Date
Feb. 5, 2025, 2:09 p.m.
Failure - log-parser-test - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob: Failure
[ 148.108763] ================================================================== [ 148.109494] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x10c/0x300 [ 148.110153] Read of size 1 at addr f18f57f8 by task kunit_try_catch/214 [ 148.110831] [ 148.111192] CPU: 1 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 148.112103] Hardware name: Generic DT based system [ 148.112616] unwind_backtrace from show_stack+0x18/0x1c [ 148.113310] show_stack from dump_stack_lvl+0x58/0x70 [ 148.113927] dump_stack_lvl from print_report+0x164/0x51c [ 148.114651] print_report from kasan_report+0xc8/0x104 [ 148.115386] kasan_report from vmalloc_oob+0x10c/0x300 [ 148.116036] vmalloc_oob from kunit_try_run_case+0x11c/0x2e4 [ 148.117301] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 148.118412] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 148.119447] kthread from ret_from_fork+0x14/0x30 [ 148.120279] Exception stack(0xfa16bfb0 to 0xfa16bff8) [ 148.120920] bfa0: 00000000 00000000 00000000 00000000 [ 148.122119] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 148.123251] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 148.123998] [ 148.124309] The buggy address belongs to the virtual mapping at [ 148.124309] [f18f5000, f18f7000) created by: [ 148.124309] vmalloc_oob+0x88/0x300 [ 148.126696] [ 148.127101] The buggy address belongs to the physical page: [ 148.127988] page:f9d81564 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fbf2 [ 148.128868] flags: 0x80000000(zone=2) [ 148.129336] page_type: 0xffffffff() [ 148.129946] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 148.130754] raw: 00000000 [ 148.131214] page dumped because: kasan: bad access detected [ 148.131840] [ 148.132153] Memory state around the buggy address: [ 148.132707] f18f5680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 148.133518] f18f5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 148.134415] >f18f5780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 148.135097] ^ [ 148.135945] f18f5800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 148.136586] f18f5880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 148.137399] ================================================================== [ 148.078310] ================================================================== [ 148.079628] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xd8/0x300 [ 148.080256] Read of size 1 at addr f18f57f3 by task kunit_try_catch/214 [ 148.081020] [ 148.081276] CPU: 1 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 148.082179] Hardware name: Generic DT based system [ 148.082802] unwind_backtrace from show_stack+0x18/0x1c [ 148.083551] show_stack from dump_stack_lvl+0x58/0x70 [ 148.084330] dump_stack_lvl from print_report+0x164/0x51c [ 148.085022] print_report from kasan_report+0xc8/0x104 [ 148.085710] kasan_report from vmalloc_oob+0xd8/0x300 [ 148.086396] vmalloc_oob from kunit_try_run_case+0x11c/0x2e4 [ 148.087179] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 148.088103] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 148.089154] kthread from ret_from_fork+0x14/0x30 [ 148.089893] Exception stack(0xfa16bfb0 to 0xfa16bff8) [ 148.090464] bfa0: 00000000 00000000 00000000 00000000 [ 148.091470] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 148.092341] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 148.093036] [ 148.093334] The buggy address belongs to the virtual mapping at [ 148.093334] [f18f5000, f18f7000) created by: [ 148.093334] vmalloc_oob+0x88/0x300 [ 148.094723] [ 148.095018] The buggy address belongs to the physical page: [ 148.095784] page:f9d81564 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fbf2 [ 148.097024] flags: 0x80000000(zone=2) [ 148.097559] page_type: 0xffffffff() [ 148.098193] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 148.099148] raw: 00000000 [ 148.099503] page dumped because: kasan: bad access detected [ 148.100246] [ 148.100481] Memory state around the buggy address: [ 148.101104] f18f5680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 148.101925] f18f5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 148.102623] >f18f5780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 148.103414] ^ [ 148.104122] f18f5800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 148.104821] f18f5880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 148.105550] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
[ 148.019760] ================================================================== [ 148.020930] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x14c/0x264 [ 148.021672] Read of size 4 at addr c8fbdd00 by task kunit_try_catch/209 [ 148.022446] [ 148.022708] CPU: 1 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 148.023589] Hardware name: Generic DT based system [ 148.024135] unwind_backtrace from show_stack+0x18/0x1c [ 148.024787] show_stack from dump_stack_lvl+0x58/0x70 [ 148.025408] dump_stack_lvl from print_report+0x164/0x51c [ 148.026174] print_report from kasan_report+0xc8/0x104 [ 148.026869] kasan_report from workqueue_uaf+0x14c/0x264 [ 148.027606] workqueue_uaf from kunit_try_run_case+0x11c/0x2e4 [ 148.028403] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 148.029494] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 148.030292] kthread from ret_from_fork+0x14/0x30 [ 148.031112] Exception stack(0xfa143fb0 to 0xfa143ff8) [ 148.031843] 3fa0: 00000000 00000000 00000000 00000000 [ 148.032716] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 148.033596] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 148.034309] [ 148.034551] Allocated by task 209: [ 148.034946] kasan_set_track+0x3c/0x5c [ 148.035528] __kasan_kmalloc+0x8c/0x94 [ 148.036156] workqueue_uaf+0xcc/0x264 [ 148.036584] kunit_try_run_case+0x11c/0x2e4 [ 148.037297] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 148.038084] kthread+0x184/0x1a8 [ 148.038690] ret_from_fork+0x14/0x30 [ 148.039264] [ 148.039587] Freed by task 33: [ 148.040027] kasan_set_track+0x3c/0x5c [ 148.040544] kasan_save_free_info+0x30/0x3c [ 148.041174] __kasan_slab_free+0xdc/0x124 [ 148.041765] __kmem_cache_free+0x140/0x2a8 [ 148.042396] process_one_work+0x2e4/0x678 [ 148.042952] worker_thread+0x4d8/0x828 [ 148.043408] kthread+0x184/0x1a8 [ 148.044007] ret_from_fork+0x14/0x30 [ 148.044466] [ 148.044821] Last potentially related work creation: [ 148.045418] kasan_save_stack+0x30/0x4c [ 148.046293] __kasan_record_aux_stack+0x84/0x8c [ 148.046992] __queue_work+0x2a8/0x9b8 [ 148.047589] queue_work_on+0x98/0x9c [ 148.048101] workqueue_uaf+0x128/0x264 [ 148.048944] kunit_try_run_case+0x11c/0x2e4 [ 148.049287] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 148.049632] kthread+0x184/0x1a8 [ 148.049862] ret_from_fork+0x14/0x30 [ 148.050168] [ 148.050374] The buggy address belongs to the object at c8fbdd00 [ 148.050374] which belongs to the cache kmalloc-64 of size 64 [ 148.051707] The buggy address is located 0 bytes inside of [ 148.051707] freed 64-byte region [c8fbdd00, c8fbdd40) [ 148.053307] [ 148.053556] The buggy address belongs to the physical page: [ 148.054348] page:652e16b7 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fbd [ 148.055350] flags: 0x800(slab|zone=0) [ 148.055982] page_type: 0xffffffff() [ 148.056789] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 148.057956] raw: 00000000 [ 148.058369] page dumped because: kasan: bad access detected [ 148.059092] [ 148.059397] Memory state around the buggy address: [ 148.059909] c8fbdc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 148.060917] c8fbdc80: 00 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc [ 148.061744] >c8fbdd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 148.062616] ^ [ 148.063322] c8fbdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 148.064073] c8fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 148.064829] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
[ 147.957421] ================================================================== [ 147.958802] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x24/0x2c [ 147.959768] Read of size 4 at addr c8fbdb80 by task ksoftirqd/1/20 [ 147.960489] [ 147.960812] CPU: 1 PID: 20 Comm: ksoftirqd/1 Tainted: G B N 6.6.76-rc1 #1 [ 147.961700] Hardware name: Generic DT based system [ 147.962307] unwind_backtrace from show_stack+0x18/0x1c [ 147.962890] show_stack from dump_stack_lvl+0x58/0x70 [ 147.963689] dump_stack_lvl from print_report+0x164/0x51c [ 147.964706] print_report from kasan_report+0xc8/0x104 [ 147.965465] kasan_report from rcu_uaf_reclaim+0x24/0x2c [ 147.966769] rcu_uaf_reclaim from rcu_core+0x418/0xc84 [ 147.967509] rcu_core from handle_softirqs+0x23c/0x5fc [ 147.968330] handle_softirqs from run_ksoftirqd+0x50/0x68 [ 147.969123] run_ksoftirqd from smpboot_thread_fn+0x154/0x258 [ 147.969963] smpboot_thread_fn from kthread+0x184/0x1a8 [ 147.970728] kthread from ret_from_fork+0x14/0x30 [ 147.971388] Exception stack(0xf186bfb0 to 0xf186bff8) [ 147.972140] bfa0: 00000000 00000000 00000000 00000000 [ 147.973158] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.974085] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.974886] [ 147.975207] Allocated by task 207: [ 147.975555] kasan_set_track+0x3c/0x5c [ 147.976811] __kasan_kmalloc+0x8c/0x94 [ 147.977390] rcu_uaf+0xa0/0x1dc [ 147.977810] kunit_try_run_case+0x11c/0x2e4 [ 147.978490] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.979306] kthread+0x184/0x1a8 [ 147.979774] ret_from_fork+0x14/0x30 [ 147.980360] [ 147.980661] Freed by task 20: [ 147.981164] kasan_set_track+0x3c/0x5c [ 147.981838] kasan_save_free_info+0x30/0x3c [ 147.982412] __kasan_slab_free+0xdc/0x124 [ 147.983209] __kmem_cache_free+0x140/0x2a8 [ 147.983814] rcu_uaf_reclaim+0x1c/0x2c [ 147.984478] rcu_core+0x418/0xc84 [ 147.985028] handle_softirqs+0x23c/0x5fc [ 147.985634] run_ksoftirqd+0x50/0x68 [ 147.986170] smpboot_thread_fn+0x154/0x258 [ 147.986816] kthread+0x184/0x1a8 [ 147.987495] ret_from_fork+0x14/0x30 [ 147.988103] [ 147.988458] Last potentially related work creation: [ 147.989036] kasan_save_stack+0x30/0x4c [ 147.989650] __kasan_record_aux_stack+0x84/0x8c [ 147.990431] __call_rcu_common.constprop.0+0x44/0x59c [ 147.991213] rcu_uaf+0xdc/0x1dc [ 147.991689] kunit_try_run_case+0x11c/0x2e4 [ 147.992354] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.993164] kthread+0x184/0x1a8 [ 147.993629] ret_from_fork+0x14/0x30 [ 147.994190] [ 147.994573] The buggy address belongs to the object at c8fbdb80 [ 147.994573] which belongs to the cache kmalloc-64 of size 64 [ 147.996029] The buggy address is located 0 bytes inside of [ 147.996029] freed 64-byte region [c8fbdb80, c8fbdbc0) [ 147.997738] [ 147.998078] The buggy address belongs to the physical page: [ 147.998715] page:652e16b7 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fbd [ 147.999773] flags: 0x800(slab|zone=0) [ 148.000284] page_type: 0xffffffff() [ 148.000887] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 148.001705] raw: 00000000 [ 148.002140] page dumped because: kasan: bad access detected [ 148.002719] [ 148.003083] Memory state around the buggy address: [ 148.003667] c8fbda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 148.004502] c8fbdb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 148.005285] >c8fbdb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 148.005993] ^ [ 148.006337] c8fbdc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 148.007230] c8fbdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 148.007856] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-use-after-free-in-pagealloc_uaf: Failure
[ 144.524339] ================================================================== [ 144.526095] BUG: KASAN: use-after-free in pagealloc_uaf+0xc8/0x1cc [ 144.526985] Read of size 1 at addr c8f40000 by task kunit_try_catch/125 [ 144.527519] [ 144.527735] CPU: 0 PID: 125 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.529318] Hardware name: Generic DT based system [ 144.530379] unwind_backtrace from show_stack+0x18/0x1c [ 144.531227] show_stack from dump_stack_lvl+0x58/0x70 [ 144.531943] dump_stack_lvl from print_report+0x164/0x51c [ 144.532836] print_report from kasan_report+0xc8/0x104 [ 144.533598] kasan_report from pagealloc_uaf+0xc8/0x1cc [ 144.534476] pagealloc_uaf from kunit_try_run_case+0x11c/0x2e4 [ 144.535521] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.536904] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.537725] kthread from ret_from_fork+0x14/0x30 [ 144.538330] Exception stack(0xf9ef3fb0 to 0xf9ef3ff8) [ 144.538932] 3fa0: 00000000 00000000 00000000 00000000 [ 144.539780] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.540618] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.541381] [ 144.541631] The buggy address belongs to the physical page: [ 144.542124] page:255cd0fe refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x48f40 [ 144.543188] flags: 0x0(zone=0) [ 144.543542] page_type: 0xffffff7f(buddy) [ 144.544264] raw: 00000000 c40f8ef8 c40f8ef8 00000000 00000000 00000006 ffffff7f 00000000 [ 144.545081] raw: 00000000 [ 144.545439] page dumped because: kasan: bad access detected [ 144.546194] [ 144.546481] Memory state around the buggy address: [ 144.547301] c8f3ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.548175] c8f3ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.548837] >c8f40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.549626] ^ [ 144.549934] c8f40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.550770] c8f40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.551494] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-double-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-double-free-in-kmalloc_double_kzfree: Failure
[ 147.885949] ================================================================== [ 147.886861] BUG: KASAN: double-free in kmalloc_double_kzfree+0xd0/0x1cc [ 147.887588] Free of addr c8fbdb00 by task kunit_try_catch/205 [ 147.888146] [ 147.888464] CPU: 1 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.889346] Hardware name: Generic DT based system [ 147.889857] unwind_backtrace from show_stack+0x18/0x1c [ 147.890558] show_stack from dump_stack_lvl+0x58/0x70 [ 147.891262] dump_stack_lvl from print_report+0x164/0x51c [ 147.891811] print_report from kasan_report_invalid_free+0xb4/0xe8 [ 147.892659] kasan_report_invalid_free from __kasan_slab_free+0xfc/0x124 [ 147.893609] __kasan_slab_free from __kmem_cache_free+0x140/0x2a8 [ 147.894489] __kmem_cache_free from kmalloc_double_kzfree+0xd0/0x1cc [ 147.895302] kmalloc_double_kzfree from kunit_try_run_case+0x11c/0x2e4 [ 147.896530] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.897590] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.898453] kthread from ret_from_fork+0x14/0x30 [ 147.899075] Exception stack(0xfa123fb0 to 0xfa123ff8) [ 147.899687] 3fa0: 00000000 00000000 00000000 00000000 [ 147.900652] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.901520] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.902296] [ 147.902527] Allocated by task 205: [ 147.902959] kasan_set_track+0x3c/0x5c [ 147.903547] __kasan_kmalloc+0x8c/0x94 [ 147.904016] kmalloc_double_kzfree+0xa0/0x1cc [ 147.904711] kunit_try_run_case+0x11c/0x2e4 [ 147.905248] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.906449] kthread+0x184/0x1a8 [ 147.906892] ret_from_fork+0x14/0x30 [ 147.907310] [ 147.907646] Freed by task 205: [ 147.908154] kasan_set_track+0x3c/0x5c [ 147.908701] kasan_save_free_info+0x30/0x3c [ 147.909444] __kasan_slab_free+0xdc/0x124 [ 147.910015] __kmem_cache_free+0x140/0x2a8 [ 147.910583] kmalloc_double_kzfree+0xbc/0x1cc [ 147.911139] kunit_try_run_case+0x11c/0x2e4 [ 147.911767] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.912493] kthread+0x184/0x1a8 [ 147.912881] ret_from_fork+0x14/0x30 [ 147.913446] [ 147.913761] The buggy address belongs to the object at c8fbdb00 [ 147.913761] which belongs to the cache kmalloc-64 of size 64 [ 147.914998] The buggy address is located 0 bytes inside of [ 147.914998] 64-byte region [c8fbdb00, c8fbdb40) [ 147.916403] [ 147.916674] The buggy address belongs to the physical page: [ 147.917167] page:652e16b7 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fbd [ 147.918228] flags: 0x800(slab|zone=0) [ 147.918782] page_type: 0xffffffff() [ 147.919309] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.920188] raw: 00000000 [ 147.920527] page dumped because: kasan: bad access detected [ 147.921197] [ 147.921545] Memory state around the buggy address: [ 147.922139] c8fbda00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.922862] c8fbda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.923676] >c8fbdb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.924403] ^ [ 147.924812] c8fbdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.925512] c8fbdc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.926623] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
[ 147.839008] ================================================================== [ 147.840706] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0xd0/0x1cc [ 147.841494] Read of size 1 at addr c8fbdb00 by task kunit_try_catch/205 [ 147.842152] [ 147.842376] CPU: 1 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.843248] Hardware name: Generic DT based system [ 147.843778] unwind_backtrace from show_stack+0x18/0x1c [ 147.844523] show_stack from dump_stack_lvl+0x58/0x70 [ 147.845107] dump_stack_lvl from print_report+0x164/0x51c [ 147.845900] print_report from kasan_report+0xc8/0x104 [ 147.846880] kasan_report from __kasan_check_byte+0x34/0x3c [ 147.847764] __kasan_check_byte from kfree_sensitive+0x20/0x6c [ 147.848632] kfree_sensitive from kmalloc_double_kzfree+0xd0/0x1cc [ 147.849402] kmalloc_double_kzfree from kunit_try_run_case+0x11c/0x2e4 [ 147.850475] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.851561] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.852478] kthread from ret_from_fork+0x14/0x30 [ 147.853146] Exception stack(0xfa123fb0 to 0xfa123ff8) [ 147.853778] 3fa0: 00000000 00000000 00000000 00000000 [ 147.854617] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.856010] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.857068] [ 147.857354] Allocated by task 205: [ 147.857806] kasan_set_track+0x3c/0x5c [ 147.858490] __kasan_kmalloc+0x8c/0x94 [ 147.859169] kmalloc_double_kzfree+0xa0/0x1cc [ 147.859794] kunit_try_run_case+0x11c/0x2e4 [ 147.860471] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.861352] kthread+0x184/0x1a8 [ 147.861867] ret_from_fork+0x14/0x30 [ 147.862335] [ 147.862669] Freed by task 205: [ 147.863334] kasan_set_track+0x3c/0x5c [ 147.863841] kasan_save_free_info+0x30/0x3c [ 147.864708] __kasan_slab_free+0xdc/0x124 [ 147.865327] __kmem_cache_free+0x140/0x2a8 [ 147.866200] kmalloc_double_kzfree+0xbc/0x1cc [ 147.866745] kunit_try_run_case+0x11c/0x2e4 [ 147.867442] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.868122] kthread+0x184/0x1a8 [ 147.868584] ret_from_fork+0x14/0x30 [ 147.869189] [ 147.869445] The buggy address belongs to the object at c8fbdb00 [ 147.869445] which belongs to the cache kmalloc-64 of size 64 [ 147.870686] The buggy address is located 0 bytes inside of [ 147.870686] freed 64-byte region [c8fbdb00, c8fbdb40) [ 147.871901] [ 147.872172] The buggy address belongs to the physical page: [ 147.872876] page:652e16b7 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fbd [ 147.873995] flags: 0x800(slab|zone=0) [ 147.874472] page_type: 0xffffffff() [ 147.875037] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.875951] raw: 00000000 [ 147.876502] page dumped because: kasan: bad access detected [ 147.877548] [ 147.877861] Memory state around the buggy address: [ 147.878498] c8fbda00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.879243] c8fbda80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.880018] >c8fbdb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.880741] ^ [ 147.881047] c8fbdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.881793] c8fbdc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.882557] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_generic
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_generic: Failure
[ 147.338981] ================================================================== [ 147.340787] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x168/0xc30 [ 147.341256] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.341955] [ 147.342249] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.343131] Hardware name: Generic DT based system [ 147.343684] unwind_backtrace from show_stack+0x18/0x1c [ 147.344335] show_stack from dump_stack_lvl+0x58/0x70 [ 147.345020] dump_stack_lvl from print_report+0x164/0x51c [ 147.345706] print_report from kasan_report+0xc8/0x104 [ 147.346391] kasan_report from kasan_bitops_generic+0x168/0xc30 [ 147.347209] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.347965] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.349340] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.350187] kthread from ret_from_fork+0x14/0x30 [ 147.350789] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.351483] bfa0: 00000000 00000000 00000000 00000000 [ 147.352412] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.353377] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.354184] [ 147.354545] Allocated by task 201: [ 147.355009] kasan_set_track+0x3c/0x5c [ 147.355526] __kasan_kmalloc+0x8c/0x94 [ 147.356361] kasan_bitops_generic+0xa0/0xc30 [ 147.356908] kunit_try_run_case+0x11c/0x2e4 [ 147.357442] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.358294] kthread+0x184/0x1a8 [ 147.358799] ret_from_fork+0x14/0x30 [ 147.359449] [ 147.359674] The buggy address belongs to the object at c8fbac80 [ 147.359674] which belongs to the cache kmalloc-64 of size 64 [ 147.360899] The buggy address is located 4 bytes inside of [ 147.360899] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.362135] [ 147.362419] The buggy address belongs to the physical page: [ 147.363006] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.363780] flags: 0x800(slab|zone=0) [ 147.364502] page_type: 0xffffffff() [ 147.364926] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.366087] raw: 00000000 [ 147.366455] page dumped because: kasan: bad access detected [ 147.367141] [ 147.367368] Memory state around the buggy address: [ 147.367953] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.368912] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.369828] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.370545] ^ [ 147.370975] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.371758] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.372427] ================================================================== [ 147.718512] ================================================================== [ 147.720525] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x404/0xc30 [ 147.721269] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.721838] [ 147.722190] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.723132] Hardware name: Generic DT based system [ 147.723608] unwind_backtrace from show_stack+0x18/0x1c [ 147.724444] show_stack from dump_stack_lvl+0x58/0x70 [ 147.725048] dump_stack_lvl from print_report+0x164/0x51c [ 147.725977] print_report from kasan_report+0xc8/0x104 [ 147.726539] kasan_report from kasan_bitops_generic+0x404/0xc30 [ 147.727379] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.728289] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.729357] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.730238] kthread from ret_from_fork+0x14/0x30 [ 147.730814] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.731520] bfa0: 00000000 00000000 00000000 00000000 [ 147.732471] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.733347] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.734067] [ 147.734364] Allocated by task 201: [ 147.734803] kasan_set_track+0x3c/0x5c [ 147.735287] __kasan_kmalloc+0x8c/0x94 [ 147.735882] kasan_bitops_generic+0xa0/0xc30 [ 147.736548] kunit_try_run_case+0x11c/0x2e4 [ 147.737348] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.738137] kthread+0x184/0x1a8 [ 147.738652] ret_from_fork+0x14/0x30 [ 147.739135] [ 147.739419] The buggy address belongs to the object at c8fbac80 [ 147.739419] which belongs to the cache kmalloc-64 of size 64 [ 147.740631] The buggy address is located 4 bytes inside of [ 147.740631] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.741812] [ 147.742168] The buggy address belongs to the physical page: [ 147.742865] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.743721] flags: 0x800(slab|zone=0) [ 147.744206] page_type: 0xffffffff() [ 147.744678] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.745599] raw: 00000000 [ 147.746115] page dumped because: kasan: bad access detected [ 147.746591] [ 147.746953] Memory state around the buggy address: [ 147.747566] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.748297] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.749026] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.749731] ^ [ 147.750089] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.750905] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.751545] ================================================================== [ 147.677153] ================================================================== [ 147.679194] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x39c/0xc30 [ 147.680019] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.680846] [ 147.681174] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.682234] Hardware name: Generic DT based system [ 147.682815] unwind_backtrace from show_stack+0x18/0x1c [ 147.683692] show_stack from dump_stack_lvl+0x58/0x70 [ 147.684446] dump_stack_lvl from print_report+0x164/0x51c [ 147.685219] print_report from kasan_report+0xc8/0x104 [ 147.686261] kasan_report from kasan_bitops_generic+0x39c/0xc30 [ 147.687200] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.688109] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.689136] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.690076] kthread from ret_from_fork+0x14/0x30 [ 147.690774] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.691470] bfa0: 00000000 00000000 00000000 00000000 [ 147.692477] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.693428] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.694223] [ 147.694555] Allocated by task 201: [ 147.695089] kasan_set_track+0x3c/0x5c [ 147.695707] __kasan_kmalloc+0x8c/0x94 [ 147.696584] kasan_bitops_generic+0xa0/0xc30 [ 147.697263] kunit_try_run_case+0x11c/0x2e4 [ 147.697903] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.698649] kthread+0x184/0x1a8 [ 147.699262] ret_from_fork+0x14/0x30 [ 147.699840] [ 147.700171] The buggy address belongs to the object at c8fbac80 [ 147.700171] which belongs to the cache kmalloc-64 of size 64 [ 147.701769] The buggy address is located 4 bytes inside of [ 147.701769] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.703021] [ 147.703432] The buggy address belongs to the physical page: [ 147.704040] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.705135] flags: 0x800(slab|zone=0) [ 147.705660] page_type: 0xffffffff() [ 147.706727] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.707576] raw: 00000000 [ 147.707955] page dumped because: kasan: bad access detected [ 147.708756] [ 147.709146] Memory state around the buggy address: [ 147.709959] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.710772] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.711669] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.712544] ^ [ 147.713005] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.713829] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.714649] ================================================================== [ 147.752735] ================================================================== [ 147.753559] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x43c/0xc30 [ 147.754256] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.755098] [ 147.755314] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.756500] Hardware name: Generic DT based system [ 147.756972] unwind_backtrace from show_stack+0x18/0x1c [ 147.758008] show_stack from dump_stack_lvl+0x58/0x70 [ 147.758584] dump_stack_lvl from print_report+0x164/0x51c [ 147.759285] print_report from kasan_report+0xc8/0x104 [ 147.760146] kasan_report from kasan_bitops_generic+0x43c/0xc30 [ 147.760810] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.762035] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.763140] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.764188] kthread from ret_from_fork+0x14/0x30 [ 147.764843] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.765559] bfa0: 00000000 00000000 00000000 00000000 [ 147.766889] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.767928] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.768705] [ 147.769084] Allocated by task 201: [ 147.769523] kasan_set_track+0x3c/0x5c [ 147.770049] __kasan_kmalloc+0x8c/0x94 [ 147.770695] kasan_bitops_generic+0xa0/0xc30 [ 147.771256] kunit_try_run_case+0x11c/0x2e4 [ 147.771928] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.772599] kthread+0x184/0x1a8 [ 147.773146] ret_from_fork+0x14/0x30 [ 147.773680] [ 147.773911] The buggy address belongs to the object at c8fbac80 [ 147.773911] which belongs to the cache kmalloc-64 of size 64 [ 147.775134] The buggy address is located 4 bytes inside of [ 147.775134] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.776891] [ 147.777150] The buggy address belongs to the physical page: [ 147.777705] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.778807] flags: 0x800(slab|zone=0) [ 147.779418] page_type: 0xffffffff() [ 147.779952] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.780936] raw: 00000000 [ 147.781345] page dumped because: kasan: bad access detected [ 147.782010] [ 147.782347] Memory state around the buggy address: [ 147.782975] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.783859] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.784733] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.785475] ^ [ 147.786097] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.786878] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.787706] ================================================================== [ 147.599484] ================================================================== [ 147.600304] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x310/0xc30 [ 147.601126] Write of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.601845] [ 147.602082] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.603038] Hardware name: Generic DT based system [ 147.603719] unwind_backtrace from show_stack+0x18/0x1c [ 147.604390] show_stack from dump_stack_lvl+0x58/0x70 [ 147.605155] dump_stack_lvl from print_report+0x164/0x51c [ 147.605710] print_report from kasan_report+0xc8/0x104 [ 147.607225] kasan_report from kasan_check_range+0x14c/0x198 [ 147.608432] kasan_check_range from kasan_bitops_generic+0x310/0xc30 [ 147.609534] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.610349] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.611349] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.612390] kthread from ret_from_fork+0x14/0x30 [ 147.613122] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.613695] bfa0: 00000000 00000000 00000000 00000000 [ 147.614615] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.615100] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.616116] [ 147.616486] Allocated by task 201: [ 147.616900] kasan_set_track+0x3c/0x5c [ 147.617637] __kasan_kmalloc+0x8c/0x94 [ 147.618327] kasan_bitops_generic+0xa0/0xc30 [ 147.619009] kunit_try_run_case+0x11c/0x2e4 [ 147.619683] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.620443] kthread+0x184/0x1a8 [ 147.621099] ret_from_fork+0x14/0x30 [ 147.621641] [ 147.621973] The buggy address belongs to the object at c8fbac80 [ 147.621973] which belongs to the cache kmalloc-64 of size 64 [ 147.623204] The buggy address is located 4 bytes inside of [ 147.623204] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.624539] [ 147.624908] The buggy address belongs to the physical page: [ 147.625586] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.626734] flags: 0x800(slab|zone=0) [ 147.627298] page_type: 0xffffffff() [ 147.627843] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.628825] raw: 00000000 [ 147.629172] page dumped because: kasan: bad access detected [ 147.629866] [ 147.630253] Memory state around the buggy address: [ 147.630764] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.631680] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.632515] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.633310] ^ [ 147.633729] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.634514] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.635388] ================================================================== [ 147.447811] ================================================================== [ 147.448401] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x1f8/0xc30 [ 147.449204] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.449801] [ 147.450134] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.451069] Hardware name: Generic DT based system [ 147.451582] unwind_backtrace from show_stack+0x18/0x1c [ 147.452247] show_stack from dump_stack_lvl+0x58/0x70 [ 147.452947] dump_stack_lvl from print_report+0x164/0x51c [ 147.453627] print_report from kasan_report+0xc8/0x104 [ 147.454414] kasan_report from kasan_bitops_generic+0x1f8/0xc30 [ 147.455216] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.456072] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.456924] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.458686] kthread from ret_from_fork+0x14/0x30 [ 147.459602] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.460355] bfa0: 00000000 00000000 00000000 00000000 [ 147.461319] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.462234] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.462946] [ 147.463203] Allocated by task 201: [ 147.463657] kasan_set_track+0x3c/0x5c [ 147.464236] __kasan_kmalloc+0x8c/0x94 [ 147.464868] kasan_bitops_generic+0xa0/0xc30 [ 147.465388] kunit_try_run_case+0x11c/0x2e4 [ 147.466211] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.467177] kthread+0x184/0x1a8 [ 147.467636] ret_from_fork+0x14/0x30 [ 147.468104] [ 147.468424] The buggy address belongs to the object at c8fbac80 [ 147.468424] which belongs to the cache kmalloc-64 of size 64 [ 147.469682] The buggy address is located 4 bytes inside of [ 147.469682] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.470707] [ 147.471110] The buggy address belongs to the physical page: [ 147.471696] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.472476] flags: 0x800(slab|zone=0) [ 147.473047] page_type: 0xffffffff() [ 147.473600] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.474525] raw: 00000000 [ 147.474820] page dumped because: kasan: bad access detected [ 147.475498] [ 147.475848] Memory state around the buggy address: [ 147.476914] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.477746] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.478597] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.479390] ^ [ 147.479758] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.480353] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.481095] ================================================================== [ 147.522199] ================================================================== [ 147.524174] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x26c/0xc30 [ 147.524869] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.526481] [ 147.526728] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.527746] Hardware name: Generic DT based system [ 147.528308] unwind_backtrace from show_stack+0x18/0x1c [ 147.528973] show_stack from dump_stack_lvl+0x58/0x70 [ 147.529668] dump_stack_lvl from print_report+0x164/0x51c [ 147.530414] print_report from kasan_report+0xc8/0x104 [ 147.531172] kasan_report from kasan_bitops_generic+0x26c/0xc30 [ 147.531968] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.532831] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.533808] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.534689] kthread from ret_from_fork+0x14/0x30 [ 147.535413] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.536331] bfa0: 00000000 00000000 00000000 00000000 [ 147.537214] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.538110] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.538832] [ 147.539102] Allocated by task 201: [ 147.539478] kasan_set_track+0x3c/0x5c [ 147.540125] __kasan_kmalloc+0x8c/0x94 [ 147.540596] kasan_bitops_generic+0xa0/0xc30 [ 147.541179] kunit_try_run_case+0x11c/0x2e4 [ 147.541923] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.542592] kthread+0x184/0x1a8 [ 147.543205] ret_from_fork+0x14/0x30 [ 147.543723] [ 147.543983] The buggy address belongs to the object at c8fbac80 [ 147.543983] which belongs to the cache kmalloc-64 of size 64 [ 147.545348] The buggy address is located 4 bytes inside of [ 147.545348] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.547517] [ 147.547800] The buggy address belongs to the physical page: [ 147.548392] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.549298] flags: 0x800(slab|zone=0) [ 147.549788] page_type: 0xffffffff() [ 147.550241] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.551195] raw: 00000000 [ 147.551581] page dumped because: kasan: bad access detected [ 147.552120] [ 147.552455] Memory state around the buggy address: [ 147.553091] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.553780] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.554530] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.555402] ^ [ 147.556035] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.556865] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.557664] ================================================================== [ 147.484299] ================================================================== [ 147.485018] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x20c/0xc30 [ 147.485817] Write of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.486417] [ 147.486746] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.487657] Hardware name: Generic DT based system [ 147.488386] unwind_backtrace from show_stack+0x18/0x1c [ 147.489116] show_stack from dump_stack_lvl+0x58/0x70 [ 147.490085] dump_stack_lvl from print_report+0x164/0x51c [ 147.490775] print_report from kasan_report+0xc8/0x104 [ 147.491643] kasan_report from kasan_bitops_generic+0x20c/0xc30 [ 147.492443] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.493375] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.494438] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.495382] kthread from ret_from_fork+0x14/0x30 [ 147.496232] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.496969] bfa0: 00000000 00000000 00000000 00000000 [ 147.497874] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.498871] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.499535] [ 147.499821] Allocated by task 201: [ 147.500359] kasan_set_track+0x3c/0x5c [ 147.500871] __kasan_kmalloc+0x8c/0x94 [ 147.501356] kasan_bitops_generic+0xa0/0xc30 [ 147.502024] kunit_try_run_case+0x11c/0x2e4 [ 147.502618] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.503223] kthread+0x184/0x1a8 [ 147.503749] ret_from_fork+0x14/0x30 [ 147.504218] [ 147.504529] The buggy address belongs to the object at c8fbac80 [ 147.504529] which belongs to the cache kmalloc-64 of size 64 [ 147.506117] The buggy address is located 4 bytes inside of [ 147.506117] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.507249] [ 147.507578] The buggy address belongs to the physical page: [ 147.508320] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.509111] flags: 0x800(slab|zone=0) [ 147.509685] page_type: 0xffffffff() [ 147.510191] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.511041] raw: 00000000 [ 147.511475] page dumped because: kasan: bad access detected [ 147.512137] [ 147.512362] Memory state around the buggy address: [ 147.512997] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.513842] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.514644] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.515431] ^ [ 147.516036] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.516813] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.517614] ================================================================== [ 147.412205] ================================================================== [ 147.412893] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x1f0/0xc30 [ 147.413655] Write of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.414242] [ 147.414567] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.415511] Hardware name: Generic DT based system [ 147.416178] unwind_backtrace from show_stack+0x18/0x1c [ 147.417138] show_stack from dump_stack_lvl+0x58/0x70 [ 147.417797] dump_stack_lvl from print_report+0x164/0x51c [ 147.418528] print_report from kasan_report+0xc8/0x104 [ 147.419164] kasan_report from kasan_check_range+0x14c/0x198 [ 147.419753] kasan_check_range from kasan_bitops_generic+0x1f0/0xc30 [ 147.420273] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.421167] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.422173] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.423270] kthread from ret_from_fork+0x14/0x30 [ 147.423851] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.424530] bfa0: 00000000 00000000 00000000 00000000 [ 147.425405] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.426499] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.427207] [ 147.427529] Allocated by task 201: [ 147.427908] kasan_set_track+0x3c/0x5c [ 147.428510] __kasan_kmalloc+0x8c/0x94 [ 147.429078] kasan_bitops_generic+0xa0/0xc30 [ 147.429640] kunit_try_run_case+0x11c/0x2e4 [ 147.430253] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.431015] kthread+0x184/0x1a8 [ 147.431437] ret_from_fork+0x14/0x30 [ 147.431905] [ 147.432197] The buggy address belongs to the object at c8fbac80 [ 147.432197] which belongs to the cache kmalloc-64 of size 64 [ 147.433349] The buggy address is located 4 bytes inside of [ 147.433349] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.434458] [ 147.434763] The buggy address belongs to the physical page: [ 147.435295] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.436673] flags: 0x800(slab|zone=0) [ 147.437171] page_type: 0xffffffff() [ 147.437689] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.438537] raw: 00000000 [ 147.439003] page dumped because: kasan: bad access detected [ 147.439650] [ 147.439909] Memory state around the buggy address: [ 147.440493] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.441237] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.442077] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.442861] ^ [ 147.443193] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.444029] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.445184] ================================================================== [ 147.636912] ================================================================== [ 147.637733] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x318/0xc30 [ 147.638703] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.639619] [ 147.639971] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.640935] Hardware name: Generic DT based system [ 147.641595] unwind_backtrace from show_stack+0x18/0x1c [ 147.642490] show_stack from dump_stack_lvl+0x58/0x70 [ 147.643222] dump_stack_lvl from print_report+0x164/0x51c [ 147.644101] print_report from kasan_report+0xc8/0x104 [ 147.644830] kasan_report from kasan_bitops_generic+0x318/0xc30 [ 147.645967] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.647153] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.647955] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.648818] kthread from ret_from_fork+0x14/0x30 [ 147.649533] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.650234] bfa0: 00000000 00000000 00000000 00000000 [ 147.651180] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.652113] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.652873] [ 147.653240] Allocated by task 201: [ 147.653879] kasan_set_track+0x3c/0x5c [ 147.654540] __kasan_kmalloc+0x8c/0x94 [ 147.655289] kasan_bitops_generic+0xa0/0xc30 [ 147.656221] kunit_try_run_case+0x11c/0x2e4 [ 147.656856] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.657561] kthread+0x184/0x1a8 [ 147.658066] ret_from_fork+0x14/0x30 [ 147.658660] [ 147.658975] The buggy address belongs to the object at c8fbac80 [ 147.658975] which belongs to the cache kmalloc-64 of size 64 [ 147.660377] The buggy address is located 4 bytes inside of [ 147.660377] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.661597] [ 147.662002] The buggy address belongs to the physical page: [ 147.662731] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.663654] flags: 0x800(slab|zone=0) [ 147.664298] page_type: 0xffffffff() [ 147.664844] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.665964] raw: 00000000 [ 147.666574] page dumped because: kasan: bad access detected [ 147.667446] [ 147.667772] Memory state around the buggy address: [ 147.668454] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.669290] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.670206] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.670991] ^ [ 147.671508] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.672343] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.673156] ================================================================== [ 147.300632] ================================================================== [ 147.302491] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x100/0xc30 [ 147.303268] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.303975] [ 147.304304] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.305015] Hardware name: Generic DT based system [ 147.305709] unwind_backtrace from show_stack+0x18/0x1c [ 147.306544] show_stack from dump_stack_lvl+0x58/0x70 [ 147.307165] dump_stack_lvl from print_report+0x164/0x51c [ 147.307839] print_report from kasan_report+0xc8/0x104 [ 147.308823] kasan_report from kasan_bitops_generic+0x100/0xc30 [ 147.309677] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.310554] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.311537] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.312518] kthread from ret_from_fork+0x14/0x30 [ 147.313141] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.313715] bfa0: 00000000 00000000 00000000 00000000 [ 147.314664] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.315803] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.316481] [ 147.316724] Allocated by task 201: [ 147.317125] kasan_set_track+0x3c/0x5c [ 147.317706] __kasan_kmalloc+0x8c/0x94 [ 147.318186] kasan_bitops_generic+0xa0/0xc30 [ 147.318853] kunit_try_run_case+0x11c/0x2e4 [ 147.319448] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.320168] kthread+0x184/0x1a8 [ 147.320566] ret_from_fork+0x14/0x30 [ 147.321139] [ 147.321377] The buggy address belongs to the object at c8fbac80 [ 147.321377] which belongs to the cache kmalloc-64 of size 64 [ 147.322608] The buggy address is located 4 bytes inside of [ 147.322608] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.323851] [ 147.324147] The buggy address belongs to the physical page: [ 147.324900] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.326044] flags: 0x800(slab|zone=0) [ 147.326455] page_type: 0xffffffff() [ 147.327104] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.328028] raw: 00000000 [ 147.328378] page dumped because: kasan: bad access detected [ 147.328934] [ 147.329301] Memory state around the buggy address: [ 147.329900] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.330616] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.331413] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.332177] ^ [ 147.332591] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.333338] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.334162] ================================================================== [ 147.561973] ================================================================== [ 147.563876] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x2d4/0xc30 [ 147.564824] Read of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.565551] [ 147.566662] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.567597] Hardware name: Generic DT based system [ 147.568185] unwind_backtrace from show_stack+0x18/0x1c [ 147.569005] show_stack from dump_stack_lvl+0x58/0x70 [ 147.569695] dump_stack_lvl from print_report+0x164/0x51c [ 147.570537] print_report from kasan_report+0xc8/0x104 [ 147.571261] kasan_report from kasan_bitops_generic+0x2d4/0xc30 [ 147.572072] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.572949] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.573940] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.575004] kthread from ret_from_fork+0x14/0x30 [ 147.575943] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.576563] bfa0: 00000000 00000000 00000000 00000000 [ 147.577255] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.578486] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.579304] [ 147.579576] Allocated by task 201: [ 147.579984] kasan_set_track+0x3c/0x5c [ 147.580546] __kasan_kmalloc+0x8c/0x94 [ 147.581140] kasan_bitops_generic+0xa0/0xc30 [ 147.581673] kunit_try_run_case+0x11c/0x2e4 [ 147.582354] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.583106] kthread+0x184/0x1a8 [ 147.583535] ret_from_fork+0x14/0x30 [ 147.584002] [ 147.584314] The buggy address belongs to the object at c8fbac80 [ 147.584314] which belongs to the cache kmalloc-64 of size 64 [ 147.585516] The buggy address is located 4 bytes inside of [ 147.585516] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.587466] [ 147.587726] The buggy address belongs to the physical page: [ 147.588576] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.589513] flags: 0x800(slab|zone=0) [ 147.590096] page_type: 0xffffffff() [ 147.590652] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.591597] raw: 00000000 [ 147.591993] page dumped because: kasan: bad access detected [ 147.592671] [ 147.592882] Memory state around the buggy address: [ 147.593672] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.594508] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.595236] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.596292] ^ [ 147.596668] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.597416] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.598224] ================================================================== [ 147.374826] ================================================================== [ 147.376317] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x1a4/0xc30 [ 147.377085] Write of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.377666] [ 147.377976] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.378982] Hardware name: Generic DT based system [ 147.379461] unwind_backtrace from show_stack+0x18/0x1c [ 147.380320] show_stack from dump_stack_lvl+0x58/0x70 [ 147.381173] dump_stack_lvl from print_report+0x164/0x51c [ 147.381754] print_report from kasan_report+0xc8/0x104 [ 147.382576] kasan_report from kasan_check_range+0x14c/0x198 [ 147.383494] kasan_check_range from kasan_bitops_generic+0x1a4/0xc30 [ 147.384339] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.385189] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.386315] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.387151] kthread from ret_from_fork+0x14/0x30 [ 147.387771] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.388347] bfa0: 00000000 00000000 00000000 00000000 [ 147.389387] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.390361] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.391087] [ 147.391382] Allocated by task 201: [ 147.391814] kasan_set_track+0x3c/0x5c [ 147.392314] __kasan_kmalloc+0x8c/0x94 [ 147.392908] kasan_bitops_generic+0xa0/0xc30 [ 147.393412] kunit_try_run_case+0x11c/0x2e4 [ 147.393986] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.394779] kthread+0x184/0x1a8 [ 147.395218] ret_from_fork+0x14/0x30 [ 147.395842] [ 147.396104] The buggy address belongs to the object at c8fbac80 [ 147.396104] which belongs to the cache kmalloc-64 of size 64 [ 147.397842] The buggy address is located 4 bytes inside of [ 147.397842] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.398945] [ 147.399334] The buggy address belongs to the physical page: [ 147.400048] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.400981] flags: 0x800(slab|zone=0) [ 147.401468] page_type: 0xffffffff() [ 147.402140] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.403092] raw: 00000000 [ 147.403469] page dumped because: kasan: bad access detected [ 147.404343] [ 147.404671] Memory state around the buggy address: [ 147.405351] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.406478] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.407115] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.407922] ^ [ 147.408332] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.409073] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.409835] ================================================================== [ 147.788925] ================================================================== [ 147.789558] BUG: KASAN: slab-out-of-bounds in kasan_bitops_generic+0x478/0xc30 [ 147.790620] Write of size 4 at addr c8fbac84 by task kunit_try_catch/201 [ 147.791575] [ 147.791814] CPU: 1 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.792835] Hardware name: Generic DT based system [ 147.793656] unwind_backtrace from show_stack+0x18/0x1c [ 147.794541] show_stack from dump_stack_lvl+0x58/0x70 [ 147.795388] dump_stack_lvl from print_report+0x164/0x51c [ 147.796262] print_report from kasan_report+0xc8/0x104 [ 147.796905] kasan_report from kasan_check_range+0x14c/0x198 [ 147.797901] kasan_check_range from kasan_bitops_generic+0x478/0xc30 [ 147.798901] kasan_bitops_generic from kunit_try_run_case+0x11c/0x2e4 [ 147.799798] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.800723] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.801656] kthread from ret_from_fork+0x14/0x30 [ 147.802352] Exception stack(0xfa10bfb0 to 0xfa10bff8) [ 147.803017] bfa0: 00000000 00000000 00000000 00000000 [ 147.804137] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.805072] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.805850] [ 147.806257] Allocated by task 201: [ 147.806765] kasan_set_track+0x3c/0x5c [ 147.807688] __kasan_kmalloc+0x8c/0x94 [ 147.808099] kasan_bitops_generic+0xa0/0xc30 [ 147.808882] kunit_try_run_case+0x11c/0x2e4 [ 147.809701] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.810619] kthread+0x184/0x1a8 [ 147.811111] ret_from_fork+0x14/0x30 [ 147.811677] [ 147.812073] The buggy address belongs to the object at c8fbac80 [ 147.812073] which belongs to the cache kmalloc-64 of size 64 [ 147.813296] The buggy address is located 4 bytes inside of [ 147.813296] allocated 5-byte region [c8fbac80, c8fbac85) [ 147.814609] [ 147.814900] The buggy address belongs to the physical page: [ 147.815655] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.816861] flags: 0x800(slab|zone=0) [ 147.817460] page_type: 0xffffffff() [ 147.818168] raw: 00000800 c4801200 00000122 00000000 00000000 00200020 ffffffff 00000001 [ 147.819252] raw: 00000000 [ 147.819806] page dumped because: kasan: bad access detected [ 147.820416] [ 147.820974] Memory state around the buggy address: [ 147.821693] c8fbab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.822555] c8fbac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.823227] >c8fbac80: 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.823570] ^ [ 147.823752] c8fbad00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.824159] c8fbad80: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.824894] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
[ 147.249659] ================================================================== [ 147.250630] BUG: KASAN: slab-use-after-free in strnlen+0x30/0x58 [ 147.251122] Read of size 1 at addr c8fba210 by task kunit_try_catch/199 [ 147.251734] [ 147.252174] CPU: 1 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.253126] Hardware name: Generic DT based system [ 147.253785] unwind_backtrace from show_stack+0x18/0x1c [ 147.254386] show_stack from dump_stack_lvl+0x58/0x70 [ 147.255144] dump_stack_lvl from print_report+0x164/0x51c [ 147.255962] print_report from kasan_report+0xc8/0x104 [ 147.257792] kasan_report from strnlen+0x30/0x58 [ 147.258522] strnlen from kasan_strings+0x1dc/0x4ec [ 147.259321] kasan_strings from kunit_try_run_case+0x11c/0x2e4 [ 147.260071] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.261103] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.262082] kthread from ret_from_fork+0x14/0x30 [ 147.262703] Exception stack(0xfa0fbfb0 to 0xfa0fbff8) [ 147.263412] bfa0: 00000000 00000000 00000000 00000000 [ 147.264264] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.265137] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.265981] [ 147.266481] Allocated by task 199: [ 147.266865] kasan_set_track+0x3c/0x5c [ 147.267500] __kasan_kmalloc+0x8c/0x94 [ 147.267936] kasan_strings+0xa0/0x4ec [ 147.268568] kunit_try_run_case+0x11c/0x2e4 [ 147.269074] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.269904] kthread+0x184/0x1a8 [ 147.270322] ret_from_fork+0x14/0x30 [ 147.270805] [ 147.271155] Freed by task 199: [ 147.271629] kasan_set_track+0x3c/0x5c [ 147.272147] kasan_save_free_info+0x30/0x3c [ 147.272708] __kasan_slab_free+0xdc/0x124 [ 147.273434] __kmem_cache_free+0x140/0x2a8 [ 147.274107] kasan_strings+0xbc/0x4ec [ 147.274568] kunit_try_run_case+0x11c/0x2e4 [ 147.275114] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.275958] kthread+0x184/0x1a8 [ 147.276772] ret_from_fork+0x14/0x30 [ 147.277286] [ 147.277552] The buggy address belongs to the object at c8fba200 [ 147.277552] which belongs to the cache kmalloc-64 of size 64 [ 147.278814] The buggy address is located 16 bytes inside of [ 147.278814] freed 64-byte region [c8fba200, c8fba240) [ 147.279963] [ 147.280214] The buggy address belongs to the physical page: [ 147.280820] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.281979] flags: 0x800(slab|zone=0) [ 147.282438] page_type: 0xffffffff() [ 147.282979] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.283840] raw: 00000000 [ 147.284140] page dumped because: kasan: bad access detected [ 147.284874] [ 147.285110] Memory state around the buggy address: [ 147.285985] c8fba100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.286673] c8fba180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.287422] >c8fba200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.288218] ^ [ 147.288704] c8fba280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.289426] c8fba300: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.290210] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
[ 147.208477] ================================================================== [ 147.209227] BUG: KASAN: slab-use-after-free in strlen+0xc/0x44 [ 147.209858] Read of size 1 at addr c8fba210 by task kunit_try_catch/199 [ 147.210574] [ 147.210861] CPU: 1 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.211718] Hardware name: Generic DT based system [ 147.212331] unwind_backtrace from show_stack+0x18/0x1c [ 147.213038] show_stack from dump_stack_lvl+0x58/0x70 [ 147.213730] dump_stack_lvl from print_report+0x164/0x51c [ 147.214405] print_report from kasan_report+0xc8/0x104 [ 147.215081] kasan_report from strlen+0xc/0x44 [ 147.215671] strlen from kasan_strings+0x1a8/0x4ec [ 147.216732] kasan_strings from kunit_try_run_case+0x11c/0x2e4 [ 147.217579] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.218572] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.219023] kthread from ret_from_fork+0x14/0x30 [ 147.219675] Exception stack(0xfa0fbfb0 to 0xfa0fbff8) [ 147.220200] bfa0: 00000000 00000000 00000000 00000000 [ 147.221284] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.222402] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.223216] [ 147.223502] Allocated by task 199: [ 147.223955] kasan_set_track+0x3c/0x5c [ 147.224531] __kasan_kmalloc+0x8c/0x94 [ 147.225034] kasan_strings+0xa0/0x4ec [ 147.225638] kunit_try_run_case+0x11c/0x2e4 [ 147.226665] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.227433] kthread+0x184/0x1a8 [ 147.227849] ret_from_fork+0x14/0x30 [ 147.228395] [ 147.228626] Freed by task 199: [ 147.229155] kasan_set_track+0x3c/0x5c [ 147.229699] kasan_save_free_info+0x30/0x3c [ 147.230387] __kasan_slab_free+0xdc/0x124 [ 147.230913] __kmem_cache_free+0x140/0x2a8 [ 147.231610] kasan_strings+0xbc/0x4ec [ 147.232141] kunit_try_run_case+0x11c/0x2e4 [ 147.232672] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.233565] kthread+0x184/0x1a8 [ 147.233975] ret_from_fork+0x14/0x30 [ 147.234536] [ 147.234831] The buggy address belongs to the object at c8fba200 [ 147.234831] which belongs to the cache kmalloc-64 of size 64 [ 147.236478] The buggy address is located 16 bytes inside of [ 147.236478] freed 64-byte region [c8fba200, c8fba240) [ 147.238011] [ 147.238223] The buggy address belongs to the physical page: [ 147.238912] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.239742] flags: 0x800(slab|zone=0) [ 147.240393] page_type: 0xffffffff() [ 147.240820] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.241776] raw: 00000000 [ 147.242304] page dumped because: kasan: bad access detected [ 147.242917] [ 147.243146] Memory state around the buggy address: [ 147.243858] c8fba100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.244676] c8fba180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.245348] >c8fba200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.246604] ^ [ 147.247091] c8fba280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.247871] c8fba300: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.248484] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
[ 147.166365] ================================================================== [ 147.167147] BUG: KASAN: slab-use-after-free in kasan_strings+0x170/0x4ec [ 147.167833] Read of size 1 at addr c8fba210 by task kunit_try_catch/199 [ 147.168670] [ 147.168984] CPU: 1 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.169866] Hardware name: Generic DT based system [ 147.170502] unwind_backtrace from show_stack+0x18/0x1c [ 147.171296] show_stack from dump_stack_lvl+0x58/0x70 [ 147.171996] dump_stack_lvl from print_report+0x164/0x51c [ 147.172611] print_report from kasan_report+0xc8/0x104 [ 147.173406] kasan_report from kasan_strings+0x170/0x4ec [ 147.174105] kasan_strings from kunit_try_run_case+0x11c/0x2e4 [ 147.174927] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.176295] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.177200] kthread from ret_from_fork+0x14/0x30 [ 147.177825] Exception stack(0xfa0fbfb0 to 0xfa0fbff8) [ 147.178373] bfa0: 00000000 00000000 00000000 00000000 [ 147.179306] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.180255] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.180956] [ 147.181235] Allocated by task 199: [ 147.181640] kasan_set_track+0x3c/0x5c [ 147.182214] __kasan_kmalloc+0x8c/0x94 [ 147.182821] kasan_strings+0xa0/0x4ec [ 147.183317] kunit_try_run_case+0x11c/0x2e4 [ 147.183965] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.184709] kthread+0x184/0x1a8 [ 147.185159] ret_from_fork+0x14/0x30 [ 147.185832] [ 147.186169] Freed by task 199: [ 147.186516] kasan_set_track+0x3c/0x5c [ 147.187116] kasan_save_free_info+0x30/0x3c [ 147.187746] __kasan_slab_free+0xdc/0x124 [ 147.188521] __kmem_cache_free+0x140/0x2a8 [ 147.189288] kasan_strings+0xbc/0x4ec [ 147.189643] kunit_try_run_case+0x11c/0x2e4 [ 147.190409] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.191142] kthread+0x184/0x1a8 [ 147.191566] ret_from_fork+0x14/0x30 [ 147.192217] [ 147.192482] The buggy address belongs to the object at c8fba200 [ 147.192482] which belongs to the cache kmalloc-64 of size 64 [ 147.193514] The buggy address is located 16 bytes inside of [ 147.193514] freed 64-byte region [c8fba200, c8fba240) [ 147.194767] [ 147.195468] The buggy address belongs to the physical page: [ 147.196591] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.197514] flags: 0x800(slab|zone=0) [ 147.197929] page_type: 0xffffffff() [ 147.198412] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.199378] raw: 00000000 [ 147.199823] page dumped because: kasan: bad access detected [ 147.200451] [ 147.200704] Memory state around the buggy address: [ 147.201418] c8fba100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.202085] c8fba180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.203078] >c8fba200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.203755] ^ [ 147.204253] c8fba280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.204968] c8fba300: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.205928] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
[ 147.120167] ================================================================== [ 147.122125] BUG: KASAN: slab-use-after-free in strcmp+0x20/0x54 [ 147.122766] Read of size 1 at addr c8fba210 by task kunit_try_catch/199 [ 147.123566] [ 147.123890] CPU: 1 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.124975] Hardware name: Generic DT based system [ 147.125604] unwind_backtrace from show_stack+0x18/0x1c [ 147.126732] show_stack from dump_stack_lvl+0x58/0x70 [ 147.127295] dump_stack_lvl from print_report+0x164/0x51c [ 147.127802] print_report from kasan_report+0xc8/0x104 [ 147.129834] kasan_report from strcmp+0x20/0x54 [ 147.130801] strcmp from kasan_strings+0x140/0x4ec [ 147.131561] kasan_strings from kunit_try_run_case+0x11c/0x2e4 [ 147.132521] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.133593] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.134642] kthread from ret_from_fork+0x14/0x30 [ 147.135339] Exception stack(0xfa0fbfb0 to 0xfa0fbff8) [ 147.136358] bfa0: 00000000 00000000 00000000 00000000 [ 147.137510] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.138570] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.139336] [ 147.139601] Allocated by task 199: [ 147.139973] kasan_set_track+0x3c/0x5c [ 147.140623] __kasan_kmalloc+0x8c/0x94 [ 147.141142] kasan_strings+0xa0/0x4ec [ 147.141715] kunit_try_run_case+0x11c/0x2e4 [ 147.142285] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.142922] kthread+0x184/0x1a8 [ 147.143477] ret_from_fork+0x14/0x30 [ 147.143960] [ 147.144233] Freed by task 199: [ 147.144706] kasan_set_track+0x3c/0x5c [ 147.145286] kasan_save_free_info+0x30/0x3c [ 147.145769] __kasan_slab_free+0xdc/0x124 [ 147.146818] __kmem_cache_free+0x140/0x2a8 [ 147.147375] kasan_strings+0xbc/0x4ec [ 147.147943] kunit_try_run_case+0x11c/0x2e4 [ 147.148572] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.149335] kthread+0x184/0x1a8 [ 147.149881] ret_from_fork+0x14/0x30 [ 147.150373] [ 147.150663] The buggy address belongs to the object at c8fba200 [ 147.150663] which belongs to the cache kmalloc-64 of size 64 [ 147.151907] The buggy address is located 16 bytes inside of [ 147.151907] freed 64-byte region [c8fba200, c8fba240) [ 147.152962] [ 147.153342] The buggy address belongs to the physical page: [ 147.154099] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.154933] flags: 0x800(slab|zone=0) [ 147.155417] page_type: 0xffffffff() [ 147.156241] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.157080] raw: 00000000 [ 147.157419] page dumped because: kasan: bad access detected [ 147.158047] [ 147.158419] Memory state around the buggy address: [ 147.158991] c8fba100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.159874] c8fba180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.160587] >c8fba200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.161317] ^ [ 147.161714] c8fba280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.162416] c8fba300: 00 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc [ 147.163255] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
[ 147.072556] ================================================================== [ 147.073669] BUG: KASAN: slab-out-of-bounds in memcmp+0x30/0xa0 [ 147.074402] Read of size 1 at addr c8fba198 by task kunit_try_catch/197 [ 147.075236] [ 147.075514] CPU: 1 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.076506] Hardware name: Generic DT based system [ 147.076991] unwind_backtrace from show_stack+0x18/0x1c [ 147.078170] show_stack from dump_stack_lvl+0x58/0x70 [ 147.078812] dump_stack_lvl from print_report+0x164/0x51c [ 147.079555] print_report from kasan_report+0xc8/0x104 [ 147.080250] kasan_report from memcmp+0x30/0xa0 [ 147.080961] memcmp from kasan_memcmp+0x100/0x210 [ 147.081633] kasan_memcmp from kunit_try_run_case+0x11c/0x2e4 [ 147.082526] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.083438] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.084380] kthread from ret_from_fork+0x14/0x30 [ 147.084985] Exception stack(0xfa0ebfb0 to 0xfa0ebff8) [ 147.085805] bfa0: 00000000 00000000 00000000 00000000 [ 147.086829] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.087788] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.088679] [ 147.088976] Allocated by task 197: [ 147.089439] kasan_set_track+0x3c/0x5c [ 147.089970] __kasan_kmalloc+0x8c/0x94 [ 147.090581] kasan_memcmp+0xb4/0x210 [ 147.091085] kunit_try_run_case+0x11c/0x2e4 [ 147.091743] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.092303] kthread+0x184/0x1a8 [ 147.092857] ret_from_fork+0x14/0x30 [ 147.093288] [ 147.093587] The buggy address belongs to the object at c8fba180 [ 147.093587] which belongs to the cache kmalloc-64 of size 64 [ 147.094851] The buggy address is located 0 bytes to the right of [ 147.094851] allocated 24-byte region [c8fba180, c8fba198) [ 147.096338] [ 147.096565] The buggy address belongs to the physical page: [ 147.097350] page:3fba6f39 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fba [ 147.098129] flags: 0x800(slab|zone=0) [ 147.098679] page_type: 0xffffffff() [ 147.099147] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 147.100008] raw: 00000000 [ 147.100525] page dumped because: kasan: bad access detected [ 147.101216] [ 147.101441] Memory state around the buggy address: [ 147.102087] c8fba080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.102838] c8fba100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 147.103548] >c8fba180: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.104363] ^ [ 147.104929] c8fba200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.105800] c8fba280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.106656] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
[ 147.012219] ================================================================== [ 147.013276] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0xd0/0x1cc [ 147.014079] Read of size 1 at addr c8919900 by task kunit_try_catch/193 [ 147.014757] [ 147.015109] CPU: 1 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 147.016042] Hardware name: Generic DT based system [ 147.017358] unwind_backtrace from show_stack+0x18/0x1c [ 147.018069] show_stack from dump_stack_lvl+0x58/0x70 [ 147.018889] dump_stack_lvl from print_report+0x164/0x51c [ 147.019622] print_report from kasan_report+0xc8/0x104 [ 147.020236] kasan_report from __kasan_check_byte+0x34/0x3c [ 147.021147] __kasan_check_byte from kmem_cache_destroy+0x24/0x150 [ 147.021986] kmem_cache_destroy from kmem_cache_double_destroy+0xd0/0x1cc [ 147.022857] kmem_cache_double_destroy from kunit_try_run_case+0x11c/0x2e4 [ 147.023877] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.024850] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 147.025841] kthread from ret_from_fork+0x14/0x30 [ 147.026524] Exception stack(0xfa0cbfb0 to 0xfa0cbff8) [ 147.026962] bfa0: 00000000 00000000 00000000 00000000 [ 147.028092] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 147.029119] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 147.029757] [ 147.030045] Allocated by task 193: [ 147.030486] kasan_set_track+0x3c/0x5c [ 147.031106] __kasan_slab_alloc+0x60/0x68 [ 147.031693] kmem_cache_alloc+0x1dc/0x574 [ 147.032262] kmem_cache_create_usercopy+0x160/0x2a8 [ 147.033023] kmem_cache_create+0x28/0x30 [ 147.033572] kmem_cache_double_destroy+0xa0/0x1cc [ 147.034199] kunit_try_run_case+0x11c/0x2e4 [ 147.034666] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.035432] kthread+0x184/0x1a8 [ 147.036040] ret_from_fork+0x14/0x30 [ 147.036723] [ 147.036999] Freed by task 193: [ 147.037587] kasan_set_track+0x3c/0x5c [ 147.038309] kasan_save_free_info+0x30/0x3c [ 147.038936] __kasan_slab_free+0xdc/0x124 [ 147.039503] kmem_cache_free+0x170/0x41c [ 147.039957] kobject_put+0xfc/0x320 [ 147.040551] kmem_cache_double_destroy+0xbc/0x1cc [ 147.041190] kunit_try_run_case+0x11c/0x2e4 [ 147.041746] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 147.042472] kthread+0x184/0x1a8 [ 147.042948] ret_from_fork+0x14/0x30 [ 147.043461] [ 147.043717] The buggy address belongs to the object at c8919900 [ 147.043717] which belongs to the cache kmem_cache of size 132 [ 147.044962] The buggy address is located 0 bytes inside of [ 147.044962] freed 132-byte region [c8919900, c8919984) [ 147.046543] [ 147.046782] The buggy address belongs to the physical page: [ 147.047341] page:190a4671 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48919 [ 147.048256] flags: 0x800(slab|zone=0) [ 147.048742] page_type: 0xffffffff() [ 147.049200] raw: 00000800 c4801000 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 147.050178] raw: 00000000 [ 147.050602] page dumped because: kasan: bad access detected [ 147.051238] [ 147.051526] Memory state around the buggy address: [ 147.052027] c8919800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 147.052779] c8919880: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.053457] >c8919900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 147.054234] ^ [ 147.054572] c8919980: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.055366] c8919a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.056126] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
[ 146.950346] ================================================================== [ 146.951578] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xd8/0x23c [ 146.952495] Free of addr c8fb9001 by task kunit_try_catch/191 [ 146.953188] [ 146.953590] CPU: 1 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.954615] Hardware name: Generic DT based system [ 146.955240] unwind_backtrace from show_stack+0x18/0x1c [ 146.956099] show_stack from dump_stack_lvl+0x58/0x70 [ 146.956819] dump_stack_lvl from print_report+0x164/0x51c [ 146.957583] print_report from kasan_report_invalid_free+0xb4/0xe8 [ 146.958459] kasan_report_invalid_free from __kasan_slab_free+0x114/0x124 [ 146.959428] __kasan_slab_free from kmem_cache_free+0x170/0x41c [ 146.960296] kmem_cache_free from kmem_cache_invalid_free+0xd8/0x23c [ 146.961187] kmem_cache_invalid_free from kunit_try_run_case+0x11c/0x2e4 [ 146.962127] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.963079] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.963944] kthread from ret_from_fork+0x14/0x30 [ 146.964490] Exception stack(0xfa0c3fb0 to 0xfa0c3ff8) [ 146.965178] 3fa0: 00000000 00000000 00000000 00000000 [ 146.966947] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.968097] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.968928] [ 146.969278] Allocated by task 191: [ 146.969713] kasan_set_track+0x3c/0x5c [ 146.970297] __kasan_slab_alloc+0x60/0x68 [ 146.970838] kmem_cache_alloc+0x1dc/0x574 [ 146.971508] kmem_cache_invalid_free+0xb0/0x23c [ 146.972142] kunit_try_run_case+0x11c/0x2e4 [ 146.972760] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.973609] kthread+0x184/0x1a8 [ 146.974106] ret_from_fork+0x14/0x30 [ 146.974681] [ 146.975033] The buggy address belongs to the object at c8fb9000 [ 146.975033] which belongs to the cache test_cache of size 200 [ 146.976377] The buggy address is located 1 bytes inside of [ 146.976377] 200-byte region [c8fb9000, c8fb90c8) [ 146.977648] [ 146.977982] The buggy address belongs to the physical page: [ 146.978862] page:6f24fb60 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fb9 [ 146.979838] flags: 0x800(slab|zone=0) [ 146.980485] page_type: 0xffffffff() [ 146.981037] raw: 00000800 c8919800 00000122 00000000 00000000 800f000f ffffffff 00000001 [ 146.982010] raw: 00000000 [ 146.982285] page dumped because: kasan: bad access detected [ 146.983135] [ 146.983367] Memory state around the buggy address: [ 146.984100] c8fb8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.984970] c8fb8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.985791] >c8fb9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.986712] ^ [ 146.987541] c8fb9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 146.988266] c8fb9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.989015] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
[ 146.890436] ================================================================== [ 146.891404] BUG: KASAN: double-free in kmem_cache_double_free+0xe4/0x23c [ 146.891865] Free of addr c8fb8000 by task kunit_try_catch/189 [ 146.892266] [ 146.892541] CPU: 1 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.893503] Hardware name: Generic DT based system [ 146.894073] unwind_backtrace from show_stack+0x18/0x1c [ 146.894871] show_stack from dump_stack_lvl+0x58/0x70 [ 146.895506] dump_stack_lvl from print_report+0x164/0x51c [ 146.896230] print_report from kasan_report_invalid_free+0xb4/0xe8 [ 146.897120] kasan_report_invalid_free from __kasan_slab_free+0xfc/0x124 [ 146.897910] __kasan_slab_free from kmem_cache_free+0x170/0x41c [ 146.898880] kmem_cache_free from kmem_cache_double_free+0xe4/0x23c [ 146.899833] kmem_cache_double_free from kunit_try_run_case+0x11c/0x2e4 [ 146.900703] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.901659] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.902518] kthread from ret_from_fork+0x14/0x30 [ 146.903103] Exception stack(0xfa0b3fb0 to 0xfa0b3ff8) [ 146.903724] 3fa0: 00000000 00000000 00000000 00000000 [ 146.904645] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.905496] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.906245] [ 146.906500] Allocated by task 189: [ 146.906875] kasan_set_track+0x3c/0x5c [ 146.907697] __kasan_slab_alloc+0x60/0x68 [ 146.908280] kmem_cache_alloc+0x1dc/0x574 [ 146.908800] kmem_cache_double_free+0xb0/0x23c [ 146.909906] kunit_try_run_case+0x11c/0x2e4 [ 146.910579] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.911529] kthread+0x184/0x1a8 [ 146.911969] ret_from_fork+0x14/0x30 [ 146.912409] [ 146.912664] Freed by task 189: [ 146.913195] kasan_set_track+0x3c/0x5c [ 146.913715] kasan_save_free_info+0x30/0x3c [ 146.914193] __kasan_slab_free+0xdc/0x124 [ 146.914949] kmem_cache_free+0x170/0x41c [ 146.915449] kmem_cache_double_free+0xcc/0x23c [ 146.916362] kunit_try_run_case+0x11c/0x2e4 [ 146.916988] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.917720] kthread+0x184/0x1a8 [ 146.918139] ret_from_fork+0x14/0x30 [ 146.918775] [ 146.919141] The buggy address belongs to the object at c8fb8000 [ 146.919141] which belongs to the cache test_cache of size 200 [ 146.920355] The buggy address is located 0 bytes inside of [ 146.920355] 200-byte region [c8fb8000, c8fb80c8) [ 146.921417] [ 146.921726] The buggy address belongs to the physical page: [ 146.922341] page:658a11fa refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48fb8 [ 146.923354] flags: 0x800(slab|zone=0) [ 146.923855] page_type: 0xffffffff() [ 146.924465] raw: 00000800 c8919700 00000122 00000000 00000000 800f000f ffffffff 00000001 [ 146.925373] raw: 00000000 [ 146.926087] page dumped because: kasan: bad access detected [ 146.926949] [ 146.927164] Memory state around the buggy address: [ 146.927569] c8fb7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.928112] c8fb7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.928640] >c8fb8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.929546] ^ [ 146.929847] c8fb8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 146.930712] c8fb8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.931743] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
[ 146.837579] ================================================================== [ 146.838492] BUG: KASAN: slab-use-after-free in ksize_uaf+0x12c/0x308 [ 146.839047] Read of size 1 at addr c8e02b78 by task kunit_try_catch/187 [ 146.839906] [ 146.840136] CPU: 1 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.841197] Hardware name: Generic DT based system [ 146.841813] unwind_backtrace from show_stack+0x18/0x1c [ 146.842403] show_stack from dump_stack_lvl+0x58/0x70 [ 146.843480] dump_stack_lvl from print_report+0x164/0x51c [ 146.844411] print_report from kasan_report+0xc8/0x104 [ 146.844982] kasan_report from ksize_uaf+0x12c/0x308 [ 146.846178] ksize_uaf from kunit_try_run_case+0x11c/0x2e4 [ 146.847407] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.848478] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.849339] kthread from ret_from_fork+0x14/0x30 [ 146.849976] Exception stack(0xfa0a3fb0 to 0xfa0a3ff8) [ 146.850655] 3fa0: 00000000 00000000 00000000 00000000 [ 146.851571] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.852457] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.853181] [ 146.853416] Allocated by task 187: [ 146.853796] kasan_set_track+0x3c/0x5c [ 146.854322] __kasan_kmalloc+0x8c/0x94 [ 146.855023] ksize_uaf+0xa0/0x308 [ 146.855466] kunit_try_run_case+0x11c/0x2e4 [ 146.856197] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.856855] kthread+0x184/0x1a8 [ 146.857380] ret_from_fork+0x14/0x30 [ 146.857824] [ 146.858194] Freed by task 187: [ 146.858601] kasan_set_track+0x3c/0x5c [ 146.859141] kasan_save_free_info+0x30/0x3c [ 146.859789] __kasan_slab_free+0xdc/0x124 [ 146.860299] __kmem_cache_free+0x140/0x2a8 [ 146.860956] ksize_uaf+0xbc/0x308 [ 146.861441] kunit_try_run_case+0x11c/0x2e4 [ 146.862009] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.862609] kthread+0x184/0x1a8 [ 146.863263] ret_from_fork+0x14/0x30 [ 146.863761] [ 146.863976] The buggy address belongs to the object at c8e02b00 [ 146.863976] which belongs to the cache kmalloc-128 of size 128 [ 146.865261] The buggy address is located 120 bytes inside of [ 146.865261] freed 128-byte region [c8e02b00, c8e02b80) [ 146.866426] [ 146.867387] The buggy address belongs to the physical page: [ 146.868142] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.869104] flags: 0x800(slab|zone=0) [ 146.869570] page_type: 0xffffffff() [ 146.870199] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.871047] raw: 00000000 [ 146.871511] page dumped because: kasan: bad access detected [ 146.872179] [ 146.872434] Memory state around the buggy address: [ 146.872942] c8e02a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.873656] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.874636] >c8e02b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.875362] ^ [ 146.876022] c8e02b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.876715] c8e02c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.877410] ================================================================== [ 146.797510] ================================================================== [ 146.798249] BUG: KASAN: slab-use-after-free in ksize_uaf+0xfc/0x308 [ 146.798955] Read of size 1 at addr c8e02b00 by task kunit_try_catch/187 [ 146.799645] [ 146.799918] CPU: 1 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.800714] Hardware name: Generic DT based system [ 146.801381] unwind_backtrace from show_stack+0x18/0x1c [ 146.802017] show_stack from dump_stack_lvl+0x58/0x70 [ 146.802723] dump_stack_lvl from print_report+0x164/0x51c [ 146.803318] print_report from kasan_report+0xc8/0x104 [ 146.804149] kasan_report from ksize_uaf+0xfc/0x308 [ 146.804869] ksize_uaf from kunit_try_run_case+0x11c/0x2e4 [ 146.805576] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.807331] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.808175] kthread from ret_from_fork+0x14/0x30 [ 146.808737] Exception stack(0xfa0a3fb0 to 0xfa0a3ff8) [ 146.809376] 3fa0: 00000000 00000000 00000000 00000000 [ 146.810380] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.811291] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.812044] [ 146.812347] Allocated by task 187: [ 146.812714] kasan_set_track+0x3c/0x5c [ 146.813355] __kasan_kmalloc+0x8c/0x94 [ 146.813998] ksize_uaf+0xa0/0x308 [ 146.814460] kunit_try_run_case+0x11c/0x2e4 [ 146.814992] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.815868] kthread+0x184/0x1a8 [ 146.816345] ret_from_fork+0x14/0x30 [ 146.816839] [ 146.817142] Freed by task 187: [ 146.817588] kasan_set_track+0x3c/0x5c [ 146.818118] kasan_save_free_info+0x30/0x3c [ 146.818705] __kasan_slab_free+0xdc/0x124 [ 146.819422] __kmem_cache_free+0x140/0x2a8 [ 146.820047] ksize_uaf+0xbc/0x308 [ 146.820470] kunit_try_run_case+0x11c/0x2e4 [ 146.821106] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.821878] kthread+0x184/0x1a8 [ 146.822360] ret_from_fork+0x14/0x30 [ 146.822896] [ 146.823198] The buggy address belongs to the object at c8e02b00 [ 146.823198] which belongs to the cache kmalloc-128 of size 128 [ 146.824405] The buggy address is located 0 bytes inside of [ 146.824405] freed 128-byte region [c8e02b00, c8e02b80) [ 146.825492] [ 146.826748] The buggy address belongs to the physical page: [ 146.827366] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.828197] flags: 0x800(slab|zone=0) [ 146.828690] page_type: 0xffffffff() [ 146.829122] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.829999] raw: 00000000 [ 146.830446] page dumped because: kasan: bad access detected [ 146.831095] [ 146.831319] Memory state around the buggy address: [ 146.831947] c8e02a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.832711] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.833524] >c8e02b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.834171] ^ [ 146.834644] c8e02b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.835347] c8e02c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.836187] ================================================================== [ 146.751863] ================================================================== [ 146.753029] BUG: KASAN: slab-use-after-free in ksize_uaf+0xd0/0x308 [ 146.753845] Read of size 1 at addr c8e02b00 by task kunit_try_catch/187 [ 146.754731] [ 146.754978] CPU: 1 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.756113] Hardware name: Generic DT based system [ 146.756656] unwind_backtrace from show_stack+0x18/0x1c [ 146.757606] show_stack from dump_stack_lvl+0x58/0x70 [ 146.758443] dump_stack_lvl from print_report+0x164/0x51c [ 146.759274] print_report from kasan_report+0xc8/0x104 [ 146.760118] kasan_report from __kasan_check_byte+0x34/0x3c [ 146.760920] __kasan_check_byte from ksize+0x20/0x3c [ 146.761773] ksize from ksize_uaf+0xd0/0x308 [ 146.762489] ksize_uaf from kunit_try_run_case+0x11c/0x2e4 [ 146.763320] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.764381] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.765271] kthread from ret_from_fork+0x14/0x30 [ 146.765954] Exception stack(0xfa0a3fb0 to 0xfa0a3ff8) [ 146.766609] 3fa0: 00000000 00000000 00000000 00000000 [ 146.768380] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.769265] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.770040] [ 146.770353] Allocated by task 187: [ 146.770808] kasan_set_track+0x3c/0x5c [ 146.771352] __kasan_kmalloc+0x8c/0x94 [ 146.771902] ksize_uaf+0xa0/0x308 [ 146.772478] kunit_try_run_case+0x11c/0x2e4 [ 146.772950] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.773689] kthread+0x184/0x1a8 [ 146.774256] ret_from_fork+0x14/0x30 [ 146.774774] [ 146.775048] Freed by task 187: [ 146.775550] kasan_set_track+0x3c/0x5c [ 146.776033] kasan_save_free_info+0x30/0x3c [ 146.776613] __kasan_slab_free+0xdc/0x124 [ 146.777299] __kmem_cache_free+0x140/0x2a8 [ 146.777814] ksize_uaf+0xbc/0x308 [ 146.778454] kunit_try_run_case+0x11c/0x2e4 [ 146.779240] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.779952] kthread+0x184/0x1a8 [ 146.780493] ret_from_fork+0x14/0x30 [ 146.781041] [ 146.781292] The buggy address belongs to the object at c8e02b00 [ 146.781292] which belongs to the cache kmalloc-128 of size 128 [ 146.782593] The buggy address is located 0 bytes inside of [ 146.782593] freed 128-byte region [c8e02b00, c8e02b80) [ 146.783698] [ 146.784045] The buggy address belongs to the physical page: [ 146.784776] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.785709] flags: 0x800(slab|zone=0) [ 146.786272] page_type: 0xffffffff() [ 146.786743] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.787585] raw: 00000000 [ 146.788791] page dumped because: kasan: bad access detected [ 146.789388] [ 146.789656] Memory state around the buggy address: [ 146.790226] c8e02a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.790962] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.791618] >c8e02b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 146.792420] ^ [ 146.792769] c8e02b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.793511] c8e02c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.794096] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
[ 146.667172] ================================================================== [ 146.667901] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x13c/0x3b4 [ 146.668814] Read of size 1 at addr c8e02a78 by task kunit_try_catch/185 [ 146.669484] [ 146.669805] CPU: 1 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.670944] Hardware name: Generic DT based system [ 146.671666] unwind_backtrace from show_stack+0x18/0x1c [ 146.672482] show_stack from dump_stack_lvl+0x58/0x70 [ 146.673146] dump_stack_lvl from print_report+0x164/0x51c [ 146.673850] print_report from kasan_report+0xc8/0x104 [ 146.674608] kasan_report from ksize_unpoisons_memory+0x13c/0x3b4 [ 146.675449] ksize_unpoisons_memory from kunit_try_run_case+0x11c/0x2e4 [ 146.676407] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.677406] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.678322] kthread from ret_from_fork+0x14/0x30 [ 146.678994] Exception stack(0xfa093fb0 to 0xfa093ff8) [ 146.679672] 3fa0: 00000000 00000000 00000000 00000000 [ 146.680756] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.681751] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.682565] [ 146.682888] Allocated by task 185: [ 146.683517] kasan_set_track+0x3c/0x5c [ 146.684139] __kasan_kmalloc+0x8c/0x94 [ 146.684763] ksize_unpoisons_memory+0xb4/0x3b4 [ 146.685432] kunit_try_run_case+0x11c/0x2e4 [ 146.686043] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.686914] kthread+0x184/0x1a8 [ 146.687290] ret_from_fork+0x14/0x30 [ 146.688084] [ 146.688355] The buggy address belongs to the object at c8e02a00 [ 146.688355] which belongs to the cache kmalloc-128 of size 128 [ 146.689886] The buggy address is located 5 bytes to the right of [ 146.689886] allocated 115-byte region [c8e02a00, c8e02a73) [ 146.691032] [ 146.691463] The buggy address belongs to the physical page: [ 146.692312] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.693173] flags: 0x800(slab|zone=0) [ 146.693848] page_type: 0xffffffff() [ 146.694536] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.695490] raw: 00000000 [ 146.695841] page dumped because: kasan: bad access detected [ 146.696565] [ 146.696798] Memory state around the buggy address: [ 146.697493] c8e02900: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 146.698269] c8e02980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.699023] >c8e02a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 146.699823] ^ [ 146.700607] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.701508] c8e02b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.702333] ================================================================== [ 146.627097] ================================================================== [ 146.628547] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x10c/0x3b4 [ 146.629482] Read of size 1 at addr c8e02a73 by task kunit_try_catch/185 [ 146.630285] [ 146.630559] CPU: 1 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.631547] Hardware name: Generic DT based system [ 146.632160] unwind_backtrace from show_stack+0x18/0x1c [ 146.633121] show_stack from dump_stack_lvl+0x58/0x70 [ 146.633690] dump_stack_lvl from print_report+0x164/0x51c [ 146.634429] print_report from kasan_report+0xc8/0x104 [ 146.635141] kasan_report from ksize_unpoisons_memory+0x10c/0x3b4 [ 146.636185] ksize_unpoisons_memory from kunit_try_run_case+0x11c/0x2e4 [ 146.637088] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.638231] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.639035] kthread from ret_from_fork+0x14/0x30 [ 146.639763] Exception stack(0xfa093fb0 to 0xfa093ff8) [ 146.640390] 3fa0: 00000000 00000000 00000000 00000000 [ 146.641291] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.642207] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.642919] [ 146.643250] Allocated by task 185: [ 146.643677] kasan_set_track+0x3c/0x5c [ 146.644173] __kasan_kmalloc+0x8c/0x94 [ 146.644738] ksize_unpoisons_memory+0xb4/0x3b4 [ 146.645265] kunit_try_run_case+0x11c/0x2e4 [ 146.646223] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.647803] kthread+0x184/0x1a8 [ 146.648632] ret_from_fork+0x14/0x30 [ 146.649332] [ 146.649547] The buggy address belongs to the object at c8e02a00 [ 146.649547] which belongs to the cache kmalloc-128 of size 128 [ 146.650970] The buggy address is located 0 bytes to the right of [ 146.650970] allocated 115-byte region [c8e02a00, c8e02a73) [ 146.652371] [ 146.652727] The buggy address belongs to the physical page: [ 146.653440] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.654458] flags: 0x800(slab|zone=0) [ 146.655008] page_type: 0xffffffff() [ 146.655514] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.656482] raw: 00000000 [ 146.656839] page dumped because: kasan: bad access detected [ 146.657462] [ 146.657827] Memory state around the buggy address: [ 146.658477] c8e02900: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 146.659246] c8e02980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.660093] >c8e02a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 146.660876] ^ [ 146.661594] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.662410] c8e02b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.663176] ================================================================== [ 146.706279] ================================================================== [ 146.706893] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x170/0x3b4 [ 146.708149] Read of size 1 at addr c8e02a7f by task kunit_try_catch/185 [ 146.708941] [ 146.709259] CPU: 1 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.710421] Hardware name: Generic DT based system [ 146.711179] unwind_backtrace from show_stack+0x18/0x1c [ 146.711937] show_stack from dump_stack_lvl+0x58/0x70 [ 146.712660] dump_stack_lvl from print_report+0x164/0x51c [ 146.713380] print_report from kasan_report+0xc8/0x104 [ 146.714119] kasan_report from ksize_unpoisons_memory+0x170/0x3b4 [ 146.714979] ksize_unpoisons_memory from kunit_try_run_case+0x11c/0x2e4 [ 146.715925] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.716948] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.717874] kthread from ret_from_fork+0x14/0x30 [ 146.718562] Exception stack(0xfa093fb0 to 0xfa093ff8) [ 146.719387] 3fa0: 00000000 00000000 00000000 00000000 [ 146.720423] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.721438] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.722263] [ 146.722613] Allocated by task 185: [ 146.723210] kasan_set_track+0x3c/0x5c [ 146.723782] __kasan_kmalloc+0x8c/0x94 [ 146.724440] ksize_unpoisons_memory+0xb4/0x3b4 [ 146.725028] kunit_try_run_case+0x11c/0x2e4 [ 146.725672] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.727289] kthread+0x184/0x1a8 [ 146.727923] ret_from_fork+0x14/0x30 [ 146.728460] [ 146.728792] The buggy address belongs to the object at c8e02a00 [ 146.728792] which belongs to the cache kmalloc-128 of size 128 [ 146.730179] The buggy address is located 12 bytes to the right of [ 146.730179] allocated 115-byte region [c8e02a00, c8e02a73) [ 146.731556] [ 146.731906] The buggy address belongs to the physical page: [ 146.732842] page:b76fc2b6 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e02 [ 146.733843] flags: 0x800(slab|zone=0) [ 146.734350] page_type: 0xffffffff() [ 146.734954] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 146.735926] raw: 00000000 [ 146.736343] page dumped because: kasan: bad access detected [ 146.737075] [ 146.737374] Memory state around the buggy address: [ 146.737856] c8e02900: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 146.738833] c8e02980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.739732] >c8e02a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 146.740551] ^ [ 146.741445] c8e02a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.742372] c8e02b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 146.743178] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
[ 146.587384] ================================================================== [ 146.588468] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0xfc/0x1dc [ 146.589373] Read of size 1 at addr fa083d4a by task kunit_try_catch/183 [ 146.590084] [ 146.590362] CPU: 1 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.591436] Hardware name: Generic DT based system [ 146.592209] unwind_backtrace from show_stack+0x18/0x1c [ 146.592961] show_stack from dump_stack_lvl+0x58/0x70 [ 146.593645] dump_stack_lvl from print_report+0x164/0x51c [ 146.594409] print_report from kasan_report+0xc8/0x104 [ 146.595220] kasan_report from kasan_alloca_oob_right+0xfc/0x1dc [ 146.596040] kasan_alloca_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 146.596979] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.597942] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.599099] kthread from ret_from_fork+0x14/0x30 [ 146.599813] Exception stack(0xfa083fb0 to 0xfa083ff8) [ 146.600622] 3fa0: 00000000 00000000 00000000 00000000 [ 146.601726] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.602802] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.603631] [ 146.603886] The buggy address belongs to stack of task kunit_try_catch/183 [ 146.604737] [ 146.605232] The buggy address belongs to the virtual mapping at [ 146.605232] [fa080000, fa085000) created by: [ 146.605232] kernel_clone+0xcc/0x4b0 [ 146.607324] [ 146.607568] The buggy address belongs to the physical page: [ 146.608345] page:3c2f397c refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fc3e [ 146.609280] flags: 0x80000000(zone=2) [ 146.609824] page_type: 0xffffffff() [ 146.610341] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 146.611203] raw: 00000000 [ 146.611527] page dumped because: kasan: bad access detected [ 146.612267] [ 146.612495] Memory state around the buggy address: [ 146.613110] fa083c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.614004] fa083c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.614875] >fa083d00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 146.615514] ^ [ 146.616680] fa083d80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 04 f2 04 f2 [ 146.617418] fa083e00: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.618003] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
[ 146.544511] ================================================================== [ 146.545430] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0xf4/0x1d0 [ 146.546733] Read of size 1 at addr fa053d3f by task kunit_try_catch/181 [ 146.547379] [ 146.547727] CPU: 1 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.548628] Hardware name: Generic DT based system [ 146.549280] unwind_backtrace from show_stack+0x18/0x1c [ 146.550025] show_stack from dump_stack_lvl+0x58/0x70 [ 146.550927] dump_stack_lvl from print_report+0x164/0x51c [ 146.551613] print_report from kasan_report+0xc8/0x104 [ 146.552441] kasan_report from kasan_alloca_oob_left+0xf4/0x1d0 [ 146.553077] kasan_alloca_oob_left from kunit_try_run_case+0x11c/0x2e4 [ 146.553909] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.554944] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.556165] kthread from ret_from_fork+0x14/0x30 [ 146.556888] Exception stack(0xfa053fb0 to 0xfa053ff8) [ 146.557832] 3fa0: 00000000 00000000 00000000 00000000 [ 146.558742] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.559492] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.560264] [ 146.560599] The buggy address belongs to stack of task kunit_try_catch/181 [ 146.561369] [ 146.561644] The buggy address belongs to the virtual mapping at [ 146.561644] [fa050000, fa055000) created by: [ 146.561644] kernel_clone+0xcc/0x4b0 [ 146.563100] [ 146.563352] The buggy address belongs to the physical page: [ 146.564099] page:1551d90b refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fc65 [ 146.565095] flags: 0x80000000(zone=2) [ 146.565621] page_type: 0xffffffff() [ 146.566453] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 146.567048] raw: 00000000 [ 146.567323] page dumped because: kasan: bad access detected [ 146.567732] [ 146.567913] Memory state around the buggy address: [ 146.570176] fa053c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.571768] fa053c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.573758] >fa053d00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 146.574553] ^ [ 146.575324] fa053d80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 04 f2 04 f2 [ 146.576630] fa053e00: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.578122] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
[ 146.502282] ================================================================== [ 146.503621] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc0/0x174 [ 146.504295] Read of size 1 at addr fa07be0a by task kunit_try_catch/179 [ 146.505047] [ 146.505315] CPU: 1 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.506233] Hardware name: Generic DT based system [ 146.506839] unwind_backtrace from show_stack+0x18/0x1c [ 146.507966] show_stack from dump_stack_lvl+0x58/0x70 [ 146.508482] dump_stack_lvl from print_report+0x164/0x51c [ 146.508974] print_report from kasan_report+0xc8/0x104 [ 146.509509] kasan_report from kasan_stack_oob+0xc0/0x174 [ 146.510048] kasan_stack_oob from kunit_try_run_case+0x11c/0x2e4 [ 146.513100] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.513979] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.515127] kthread from ret_from_fork+0x14/0x30 [ 146.516455] Exception stack(0xfa07bfb0 to 0xfa07bff8) [ 146.517297] bfa0: 00000000 00000000 00000000 00000000 [ 146.518421] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.519330] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.520110] [ 146.520418] The buggy address belongs to stack of task kunit_try_catch/179 [ 146.521082] and is located at offset 106 in frame: [ 146.521816] kasan_stack_oob+0x0/0x174 [ 146.522815] [ 146.523213] This frame has 4 objects: [ 146.523766] [32, 33) '__assertion' [ 146.523877] [48, 52) 'array' [ 146.524277] [64, 72) '__assertion' [ 146.524793] [96, 106) 'stack_array' [ 146.525286] [ 146.526009] The buggy address belongs to the virtual mapping at [ 146.526009] [fa078000, fa07d000) created by: [ 146.526009] kernel_clone+0xcc/0x4b0 [ 146.528155] [ 146.528728] The buggy address belongs to the physical page: [ 146.529457] page:7d0c9d26 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x13fc3a [ 146.530302] flags: 0x80000000(zone=2) [ 146.530873] page_type: 0xffffffff() [ 146.531327] raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 146.532223] raw: 00000000 [ 146.532648] page dumped because: kasan: bad access detected [ 146.533250] [ 146.533560] Memory state around the buggy address: [ 146.534127] fa07bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.534840] fa07bd80: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 146.536205] >fa07be00: 00 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.536791] ^ [ 146.537142] fa07be80: 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 00 00 f2 f2 [ 146.537947] fa07bf00: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.538650] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
[ 146.462380] ================================================================== [ 146.463424] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa0/0x150 [ 146.464251] Read of size 1 at addr c418502d by task kunit_try_catch/175 [ 146.465113] [ 146.465391] CPU: 1 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 146.466968] Hardware name: Generic DT based system [ 146.467574] unwind_backtrace from show_stack+0x18/0x1c [ 146.468422] show_stack from dump_stack_lvl+0x58/0x70 [ 146.469134] dump_stack_lvl from print_report+0x164/0x51c [ 146.469839] print_report from kasan_report+0xc8/0x104 [ 146.470520] kasan_report from kasan_global_oob_right+0xa0/0x150 [ 146.471307] kasan_global_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 146.472148] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 146.473153] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 146.473977] kthread from ret_from_fork+0x14/0x30 [ 146.474549] Exception stack(0xf9d5bfb0 to 0xf9d5bff8) [ 146.475142] bfa0: 00000000 00000000 00000000 00000000 [ 146.476364] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 146.477290] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 146.478012] [ 146.478349] The buggy address belongs to the variable: [ 146.478868] global_array+0xd/0x40 [ 146.479442] [ 146.479669] The buggy address belongs to the physical page: [ 146.480290] page:2e334ee0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44185 [ 146.481248] flags: 0x4000(reserved|zone=0) [ 146.481674] page_type: 0xffffffff() [ 146.482358] raw: 00004000 edc8c6b8 edc8c6b8 00000000 00000000 00000000 ffffffff 00000001 [ 146.483197] raw: 00000000 [ 146.483565] page dumped because: kasan: bad access detected [ 146.484235] [ 146.484461] Memory state around the buggy address: [ 146.485000] c4184f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.486392] c4184f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 146.487173] >c4185000: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 146.487841] ^ [ 146.488245] c4185080: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 146.489069] c4185100: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 146.489675] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
[ 145.783822] ================================================================== [ 145.784865] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xd4/0x248 [ 145.785999] Read of size 1 at addr c4fd20c8 by task kunit_try_catch/169 [ 145.786738] [ 145.787083] CPU: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.788067] Hardware name: Generic DT based system [ 145.788614] unwind_backtrace from show_stack+0x18/0x1c [ 145.789281] show_stack from dump_stack_lvl+0x58/0x70 [ 145.790070] dump_stack_lvl from print_report+0x164/0x51c [ 145.790937] print_report from kasan_report+0xc8/0x104 [ 145.791803] kasan_report from kmem_cache_oob+0xd4/0x248 [ 145.792598] kmem_cache_oob from kunit_try_run_case+0x11c/0x2e4 [ 145.793622] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.794618] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.795470] kthread from ret_from_fork+0x14/0x30 [ 145.796233] Exception stack(0xfa03bfb0 to 0xfa03bff8) [ 145.796940] bfa0: 00000000 00000000 00000000 00000000 [ 145.797949] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.798923] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.799675] [ 145.799932] Allocated by task 169: [ 145.800328] kasan_set_track+0x3c/0x5c [ 145.800837] __kasan_slab_alloc+0x60/0x68 [ 145.801491] kmem_cache_alloc+0x1dc/0x574 [ 145.802124] kmem_cache_oob+0xb0/0x248 [ 145.802641] kunit_try_run_case+0x11c/0x2e4 [ 145.803269] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.803960] kthread+0x184/0x1a8 [ 145.804441] ret_from_fork+0x14/0x30 [ 145.804879] [ 145.805204] The buggy address belongs to the object at c4fd2000 [ 145.805204] which belongs to the cache test_cache of size 200 [ 145.806550] The buggy address is located 0 bytes to the right of [ 145.806550] allocated 200-byte region [c4fd2000, c4fd20c8) [ 145.807740] [ 145.808017] The buggy address belongs to the physical page: [ 145.808691] page:0829f097 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd2 [ 145.809859] flags: 0x800(slab|zone=0) [ 145.810481] page_type: 0xffffffff() [ 145.811196] raw: 00000800 c4fc5700 00000122 00000000 00000000 800f000f ffffffff 00000001 [ 145.812218] raw: 00000000 [ 145.812599] page dumped because: kasan: bad access detected [ 145.813322] [ 145.813711] Memory state around the buggy address: [ 145.814398] c4fd1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.815129] c4fd2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.816467] >c4fd2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 145.817292] ^ [ 145.817905] c4fd2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.818608] c4fd2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.819315] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
[ 145.711016] ================================================================== [ 145.712305] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x104/0x274 [ 145.712998] Read of size 1 at addr c4fcfd28 by task kunit_try_catch/161 [ 145.713844] [ 145.714212] CPU: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.715045] Hardware name: Generic DT based system [ 145.716231] unwind_backtrace from show_stack+0x18/0x1c [ 145.716947] show_stack from dump_stack_lvl+0x58/0x70 [ 145.717619] dump_stack_lvl from print_report+0x164/0x51c [ 145.718266] print_report from kasan_report+0xc8/0x104 [ 145.719034] kasan_report from kmalloc_uaf2+0x104/0x274 [ 145.719733] kmalloc_uaf2 from kunit_try_run_case+0x11c/0x2e4 [ 145.720444] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.721547] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.722494] kthread from ret_from_fork+0x14/0x30 [ 145.723095] Exception stack(0xf9ffbfb0 to 0xf9ffbff8) [ 145.723682] bfa0: 00000000 00000000 00000000 00000000 [ 145.724553] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.725474] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.727034] [ 145.727338] Allocated by task 161: [ 145.727914] kasan_set_track+0x3c/0x5c [ 145.728532] __kasan_kmalloc+0x8c/0x94 [ 145.729157] kmalloc_uaf2+0xac/0x274 [ 145.729787] kunit_try_run_case+0x11c/0x2e4 [ 145.730431] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.731270] kthread+0x184/0x1a8 [ 145.731780] ret_from_fork+0x14/0x30 [ 145.732337] [ 145.732666] Freed by task 161: [ 145.733076] kasan_set_track+0x3c/0x5c [ 145.733757] kasan_save_free_info+0x30/0x3c [ 145.734447] __kasan_slab_free+0xdc/0x124 [ 145.735008] __kmem_cache_free+0x140/0x2a8 [ 145.735537] kmalloc_uaf2+0xc0/0x274 [ 145.736710] kunit_try_run_case+0x11c/0x2e4 [ 145.737272] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.737975] kthread+0x184/0x1a8 [ 145.738473] ret_from_fork+0x14/0x30 [ 145.738947] [ 145.739254] The buggy address belongs to the object at c4fcfd00 [ 145.739254] which belongs to the cache kmalloc-64 of size 64 [ 145.740514] The buggy address is located 40 bytes inside of [ 145.740514] freed 64-byte region [c4fcfd00, c4fcfd40) [ 145.741669] [ 145.741986] The buggy address belongs to the physical page: [ 145.742665] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.744069] flags: 0x800(slab|zone=0) [ 145.744532] page_type: 0xffffffff() [ 145.745024] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.746952] raw: 00000000 [ 145.747394] page dumped because: kasan: bad access detected [ 145.748081] [ 145.748286] Memory state around the buggy address: [ 145.749194] c4fcfc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.750175] c4fcfc80: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.750837] >c4fcfd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.751615] ^ [ 145.752094] c4fcfd80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 145.752878] c4fcfe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.753574] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-invalid-free-in-kmalloc_pagealloc_invalid_free
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-invalid-free-in-kmalloc_pagealloc_invalid_free: Failure
[ 144.481795] ================================================================== [ 144.482928] BUG: KASAN: invalid-free in kmalloc_pagealloc_invalid_free+0xb0/0x1b0 [ 144.483733] Free of addr c4ffc001 by task kunit_try_catch/121 [ 144.484381] [ 144.484677] CPU: 0 PID: 121 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.485470] Hardware name: Generic DT based system [ 144.485994] unwind_backtrace from show_stack+0x18/0x1c [ 144.487261] show_stack from dump_stack_lvl+0x58/0x70 [ 144.487903] dump_stack_lvl from print_report+0x164/0x51c [ 144.488659] print_report from kasan_report_invalid_free+0xb4/0xe8 [ 144.489776] kasan_report_invalid_free from free_large_kmalloc+0x48/0x104 [ 144.490789] free_large_kmalloc from kmalloc_pagealloc_invalid_free+0xb0/0x1b0 [ 144.491642] kmalloc_pagealloc_invalid_free from kunit_try_run_case+0x11c/0x2e4 [ 144.492552] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.493545] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.494396] kthread from ret_from_fork+0x14/0x30 [ 144.494991] Exception stack(0xf9ed3fb0 to 0xf9ed3ff8) [ 144.495611] 3fa0: 00000000 00000000 00000000 00000000 [ 144.496674] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.497985] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.498764] [ 144.499206] The buggy address belongs to the physical page: [ 144.499827] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 144.500780] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.501760] flags: 0x40(head|zone=0) [ 144.502474] page_type: 0xffffffff() [ 144.502922] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 144.503862] raw: 00000000 [ 144.504270] page dumped because: kasan: bad access detected [ 144.504987] [ 144.505228] Memory state around the buggy address: [ 144.505956] c4ffbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.506860] c4ffbf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.507898] >c4ffc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.508602] ^ [ 144.508949] c4ffc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.509776] c4ffc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.510432] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
[ 145.661830] ================================================================== [ 145.662827] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0xd8/0x1d4 [ 145.663661] Write of size 33 at addr c4fcfb80 by task kunit_try_catch/159 [ 145.664270] [ 145.664575] CPU: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.665456] Hardware name: Generic DT based system [ 145.666091] unwind_backtrace from show_stack+0x18/0x1c [ 145.667345] show_stack from dump_stack_lvl+0x58/0x70 [ 145.668161] dump_stack_lvl from print_report+0x164/0x51c [ 145.668863] print_report from kasan_report+0xc8/0x104 [ 145.669565] kasan_report from kasan_check_range+0x14c/0x198 [ 145.670264] kasan_check_range from __asan_memset+0x20/0x3c [ 145.671024] __asan_memset from kmalloc_uaf_memset+0xd8/0x1d4 [ 145.671872] kmalloc_uaf_memset from kunit_try_run_case+0x11c/0x2e4 [ 145.672792] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.673730] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.674571] kthread from ret_from_fork+0x14/0x30 [ 145.675178] Exception stack(0xf9ff3fb0 to 0xf9ff3ff8) [ 145.676111] 3fa0: 00000000 00000000 00000000 00000000 [ 145.676976] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.677863] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.678590] [ 145.678835] Allocated by task 159: [ 145.679279] kasan_set_track+0x3c/0x5c [ 145.679844] __kasan_kmalloc+0x8c/0x94 [ 145.680365] kmalloc_uaf_memset+0xa0/0x1d4 [ 145.680971] kunit_try_run_case+0x11c/0x2e4 [ 145.681573] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.682219] kthread+0x184/0x1a8 [ 145.682661] ret_from_fork+0x14/0x30 [ 145.683112] [ 145.683448] Freed by task 159: [ 145.683979] kasan_set_track+0x3c/0x5c [ 145.684490] kasan_save_free_info+0x30/0x3c [ 145.685229] __kasan_slab_free+0xdc/0x124 [ 145.685941] __kmem_cache_free+0x140/0x2a8 [ 145.686891] kmalloc_uaf_memset+0xbc/0x1d4 [ 145.687681] kunit_try_run_case+0x11c/0x2e4 [ 145.688478] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.689095] kthread+0x184/0x1a8 [ 145.689500] ret_from_fork+0x14/0x30 [ 145.690088] [ 145.690322] The buggy address belongs to the object at c4fcfb80 [ 145.690322] which belongs to the cache kmalloc-64 of size 64 [ 145.691561] The buggy address is located 0 bytes inside of [ 145.691561] freed 64-byte region [c4fcfb80, c4fcfbc0) [ 145.692665] [ 145.692982] The buggy address belongs to the physical page: [ 145.693549] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.694496] flags: 0x800(slab|zone=0) [ 145.695019] page_type: 0xffffffff() [ 145.695522] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.697248] raw: 00000000 [ 145.697558] page dumped because: kasan: bad access detected [ 145.698282] [ 145.698525] Memory state around the buggy address: [ 145.699184] c4fcfa80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.699920] c4fcfb00: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.700631] >c4fcfb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.701327] ^ [ 145.701745] c4fcfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.702516] c4fcfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.703246] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
[ 145.612653] ================================================================== [ 145.613779] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0xd0/0x1d0 [ 145.614462] Read of size 1 at addr c4fcf908 by task kunit_try_catch/157 [ 145.615203] [ 145.615437] CPU: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.616374] Hardware name: Generic DT based system [ 145.616935] unwind_backtrace from show_stack+0x18/0x1c [ 145.617633] show_stack from dump_stack_lvl+0x58/0x70 [ 145.618366] dump_stack_lvl from print_report+0x164/0x51c [ 145.619203] print_report from kasan_report+0xc8/0x104 [ 145.620040] kasan_report from kmalloc_uaf+0xd0/0x1d0 [ 145.620731] kmalloc_uaf from kunit_try_run_case+0x11c/0x2e4 [ 145.621456] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.622457] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.623425] kthread from ret_from_fork+0x14/0x30 [ 145.624005] Exception stack(0xf9fe3fb0 to 0xf9fe3ff8) [ 145.624577] 3fa0: 00000000 00000000 00000000 00000000 [ 145.625496] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.626963] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.628304] [ 145.628533] Allocated by task 157: [ 145.628921] kasan_set_track+0x3c/0x5c [ 145.629473] __kasan_kmalloc+0x8c/0x94 [ 145.629996] kmalloc_uaf+0xa0/0x1d0 [ 145.630424] kunit_try_run_case+0x11c/0x2e4 [ 145.631112] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.632098] kthread+0x184/0x1a8 [ 145.632487] ret_from_fork+0x14/0x30 [ 145.633037] [ 145.633274] Freed by task 157: [ 145.633760] kasan_set_track+0x3c/0x5c [ 145.634331] kasan_save_free_info+0x30/0x3c [ 145.635016] __kasan_slab_free+0xdc/0x124 [ 145.635560] __kmem_cache_free+0x140/0x2a8 [ 145.636132] kmalloc_uaf+0xbc/0x1d0 [ 145.636590] kunit_try_run_case+0x11c/0x2e4 [ 145.637187] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.638089] kthread+0x184/0x1a8 [ 145.638503] ret_from_fork+0x14/0x30 [ 145.639012] [ 145.639283] The buggy address belongs to the object at c4fcf900 [ 145.639283] which belongs to the cache kmalloc-64 of size 64 [ 145.640714] The buggy address is located 8 bytes inside of [ 145.640714] freed 64-byte region [c4fcf900, c4fcf940) [ 145.642020] [ 145.642299] The buggy address belongs to the physical page: [ 145.642825] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.643751] flags: 0x800(slab|zone=0) [ 145.644288] page_type: 0xffffffff() [ 145.644817] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.645709] raw: 00000000 [ 145.646170] page dumped because: kasan: bad access detected [ 145.646658] [ 145.647009] Memory state around the buggy address: [ 145.647559] c4fcf800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.648335] c4fcf880: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.649137] >c4fcf900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.649886] ^ [ 145.650256] c4fcf980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.651170] c4fcfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.651793] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
[ 145.566803] ================================================================== [ 145.567984] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xe4/0x1e8 [ 145.568717] Read of size 64 at addr c4fcf684 by task kunit_try_catch/155 [ 145.569307] [ 145.569640] CPU: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.570685] Hardware name: Generic DT based system [ 145.571145] unwind_backtrace from show_stack+0x18/0x1c [ 145.571945] show_stack from dump_stack_lvl+0x58/0x70 [ 145.572575] dump_stack_lvl from print_report+0x164/0x51c [ 145.573467] print_report from kasan_report+0xc8/0x104 [ 145.574074] kasan_report from kasan_check_range+0x14c/0x198 [ 145.574944] kasan_check_range from __asan_memmove+0x28/0x68 [ 145.575753] __asan_memmove from kmalloc_memmove_invalid_size+0xe4/0x1e8 [ 145.576614] kmalloc_memmove_invalid_size from kunit_try_run_case+0x11c/0x2e4 [ 145.577638] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.578683] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.579784] kthread from ret_from_fork+0x14/0x30 [ 145.580382] Exception stack(0xf9fd3fb0 to 0xf9fd3ff8) [ 145.580941] 3fa0: 00000000 00000000 00000000 00000000 [ 145.581887] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.582987] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.583703] [ 145.583953] Allocated by task 155: [ 145.584322] kasan_set_track+0x3c/0x5c [ 145.584903] __kasan_kmalloc+0x8c/0x94 [ 145.585412] kmalloc_memmove_invalid_size+0xa0/0x1e8 [ 145.586404] kunit_try_run_case+0x11c/0x2e4 [ 145.586937] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.588495] kthread+0x184/0x1a8 [ 145.588901] ret_from_fork+0x14/0x30 [ 145.589408] [ 145.589683] The buggy address belongs to the object at c4fcf680 [ 145.589683] which belongs to the cache kmalloc-64 of size 64 [ 145.591000] The buggy address is located 4 bytes inside of [ 145.591000] allocated 64-byte region [c4fcf680, c4fcf6c0) [ 145.592299] [ 145.592539] The buggy address belongs to the physical page: [ 145.593212] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.594084] flags: 0x800(slab|zone=0) [ 145.594641] page_type: 0xffffffff() [ 145.595167] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.596109] raw: 00000000 [ 145.596393] page dumped because: kasan: bad access detected [ 145.597115] [ 145.597365] Memory state around the buggy address: [ 145.598018] c4fcf580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.598697] c4fcf600: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.599440] >c4fcf680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 145.600247] ^ [ 145.600741] c4fcf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.601561] c4fcf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.602327] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
[ 145.519601] ================================================================== [ 145.520685] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xe4/0x1f0 [ 145.521597] Read of size 4294967294 at addr c4fcf404 by task kunit_try_catch/153 [ 145.522219] [ 145.522600] CPU: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.523556] Hardware name: Generic DT based system [ 145.524146] unwind_backtrace from show_stack+0x18/0x1c [ 145.524727] show_stack from dump_stack_lvl+0x58/0x70 [ 145.525569] dump_stack_lvl from print_report+0x164/0x51c [ 145.526163] print_report from kasan_report+0xc8/0x104 [ 145.526949] kasan_report from kasan_check_range+0x14c/0x198 [ 145.527800] kasan_check_range from __asan_memmove+0x28/0x68 [ 145.528898] __asan_memmove from kmalloc_memmove_negative_size+0xe4/0x1f0 [ 145.529828] kmalloc_memmove_negative_size from kunit_try_run_case+0x11c/0x2e4 [ 145.530912] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.531887] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.532768] kthread from ret_from_fork+0x14/0x30 [ 145.533384] Exception stack(0xf9fc3fb0 to 0xf9fc3ff8) [ 145.533934] 3fa0: 00000000 00000000 00000000 00000000 [ 145.534819] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.535798] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.536434] [ 145.536782] Allocated by task 153: [ 145.537513] kasan_set_track+0x3c/0x5c [ 145.538537] __kasan_kmalloc+0x8c/0x94 [ 145.539152] kmalloc_memmove_negative_size+0xa0/0x1f0 [ 145.539858] kunit_try_run_case+0x11c/0x2e4 [ 145.540539] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.541463] kthread+0x184/0x1a8 [ 145.541886] ret_from_fork+0x14/0x30 [ 145.542437] [ 145.542743] The buggy address belongs to the object at c4fcf400 [ 145.542743] which belongs to the cache kmalloc-64 of size 64 [ 145.543996] The buggy address is located 4 bytes inside of [ 145.543996] 64-byte region [c4fcf400, c4fcf440) [ 145.545189] [ 145.545409] The buggy address belongs to the physical page: [ 145.546310] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.547236] flags: 0x800(slab|zone=0) [ 145.547736] page_type: 0xffffffff() [ 145.548280] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.549306] raw: 00000000 [ 145.549743] page dumped because: kasan: bad access detected [ 145.550425] [ 145.550749] Memory state around the buggy address: [ 145.551496] c4fcf300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.552367] c4fcf380: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.553178] >c4fcf400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 145.553907] ^ [ 145.554403] c4fcf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.555166] c4fcf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.556351] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
[ 145.475793] ================================================================== [ 145.477020] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xdc/0x1e0 [ 145.477850] Write of size 16 at addr c4fd0469 by task kunit_try_catch/151 [ 145.478573] [ 145.478798] CPU: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.479882] Hardware name: Generic DT based system [ 145.480452] unwind_backtrace from show_stack+0x18/0x1c [ 145.481223] show_stack from dump_stack_lvl+0x58/0x70 [ 145.481872] dump_stack_lvl from print_report+0x164/0x51c [ 145.482629] print_report from kasan_report+0xc8/0x104 [ 145.483363] kasan_report from kasan_check_range+0x14c/0x198 [ 145.484133] kasan_check_range from __asan_memset+0x20/0x3c [ 145.484915] __asan_memset from kmalloc_oob_memset_16+0xdc/0x1e0 [ 145.485814] kmalloc_oob_memset_16 from kunit_try_run_case+0x11c/0x2e4 [ 145.486731] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.487537] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.488397] kthread from ret_from_fork+0x14/0x30 [ 145.488973] Exception stack(0xf9fb3fb0 to 0xf9fb3ff8) [ 145.489613] 3fa0: 00000000 00000000 00000000 00000000 [ 145.490523] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.491404] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.492097] [ 145.492386] Allocated by task 151: [ 145.492843] kasan_set_track+0x3c/0x5c [ 145.493462] __kasan_kmalloc+0x8c/0x94 [ 145.494032] kmalloc_oob_memset_16+0xa0/0x1e0 [ 145.494643] kunit_try_run_case+0x11c/0x2e4 [ 145.495211] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.496130] kthread+0x184/0x1a8 [ 145.496618] ret_from_fork+0x14/0x30 [ 145.497126] [ 145.497422] The buggy address belongs to the object at c4fd0400 [ 145.497422] which belongs to the cache kmalloc-128 of size 128 [ 145.498596] The buggy address is located 105 bytes inside of [ 145.498596] allocated 120-byte region [c4fd0400, c4fd0478) [ 145.499778] [ 145.500032] The buggy address belongs to the physical page: [ 145.500657] page:c1b69563 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd0 [ 145.501389] flags: 0x800(slab|zone=0) [ 145.501994] page_type: 0xffffffff() [ 145.502525] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.503563] raw: 00000000 [ 145.503895] page dumped because: kasan: bad access detected [ 145.504625] [ 145.504827] Memory state around the buggy address: [ 145.505521] c4fd0300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.506460] c4fd0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.507247] >c4fd0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 145.507926] ^ [ 145.508626] c4fd0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.509389] c4fd0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.510072] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
[ 145.432148] ================================================================== [ 145.433201] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xdc/0x1e8 [ 145.434017] Write of size 8 at addr c4fd0371 by task kunit_try_catch/149 [ 145.435132] [ 145.435482] CPU: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.436837] Hardware name: Generic DT based system [ 145.437398] unwind_backtrace from show_stack+0x18/0x1c [ 145.438167] show_stack from dump_stack_lvl+0x58/0x70 [ 145.438840] dump_stack_lvl from print_report+0x164/0x51c [ 145.439588] print_report from kasan_report+0xc8/0x104 [ 145.440371] kasan_report from kasan_check_range+0x14c/0x198 [ 145.441190] kasan_check_range from __asan_memset+0x20/0x3c [ 145.441920] __asan_memset from kmalloc_oob_memset_8+0xdc/0x1e8 [ 145.442676] kmalloc_oob_memset_8 from kunit_try_run_case+0x11c/0x2e4 [ 145.443653] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.444581] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.445431] kthread from ret_from_fork+0x14/0x30 [ 145.446140] Exception stack(0xf9fa3fb0 to 0xf9fa3ff8) [ 145.446724] 3fa0: 00000000 00000000 00000000 00000000 [ 145.447926] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.448824] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.449670] [ 145.449913] Allocated by task 149: [ 145.450384] kasan_set_track+0x3c/0x5c [ 145.450886] __kasan_kmalloc+0x8c/0x94 [ 145.451483] kmalloc_oob_memset_8+0xa0/0x1e8 [ 145.452145] kunit_try_run_case+0x11c/0x2e4 [ 145.452656] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.453469] kthread+0x184/0x1a8 [ 145.453918] ret_from_fork+0x14/0x30 [ 145.454362] [ 145.454700] The buggy address belongs to the object at c4fd0300 [ 145.454700] which belongs to the cache kmalloc-128 of size 128 [ 145.456164] The buggy address is located 113 bytes inside of [ 145.456164] allocated 120-byte region [c4fd0300, c4fd0378) [ 145.457298] [ 145.457571] The buggy address belongs to the physical page: [ 145.458269] page:c1b69563 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd0 [ 145.459187] flags: 0x800(slab|zone=0) [ 145.459806] page_type: 0xffffffff() [ 145.460337] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.461278] raw: 00000000 [ 145.461599] page dumped because: kasan: bad access detected [ 145.462334] [ 145.462568] Memory state around the buggy address: [ 145.463211] c4fd0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.463948] c4fd0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.464628] >c4fd0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 145.466077] ^ [ 145.466755] c4fd0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.467484] c4fd0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.468170] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
[ 145.388758] ================================================================== [ 145.389813] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xdc/0x1e8 [ 145.390700] Write of size 4 at addr c4fd0275 by task kunit_try_catch/147 [ 145.391330] [ 145.391624] CPU: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.392596] Hardware name: Generic DT based system [ 145.393262] unwind_backtrace from show_stack+0x18/0x1c [ 145.393971] show_stack from dump_stack_lvl+0x58/0x70 [ 145.394603] dump_stack_lvl from print_report+0x164/0x51c [ 145.395364] print_report from kasan_report+0xc8/0x104 [ 145.396033] kasan_report from kasan_check_range+0x14c/0x198 [ 145.396705] kasan_check_range from __asan_memset+0x20/0x3c [ 145.397533] __asan_memset from kmalloc_oob_memset_4+0xdc/0x1e8 [ 145.398269] kmalloc_oob_memset_4 from kunit_try_run_case+0x11c/0x2e4 [ 145.399352] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.400108] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.401590] kthread from ret_from_fork+0x14/0x30 [ 145.402220] Exception stack(0xf9f93fb0 to 0xf9f93ff8) [ 145.402806] 3fa0: 00000000 00000000 00000000 00000000 [ 145.403821] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.404716] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.405464] [ 145.405973] Allocated by task 147: [ 145.406416] kasan_set_track+0x3c/0x5c [ 145.406968] __kasan_kmalloc+0x8c/0x94 [ 145.407495] kmalloc_oob_memset_4+0xa0/0x1e8 [ 145.407972] kunit_try_run_case+0x11c/0x2e4 [ 145.408743] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.409423] kthread+0x184/0x1a8 [ 145.409863] ret_from_fork+0x14/0x30 [ 145.410425] [ 145.410672] The buggy address belongs to the object at c4fd0200 [ 145.410672] which belongs to the cache kmalloc-128 of size 128 [ 145.411914] The buggy address is located 117 bytes inside of [ 145.411914] allocated 120-byte region [c4fd0200, c4fd0278) [ 145.413195] [ 145.413517] The buggy address belongs to the physical page: [ 145.414134] page:c1b69563 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd0 [ 145.414987] flags: 0x800(slab|zone=0) [ 145.415423] page_type: 0xffffffff() [ 145.416301] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.417152] raw: 00000000 [ 145.417446] page dumped because: kasan: bad access detected [ 145.418121] [ 145.418420] Memory state around the buggy address: [ 145.419213] c4fd0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.420110] c4fd0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.420831] >c4fd0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 145.421415] ^ [ 145.422281] c4fd0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.422931] c4fd0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.423833] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
[ 145.343182] ================================================================== [ 145.344324] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xdc/0x1e4 [ 145.345079] Write of size 2 at addr c4fd0177 by task kunit_try_catch/145 [ 145.346697] [ 145.347021] CPU: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.348287] Hardware name: Generic DT based system [ 145.348898] unwind_backtrace from show_stack+0x18/0x1c [ 145.349793] show_stack from dump_stack_lvl+0x58/0x70 [ 145.350585] dump_stack_lvl from print_report+0x164/0x51c [ 145.351264] print_report from kasan_report+0xc8/0x104 [ 145.352007] kasan_report from kasan_check_range+0x14c/0x198 [ 145.352874] kasan_check_range from __asan_memset+0x20/0x3c [ 145.353683] __asan_memset from kmalloc_oob_memset_2+0xdc/0x1e4 [ 145.354487] kmalloc_oob_memset_2 from kunit_try_run_case+0x11c/0x2e4 [ 145.355388] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.356521] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.357630] kthread from ret_from_fork+0x14/0x30 [ 145.358396] Exception stack(0xf9f83fb0 to 0xf9f83ff8) [ 145.359162] 3fa0: 00000000 00000000 00000000 00000000 [ 145.360076] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.361048] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.361755] [ 145.362032] Allocated by task 145: [ 145.362420] kasan_set_track+0x3c/0x5c [ 145.363103] __kasan_kmalloc+0x8c/0x94 [ 145.363618] kmalloc_oob_memset_2+0xa0/0x1e4 [ 145.364144] kunit_try_run_case+0x11c/0x2e4 [ 145.364887] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.365529] kthread+0x184/0x1a8 [ 145.366377] ret_from_fork+0x14/0x30 [ 145.366929] [ 145.367309] The buggy address belongs to the object at c4fd0100 [ 145.367309] which belongs to the cache kmalloc-128 of size 128 [ 145.368728] The buggy address is located 119 bytes inside of [ 145.368728] allocated 120-byte region [c4fd0100, c4fd0178) [ 145.369949] [ 145.370492] The buggy address belongs to the physical page: [ 145.371097] page:c1b69563 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd0 [ 145.371798] flags: 0x800(slab|zone=0) [ 145.372407] page_type: 0xffffffff() [ 145.372890] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.373760] raw: 00000000 [ 145.374206] page dumped because: kasan: bad access detected [ 145.374786] [ 145.375027] Memory state around the buggy address: [ 145.375657] c4fd0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.376634] c4fd0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.377282] >c4fd0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 145.378034] ^ [ 145.378715] c4fd0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.379655] c4fd0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.380327] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
[ 145.300416] ================================================================== [ 145.301603] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xd8/0x1dc [ 145.302743] Write of size 128 at addr c4fd0000 by task kunit_try_catch/143 [ 145.303509] [ 145.303864] CPU: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.304926] Hardware name: Generic DT based system [ 145.305561] unwind_backtrace from show_stack+0x18/0x1c [ 145.306706] show_stack from dump_stack_lvl+0x58/0x70 [ 145.307439] dump_stack_lvl from print_report+0x164/0x51c [ 145.308332] print_report from kasan_report+0xc8/0x104 [ 145.309198] kasan_report from kasan_check_range+0x14c/0x198 [ 145.309903] kasan_check_range from __asan_memset+0x20/0x3c [ 145.310815] __asan_memset from kmalloc_oob_in_memset+0xd8/0x1dc [ 145.311381] kmalloc_oob_in_memset from kunit_try_run_case+0x11c/0x2e4 [ 145.312257] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.313214] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.314087] kthread from ret_from_fork+0x14/0x30 [ 145.314719] Exception stack(0xf9f73fb0 to 0xf9f73ff8) [ 145.315362] 3fa0: 00000000 00000000 00000000 00000000 [ 145.316504] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.317405] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.318098] [ 145.318386] Allocated by task 143: [ 145.318742] kasan_set_track+0x3c/0x5c [ 145.319370] __kasan_kmalloc+0x8c/0x94 [ 145.319834] kmalloc_oob_in_memset+0xa0/0x1dc [ 145.320521] kunit_try_run_case+0x11c/0x2e4 [ 145.321006] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.321843] kthread+0x184/0x1a8 [ 145.322296] ret_from_fork+0x14/0x30 [ 145.322936] [ 145.323177] The buggy address belongs to the object at c4fd0000 [ 145.323177] which belongs to the cache kmalloc-128 of size 128 [ 145.324392] The buggy address is located 0 bytes inside of [ 145.324392] allocated 120-byte region [c4fd0000, c4fd0078) [ 145.325816] [ 145.326202] The buggy address belongs to the physical page: [ 145.326842] page:c1b69563 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fd0 [ 145.327692] flags: 0x800(slab|zone=0) [ 145.328226] page_type: 0xffffffff() [ 145.328638] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.329605] raw: 00000000 [ 145.329980] page dumped because: kasan: bad access detected [ 145.330621] [ 145.330860] Memory state around the buggy address: [ 145.331495] c4fcff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.332186] c4fcff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.332902] >c4fd0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 145.333439] ^ [ 145.334325] c4fd0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.334936] c4fd0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.335942] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
[ 145.252637] ================================================================== [ 145.253800] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x100/0x240 [ 145.254493] Read of size 16 at addr c4fcf280 by task kunit_try_catch/141 [ 145.255303] [ 145.255730] CPU: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.257125] Hardware name: Generic DT based system [ 145.258121] unwind_backtrace from show_stack+0x18/0x1c [ 145.259149] show_stack from dump_stack_lvl+0x58/0x70 [ 145.260011] dump_stack_lvl from print_report+0x164/0x51c [ 145.260821] print_report from kasan_report+0xc8/0x104 [ 145.261547] kasan_report from kmalloc_uaf_16+0x100/0x240 [ 145.262225] kmalloc_uaf_16 from kunit_try_run_case+0x11c/0x2e4 [ 145.263028] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.264008] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.264878] kthread from ret_from_fork+0x14/0x30 [ 145.265538] Exception stack(0xf9f6bfb0 to 0xf9f6bff8) [ 145.266405] bfa0: 00000000 00000000 00000000 00000000 [ 145.267433] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.268390] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.269126] [ 145.269413] Allocated by task 141: [ 145.269774] kasan_set_track+0x3c/0x5c [ 145.270409] __kasan_kmalloc+0x8c/0x94 [ 145.270974] kmalloc_uaf_16+0xc8/0x240 [ 145.271553] kunit_try_run_case+0x11c/0x2e4 [ 145.272119] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.272900] kthread+0x184/0x1a8 [ 145.273337] ret_from_fork+0x14/0x30 [ 145.273807] [ 145.274135] Freed by task 141: [ 145.274463] kasan_set_track+0x3c/0x5c [ 145.275089] kasan_save_free_info+0x30/0x3c [ 145.275933] __kasan_slab_free+0xdc/0x124 [ 145.276484] __kmem_cache_free+0x140/0x2a8 [ 145.277043] kmalloc_uaf_16+0xe4/0x240 [ 145.277513] kunit_try_run_case+0x11c/0x2e4 [ 145.278289] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.278934] kthread+0x184/0x1a8 [ 145.279443] ret_from_fork+0x14/0x30 [ 145.279937] [ 145.280251] The buggy address belongs to the object at c4fcf280 [ 145.280251] which belongs to the cache kmalloc-64 of size 64 [ 145.281294] The buggy address is located 0 bytes inside of [ 145.281294] freed 64-byte region [c4fcf280, c4fcf2c0) [ 145.282485] [ 145.282841] The buggy address belongs to the physical page: [ 145.283591] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.284374] flags: 0x800(slab|zone=0) [ 145.284902] page_type: 0xffffffff() [ 145.285357] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.286422] raw: 00000000 [ 145.286862] page dumped because: kasan: bad access detected [ 145.287535] [ 145.287767] Memory state around the buggy address: [ 145.288416] c4fcf180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.289127] c4fcf200: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.289995] >c4fcf280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.290715] ^ [ 145.291033] c4fcf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.291871] c4fcf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.292567] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
[ 145.207221] ================================================================== [ 145.208265] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x24c [ 145.208945] Write of size 16 at addr c4fcf100 by task kunit_try_catch/139 [ 145.209686] [ 145.210026] CPU: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.210917] Hardware name: Generic DT based system [ 145.211448] unwind_backtrace from show_stack+0x18/0x1c [ 145.212220] show_stack from dump_stack_lvl+0x58/0x70 [ 145.212858] dump_stack_lvl from print_report+0x164/0x51c [ 145.213679] print_report from kasan_report+0xc8/0x104 [ 145.214503] kasan_report from kasan_check_range+0x14c/0x198 [ 145.215233] kasan_check_range from kmalloc_oob_16+0xf8/0x24c [ 145.216006] kmalloc_oob_16 from kunit_try_run_case+0x11c/0x2e4 [ 145.216773] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.217835] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.218711] kthread from ret_from_fork+0x14/0x30 [ 145.219273] Exception stack(0xf9f63fb0 to 0xf9f63ff8) [ 145.219901] 3fa0: 00000000 00000000 00000000 00000000 [ 145.220893] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.221861] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.222554] [ 145.222921] Allocated by task 139: [ 145.223330] kasan_set_track+0x3c/0x5c [ 145.223860] __kasan_kmalloc+0x8c/0x94 [ 145.224446] kmalloc_oob_16+0xa0/0x24c [ 145.224944] kunit_try_run_case+0x11c/0x2e4 [ 145.226237] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.226968] kthread+0x184/0x1a8 [ 145.227401] ret_from_fork+0x14/0x30 [ 145.227950] [ 145.228247] The buggy address belongs to the object at c4fcf100 [ 145.228247] which belongs to the cache kmalloc-64 of size 64 [ 145.229504] The buggy address is located 0 bytes inside of [ 145.229504] allocated 13-byte region [c4fcf100, c4fcf10d) [ 145.230724] [ 145.231024] The buggy address belongs to the physical page: [ 145.231702] page:8516b471 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fcf [ 145.232655] flags: 0x800(slab|zone=0) [ 145.233276] page_type: 0xffffffff() [ 145.233750] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 145.234620] raw: 00000000 [ 145.235003] page dumped because: kasan: bad access detected [ 145.235634] [ 145.235914] Memory state around the buggy address: [ 145.236563] c4fcf000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 145.237338] c4fcf080: 00 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.237979] >c4fcf100: 00 05 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.238788] ^ [ 145.239143] c4fcf180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.239979] c4fcf200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.240673] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
[ 145.156405] ================================================================== [ 145.156944] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x11c/0x2b8 [ 145.158407] Read of size 1 at addr c4c17e00 by task kunit_try_catch/137 [ 145.159834] [ 145.160298] CPU: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.161502] Hardware name: Generic DT based system [ 145.162154] unwind_backtrace from show_stack+0x18/0x1c [ 145.162912] show_stack from dump_stack_lvl+0x58/0x70 [ 145.163620] dump_stack_lvl from print_report+0x164/0x51c [ 145.164327] print_report from kasan_report+0xc8/0x104 [ 145.165077] kasan_report from krealloc_uaf+0x11c/0x2b8 [ 145.165868] krealloc_uaf from kunit_try_run_case+0x11c/0x2e4 [ 145.166712] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.167748] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.168741] kthread from ret_from_fork+0x14/0x30 [ 145.169406] Exception stack(0xf9f53fb0 to 0xf9f53ff8) [ 145.169985] 3fa0: 00000000 00000000 00000000 00000000 [ 145.170962] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.171831] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.172543] [ 145.172771] Allocated by task 137: [ 145.173357] kasan_set_track+0x3c/0x5c [ 145.173877] __kasan_kmalloc+0x8c/0x94 [ 145.174568] krealloc_uaf+0xac/0x2b8 [ 145.175219] kunit_try_run_case+0x11c/0x2e4 [ 145.175921] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.177530] kthread+0x184/0x1a8 [ 145.178454] ret_from_fork+0x14/0x30 [ 145.178821] [ 145.179207] Freed by task 137: [ 145.179638] kasan_set_track+0x3c/0x5c [ 145.180186] kasan_save_free_info+0x30/0x3c [ 145.180741] __kasan_slab_free+0xdc/0x124 [ 145.181424] __kmem_cache_free+0x140/0x2a8 [ 145.182073] krealloc_uaf+0xc8/0x2b8 [ 145.182501] kunit_try_run_case+0x11c/0x2e4 [ 145.183158] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.183867] kthread+0x184/0x1a8 [ 145.184327] ret_from_fork+0x14/0x30 [ 145.184800] [ 145.185114] The buggy address belongs to the object at c4c17e00 [ 145.185114] which belongs to the cache kmalloc-256 of size 256 [ 145.186232] The buggy address is located 0 bytes inside of [ 145.186232] freed 256-byte region [c4c17e00, c4c17f00) [ 145.187335] [ 145.187682] The buggy address belongs to the physical page: [ 145.188371] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 145.189446] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.190195] flags: 0x840(slab|head|zone=0) [ 145.190735] page_type: 0xffffffff() [ 145.191339] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.192142] raw: 00000000 [ 145.192575] page dumped because: kasan: bad access detected [ 145.193166] [ 145.193440] Memory state around the buggy address: [ 145.193974] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.194796] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.195455] >c4c17e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.196387] ^ [ 145.197284] c4c17e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.198158] c4c17f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.198999] ================================================================== [ 145.109701] ================================================================== [ 145.110894] BUG: KASAN: slab-use-after-free in krealloc_uaf+0xe4/0x2b8 [ 145.111477] Read of size 1 at addr c4c17e00 by task kunit_try_catch/137 [ 145.112314] [ 145.112567] CPU: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.113329] Hardware name: Generic DT based system [ 145.113963] unwind_backtrace from show_stack+0x18/0x1c [ 145.114694] show_stack from dump_stack_lvl+0x58/0x70 [ 145.115426] dump_stack_lvl from print_report+0x164/0x51c [ 145.116119] print_report from kasan_report+0xc8/0x104 [ 145.116973] kasan_report from __kasan_check_byte+0x34/0x3c [ 145.118077] __kasan_check_byte from krealloc+0x30/0x134 [ 145.118970] krealloc from krealloc_uaf+0xe4/0x2b8 [ 145.119679] krealloc_uaf from kunit_try_run_case+0x11c/0x2e4 [ 145.120456] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.121504] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.122346] kthread from ret_from_fork+0x14/0x30 [ 145.122911] Exception stack(0xf9f53fb0 to 0xf9f53ff8) [ 145.123769] 3fa0: 00000000 00000000 00000000 00000000 [ 145.124777] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.125975] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.126690] [ 145.127049] Allocated by task 137: [ 145.127721] kasan_set_track+0x3c/0x5c [ 145.128450] __kasan_kmalloc+0x8c/0x94 [ 145.129105] krealloc_uaf+0xac/0x2b8 [ 145.129710] kunit_try_run_case+0x11c/0x2e4 [ 145.130358] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.131122] kthread+0x184/0x1a8 [ 145.131600] ret_from_fork+0x14/0x30 [ 145.132198] [ 145.132499] Freed by task 137: [ 145.132833] kasan_set_track+0x3c/0x5c [ 145.133456] kasan_save_free_info+0x30/0x3c [ 145.134170] __kasan_slab_free+0xdc/0x124 [ 145.134741] __kmem_cache_free+0x140/0x2a8 [ 145.135394] krealloc_uaf+0xc8/0x2b8 [ 145.136283] kunit_try_run_case+0x11c/0x2e4 [ 145.136995] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.137847] kthread+0x184/0x1a8 [ 145.138525] ret_from_fork+0x14/0x30 [ 145.139031] [ 145.139325] The buggy address belongs to the object at c4c17e00 [ 145.139325] which belongs to the cache kmalloc-256 of size 256 [ 145.140773] The buggy address is located 0 bytes inside of [ 145.140773] freed 256-byte region [c4c17e00, c4c17f00) [ 145.142080] [ 145.142416] The buggy address belongs to the physical page: [ 145.143166] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 145.144170] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.145029] flags: 0x840(slab|head|zone=0) [ 145.145672] page_type: 0xffffffff() [ 145.146277] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 145.147536] raw: 00000000 [ 145.148034] page dumped because: kasan: bad access detected [ 145.148690] [ 145.149011] Memory state around the buggy address: [ 145.149589] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.150512] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.151417] >c4c17e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.152220] ^ [ 145.152658] c4c17e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 145.153486] c4c17f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 145.154272] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
[ 144.763762] ================================================================== [ 144.764509] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a8/0x5f0 [ 144.765301] Write of size 1 at addr c4c17cda by task kunit_try_catch/131 [ 144.767137] [ 144.767447] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.768434] Hardware name: Generic DT based system [ 144.768993] unwind_backtrace from show_stack+0x18/0x1c [ 144.769730] show_stack from dump_stack_lvl+0x58/0x70 [ 144.770435] dump_stack_lvl from print_report+0x164/0x51c [ 144.771213] print_report from kasan_report+0xc8/0x104 [ 144.771867] kasan_report from krealloc_less_oob_helper+0x1a8/0x5f0 [ 144.772810] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.773717] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.774678] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.775619] kthread from ret_from_fork+0x14/0x30 [ 144.776375] Exception stack(0xf9f23fb0 to 0xf9f23ff8) [ 144.776930] 3fa0: 00000000 00000000 00000000 00000000 [ 144.777883] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.778761] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.779509] [ 144.779817] Allocated by task 131: [ 144.780202] kasan_set_track+0x3c/0x5c [ 144.780703] __kasan_krealloc+0xe0/0x104 [ 144.781385] krealloc+0xd4/0x134 [ 144.781841] krealloc_less_oob_helper+0xd4/0x5f0 [ 144.782489] kunit_try_run_case+0x11c/0x2e4 [ 144.782997] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.783804] kthread+0x184/0x1a8 [ 144.784276] ret_from_fork+0x14/0x30 [ 144.784705] [ 144.785086] The buggy address belongs to the object at c4c17c00 [ 144.785086] which belongs to the cache kmalloc-256 of size 256 [ 144.786810] The buggy address is located 17 bytes to the right of [ 144.786810] allocated 201-byte region [c4c17c00, c4c17cc9) [ 144.788088] [ 144.788431] The buggy address belongs to the physical page: [ 144.789084] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.790127] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.790870] flags: 0x840(slab|head|zone=0) [ 144.791395] page_type: 0xffffffff() [ 144.791803] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.792906] raw: 00000000 [ 144.793257] page dumped because: kasan: bad access detected [ 144.793936] [ 144.794318] Memory state around the buggy address: [ 144.794886] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.795675] c4c17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.796386] >c4c17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 144.797129] ^ [ 144.797689] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.798671] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.799462] ================================================================== [ 144.687805] ================================================================== [ 144.688897] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x114/0x5f0 [ 144.689687] Write of size 1 at addr c4c17cc9 by task kunit_try_catch/131 [ 144.690352] [ 144.690690] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.691566] Hardware name: Generic DT based system [ 144.692140] unwind_backtrace from show_stack+0x18/0x1c [ 144.692738] show_stack from dump_stack_lvl+0x58/0x70 [ 144.693505] dump_stack_lvl from print_report+0x164/0x51c [ 144.694123] print_report from kasan_report+0xc8/0x104 [ 144.694967] kasan_report from krealloc_less_oob_helper+0x114/0x5f0 [ 144.695829] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.696844] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.697816] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.698688] kthread from ret_from_fork+0x14/0x30 [ 144.699267] Exception stack(0xf9f23fb0 to 0xf9f23ff8) [ 144.699914] 3fa0: 00000000 00000000 00000000 00000000 [ 144.700796] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.701751] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.702452] [ 144.702738] Allocated by task 131: [ 144.703196] kasan_set_track+0x3c/0x5c [ 144.703758] __kasan_krealloc+0xe0/0x104 [ 144.704297] krealloc+0xd4/0x134 [ 144.704692] krealloc_less_oob_helper+0xd4/0x5f0 [ 144.705408] kunit_try_run_case+0x11c/0x2e4 [ 144.706328] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.707287] kthread+0x184/0x1a8 [ 144.707669] ret_from_fork+0x14/0x30 [ 144.708430] [ 144.708997] The buggy address belongs to the object at c4c17c00 [ 144.708997] which belongs to the cache kmalloc-256 of size 256 [ 144.710241] The buggy address is located 0 bytes to the right of [ 144.710241] allocated 201-byte region [c4c17c00, c4c17cc9) [ 144.711407] [ 144.711754] The buggy address belongs to the physical page: [ 144.712475] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.713487] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.714485] flags: 0x840(slab|head|zone=0) [ 144.715095] page_type: 0xffffffff() [ 144.715585] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.716549] raw: 00000000 [ 144.717071] page dumped because: kasan: bad access detected [ 144.717742] [ 144.718073] Memory state around the buggy address: [ 144.718694] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.719451] c4c17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.720294] >c4c17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 144.721020] ^ [ 144.721609] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.722466] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.723240] ================================================================== [ 145.042680] ================================================================== [ 145.043264] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x5f0 [ 145.044619] Write of size 1 at addr c4ffe0ea by task kunit_try_catch/135 [ 145.045580] [ 145.045840] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.047146] Hardware name: Generic DT based system [ 145.048152] unwind_backtrace from show_stack+0x18/0x1c [ 145.048838] show_stack from dump_stack_lvl+0x58/0x70 [ 145.049532] dump_stack_lvl from print_report+0x164/0x51c [ 145.051189] print_report from kasan_report+0xc8/0x104 [ 145.051968] kasan_report from krealloc_less_oob_helper+0x1e0/0x5f0 [ 145.052932] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 145.053896] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.054908] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.055826] kthread from ret_from_fork+0x14/0x30 [ 145.056482] Exception stack(0xf9f43fb0 to 0xf9f43ff8) [ 145.057192] 3fa0: 00000000 00000000 00000000 00000000 [ 145.058185] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.059169] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.059918] [ 145.060284] The buggy address belongs to the physical page: [ 145.060994] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 145.062098] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.063103] flags: 0x40(head|zone=0) [ 145.063739] page_type: 0xffffffff() [ 145.064244] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 145.065311] raw: 00000000 [ 145.065847] page dumped because: kasan: bad access detected [ 145.066522] [ 145.066767] Memory state around the buggy address: [ 145.067554] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.068378] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.069339] >c4ffe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 145.070066] ^ [ 145.070928] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.072161] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.073157] ================================================================== [ 144.801098] ================================================================== [ 144.801830] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x5f0 [ 144.802834] Write of size 1 at addr c4c17cea by task kunit_try_catch/131 [ 144.803509] [ 144.803796] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.804685] Hardware name: Generic DT based system [ 144.805262] unwind_backtrace from show_stack+0x18/0x1c [ 144.806676] show_stack from dump_stack_lvl+0x58/0x70 [ 144.807818] dump_stack_lvl from print_report+0x164/0x51c [ 144.809087] print_report from kasan_report+0xc8/0x104 [ 144.810034] kasan_report from krealloc_less_oob_helper+0x1e0/0x5f0 [ 144.810910] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.811844] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.812879] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.813806] kthread from ret_from_fork+0x14/0x30 [ 144.814489] Exception stack(0xf9f23fb0 to 0xf9f23ff8) [ 144.815261] 3fa0: 00000000 00000000 00000000 00000000 [ 144.816280] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.817203] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.817982] [ 144.818350] Allocated by task 131: [ 144.818936] kasan_set_track+0x3c/0x5c [ 144.819722] __kasan_krealloc+0xe0/0x104 [ 144.820281] krealloc+0xd4/0x134 [ 144.820736] krealloc_less_oob_helper+0xd4/0x5f0 [ 144.821358] kunit_try_run_case+0x11c/0x2e4 [ 144.822199] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.822944] kthread+0x184/0x1a8 [ 144.823603] ret_from_fork+0x14/0x30 [ 144.824138] [ 144.824523] The buggy address belongs to the object at c4c17c00 [ 144.824523] which belongs to the cache kmalloc-256 of size 256 [ 144.825925] The buggy address is located 33 bytes to the right of [ 144.825925] allocated 201-byte region [c4c17c00, c4c17cc9) [ 144.828343] [ 144.828928] The buggy address belongs to the physical page: [ 144.829834] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.830953] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.831670] flags: 0x840(slab|head|zone=0) [ 144.832348] page_type: 0xffffffff() [ 144.832869] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.833806] raw: 00000000 [ 144.834173] page dumped because: kasan: bad access detected [ 144.834813] [ 144.835168] Memory state around the buggy address: [ 144.835747] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.836560] c4c17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.837454] >c4c17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 144.838399] ^ [ 144.838984] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.839765] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.840490] ================================================================== [ 145.074565] ================================================================== [ 145.075236] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x214/0x5f0 [ 145.075990] Write of size 1 at addr c4ffe0eb by task kunit_try_catch/135 [ 145.076985] [ 145.077331] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.078316] Hardware name: Generic DT based system [ 145.079141] unwind_backtrace from show_stack+0x18/0x1c [ 145.079843] show_stack from dump_stack_lvl+0x58/0x70 [ 145.080489] dump_stack_lvl from print_report+0x164/0x51c [ 145.081321] print_report from kasan_report+0xc8/0x104 [ 145.082045] kasan_report from krealloc_less_oob_helper+0x214/0x5f0 [ 145.082918] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 145.083905] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.085003] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.086291] kthread from ret_from_fork+0x14/0x30 [ 145.087617] Exception stack(0xf9f43fb0 to 0xf9f43ff8) [ 145.088258] 3fa0: 00000000 00000000 00000000 00000000 [ 145.089234] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.090154] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.090825] [ 145.091151] The buggy address belongs to the physical page: [ 145.091742] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 145.092658] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.093458] flags: 0x40(head|zone=0) [ 145.093935] page_type: 0xffffffff() [ 145.094365] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 145.095260] raw: 00000000 [ 145.095681] page dumped because: kasan: bad access detected [ 145.096236] [ 145.096583] Memory state around the buggy address: [ 145.097219] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.097989] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.098620] >c4ffe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 145.099361] ^ [ 145.099923] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.100834] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.101546] ================================================================== [ 144.953598] ================================================================== [ 144.954801] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x114/0x5f0 [ 144.955531] Write of size 1 at addr c4ffe0c9 by task kunit_try_catch/135 [ 144.956258] [ 144.956574] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.957542] Hardware name: Generic DT based system [ 144.958232] unwind_backtrace from show_stack+0x18/0x1c [ 144.958981] show_stack from dump_stack_lvl+0x58/0x70 [ 144.959675] dump_stack_lvl from print_report+0x164/0x51c [ 144.960356] print_report from kasan_report+0xc8/0x104 [ 144.961108] kasan_report from krealloc_less_oob_helper+0x114/0x5f0 [ 144.962019] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.962949] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.963988] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.964842] kthread from ret_from_fork+0x14/0x30 [ 144.965425] Exception stack(0xf9f43fb0 to 0xf9f43ff8) [ 144.966088] 3fa0: 00000000 00000000 00000000 00000000 [ 144.967712] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.968832] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.969567] [ 144.969815] The buggy address belongs to the physical page: [ 144.970484] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 144.971333] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.972098] flags: 0x40(head|zone=0) [ 144.972663] page_type: 0xffffffff() [ 144.973222] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 144.973977] raw: 00000000 [ 144.974431] page dumped because: kasan: bad access detected [ 144.974963] [ 144.975327] Memory state around the buggy address: [ 144.975924] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.976644] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.977465] >c4ffe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 144.978168] ^ [ 144.978647] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.979465] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.980163] ================================================================== [ 144.841597] ================================================================== [ 144.843233] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x214/0x5f0 [ 144.843982] Write of size 1 at addr c4c17ceb by task kunit_try_catch/131 [ 144.844743] [ 144.844980] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.846382] Hardware name: Generic DT based system [ 144.847004] unwind_backtrace from show_stack+0x18/0x1c [ 144.847792] show_stack from dump_stack_lvl+0x58/0x70 [ 144.848434] dump_stack_lvl from print_report+0x164/0x51c [ 144.849279] print_report from kasan_report+0xc8/0x104 [ 144.849962] kasan_report from krealloc_less_oob_helper+0x214/0x5f0 [ 144.850807] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.851567] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.852506] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.853475] kthread from ret_from_fork+0x14/0x30 [ 144.854086] Exception stack(0xf9f23fb0 to 0xf9f23ff8) [ 144.854649] 3fa0: 00000000 00000000 00000000 00000000 [ 144.855667] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.856522] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.857289] [ 144.857579] Allocated by task 131: [ 144.857933] kasan_set_track+0x3c/0x5c [ 144.858750] __kasan_krealloc+0xe0/0x104 [ 144.859378] krealloc+0xd4/0x134 [ 144.859784] krealloc_less_oob_helper+0xd4/0x5f0 [ 144.860492] kunit_try_run_case+0x11c/0x2e4 [ 144.861072] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.861745] kthread+0x184/0x1a8 [ 144.862185] ret_from_fork+0x14/0x30 [ 144.862762] [ 144.863088] The buggy address belongs to the object at c4c17c00 [ 144.863088] which belongs to the cache kmalloc-256 of size 256 [ 144.864118] The buggy address is located 34 bytes to the right of [ 144.864118] allocated 201-byte region [c4c17c00, c4c17cc9) [ 144.865334] [ 144.865632] The buggy address belongs to the physical page: [ 144.866975] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.867794] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.868763] flags: 0x840(slab|head|zone=0) [ 144.869269] page_type: 0xffffffff() [ 144.869712] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.870737] raw: 00000000 [ 144.871147] page dumped because: kasan: bad access detected [ 144.871741] [ 144.872034] Memory state around the buggy address: [ 144.872609] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.873487] c4c17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.874173] >c4c17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 144.874906] ^ [ 144.875854] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.876645] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.877426] ================================================================== [ 144.983174] ================================================================== [ 144.983881] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x150/0x5f0 [ 144.984674] Write of size 1 at addr c4ffe0d0 by task kunit_try_catch/135 [ 144.985385] [ 144.985642] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.986502] Hardware name: Generic DT based system [ 144.987542] unwind_backtrace from show_stack+0x18/0x1c [ 144.988438] show_stack from dump_stack_lvl+0x58/0x70 [ 144.989403] dump_stack_lvl from print_report+0x164/0x51c [ 144.989761] print_report from kasan_report+0xc8/0x104 [ 144.990171] kasan_report from krealloc_less_oob_helper+0x150/0x5f0 [ 144.991501] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.992667] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.993685] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.994604] kthread from ret_from_fork+0x14/0x30 [ 144.995299] Exception stack(0xf9f43fb0 to 0xf9f43ff8) [ 144.996025] 3fa0: 00000000 00000000 00000000 00000000 [ 144.997002] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.997919] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.998761] [ 144.999040] The buggy address belongs to the physical page: [ 144.999677] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 145.000659] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.001552] flags: 0x40(head|zone=0) [ 145.002101] page_type: 0xffffffff() [ 145.002569] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 145.003585] raw: 00000000 [ 145.003989] page dumped because: kasan: bad access detected [ 145.004724] [ 145.005097] Memory state around the buggy address: [ 145.005853] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.007281] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.008118] >c4ffe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 145.008889] ^ [ 145.009534] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.010338] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.011125] ================================================================== [ 145.012395] ================================================================== [ 145.012932] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a8/0x5f0 [ 145.014002] Write of size 1 at addr c4ffe0da by task kunit_try_catch/135 [ 145.015235] [ 145.015492] CPU: 0 PID: 135 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 145.016621] Hardware name: Generic DT based system [ 145.017240] unwind_backtrace from show_stack+0x18/0x1c [ 145.018096] show_stack from dump_stack_lvl+0x58/0x70 [ 145.018800] dump_stack_lvl from print_report+0x164/0x51c [ 145.019577] print_report from kasan_report+0xc8/0x104 [ 145.020360] kasan_report from krealloc_less_oob_helper+0x1a8/0x5f0 [ 145.021271] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 145.022217] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 145.023281] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 145.024208] kthread from ret_from_fork+0x14/0x30 [ 145.024871] Exception stack(0xf9f43fb0 to 0xf9f43ff8) [ 145.025555] 3fa0: 00000000 00000000 00000000 00000000 [ 145.027031] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 145.028510] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 145.029942] [ 145.030417] The buggy address belongs to the physical page: [ 145.031437] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 145.032588] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 145.033396] flags: 0x40(head|zone=0) [ 145.033681] page_type: 0xffffffff() [ 145.033936] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 145.035091] raw: 00000000 [ 145.035494] page dumped because: kasan: bad access detected [ 145.036126] [ 145.036467] Memory state around the buggy address: [ 145.037105] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.038010] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 145.038725] >c4ffe080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 145.039458] ^ [ 145.040107] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.040832] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 145.041436] ================================================================== [ 144.726254] ================================================================== [ 144.727124] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x150/0x5f0 [ 144.727933] Write of size 1 at addr c4c17cd0 by task kunit_try_catch/131 [ 144.728673] [ 144.729117] CPU: 0 PID: 131 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.730072] Hardware name: Generic DT based system [ 144.730715] unwind_backtrace from show_stack+0x18/0x1c [ 144.731593] show_stack from dump_stack_lvl+0x58/0x70 [ 144.732301] dump_stack_lvl from print_report+0x164/0x51c [ 144.733003] print_report from kasan_report+0xc8/0x104 [ 144.733718] kasan_report from krealloc_less_oob_helper+0x150/0x5f0 [ 144.734561] krealloc_less_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.735459] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.736642] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.737633] kthread from ret_from_fork+0x14/0x30 [ 144.738332] Exception stack(0xf9f23fb0 to 0xf9f23ff8) [ 144.738953] 3fa0: 00000000 00000000 00000000 00000000 [ 144.739872] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.740846] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.741538] [ 144.741783] Allocated by task 131: [ 144.742178] kasan_set_track+0x3c/0x5c [ 144.742734] __kasan_krealloc+0xe0/0x104 [ 144.743387] krealloc+0xd4/0x134 [ 144.743855] krealloc_less_oob_helper+0xd4/0x5f0 [ 144.744437] kunit_try_run_case+0x11c/0x2e4 [ 144.745014] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.745738] kthread+0x184/0x1a8 [ 144.746227] ret_from_fork+0x14/0x30 [ 144.746753] [ 144.747104] The buggy address belongs to the object at c4c17c00 [ 144.747104] which belongs to the cache kmalloc-256 of size 256 [ 144.749628] The buggy address is located 7 bytes to the right of [ 144.749628] allocated 201-byte region [c4c17c00, c4c17cc9) [ 144.751095] [ 144.751739] The buggy address belongs to the physical page: [ 144.752577] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.753436] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.754232] flags: 0x840(slab|head|zone=0) [ 144.754714] page_type: 0xffffffff() [ 144.755220] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.756127] raw: 00000000 [ 144.756543] page dumped because: kasan: bad access detected [ 144.757147] [ 144.757353] Memory state around the buggy address: [ 144.758046] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.758786] c4c17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.759464] >c4c17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 144.760162] ^ [ 144.760949] c4c17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.761675] c4c17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.762406] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
[ 144.884932] ================================================================== [ 144.886026] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x144/0x384 [ 144.886871] Write of size 1 at addr c4ffe0eb by task kunit_try_catch/133 [ 144.887652] [ 144.887907] CPU: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.888545] Hardware name: Generic DT based system [ 144.889048] unwind_backtrace from show_stack+0x18/0x1c [ 144.889929] show_stack from dump_stack_lvl+0x58/0x70 [ 144.890795] dump_stack_lvl from print_report+0x164/0x51c [ 144.891626] print_report from kasan_report+0xc8/0x104 [ 144.892415] kasan_report from krealloc_more_oob_helper+0x144/0x384 [ 144.893313] krealloc_more_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.894265] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.895311] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.896233] kthread from ret_from_fork+0x14/0x30 [ 144.896907] Exception stack(0xf9f33fb0 to 0xf9f33ff8) [ 144.897607] 3fa0: 00000000 00000000 00000000 00000000 [ 144.898688] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.899671] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.900426] [ 144.900732] The buggy address belongs to the physical page: [ 144.901449] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 144.902431] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.903343] flags: 0x40(head|zone=0) [ 144.903925] page_type: 0xffffffff() [ 144.904485] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 144.905486] raw: 00000000 [ 144.905947] page dumped because: kasan: bad access detected [ 144.906690] [ 144.907081] Memory state around the buggy address: [ 144.907676] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.908492] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.909445] >c4ffe080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 144.910324] ^ [ 144.911022] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.911859] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.912611] ================================================================== [ 144.643293] ================================================================== [ 144.644020] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x180/0x384 [ 144.644806] Write of size 1 at addr c4c17af0 by task kunit_try_catch/129 [ 144.645484] [ 144.645747] CPU: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.646682] Hardware name: Generic DT based system [ 144.647416] unwind_backtrace from show_stack+0x18/0x1c [ 144.648147] show_stack from dump_stack_lvl+0x58/0x70 [ 144.648987] dump_stack_lvl from print_report+0x164/0x51c [ 144.649793] print_report from kasan_report+0xc8/0x104 [ 144.650534] kasan_report from krealloc_more_oob_helper+0x180/0x384 [ 144.651570] krealloc_more_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.652471] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.653487] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.654463] kthread from ret_from_fork+0x14/0x30 [ 144.655105] Exception stack(0xf9f13fb0 to 0xf9f13ff8) [ 144.655876] 3fa0: 00000000 00000000 00000000 00000000 [ 144.657314] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.658363] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.659172] [ 144.659440] Allocated by task 129: [ 144.659835] kasan_set_track+0x3c/0x5c [ 144.660518] __kasan_krealloc+0xe0/0x104 [ 144.661041] krealloc+0xd4/0x134 [ 144.661487] krealloc_more_oob_helper+0xd4/0x384 [ 144.662195] kunit_try_run_case+0x11c/0x2e4 [ 144.662916] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.663639] kthread+0x184/0x1a8 [ 144.664295] ret_from_fork+0x14/0x30 [ 144.664721] [ 144.664966] The buggy address belongs to the object at c4c17a00 [ 144.664966] which belongs to the cache kmalloc-256 of size 256 [ 144.666322] The buggy address is located 5 bytes to the right of [ 144.666322] allocated 235-byte region [c4c17a00, c4c17aeb) [ 144.667489] [ 144.667784] The buggy address belongs to the physical page: [ 144.668440] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.669333] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.670189] flags: 0x840(slab|head|zone=0) [ 144.670865] page_type: 0xffffffff() [ 144.671392] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.672132] raw: 00000000 [ 144.672562] page dumped because: kasan: bad access detected [ 144.673162] [ 144.673476] Memory state around the buggy address: [ 144.674176] c4c17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.674866] c4c17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.676385] >c4c17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 144.677472] ^ [ 144.678189] c4c17b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.678899] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.679636] ================================================================== [ 144.916432] ================================================================== [ 144.917160] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x180/0x384 [ 144.918192] Write of size 1 at addr c4ffe0f0 by task kunit_try_catch/133 [ 144.918950] [ 144.919323] CPU: 0 PID: 133 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.920328] Hardware name: Generic DT based system [ 144.921069] unwind_backtrace from show_stack+0x18/0x1c [ 144.921915] show_stack from dump_stack_lvl+0x58/0x70 [ 144.922644] dump_stack_lvl from print_report+0x164/0x51c [ 144.923401] print_report from kasan_report+0xc8/0x104 [ 144.924206] kasan_report from krealloc_more_oob_helper+0x180/0x384 [ 144.925038] krealloc_more_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.925936] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.927537] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.928661] kthread from ret_from_fork+0x14/0x30 [ 144.929514] Exception stack(0xf9f33fb0 to 0xf9f33ff8) [ 144.930319] 3fa0: 00000000 00000000 00000000 00000000 [ 144.931416] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.932329] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.932968] [ 144.933291] The buggy address belongs to the physical page: [ 144.933946] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 144.935000] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.935756] flags: 0x40(head|zone=0) [ 144.936234] page_type: 0xffffffff() [ 144.936701] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 144.937710] raw: 00000000 [ 144.938041] page dumped because: kasan: bad access detected [ 144.938596] [ 144.938949] Memory state around the buggy address: [ 144.939515] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.940409] c4ffe000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.941154] >c4ffe080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 144.941973] ^ [ 144.942658] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.943556] c4ffe180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.944250] ================================================================== [ 144.603642] ================================================================== [ 144.604720] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x144/0x384 [ 144.605523] Write of size 1 at addr c4c17aeb by task kunit_try_catch/129 [ 144.607211] [ 144.607428] CPU: 0 PID: 129 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.608850] Hardware name: Generic DT based system [ 144.609360] unwind_backtrace from show_stack+0x18/0x1c [ 144.610132] show_stack from dump_stack_lvl+0x58/0x70 [ 144.610810] dump_stack_lvl from print_report+0x164/0x51c [ 144.611621] print_report from kasan_report+0xc8/0x104 [ 144.612342] kasan_report from krealloc_more_oob_helper+0x144/0x384 [ 144.613155] krealloc_more_oob_helper from kunit_try_run_case+0x11c/0x2e4 [ 144.613993] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.615039] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.616211] kthread from ret_from_fork+0x14/0x30 [ 144.616950] Exception stack(0xf9f13fb0 to 0xf9f13ff8) [ 144.617709] 3fa0: 00000000 00000000 00000000 00000000 [ 144.619004] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.619923] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.620633] [ 144.620888] Allocated by task 129: [ 144.621361] kasan_set_track+0x3c/0x5c [ 144.621894] __kasan_krealloc+0xe0/0x104 [ 144.622493] krealloc+0xd4/0x134 [ 144.622982] krealloc_more_oob_helper+0xd4/0x384 [ 144.623606] kunit_try_run_case+0x11c/0x2e4 [ 144.624232] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.624890] kthread+0x184/0x1a8 [ 144.625326] ret_from_fork+0x14/0x30 [ 144.625994] [ 144.626227] The buggy address belongs to the object at c4c17a00 [ 144.626227] which belongs to the cache kmalloc-256 of size 256 [ 144.627347] The buggy address is located 0 bytes to the right of [ 144.627347] allocated 235-byte region [c4c17a00, c4c17aeb) [ 144.628604] [ 144.628832] The buggy address belongs to the physical page: [ 144.629511] page:17c33a57 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44c16 [ 144.630447] head:17c33a57 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.631330] flags: 0x840(slab|head|zone=0) [ 144.631910] page_type: 0xffffffff() [ 144.632369] raw: 00000840 c4801500 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.633321] raw: 00000000 [ 144.633645] page dumped because: kasan: bad access detected [ 144.634222] [ 144.634514] Memory state around the buggy address: [ 144.634997] c4c17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.635820] c4c17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.636952] >c4c17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 144.637884] ^ [ 144.638494] c4c17b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.639340] c4c17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.640118] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
[ 144.559231] ================================================================== [ 144.560289] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xcc/0x1dc [ 144.561077] Write of size 1 at addr c8e91f00 by task kunit_try_catch/127 [ 144.561861] [ 144.562190] CPU: 0 PID: 127 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.563080] Hardware name: Generic DT based system [ 144.563562] unwind_backtrace from show_stack+0x18/0x1c [ 144.564240] show_stack from dump_stack_lvl+0x58/0x70 [ 144.564926] dump_stack_lvl from print_report+0x164/0x51c [ 144.565720] print_report from kasan_report+0xc8/0x104 [ 144.566409] kasan_report from kmalloc_large_oob_right+0xcc/0x1dc [ 144.567316] kmalloc_large_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.568615] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.569731] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.570721] kthread from ret_from_fork+0x14/0x30 [ 144.571513] Exception stack(0xf9f03fb0 to 0xf9f03ff8) [ 144.572188] 3fa0: 00000000 00000000 00000000 00000000 [ 144.573166] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.574143] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.574872] [ 144.575223] Allocated by task 127: [ 144.575582] kasan_set_track+0x3c/0x5c [ 144.576140] __kasan_kmalloc+0x8c/0x94 [ 144.576629] kmalloc_large_oob_right+0xa0/0x1dc [ 144.577576] kunit_try_run_case+0x11c/0x2e4 [ 144.578090] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.578813] kthread+0x184/0x1a8 [ 144.579279] ret_from_fork+0x14/0x30 [ 144.579820] [ 144.580104] The buggy address belongs to the object at c8e90000 [ 144.580104] which belongs to the cache kmalloc-8k of size 8192 [ 144.581381] The buggy address is located 0 bytes to the right of [ 144.581381] allocated 7936-byte region [c8e90000, c8e91f00) [ 144.582627] [ 144.582961] The buggy address belongs to the physical page: [ 144.583643] page:07f5ae76 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e90 [ 144.584492] head:07f5ae76 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.585289] flags: 0x840(slab|head|zone=0) [ 144.586145] page_type: 0xffffffff() [ 144.587330] raw: 00000840 c4801a00 00000122 00000000 00000000 80020002 ffffffff 00000001 [ 144.588452] raw: 00000000 [ 144.588988] page dumped because: kasan: bad access detected [ 144.589820] [ 144.590177] Memory state around the buggy address: [ 144.590668] c8e91e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.591450] c8e91e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.592107] >c8e91f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.592818] ^ [ 144.593182] c8e91f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.593978] c8e92000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.594673] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf: Failure
[ 144.447344] ================================================================== [ 144.449094] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xb4/0x1ac [ 144.449885] Read of size 1 at addr c8e28000 by task kunit_try_catch/119 [ 144.450566] [ 144.450833] CPU: 1 PID: 119 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.451563] Hardware name: Generic DT based system [ 144.452243] unwind_backtrace from show_stack+0x18/0x1c [ 144.452902] show_stack from dump_stack_lvl+0x58/0x70 [ 144.453672] dump_stack_lvl from print_report+0x164/0x51c [ 144.454413] print_report from kasan_report+0xc8/0x104 [ 144.455134] kasan_report from kmalloc_pagealloc_uaf+0xb4/0x1ac [ 144.455852] kmalloc_pagealloc_uaf from kunit_try_run_case+0x11c/0x2e4 [ 144.456753] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.458357] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.459164] kthread from ret_from_fork+0x14/0x30 [ 144.459942] Exception stack(0xf9ed3fb0 to 0xf9ed3ff8) [ 144.460551] 3fa0: 00000000 00000000 00000000 00000000 [ 144.461464] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.462310] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.463020] [ 144.463280] The buggy address belongs to the physical page: [ 144.463903] page:e8588773 refcount:0 mapcount:0 mapping:00000000 index:0x0 pfn:0x48e28 [ 144.464764] flags: 0x0(zone=0) [ 144.465178] page_type: 0xffffffff() [ 144.465664] raw: 00000000 edd38e34 e7b79e84 00000000 00000000 00000000 ffffffff 00000000 [ 144.466652] raw: 00000000 [ 144.466981] page dumped because: kasan: bad access detected [ 144.467698] [ 144.467916] Memory state around the buggy address: [ 144.468483] c8e27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.469497] c8e27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.470679] >c8e28000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.471495] ^ [ 144.471763] c8e28080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.472888] c8e28100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 144.473725] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right: Failure
[ 144.414014] ================================================================== [ 144.415174] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xb4/0x1bc [ 144.415900] Write of size 1 at addr c4ffe00a by task kunit_try_catch/117 [ 144.416714] [ 144.417012] CPU: 0 PID: 117 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.417861] Hardware name: Generic DT based system [ 144.418597] unwind_backtrace from show_stack+0x18/0x1c [ 144.419322] show_stack from dump_stack_lvl+0x58/0x70 [ 144.419986] dump_stack_lvl from print_report+0x164/0x51c [ 144.420850] print_report from kasan_report+0xc8/0x104 [ 144.421475] kasan_report from kmalloc_pagealloc_oob_right+0xb4/0x1bc [ 144.422450] kmalloc_pagealloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.423354] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.424305] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.425152] kthread from ret_from_fork+0x14/0x30 [ 144.425744] Exception stack(0xf9ec3fb0 to 0xf9ec3ff8) [ 144.426330] 3fa0: 00000000 00000000 00000000 00000000 [ 144.427236] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.428158] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.428869] [ 144.429164] The buggy address belongs to the physical page: [ 144.429865] page:a8595845 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44ffc [ 144.430729] head:a8595845 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.431558] flags: 0x40(head|zone=0) [ 144.432069] page_type: 0xffffffff() [ 144.432677] raw: 00000040 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001 [ 144.433508] raw: 00000000 [ 144.433889] page dumped because: kasan: bad access detected [ 144.434493] [ 144.434813] Memory state around the buggy address: [ 144.435424] c4ffdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.436217] c4ffdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.437018] >c4ffe000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.437674] ^ [ 144.438081] c4ffe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.438801] c4ffe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 144.439485] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
[ 144.368685] ================================================================== [ 144.369861] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd4/0x1e8 [ 144.370751] Read of size 1 at addr c5813000 by task kunit_try_catch/115 [ 144.371672] [ 144.372005] CPU: 0 PID: 115 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.372825] Hardware name: Generic DT based system [ 144.373525] unwind_backtrace from show_stack+0x18/0x1c [ 144.374308] show_stack from dump_stack_lvl+0x58/0x70 [ 144.375167] dump_stack_lvl from print_report+0x164/0x51c [ 144.376302] print_report from kasan_report+0xc8/0x104 [ 144.377029] kasan_report from kmalloc_node_oob_right+0xd4/0x1e8 [ 144.377929] kmalloc_node_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.379291] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.380355] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.381314] kthread from ret_from_fork+0x14/0x30 [ 144.381922] Exception stack(0xf9eb3fb0 to 0xf9eb3ff8) [ 144.382521] 3fa0: 00000000 00000000 00000000 00000000 [ 144.383387] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.384263] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.385105] [ 144.385416] Allocated by task 115: [ 144.385815] kasan_set_track+0x3c/0x5c [ 144.386523] __kasan_kmalloc+0x8c/0x94 [ 144.387144] kmalloc_node_oob_right+0xa4/0x1e8 [ 144.387844] kunit_try_run_case+0x11c/0x2e4 [ 144.388409] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.389219] kthread+0x184/0x1a8 [ 144.389638] ret_from_fork+0x14/0x30 [ 144.390212] [ 144.390555] The buggy address belongs to the object at c5812000 [ 144.390555] which belongs to the cache kmalloc-4k of size 4096 [ 144.391834] The buggy address is located 0 bytes to the right of [ 144.391834] allocated 4096-byte region [c5812000, c5813000) [ 144.393006] [ 144.393358] The buggy address belongs to the physical page: [ 144.394034] page:5db007ca refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x45810 [ 144.394909] head:5db007ca order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.395919] flags: 0x840(slab|head|zone=0) [ 144.396499] page_type: 0xffffffff() [ 144.396917] raw: 00000840 c4801900 00000122 00000000 00000000 80040004 ffffffff 00000001 [ 144.398009] raw: 00000000 [ 144.398333] page dumped because: kasan: bad access detected [ 144.399092] [ 144.399349] Memory state around the buggy address: [ 144.399962] c5812f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.401047] c5812f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.401790] >c5813000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.402359] ^ [ 144.402906] c5813080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.403648] c5813100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.404553] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
[ 144.317870] ================================================================== [ 144.319086] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xcc/0x1e0 [ 144.319749] Read of size 1 at addr c4fce77f by task kunit_try_catch/113 [ 144.320760] [ 144.321159] CPU: 0 PID: 113 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.322088] Hardware name: Generic DT based system [ 144.322623] unwind_backtrace from show_stack+0x18/0x1c [ 144.323373] show_stack from dump_stack_lvl+0x58/0x70 [ 144.324143] dump_stack_lvl from print_report+0x164/0x51c [ 144.324810] print_report from kasan_report+0xc8/0x104 [ 144.325477] kasan_report from kmalloc_oob_left+0xcc/0x1e0 [ 144.326584] kmalloc_oob_left from kunit_try_run_case+0x11c/0x2e4 [ 144.327481] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.328435] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.329319] kthread from ret_from_fork+0x14/0x30 [ 144.330025] Exception stack(0xf9ea3fb0 to 0xf9ea3ff8) [ 144.330627] 3fa0: 00000000 00000000 00000000 00000000 [ 144.331530] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.332442] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.333117] [ 144.333465] Allocated by task 109: [ 144.333889] kasan_set_track+0x3c/0x5c [ 144.334348] __kasan_kmalloc+0x8c/0x94 [ 144.335046] kunit_add_action+0xa0/0x1e8 [ 144.335651] kunit_add_action_or_reset+0x18/0x30 [ 144.336261] kunit_kmalloc_array+0x44/0x60 [ 144.336903] sysctl_test_api_dointvec_write_single_greater_int_max+0x134/0x2b8 [ 144.337693] kunit_try_run_case+0x11c/0x2e4 [ 144.338579] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.339265] kthread+0x184/0x1a8 [ 144.339793] ret_from_fork+0x14/0x30 [ 144.340229] [ 144.340552] Freed by task 110: [ 144.341048] kasan_set_track+0x3c/0x5c [ 144.341618] kasan_save_free_info+0x30/0x3c [ 144.342383] __kasan_slab_free+0xdc/0x124 [ 144.342894] __kmem_cache_free+0x140/0x2a8 [ 144.343596] kunit_cleanup+0x44/0x90 [ 144.344263] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.344999] kthread+0x184/0x1a8 [ 144.345476] ret_from_fork+0x14/0x30 [ 144.346038] [ 144.346755] The buggy address belongs to the object at c4fce700 [ 144.346755] which belongs to the cache kmalloc-64 of size 64 [ 144.348205] The buggy address is located 63 bytes to the right of [ 144.348205] allocated 64-byte region [c4fce700, c4fce740) [ 144.349225] [ 144.349558] The buggy address belongs to the physical page: [ 144.350043] page:44c7b72b refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fce [ 144.351110] flags: 0x800(slab|zone=0) [ 144.351541] page_type: 0xffffffff() [ 144.352098] raw: 00000800 c4801200 00000122 00000000 00000000 80200020 ffffffff 00000001 [ 144.352969] raw: 00000000 [ 144.353468] page dumped because: kasan: bad access detected [ 144.354247] [ 144.354486] Memory state around the buggy address: [ 144.355087] c4fce600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 144.355948] c4fce680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 144.356669] >c4fce700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 144.357484] ^ [ 144.358196] c4fce780: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.359007] c4fce800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.359725] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
[ 144.274660] ================================================================== [ 144.275419] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x134/0x320 [ 144.276458] Read of size 1 at addr c4fc8f80 by task kunit_try_catch/111 [ 144.277091] [ 144.277790] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.278762] Hardware name: Generic DT based system [ 144.279469] unwind_backtrace from show_stack+0x18/0x1c [ 144.280359] show_stack from dump_stack_lvl+0x58/0x70 [ 144.281175] dump_stack_lvl from print_report+0x164/0x51c [ 144.281926] print_report from kasan_report+0xc8/0x104 [ 144.282705] kasan_report from kmalloc_oob_right+0x134/0x320 [ 144.283549] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.284443] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.285408] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.286570] kthread from ret_from_fork+0x14/0x30 [ 144.287316] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.287905] 3fa0: 00000000 00000000 00000000 00000000 [ 144.288933] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.289894] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.290654] [ 144.290970] Allocated by task 111: [ 144.291582] kasan_set_track+0x3c/0x5c [ 144.292224] __kasan_kmalloc+0x8c/0x94 [ 144.292893] kmalloc_oob_right+0xa0/0x320 [ 144.293571] kunit_try_run_case+0x11c/0x2e4 [ 144.294321] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.295086] kthread+0x184/0x1a8 [ 144.295592] ret_from_fork+0x14/0x30 [ 144.296368] [ 144.296739] The buggy address belongs to the object at c4fc8f00 [ 144.296739] which belongs to the cache kmalloc-128 of size 128 [ 144.298153] The buggy address is located 13 bytes to the right of [ 144.298153] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.299346] [ 144.299612] The buggy address belongs to the physical page: [ 144.300225] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.301186] flags: 0x800(slab|zone=0) [ 144.301640] page_type: 0xffffffff() [ 144.302192] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.303111] raw: 00000000 [ 144.303543] page dumped because: kasan: bad access detected [ 144.304120] [ 144.304416] Memory state around the buggy address: [ 144.304986] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.305740] c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.306974] >c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.307666] ^ [ 144.308106] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.308797] c4fc9080: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.309523] ================================================================== [ 144.238609] ================================================================== [ 144.239357] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x100/0x320 [ 144.240173] Write of size 1 at addr c4fc8f78 by task kunit_try_catch/111 [ 144.240725] [ 144.241081] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 144.242019] Hardware name: Generic DT based system [ 144.242540] unwind_backtrace from show_stack+0x18/0x1c [ 144.243345] show_stack from dump_stack_lvl+0x58/0x70 [ 144.243992] dump_stack_lvl from print_report+0x164/0x51c [ 144.244618] print_report from kasan_report+0xc8/0x104 [ 144.245331] kasan_report from kmalloc_oob_right+0x100/0x320 [ 144.246322] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.247165] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.248323] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.249192] kthread from ret_from_fork+0x14/0x30 [ 144.249805] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.250420] 3fa0: 00000000 00000000 00000000 00000000 [ 144.251392] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.252357] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.253082] [ 144.253370] Allocated by task 111: [ 144.253722] kasan_set_track+0x3c/0x5c [ 144.254345] __kasan_kmalloc+0x8c/0x94 [ 144.255016] kmalloc_oob_right+0xa0/0x320 [ 144.255587] kunit_try_run_case+0x11c/0x2e4 [ 144.256367] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.257247] kthread+0x184/0x1a8 [ 144.257676] ret_from_fork+0x14/0x30 [ 144.258200] [ 144.258459] The buggy address belongs to the object at c4fc8f00 [ 144.258459] which belongs to the cache kmalloc-128 of size 128 [ 144.259592] The buggy address is located 5 bytes to the right of [ 144.259592] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.260865] [ 144.261104] The buggy address belongs to the physical page: [ 144.261771] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.262751] flags: 0x800(slab|zone=0) [ 144.263212] page_type: 0xffffffff() [ 144.263864] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.264924] raw: 00000000 [ 144.265253] page dumped because: kasan: bad access detected [ 144.266197] [ 144.266514] Memory state around the buggy address: [ 144.267219] c4fc8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.268098] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.268945] >c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.269627] ^ [ 144.270487] c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.271240] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.271969] ================================================================== [ 144.194227] ================================================================== [ 144.195587] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcc/0x320 [ 144.197558] Write of size 1 at addr c4fc8f73 by task kunit_try_catch/111 [ 144.198212] [ 144.199090] CPU: 0 PID: 111 Comm: kunit_try_catch Tainted: G N 6.6.76-rc1 #1 [ 144.200305] Hardware name: Generic DT based system [ 144.201430] unwind_backtrace from show_stack+0x18/0x1c [ 144.202257] show_stack from dump_stack_lvl+0x58/0x70 [ 144.202952] dump_stack_lvl from print_report+0x164/0x51c [ 144.203668] print_report from kasan_report+0xc8/0x104 [ 144.204431] kasan_report from kmalloc_oob_right+0xcc/0x320 [ 144.205235] kmalloc_oob_right from kunit_try_run_case+0x11c/0x2e4 [ 144.206351] kunit_try_run_case from kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.207101] kunit_generic_run_threadfn_adapter from kthread+0x184/0x1a8 [ 144.207731] kthread from ret_from_fork+0x14/0x30 [ 144.208404] Exception stack(0xf9e93fb0 to 0xf9e93ff8) [ 144.209250] 3fa0: 00000000 00000000 00000000 00000000 [ 144.210132] 3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 144.211033] 3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [ 144.211935] [ 144.212270] Allocated by task 111: [ 144.212902] kasan_set_track+0x3c/0x5c [ 144.213534] __kasan_kmalloc+0x8c/0x94 [ 144.214046] kmalloc_oob_right+0xa0/0x320 [ 144.214595] kunit_try_run_case+0x11c/0x2e4 [ 144.215149] kunit_generic_run_threadfn_adapter+0x2c/0x48 [ 144.215975] kthread+0x184/0x1a8 [ 144.216444] ret_from_fork+0x14/0x30 [ 144.216960] [ 144.217457] The buggy address belongs to the object at c4fc8f00 [ 144.217457] which belongs to the cache kmalloc-128 of size 128 [ 144.218939] The buggy address is located 0 bytes to the right of [ 144.218939] allocated 115-byte region [c4fc8f00, c4fc8f73) [ 144.220376] [ 144.220904] The buggy address belongs to the physical page: [ 144.221914] page:0207a5d0 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x44fc8 [ 144.223467] flags: 0x800(slab|zone=0) [ 144.224494] page_type: 0xffffffff() [ 144.225706] raw: 00000800 c4801300 00000122 00000000 00000000 80100010 ffffffff 00000001 [ 144.226667] raw: 00000000 [ 144.227358] page dumped because: kasan: bad access detected [ 144.228034] [ 144.228385] Memory state around the buggy address: [ 144.229183] c4fc8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.229938] c4fc8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.230900] >c4fc8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 144.231646] ^ [ 144.232518] c4fc8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.233232] c4fc9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 144.234002] ==================================================================
Failure - boot - gcc-13-lkftconfig-kunit
KNOWN ISSUE - boot/gcc-13-lkftconfig-kunit: Failure
(no logs available)