+0x20/0x38 [ 18.432097] kunit_try_run_case+0x170/0x3f0 [ 18.432149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433115] kthread+0x318/0x620 [ 18.433449] ret_from_fork+0x10/0x20 [ 18.433532] [ 18.439796] The buggy address belongs to the physical page: [ 18.440088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f0 [ 18.440500] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.440832] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.441232] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.441987] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.443102] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.443663] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.444364] head: 0bfffe0000000002 ffffc1ffc3197c01 ffffffffffffffff 0000000000000000 [ 18.445106] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.445868] page dumped because: kasan: bad access detected [ 18.447002] [ 18.447213] Memory state around the buggy address: [ 18.447493] fff00000c65f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.448392] fff00000c65f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.448927] >fff00000c65f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.449791] ^ [ 18.450419] fff00000c65f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.451313] fff00000c65f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.452013] ================================================================== [ 18.327603] ================================================================== [ 18.327859] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.328116] Write of size 1 at addr fff00000c1789ceb by task kunit_try_catch/148 [ 18.328892] [ 18.330099] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.330346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.330414] Hardware name: linux,dummy-virt (DT) [ 18.330495] Call trace: [ 18.330550] show_stack+0x20/0x38 (C) [ 18.330683] dump_stack_lvl+0x8c/0xd0 [ 18.330766] print_report+0x118/0x608 [ 18.330826] kasan_report+0xdc/0x128 [ 18.330905] __asan_report_store1_noabort+0x20/0x30 [ 18.330957] krealloc_less_oob_helper+0xa58/0xc50 [ 18.331011] krealloc_less_oob+0x20/0x38 [ 18.331060] kunit_try_run_case+0x170/0x3f0 [ 18.331115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.331196] kthread+0x318/0x620 [ 18.331252] ret_from_fork+0x10/0x20 [ 18.331311] [ 18.335148] Allocated by task 148: [ 18.337475] kasan_save_stack+0x3c/0x68 [ 18.337887] kasan_save_track+0x20/0x40 [ 18.338537] kasan_save_alloc_info+0x40/0x58 [ 18.338972] __kasan_krealloc+0x118/0x178 [ 18.339380] krealloc_noprof+0x128/0x360 [ 18.339756] krealloc_less_oob_helper+0x168/0xc50 [ 18.340143] krealloc_less_oob+0x20/0x38 [ 18.341664] kunit_try_run_case+0x170/0x3f0 [ 18.342085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342534] kthread+0x318/0x620 [ 18.342837] ret_from_fork+0x10/0x20 [ 18.343256] [ 18.343561] The buggy address belongs to the object at fff00000c1789c00 [ 18.343561] which belongs to the cache kmalloc-256 of size 256 [ 18.344675] The buggy address is located 34 bytes to the right of [ 18.344675] allocated 201-byte region [fff00000c1789c00, fff00000c1789cc9) [ 18.345724] [ 18.346165] The buggy address belongs to the physical page: [ 18.346620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.347372] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.347896] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.349361] page_type: f5(slab) [ 18.349571] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.349807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.350035] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.351239] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.352006] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.352702] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.353524] page dumped because: kasan: bad access detected [ 18.354211] [ 18.354617] Memory state around the buggy address: [ 18.354992] fff00000c1789b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.355725] fff00000c1789c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.356768] >fff00000c1789c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.357111] ^ [ 18.357633] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.358901] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.359537] ================================================================== [ 18.189880] ================================================================== [ 18.190854] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.191348] Write of size 1 at addr fff00000c1789cc9 by task kunit_try_catch/148 [ 18.191595] [ 18.191715] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.191814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.191843] Hardware name: linux,dummy-virt (DT) [ 18.191881] Call trace: [ 18.191907] show_stack+0x20/0x38 (C) [ 18.191968] dump_stack_lvl+0x8c/0xd0 [ 18.192024] print_report+0x118/0x608 [ 18.192077] kasan_report+0xdc/0x128 [ 18.192127] __asan_report_store1_noabort+0x20/0x30 [ 18.192239] krealloc_less_oob_helper+0xa48/0xc50 [ 18.192334] krealloc_less_oob+0x20/0x38 [ 18.192429] kunit_try_run_case+0x170/0x3f0 [ 18.192537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.192672] kthread+0x318/0x620 [ 18.192785] ret_from_fork+0x10/0x20 [ 18.192894] [ 18.200167] Allocated by task 148: [ 18.200558] kasan_save_stack+0x3c/0x68 [ 18.201072] kasan_save_track+0x20/0x40 [ 18.201538] kasan_save_alloc_info+0x40/0x58 [ 18.202013] __kasan_krealloc+0x118/0x178 [ 18.202790] krealloc_noprof+0x128/0x360 [ 18.202986] krealloc_less_oob_helper+0x168/0xc50 [ 18.203149] krealloc_less_oob+0x20/0x38 [ 18.203316] kunit_try_run_case+0x170/0x3f0 [ 18.203466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.203636] kthread+0x318/0x620 [ 18.203769] ret_from_fork+0x10/0x20 [ 18.203906] [ 18.204002] The buggy address belongs to the object at fff00000c1789c00 [ 18.204002] which belongs to the cache kmalloc-256 of size 256 [ 18.204790] The buggy address is located 0 bytes to the right of [ 18.204790] allocated 201-byte region [fff00000c1789c00, fff00000c1789cc9) [ 18.206005] [ 18.206308] The buggy address belongs to the physical page: [ 18.207299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.208956] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.209751] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.210499] page_type: f5(slab) [ 18.211131] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.211867] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.212673] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.213459] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.215128] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.215727] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.216460] page dumped because: kasan: bad access detected [ 18.216798] [ 18.216986] Memory state around the buggy address: [ 18.217296] fff00000c1789b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.217684] fff00000c1789c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.218069] >fff00000c1789c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.218516] ^ [ 18.218990] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.220088] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.220521] ================================================================== [ 18.296557] ================================================================== [ 18.297142] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.297741] Write of size 1 at addr fff00000c1789cea by task kunit_try_catch/148 [ 18.298427] [ 18.298992] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.299110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.299142] Hardware name: linux,dummy-virt (DT) [ 18.299205] Call trace: [ 18.299232] show_stack+0x20/0x38 (C) [ 18.299302] dump_stack_lvl+0x8c/0xd0 [ 18.299357] print_report+0x118/0x608 [ 18.299411] kasan_report+0xdc/0x128 [ 18.299462] __asan_report_store1_noabort+0x20/0x30 [ 18.299516] krealloc_less_oob_helper+0xae4/0xc50 [ 18.299570] krealloc_less_oob+0x20/0x38 [ 18.299621] kunit_try_run_case+0x170/0x3f0 [ 18.299673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.299730] kthread+0x318/0x620 [ 18.299780] ret_from_fork+0x10/0x20 [ 18.299835] [ 18.304540] Allocated by task 148: [ 18.304760] kasan_save_stack+0x3c/0x68 [ 18.305017] kasan_save_track+0x20/0x40 [ 18.305306] kasan_save_alloc_info+0x40/0x58 [ 18.305682] __kasan_krealloc+0x118/0x178 [ 18.308052] krealloc_noprof+0x128/0x360 [ 18.308450] krealloc_less_oob_helper+0x168/0xc50 [ 18.308885] krealloc_less_oob+0x20/0x38 [ 18.309325] kunit_try_run_case+0x170/0x3f0 [ 18.309723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.310770] kthread+0x318/0x620 [ 18.311203] ret_from_fork+0x10/0x20 [ 18.311441] [ 18.311582] The buggy address belongs to the object at fff00000c1789c00 [ 18.311582] which belongs to the cache kmalloc-256 of size 256 [ 18.312094] The buggy address is located 33 bytes to the right of [ 18.312094] allocated 201-byte region [fff00000c1789c00, fff00000c1789cc9) [ 18.312640] [ 18.312779] The buggy address belongs to the physical page: [ 18.313050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.315225] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.316373] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.316990] page_type: f5(slab) [ 18.317350] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.318315] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.318574] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.318802] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.319029] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.319361] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.320063] page dumped because: kasan: bad access detected [ 18.321269] [ 18.321700] Memory state around the buggy address: [ 18.322533] fff00000c1789b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.323071] fff00000c1789c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.323668] >fff00000c1789c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.325561] ^ [ 18.326366] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326682] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326896] ================================================================== [ 18.224076] ================================================================== [ 18.224915] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.225668] Write of size 1 at addr fff00000c1789cd0 by task kunit_try_catch/148 [ 18.227226] [ 18.227455] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.227562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.227596] Hardware name: linux,dummy-virt (DT) [ 18.227635] Call trace: [ 18.227661] show_stack+0x20/0x38 (C) [ 18.227733] dump_stack_lvl+0x8c/0xd0 [ 18.227788] print_report+0x118/0x608 [ 18.227843] kasan_report+0xdc/0x128 [ 18.227894] __asan_report_store1_noabort+0x20/0x30 [ 18.227948] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.228002] krealloc_less_oob+0x20/0x38 [ 18.228052] kunit_try_run_case+0x170/0x3f0 [ 18.228106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.229425] kthread+0x318/0x620 [ 18.229575] ret_from_fork+0x10/0x20 [ 18.229641] [ 18.236738] Allocated by task 148: [ 18.237118] kasan_save_stack+0x3c/0x68 [ 18.237769] kasan_save_track+0x20/0x40 [ 18.238395] kasan_save_alloc_info+0x40/0x58 [ 18.239644] __kasan_krealloc+0x118/0x178 [ 18.240100] krealloc_noprof+0x128/0x360 [ 18.240752] krealloc_less_oob_helper+0x168/0xc50 [ 18.241218] krealloc_less_oob+0x20/0x38 [ 18.241858] kunit_try_run_case+0x170/0x3f0 [ 18.242474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.243373] kthread+0x318/0x620 [ 18.243931] ret_from_fork+0x10/0x20 [ 18.244343] [ 18.244578] The buggy address belongs to the object at fff00000c1789c00 [ 18.244578] which belongs to the cache kmalloc-256 of size 256 [ 18.245795] The buggy address is located 7 bytes to the right of [ 18.245795] allocated 201-byte region [fff00000c1789c00, fff00000c1789cc9) [ 18.246865] [ 18.247064] The buggy address belongs to the physical page: [ 18.248244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.249178] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.250099] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.250921] page_type: f5(slab) [ 18.251412] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.252109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.252679] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.252924] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.253169] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.253405] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.253635] page dumped because: kasan: bad access detected [ 18.253814] [ 18.253915] Memory state around the buggy address: [ 18.254136] fff00000c1789b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.254581] fff00000c1789c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.256314] >fff00000c1789c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.256961] ^ [ 18.257429] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.257953] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.259234] ================================================================== [ 18.261554] ================================================================== [ 18.262101] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.262904] Write of size 1 at addr fff00000c1789cda by task kunit_try_catch/148 [ 18.264710] [ 18.265031] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.265237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.265284] Hardware name: linux,dummy-virt (DT) [ 18.265324] Call trace: [ 18.265369] show_stack+0x20/0x38 (C) [ 18.265449] dump_stack_lvl+0x8c/0xd0 [ 18.265513] print_report+0x118/0x608 [ 18.265581] kasan_report+0xdc/0x128 [ 18.265633] __asan_report_store1_noabort+0x20/0x30 [ 18.265686] krealloc_less_oob_helper+0xa80/0xc50 [ 18.265741] krealloc_less_oob+0x20/0x38 [ 18.265792] kunit_try_run_case+0x170/0x3f0 [ 18.265845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.265902] kthread+0x318/0x620 [ 18.265953] ret_from_fork+0x10/0x20 [ 18.266009] [ 18.271805] Allocated by task 148: [ 18.272479] kasan_save_stack+0x3c/0x68 [ 18.272903] kasan_save_track+0x20/0x40 [ 18.273285] kasan_save_alloc_info+0x40/0x58 [ 18.273814] __kasan_krealloc+0x118/0x178 [ 18.274701] krealloc_noprof+0x128/0x360 [ 18.275108] krealloc_less_oob_helper+0x168/0xc50 [ 18.275525] krealloc_less_oob+0x20/0x38 [ 18.275969] kunit_try_run_case+0x170/0x3f0 [ 18.276407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.276893] kthread+0x318/0x620 [ 18.277321] ret_from_fork+0x10/0x20 [ 18.277799] [ 18.278352] The buggy address belongs to the object at fff00000c1789c00 [ 18.278352] which belongs to the cache kmalloc-256 of size 256 [ 18.279239] The buggy address is located 17 bytes to the right of [ 18.279239] allocated 201-byte region [fff00000c1789c00, fff00000c1789cc9) [ 18.281017] [ 18.281229] The buggy address belongs to the physical page: [ 18.281558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101788 [ 18.282694] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.283218] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.283893] page_type: f5(slab) [ 18.284268] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.284945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.285635] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.287201] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.287793] head: 0bfffe0000000001 ffffc1ffc305e201 ffffffffffffffff 0000000000000000 [ 18.288468] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.289063] page dumped because: kasan: bad access detected [ 18.289642] [ 18.289879] Memory state around the buggy address: [ 18.290648] fff00000c1789b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.291325] fff00000c1789c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.291950] >fff00000c1789c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.292961] ^ [ 18.293441] fff00000c1789d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294063] fff00000c1789d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.295437] ================================================================== [ 18.529010] ================================================================== [ 18.529953] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.530737] Write of size 1 at addr fff00000c65f20eb by task kunit_try_catch/152 [ 18.531183] [ 18.531501] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.531614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.531645] Hardware name: linux,dummy-virt (DT) [ 18.531710] Call trace: [ 18.531736] show_stack+0x20/0x38 (C) [ 18.531800] dump_stack_lvl+0x8c/0xd0 [ 18.531853] print_report+0x118/0x608 [ 18.531903] kasan_report+0xdc/0x128 [ 18.531950] __asan_report_store1_noabort+0x20/0x30 [ 18.532000] krealloc_less_oob_helper+0xa58/0xc50 [ 18.532049] krealloc_large_less_oob+0x20/0x38 [ 18.532097] kunit_try_run_case+0x170/0x3f0 [ 18.532145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533240] kthread+0x318/0x620 [ 18.533295] ret_from_fork+0x10/0x20 [ 18.533354] [ 18.537812] The buggy address belongs to the physical page: [ 18.538203] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f0 [ 18.538948] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.540036] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.540819] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.541607] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.542739] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.543471] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.544558] head: 0bfffe0000000002 ffffc1ffc3197c01 ffffffffffffffff 0000000000000000 [ 18.545360] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.546102] page dumped because: kasan: bad access detected [ 18.546906] [ 18.547161] Memory state around the buggy address: [ 18.547565] fff00000c65f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.548031] fff00000c65f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.548523] >fff00000c65f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.549296] ^ [ 18.549846] fff00000c65f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.551312] fff00000c65f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.552044] ================================================================== [ 18.454118] ================================================================== [ 18.455285] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.455658] Write of size 1 at addr fff00000c65f20d0 by task kunit_try_catch/152 [ 18.455997] [ 18.456147] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.456262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.456294] Hardware name: linux,dummy-virt (DT) [ 18.456332] Call trace: [ 18.456358] show_stack+0x20/0x38 (C) [ 18.456418] dump_stack_lvl+0x8c/0xd0 [ 18.456471] print_report+0x118/0x608 [ 18.456524] kasan_report+0xdc/0x128 [ 18.456574] __asan_report_store1_noabort+0x20/0x30 [ 18.456626] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.456679] krealloc_large_less_oob+0x20/0x38 [ 18.456730] kunit_try_run_case+0x170/0x3f0 [ 18.456782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.456838] kthread+0x318/0x620 [ 18.456886] ret_from_fork+0x10/0x20 [ 18.456941] [ 18.464887] The buggy address belongs to the physical page: [ 18.465361] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f0 [ 18.465962] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.467069] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.467793] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.468511] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.469255] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.470029] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.470938] head: 0bfffe0000000002 ffffc1ffc3197c01 ffffffffffffffff 0000000000000000 [ 18.471509] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.472072] page dumped because: kasan: bad access detected [ 18.473316] [ 18.473737] Memory state around the buggy address: [ 18.474549] fff00000c65f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.475140] fff00000c65f2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.475939] >fff00000c65f2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.476619] ^ [ 18.477328] fff00000c65f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.478110] fff00000c65f2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.479011] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.124179] ================================================================== [ 18.124787] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 18.125555] Write of size 1 at addr fff00000c09740eb by task kunit_try_catch/146 [ 18.126049] [ 18.126370] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.126574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126629] Hardware name: linux,dummy-virt (DT) [ 18.126692] Call trace: [ 18.126736] show_stack+0x20/0x38 (C) [ 18.126842] dump_stack_lvl+0x8c/0xd0 [ 18.126942] print_report+0x118/0x608 [ 18.127039] kasan_report+0xdc/0x128 [ 18.127138] __asan_report_store1_noabort+0x20/0x30 [ 18.127264] krealloc_more_oob_helper+0x614/0x680 [ 18.127370] krealloc_more_oob+0x20/0x38 [ 18.127461] kunit_try_run_case+0x170/0x3f0 [ 18.127549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127648] kthread+0x318/0x620 [ 18.127735] ret_from_fork+0x10/0x20 [ 18.127845] [ 18.131967] Allocated by task 146: [ 18.132486] kasan_save_stack+0x3c/0x68 [ 18.132803] kasan_save_track+0x20/0x40 [ 18.133241] kasan_save_alloc_info+0x40/0x58 [ 18.133558] __kasan_krealloc+0x118/0x178 [ 18.133966] krealloc_noprof+0x128/0x360 [ 18.134263] krealloc_more_oob_helper+0x168/0x680 [ 18.134566] krealloc_more_oob+0x20/0x38 [ 18.134847] kunit_try_run_case+0x170/0x3f0 [ 18.135114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.135894] kthread+0x318/0x620 [ 18.136304] ret_from_fork+0x10/0x20 [ 18.136623] [ 18.136890] The buggy address belongs to the object at fff00000c0974000 [ 18.136890] which belongs to the cache kmalloc-256 of size 256 [ 18.137796] The buggy address is located 0 bytes to the right of [ 18.137796] allocated 235-byte region [fff00000c0974000, fff00000c09740eb) [ 18.138935] [ 18.139232] The buggy address belongs to the physical page: [ 18.139743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100974 [ 18.142062] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.142867] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.143634] page_type: f5(slab) [ 18.143969] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.144521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.145249] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.145846] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.146775] head: 0bfffe0000000001 ffffc1ffc3025d01 ffffffffffffffff 0000000000000000 [ 18.147141] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.147527] page dumped because: kasan: bad access detected [ 18.147804] [ 18.147946] Memory state around the buggy address: [ 18.148490] fff00000c0973f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.149195] fff00000c0974000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149906] >fff00000c0974080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.150817] ^ [ 18.151539] fff00000c0974100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.152193] fff00000c0974180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.152736] ================================================================== [ 18.401217] ================================================================== [ 18.401872] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 18.403274] Write of size 1 at addr fff00000c606e0f0 by task kunit_try_catch/150 [ 18.403810] [ 18.404126] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.404333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.404424] Hardware name: linux,dummy-virt (DT) [ 18.404501] Call trace: [ 18.404555] show_stack+0x20/0x38 (C) [ 18.404705] dump_stack_lvl+0x8c/0xd0 [ 18.404818] print_report+0x118/0x608 [ 18.404889] kasan_report+0xdc/0x128 [ 18.404941] __asan_report_store1_noabort+0x20/0x30 [ 18.404994] krealloc_more_oob_helper+0x5c8/0x680 [ 18.405051] krealloc_large_more_oob+0x20/0x38 [ 18.405104] kunit_try_run_case+0x170/0x3f0 [ 18.405181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405242] kthread+0x318/0x620 [ 18.405292] ret_from_fork+0x10/0x20 [ 18.405351] [ 18.410884] The buggy address belongs to the physical page: [ 18.411487] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10606c [ 18.411969] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.412240] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.412498] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.412722] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.412947] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.413206] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.414352] head: 0bfffe0000000002 ffffc1ffc3181b01 ffffffffffffffff 0000000000000000 [ 18.415051] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.415636] page dumped because: kasan: bad access detected [ 18.416362] [ 18.416746] Memory state around the buggy address: [ 18.417184] fff00000c606df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.417897] fff00000c606e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.418758] >fff00000c606e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.418991] ^ [ 18.419252] fff00000c606e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.419466] fff00000c606e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.419667] ================================================================== [ 18.369789] ================================================================== [ 18.370565] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x614/0x680 [ 18.371365] Write of size 1 at addr fff00000c606e0eb by task kunit_try_catch/150 [ 18.371802] [ 18.372122] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.373349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373411] Hardware name: linux,dummy-virt (DT) [ 18.373481] Call trace: [ 18.373543] show_stack+0x20/0x38 (C) [ 18.373671] dump_stack_lvl+0x8c/0xd0 [ 18.373780] print_report+0x118/0x608 [ 18.373880] kasan_report+0xdc/0x128 [ 18.373981] __asan_report_store1_noabort+0x20/0x30 [ 18.374881] krealloc_more_oob_helper+0x614/0x680 [ 18.375032] krealloc_large_more_oob+0x20/0x38 [ 18.375128] kunit_try_run_case+0x170/0x3f0 [ 18.375287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.375410] kthread+0x318/0x620 [ 18.375519] ret_from_fork+0x10/0x20 [ 18.375635] [ 18.384409] The buggy address belongs to the physical page: [ 18.385668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10606c [ 18.387882] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.388922] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.389738] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.390427] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.391214] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.391969] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.392745] head: 0bfffe0000000002 ffffc1ffc3181b01 ffffffffffffffff 0000000000000000 [ 18.393360] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.393926] page dumped because: kasan: bad access detected [ 18.394743] [ 18.395190] Memory state around the buggy address: [ 18.395665] fff00000c606df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.396313] fff00000c606e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.397029] >fff00000c606e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.397705] ^ [ 18.398182] fff00000c606e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.398730] fff00000c606e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.399508] ================================================================== [ 18.154801] ================================================================== [ 18.155503] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c8/0x680 [ 18.155914] Write of size 1 at addr fff00000c09740f0 by task kunit_try_catch/146 [ 18.156305] [ 18.156459] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.156556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.156587] Hardware name: linux,dummy-virt (DT) [ 18.156624] Call trace: [ 18.156650] show_stack+0x20/0x38 (C) [ 18.156711] dump_stack_lvl+0x8c/0xd0 [ 18.156766] print_report+0x118/0x608 [ 18.156818] kasan_report+0xdc/0x128 [ 18.156868] __asan_report_store1_noabort+0x20/0x30 [ 18.156919] krealloc_more_oob_helper+0x5c8/0x680 [ 18.156971] krealloc_more_oob+0x20/0x38 [ 18.157021] kunit_try_run_case+0x170/0x3f0 [ 18.157072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.157127] kthread+0x318/0x620 [ 18.157233] ret_from_fork+0x10/0x20 [ 18.157344] [ 18.162014] Allocated by task 146: [ 18.162656] kasan_save_stack+0x3c/0x68 [ 18.163070] kasan_save_track+0x20/0x40 [ 18.163550] kasan_save_alloc_info+0x40/0x58 [ 18.163991] __kasan_krealloc+0x118/0x178 [ 18.164379] krealloc_noprof+0x128/0x360 [ 18.164778] krealloc_more_oob_helper+0x168/0x680 [ 18.165326] krealloc_more_oob+0x20/0x38 [ 18.165793] kunit_try_run_case+0x170/0x3f0 [ 18.166451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.167024] kthread+0x318/0x620 [ 18.167411] ret_from_fork+0x10/0x20 [ 18.167819] [ 18.168069] The buggy address belongs to the object at fff00000c0974000 [ 18.168069] which belongs to the cache kmalloc-256 of size 256 [ 18.168721] The buggy address is located 5 bytes to the right of [ 18.168721] allocated 235-byte region [fff00000c0974000, fff00000c09740eb) [ 18.169754] [ 18.170044] The buggy address belongs to the physical page: [ 18.170459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100974 [ 18.171114] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.171727] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.172516] page_type: f5(slab) [ 18.172708] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.172934] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.173177] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.173406] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.173643] head: 0bfffe0000000001 ffffc1ffc3025d01 ffffffffffffffff 0000000000000000 [ 18.173866] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 18.174123] page dumped because: kasan: bad access detected [ 18.174435] [ 18.174642] Memory state around the buggy address: [ 18.174979] fff00000c0973f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.175319] fff00000c0974000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.177017] >fff00000c0974080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.177756] ^ [ 18.178481] fff00000c0974100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.179282] fff00000c0974180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.179849] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.092342] ================================================================== [ 18.093416] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 18.093967] Read of size 1 at addr fff00000c6630000 by task kunit_try_catch/144 [ 18.094759] [ 18.095080] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.095258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.095290] Hardware name: linux,dummy-virt (DT) [ 18.095326] Call trace: [ 18.095359] show_stack+0x20/0x38 (C) [ 18.095460] dump_stack_lvl+0x8c/0xd0 [ 18.095568] print_report+0x118/0x608 [ 18.095682] kasan_report+0xdc/0x128 [ 18.095781] __asan_report_load1_noabort+0x20/0x30 [ 18.095884] page_alloc_uaf+0x328/0x350 [ 18.095962] kunit_try_run_case+0x170/0x3f0 [ 18.096015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.096066] kthread+0x318/0x620 [ 18.096111] ret_from_fork+0x10/0x20 [ 18.096183] [ 18.099909] The buggy address belongs to the physical page: [ 18.100548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106630 [ 18.101119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.101792] page_type: f0(buddy) [ 18.102451] raw: 0bfffe0000000000 fff00000ff6150e0 fff00000ff6150e0 0000000000000000 [ 18.102898] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 18.103563] page dumped because: kasan: bad access detected [ 18.104080] [ 18.104330] Memory state around the buggy address: [ 18.104799] fff00000c662ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.105454] fff00000c662ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.106102] >fff00000c6630000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.106473] ^ [ 18.106712] fff00000c6630080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.107258] fff00000c6630100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.107682] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 18.058571] ================================================================== [ 18.059625] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 18.059992] Free of addr fff00000c6068001 by task kunit_try_catch/140 [ 18.060390] [ 18.060586] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.060676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.060704] Hardware name: linux,dummy-virt (DT) [ 18.060740] Call trace: [ 18.060764] show_stack+0x20/0x38 (C) [ 18.060822] dump_stack_lvl+0x8c/0xd0 [ 18.060875] print_report+0x118/0x608 [ 18.060926] kasan_report_invalid_free+0xc0/0xe8 [ 18.060979] __kasan_kfree_large+0x5c/0xa8 [ 18.061028] free_large_kmalloc+0x58/0x140 [ 18.061077] kfree+0x270/0x3c8 [ 18.061122] kmalloc_large_invalid_free+0x108/0x270 [ 18.061223] kunit_try_run_case+0x170/0x3f0 [ 18.061354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.061520] kthread+0x318/0x620 [ 18.061772] ret_from_fork+0x10/0x20 [ 18.061904] [ 18.066626] The buggy address belongs to the physical page: [ 18.066906] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106068 [ 18.067752] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.068237] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.068607] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.068954] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.069812] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.070307] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.070637] head: 0bfffe0000000002 ffffc1ffc3181a01 ffffffffffffffff 0000000000000000 [ 18.070965] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.071722] page dumped because: kasan: bad access detected [ 18.072344] [ 18.072495] Memory state around the buggy address: [ 18.072735] fff00000c6067f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073052] fff00000c6067f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073372] >fff00000c6068000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.073693] ^ [ 18.073893] fff00000c6068080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.074878] fff00000c6068100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.075635] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.033636] ================================================================== [ 18.034626] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 18.034982] Read of size 1 at addr fff00000c6068000 by task kunit_try_catch/138 [ 18.035310] [ 18.035463] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.035552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.035581] Hardware name: linux,dummy-virt (DT) [ 18.035616] Call trace: [ 18.035641] show_stack+0x20/0x38 (C) [ 18.035695] dump_stack_lvl+0x8c/0xd0 [ 18.035745] print_report+0x118/0x608 [ 18.035792] kasan_report+0xdc/0x128 [ 18.035838] __asan_report_load1_noabort+0x20/0x30 [ 18.035885] kmalloc_large_uaf+0x2cc/0x2f8 [ 18.035931] kunit_try_run_case+0x170/0x3f0 [ 18.035978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.036029] kthread+0x318/0x620 [ 18.036075] ret_from_fork+0x10/0x20 [ 18.036124] [ 18.040532] The buggy address belongs to the physical page: [ 18.041260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106068 [ 18.041914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.042687] raw: 0bfffe0000000000 ffffc1ffc3181b08 fff00000da4b1040 0000000000000000 [ 18.043287] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.043795] page dumped because: kasan: bad access detected [ 18.044327] [ 18.044572] Memory state around the buggy address: [ 18.045006] fff00000c6067f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.045592] fff00000c6067f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.046244] >fff00000c6068000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.046883] ^ [ 18.047319] fff00000c6068080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.047889] fff00000c6068100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.048442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.006441] ================================================================== [ 18.007469] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 18.007964] Write of size 1 at addr fff00000c606a00a by task kunit_try_catch/136 [ 18.008522] [ 18.008797] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.008979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.009037] Hardware name: linux,dummy-virt (DT) [ 18.009105] Call trace: [ 18.009168] show_stack+0x20/0x38 (C) [ 18.009290] dump_stack_lvl+0x8c/0xd0 [ 18.009403] print_report+0x118/0x608 [ 18.009485] kasan_report+0xdc/0x128 [ 18.009546] __asan_report_store1_noabort+0x20/0x30 [ 18.009600] kmalloc_large_oob_right+0x278/0x2b8 [ 18.009650] kunit_try_run_case+0x170/0x3f0 [ 18.009700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.009752] kthread+0x318/0x620 [ 18.009797] ret_from_fork+0x10/0x20 [ 18.009848] [ 18.014301] The buggy address belongs to the physical page: [ 18.014950] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106068 [ 18.015616] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.016296] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.016894] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.017441] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.018008] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.018950] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.019518] head: 0bfffe0000000002 ffffc1ffc3181a01 ffffffffffffffff 0000000000000000 [ 18.020108] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 18.020708] page dumped because: kasan: bad access detected [ 18.021079] [ 18.021336] Memory state around the buggy address: [ 18.021762] fff00000c6069f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.022459] fff00000c6069f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.022782] >fff00000c606a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.023075] ^ [ 18.023276] fff00000c606a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.023564] fff00000c606a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.023845] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.969736] ================================================================== [ 17.971080] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.971523] Write of size 1 at addr fff00000c6559f00 by task kunit_try_catch/134 [ 17.971758] [ 17.971875] CPU: 0 UID: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.971971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.972000] Hardware name: linux,dummy-virt (DT) [ 17.972035] Call trace: [ 17.972061] show_stack+0x20/0x38 (C) [ 17.972119] dump_stack_lvl+0x8c/0xd0 [ 17.972200] print_report+0x118/0x608 [ 17.972253] kasan_report+0xdc/0x128 [ 17.972302] __asan_report_store1_noabort+0x20/0x30 [ 17.972351] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.972398] kunit_try_run_case+0x170/0x3f0 [ 17.972448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.972502] kthread+0x318/0x620 [ 17.972550] ret_from_fork+0x10/0x20 [ 17.972605] [ 17.977208] Allocated by task 134: [ 17.977783] kasan_save_stack+0x3c/0x68 [ 17.978784] kasan_save_track+0x20/0x40 [ 17.979197] kasan_save_alloc_info+0x40/0x58 [ 17.979537] __kasan_kmalloc+0xd4/0xd8 [ 17.979840] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.980246] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.980604] kunit_try_run_case+0x170/0x3f0 [ 17.980936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.981923] kthread+0x318/0x620 [ 17.982534] ret_from_fork+0x10/0x20 [ 17.983084] [ 17.983344] The buggy address belongs to the object at fff00000c6558000 [ 17.983344] which belongs to the cache kmalloc-8k of size 8192 [ 17.984326] The buggy address is located 0 bytes to the right of [ 17.984326] allocated 7936-byte region [fff00000c6558000, fff00000c6559f00) [ 17.985325] [ 17.985596] The buggy address belongs to the physical page: [ 17.986389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106558 [ 17.987102] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.987636] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.988096] page_type: f5(slab) [ 17.988387] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.988933] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.989491] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.989955] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.991484] head: 0bfffe0000000003 ffffc1ffc3195601 ffffffffffffffff 0000000000000000 [ 17.992359] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 17.992994] page dumped because: kasan: bad access detected [ 17.993491] [ 17.993766] Memory state around the buggy address: [ 17.994384] fff00000c6559e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.994715] fff00000c6559e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.995038] >fff00000c6559f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.995360] ^ [ 17.995559] fff00000c6559f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.995885] fff00000c655a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.996820] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.933786] ================================================================== [ 17.934475] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x420/0x490 [ 17.935101] Write of size 1 at addr fff00000c5a72878 by task kunit_try_catch/132 [ 17.935659] [ 17.935969] CPU: 1 UID: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.936355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.936422] Hardware name: linux,dummy-virt (DT) [ 17.936491] Call trace: [ 17.936542] show_stack+0x20/0x38 (C) [ 17.936666] dump_stack_lvl+0x8c/0xd0 [ 17.936765] print_report+0x118/0x608 [ 17.936860] kasan_report+0xdc/0x128 [ 17.936966] __asan_report_store1_noabort+0x20/0x30 [ 17.937079] kmalloc_track_caller_oob_right+0x420/0x490 [ 17.937138] kunit_try_run_case+0x170/0x3f0 [ 17.937224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.937282] kthread+0x318/0x620 [ 17.937333] ret_from_fork+0x10/0x20 [ 17.937391] [ 17.943899] Allocated by task 132: [ 17.944398] kasan_save_stack+0x3c/0x68 [ 17.944860] kasan_save_track+0x20/0x40 [ 17.945395] kasan_save_alloc_info+0x40/0x58 [ 17.945924] __kasan_kmalloc+0xd4/0xd8 [ 17.946400] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.946830] kmalloc_track_caller_oob_right+0x184/0x490 [ 17.947238] kunit_try_run_case+0x170/0x3f0 [ 17.947568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.947961] kthread+0x318/0x620 [ 17.949101] ret_from_fork+0x10/0x20 [ 17.949375] [ 17.949711] The buggy address belongs to the object at fff00000c5a72800 [ 17.949711] which belongs to the cache kmalloc-128 of size 128 [ 17.951020] The buggy address is located 0 bytes to the right of [ 17.951020] allocated 120-byte region [fff00000c5a72800, fff00000c5a72878) [ 17.951986] [ 17.952297] The buggy address belongs to the physical page: [ 17.952784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 17.953490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.954071] page_type: f5(slab) [ 17.954454] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.955359] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.956465] page dumped because: kasan: bad access detected [ 17.956973] [ 17.957242] Memory state around the buggy address: [ 17.957776] fff00000c5a72700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.958396] fff00000c5a72780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.958945] >fff00000c5a72800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.959462] ^ [ 17.960002] fff00000c5a72880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.961022] fff00000c5a72900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.961622] ================================================================== [ 17.905086] ================================================================== [ 17.905741] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x414/0x490 [ 17.906753] Write of size 1 at addr fff00000c5a72778 by task kunit_try_catch/132 [ 17.907352] [ 17.907637] CPU: 1 UID: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.907817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.907880] Hardware name: linux,dummy-virt (DT) [ 17.907946] Call trace: [ 17.907997] show_stack+0x20/0x38 (C) [ 17.908113] dump_stack_lvl+0x8c/0xd0 [ 17.909034] print_report+0x118/0x608 [ 17.909141] kasan_report+0xdc/0x128 [ 17.909257] __asan_report_store1_noabort+0x20/0x30 [ 17.909368] kmalloc_track_caller_oob_right+0x414/0x490 [ 17.909481] kunit_try_run_case+0x170/0x3f0 [ 17.909603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.909730] kthread+0x318/0x620 [ 17.909810] ret_from_fork+0x10/0x20 [ 17.909868] [ 17.914165] Allocated by task 132: [ 17.915522] kasan_save_stack+0x3c/0x68 [ 17.915932] kasan_save_track+0x20/0x40 [ 17.916255] kasan_save_alloc_info+0x40/0x58 [ 17.916591] __kasan_kmalloc+0xd4/0xd8 [ 17.917039] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.917672] kmalloc_track_caller_oob_right+0xa8/0x490 [ 17.918237] kunit_try_run_case+0x170/0x3f0 [ 17.918692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.919234] kthread+0x318/0x620 [ 17.919532] ret_from_fork+0x10/0x20 [ 17.919903] [ 17.920105] The buggy address belongs to the object at fff00000c5a72700 [ 17.920105] which belongs to the cache kmalloc-128 of size 128 [ 17.921376] The buggy address is located 0 bytes to the right of [ 17.921376] allocated 120-byte region [fff00000c5a72700, fff00000c5a72778) [ 17.922147] [ 17.923280] The buggy address belongs to the physical page: [ 17.923585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a72 [ 17.924337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.924876] page_type: f5(slab) [ 17.925223] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.925889] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.926764] page dumped because: kasan: bad access detected [ 17.927302] [ 17.927536] Memory state around the buggy address: [ 17.927924] fff00000c5a72600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.928472] fff00000c5a72680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.929022] >fff00000c5a72700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.929577] ^ [ 17.931095] fff00000c5a72780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.931684] fff00000c5a72800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.932212] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.869336] ================================================================== [ 17.870455] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.870971] Read of size 1 at addr fff00000c64e7000 by task kunit_try_catch/130 [ 17.871571] [ 17.871841] CPU: 1 UID: 0 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.872028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.872087] Hardware name: linux,dummy-virt (DT) [ 17.872194] Call trace: [ 17.872252] show_stack+0x20/0x38 (C) [ 17.872376] dump_stack_lvl+0x8c/0xd0 [ 17.872484] print_report+0x118/0x608 [ 17.872586] kasan_report+0xdc/0x128 [ 17.872673] __asan_report_load1_noabort+0x20/0x30 [ 17.872758] kmalloc_node_oob_right+0x2f4/0x330 [ 17.872878] kunit_try_run_case+0x170/0x3f0 [ 17.872995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.873100] kthread+0x318/0x620 [ 17.873200] ret_from_fork+0x10/0x20 [ 17.873297] [ 17.877575] Allocated by task 130: [ 17.877939] kasan_save_stack+0x3c/0x68 [ 17.878367] kasan_save_track+0x20/0x40 [ 17.878653] kasan_save_alloc_info+0x40/0x58 [ 17.878942] __kasan_kmalloc+0xd4/0xd8 [ 17.879238] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.879786] kmalloc_node_oob_right+0xbc/0x330 [ 17.880363] kunit_try_run_case+0x170/0x3f0 [ 17.880842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.881410] kthread+0x318/0x620 [ 17.881755] ret_from_fork+0x10/0x20 [ 17.882172] [ 17.882378] The buggy address belongs to the object at fff00000c64e6000 [ 17.882378] which belongs to the cache kmalloc-4k of size 4096 [ 17.883000] The buggy address is located 0 bytes to the right of [ 17.883000] allocated 4096-byte region [fff00000c64e6000, fff00000c64e7000) [ 17.884034] [ 17.884300] The buggy address belongs to the physical page: [ 17.884810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064e0 [ 17.885497] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.886270] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.887042] page_type: f5(slab) [ 17.887473] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.887965] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.888592] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.889025] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.889746] head: 0bfffe0000000003 ffffc1ffc3193801 ffffffffffffffff 0000000000000000 [ 17.890579] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 17.891242] page dumped because: kasan: bad access detected [ 17.891729] [ 17.891888] Memory state around the buggy address: [ 17.892375] fff00000c64e6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.892914] fff00000c64e6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.893448] >fff00000c64e7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894139] ^ [ 17.894458] fff00000c64e7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895092] fff00000c64e7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895764] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.826081] ================================================================== [ 17.827620] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.828507] Read of size 1 at addr fff00000c3e6061f by task kunit_try_catch/128 [ 17.829118] [ 17.829464] CPU: 0 UID: 0 PID: 128 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.829677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.829743] Hardware name: linux,dummy-virt (DT) [ 17.829823] Call trace: [ 17.829880] show_stack+0x20/0x38 (C) [ 17.830010] dump_stack_lvl+0x8c/0xd0 [ 17.830128] print_report+0x118/0x608 [ 17.830275] kasan_report+0xdc/0x128 [ 17.830365] __asan_report_load1_noabort+0x20/0x30 [ 17.830460] kmalloc_oob_left+0x2ec/0x320 [ 17.830552] kunit_try_run_case+0x170/0x3f0 [ 17.830607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.830663] kthread+0x318/0x620 [ 17.830713] ret_from_fork+0x10/0x20 [ 17.830767] [ 17.835435] Allocated by task 29: [ 17.835696] kasan_save_stack+0x3c/0x68 [ 17.835991] kasan_save_track+0x20/0x40 [ 17.836438] kasan_save_alloc_info+0x40/0x58 [ 17.836938] __kasan_kmalloc+0xd4/0xd8 [ 17.839310] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.839728] kstrdup+0x54/0xc8 [ 17.840002] devtmpfs_work_loop+0x398/0x5b0 [ 17.840332] devtmpfsd+0x50/0x58 [ 17.840620] kthread+0x318/0x620 [ 17.840910] ret_from_fork+0x10/0x20 [ 17.841617] [ 17.843664] Freed by task 29: [ 17.844126] kasan_save_stack+0x3c/0x68 [ 17.844655] kasan_save_track+0x20/0x40 [ 17.845100] kasan_save_free_info+0x4c/0x78 [ 17.846519] __kasan_slab_free+0x6c/0x98 [ 17.846843] kfree+0x214/0x3c8 [ 17.847080] devtmpfs_work_loop+0x4b8/0x5b0 [ 17.847385] devtmpfsd+0x50/0x58 [ 17.847627] kthread+0x318/0x620 [ 17.847997] ret_from_fork+0x10/0x20 [ 17.848581] [ 17.848803] The buggy address belongs to the object at fff00000c3e60600 [ 17.848803] which belongs to the cache kmalloc-16 of size 16 [ 17.849445] The buggy address is located 15 bytes to the right of [ 17.849445] allocated 16-byte region [fff00000c3e60600, fff00000c3e60610) [ 17.850615] [ 17.850844] The buggy address belongs to the physical page: [ 17.851202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e60 [ 17.851942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.852550] page_type: f5(slab) [ 17.852983] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.853772] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.854531] page dumped because: kasan: bad access detected [ 17.854851] [ 17.855035] Memory state around the buggy address: [ 17.855376] fff00000c3e60500: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 17.856039] fff00000c3e60580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.856649] >fff00000c3e60600: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 17.857147] ^ [ 17.857482] fff00000c3e60680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.858483] fff00000c3e60700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.859201] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.763138] ================================================================== [ 17.763554] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.764336] Write of size 1 at addr fff00000c3e3ee78 by task kunit_try_catch/126 [ 17.765362] [ 17.765818] CPU: 0 UID: 0 PID: 126 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.766349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.766391] Hardware name: linux,dummy-virt (DT) [ 17.766433] Call trace: [ 17.766460] show_stack+0x20/0x38 (C) [ 17.766529] dump_stack_lvl+0x8c/0xd0 [ 17.766584] print_report+0x118/0x608 [ 17.766637] kasan_report+0xdc/0x128 [ 17.766686] __asan_report_store1_noabort+0x20/0x30 [ 17.766735] kmalloc_oob_right+0x538/0x660 [ 17.766782] kunit_try_run_case+0x170/0x3f0 [ 17.766830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.766882] kthread+0x318/0x620 [ 17.766927] ret_from_fork+0x10/0x20 [ 17.766978] [ 17.772443] Allocated by task 126: [ 17.772790] kasan_save_stack+0x3c/0x68 [ 17.773730] kasan_save_track+0x20/0x40 [ 17.774523] kasan_save_alloc_info+0x40/0x58 [ 17.774902] __kasan_kmalloc+0xd4/0xd8 [ 17.775475] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.776059] kmalloc_oob_right+0xb0/0x660 [ 17.776625] kunit_try_run_case+0x170/0x3f0 [ 17.777209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.777693] kthread+0x318/0x620 [ 17.777994] ret_from_fork+0x10/0x20 [ 17.778873] [ 17.779390] The buggy address belongs to the object at fff00000c3e3ee00 [ 17.779390] which belongs to the cache kmalloc-128 of size 128 [ 17.780393] The buggy address is located 5 bytes to the right of [ 17.780393] allocated 115-byte region [fff00000c3e3ee00, fff00000c3e3ee73) [ 17.781242] [ 17.781720] The buggy address belongs to the physical page: [ 17.782052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e3e [ 17.783075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.783775] page_type: f5(slab) [ 17.784232] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.784818] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.785375] page dumped because: kasan: bad access detected [ 17.785991] [ 17.786295] Memory state around the buggy address: [ 17.786559] fff00000c3e3ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.786882] fff00000c3e3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.787214] >fff00000c3e3ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.787855] ^ [ 17.788562] fff00000c3e3ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.789309] fff00000c3e3ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.789984] ================================================================== [ 17.725995] ================================================================== [ 17.727661] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.729231] Write of size 1 at addr fff00000c3e3ee73 by task kunit_try_catch/126 [ 17.730743] [ 17.732206] CPU: 0 UID: 0 PID: 126 Comm: kunit_try_catch Tainted: G N 6.14.10-rc1 #1 [ 17.732733] Tainted: [N]=TEST [ 17.732776] Hardware name: linux,dummy-virt (DT) [ 17.733089] Call trace: [ 17.733288] show_stack+0x20/0x38 (C) [ 17.733474] dump_stack_lvl+0x8c/0xd0 [ 17.733565] print_report+0x118/0x608 [ 17.733625] kasan_report+0xdc/0x128 [ 17.733678] __asan_report_store1_noabort+0x20/0x30 [ 17.733732] kmalloc_oob_right+0x5a4/0x660 [ 17.733783] kunit_try_run_case+0x170/0x3f0 [ 17.733839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.733896] kthread+0x318/0x620 [ 17.733950] ret_from_fork+0x10/0x20 [ 17.734243] [ 17.740416] Allocated by task 126: [ 17.741095] kasan_save_stack+0x3c/0x68 [ 17.741581] kasan_save_track+0x20/0x40 [ 17.741959] kasan_save_alloc_info+0x40/0x58 [ 17.742742] __kasan_kmalloc+0xd4/0xd8 [ 17.743281] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.743878] kmalloc_oob_right+0xb0/0x660 [ 17.744448] kunit_try_run_case+0x170/0x3f0 [ 17.744993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.745627] kthread+0x318/0x620 [ 17.745959] ret_from_fork+0x10/0x20 [ 17.746641] [ 17.747131] The buggy address belongs to the object at fff00000c3e3ee00 [ 17.747131] which belongs to the cache kmalloc-128 of size 128 [ 17.748199] The buggy address is located 0 bytes to the right of [ 17.748199] allocated 115-byte region [fff00000c3e3ee00, fff00000c3e3ee73) [ 17.748820] [ 17.749083] The buggy address belongs to the physical page: [ 17.749649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e3e [ 17.751598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.752384] page_type: f5(slab) [ 17.753319] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.753918] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.754911] page dumped because: kasan: bad access detected [ 17.755322] [ 17.755487] Memory state around the buggy address: [ 17.756001] fff00000c3e3ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.756380] fff00000c3e3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756724] >fff00000c3e3ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.757066] ^ [ 17.758923] fff00000c3e3ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.759388] fff00000c3e3ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.759993] ================================================================== [ 17.791373] ================================================================== [ 17.791977] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.792643] Read of size 1 at addr fff00000c3e3ee80 by task kunit_try_catch/126 [ 17.793226] [ 17.793501] CPU: 0 UID: 0 PID: 126 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.793690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.793736] Hardware name: linux,dummy-virt (DT) [ 17.793793] Call trace: [ 17.793837] show_stack+0x20/0x38 (C) [ 17.793956] dump_stack_lvl+0x8c/0xd0 [ 17.794172] print_report+0x118/0x608 [ 17.794296] kasan_report+0xdc/0x128 [ 17.794414] __asan_report_load1_noabort+0x20/0x30 [ 17.794540] kmalloc_oob_right+0x5d0/0x660 [ 17.794659] kunit_try_run_case+0x170/0x3f0 [ 17.794782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.794900] kthread+0x318/0x620 [ 17.795041] ret_from_fork+0x10/0x20 [ 17.795177] [ 17.800443] Allocated by task 126: [ 17.800863] kasan_save_stack+0x3c/0x68 [ 17.801448] kasan_save_track+0x20/0x40 [ 17.801988] kasan_save_alloc_info+0x40/0x58 [ 17.802753] __kasan_kmalloc+0xd4/0xd8 [ 17.803064] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.803625] kmalloc_oob_right+0xb0/0x660 [ 17.804046] kunit_try_run_case+0x170/0x3f0 [ 17.804481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.804969] kthread+0x318/0x620 [ 17.805345] ret_from_fork+0x10/0x20 [ 17.805753] [ 17.806042] The buggy address belongs to the object at fff00000c3e3ee00 [ 17.806042] which belongs to the cache kmalloc-128 of size 128 [ 17.806912] The buggy address is located 13 bytes to the right of [ 17.806912] allocated 115-byte region [fff00000c3e3ee00, fff00000c3e3ee73) [ 17.807777] [ 17.807993] The buggy address belongs to the physical page: [ 17.808741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e3e [ 17.809408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.810130] page_type: f5(slab) [ 17.810731] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.811192] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.811968] page dumped because: kasan: bad access detected [ 17.812479] [ 17.812756] Memory state around the buggy address: [ 17.813247] fff00000c3e3ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.813963] fff00000c3e3ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.815481] >fff00000c3e3ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.816122] ^ [ 17.816472] fff00000c3e3ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.817004] fff00000c3e3ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.817472] ==================================================================