Date
Feb. 5, 2025, 2:09 p.m.
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
[ 200.796374] ================================================================== [ 200.798076] BUG: KFENCE: use-after-free read in test_krealloc+0x2b8/0x4e8 [ 200.798076] [ 200.799564] Use-after-free read at 0x00000000ab696835 (in kfence-#233): [ 200.800745] test_krealloc+0x2b8/0x4e8 [ 200.803110] kunit_try_run_case+0xf8/0x260 [ 200.804147] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 200.807221] kthread+0x18c/0x1a8 [ 200.808122] ret_from_fork+0x10/0x20 [ 200.809492] [ 200.809995] kfence-#233: 0x00000000ab696835-0x00000000155ad790, size=32, cache=kmalloc-32 [ 200.809995] [ 200.813102] allocated by task 277 on cpu 0 at 200.794967s: [ 200.815178] test_alloc+0x224/0x3d8 [ 200.816150] test_krealloc+0xc0/0x4e8 [ 200.817492] kunit_try_run_case+0xf8/0x260 [ 200.818799] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 200.820255] kthread+0x18c/0x1a8 [ 200.821757] ret_from_fork+0x10/0x20 [ 200.822803] [ 200.823114] freed by task 277 on cpu 0 at 200.795471s: [ 200.824513] krealloc+0xa8/0x1a0 [ 200.825668] test_krealloc+0x128/0x4e8 [ 200.826631] kunit_try_run_case+0xf8/0x260 [ 200.828137] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 200.829870] kthread+0x18c/0x1a8 [ 200.830645] ret_from_fork+0x10/0x20 [ 200.831811] [ 200.832458] CPU: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 200.834160] Hardware name: linux,dummy-virt (DT) [ 200.835415] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
[ 200.706112] ================================================================== [ 200.707561] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x148/0x368 [ 200.707561] [ 200.709652] Use-after-free read at 0x000000006b109c8e (in kfence-#232): [ 200.711157] test_memcache_typesafe_by_rcu+0x148/0x368 [ 200.712620] kunit_try_run_case+0xf8/0x260 [ 200.713663] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 200.715191] kthread+0x18c/0x1a8 [ 200.716139] ret_from_fork+0x10/0x20 [ 200.717209] [ 200.717828] kfence-#232: 0x000000006b109c8e-0x00000000650bab26, size=32, cache=test [ 200.717828] [ 200.719594] allocated by task 275 on cpu 1 at 200.690415s: [ 200.721157] test_alloc+0x1b8/0x3d8 [ 200.722184] test_memcache_typesafe_by_rcu+0xe8/0x368 [ 200.723595] kunit_try_run_case+0xf8/0x260 [ 200.724766] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 200.726196] kthread+0x18c/0x1a8 [ 200.727167] ret_from_fork+0x10/0x20 [ 200.728255] [ 200.728763] freed by task 0 on cpu 1 at 200.705360s: [ 200.731248] rcu_guarded_free+0x34/0x50 [ 200.732237] rcu_core+0x448/0xf40 [ 200.733287] rcu_core_si+0x18/0x30 [ 200.734378] handle_softirqs+0x240/0x678 [ 200.735530] __do_softirq+0x1c/0x28 [ 200.736548] ____do_softirq+0x18/0x30 [ 200.737664] call_on_irq_stack+0x24/0x58 [ 200.738817] do_softirq_own_stack+0x24/0x38 [ 200.739989] irq_exit_rcu+0x110/0x160 [ 200.741102] el1_interrupt+0x38/0x58 [ 200.742134] el1h_64_irq_handler+0x18/0x28 [ 200.743298] el1h_64_irq+0x64/0x68 [ 200.744312] arch_local_irq_enable+0x4/0x8 [ 200.745424] do_idle+0x304/0x388 [ 200.746427] cpu_startup_entry+0x48/0x58 [ 200.747561] secondary_start_kernel+0x1e8/0x228 [ 200.748901] __secondary_switched+0xb8/0xc0 [ 200.750164] [ 200.750730] CPU: 1 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 200.752447] Hardware name: linux,dummy-virt (DT) [ 200.753506] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
[ 191.471181] ================================================================== [ 191.475197] BUG: KFENCE: invalid read in test_invalid_access+0xb4/0x158 [ 191.475197] [ 191.477717] Invalid read at 0x00000000fda6e9dd: [ 191.479262] test_invalid_access+0xb4/0x158 [ 191.480801] kunit_try_run_case+0xf8/0x260 [ 191.482888] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.484678] kthread+0x18c/0x1a8 [ 191.490915] ret_from_fork+0x10/0x20 [ 191.492035] [ 191.492774] CPU: 1 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 191.495316] Hardware name: linux,dummy-virt (DT) [ 191.496490] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
[ 191.227212] ================================================================== [ 191.228632] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 191.228632] [ 191.230715] Corrupted memory at 0x00000000c7a0df47 [ ! . . . . . . ] (in kfence-#228): [ 191.233503] test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 191.234967] kunit_try_run_case+0xf8/0x260 [ 191.236197] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.237619] kthread+0x18c/0x1a8 [ 191.238616] ret_from_fork+0x10/0x20 [ 191.239668] [ 191.240206] kfence-#228: 0x00000000f4a536d9-0x00000000e2013ba1, size=73, cache=kmalloc-96 [ 191.240206] [ 191.242094] allocated by task 265 on cpu 0 at 191.226196s: [ 191.243737] test_alloc+0x224/0x3d8 [ 191.244707] test_kmalloc_aligned_oob_write+0xb4/0x1d8 [ 191.246062] kunit_try_run_case+0xf8/0x260 [ 191.247239] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.248652] kthread+0x18c/0x1a8 [ 191.249619] ret_from_fork+0x10/0x20 [ 191.250770] [ 191.251341] freed by task 265 on cpu 0 at 191.226556s: [ 191.253067] test_kmalloc_aligned_oob_write+0x150/0x1d8 [ 191.254321] kunit_try_run_case+0xf8/0x260 [ 191.255505] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.256937] kthread+0x18c/0x1a8 [ 191.257886] ret_from_fork+0x10/0x20 [ 191.258957] [ 191.259472] CPU: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 191.261282] Hardware name: linux,dummy-virt (DT) [ 191.262367] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
[ 191.122846] ================================================================== [ 191.124303] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x118/0x270 [ 191.124303] [ 191.126481] Out-of-bounds read at 0x0000000013f36877 (81B right of kfence-#227): [ 191.128355] test_kmalloc_aligned_oob_read+0x118/0x270 [ 191.129833] kunit_try_run_case+0xf8/0x260 [ 191.131059] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.132520] kthread+0x18c/0x1a8 [ 191.133520] ret_from_fork+0x10/0x20 [ 191.134638] [ 191.135166] kfence-#227: 0x0000000042fcad1a-0x000000000a21949d, size=73, cache=kmalloc-96 [ 191.135166] [ 191.137060] allocated by task 263 on cpu 1 at 191.122382s: [ 191.138745] test_alloc+0x224/0x3d8 [ 191.139701] test_kmalloc_aligned_oob_read+0xd4/0x270 [ 191.141061] kunit_try_run_case+0xf8/0x260 [ 191.142260] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 191.143695] kthread+0x18c/0x1a8 [ 191.144660] ret_from_fork+0x10/0x20 [ 191.145747] [ 191.146313] CPU: 1 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 191.148122] Hardware name: linux,dummy-virt (DT) [ 191.149217] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
[ 186.959662] ================================================================== [ 186.961083] BUG: KFENCE: memory corruption in test_corruption+0x1e8/0x258 [ 186.961083] [ 186.962911] Corrupted memory at 0x00000000e45f21cc [ ! ] (in kfence-#119): [ 186.965024] test_corruption+0x1e8/0x258 [ 186.966170] kunit_try_run_case+0xf8/0x260 [ 186.967339] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.968778] kthread+0x18c/0x1a8 [ 186.969762] ret_from_fork+0x10/0x20 [ 186.970874] [ 186.971451] kfence-#119: 0x000000002c17ec43-0x00000000270b9cbf, size=32, cache=kmalloc-32 [ 186.971451] [ 186.973266] allocated by task 251 on cpu 1 at 186.958642s: [ 186.974980] test_alloc+0x224/0x3d8 [ 186.975945] test_corruption+0x114/0x258 [ 186.977112] kunit_try_run_case+0xf8/0x260 [ 186.978350] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.979797] kthread+0x18c/0x1a8 [ 186.980779] ret_from_fork+0x10/0x20 [ 186.981880] [ 186.982398] freed by task 251 on cpu 1 at 186.958963s: [ 186.984040] test_corruption+0x1e8/0x258 [ 186.985352] kunit_try_run_case+0xf8/0x260 [ 186.986784] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.989085] kthread+0x18c/0x1a8 [ 186.990127] ret_from_fork+0x10/0x20 [ 186.991223] [ 186.991844] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.993655] Hardware name: linux,dummy-virt (DT) [ 186.994719] ================================================================== [ 187.063323] ================================================================== [ 187.064822] BUG: KFENCE: memory corruption in test_corruption+0xf4/0x258 [ 187.064822] [ 187.066560] Corrupted memory at 0x000000004cfe7d38 [ ! . . . . . . . . . . . . . . . ] (in kfence-#148): [ 187.070626] test_corruption+0xf4/0x258 [ 187.071793] kunit_try_run_case+0xf8/0x260 [ 187.073072] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.074536] kthread+0x18c/0x1a8 [ 187.075518] ret_from_fork+0x10/0x20 [ 187.076612] [ 187.077115] kfence-#148: 0x00000000b0291f8d-0x00000000611625c4, size=32, cache=test [ 187.077115] [ 187.078977] allocated by task 253 on cpu 1 at 187.062567s: [ 187.080603] test_alloc+0x1b8/0x3d8 [ 187.081610] test_corruption+0xc8/0x258 [ 187.082776] kunit_try_run_case+0xf8/0x260 [ 187.083969] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.085365] kthread+0x18c/0x1a8 [ 187.086356] ret_from_fork+0x10/0x20 [ 187.087424] [ 187.087985] freed by task 253 on cpu 1 at 187.062883s: [ 187.089628] test_corruption+0xf4/0x258 [ 187.090665] kunit_try_run_case+0xf8/0x260 [ 187.091854] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.093259] kthread+0x18c/0x1a8 [ 187.094251] ret_from_fork+0x10/0x20 [ 187.095338] [ 187.095902] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 187.097665] Hardware name: linux,dummy-virt (DT) [ 187.098828] ================================================================== [ 187.479963] ================================================================== [ 187.481555] BUG: KFENCE: memory corruption in test_corruption+0x13c/0x258 [ 187.481555] [ 187.483378] Corrupted memory at 0x000000007d1ef7d7 [ ! ] (in kfence-#170): [ 187.485457] test_corruption+0x13c/0x258 [ 187.486712] kunit_try_run_case+0xf8/0x260 [ 187.487933] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.489381] kthread+0x18c/0x1a8 [ 187.490427] ret_from_fork+0x10/0x20 [ 187.491598] [ 187.492228] kfence-#170: 0x00000000f20f3578-0x000000005a5b8acf, size=32, cache=test [ 187.492228] [ 187.494080] allocated by task 253 on cpu 1 at 187.478837s: [ 187.495756] test_alloc+0x1b8/0x3d8 [ 187.496731] test_corruption+0x114/0x258 [ 187.498728] kunit_try_run_case+0xf8/0x260 [ 187.500227] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.501725] kthread+0x18c/0x1a8 [ 187.502731] ret_from_fork+0x10/0x20 [ 187.503870] [ 187.504486] freed by task 253 on cpu 1 at 187.479129s: [ 187.506188] test_corruption+0x13c/0x258 [ 187.507230] kunit_try_run_case+0xf8/0x260 [ 187.508431] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 187.509924] kthread+0x18c/0x1a8 [ 187.510923] ret_from_fork+0x10/0x20 [ 187.512033] [ 187.512708] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 187.514755] Hardware name: linux,dummy-virt (DT) [ 187.515736] ================================================================== [ 186.855685] ================================================================== [ 186.857094] BUG: KFENCE: memory corruption in test_corruption+0x194/0x258 [ 186.857094] [ 186.859079] Corrupted memory at 0x0000000044922680 [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 186.863837] test_corruption+0x194/0x258 [ 186.865031] kunit_try_run_case+0xf8/0x260 [ 186.866209] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.867651] kthread+0x18c/0x1a8 [ 186.868609] ret_from_fork+0x10/0x20 [ 186.869678] [ 186.870237] kfence-#114: 0x00000000a45aed3b-0x00000000b898834d, size=32, cache=kmalloc-32 [ 186.870237] [ 186.872121] allocated by task 251 on cpu 1 at 186.854716s: [ 186.873769] test_alloc+0x224/0x3d8 [ 186.874749] test_corruption+0xc8/0x258 [ 186.875898] kunit_try_run_case+0xf8/0x260 [ 186.877086] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.878564] kthread+0x18c/0x1a8 [ 186.879557] ret_from_fork+0x10/0x20 [ 186.880638] [ 186.881125] freed by task 251 on cpu 1 at 186.855040s: [ 186.882822] test_corruption+0x194/0x258 [ 186.883847] kunit_try_run_case+0xf8/0x260 [ 186.885056] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.886479] kthread+0x18c/0x1a8 [ 186.887445] ret_from_fork+0x10/0x20 [ 186.888525] [ 186.889061] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.890906] Hardware name: linux,dummy-virt (DT) [ 186.892021] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
[ 186.439058] ================================================================== [ 186.440459] BUG: KFENCE: invalid free in test_invalid_addr_free+0x14c/0x1d0 [ 186.440459] [ 186.442365] Invalid free of 0x000000005e78c8fd (in kfence-#93): [ 186.443981] test_invalid_addr_free+0x14c/0x1d0 [ 186.445313] kunit_try_run_case+0xf8/0x260 [ 186.446602] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.448071] kthread+0x18c/0x1a8 [ 186.449078] ret_from_fork+0x10/0x20 [ 186.450201] [ 186.450854] kfence-#93: 0x00000000a0c7d08d-0x000000007599f5b1, size=32, cache=kmalloc-32 [ 186.450854] [ 186.452749] allocated by task 247 on cpu 0 at 186.438345s: [ 186.454428] test_alloc+0x224/0x3d8 [ 186.455414] test_invalid_addr_free+0xcc/0x1d0 [ 186.456717] kunit_try_run_case+0xf8/0x260 [ 186.457971] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.459422] kthread+0x18c/0x1a8 [ 186.460381] ret_from_fork+0x10/0x20 [ 186.461494] [ 186.462181] CPU: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.463959] Hardware name: linux,dummy-virt (DT) [ 186.465110] ================================================================== [ 186.543797] ================================================================== [ 186.545263] BUG: KFENCE: invalid free in test_invalid_addr_free+0xe4/0x1d0 [ 186.545263] [ 186.547232] Invalid free of 0x000000001a43f1d6 (in kfence-#94): [ 186.548871] test_invalid_addr_free+0xe4/0x1d0 [ 186.550224] kunit_try_run_case+0xf8/0x260 [ 186.551409] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.552868] kthread+0x18c/0x1a8 [ 186.553866] ret_from_fork+0x10/0x20 [ 186.554974] [ 186.555554] kfence-#94: 0x000000007fc5f84d-0x0000000029b0a721, size=32, cache=test [ 186.555554] [ 186.557348] allocated by task 249 on cpu 0 at 186.543108s: [ 186.558969] test_alloc+0x1b8/0x3d8 [ 186.559967] test_invalid_addr_free+0xcc/0x1d0 [ 186.561209] kunit_try_run_case+0xf8/0x260 [ 186.562398] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.563857] kthread+0x18c/0x1a8 [ 186.564841] ret_from_fork+0x10/0x20 [ 186.565913] [ 186.566454] CPU: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.568240] Hardware name: linux,dummy-virt (DT) [ 186.569366] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
[ 186.335311] ================================================================== [ 186.336715] BUG: KFENCE: invalid free in test_double_free+0xf8/0x1d0 [ 186.336715] [ 186.338567] Invalid free of 0x00000000ad0e5bed (in kfence-#84): [ 186.339992] test_double_free+0xf8/0x1d0 [ 186.341334] kunit_try_run_case+0xf8/0x260 [ 186.342529] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.343977] kthread+0x18c/0x1a8 [ 186.344956] ret_from_fork+0x10/0x20 [ 186.346033] [ 186.346535] kfence-#84: 0x00000000ad0e5bed-0x000000008bd6980a, size=32, cache=test [ 186.346535] [ 186.348371] allocated by task 245 on cpu 0 at 186.334352s: [ 186.349995] test_alloc+0x1b8/0x3d8 [ 186.350998] test_double_free+0xcc/0x1d0 [ 186.352131] kunit_try_run_case+0xf8/0x260 [ 186.353314] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.354758] kthread+0x18c/0x1a8 [ 186.355740] ret_from_fork+0x10/0x20 [ 186.356819] [ 186.357307] freed by task 245 on cpu 0 at 186.334674s: [ 186.358960] test_double_free+0xe8/0x1d0 [ 186.360007] kunit_try_run_case+0xf8/0x260 [ 186.361191] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.362628] kthread+0x18c/0x1a8 [ 186.363591] ret_from_fork+0x10/0x20 [ 186.364658] [ 186.365185] CPU: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.367043] Hardware name: linux,dummy-virt (DT) [ 186.368138] ================================================================== [ 186.231264] ================================================================== [ 186.232689] BUG: KFENCE: invalid free in test_double_free+0x15c/0x1d0 [ 186.232689] [ 186.234408] Invalid free of 0x00000000cf614416 (in kfence-#81): [ 186.235817] test_double_free+0x15c/0x1d0 [ 186.237165] kunit_try_run_case+0xf8/0x260 [ 186.238346] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.239779] kthread+0x18c/0x1a8 [ 186.240767] ret_from_fork+0x10/0x20 [ 186.241854] [ 186.242356] kfence-#81: 0x00000000cf614416-0x0000000025f94c73, size=32, cache=kmalloc-32 [ 186.242356] [ 186.244196] allocated by task 243 on cpu 1 at 186.230251s: [ 186.245921] test_alloc+0x224/0x3d8 [ 186.246905] test_double_free+0xcc/0x1d0 [ 186.248057] kunit_try_run_case+0xf8/0x260 [ 186.249271] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.250698] kthread+0x18c/0x1a8 [ 186.251681] ret_from_fork+0x10/0x20 [ 186.252768] [ 186.253281] freed by task 243 on cpu 1 at 186.230591s: [ 186.254979] test_double_free+0x14c/0x1d0 [ 186.256041] kunit_try_run_case+0xf8/0x260 [ 186.257226] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.258667] kthread+0x18c/0x1a8 [ 186.259686] ret_from_fork+0x10/0x20 [ 186.260740] [ 186.261294] CPU: 1 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.263030] Hardware name: linux,dummy-virt (DT) [ 186.264122] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
[ 186.126923] ================================================================== [ 186.128300] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf0/0x1c8 [ 186.128300] [ 186.130268] Use-after-free read at 0x00000000b856ef38 (in kfence-#64): [ 186.131737] test_use_after_free_read+0xf0/0x1c8 [ 186.132995] kunit_try_run_case+0xf8/0x260 [ 186.134185] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.135609] kthread+0x18c/0x1a8 [ 186.136540] ret_from_fork+0x10/0x20 [ 186.137643] [ 186.138154] kfence-#64: 0x00000000b856ef38-0x00000000ed4c991e, size=32, cache=test [ 186.138154] [ 186.139973] allocated by task 241 on cpu 0 at 186.126209s: [ 186.141608] test_alloc+0x1b8/0x3d8 [ 186.142621] test_use_after_free_read+0xc8/0x1c8 [ 186.143925] kunit_try_run_case+0xf8/0x260 [ 186.145105] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.146521] kthread+0x18c/0x1a8 [ 186.147465] ret_from_fork+0x10/0x20 [ 186.148537] [ 186.149058] freed by task 241 on cpu 0 at 186.126506s: [ 186.150704] test_use_after_free_read+0xe8/0x1c8 [ 186.151833] kunit_try_run_case+0xf8/0x260 [ 186.153002] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.154392] kthread+0x18c/0x1a8 [ 186.155393] ret_from_fork+0x10/0x20 [ 186.156460] [ 186.157069] CPU: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.158803] Hardware name: linux,dummy-virt (DT) [ 186.159909] ================================================================== [ 186.022839] ================================================================== [ 186.024374] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x150/0x1c8 [ 186.024374] [ 186.026608] Use-after-free read at 0x000000003cb5e766 (in kfence-#51): [ 186.027890] test_use_after_free_read+0x150/0x1c8 [ 186.029231] kunit_try_run_case+0xf8/0x260 [ 186.030447] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.031928] kthread+0x18c/0x1a8 [ 186.032940] ret_from_fork+0x10/0x20 [ 186.034022] [ 186.034617] kfence-#51: 0x000000003cb5e766-0x000000000db38057, size=32, cache=kmalloc-32 [ 186.034617] [ 186.036447] allocated by task 239 on cpu 1 at 186.022179s: [ 186.038099] test_alloc+0x224/0x3d8 [ 186.039068] test_use_after_free_read+0xc8/0x1c8 [ 186.040321] kunit_try_run_case+0xf8/0x260 [ 186.041533] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.042966] kthread+0x18c/0x1a8 [ 186.043924] ret_from_fork+0x10/0x20 [ 186.044980] [ 186.045500] freed by task 239 on cpu 1 at 186.022498s: [ 186.047162] test_use_after_free_read+0x148/0x1c8 [ 186.048313] kunit_try_run_case+0xf8/0x260 [ 186.049491] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 186.050927] kthread+0x18c/0x1a8 [ 186.051920] ret_from_fork+0x10/0x20 [ 186.052997] [ 186.053549] CPU: 1 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 186.055311] Hardware name: linux,dummy-virt (DT) [ 186.056384] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
[ 185.815105] ================================================================== [ 185.816446] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd8/0x1b0 [ 185.816446] [ 185.818617] Out-of-bounds write at 0x00000000b087a6d0 (1B left of kfence-#38): [ 185.820382] test_out_of_bounds_write+0xd8/0x1b0 [ 185.821838] kunit_try_run_case+0xf8/0x260 [ 185.823058] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.824523] kthread+0x18c/0x1a8 [ 185.825550] ret_from_fork+0x10/0x20 [ 185.826701] [ 185.827339] kfence-#38: 0x000000002e5b3ef9-0x000000002ef5bbc4, size=32, cache=kmalloc-32 [ 185.827339] [ 185.829263] allocated by task 235 on cpu 1 at 185.814707s: [ 185.831077] test_alloc+0x224/0x3d8 [ 185.832051] test_out_of_bounds_write+0xc0/0x1b0 [ 185.833359] kunit_try_run_case+0xf8/0x260 [ 185.834547] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.835995] kthread+0x18c/0x1a8 [ 185.836968] ret_from_fork+0x10/0x20 [ 185.838048] [ 185.838631] CPU: 1 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.840353] Hardware name: linux,dummy-virt (DT) [ 185.841455] ================================================================== [ 185.918545] ================================================================== [ 185.920009] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd8/0x1b0 [ 185.920009] [ 185.922143] Out-of-bounds write at 0x000000005a946824 (1B left of kfence-#42): [ 185.923983] test_out_of_bounds_write+0xd8/0x1b0 [ 185.925269] kunit_try_run_case+0xf8/0x260 [ 185.926453] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.927874] kthread+0x18c/0x1a8 [ 185.928826] ret_from_fork+0x10/0x20 [ 185.929898] [ 185.930481] kfence-#42: 0x000000008c598ba0-0x000000008646926f, size=32, cache=test [ 185.930481] [ 185.932227] allocated by task 237 on cpu 0 at 185.918178s: [ 185.933794] test_alloc+0x1b8/0x3d8 [ 185.934799] test_out_of_bounds_write+0xc0/0x1b0 [ 185.936086] kunit_try_run_case+0xf8/0x260 [ 185.937302] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.938719] kthread+0x18c/0x1a8 [ 185.939670] ret_from_fork+0x10/0x20 [ 185.940743] [ 185.941275] CPU: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.943100] Hardware name: linux,dummy-virt (DT) [ 185.944196] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
[ 185.087969] ================================================================== [ 185.089530] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xdc/0x278 [ 185.089530] [ 185.091598] Out-of-bounds read at 0x000000002cff838b (1B left of kfence-#2): [ 185.093309] test_out_of_bounds_read+0xdc/0x278 [ 185.094756] kunit_try_run_case+0xf8/0x260 [ 185.095974] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.097430] kthread+0x18c/0x1a8 [ 185.098421] ret_from_fork+0x10/0x20 [ 185.099492] [ 185.100013] kfence-#2: 0x00000000dcb8817d-0x000000003de44844, size=32, cache=kmalloc-32 [ 185.100013] [ 185.101995] allocated by task 231 on cpu 1 at 185.087254s: [ 185.103848] test_alloc+0x224/0x3d8 [ 185.104821] test_out_of_bounds_read+0xcc/0x278 [ 185.106148] kunit_try_run_case+0xf8/0x260 [ 185.107387] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.108832] kthread+0x18c/0x1a8 [ 185.109829] ret_from_fork+0x10/0x20 [ 185.110964] [ 185.111662] CPU: 1 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.113486] Hardware name: linux,dummy-virt (DT) [ 185.114659] ================================================================== [ 185.399115] ================================================================== [ 185.400346] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x120/0x278 [ 185.400346] [ 185.402406] Out-of-bounds read at 0x000000002663a7ea (32B right of kfence-#30): [ 185.404152] test_out_of_bounds_read+0x120/0x278 [ 185.405468] kunit_try_run_case+0xf8/0x260 [ 185.406733] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.408173] kthread+0x18c/0x1a8 [ 185.409151] ret_from_fork+0x10/0x20 [ 185.410310] [ 185.410938] kfence-#30: 0x00000000c64980a9-0x000000009df408e5, size=32, cache=test [ 185.410938] [ 185.412781] allocated by task 233 on cpu 0 at 185.398749s: [ 185.414475] test_alloc+0x1b8/0x3d8 [ 185.415429] test_out_of_bounds_read+0x110/0x278 [ 185.416747] kunit_try_run_case+0xf8/0x260 [ 185.417952] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.419408] kthread+0x18c/0x1a8 [ 185.420401] ret_from_fork+0x10/0x20 [ 185.421517] [ 185.422164] CPU: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.423955] Hardware name: linux,dummy-virt (DT) [ 185.425071] ================================================================== [ 185.191079] ================================================================== [ 185.192371] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x120/0x278 [ 185.192371] [ 185.194621] Out-of-bounds read at 0x00000000e5087d93 (32B right of kfence-#11): [ 185.196005] test_out_of_bounds_read+0x120/0x278 [ 185.197330] kunit_try_run_case+0xf8/0x260 [ 185.198533] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.199984] kthread+0x18c/0x1a8 [ 185.200968] ret_from_fork+0x10/0x20 [ 185.202019] [ 185.202559] kfence-#11: 0x000000005e00d4b9-0x000000004a729e6e, size=32, cache=kmalloc-32 [ 185.202559] [ 185.204412] allocated by task 231 on cpu 1 at 185.190648s: [ 185.206098] test_alloc+0x224/0x3d8 [ 185.207068] test_out_of_bounds_read+0x110/0x278 [ 185.208349] kunit_try_run_case+0xf8/0x260 [ 185.209513] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.210976] kthread+0x18c/0x1a8 [ 185.211930] ret_from_fork+0x10/0x20 [ 185.213001] [ 185.213493] CPU: 1 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.215324] Hardware name: linux,dummy-virt (DT) [ 185.216423] ================================================================== [ 185.294645] ================================================================== [ 185.296045] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xdc/0x278 [ 185.296045] [ 185.298012] Out-of-bounds read at 0x000000004e4d7f8b (1B left of kfence-#24): [ 185.299539] test_out_of_bounds_read+0xdc/0x278 [ 185.300943] kunit_try_run_case+0xf8/0x260 [ 185.302150] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.303613] kthread+0x18c/0x1a8 [ 185.304603] ret_from_fork+0x10/0x20 [ 185.305676] [ 185.306213] kfence-#24: 0x000000007e4c7e50-0x00000000d76af62b, size=32, cache=test [ 185.306213] [ 185.307994] allocated by task 233 on cpu 0 at 185.294236s: [ 185.309548] test_alloc+0x1b8/0x3d8 [ 185.310551] test_out_of_bounds_read+0xcc/0x278 [ 185.311828] kunit_try_run_case+0xf8/0x260 [ 185.312991] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 185.314399] kthread+0x18c/0x1a8 [ 185.315362] ret_from_fork+0x10/0x20 [ 185.316409] [ 185.317029] CPU: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 185.318755] Hardware name: linux,dummy-virt (DT) [ 185.319845] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-pagealloc_uaf: Failure
[ 177.687862] ================================================================== [ 177.690442] BUG: KASAN: use-after-free in pagealloc_uaf+0xd4/0x1e8 [ 177.693110] Read of size 1 at addr ffff0000c6040000 by task kunit_try_catch/130 [ 177.694395] [ 177.695732] CPU: 1 PID: 130 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.697837] Hardware name: linux,dummy-virt (DT) [ 177.699281] Call trace: [ 177.699880] dump_backtrace+0x9c/0x128 [ 177.701067] show_stack+0x20/0x38 [ 177.702261] dump_stack_lvl+0x60/0xb0 [ 177.703512] print_report+0xf8/0x5d8 [ 177.704764] kasan_report+0xc8/0x118 [ 177.706122] __asan_load1+0x60/0x70 [ 177.707088] pagealloc_uaf+0xd4/0x1e8 [ 177.708587] kunit_try_run_case+0xf8/0x260 [ 177.710240] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.711800] kthread+0x18c/0x1a8 [ 177.713039] ret_from_fork+0x10/0x20 [ 177.714421] [ 177.714889] The buggy address belongs to the physical page: [ 177.715522] page:00000000ba732e46 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106040 [ 177.718478] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 177.720467] page_type: 0xffffff7f(buddy) [ 177.721988] raw: 0bfffc0000000000 ffff0000ff5fca30 ffff0000ff5fca30 0000000000000000 [ 177.723978] raw: 0000000000000000 0000000000000006 00000000ffffff7f 0000000000000000 [ 177.725939] page dumped because: kasan: bad access detected [ 177.727462] [ 177.728107] Memory state around the buggy address: [ 177.729504] ffff0000c603ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.731546] ffff0000c603ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.733753] >ffff0000c6040000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.735465] ^ [ 177.736566] ffff0000c6040080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.738397] ffff0000c6040100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.739931] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-kfree_sensitive
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-kfree_sensitive: Failure
[ 184.430248] ================================================================== [ 184.432960] BUG: KFENCE: invalid free in kfree_sensitive+0x80/0xb0 [ 184.432960] [ 184.435447] Invalid free of 0x00000000203be2d1 (in kfence-#250): [ 184.436979] kfree_sensitive+0x80/0xb0 [ 184.439535] kmalloc_double_kzfree+0xc8/0x1d8 [ 184.440856] kunit_try_run_case+0xf8/0x260 [ 184.442211] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.443769] kthread+0x18c/0x1a8 [ 184.444777] ret_from_fork+0x10/0x20 [ 184.445966] [ 184.446435] kfence-#250: 0x00000000203be2d1-0x00000000c32f07e1, size=16, cache=kmalloc-16 [ 184.446435] [ 184.447718] allocated by task 210 on cpu 1 at 184.380311s: [ 184.450370] __kmem_cache_alloc_node+0x288/0x2d0 [ 184.451595] kmalloc_trace+0x48/0x130 [ 184.452701] kmalloc_double_kzfree+0x9c/0x1d8 [ 184.454640] kunit_try_run_case+0xf8/0x260 [ 184.455880] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.457761] kthread+0x18c/0x1a8 [ 184.458844] ret_from_fork+0x10/0x20 [ 184.460016] [ 184.460645] freed by task 210 on cpu 1 at 184.380632s: [ 184.462667] kfree_sensitive+0x80/0xb0 [ 184.463559] kmalloc_double_kzfree+0xb8/0x1d8 [ 184.465165] kunit_try_run_case+0xf8/0x260 [ 184.466809] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.468442] kthread+0x18c/0x1a8 [ 184.470013] ret_from_fork+0x10/0x20 [ 184.471032] [ 184.471375] CPU: 1 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.473831] Hardware name: linux,dummy-virt (DT) [ 184.474744] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-write-in-__memset
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset: Failure
[ 184.381939] ================================================================== [ 184.384909] BUG: KFENCE: use-after-free write in __memset+0x84/0x188 [ 184.384909] [ 184.386492] Use-after-free write at 0x00000000203be2d1 (in kfence-#250): [ 184.389597] __memset+0x84/0x188 [ 184.390550] kmalloc_double_kzfree+0xc8/0x1d8 [ 184.392230] kunit_try_run_case+0xf8/0x260 [ 184.393646] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.395285] kthread+0x18c/0x1a8 [ 184.396413] ret_from_fork+0x10/0x20 [ 184.397461] [ 184.398250] kfence-#250: 0x00000000203be2d1-0x00000000c32f07e1, size=16, cache=kmalloc-16 [ 184.398250] [ 184.400457] allocated by task 210 on cpu 1 at 184.380311s: [ 184.402944] __kmem_cache_alloc_node+0x288/0x2d0 [ 184.404142] kmalloc_trace+0x48/0x130 [ 184.405414] kmalloc_double_kzfree+0x9c/0x1d8 [ 184.406756] kunit_try_run_case+0xf8/0x260 [ 184.408244] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.409914] kthread+0x18c/0x1a8 [ 184.410948] ret_from_fork+0x10/0x20 [ 184.412049] [ 184.412669] freed by task 210 on cpu 1 at 184.380632s: [ 184.414586] kfree_sensitive+0x80/0xb0 [ 184.415718] kmalloc_double_kzfree+0xb8/0x1d8 [ 184.416897] kunit_try_run_case+0xf8/0x260 [ 184.418251] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.419959] kthread+0x18c/0x1a8 [ 184.420923] ret_from_fork+0x10/0x20 [ 184.422108] [ 184.422683] CPU: 1 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.424770] Hardware name: linux,dummy-virt (DT) [ 184.426034] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy: Failure
[ 182.157993] ================================================================== [ 182.160396] BUG: KFENCE: use-after-free read in kmem_cache_destroy+0x5c/0x178 [ 182.160396] [ 182.162323] Use-after-free read at 0x0000000013294b9f (in kfence-#245): [ 182.163809] kmem_cache_destroy+0x5c/0x178 [ 182.165099] kmem_cache_double_destroy+0xd0/0x1b8 [ 182.166501] kunit_try_run_case+0xf8/0x260 [ 182.168155] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.169615] kthread+0x18c/0x1a8 [ 182.170644] ret_from_fork+0x10/0x20 [ 182.171766] [ 182.172559] kfence-#245: 0x00000000b96a458b-0x00000000fb4c16d6, size=208, cache=kmem_cache [ 182.172559] [ 182.175009] allocated by task 198 on cpu 1 at 182.132607s: [ 182.177233] kmem_cache_create_usercopy+0x170/0x260 [ 182.178529] kmem_cache_create+0x24/0x38 [ 182.179671] kmem_cache_double_destroy+0xa4/0x1b8 [ 182.181084] kunit_try_run_case+0xf8/0x260 [ 182.182404] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.184529] kthread+0x18c/0x1a8 [ 182.185399] ret_from_fork+0x10/0x20 [ 182.186673] [ 182.187314] freed by task 198 on cpu 1 at 182.152269s: [ 182.189086] slab_kmem_cache_release+0x38/0x50 [ 182.190847] kmem_cache_release+0x1c/0x30 [ 182.192201] kobject_put+0x104/0x2d0 [ 182.193292] sysfs_slab_release+0x30/0x48 [ 182.194477] kmem_cache_destroy+0xd8/0x178 [ 182.195625] kmem_cache_double_destroy+0xc0/0x1b8 [ 182.197227] kunit_try_run_case+0xf8/0x260 [ 182.198812] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.200599] kthread+0x18c/0x1a8 [ 182.201378] ret_from_fork+0x10/0x20 [ 182.202585] [ 182.203181] CPU: 1 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.205364] Hardware name: linux,dummy-virt (DT) [ 182.207382] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob: Failure
[ 184.854498] ================================================================== [ 184.855802] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xec/0x320 [ 184.857627] Read of size 1 at addr ffff8000800fd7f8 by task kunit_try_catch/219 [ 184.860037] [ 184.860683] CPU: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.862708] Hardware name: linux,dummy-virt (DT) [ 184.863933] Call trace: [ 184.864794] dump_backtrace+0x9c/0x128 [ 184.866186] show_stack+0x20/0x38 [ 184.867304] dump_stack_lvl+0x60/0xb0 [ 184.868548] print_report+0x314/0x5d8 [ 184.869924] kasan_report+0xc8/0x118 [ 184.871046] __asan_load1+0x60/0x70 [ 184.872154] vmalloc_oob+0xec/0x320 [ 184.873489] kunit_try_run_case+0xf8/0x260 [ 184.874867] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.876697] kthread+0x18c/0x1a8 [ 184.878069] ret_from_fork+0x10/0x20 [ 184.879204] [ 184.879791] The buggy address belongs to the virtual mapping at [ 184.879791] [ffff8000800fd000, ffff8000800ff000) created by: [ 184.879791] vmalloc_oob+0x88/0x320 [ 184.883066] [ 184.883756] The buggy address belongs to the physical page: [ 184.885464] page:00000000bef78acf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f64 [ 184.887410] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 184.888875] page_type: 0xffffffff() [ 184.890024] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 184.892142] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 184.893796] page dumped because: kasan: bad access detected [ 184.895192] [ 184.895802] Memory state around the buggy address: [ 184.896901] ffff8000800fd680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 184.898820] ffff8000800fd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 184.900434] >ffff8000800fd780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 184.902303] ^ [ 184.903934] ffff8000800fd800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 184.905680] ffff8000800fd880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 184.907360] ================================================================== [ 184.795530] ================================================================== [ 184.799647] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0xc8/0x320 [ 184.801314] Read of size 1 at addr ffff8000800fd7f3 by task kunit_try_catch/219 [ 184.803279] [ 184.803955] CPU: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.805771] Hardware name: linux,dummy-virt (DT) [ 184.807225] Call trace: [ 184.807637] dump_backtrace+0x9c/0x128 [ 184.808888] show_stack+0x20/0x38 [ 184.810029] dump_stack_lvl+0x60/0xb0 [ 184.811321] print_report+0x314/0x5d8 [ 184.812479] kasan_report+0xc8/0x118 [ 184.813948] __asan_load1+0x60/0x70 [ 184.815092] vmalloc_oob+0xc8/0x320 [ 184.816168] kunit_try_run_case+0xf8/0x260 [ 184.817535] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.818836] kthread+0x18c/0x1a8 [ 184.819970] ret_from_fork+0x10/0x20 [ 184.821294] [ 184.822348] The buggy address belongs to the virtual mapping at [ 184.822348] [ffff8000800fd000, ffff8000800ff000) created by: [ 184.822348] vmalloc_oob+0x88/0x320 [ 184.825718] [ 184.826341] The buggy address belongs to the physical page: [ 184.827686] page:00000000bef78acf refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f64 [ 184.829655] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 184.831207] page_type: 0xffffffff() [ 184.832363] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 184.834518] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 184.836054] page dumped because: kasan: bad access detected [ 184.837688] [ 184.838225] Memory state around the buggy address: [ 184.839438] ffff8000800fd680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 184.841294] ffff8000800fd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 184.843095] >ffff8000800fd780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 184.844614] ^ [ 184.846241] ffff8000800fd800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 184.848169] ffff8000800fd880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 184.850202] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
[ 184.660498] ================================================================== [ 184.663340] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x14c/0x270 [ 184.664599] Read of size 8 at addr ffff0000c60518c0 by task kunit_try_catch/214 [ 184.667129] [ 184.667738] CPU: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.669731] Hardware name: linux,dummy-virt (DT) [ 184.671131] Call trace: [ 184.671814] dump_backtrace+0x9c/0x128 [ 184.672962] show_stack+0x20/0x38 [ 184.674459] dump_stack_lvl+0x60/0xb0 [ 184.675521] print_report+0xf8/0x5d8 [ 184.676651] kasan_report+0xc8/0x118 [ 184.678099] __asan_load8+0x9c/0xc0 [ 184.679239] workqueue_uaf+0x14c/0x270 [ 184.680329] kunit_try_run_case+0xf8/0x260 [ 184.682943] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.684425] kthread+0x18c/0x1a8 [ 184.685555] ret_from_fork+0x10/0x20 [ 184.686722] [ 184.687345] Allocated by task 214: [ 184.688213] kasan_save_stack+0x3c/0x68 [ 184.689399] kasan_set_track+0x2c/0x40 [ 184.690713] kasan_save_alloc_info+0x24/0x38 [ 184.691766] __kasan_kmalloc+0xd4/0xd8 [ 184.693161] kmalloc_trace+0x68/0x130 [ 184.694489] workqueue_uaf+0xd0/0x270 [ 184.695560] kunit_try_run_case+0xf8/0x260 [ 184.696804] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.698504] kthread+0x18c/0x1a8 [ 184.699432] ret_from_fork+0x10/0x20 [ 184.700565] [ 184.701455] Freed by task 70: [ 184.702443] kasan_save_stack+0x3c/0x68 [ 184.703759] kasan_set_track+0x2c/0x40 [ 184.704956] kasan_save_free_info+0x38/0x60 [ 184.706404] __kasan_slab_free+0x100/0x170 [ 184.707645] __kmem_cache_free+0x170/0x2e0 [ 184.709056] kfree+0x74/0x138 [ 184.710132] workqueue_uaf_work+0x18/0x30 [ 184.711317] process_one_work+0x2a8/0x6d0 [ 184.712488] worker_thread+0x53c/0x708 [ 184.714006] kthread+0x18c/0x1a8 [ 184.714693] ret_from_fork+0x10/0x20 [ 184.715818] [ 184.716290] Last potentially related work creation: [ 184.717802] kasan_save_stack+0x3c/0x68 [ 184.719155] __kasan_record_aux_stack+0xb8/0xe8 [ 184.720556] kasan_record_aux_stack_noalloc+0x14/0x20 [ 184.722041] __queue_work+0x260/0x800 [ 184.722959] queue_work_on+0xb4/0xf0 [ 184.723980] workqueue_uaf+0x12c/0x270 [ 184.725282] kunit_try_run_case+0xf8/0x260 [ 184.726543] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.727998] kthread+0x18c/0x1a8 [ 184.729065] ret_from_fork+0x10/0x20 [ 184.730024] [ 184.730664] The buggy address belongs to the object at ffff0000c60518c0 [ 184.730664] which belongs to the cache kmalloc-32 of size 32 [ 184.733544] The buggy address is located 0 bytes inside of [ 184.733544] freed 32-byte region [ffff0000c60518c0, ffff0000c60518e0) [ 184.736020] [ 184.736676] The buggy address belongs to the physical page: [ 184.738324] page:00000000b85054fb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106051 [ 184.740275] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.741923] page_type: 0xffffffff() [ 184.743439] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 184.744841] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 184.746886] page dumped because: kasan: bad access detected [ 184.748156] [ 184.748818] Memory state around the buggy address: [ 184.750172] ffff0000c6051780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 184.751912] ffff0000c6051800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 184.753812] >ffff0000c6051880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 184.755447] ^ [ 184.756836] ffff0000c6051900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.758550] ffff0000c6051980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.760139] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
[ 184.522224] ================================================================== [ 184.524498] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x30/0x50 [ 184.526144] Read of size 4 at addr ffff0000c5f6ee80 by task swapper/1/0 [ 184.527618] [ 184.528285] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B N 6.6.76-rc1 #1 [ 184.529960] Hardware name: linux,dummy-virt (DT) [ 184.531040] Call trace: [ 184.531775] dump_backtrace+0x9c/0x128 [ 184.532867] show_stack+0x20/0x38 [ 184.533883] dump_stack_lvl+0x60/0xb0 [ 184.535019] print_report+0xf8/0x5d8 [ 184.536125] kasan_report+0xc8/0x118 [ 184.537245] __asan_load4+0x9c/0xc0 [ 184.538353] rcu_uaf_reclaim+0x30/0x50 [ 184.539468] rcu_core+0x448/0xf40 [ 184.540523] rcu_core_si+0x18/0x30 [ 184.541591] handle_softirqs+0x240/0x678 [ 184.542760] __do_softirq+0x1c/0x28 [ 184.543755] ____do_softirq+0x18/0x30 [ 184.544838] call_on_irq_stack+0x24/0x58 [ 184.545982] do_softirq_own_stack+0x24/0x38 [ 184.547162] irq_exit_rcu+0x110/0x160 [ 184.548256] el1_interrupt+0x38/0x58 [ 184.549294] el1h_64_irq_handler+0x18/0x28 [ 184.550419] el1h_64_irq+0x64/0x68 [ 184.551429] arch_local_irq_enable+0x4/0x8 [ 184.552589] do_idle+0x304/0x388 [ 184.553588] cpu_startup_entry+0x44/0x58 [ 184.554734] secondary_start_kernel+0x1e8/0x228 [ 184.556016] __secondary_switched+0xb8/0xc0 [ 184.557253] [ 184.557878] Allocated by task 212: [ 184.558762] kasan_save_stack+0x3c/0x68 [ 184.559945] kasan_set_track+0x2c/0x40 [ 184.561068] kasan_save_alloc_info+0x24/0x38 [ 184.562361] __kasan_kmalloc+0xd4/0xd8 [ 184.563507] kmalloc_trace+0x68/0x130 [ 184.564560] rcu_uaf+0x9c/0x1e0 [ 184.565498] kunit_try_run_case+0xf8/0x260 [ 184.566735] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.568182] kthread+0x18c/0x1a8 [ 184.569124] ret_from_fork+0x10/0x20 [ 184.570226] [ 184.570751] Freed by task 0: [ 184.571562] kasan_save_stack+0x3c/0x68 [ 184.572728] kasan_set_track+0x2c/0x40 [ 184.573894] kasan_save_free_info+0x38/0x60 [ 184.575174] __kasan_slab_free+0x100/0x170 [ 184.576376] __kmem_cache_free+0x170/0x2e0 [ 184.577556] kfree+0x74/0x138 [ 184.578486] rcu_uaf_reclaim+0x28/0x50 [ 184.579561] rcu_core+0x448/0xf40 [ 184.580651] rcu_core_si+0x18/0x30 [ 184.581729] handle_softirqs+0x240/0x678 [ 184.582972] __do_softirq+0x1c/0x28 [ 184.584007] [ 184.584608] Last potentially related work creation: [ 184.585738] kasan_save_stack+0x3c/0x68 [ 184.586921] __kasan_record_aux_stack+0xb8/0xe8 [ 184.588241] kasan_record_aux_stack_noalloc+0x14/0x20 [ 184.589805] __call_rcu_common.constprop.0+0x58/0x598 [ 184.591119] call_rcu+0x18/0x30 [ 184.592933] rcu_uaf+0xd4/0x1e0 [ 184.594058] kunit_try_run_case+0xf8/0x260 [ 184.595062] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.596586] kthread+0x18c/0x1a8 [ 184.597540] ret_from_fork+0x10/0x20 [ 184.598780] [ 184.599531] The buggy address belongs to the object at ffff0000c5f6ee80 [ 184.599531] which belongs to the cache kmalloc-32 of size 32 [ 184.602201] The buggy address is located 0 bytes inside of [ 184.602201] freed 32-byte region [ffff0000c5f6ee80, ffff0000c5f6eea0) [ 184.604468] [ 184.605065] The buggy address belongs to the physical page: [ 184.606431] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 184.608392] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.609996] page_type: 0xffffffff() [ 184.611149] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 184.612881] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 184.614462] page dumped because: kasan: bad access detected [ 184.615766] [ 184.616346] Memory state around the buggy address: [ 184.617607] ffff0000c5f6ed80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 184.619234] ffff0000c5f6ee00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 184.620882] >ffff0000c5f6ee80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 184.622439] ^ [ 184.623340] ffff0000c5f6ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.624950] ffff0000c5f6ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.626526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
[ 184.276433] ================================================================== [ 184.279238] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x230/0x7b8 [ 184.281120] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 184.282764] [ 184.283348] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.285148] Hardware name: linux,dummy-virt (DT) [ 184.286285] Call trace: [ 184.286997] dump_backtrace+0x9c/0x128 [ 184.288070] show_stack+0x20/0x38 [ 184.289061] dump_stack_lvl+0x60/0xb0 [ 184.290263] print_report+0xf8/0x5d8 [ 184.291359] kasan_report+0xc8/0x118 [ 184.292449] kasan_check_range+0xe8/0x190 [ 184.293672] __kasan_check_write+0x20/0x30 [ 184.294833] kasan_bitops_test_and_modify.constprop.0+0x230/0x7b8 [ 184.296390] kasan_bitops_generic+0xc0/0x148 [ 184.297612] kunit_try_run_case+0xf8/0x260 [ 184.298836] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.300273] kthread+0x18c/0x1a8 [ 184.301238] ret_from_fork+0x10/0x20 [ 184.302324] [ 184.302829] Allocated by task 206: [ 184.303722] kasan_save_stack+0x3c/0x68 [ 184.304946] kasan_set_track+0x2c/0x40 [ 184.306108] kasan_save_alloc_info+0x24/0x38 [ 184.307375] __kasan_kmalloc+0xd4/0xd8 [ 184.308521] kmalloc_trace+0x68/0x130 [ 184.309590] kasan_bitops_generic+0x98/0x148 [ 184.310800] kunit_try_run_case+0xf8/0x260 [ 184.312005] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.313450] kthread+0x18c/0x1a8 [ 184.314424] ret_from_fork+0x10/0x20 [ 184.315482] [ 184.316041] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 184.316041] which belongs to the cache kmalloc-16 of size 16 [ 184.318393] The buggy address is located 8 bytes inside of [ 184.318393] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 184.320786] [ 184.321341] The buggy address belongs to the physical page: [ 184.322627] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 184.324516] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.326128] page_type: 0xffffffff() [ 184.327161] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 184.328874] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 184.330471] page dumped because: kasan: bad access detected [ 184.331692] [ 184.332225] Memory state around the buggy address: [ 184.333398] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 184.335018] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 184.336636] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 184.338197] ^ [ 184.339538] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.341132] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.342656] ================================================================== [ 183.662389] ================================================================== [ 183.663952] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa4/0x7b8 [ 183.665890] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.667316] [ 183.667891] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.669779] Hardware name: linux,dummy-virt (DT) [ 183.670954] Call trace: [ 183.671709] dump_backtrace+0x9c/0x128 [ 183.672837] show_stack+0x20/0x38 [ 183.673822] dump_stack_lvl+0x60/0xb0 [ 183.674973] print_report+0xf8/0x5d8 [ 183.676061] kasan_report+0xc8/0x118 [ 183.677168] kasan_check_range+0xe8/0x190 [ 183.678388] __kasan_check_write+0x20/0x30 [ 183.679470] kasan_bitops_test_and_modify.constprop.0+0xa4/0x7b8 [ 183.680966] kasan_bitops_generic+0xc0/0x148 [ 183.682167] kunit_try_run_case+0xf8/0x260 [ 183.683351] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.684783] kthread+0x18c/0x1a8 [ 183.685776] ret_from_fork+0x10/0x20 [ 183.686863] [ 183.687359] Allocated by task 206: [ 183.688276] kasan_save_stack+0x3c/0x68 [ 183.689429] kasan_set_track+0x2c/0x40 [ 183.690542] kasan_save_alloc_info+0x24/0x38 [ 183.691805] __kasan_kmalloc+0xd4/0xd8 [ 183.692987] kmalloc_trace+0x68/0x130 [ 183.694076] kasan_bitops_generic+0x98/0x148 [ 183.695251] kunit_try_run_case+0xf8/0x260 [ 183.696449] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.697953] kthread+0x18c/0x1a8 [ 183.698893] ret_from_fork+0x10/0x20 [ 183.699988] [ 183.700522] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.700522] which belongs to the cache kmalloc-16 of size 16 [ 183.702841] The buggy address is located 8 bytes inside of [ 183.702841] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.705181] [ 183.705766] The buggy address belongs to the physical page: [ 183.707102] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.709025] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.710553] page_type: 0xffffffff() [ 183.711594] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.713263] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.714894] page dumped because: kasan: bad access detected [ 183.716076] [ 183.716596] Memory state around the buggy address: [ 183.717834] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.719455] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.721046] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.722546] ^ [ 183.723838] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.725400] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.726928] ================================================================== [ 183.729680] ================================================================== [ 183.731098] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd0/0x7b8 [ 183.733001] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.734675] [ 183.735321] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.737230] Hardware name: linux,dummy-virt (DT) [ 183.738303] Call trace: [ 183.739040] dump_backtrace+0x9c/0x128 [ 183.740133] show_stack+0x20/0x38 [ 183.741124] dump_stack_lvl+0x60/0xb0 [ 183.742278] print_report+0xf8/0x5d8 [ 183.743375] kasan_report+0xc8/0x118 [ 183.744486] __asan_load8+0x9c/0xc0 [ 183.745604] kasan_bitops_test_and_modify.constprop.0+0xd0/0x7b8 [ 183.747118] kasan_bitops_generic+0xc0/0x148 [ 183.748307] kunit_try_run_case+0xf8/0x260 [ 183.749499] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.750971] kthread+0x18c/0x1a8 [ 183.751899] ret_from_fork+0x10/0x20 [ 183.753061] [ 183.754134] Allocated by task 206: [ 183.755245] kasan_save_stack+0x3c/0x68 [ 183.756674] kasan_set_track+0x2c/0x40 [ 183.757853] kasan_save_alloc_info+0x24/0x38 [ 183.759132] __kasan_kmalloc+0xd4/0xd8 [ 183.760279] kmalloc_trace+0x68/0x130 [ 183.761349] kasan_bitops_generic+0x98/0x148 [ 183.762531] kunit_try_run_case+0xf8/0x260 [ 183.763756] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.765187] kthread+0x18c/0x1a8 [ 183.766165] ret_from_fork+0x10/0x20 [ 183.767244] [ 183.767772] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.767772] which belongs to the cache kmalloc-16 of size 16 [ 183.770172] The buggy address is located 8 bytes inside of [ 183.770172] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.772520] [ 183.773274] The buggy address belongs to the physical page: [ 183.774566] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.776537] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.778103] page_type: 0xffffffff() [ 183.779178] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.780903] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.782522] page dumped because: kasan: bad access detected [ 183.783790] [ 183.784317] Memory state around the buggy address: [ 183.785544] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.787155] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.788782] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.790311] ^ [ 183.791660] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.793244] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.794760] ================================================================== [ 184.207913] ================================================================== [ 184.209548] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x200/0x7b8 [ 184.211437] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 184.213059] [ 184.213753] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.215551] Hardware name: linux,dummy-virt (DT) [ 184.216663] Call trace: [ 184.217382] dump_backtrace+0x9c/0x128 [ 184.218482] show_stack+0x20/0x38 [ 184.219448] dump_stack_lvl+0x60/0xb0 [ 184.220515] print_report+0xf8/0x5d8 [ 184.221498] kasan_report+0xc8/0x118 [ 184.222918] __asan_load8+0x9c/0xc0 [ 184.224137] kasan_bitops_test_and_modify.constprop.0+0x200/0x7b8 [ 184.225775] kasan_bitops_generic+0xc0/0x148 [ 184.227064] kunit_try_run_case+0xf8/0x260 [ 184.228306] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.229828] kthread+0x18c/0x1a8 [ 184.230821] ret_from_fork+0x10/0x20 [ 184.231938] [ 184.232972] Allocated by task 206: [ 184.234001] kasan_save_stack+0x3c/0x68 [ 184.235248] kasan_set_track+0x2c/0x40 [ 184.236399] kasan_save_alloc_info+0x24/0x38 [ 184.237687] __kasan_kmalloc+0xd4/0xd8 [ 184.238857] kmalloc_trace+0x68/0x130 [ 184.239932] kasan_bitops_generic+0x98/0x148 [ 184.241146] kunit_try_run_case+0xf8/0x260 [ 184.242371] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.243843] kthread+0x18c/0x1a8 [ 184.244771] ret_from_fork+0x10/0x20 [ 184.245868] [ 184.246413] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 184.246413] which belongs to the cache kmalloc-16 of size 16 [ 184.248765] The buggy address is located 8 bytes inside of [ 184.248765] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 184.251183] [ 184.251806] The buggy address belongs to the physical page: [ 184.253116] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 184.255159] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.256359] page_type: 0xffffffff() [ 184.257315] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 184.259110] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 184.260748] page dumped because: kasan: bad access detected [ 184.262027] [ 184.262606] Memory state around the buggy address: [ 184.263791] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 184.265429] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 184.267046] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 184.268541] ^ [ 184.269882] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.271472] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.273012] ================================================================== [ 183.934158] ================================================================== [ 183.935458] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x144/0x7b8 [ 183.937373] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.939225] [ 183.939821] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.941633] Hardware name: linux,dummy-virt (DT) [ 183.942762] Call trace: [ 183.943471] dump_backtrace+0x9c/0x128 [ 183.944551] show_stack+0x20/0x38 [ 183.945548] dump_stack_lvl+0x60/0xb0 [ 183.946741] print_report+0xf8/0x5d8 [ 183.947870] kasan_report+0xc8/0x118 [ 183.948977] kasan_check_range+0xe8/0x190 [ 183.950196] __kasan_check_write+0x20/0x30 [ 183.951319] kasan_bitops_test_and_modify.constprop.0+0x144/0x7b8 [ 183.952911] kasan_bitops_generic+0xc0/0x148 [ 183.954123] kunit_try_run_case+0xf8/0x260 [ 183.955359] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.956828] kthread+0x18c/0x1a8 [ 183.957815] ret_from_fork+0x10/0x20 [ 183.958909] [ 183.959390] Allocated by task 206: [ 183.960206] kasan_save_stack+0x3c/0x68 [ 183.961370] kasan_set_track+0x2c/0x40 [ 183.962354] kasan_save_alloc_info+0x24/0x38 [ 183.963900] __kasan_kmalloc+0xd4/0xd8 [ 183.965469] kmalloc_trace+0x68/0x130 [ 183.966600] kasan_bitops_generic+0x98/0x148 [ 183.967857] kunit_try_run_case+0xf8/0x260 [ 183.969124] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.970624] kthread+0x18c/0x1a8 [ 183.971602] ret_from_fork+0x10/0x20 [ 183.972713] [ 183.973236] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.973236] which belongs to the cache kmalloc-16 of size 16 [ 183.975673] The buggy address is located 8 bytes inside of [ 183.975673] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.978075] [ 183.978695] The buggy address belongs to the physical page: [ 183.979987] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.981980] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.983504] page_type: 0xffffffff() [ 183.984532] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.986287] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.987907] page dumped because: kasan: bad access detected [ 183.989179] [ 183.989728] Memory state around the buggy address: [ 183.990967] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.992598] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.994216] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.995787] ^ [ 183.997095] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.998799] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.000332] ================================================================== [ 184.070999] ================================================================== [ 184.072869] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a4/0x7b8 [ 184.074872] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 184.076725] [ 184.077458] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.079292] Hardware name: linux,dummy-virt (DT) [ 184.080440] Call trace: [ 184.081241] dump_backtrace+0x9c/0x128 [ 184.082372] show_stack+0x20/0x38 [ 184.083409] dump_stack_lvl+0x60/0xb0 [ 184.084609] print_report+0xf8/0x5d8 [ 184.085788] kasan_report+0xc8/0x118 [ 184.086974] kasan_check_range+0xe8/0x190 [ 184.088236] __kasan_check_write+0x20/0x30 [ 184.089412] kasan_bitops_test_and_modify.constprop.0+0x1a4/0x7b8 [ 184.090987] kasan_bitops_generic+0xc0/0x148 [ 184.092252] kunit_try_run_case+0xf8/0x260 [ 184.093484] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.094994] kthread+0x18c/0x1a8 [ 184.095989] ret_from_fork+0x10/0x20 [ 184.097071] [ 184.097560] Allocated by task 206: [ 184.098546] kasan_save_stack+0x3c/0x68 [ 184.099719] kasan_set_track+0x2c/0x40 [ 184.100850] kasan_save_alloc_info+0x24/0x38 [ 184.102110] __kasan_kmalloc+0xd4/0xd8 [ 184.103251] kmalloc_trace+0x68/0x130 [ 184.104294] kasan_bitops_generic+0x98/0x148 [ 184.105483] kunit_try_run_case+0xf8/0x260 [ 184.106709] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.108142] kthread+0x18c/0x1a8 [ 184.109136] ret_from_fork+0x10/0x20 [ 184.110186] [ 184.110754] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 184.110754] which belongs to the cache kmalloc-16 of size 16 [ 184.113080] The buggy address is located 8 bytes inside of [ 184.113080] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 184.115549] [ 184.116102] The buggy address belongs to the physical page: [ 184.117339] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 184.119279] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.120814] page_type: 0xffffffff() [ 184.121890] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 184.123597] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 184.125191] page dumped because: kasan: bad access detected [ 184.126480] [ 184.127038] Memory state around the buggy address: [ 184.128240] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 184.129867] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 184.131445] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 184.133001] ^ [ 184.134291] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.135897] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.137414] ================================================================== [ 183.866462] ================================================================== [ 183.867992] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x108/0x7b8 [ 183.869946] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.871598] [ 183.872275] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.874118] Hardware name: linux,dummy-virt (DT) [ 183.875227] Call trace: [ 183.875947] dump_backtrace+0x9c/0x128 [ 183.877032] show_stack+0x20/0x38 [ 183.878094] dump_stack_lvl+0x60/0xb0 [ 183.879283] print_report+0xf8/0x5d8 [ 183.880410] kasan_report+0xc8/0x118 [ 183.881543] __asan_load8+0x9c/0xc0 [ 183.882709] kasan_bitops_test_and_modify.constprop.0+0x108/0x7b8 [ 183.884244] kasan_bitops_generic+0xc0/0x148 [ 183.885273] kunit_try_run_case+0xf8/0x260 [ 183.886985] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.888530] kthread+0x18c/0x1a8 [ 183.889530] ret_from_fork+0x10/0x20 [ 183.890688] [ 183.891298] Allocated by task 206: [ 183.892210] kasan_save_stack+0x3c/0x68 [ 183.893419] kasan_set_track+0x2c/0x40 [ 183.894545] kasan_save_alloc_info+0x24/0x38 [ 183.895843] __kasan_kmalloc+0xd4/0xd8 [ 183.896972] kmalloc_trace+0x68/0x130 [ 183.898080] kasan_bitops_generic+0x98/0x148 [ 183.899303] kunit_try_run_case+0xf8/0x260 [ 183.900506] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.901973] kthread+0x18c/0x1a8 [ 183.902968] ret_from_fork+0x10/0x20 [ 183.904038] [ 183.904548] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.904548] which belongs to the cache kmalloc-16 of size 16 [ 183.906979] The buggy address is located 8 bytes inside of [ 183.906979] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.909436] [ 183.910025] The buggy address belongs to the physical page: [ 183.911324] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.913259] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.914874] page_type: 0xffffffff() [ 183.915927] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.917621] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.919251] page dumped because: kasan: bad access detected [ 183.920524] [ 183.921045] Memory state around the buggy address: [ 183.922298] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.923886] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.925480] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.927060] ^ [ 183.928395] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.929988] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.931501] ================================================================== [ 183.797517] ================================================================== [ 183.799420] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x100/0x7b8 [ 183.801261] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.803090] [ 183.803651] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.805439] Hardware name: linux,dummy-virt (DT) [ 183.806548] Call trace: [ 183.807271] dump_backtrace+0x9c/0x128 [ 183.808325] show_stack+0x20/0x38 [ 183.809332] dump_stack_lvl+0x60/0xb0 [ 183.810500] print_report+0xf8/0x5d8 [ 183.811640] kasan_report+0xc8/0x118 [ 183.812750] kasan_check_range+0xe8/0x190 [ 183.813988] __kasan_check_write+0x20/0x30 [ 183.815130] kasan_bitops_test_and_modify.constprop.0+0x100/0x7b8 [ 183.816687] kasan_bitops_generic+0xc0/0x148 [ 183.817914] kunit_try_run_case+0xf8/0x260 [ 183.819100] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.820536] kthread+0x18c/0x1a8 [ 183.821526] ret_from_fork+0x10/0x20 [ 183.822602] [ 183.823112] Allocated by task 206: [ 183.824014] kasan_save_stack+0x3c/0x68 [ 183.825156] kasan_set_track+0x2c/0x40 [ 183.826310] kasan_save_alloc_info+0x24/0x38 [ 183.827565] __kasan_kmalloc+0xd4/0xd8 [ 183.828705] kmalloc_trace+0x68/0x130 [ 183.829788] kasan_bitops_generic+0x98/0x148 [ 183.831061] kunit_try_run_case+0xf8/0x260 [ 183.832262] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.833730] kthread+0x18c/0x1a8 [ 183.834665] ret_from_fork+0x10/0x20 [ 183.835754] [ 183.836265] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.836265] which belongs to the cache kmalloc-16 of size 16 [ 183.838598] The buggy address is located 8 bytes inside of [ 183.838598] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.840990] [ 183.841620] The buggy address belongs to the physical page: [ 183.842910] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.844850] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.846407] page_type: 0xffffffff() [ 183.847440] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.849155] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.850788] page dumped because: kasan: bad access detected [ 183.852038] [ 183.852601] Memory state around the buggy address: [ 183.853791] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.855367] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.857029] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.858334] ^ [ 183.860754] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.862268] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.863811] ================================================================== [ 184.003183] ================================================================== [ 184.004913] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x174/0x7b8 [ 184.006926] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 184.008634] [ 184.009301] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.011132] Hardware name: linux,dummy-virt (DT) [ 184.012209] Call trace: [ 184.012937] dump_backtrace+0x9c/0x128 [ 184.014034] show_stack+0x20/0x38 [ 184.015054] dump_stack_lvl+0x60/0xb0 [ 184.016224] print_report+0xf8/0x5d8 [ 184.017332] kasan_report+0xc8/0x118 [ 184.018458] __asan_load8+0x9c/0xc0 [ 184.019557] kasan_bitops_test_and_modify.constprop.0+0x174/0x7b8 [ 184.021112] kasan_bitops_generic+0xc0/0x148 [ 184.022334] kunit_try_run_case+0xf8/0x260 [ 184.023529] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.024996] kthread+0x18c/0x1a8 [ 184.025965] ret_from_fork+0x10/0x20 [ 184.027060] [ 184.027686] Allocated by task 206: [ 184.028634] kasan_save_stack+0x3c/0x68 [ 184.029835] kasan_set_track+0x2c/0x40 [ 184.030962] kasan_save_alloc_info+0x24/0x38 [ 184.032244] __kasan_kmalloc+0xd4/0xd8 [ 184.033383] kmalloc_trace+0x68/0x130 [ 184.034450] kasan_bitops_generic+0x98/0x148 [ 184.035670] kunit_try_run_case+0xf8/0x260 [ 184.036864] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.038347] kthread+0x18c/0x1a8 [ 184.039343] ret_from_fork+0x10/0x20 [ 184.040446] [ 184.041033] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 184.041033] which belongs to the cache kmalloc-16 of size 16 [ 184.043344] The buggy address is located 8 bytes inside of [ 184.043344] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 184.045758] [ 184.046395] The buggy address belongs to the physical page: [ 184.047666] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 184.049584] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.051149] page_type: 0xffffffff() [ 184.052187] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 184.053918] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 184.055508] page dumped because: kasan: bad access detected [ 184.056795] [ 184.057317] Memory state around the buggy address: [ 184.058540] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 184.060167] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 184.061774] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 184.063294] ^ [ 184.064621] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.066150] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.068370] ================================================================== [ 184.140309] ================================================================== [ 184.141965] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d4/0x7b8 [ 184.143828] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 184.145452] [ 184.146066] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 184.147938] Hardware name: linux,dummy-virt (DT) [ 184.149069] Call trace: [ 184.149836] dump_backtrace+0x9c/0x128 [ 184.150939] show_stack+0x20/0x38 [ 184.151958] dump_stack_lvl+0x60/0xb0 [ 184.153108] print_report+0xf8/0x5d8 [ 184.154276] kasan_report+0xc8/0x118 [ 184.155394] __asan_load8+0x9c/0xc0 [ 184.156533] kasan_bitops_test_and_modify.constprop.0+0x1d4/0x7b8 [ 184.158131] kasan_bitops_generic+0xc0/0x148 [ 184.159340] kunit_try_run_case+0xf8/0x260 [ 184.160624] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.162079] kthread+0x18c/0x1a8 [ 184.163003] ret_from_fork+0x10/0x20 [ 184.164088] [ 184.164657] Allocated by task 206: [ 184.165544] kasan_save_stack+0x3c/0x68 [ 184.166748] kasan_set_track+0x2c/0x40 [ 184.167882] kasan_save_alloc_info+0x24/0x38 [ 184.169240] __kasan_kmalloc+0xd4/0xd8 [ 184.170221] kmalloc_trace+0x68/0x130 [ 184.171507] kasan_bitops_generic+0x98/0x148 [ 184.173019] kunit_try_run_case+0xf8/0x260 [ 184.174285] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 184.175753] kthread+0x18c/0x1a8 [ 184.176732] ret_from_fork+0x10/0x20 [ 184.177852] [ 184.178368] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 184.178368] which belongs to the cache kmalloc-16 of size 16 [ 184.180725] The buggy address is located 8 bytes inside of [ 184.180725] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 184.183160] [ 184.183703] The buggy address belongs to the physical page: [ 184.185041] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 184.187014] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 184.188596] page_type: 0xffffffff() [ 184.189627] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 184.191334] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 184.192990] page dumped because: kasan: bad access detected [ 184.194245] [ 184.194816] Memory state around the buggy address: [ 184.196041] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 184.197618] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 184.199198] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 184.200752] ^ [ 184.202089] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.203691] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 184.205221] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
[ 183.164023] ================================================================== [ 183.165445] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x130/0x6d8 [ 183.167142] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.169137] [ 183.169832] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.171748] Hardware name: linux,dummy-virt (DT) [ 183.172896] Call trace: [ 183.173623] dump_backtrace+0x9c/0x128 [ 183.174737] show_stack+0x20/0x38 [ 183.176070] dump_stack_lvl+0x60/0xb0 [ 183.177781] print_report+0xf8/0x5d8 [ 183.178843] kasan_report+0xc8/0x118 [ 183.180033] __asan_load8+0x9c/0xc0 [ 183.181213] kasan_bitops_modify.constprop.0+0x130/0x6d8 [ 183.183432] kasan_bitops_generic+0xb4/0x148 [ 183.184707] kunit_try_run_case+0xf8/0x260 [ 183.185924] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.187437] kthread+0x18c/0x1a8 [ 183.188393] ret_from_fork+0x10/0x20 [ 183.190227] [ 183.190891] Allocated by task 206: [ 183.192042] kasan_save_stack+0x3c/0x68 [ 183.193294] kasan_set_track+0x2c/0x40 [ 183.194440] kasan_save_alloc_info+0x24/0x38 [ 183.195729] __kasan_kmalloc+0xd4/0xd8 [ 183.196846] kmalloc_trace+0x68/0x130 [ 183.197869] kasan_bitops_generic+0x98/0x148 [ 183.198918] kunit_try_run_case+0xf8/0x260 [ 183.199954] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.201802] kthread+0x18c/0x1a8 [ 183.202774] ret_from_fork+0x10/0x20 [ 183.203883] [ 183.204386] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.204386] which belongs to the cache kmalloc-16 of size 16 [ 183.207710] The buggy address is located 8 bytes inside of [ 183.207710] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.210228] [ 183.210842] The buggy address belongs to the physical page: [ 183.212137] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.214129] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.216084] page_type: 0xffffffff() [ 183.217275] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.219101] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.220680] page dumped because: kasan: bad access detected [ 183.221985] [ 183.222509] Memory state around the buggy address: [ 183.224109] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.225969] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.227599] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.229291] ^ [ 183.230751] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.232351] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.234261] ================================================================== [ 183.096213] ================================================================== [ 183.097708] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0x6d8 [ 183.099458] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.101152] [ 183.101825] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.103626] Hardware name: linux,dummy-virt (DT) [ 183.104707] Call trace: [ 183.105416] dump_backtrace+0x9c/0x128 [ 183.106488] show_stack+0x20/0x38 [ 183.107465] dump_stack_lvl+0x60/0xb0 [ 183.108621] print_report+0xf8/0x5d8 [ 183.109741] kasan_report+0xc8/0x118 [ 183.110849] kasan_check_range+0xe8/0x190 [ 183.112048] __kasan_check_write+0x20/0x30 [ 183.113830] kasan_bitops_modify.constprop.0+0x100/0x6d8 [ 183.115016] kasan_bitops_generic+0xb4/0x148 [ 183.116372] kunit_try_run_case+0xf8/0x260 [ 183.117619] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.119072] kthread+0x18c/0x1a8 [ 183.120016] ret_from_fork+0x10/0x20 [ 183.121085] [ 183.121592] Allocated by task 206: [ 183.122497] kasan_save_stack+0x3c/0x68 [ 183.123667] kasan_set_track+0x2c/0x40 [ 183.124779] kasan_save_alloc_info+0x24/0x38 [ 183.126058] __kasan_kmalloc+0xd4/0xd8 [ 183.127201] kmalloc_trace+0x68/0x130 [ 183.128250] kasan_bitops_generic+0x98/0x148 [ 183.129440] kunit_try_run_case+0xf8/0x260 [ 183.130648] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.132076] kthread+0x18c/0x1a8 [ 183.133037] ret_from_fork+0x10/0x20 [ 183.134118] [ 183.134667] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.134667] which belongs to the cache kmalloc-16 of size 16 [ 183.136995] The buggy address is located 8 bytes inside of [ 183.136995] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.139424] [ 183.139937] The buggy address belongs to the physical page: [ 183.141171] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.143105] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.144652] page_type: 0xffffffff() [ 183.145606] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.147308] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.148929] page dumped because: kasan: bad access detected [ 183.150147] [ 183.150677] Memory state around the buggy address: [ 183.151871] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.153451] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.155060] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.156614] ^ [ 183.157927] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.159488] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.161018] ================================================================== [ 183.312666] ================================================================== [ 183.314481] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x194/0x6d8 [ 183.316861] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.318537] [ 183.319134] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.321400] Hardware name: linux,dummy-virt (DT) [ 183.322543] Call trace: [ 183.324022] dump_backtrace+0x9c/0x128 [ 183.325148] show_stack+0x20/0x38 [ 183.326169] dump_stack_lvl+0x60/0xb0 [ 183.327319] print_report+0xf8/0x5d8 [ 183.328428] kasan_report+0xc8/0x118 [ 183.329545] kasan_check_range+0xe8/0x190 [ 183.330869] __kasan_check_write+0x20/0x30 [ 183.332595] kasan_bitops_modify.constprop.0+0x194/0x6d8 [ 183.334075] kasan_bitops_generic+0xb4/0x148 [ 183.335275] kunit_try_run_case+0xf8/0x260 [ 183.336472] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.338936] kthread+0x18c/0x1a8 [ 183.339963] ret_from_fork+0x10/0x20 [ 183.341079] [ 183.341593] Allocated by task 206: [ 183.342547] kasan_save_stack+0x3c/0x68 [ 183.343705] kasan_set_track+0x2c/0x40 [ 183.344837] kasan_save_alloc_info+0x24/0x38 [ 183.346310] __kasan_kmalloc+0xd4/0xd8 [ 183.347637] kmalloc_trace+0x68/0x130 [ 183.348877] kasan_bitops_generic+0x98/0x148 [ 183.350483] kunit_try_run_case+0xf8/0x260 [ 183.351941] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.353625] kthread+0x18c/0x1a8 [ 183.354731] ret_from_fork+0x10/0x20 [ 183.356083] [ 183.356796] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.356796] which belongs to the cache kmalloc-16 of size 16 [ 183.359386] The buggy address is located 8 bytes inside of [ 183.359386] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.362116] [ 183.362657] The buggy address belongs to the physical page: [ 183.363992] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.366099] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.367734] page_type: 0xffffffff() [ 183.368629] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.370611] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.372235] page dumped because: kasan: bad access detected [ 183.373248] [ 183.373725] Memory state around the buggy address: [ 183.374616] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.376717] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.378732] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.380378] ^ [ 183.381827] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.383604] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.385445] ================================================================== [ 183.527186] ================================================================== [ 183.528627] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0x6d8 [ 183.530392] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.532136] [ 183.532710] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.534499] Hardware name: linux,dummy-virt (DT) [ 183.535617] Call trace: [ 183.536302] dump_backtrace+0x9c/0x128 [ 183.537368] show_stack+0x20/0x38 [ 183.538360] dump_stack_lvl+0x60/0xb0 [ 183.539510] print_report+0xf8/0x5d8 [ 183.540643] kasan_report+0xc8/0x118 [ 183.541805] kasan_check_range+0xe8/0x190 [ 183.543029] __kasan_check_write+0x20/0x30 [ 183.544150] kasan_bitops_modify.constprop.0+0x1dc/0x6d8 [ 183.545976] kasan_bitops_generic+0xb4/0x148 [ 183.546995] kunit_try_run_case+0xf8/0x260 [ 183.548642] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.550162] kthread+0x18c/0x1a8 [ 183.551006] ret_from_fork+0x10/0x20 [ 183.552104] [ 183.552634] Allocated by task 206: [ 183.553518] kasan_save_stack+0x3c/0x68 [ 183.554681] kasan_set_track+0x2c/0x40 [ 183.555794] kasan_save_alloc_info+0x24/0x38 [ 183.557048] __kasan_kmalloc+0xd4/0xd8 [ 183.558182] kmalloc_trace+0x68/0x130 [ 183.559219] kasan_bitops_generic+0x98/0x148 [ 183.560406] kunit_try_run_case+0xf8/0x260 [ 183.561589] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.563016] kthread+0x18c/0x1a8 [ 183.563954] ret_from_fork+0x10/0x20 [ 183.565042] [ 183.565655] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.565655] which belongs to the cache kmalloc-16 of size 16 [ 183.567978] The buggy address is located 8 bytes inside of [ 183.567978] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.570399] [ 183.570969] The buggy address belongs to the physical page: [ 183.572198] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.574114] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.575649] page_type: 0xffffffff() [ 183.576623] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.578319] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.579920] page dumped because: kasan: bad access detected [ 183.581176] [ 183.581740] Memory state around the buggy address: [ 183.582893] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.584468] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.586065] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.587559] ^ [ 183.588880] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.590461] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.591955] ================================================================== [ 183.388352] ================================================================== [ 183.389972] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x6d8 [ 183.392168] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.394104] [ 183.394777] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.396639] Hardware name: linux,dummy-virt (DT) [ 183.397817] Call trace: [ 183.398595] dump_backtrace+0x9c/0x128 [ 183.399694] show_stack+0x20/0x38 [ 183.400717] dump_stack_lvl+0x60/0xb0 [ 183.401950] print_report+0xf8/0x5d8 [ 183.403067] kasan_report+0xc8/0x118 [ 183.404207] __asan_load8+0x9c/0xc0 [ 183.405330] kasan_bitops_modify.constprop.0+0x19c/0x6d8 [ 183.406761] kasan_bitops_generic+0xb4/0x148 [ 183.407970] kunit_try_run_case+0xf8/0x260 [ 183.409166] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.410645] kthread+0x18c/0x1a8 [ 183.411618] ret_from_fork+0x10/0x20 [ 183.412708] [ 183.413251] Allocated by task 206: [ 183.414213] kasan_save_stack+0x3c/0x68 [ 183.415363] kasan_set_track+0x2c/0x40 [ 183.416489] kasan_save_alloc_info+0x24/0x38 [ 183.417766] __kasan_kmalloc+0xd4/0xd8 [ 183.418917] kmalloc_trace+0x68/0x130 [ 183.419985] kasan_bitops_generic+0x98/0x148 [ 183.421208] kunit_try_run_case+0xf8/0x260 [ 183.422407] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.423875] kthread+0x18c/0x1a8 [ 183.424834] ret_from_fork+0x10/0x20 [ 183.425947] [ 183.426448] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.426448] which belongs to the cache kmalloc-16 of size 16 [ 183.428808] The buggy address is located 8 bytes inside of [ 183.428808] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.431254] [ 183.431690] The buggy address belongs to the physical page: [ 183.433117] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.435115] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.436670] page_type: 0xffffffff() [ 183.437654] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.439332] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.441032] page dumped because: kasan: bad access detected [ 183.442265] [ 183.442769] Memory state around the buggy address: [ 183.444095] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.445821] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.447386] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.449389] ^ [ 183.450835] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.452439] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.453963] ================================================================== [ 182.958338] ================================================================== [ 182.960134] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa4/0x6d8 [ 182.962060] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 182.963722] [ 182.964296] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.966142] Hardware name: linux,dummy-virt (DT) [ 182.967265] Call trace: [ 182.968021] dump_backtrace+0x9c/0x128 [ 182.969086] show_stack+0x20/0x38 [ 182.970083] dump_stack_lvl+0x60/0xb0 [ 182.971248] print_report+0xf8/0x5d8 [ 182.972358] kasan_report+0xc8/0x118 [ 182.973470] kasan_check_range+0xe8/0x190 [ 182.974708] __kasan_check_write+0x20/0x30 [ 182.975830] kasan_bitops_modify.constprop.0+0xa4/0x6d8 [ 182.977184] kasan_bitops_generic+0xb4/0x148 [ 182.978384] kunit_try_run_case+0xf8/0x260 [ 182.979594] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.981024] kthread+0x18c/0x1a8 [ 182.982009] ret_from_fork+0x10/0x20 [ 182.983089] [ 182.983608] Allocated by task 206: [ 182.984500] kasan_save_stack+0x3c/0x68 [ 182.985668] kasan_set_track+0x2c/0x40 [ 182.986801] kasan_save_alloc_info+0x24/0x38 [ 182.988071] __kasan_kmalloc+0xd4/0xd8 [ 182.989189] kmalloc_trace+0x68/0x130 [ 182.990300] kasan_bitops_generic+0x98/0x148 [ 182.991450] kunit_try_run_case+0xf8/0x260 [ 182.992735] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.994241] kthread+0x18c/0x1a8 [ 182.995248] ret_from_fork+0x10/0x20 [ 182.996352] [ 182.996982] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 182.996982] which belongs to the cache kmalloc-16 of size 16 [ 182.999527] The buggy address is located 8 bytes inside of [ 182.999527] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.002051] [ 183.002645] The buggy address belongs to the physical page: [ 183.003983] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.005964] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.007496] page_type: 0xffffffff() [ 183.008539] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.010161] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.011503] page dumped because: kasan: bad access detected [ 183.012867] [ 183.013388] Memory state around the buggy address: [ 183.014598] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.016202] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.017848] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.019395] ^ [ 183.020724] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.022310] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.023861] ================================================================== [ 183.237797] ================================================================== [ 183.239232] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x160/0x6d8 [ 183.240972] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.243201] [ 183.243747] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.246200] Hardware name: linux,dummy-virt (DT) [ 183.247704] Call trace: [ 183.248330] dump_backtrace+0x9c/0x128 [ 183.249741] show_stack+0x20/0x38 [ 183.250536] dump_stack_lvl+0x60/0xb0 [ 183.252026] print_report+0xf8/0x5d8 [ 183.253166] kasan_report+0xc8/0x118 [ 183.254316] kasan_check_range+0xe8/0x190 [ 183.255515] __kasan_check_write+0x20/0x30 [ 183.256668] kasan_bitops_modify.constprop.0+0x160/0x6d8 [ 183.258114] kasan_bitops_generic+0xb4/0x148 [ 183.259327] kunit_try_run_case+0xf8/0x260 [ 183.260444] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.262457] kthread+0x18c/0x1a8 [ 183.263490] ret_from_fork+0x10/0x20 [ 183.264609] [ 183.265923] Allocated by task 206: [ 183.266702] kasan_save_stack+0x3c/0x68 [ 183.268074] kasan_set_track+0x2c/0x40 [ 183.269255] kasan_save_alloc_info+0x24/0x38 [ 183.270561] __kasan_kmalloc+0xd4/0xd8 [ 183.271741] kmalloc_trace+0x68/0x130 [ 183.272826] kasan_bitops_generic+0x98/0x148 [ 183.273856] kunit_try_run_case+0xf8/0x260 [ 183.275603] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.277047] kthread+0x18c/0x1a8 [ 183.278034] ret_from_fork+0x10/0x20 [ 183.279121] [ 183.279663] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.279663] which belongs to the cache kmalloc-16 of size 16 [ 183.282722] The buggy address is located 8 bytes inside of [ 183.282722] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.285735] [ 183.286293] The buggy address belongs to the physical page: [ 183.287548] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.289674] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.291283] page_type: 0xffffffff() [ 183.292994] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.294748] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.296302] page dumped because: kasan: bad access detected [ 183.297827] [ 183.298292] Memory state around the buggy address: [ 183.299191] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.300815] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.302392] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.303932] ^ [ 183.305626] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.308131] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.310090] ================================================================== [ 183.027822] ================================================================== [ 183.029399] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xd0/0x6d8 [ 183.031268] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.033184] [ 183.033728] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.035313] Hardware name: linux,dummy-virt (DT) [ 183.036716] Call trace: [ 183.037531] dump_backtrace+0x9c/0x128 [ 183.038674] show_stack+0x20/0x38 [ 183.039682] dump_stack_lvl+0x60/0xb0 [ 183.040865] print_report+0xf8/0x5d8 [ 183.041995] kasan_report+0xc8/0x118 [ 183.043122] __asan_load8+0x9c/0xc0 [ 183.044232] kasan_bitops_modify.constprop.0+0xd0/0x6d8 [ 183.045619] kasan_bitops_generic+0xb4/0x148 [ 183.046842] kunit_try_run_case+0xf8/0x260 [ 183.048023] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.049473] kthread+0x18c/0x1a8 [ 183.050441] ret_from_fork+0x10/0x20 [ 183.051558] [ 183.052081] Allocated by task 206: [ 183.053013] kasan_save_stack+0x3c/0x68 [ 183.054163] kasan_set_track+0x2c/0x40 [ 183.055286] kasan_save_alloc_info+0x24/0x38 [ 183.056542] __kasan_kmalloc+0xd4/0xd8 [ 183.057675] kmalloc_trace+0x68/0x130 [ 183.058738] kasan_bitops_generic+0x98/0x148 [ 183.059914] kunit_try_run_case+0xf8/0x260 [ 183.061119] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.062594] kthread+0x18c/0x1a8 [ 183.063533] ret_from_fork+0x10/0x20 [ 183.064624] [ 183.065133] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.065133] which belongs to the cache kmalloc-16 of size 16 [ 183.067563] The buggy address is located 8 bytes inside of [ 183.067563] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.069954] [ 183.070554] The buggy address belongs to the physical page: [ 183.071873] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.073848] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.075446] page_type: 0xffffffff() [ 183.076498] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.078229] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.079819] page dumped because: kasan: bad access detected [ 183.081096] [ 183.081651] Memory state around the buggy address: [ 183.082883] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.084454] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.086046] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.087563] ^ [ 183.088870] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.090453] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.091961] ================================================================== [ 183.458039] ================================================================== [ 183.459432] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1ac/0x6d8 [ 183.461161] Write of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.463145] [ 183.463849] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.465664] Hardware name: linux,dummy-virt (DT) [ 183.466785] Call trace: [ 183.467468] dump_backtrace+0x9c/0x128 [ 183.468607] show_stack+0x20/0x38 [ 183.469641] dump_stack_lvl+0x60/0xb0 [ 183.470858] print_report+0xf8/0x5d8 [ 183.471992] kasan_report+0xc8/0x118 [ 183.473143] kasan_check_range+0xe8/0x190 [ 183.474369] __kasan_check_write+0x20/0x30 [ 183.475519] kasan_bitops_modify.constprop.0+0x1ac/0x6d8 [ 183.476941] kasan_bitops_generic+0xb4/0x148 [ 183.478183] kunit_try_run_case+0xf8/0x260 [ 183.479403] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.480862] kthread+0x18c/0x1a8 [ 183.481896] ret_from_fork+0x10/0x20 [ 183.483040] [ 183.483651] Allocated by task 206: [ 183.484563] kasan_save_stack+0x3c/0x68 [ 183.485766] kasan_set_track+0x2c/0x40 [ 183.486931] kasan_save_alloc_info+0x24/0x38 [ 183.488208] __kasan_kmalloc+0xd4/0xd8 [ 183.489346] kmalloc_trace+0x68/0x130 [ 183.490413] kasan_bitops_generic+0x98/0x148 [ 183.491623] kunit_try_run_case+0xf8/0x260 [ 183.492837] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.494305] kthread+0x18c/0x1a8 [ 183.495277] ret_from_fork+0x10/0x20 [ 183.496329] [ 183.496884] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.496884] which belongs to the cache kmalloc-16 of size 16 [ 183.499120] The buggy address is located 8 bytes inside of [ 183.499120] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.501520] [ 183.502031] The buggy address belongs to the physical page: [ 183.503311] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.505205] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.506764] page_type: 0xffffffff() [ 183.507792] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.509432] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.511033] page dumped because: kasan: bad access detected [ 183.512210] [ 183.512771] Memory state around the buggy address: [ 183.513933] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.515508] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.517087] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.518620] ^ [ 183.519931] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.521493] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.523014] ================================================================== [ 183.594725] ================================================================== [ 183.596201] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x20c/0x6d8 [ 183.597943] Read of size 8 at addr ffff0000c5e9f5c8 by task kunit_try_catch/206 [ 183.599466] [ 183.600075] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 183.601963] Hardware name: linux,dummy-virt (DT) [ 183.603068] Call trace: [ 183.603801] dump_backtrace+0x9c/0x128 [ 183.604880] show_stack+0x20/0x38 [ 183.605844] dump_stack_lvl+0x60/0xb0 [ 183.607011] print_report+0xf8/0x5d8 [ 183.608122] kasan_report+0xc8/0x118 [ 183.609228] __asan_load8+0x9c/0xc0 [ 183.610356] kasan_bitops_modify.constprop.0+0x20c/0x6d8 [ 183.611742] kasan_bitops_generic+0xb4/0x148 [ 183.612953] kunit_try_run_case+0xf8/0x260 [ 183.614140] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.615597] kthread+0x18c/0x1a8 [ 183.616550] ret_from_fork+0x10/0x20 [ 183.617641] [ 183.618134] Allocated by task 206: [ 183.619099] kasan_save_stack+0x3c/0x68 [ 183.620264] kasan_set_track+0x2c/0x40 [ 183.621409] kasan_save_alloc_info+0x24/0x38 [ 183.622696] __kasan_kmalloc+0xd4/0xd8 [ 183.623823] kmalloc_trace+0x68/0x130 [ 183.624866] kasan_bitops_generic+0x98/0x148 [ 183.626085] kunit_try_run_case+0xf8/0x260 [ 183.627262] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 183.628719] kthread+0x18c/0x1a8 [ 183.629661] ret_from_fork+0x10/0x20 [ 183.630749] [ 183.631268] The buggy address belongs to the object at ffff0000c5e9f5c0 [ 183.631268] which belongs to the cache kmalloc-16 of size 16 [ 183.633598] The buggy address is located 8 bytes inside of [ 183.633598] allocated 9-byte region [ffff0000c5e9f5c0, ffff0000c5e9f5c9) [ 183.636022] [ 183.636646] The buggy address belongs to the physical page: [ 183.637932] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 183.639949] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 183.641480] page_type: 0xffffffff() [ 183.642562] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 183.644248] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 183.645878] page dumped because: kasan: bad access detected [ 183.647133] [ 183.647661] Memory state around the buggy address: [ 183.648874] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 183.650609] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 183.652115] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 183.654662] ^ [ 183.656561] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.658172] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 183.659672] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
[ 182.863852] ================================================================== [ 182.865547] BUG: KASAN: slab-use-after-free in strnlen+0x3c/0x68 [ 182.866997] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.869038] [ 182.869748] CPU: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.871476] Hardware name: linux,dummy-virt (DT) [ 182.872551] Call trace: [ 182.873271] dump_backtrace+0x9c/0x128 [ 182.874370] show_stack+0x20/0x38 [ 182.875367] dump_stack_lvl+0x60/0xb0 [ 182.876498] print_report+0xf8/0x5d8 [ 182.877632] kasan_report+0xc8/0x118 [ 182.878786] __asan_load1+0x60/0x70 [ 182.879873] strnlen+0x3c/0x68 [ 182.880859] kasan_strings+0x1a4/0x478 [ 182.881980] kunit_try_run_case+0xf8/0x260 [ 182.883163] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.884639] kthread+0x18c/0x1a8 [ 182.885563] ret_from_fork+0x10/0x20 [ 182.886676] [ 182.887238] Allocated by task 204: [ 182.888141] kasan_save_stack+0x3c/0x68 [ 182.889268] kasan_set_track+0x2c/0x40 [ 182.890406] kasan_save_alloc_info+0x24/0x38 [ 182.891721] __kasan_kmalloc+0xd4/0xd8 [ 182.892862] kmalloc_trace+0x68/0x130 [ 182.893939] kasan_strings+0xa0/0x478 [ 182.895008] kunit_try_run_case+0xf8/0x260 [ 182.896192] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.897644] kthread+0x18c/0x1a8 [ 182.898611] ret_from_fork+0x10/0x20 [ 182.899682] [ 182.900171] Freed by task 204: [ 182.901060] kasan_save_stack+0x3c/0x68 [ 182.902256] kasan_set_track+0x2c/0x40 [ 182.903371] kasan_save_free_info+0x38/0x60 [ 182.904628] __kasan_slab_free+0x100/0x170 [ 182.906660] __kmem_cache_free+0x170/0x2e0 [ 182.907870] kfree+0x74/0x138 [ 182.908823] kasan_strings+0xbc/0x478 [ 182.909872] kunit_try_run_case+0xf8/0x260 [ 182.911100] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.912548] kthread+0x18c/0x1a8 [ 182.913507] ret_from_fork+0x10/0x20 [ 182.914601] [ 182.915117] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.915117] which belongs to the cache kmalloc-32 of size 32 [ 182.917485] The buggy address is located 16 bytes inside of [ 182.917485] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.919841] [ 182.920468] The buggy address belongs to the physical page: [ 182.921755] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.923711] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.925242] page_type: 0xffffffff() [ 182.926289] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.928032] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.929627] page dumped because: kasan: bad access detected [ 182.930898] [ 182.931399] Memory state around the buggy address: [ 182.932626] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.934240] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.935816] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.937389] ^ [ 182.938347] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.939970] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.941481] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
[ 182.782534] ================================================================== [ 182.784000] BUG: KASAN: slab-use-after-free in strlen+0x18/0x68 [ 182.785416] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.787295] [ 182.787863] CPU: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.789670] Hardware name: linux,dummy-virt (DT) [ 182.790835] Call trace: [ 182.791506] dump_backtrace+0x9c/0x128 [ 182.792619] show_stack+0x20/0x38 [ 182.793619] dump_stack_lvl+0x60/0xb0 [ 182.794800] print_report+0xf8/0x5d8 [ 182.795935] kasan_report+0xc8/0x118 [ 182.797056] __asan_load1+0x60/0x70 [ 182.798153] strlen+0x18/0x68 [ 182.799119] kasan_strings+0x17c/0x478 [ 182.800194] kunit_try_run_case+0xf8/0x260 [ 182.801633] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.803850] kthread+0x18c/0x1a8 [ 182.805046] ret_from_fork+0x10/0x20 [ 182.806076] [ 182.806623] Allocated by task 204: [ 182.807503] kasan_save_stack+0x3c/0x68 [ 182.808655] kasan_set_track+0x2c/0x40 [ 182.809792] kasan_save_alloc_info+0x24/0x38 [ 182.811038] __kasan_kmalloc+0xd4/0xd8 [ 182.812196] kmalloc_trace+0x68/0x130 [ 182.813252] kasan_strings+0xa0/0x478 [ 182.814316] kunit_try_run_case+0xf8/0x260 [ 182.815534] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.817013] kthread+0x18c/0x1a8 [ 182.817964] ret_from_fork+0x10/0x20 [ 182.819020] [ 182.819524] Freed by task 204: [ 182.820391] kasan_save_stack+0x3c/0x68 [ 182.821545] kasan_set_track+0x2c/0x40 [ 182.822718] kasan_save_free_info+0x38/0x60 [ 182.823977] __kasan_slab_free+0x100/0x170 [ 182.825174] __kmem_cache_free+0x170/0x2e0 [ 182.826374] kfree+0x74/0x138 [ 182.827313] kasan_strings+0xbc/0x478 [ 182.828386] kunit_try_run_case+0xf8/0x260 [ 182.829602] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.831042] kthread+0x18c/0x1a8 [ 182.832000] ret_from_fork+0x10/0x20 [ 182.833079] [ 182.833619] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.833619] which belongs to the cache kmalloc-32 of size 32 [ 182.836021] The buggy address is located 16 bytes inside of [ 182.836021] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.838465] [ 182.839003] The buggy address belongs to the physical page: [ 182.840278] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.842223] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.843833] page_type: 0xffffffff() [ 182.844874] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.846618] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.848196] page dumped because: kasan: bad access detected [ 182.849420] [ 182.850006] Memory state around the buggy address: [ 182.851197] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.852808] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.854408] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.855945] ^ [ 182.856906] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.858532] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.860070] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
[ 182.700220] ================================================================== [ 182.702221] BUG: KASAN: slab-use-after-free in kasan_strings+0x150/0x478 [ 182.704516] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.706614] [ 182.707343] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.709201] Hardware name: linux,dummy-virt (DT) [ 182.710354] Call trace: [ 182.711116] dump_backtrace+0x9c/0x128 [ 182.712228] show_stack+0x20/0x38 [ 182.713243] dump_stack_lvl+0x60/0xb0 [ 182.714425] print_report+0xf8/0x5d8 [ 182.715538] kasan_report+0xc8/0x118 [ 182.716697] __asan_load1+0x60/0x70 [ 182.717833] kasan_strings+0x150/0x478 [ 182.718955] kunit_try_run_case+0xf8/0x260 [ 182.720177] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.721661] kthread+0x18c/0x1a8 [ 182.722659] ret_from_fork+0x10/0x20 [ 182.723762] [ 182.724345] Allocated by task 204: [ 182.725236] kasan_save_stack+0x3c/0x68 [ 182.726402] kasan_set_track+0x2c/0x40 [ 182.727541] kasan_save_alloc_info+0x24/0x38 [ 182.728812] __kasan_kmalloc+0xd4/0xd8 [ 182.729989] kmalloc_trace+0x68/0x130 [ 182.731064] kasan_strings+0xa0/0x478 [ 182.732100] kunit_try_run_case+0xf8/0x260 [ 182.733277] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.734723] kthread+0x18c/0x1a8 [ 182.735669] ret_from_fork+0x10/0x20 [ 182.736727] [ 182.737258] Freed by task 204: [ 182.738101] kasan_save_stack+0x3c/0x68 [ 182.739228] kasan_set_track+0x2c/0x40 [ 182.740345] kasan_save_free_info+0x38/0x60 [ 182.741587] __kasan_slab_free+0x100/0x170 [ 182.742793] __kmem_cache_free+0x170/0x2e0 [ 182.743993] kfree+0x74/0x138 [ 182.744920] kasan_strings+0xbc/0x478 [ 182.745979] kunit_try_run_case+0xf8/0x260 [ 182.747168] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.748615] kthread+0x18c/0x1a8 [ 182.749538] ret_from_fork+0x10/0x20 [ 182.750641] [ 182.751123] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.751123] which belongs to the cache kmalloc-32 of size 32 [ 182.753456] The buggy address is located 16 bytes inside of [ 182.753456] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.755740] [ 182.756329] The buggy address belongs to the physical page: [ 182.757619] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.759466] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.761042] page_type: 0xffffffff() [ 182.762059] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.763720] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.765288] page dumped because: kasan: bad access detected [ 182.766526] [ 182.767066] Memory state around the buggy address: [ 182.768290] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.769901] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.771467] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.772982] ^ [ 182.773987] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.775534] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.777093] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
[ 182.600304] ================================================================== [ 182.602158] BUG: KASAN: slab-use-after-free in strcmp+0x2c/0x78 [ 182.604882] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.606840] [ 182.607745] CPU: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.609893] Hardware name: linux,dummy-virt (DT) [ 182.611278] Call trace: [ 182.612132] dump_backtrace+0x9c/0x128 [ 182.613397] show_stack+0x20/0x38 [ 182.614448] dump_stack_lvl+0x60/0xb0 [ 182.615562] print_report+0xf8/0x5d8 [ 182.616541] kasan_report+0xc8/0x118 [ 182.618446] __asan_load1+0x60/0x70 [ 182.619690] strcmp+0x2c/0x78 [ 182.620691] kasan_strings+0x12c/0x478 [ 182.622441] kunit_try_run_case+0xf8/0x260 [ 182.624097] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.625815] kthread+0x18c/0x1a8 [ 182.627117] ret_from_fork+0x10/0x20 [ 182.628205] [ 182.628718] Allocated by task 204: [ 182.629786] kasan_save_stack+0x3c/0x68 [ 182.630977] kasan_set_track+0x2c/0x40 [ 182.632109] kasan_save_alloc_info+0x24/0x38 [ 182.633770] __kasan_kmalloc+0xd4/0xd8 [ 182.634884] kmalloc_trace+0x68/0x130 [ 182.636053] kasan_strings+0xa0/0x478 [ 182.637906] kunit_try_run_case+0xf8/0x260 [ 182.639612] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.641122] kthread+0x18c/0x1a8 [ 182.642557] ret_from_fork+0x10/0x20 [ 182.643683] [ 182.644321] Freed by task 204: [ 182.645645] kasan_save_stack+0x3c/0x68 [ 182.647001] kasan_set_track+0x2c/0x40 [ 182.648256] kasan_save_free_info+0x38/0x60 [ 182.649836] __kasan_slab_free+0x100/0x170 [ 182.651317] __kmem_cache_free+0x170/0x2e0 [ 182.652511] kfree+0x74/0x138 [ 182.653516] kasan_strings+0xbc/0x478 [ 182.655791] kunit_try_run_case+0xf8/0x260 [ 182.657123] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.658785] kthread+0x18c/0x1a8 [ 182.659810] ret_from_fork+0x10/0x20 [ 182.661042] [ 182.662030] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.662030] which belongs to the cache kmalloc-32 of size 32 [ 182.665541] The buggy address is located 16 bytes inside of [ 182.665541] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.667448] [ 182.667976] The buggy address belongs to the physical page: [ 182.669347] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.672014] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.674021] page_type: 0xffffffff() [ 182.675457] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.677420] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.680422] page dumped because: kasan: bad access detected [ 182.682133] [ 182.682659] Memory state around the buggy address: [ 182.683938] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.685888] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.687619] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.689219] ^ [ 182.691001] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.692997] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.694611] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strrchr: Failure
[ 182.515431] ================================================================== [ 182.516927] BUG: KASAN: slab-use-after-free in strrchr+0x28/0x58 [ 182.518976] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.520242] [ 182.520756] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.523406] Hardware name: linux,dummy-virt (DT) [ 182.524594] Call trace: [ 182.525312] dump_backtrace+0x9c/0x128 [ 182.526709] show_stack+0x20/0x38 [ 182.527749] dump_stack_lvl+0x60/0xb0 [ 182.529246] print_report+0xf8/0x5d8 [ 182.530325] kasan_report+0xc8/0x118 [ 182.531427] __asan_load1+0x60/0x70 [ 182.532586] strrchr+0x28/0x58 [ 182.533737] kasan_strings+0x104/0x478 [ 182.534721] kunit_try_run_case+0xf8/0x260 [ 182.535992] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.537462] kthread+0x18c/0x1a8 [ 182.538256] ret_from_fork+0x10/0x20 [ 182.539165] [ 182.539682] Allocated by task 204: [ 182.541044] kasan_save_stack+0x3c/0x68 [ 182.542482] kasan_set_track+0x2c/0x40 [ 182.543690] kasan_save_alloc_info+0x24/0x38 [ 182.545326] __kasan_kmalloc+0xd4/0xd8 [ 182.546474] kmalloc_trace+0x68/0x130 [ 182.547508] kasan_strings+0xa0/0x478 [ 182.548586] kunit_try_run_case+0xf8/0x260 [ 182.549848] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.551341] kthread+0x18c/0x1a8 [ 182.552293] ret_from_fork+0x10/0x20 [ 182.553651] [ 182.554189] Freed by task 204: [ 182.554959] kasan_save_stack+0x3c/0x68 [ 182.555645] kasan_set_track+0x2c/0x40 [ 182.556796] kasan_save_free_info+0x38/0x60 [ 182.558181] __kasan_slab_free+0x100/0x170 [ 182.559223] __kmem_cache_free+0x170/0x2e0 [ 182.560371] kfree+0x74/0x138 [ 182.561655] kasan_strings+0xbc/0x478 [ 182.562748] kunit_try_run_case+0xf8/0x260 [ 182.563930] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.565400] kthread+0x18c/0x1a8 [ 182.566423] ret_from_fork+0x10/0x20 [ 182.567472] [ 182.568000] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.568000] which belongs to the cache kmalloc-32 of size 32 [ 182.570415] The buggy address is located 16 bytes inside of [ 182.570415] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.572911] [ 182.573446] The buggy address belongs to the physical page: [ 182.575068] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.577382] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.578822] page_type: 0xffffffff() [ 182.579649] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.581764] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.583710] page dumped because: kasan: bad access detected [ 182.585350] [ 182.585909] Memory state around the buggy address: [ 182.587037] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.588833] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.590613] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.592099] ^ [ 182.593482] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.595046] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.596564] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strchr: Failure
[ 182.426124] ================================================================== [ 182.427983] BUG: KASAN: slab-use-after-free in strchr+0x20/0x80 [ 182.429478] Read of size 1 at addr ffff0000c5f6ec10 by task kunit_try_catch/204 [ 182.431791] [ 182.432267] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.434660] Hardware name: linux,dummy-virt (DT) [ 182.435793] Call trace: [ 182.436410] dump_backtrace+0x9c/0x128 [ 182.437826] show_stack+0x20/0x38 [ 182.438862] dump_stack_lvl+0x60/0xb0 [ 182.440025] print_report+0xf8/0x5d8 [ 182.441184] kasan_report+0xc8/0x118 [ 182.442507] __asan_load1+0x60/0x70 [ 182.443649] strchr+0x20/0x80 [ 182.444632] kasan_strings+0xdc/0x478 [ 182.445970] kunit_try_run_case+0xf8/0x260 [ 182.447195] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.448712] kthread+0x18c/0x1a8 [ 182.449807] ret_from_fork+0x10/0x20 [ 182.451015] [ 182.451620] Allocated by task 204: [ 182.452504] kasan_save_stack+0x3c/0x68 [ 182.453826] kasan_set_track+0x2c/0x40 [ 182.454641] kasan_save_alloc_info+0x24/0x38 [ 182.456060] __kasan_kmalloc+0xd4/0xd8 [ 182.457247] kmalloc_trace+0x68/0x130 [ 182.458639] kasan_strings+0xa0/0x478 [ 182.459739] kunit_try_run_case+0xf8/0x260 [ 182.460948] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.462609] kthread+0x18c/0x1a8 [ 182.463799] ret_from_fork+0x10/0x20 [ 182.464904] [ 182.465392] Freed by task 204: [ 182.466288] kasan_save_stack+0x3c/0x68 [ 182.467544] kasan_set_track+0x2c/0x40 [ 182.468845] kasan_save_free_info+0x38/0x60 [ 182.470187] __kasan_slab_free+0x100/0x170 [ 182.471246] __kmem_cache_free+0x170/0x2e0 [ 182.472801] kfree+0x74/0x138 [ 182.474436] kasan_strings+0xbc/0x478 [ 182.475620] kunit_try_run_case+0xf8/0x260 [ 182.476829] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.478483] kthread+0x18c/0x1a8 [ 182.479507] ret_from_fork+0x10/0x20 [ 182.480765] [ 182.481611] The buggy address belongs to the object at ffff0000c5f6ec00 [ 182.481611] which belongs to the cache kmalloc-32 of size 32 [ 182.484060] The buggy address is located 16 bytes inside of [ 182.484060] freed 32-byte region [ffff0000c5f6ec00, ffff0000c5f6ec20) [ 182.486856] [ 182.487347] The buggy address belongs to the physical page: [ 182.488917] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.491284] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.493211] page_type: 0xffffffff() [ 182.494809] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.496550] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.498315] page dumped because: kasan: bad access detected [ 182.499562] [ 182.500276] Memory state around the buggy address: [ 182.501627] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.503285] ffff0000c5f6eb80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 182.505018] >ffff0000c5f6ec00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 182.506741] ^ [ 182.507838] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.509474] ffff0000c5f6ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.511690] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
[ 182.332001] ================================================================== [ 182.334548] BUG: KASAN: slab-out-of-bounds in memcmp+0x44/0xd0 [ 182.335707] Read of size 1 at addr ffff0000c5f6eb98 by task kunit_try_catch/202 [ 182.337593] [ 182.338372] CPU: 1 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.340668] Hardware name: linux,dummy-virt (DT) [ 182.342342] Call trace: [ 182.343092] dump_backtrace+0x9c/0x128 [ 182.344150] show_stack+0x20/0x38 [ 182.345138] dump_stack_lvl+0x60/0xb0 [ 182.346456] print_report+0xf8/0x5d8 [ 182.347615] kasan_report+0xc8/0x118 [ 182.348746] __asan_load1+0x60/0x70 [ 182.350698] memcmp+0x44/0xd0 [ 182.351726] kasan_memcmp+0xf0/0x208 [ 182.352869] kunit_try_run_case+0xf8/0x260 [ 182.354340] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.355780] kthread+0x18c/0x1a8 [ 182.356729] ret_from_fork+0x10/0x20 [ 182.357864] [ 182.358443] Allocated by task 202: [ 182.359412] kasan_save_stack+0x3c/0x68 [ 182.360602] kasan_set_track+0x2c/0x40 [ 182.361785] kasan_save_alloc_info+0x24/0x38 [ 182.363037] __kasan_kmalloc+0xd4/0xd8 [ 182.364234] kmalloc_trace+0x68/0x130 [ 182.365328] kasan_memcmp+0xac/0x208 [ 182.366401] kunit_try_run_case+0xf8/0x260 [ 182.367795] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.369465] kthread+0x18c/0x1a8 [ 182.370983] ret_from_fork+0x10/0x20 [ 182.372661] [ 182.373606] The buggy address belongs to the object at ffff0000c5f6eb80 [ 182.373606] which belongs to the cache kmalloc-32 of size 32 [ 182.376181] The buggy address is located 0 bytes to the right of [ 182.376181] allocated 24-byte region [ffff0000c5f6eb80, ffff0000c5f6eb98) [ 182.378975] [ 182.379634] The buggy address belongs to the physical page: [ 182.380907] page:00000000e8269612 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f6e [ 182.383197] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.384763] page_type: 0xffffffff() [ 182.386204] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.387844] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.389658] page dumped because: kasan: bad access detected [ 182.390971] [ 182.391759] Memory state around the buggy address: [ 182.392833] ffff0000c5f6ea80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.395270] ffff0000c5f6eb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 182.397027] >ffff0000c5f6eb80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.398548] ^ [ 182.399605] ffff0000c5f6ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.401415] ffff0000c5f6ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.402877] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memchr: Failure
[ 182.231012] ================================================================== [ 182.234107] BUG: KASAN: slab-out-of-bounds in memchr+0x28/0x78 [ 182.235810] Read of size 1 at addr ffff0000c6051798 by task kunit_try_catch/200 [ 182.237991] [ 182.238477] CPU: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.240852] Hardware name: linux,dummy-virt (DT) [ 182.241992] Call trace: [ 182.242738] dump_backtrace+0x9c/0x128 [ 182.243909] show_stack+0x20/0x38 [ 182.244802] dump_stack_lvl+0x60/0xb0 [ 182.246105] print_report+0xf8/0x5d8 [ 182.247233] kasan_report+0xc8/0x118 [ 182.248197] __asan_load1+0x60/0x70 [ 182.249647] memchr+0x28/0x78 [ 182.251513] kasan_memchr+0xd4/0x1f0 [ 182.252671] kunit_try_run_case+0xf8/0x260 [ 182.254127] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.256214] kthread+0x18c/0x1a8 [ 182.257336] ret_from_fork+0x10/0x20 [ 182.258852] [ 182.259275] Allocated by task 200: [ 182.260349] kasan_save_stack+0x3c/0x68 [ 182.261781] kasan_set_track+0x2c/0x40 [ 182.263191] kasan_save_alloc_info+0x24/0x38 [ 182.264503] __kasan_kmalloc+0xd4/0xd8 [ 182.265976] kmalloc_trace+0x68/0x130 [ 182.266885] kasan_memchr+0xa0/0x1f0 [ 182.268044] kunit_try_run_case+0xf8/0x260 [ 182.269537] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.270935] kthread+0x18c/0x1a8 [ 182.271872] ret_from_fork+0x10/0x20 [ 182.273440] [ 182.274026] The buggy address belongs to the object at ffff0000c6051780 [ 182.274026] which belongs to the cache kmalloc-32 of size 32 [ 182.276512] The buggy address is located 0 bytes to the right of [ 182.276512] allocated 24-byte region [ffff0000c6051780, ffff0000c6051798) [ 182.279783] [ 182.280270] The buggy address belongs to the physical page: [ 182.282305] page:00000000b85054fb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106051 [ 182.284269] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.286381] page_type: 0xffffffff() [ 182.288166] raw: 0bfffc0000000800 ffff0000c0001500 dead000000000122 0000000000000000 [ 182.289979] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 182.291769] page dumped because: kasan: bad access detected [ 182.293039] [ 182.293558] Memory state around the buggy address: [ 182.295511] ffff0000c6051680: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 182.297767] ffff0000c6051700: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 182.299598] >ffff0000c6051780: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.301248] ^ [ 182.302321] ffff0000c6051800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.303795] ffff0000c6051880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.306016] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
[ 182.044091] ================================================================== [ 182.046397] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xdc/0x230 [ 182.047933] Free of addr ffff0000c60a7001 by task kunit_try_catch/196 [ 182.049524] [ 182.050158] CPU: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 182.052081] Hardware name: linux,dummy-virt (DT) [ 182.053197] Call trace: [ 182.053922] dump_backtrace+0x9c/0x128 [ 182.055009] show_stack+0x20/0x38 [ 182.055993] dump_stack_lvl+0x60/0xb0 [ 182.057119] print_report+0xf8/0x5d8 [ 182.058229] kasan_report_invalid_free+0xb0/0xd8 [ 182.059513] __kasan_slab_free+0x164/0x170 [ 182.060690] kmem_cache_free+0x18c/0x3f8 [ 182.061891] kmem_cache_invalid_free+0xdc/0x230 [ 182.063102] kunit_try_run_case+0xf8/0x260 [ 182.064306] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.065767] kthread+0x18c/0x1a8 [ 182.066718] ret_from_fork+0x10/0x20 [ 182.067787] [ 182.068315] Allocated by task 196: [ 182.069206] kasan_save_stack+0x3c/0x68 [ 182.070361] kasan_set_track+0x2c/0x40 [ 182.071465] kasan_save_alloc_info+0x24/0x38 [ 182.072714] __kasan_slab_alloc+0xa8/0xb0 [ 182.073901] kmem_cache_alloc+0x134/0x330 [ 182.075051] kmem_cache_invalid_free+0xb8/0x230 [ 182.076299] kunit_try_run_case+0xf8/0x260 [ 182.077480] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 182.078960] kthread+0x18c/0x1a8 [ 182.079930] ret_from_fork+0x10/0x20 [ 182.081042] [ 182.081543] The buggy address belongs to the object at ffff0000c60a7000 [ 182.081543] which belongs to the cache test_cache of size 200 [ 182.083925] The buggy address is located 1 bytes inside of [ 182.083925] 200-byte region [ffff0000c60a7000, ffff0000c60a70c8) [ 182.086196] [ 182.086834] The buggy address belongs to the physical page: [ 182.088084] page:000000005c63666a refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060a7 [ 182.089994] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 182.091492] page_type: 0xffffffff() [ 182.092544] raw: 0bfffc0000000800 ffff0000c56c0780 dead000000000122 0000000000000000 [ 182.094238] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 182.095775] page dumped because: kasan: bad access detected [ 182.096991] [ 182.097504] Memory state around the buggy address: [ 182.098766] ffff0000c60a6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.100328] ffff0000c60a6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.101912] >ffff0000c60a7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 182.103402] ^ [ 182.104290] ffff0000c60a7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 182.105882] ffff0000c60a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 182.107407] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
[ 181.911862] ================================================================== [ 181.914047] BUG: KASAN: double-free in kmem_cache_double_free+0xe8/0x240 [ 181.916268] Free of addr ffff0000c605d000 by task kunit_try_catch/194 [ 181.917765] [ 181.918398] CPU: 1 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.920273] Hardware name: linux,dummy-virt (DT) [ 181.921742] Call trace: [ 181.922281] dump_backtrace+0x9c/0x128 [ 181.923356] show_stack+0x20/0x38 [ 181.925390] dump_stack_lvl+0x60/0xb0 [ 181.926596] print_report+0xf8/0x5d8 [ 181.927766] kasan_report_invalid_free+0xb0/0xd8 [ 181.929142] __kasan_slab_free+0x134/0x170 [ 181.931316] kmem_cache_free+0x18c/0x3f8 [ 181.932280] kmem_cache_double_free+0xe8/0x240 [ 181.933594] kunit_try_run_case+0xf8/0x260 [ 181.934816] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.936273] kthread+0x18c/0x1a8 [ 181.937384] ret_from_fork+0x10/0x20 [ 181.938411] [ 181.939070] Allocated by task 194: [ 181.940088] kasan_save_stack+0x3c/0x68 [ 181.941345] kasan_set_track+0x2c/0x40 [ 181.942535] kasan_save_alloc_info+0x24/0x38 [ 181.943893] __kasan_slab_alloc+0xa8/0xb0 [ 181.945148] kmem_cache_alloc+0x134/0x330 [ 181.946537] kmem_cache_double_free+0xb8/0x240 [ 181.948027] kunit_try_run_case+0xf8/0x260 [ 181.949389] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.950888] kthread+0x18c/0x1a8 [ 181.951859] ret_from_fork+0x10/0x20 [ 181.953272] [ 181.953762] Freed by task 194: [ 181.954384] kasan_save_stack+0x3c/0x68 [ 181.956024] kasan_set_track+0x2c/0x40 [ 181.957332] kasan_save_free_info+0x38/0x60 [ 181.958691] __kasan_slab_free+0x100/0x170 [ 181.959917] kmem_cache_free+0x18c/0x3f8 [ 181.961298] kmem_cache_double_free+0xd4/0x240 [ 181.962755] kunit_try_run_case+0xf8/0x260 [ 181.964267] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.965560] kthread+0x18c/0x1a8 [ 181.966566] ret_from_fork+0x10/0x20 [ 181.967658] [ 181.968174] The buggy address belongs to the object at ffff0000c605d000 [ 181.968174] which belongs to the cache test_cache of size 200 [ 181.970512] The buggy address is located 0 bytes inside of [ 181.970512] 200-byte region [ffff0000c605d000, ffff0000c605d0c8) [ 181.973435] [ 181.974097] The buggy address belongs to the physical page: [ 181.975656] page:00000000f1f286b1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10605d [ 181.977948] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.979193] page_type: 0xffffffff() [ 181.980394] raw: 0bfffc0000000800 ffff0000c0f9e780 dead000000000122 0000000000000000 [ 181.982434] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 181.983993] page dumped because: kasan: bad access detected [ 181.985566] [ 181.986144] Memory state around the buggy address: [ 181.987909] ffff0000c605cf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 181.989365] ffff0000c605cf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 181.991120] >ffff0000c605d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.992725] ^ [ 181.995085] ffff0000c605d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 181.996740] ffff0000c605d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.998314] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
[ 181.716233] ================================================================== [ 181.718005] BUG: KASAN: slab-use-after-free in ksize_uaf+0xe8/0x2f0 [ 181.719526] Read of size 1 at addr ffff0000c170c100 by task kunit_try_catch/192 [ 181.721995] [ 181.722383] CPU: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.724585] Hardware name: linux,dummy-virt (DT) [ 181.726493] Call trace: [ 181.727188] dump_backtrace+0x9c/0x128 [ 181.728318] show_stack+0x20/0x38 [ 181.730011] dump_stack_lvl+0x60/0xb0 [ 181.731097] print_report+0xf8/0x5d8 [ 181.732325] kasan_report+0xc8/0x118 [ 181.733776] __asan_load1+0x60/0x70 [ 181.735061] ksize_uaf+0xe8/0x2f0 [ 181.736141] kunit_try_run_case+0xf8/0x260 [ 181.737526] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.738818] kthread+0x18c/0x1a8 [ 181.740168] ret_from_fork+0x10/0x20 [ 181.741666] [ 181.742352] Allocated by task 192: [ 181.743181] kasan_save_stack+0x3c/0x68 [ 181.744363] kasan_set_track+0x2c/0x40 [ 181.745822] kasan_save_alloc_info+0x24/0x38 [ 181.747088] __kasan_kmalloc+0xd4/0xd8 [ 181.748257] kmalloc_trace+0x68/0x130 [ 181.749740] ksize_uaf+0x9c/0x2f0 [ 181.750862] kunit_try_run_case+0xf8/0x260 [ 181.752069] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.753656] kthread+0x18c/0x1a8 [ 181.754743] ret_from_fork+0x10/0x20 [ 181.755734] [ 181.756346] Freed by task 192: [ 181.757272] kasan_save_stack+0x3c/0x68 [ 181.758478] kasan_set_track+0x2c/0x40 [ 181.759641] kasan_save_free_info+0x38/0x60 [ 181.761106] __kasan_slab_free+0x100/0x170 [ 181.762613] __kmem_cache_free+0x170/0x2e0 [ 181.763877] kfree+0x74/0x138 [ 181.764863] ksize_uaf+0xb8/0x2f0 [ 181.765937] kunit_try_run_case+0xf8/0x260 [ 181.767134] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.768589] kthread+0x18c/0x1a8 [ 181.769802] ret_from_fork+0x10/0x20 [ 181.770800] [ 181.771269] The buggy address belongs to the object at ffff0000c170c100 [ 181.771269] which belongs to the cache kmalloc-128 of size 128 [ 181.774302] The buggy address is located 0 bytes inside of [ 181.774302] freed 128-byte region [ffff0000c170c100, ffff0000c170c180) [ 181.776611] [ 181.777366] The buggy address belongs to the physical page: [ 181.779523] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.781949] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.783489] page_type: 0xffffffff() [ 181.784897] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.786767] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.788368] page dumped because: kasan: bad access detected [ 181.790089] [ 181.790903] Memory state around the buggy address: [ 181.792308] ffff0000c170c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.793986] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.795644] >ffff0000c170c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.797162] ^ [ 181.798414] ffff0000c170c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.799670] ffff0000c170c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.801510] ================================================================== [ 181.805619] ================================================================== [ 181.807192] BUG: KASAN: slab-use-after-free in ksize_uaf+0x10c/0x2f0 [ 181.808689] Read of size 1 at addr ffff0000c170c178 by task kunit_try_catch/192 [ 181.810464] [ 181.811075] CPU: 1 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.812899] Hardware name: linux,dummy-virt (DT) [ 181.814056] Call trace: [ 181.814789] dump_backtrace+0x9c/0x128 [ 181.815902] show_stack+0x20/0x38 [ 181.816912] dump_stack_lvl+0x60/0xb0 [ 181.818457] print_report+0xf8/0x5d8 [ 181.820087] kasan_report+0xc8/0x118 [ 181.822207] __asan_load1+0x60/0x70 [ 181.823332] ksize_uaf+0x10c/0x2f0 [ 181.824425] kunit_try_run_case+0xf8/0x260 [ 181.825664] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.827206] kthread+0x18c/0x1a8 [ 181.828173] ret_from_fork+0x10/0x20 [ 181.829278] [ 181.829853] Allocated by task 192: [ 181.830786] kasan_save_stack+0x3c/0x68 [ 181.831956] kasan_set_track+0x2c/0x40 [ 181.833109] kasan_save_alloc_info+0x24/0x38 [ 181.834419] __kasan_kmalloc+0xd4/0xd8 [ 181.835595] kmalloc_trace+0x68/0x130 [ 181.836618] ksize_uaf+0x9c/0x2f0 [ 181.837637] kunit_try_run_case+0xf8/0x260 [ 181.838836] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.840295] kthread+0x18c/0x1a8 [ 181.841275] ret_from_fork+0x10/0x20 [ 181.842357] [ 181.842933] Freed by task 192: [ 181.843773] kasan_save_stack+0x3c/0x68 [ 181.844925] kasan_set_track+0x2c/0x40 [ 181.846084] kasan_save_free_info+0x38/0x60 [ 181.847345] __kasan_slab_free+0x100/0x170 [ 181.848559] __kmem_cache_free+0x170/0x2e0 [ 181.849782] kfree+0x74/0x138 [ 181.850688] ksize_uaf+0xb8/0x2f0 [ 181.851717] kunit_try_run_case+0xf8/0x260 [ 181.852909] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.854381] kthread+0x18c/0x1a8 [ 181.855368] ret_from_fork+0x10/0x20 [ 181.856448] [ 181.857032] The buggy address belongs to the object at ffff0000c170c100 [ 181.857032] which belongs to the cache kmalloc-128 of size 128 [ 181.859451] The buggy address is located 120 bytes inside of [ 181.859451] freed 128-byte region [ffff0000c170c100, ffff0000c170c180) [ 181.861912] [ 181.862523] The buggy address belongs to the physical page: [ 181.863896] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.865863] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.867444] page_type: 0xffffffff() [ 181.868506] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.870228] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.871847] page dumped because: kasan: bad access detected [ 181.873101] [ 181.873766] Memory state around the buggy address: [ 181.874922] ffff0000c170c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.876495] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.878122] >ffff0000c170c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.879660] ^ [ 181.881266] ffff0000c170c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.882863] ffff0000c170c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.884388] ================================================================== [ 181.620012] ================================================================== [ 181.622251] BUG: KASAN: slab-use-after-free in ksize_uaf+0xc8/0x2f0 [ 181.624688] Read of size 1 at addr ffff0000c170c100 by task kunit_try_catch/192 [ 181.627154] [ 181.627924] CPU: 1 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.630056] Hardware name: linux,dummy-virt (DT) [ 181.631114] Call trace: [ 181.631758] dump_backtrace+0x9c/0x128 [ 181.632867] show_stack+0x20/0x38 [ 181.634019] dump_stack_lvl+0x60/0xb0 [ 181.635363] print_report+0xf8/0x5d8 [ 181.636538] kasan_report+0xc8/0x118 [ 181.637955] __kasan_check_byte+0x54/0x70 [ 181.638997] ksize+0x30/0x88 [ 181.639963] ksize_uaf+0xc8/0x2f0 [ 181.640719] kunit_try_run_case+0xf8/0x260 [ 181.642290] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.643828] kthread+0x18c/0x1a8 [ 181.644812] ret_from_fork+0x10/0x20 [ 181.646019] [ 181.646542] Allocated by task 192: [ 181.647453] kasan_save_stack+0x3c/0x68 [ 181.649916] kasan_set_track+0x2c/0x40 [ 181.651066] kasan_save_alloc_info+0x24/0x38 [ 181.652292] __kasan_kmalloc+0xd4/0xd8 [ 181.653524] kmalloc_trace+0x68/0x130 [ 181.654696] ksize_uaf+0x9c/0x2f0 [ 181.656563] kunit_try_run_case+0xf8/0x260 [ 181.657838] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.659549] kthread+0x18c/0x1a8 [ 181.660541] ret_from_fork+0x10/0x20 [ 181.662709] [ 181.663211] Freed by task 192: [ 181.664203] kasan_save_stack+0x3c/0x68 [ 181.665883] kasan_set_track+0x2c/0x40 [ 181.667163] kasan_save_free_info+0x38/0x60 [ 181.668411] __kasan_slab_free+0x100/0x170 [ 181.669808] __kmem_cache_free+0x170/0x2e0 [ 181.671327] kfree+0x74/0x138 [ 181.672287] ksize_uaf+0xb8/0x2f0 [ 181.673846] kunit_try_run_case+0xf8/0x260 [ 181.675166] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.676658] kthread+0x18c/0x1a8 [ 181.677639] ret_from_fork+0x10/0x20 [ 181.679097] [ 181.679720] The buggy address belongs to the object at ffff0000c170c100 [ 181.679720] which belongs to the cache kmalloc-128 of size 128 [ 181.682412] The buggy address is located 0 bytes inside of [ 181.682412] freed 128-byte region [ffff0000c170c100, ffff0000c170c180) [ 181.686688] [ 181.687339] The buggy address belongs to the physical page: [ 181.688286] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.690330] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.691915] page_type: 0xffffffff() [ 181.693108] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.695126] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.696874] page dumped because: kasan: bad access detected [ 181.698387] [ 181.698910] Memory state around the buggy address: [ 181.699933] ffff0000c170c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.701960] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.703775] >ffff0000c170c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 181.705515] ^ [ 181.707010] ffff0000c170c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.708560] ffff0000c170c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.710366] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
[ 181.528360] ================================================================== [ 181.529938] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x150/0x378 [ 181.531677] Read of size 1 at addr ffff0000c170c07f by task kunit_try_catch/190 [ 181.533367] [ 181.534029] CPU: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.536141] Hardware name: linux,dummy-virt (DT) [ 181.537185] Call trace: [ 181.537973] dump_backtrace+0x9c/0x128 [ 181.539051] show_stack+0x20/0x38 [ 181.540028] dump_stack_lvl+0x60/0xb0 [ 181.541267] print_report+0xf8/0x5d8 [ 181.543457] kasan_report+0xc8/0x118 [ 181.544427] __asan_load1+0x60/0x70 [ 181.545622] ksize_unpoisons_memory+0x150/0x378 [ 181.546972] kunit_try_run_case+0xf8/0x260 [ 181.548196] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.549916] kthread+0x18c/0x1a8 [ 181.550707] ret_from_fork+0x10/0x20 [ 181.552619] [ 181.553318] Allocated by task 190: [ 181.554474] kasan_save_stack+0x3c/0x68 [ 181.555446] kasan_set_track+0x2c/0x40 [ 181.556561] kasan_save_alloc_info+0x24/0x38 [ 181.557762] __kasan_kmalloc+0xd4/0xd8 [ 181.559693] kmalloc_trace+0x68/0x130 [ 181.561320] ksize_unpoisons_memory+0xb0/0x378 [ 181.562881] kunit_try_run_case+0xf8/0x260 [ 181.564131] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.565881] kthread+0x18c/0x1a8 [ 181.567043] ret_from_fork+0x10/0x20 [ 181.568200] [ 181.568758] The buggy address belongs to the object at ffff0000c170c000 [ 181.568758] which belongs to the cache kmalloc-128 of size 128 [ 181.571544] The buggy address is located 12 bytes to the right of [ 181.571544] allocated 115-byte region [ffff0000c170c000, ffff0000c170c073) [ 181.574938] [ 181.575391] The buggy address belongs to the physical page: [ 181.577278] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.579639] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.581292] page_type: 0xffffffff() [ 181.582405] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.584670] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.586329] page dumped because: kasan: bad access detected [ 181.587585] [ 181.588127] Memory state around the buggy address: [ 181.589384] ffff0000c170bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.591175] ffff0000c170bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.593114] >ffff0000c170c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 181.594784] ^ [ 181.596390] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.598288] ffff0000c170c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.600164] ================================================================== [ 181.449245] ================================================================== [ 181.450968] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x128/0x378 [ 181.452724] Read of size 1 at addr ffff0000c170c078 by task kunit_try_catch/190 [ 181.454477] [ 181.455244] CPU: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.456921] Hardware name: linux,dummy-virt (DT) [ 181.457838] Call trace: [ 181.458566] dump_backtrace+0x9c/0x128 [ 181.460207] show_stack+0x20/0x38 [ 181.461335] dump_stack_lvl+0x60/0xb0 [ 181.462532] print_report+0xf8/0x5d8 [ 181.463680] kasan_report+0xc8/0x118 [ 181.464823] __asan_load1+0x60/0x70 [ 181.466291] ksize_unpoisons_memory+0x128/0x378 [ 181.467337] kunit_try_run_case+0xf8/0x260 [ 181.469163] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.470656] kthread+0x18c/0x1a8 [ 181.471660] ret_from_fork+0x10/0x20 [ 181.472757] [ 181.473399] Allocated by task 190: [ 181.475113] kasan_save_stack+0x3c/0x68 [ 181.476423] kasan_set_track+0x2c/0x40 [ 181.477594] kasan_save_alloc_info+0x24/0x38 [ 181.478933] __kasan_kmalloc+0xd4/0xd8 [ 181.480241] kmalloc_trace+0x68/0x130 [ 181.481514] ksize_unpoisons_memory+0xb0/0x378 [ 181.483650] kunit_try_run_case+0xf8/0x260 [ 181.484958] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.486414] kthread+0x18c/0x1a8 [ 181.487403] ret_from_fork+0x10/0x20 [ 181.488509] [ 181.489222] The buggy address belongs to the object at ffff0000c170c000 [ 181.489222] which belongs to the cache kmalloc-128 of size 128 [ 181.492953] The buggy address is located 5 bytes to the right of [ 181.492953] allocated 115-byte region [ffff0000c170c000, ffff0000c170c073) [ 181.495656] [ 181.496139] The buggy address belongs to the physical page: [ 181.497506] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.501313] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.502927] page_type: 0xffffffff() [ 181.503979] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.505895] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.507995] page dumped because: kasan: bad access detected [ 181.509360] [ 181.509963] Memory state around the buggy address: [ 181.511191] ffff0000c170bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.512447] ffff0000c170bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.514019] >ffff0000c170c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 181.516846] ^ [ 181.520029] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.521919] ffff0000c170c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.523451] ================================================================== [ 181.373790] ================================================================== [ 181.376530] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x104/0x378 [ 181.378065] Read of size 1 at addr ffff0000c170c073 by task kunit_try_catch/190 [ 181.380198] [ 181.381223] CPU: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.382720] Hardware name: linux,dummy-virt (DT) [ 181.384005] Call trace: [ 181.384801] dump_backtrace+0x9c/0x128 [ 181.385974] show_stack+0x20/0x38 [ 181.386919] dump_stack_lvl+0x60/0xb0 [ 181.388083] print_report+0xf8/0x5d8 [ 181.389555] kasan_report+0xc8/0x118 [ 181.390730] __asan_load1+0x60/0x70 [ 181.392605] ksize_unpoisons_memory+0x104/0x378 [ 181.394234] kunit_try_run_case+0xf8/0x260 [ 181.395119] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.396514] kthread+0x18c/0x1a8 [ 181.397506] ret_from_fork+0x10/0x20 [ 181.398607] [ 181.399095] Allocated by task 190: [ 181.400062] kasan_save_stack+0x3c/0x68 [ 181.401254] kasan_set_track+0x2c/0x40 [ 181.402831] kasan_save_alloc_info+0x24/0x38 [ 181.404349] __kasan_kmalloc+0xd4/0xd8 [ 181.405450] kmalloc_trace+0x68/0x130 [ 181.406518] ksize_unpoisons_memory+0xb0/0x378 [ 181.407855] kunit_try_run_case+0xf8/0x260 [ 181.409245] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.410472] kthread+0x18c/0x1a8 [ 181.411322] ret_from_fork+0x10/0x20 [ 181.412787] [ 181.413326] The buggy address belongs to the object at ffff0000c170c000 [ 181.413326] which belongs to the cache kmalloc-128 of size 128 [ 181.415599] The buggy address is located 0 bytes to the right of [ 181.415599] allocated 115-byte region [ffff0000c170c000, ffff0000c170c073) [ 181.418517] [ 181.419012] The buggy address belongs to the physical page: [ 181.420744] page:00000000265a4d16 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10170c [ 181.422682] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 181.424257] page_type: 0xffffffff() [ 181.425502] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 181.427622] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 181.429586] page dumped because: kasan: bad access detected [ 181.430668] [ 181.431135] Memory state around the buggy address: [ 181.432118] ffff0000c170bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.434103] ffff0000c170bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.435918] >ffff0000c170c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 181.437225] ^ [ 181.438769] ffff0000c170c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.440384] ffff0000c170c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 181.441980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
[ 181.295841] ================================================================== [ 181.298655] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x114/0x200 [ 181.300398] Read of size 1 at addr ffff8000807f7c2a by task kunit_try_catch/188 [ 181.302012] [ 181.302857] CPU: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.305682] Hardware name: linux,dummy-virt (DT) [ 181.306740] Call trace: [ 181.307606] dump_backtrace+0x9c/0x128 [ 181.308616] show_stack+0x20/0x38 [ 181.309773] dump_stack_lvl+0x60/0xb0 [ 181.311194] print_report+0x314/0x5d8 [ 181.312316] kasan_report+0xc8/0x118 [ 181.313451] __asan_load1+0x60/0x70 [ 181.314805] kasan_alloca_oob_right+0x114/0x200 [ 181.315867] kunit_try_run_case+0xf8/0x260 [ 181.317259] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.319060] kthread+0x18c/0x1a8 [ 181.319935] ret_from_fork+0x10/0x20 [ 181.321111] [ 181.321566] The buggy address belongs to stack of task kunit_try_catch/188 [ 181.323442] [ 181.324072] The buggy address belongs to the virtual mapping at [ 181.324072] [ffff8000807f0000, ffff8000807f9000) created by: [ 181.324072] kernel_clone+0xf8/0x540 [ 181.327525] [ 181.328139] The buggy address belongs to the physical page: [ 181.329473] page:000000007d50f7e6 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106053 [ 181.331724] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 181.333310] page_type: 0xffffffff() [ 181.334667] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 181.336359] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 181.338017] page dumped because: kasan: bad access detected [ 181.339351] [ 181.340178] Memory state around the buggy address: [ 181.341102] ffff8000807f7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.343073] ffff8000807f7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.344746] >ffff8000807f7c00: ca ca ca ca 00 02 cb cb cb cb cb cb f1 f1 f1 f1 [ 181.346154] ^ [ 181.348066] ffff8000807f7c80: 01 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 [ 181.349907] ffff8000807f7d00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 181.351522] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
[ 181.223793] ================================================================== [ 181.225892] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x108/0x1f0 [ 181.227611] Read of size 1 at addr ffff8000807d7c1f by task kunit_try_catch/186 [ 181.229224] [ 181.229890] CPU: 1 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.231772] Hardware name: linux,dummy-virt (DT) [ 181.232897] Call trace: [ 181.233605] dump_backtrace+0x9c/0x128 [ 181.234707] show_stack+0x20/0x38 [ 181.235697] dump_stack_lvl+0x60/0xb0 [ 181.236887] print_report+0x314/0x5d8 [ 181.238046] kasan_report+0xc8/0x118 [ 181.239179] __asan_load1+0x60/0x70 [ 181.240296] kasan_alloca_oob_left+0x108/0x1f0 [ 181.241528] kunit_try_run_case+0xf8/0x260 [ 181.242769] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.244207] kthread+0x18c/0x1a8 [ 181.245162] ret_from_fork+0x10/0x20 [ 181.246270] [ 181.246848] The buggy address belongs to stack of task kunit_try_catch/186 [ 181.248329] [ 181.248869] The buggy address belongs to the virtual mapping at [ 181.248869] [ffff8000807d0000, ffff8000807d9000) created by: [ 181.248869] kernel_clone+0xf8/0x540 [ 181.251980] [ 181.252531] The buggy address belongs to the physical page: [ 181.253908] page:00000000a8163904 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ec0 [ 181.255844] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 181.257310] page_type: 0xffffffff() [ 181.258386] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 181.260096] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 181.261814] page dumped because: kasan: bad access detected [ 181.263071] [ 181.263566] Memory state around the buggy address: [ 181.264793] ffff8000807d7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.266387] ffff8000807d7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.267902] >ffff8000807d7c00: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 f1 f1 [ 181.269474] ^ [ 181.270531] ffff8000807d7c80: f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 f3 00 00 [ 181.272156] ffff8000807d7d00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 181.273688] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
[ 181.143885] ================================================================== [ 181.147530] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xbc/0x180 [ 181.149749] Read of size 1 at addr ffff8000807b7cfa by task kunit_try_catch/184 [ 181.151691] [ 181.152336] CPU: 1 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.154124] Hardware name: linux,dummy-virt (DT) [ 181.155256] Call trace: [ 181.156005] dump_backtrace+0x9c/0x128 [ 181.157106] show_stack+0x20/0x38 [ 181.158120] dump_stack_lvl+0x60/0xb0 [ 181.159306] print_report+0x314/0x5d8 [ 181.160499] kasan_report+0xc8/0x118 [ 181.161610] __asan_load1+0x60/0x70 [ 181.162752] kasan_stack_oob+0xbc/0x180 [ 181.163801] kunit_try_run_case+0xf8/0x260 [ 181.165025] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.166459] kthread+0x18c/0x1a8 [ 181.167414] ret_from_fork+0x10/0x20 [ 181.168504] [ 181.169185] The buggy address belongs to stack of task kunit_try_catch/184 [ 181.170812] and is located at offset 138 in frame: [ 181.171901] kasan_stack_oob+0x0/0x180 [ 181.173171] [ 181.173757] This frame has 4 objects: [ 181.174843] [48, 49) '__assertion' [ 181.175119] [64, 72) 'array' [ 181.175960] [96, 112) '__assertion' [ 181.176853] [128, 138) 'stack_array' [ 181.177833] [ 181.179090] The buggy address belongs to the virtual mapping at [ 181.179090] [ffff8000807b0000, ffff8000807b9000) created by: [ 181.179090] kernel_clone+0xf8/0x540 [ 181.182186] [ 181.182830] The buggy address belongs to the physical page: [ 181.184157] page:00000000cccba421 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f54 [ 181.186120] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 181.187562] page_type: 0xffffffff() [ 181.188596] raw: 0bfffc0000000000 0000000000000000 dead000000000122 0000000000000000 [ 181.190285] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 181.191855] page dumped because: kasan: bad access detected [ 181.193130] [ 181.193778] Memory state around the buggy address: [ 181.194950] ffff8000807b7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.196498] ffff8000807b7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 [ 181.198121] >ffff8000807b7c80: f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 [ 181.199639] ^ [ 181.201169] ffff8000807b7d00: f3 f3 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 181.202815] ffff8000807b7d80: 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 00 [ 181.204299] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
[ 181.052193] ================================================================== [ 181.054732] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa8/0x168 [ 181.056394] Read of size 1 at addr ffffc906be275d0d by task kunit_try_catch/180 [ 181.058594] [ 181.059126] CPU: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 181.060921] Hardware name: linux,dummy-virt (DT) [ 181.062186] Call trace: [ 181.063083] dump_backtrace+0x9c/0x128 [ 181.064249] show_stack+0x20/0x38 [ 181.065386] dump_stack_lvl+0x60/0xb0 [ 181.066830] print_report+0x314/0x5d8 [ 181.068507] kasan_report+0xc8/0x118 [ 181.069659] __asan_load1+0x60/0x70 [ 181.070859] kasan_global_oob_right+0xa8/0x168 [ 181.072128] kunit_try_run_case+0xf8/0x260 [ 181.073656] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 181.075816] kthread+0x18c/0x1a8 [ 181.076804] ret_from_fork+0x10/0x20 [ 181.078050] [ 181.078761] The buggy address belongs to the variable: [ 181.079931] global_array+0xd/0x40 [ 181.081435] [ 181.082006] The buggy address belongs to the virtual mapping at [ 181.082006] [ffffc906bc970000, ffffc906be301000) created by: [ 181.082006] paging_init+0x26c/0x968 [ 181.086120] [ 181.086629] The buggy address belongs to the physical page: [ 181.088053] page:0000000029e16798 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45675 [ 181.090816] flags: 0x3fffc0000004000(reserved|node=0|zone=0|lastcpupid=0xffff) [ 181.092624] page_type: 0xffffffff() [ 181.093687] raw: 03fffc0000004000 fffffc0000159d48 fffffc0000159d48 0000000000000000 [ 181.095304] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 181.096961] page dumped because: kasan: bad access detected [ 181.098296] [ 181.098759] Memory state around the buggy address: [ 181.100368] ffffc906be275c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.102277] ffffc906be275c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 181.103820] >ffffc906be275d00: 00 02 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 181.106138] ^ [ 181.107142] ffffc906be275d80: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 181.108862] ffffc906be275e00: 04 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 181.110431] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
[ 180.319239] ================================================================== [ 180.321285] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xd8/0x268 [ 180.323132] Read of size 1 at addr ffff0000c5ed50c8 by task kunit_try_catch/174 [ 180.325226] [ 180.325795] CPU: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 180.327644] Hardware name: linux,dummy-virt (DT) [ 180.329207] Call trace: [ 180.329883] dump_backtrace+0x9c/0x128 [ 180.331207] show_stack+0x20/0x38 [ 180.332199] dump_stack_lvl+0x60/0xb0 [ 180.333547] print_report+0xf8/0x5d8 [ 180.334735] kasan_report+0xc8/0x118 [ 180.335869] __asan_load1+0x60/0x70 [ 180.337079] kmem_cache_oob+0xd8/0x268 [ 180.338536] kunit_try_run_case+0xf8/0x260 [ 180.339925] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.341390] kthread+0x18c/0x1a8 [ 180.342559] ret_from_fork+0x10/0x20 [ 180.343468] [ 180.343919] Allocated by task 174: [ 180.344999] kasan_save_stack+0x3c/0x68 [ 180.346547] kasan_set_track+0x2c/0x40 [ 180.347756] kasan_save_alloc_info+0x24/0x38 [ 180.349090] __kasan_slab_alloc+0xa8/0xb0 [ 180.350466] kmem_cache_alloc+0x134/0x330 [ 180.351647] kmem_cache_oob+0xb8/0x268 [ 180.352749] kunit_try_run_case+0xf8/0x260 [ 180.354097] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.355544] kthread+0x18c/0x1a8 [ 180.356480] ret_from_fork+0x10/0x20 [ 180.357600] [ 180.358122] The buggy address belongs to the object at ffff0000c5ed5000 [ 180.358122] which belongs to the cache test_cache of size 200 [ 180.360619] The buggy address is located 0 bytes to the right of [ 180.360619] allocated 200-byte region [ffff0000c5ed5000, ffff0000c5ed50c8) [ 180.364417] [ 180.364916] The buggy address belongs to the physical page: [ 180.366783] page:00000000e3c6efe7 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ed5 [ 180.368791] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 180.370639] page_type: 0xffffffff() [ 180.371697] raw: 0bfffc0000000800 ffff0000c56c0500 dead000000000122 0000000000000000 [ 180.373671] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 180.375298] page dumped because: kasan: bad access detected [ 180.376482] [ 180.377075] Memory state around the buggy address: [ 180.378680] ffff0000c5ed4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.380225] ffff0000c5ed5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 180.381917] >ffff0000c5ed5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 180.383544] ^ [ 180.385424] ffff0000c5ed5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.386743] ffff0000c5ed5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.388802] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
[ 180.148557] ================================================================== [ 180.150460] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x108/0x290 [ 180.152083] Read of size 1 at addr ffff0000c600ca28 by task kunit_try_catch/166 [ 180.153615] [ 180.155051] CPU: 1 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 180.157032] Hardware name: linux,dummy-virt (DT) [ 180.158907] Call trace: [ 180.160158] dump_backtrace+0x9c/0x128 [ 180.161632] show_stack+0x20/0x38 [ 180.162751] dump_stack_lvl+0x60/0xb0 [ 180.163963] print_report+0xf8/0x5d8 [ 180.165143] kasan_report+0xc8/0x118 [ 180.166324] __asan_load1+0x60/0x70 [ 180.167452] kmalloc_uaf2+0x108/0x290 [ 180.168469] kunit_try_run_case+0xf8/0x260 [ 180.169979] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.172123] kthread+0x18c/0x1a8 [ 180.173311] ret_from_fork+0x10/0x20 [ 180.174507] [ 180.175000] Allocated by task 166: [ 180.176257] kasan_save_stack+0x3c/0x68 [ 180.177845] kasan_set_track+0x2c/0x40 [ 180.179051] kasan_save_alloc_info+0x24/0x38 [ 180.180370] __kasan_kmalloc+0xd4/0xd8 [ 180.181497] kmalloc_trace+0x68/0x130 [ 180.182557] kmalloc_uaf2+0xb4/0x290 [ 180.183623] kunit_try_run_case+0xf8/0x260 [ 180.184868] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.186462] kthread+0x18c/0x1a8 [ 180.187232] ret_from_fork+0x10/0x20 [ 180.188117] [ 180.188550] Freed by task 166: [ 180.190640] kasan_save_stack+0x3c/0x68 [ 180.192058] kasan_set_track+0x2c/0x40 [ 180.193520] kasan_save_free_info+0x38/0x60 [ 180.194660] __kasan_slab_free+0x100/0x170 [ 180.195920] __kmem_cache_free+0x170/0x2e0 [ 180.197190] kfree+0x74/0x138 [ 180.198117] kmalloc_uaf2+0xc8/0x290 [ 180.199241] kunit_try_run_case+0xf8/0x260 [ 180.200369] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.201982] kthread+0x18c/0x1a8 [ 180.203191] ret_from_fork+0x10/0x20 [ 180.204075] [ 180.204492] The buggy address belongs to the object at ffff0000c600ca00 [ 180.204492] which belongs to the cache kmalloc-64 of size 64 [ 180.207791] The buggy address is located 40 bytes inside of [ 180.207791] freed 64-byte region [ffff0000c600ca00, ffff0000c600ca40) [ 180.210934] [ 180.211619] The buggy address belongs to the physical page: [ 180.212915] page:000000007a3032c1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10600c [ 180.215488] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 180.217147] page_type: 0xffffffff() [ 180.219028] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 180.220733] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 180.222601] page dumped because: kasan: bad access detected [ 180.223887] [ 180.224446] Memory state around the buggy address: [ 180.226118] ffff0000c600c900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.228927] ffff0000c600c980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.230887] >ffff0000c600ca00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.232156] ^ [ 180.234005] ffff0000c600ca80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 180.235260] ffff0000c600cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.238437] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
[ 177.598467] ================================================================== [ 177.600812] BUG: KASAN: invalid-free in kfree+0x12c/0x138 [ 177.602089] Free of addr ffff0000c6020001 by task kunit_try_catch/126 [ 177.603967] [ 177.604709] CPU: 0 PID: 126 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.607730] Hardware name: linux,dummy-virt (DT) [ 177.609047] Call trace: [ 177.610722] dump_backtrace+0x9c/0x128 [ 177.611726] show_stack+0x20/0x38 [ 177.612661] dump_stack_lvl+0x60/0xb0 [ 177.613932] print_report+0xf8/0x5d8 [ 177.615136] kasan_report_invalid_free+0xb0/0xd8 [ 177.616473] __kasan_kfree_large+0x54/0xa0 [ 177.617756] free_large_kmalloc+0x5c/0x100 [ 177.619212] kfree+0x12c/0x138 [ 177.620101] kmalloc_pagealloc_invalid_free+0xa8/0x1a8 [ 177.622080] kunit_try_run_case+0xf8/0x260 [ 177.623318] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.624784] kthread+0x18c/0x1a8 [ 177.625771] ret_from_fork+0x10/0x20 [ 177.627051] [ 177.627732] The buggy address belongs to the physical page: [ 177.629124] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 177.631164] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.633114] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 177.634723] page_type: 0xffffffff() [ 177.635773] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 177.637619] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 177.639866] page dumped because: kasan: bad access detected [ 177.641671] [ 177.642180] Memory state around the buggy address: [ 177.643306] ffff0000c601ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.644898] ffff0000c601ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.646601] >ffff0000c6020000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.648339] ^ [ 177.649412] ffff0000c6020080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.650986] ffff0000c6020100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.652530] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
[ 180.037918] ================================================================== [ 180.040167] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0xd0/0x1d8 [ 180.042028] Write of size 33 at addr ffff0000c600c980 by task kunit_try_catch/164 [ 180.043416] [ 180.043934] CPU: 1 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 180.045848] Hardware name: linux,dummy-virt (DT) [ 180.047114] Call trace: [ 180.047870] dump_backtrace+0x9c/0x128 [ 180.048773] show_stack+0x20/0x38 [ 180.050083] dump_stack_lvl+0x60/0xb0 [ 180.051532] print_report+0xf8/0x5d8 [ 180.052755] kasan_report+0xc8/0x118 [ 180.054197] kasan_check_range+0xe8/0x190 [ 180.055843] __asan_memset+0x34/0x78 [ 180.057209] kmalloc_uaf_memset+0xd0/0x1d8 [ 180.058791] kunit_try_run_case+0xf8/0x260 [ 180.060016] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.061556] kthread+0x18c/0x1a8 [ 180.062529] ret_from_fork+0x10/0x20 [ 180.063890] [ 180.064341] Allocated by task 164: [ 180.065449] kasan_save_stack+0x3c/0x68 [ 180.066561] kasan_set_track+0x2c/0x40 [ 180.067982] kasan_save_alloc_info+0x24/0x38 [ 180.069310] __kasan_kmalloc+0xd4/0xd8 [ 180.070701] kmalloc_trace+0x68/0x130 [ 180.071954] kmalloc_uaf_memset+0x9c/0x1d8 [ 180.073447] kunit_try_run_case+0xf8/0x260 [ 180.075008] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.076423] kthread+0x18c/0x1a8 [ 180.077592] ret_from_fork+0x10/0x20 [ 180.078682] [ 180.079109] Freed by task 164: [ 180.079824] kasan_save_stack+0x3c/0x68 [ 180.081677] kasan_set_track+0x2c/0x40 [ 180.083014] kasan_save_free_info+0x38/0x60 [ 180.084282] __kasan_slab_free+0x100/0x170 [ 180.085461] __kmem_cache_free+0x170/0x2e0 [ 180.086650] kfree+0x74/0x138 [ 180.087401] kmalloc_uaf_memset+0xb8/0x1d8 [ 180.088777] kunit_try_run_case+0xf8/0x260 [ 180.090180] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 180.091851] kthread+0x18c/0x1a8 [ 180.093391] ret_from_fork+0x10/0x20 [ 180.094370] [ 180.094824] The buggy address belongs to the object at ffff0000c600c980 [ 180.094824] which belongs to the cache kmalloc-64 of size 64 [ 180.098106] The buggy address is located 0 bytes inside of [ 180.098106] freed 64-byte region [ffff0000c600c980, ffff0000c600c9c0) [ 180.100896] [ 180.102893] The buggy address belongs to the physical page: [ 180.104245] page:000000007a3032c1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10600c [ 180.106347] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 180.108010] page_type: 0xffffffff() [ 180.109090] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 180.111144] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 180.113307] page dumped because: kasan: bad access detected [ 180.114483] [ 180.115203] Memory state around the buggy address: [ 180.116365] ffff0000c600c880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.118058] ffff0000c600c900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.119655] >ffff0000c600c980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 180.121204] ^ [ 180.122099] ffff0000c600ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.123748] ffff0000c600ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.125563] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
[ 179.930421] ================================================================== [ 179.932869] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0xc8/0x1d0 [ 179.934791] Read of size 1 at addr ffff0000c5e9f5a8 by task kunit_try_catch/162 [ 179.936548] [ 179.937740] CPU: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.939692] Hardware name: linux,dummy-virt (DT) [ 179.940811] Call trace: [ 179.941504] dump_backtrace+0x9c/0x128 [ 179.942928] show_stack+0x20/0x38 [ 179.943925] dump_stack_lvl+0x60/0xb0 [ 179.945457] print_report+0xf8/0x5d8 [ 179.946667] kasan_report+0xc8/0x118 [ 179.947808] __asan_load1+0x60/0x70 [ 179.949278] kmalloc_uaf+0xc8/0x1d0 [ 179.950425] kunit_try_run_case+0xf8/0x260 [ 179.951649] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.953254] kthread+0x18c/0x1a8 [ 179.954148] ret_from_fork+0x10/0x20 [ 179.955823] [ 179.956665] Allocated by task 162: [ 179.957544] kasan_save_stack+0x3c/0x68 [ 179.958972] kasan_set_track+0x2c/0x40 [ 179.960081] kasan_save_alloc_info+0x24/0x38 [ 179.961551] __kasan_kmalloc+0xd4/0xd8 [ 179.962771] kmalloc_trace+0x68/0x130 [ 179.963737] kmalloc_uaf+0x9c/0x1d0 [ 179.964792] kunit_try_run_case+0xf8/0x260 [ 179.966238] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.967844] kthread+0x18c/0x1a8 [ 179.968922] ret_from_fork+0x10/0x20 [ 179.970430] [ 179.971008] Freed by task 162: [ 179.971845] kasan_save_stack+0x3c/0x68 [ 179.973271] kasan_set_track+0x2c/0x40 [ 179.974700] kasan_save_free_info+0x38/0x60 [ 179.976100] __kasan_slab_free+0x100/0x170 [ 179.977922] __kmem_cache_free+0x170/0x2e0 [ 179.979179] kfree+0x74/0x138 [ 179.980185] kmalloc_uaf+0xb8/0x1d0 [ 179.981313] kunit_try_run_case+0xf8/0x260 [ 179.982463] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.984100] kthread+0x18c/0x1a8 [ 179.985071] ret_from_fork+0x10/0x20 [ 179.986433] [ 179.986844] The buggy address belongs to the object at ffff0000c5e9f5a0 [ 179.986844] which belongs to the cache kmalloc-16 of size 16 [ 179.989946] The buggy address is located 8 bytes inside of [ 179.989946] freed 16-byte region [ffff0000c5e9f5a0, ffff0000c5e9f5b0) [ 179.992429] [ 179.992983] The buggy address belongs to the physical page: [ 179.994428] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 179.996831] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.998771] page_type: 0xffffffff() [ 179.999925] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 180.002122] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 180.003656] page dumped because: kasan: bad access detected [ 180.005320] [ 180.005772] Memory state around the buggy address: [ 180.007121] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 180.008694] ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 180.010901] >ffff0000c5e9f580: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 180.012504] ^ [ 180.013856] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.015646] ffff0000c5e9f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 180.017947] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
[ 179.838851] ================================================================== [ 179.840859] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xe0/0x1f8 [ 179.842494] Read of size 64 at addr ffff0000c600c884 by task kunit_try_catch/160 [ 179.844329] [ 179.844970] CPU: 1 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.847447] Hardware name: linux,dummy-virt (DT) [ 179.848333] Call trace: [ 179.849217] dump_backtrace+0x9c/0x128 [ 179.851062] show_stack+0x20/0x38 [ 179.852161] dump_stack_lvl+0x60/0xb0 [ 179.853603] print_report+0xf8/0x5d8 [ 179.854787] kasan_report+0xc8/0x118 [ 179.855907] kasan_check_range+0xe8/0x190 [ 179.857128] __asan_memmove+0x3c/0x98 [ 179.858511] kmalloc_memmove_invalid_size+0xe0/0x1f8 [ 179.859810] kunit_try_run_case+0xf8/0x260 [ 179.861069] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.862616] kthread+0x18c/0x1a8 [ 179.863418] ret_from_fork+0x10/0x20 [ 179.864688] [ 179.865461] Allocated by task 160: [ 179.866475] kasan_save_stack+0x3c/0x68 [ 179.867488] kasan_set_track+0x2c/0x40 [ 179.869797] kasan_save_alloc_info+0x24/0x38 [ 179.871031] __kasan_kmalloc+0xd4/0xd8 [ 179.872091] kmalloc_trace+0x68/0x130 [ 179.873431] kmalloc_memmove_invalid_size+0xa0/0x1f8 [ 179.874651] kunit_try_run_case+0xf8/0x260 [ 179.875843] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.877358] kthread+0x18c/0x1a8 [ 179.878704] ret_from_fork+0x10/0x20 [ 179.879800] [ 179.880339] The buggy address belongs to the object at ffff0000c600c880 [ 179.880339] which belongs to the cache kmalloc-64 of size 64 [ 179.882796] The buggy address is located 4 bytes inside of [ 179.882796] allocated 64-byte region [ffff0000c600c880, ffff0000c600c8c0) [ 179.885656] [ 179.886377] The buggy address belongs to the physical page: [ 179.887709] page:000000007a3032c1 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10600c [ 179.889728] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.891404] page_type: 0xffffffff() [ 179.892463] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 179.894622] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 179.896208] page dumped because: kasan: bad access detected [ 179.897448] [ 179.898023] Memory state around the buggy address: [ 179.899442] ffff0000c600c780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 179.900883] ffff0000c600c800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 179.902657] >ffff0000c600c880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 179.904220] ^ [ 179.906242] ffff0000c600c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.907492] ffff0000c600c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.909925] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
[ 179.744701] ================================================================== [ 179.747531] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xe0/0x1f0 [ 179.749269] Read of size 18446744073709551614 at addr ffff0000c5f70e04 by task kunit_try_catch/158 [ 179.751354] [ 179.752061] CPU: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.754095] Hardware name: linux,dummy-virt (DT) [ 179.755345] Call trace: [ 179.756068] dump_backtrace+0x9c/0x128 [ 179.757381] show_stack+0x20/0x38 [ 179.758517] dump_stack_lvl+0x60/0xb0 [ 179.759879] print_report+0xf8/0x5d8 [ 179.760859] kasan_report+0xc8/0x118 [ 179.762489] kasan_check_range+0xe8/0x190 [ 179.764334] __asan_memmove+0x3c/0x98 [ 179.765551] kmalloc_memmove_negative_size+0xe0/0x1f0 [ 179.767201] kunit_try_run_case+0xf8/0x260 [ 179.768455] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.769895] kthread+0x18c/0x1a8 [ 179.770934] ret_from_fork+0x10/0x20 [ 179.772076] [ 179.772635] Allocated by task 158: [ 179.773844] kasan_save_stack+0x3c/0x68 [ 179.775092] kasan_set_track+0x2c/0x40 [ 179.776315] kasan_save_alloc_info+0x24/0x38 [ 179.777680] __kasan_kmalloc+0xd4/0xd8 [ 179.778404] kmalloc_trace+0x68/0x130 [ 179.779034] kmalloc_memmove_negative_size+0xa0/0x1f0 [ 179.780658] kunit_try_run_case+0xf8/0x260 [ 179.782274] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.784207] kthread+0x18c/0x1a8 [ 179.785471] ret_from_fork+0x10/0x20 [ 179.786978] [ 179.787437] The buggy address belongs to the object at ffff0000c5f70e00 [ 179.787437] which belongs to the cache kmalloc-64 of size 64 [ 179.790520] The buggy address is located 4 bytes inside of [ 179.790520] 64-byte region [ffff0000c5f70e00, ffff0000c5f70e40) [ 179.792782] [ 179.793364] The buggy address belongs to the physical page: [ 179.795261] page:00000000a682f890 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f70 [ 179.797392] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.799054] page_type: 0xffffffff() [ 179.800110] raw: 0bfffc0000000800 ffff0000c0001640 dead000000000122 0000000000000000 [ 179.801771] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 179.803466] page dumped because: kasan: bad access detected [ 179.804451] [ 179.804960] Memory state around the buggy address: [ 179.806202] ffff0000c5f70d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 179.807993] ffff0000c5f70d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 179.810137] >ffff0000c5f70e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 179.811663] ^ [ 179.812523] ffff0000c5f70e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.814415] ffff0000c5f70f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.816219] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
[ 179.646859] ================================================================== [ 179.649030] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xd8/0x1e8 [ 179.650832] Write of size 16 at addr ffff0000c6001a69 by task kunit_try_catch/156 [ 179.652669] [ 179.654631] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.656315] Hardware name: linux,dummy-virt (DT) [ 179.657846] Call trace: [ 179.658392] dump_backtrace+0x9c/0x128 [ 179.659563] show_stack+0x20/0x38 [ 179.660725] dump_stack_lvl+0x60/0xb0 [ 179.662130] print_report+0xf8/0x5d8 [ 179.663099] kasan_report+0xc8/0x118 [ 179.664649] kasan_check_range+0xe8/0x190 [ 179.666249] __asan_memset+0x34/0x78 [ 179.667589] kmalloc_oob_memset_16+0xd8/0x1e8 [ 179.669063] kunit_try_run_case+0xf8/0x260 [ 179.670512] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.672586] kthread+0x18c/0x1a8 [ 179.674013] ret_from_fork+0x10/0x20 [ 179.675160] [ 179.675728] Allocated by task 156: [ 179.676639] kasan_save_stack+0x3c/0x68 [ 179.678128] kasan_set_track+0x2c/0x40 [ 179.679413] kasan_save_alloc_info+0x24/0x38 [ 179.681132] __kasan_kmalloc+0xd4/0xd8 [ 179.682337] kmalloc_trace+0x68/0x130 [ 179.683423] kmalloc_oob_memset_16+0xa0/0x1e8 [ 179.684629] kunit_try_run_case+0xf8/0x260 [ 179.686976] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.688559] kthread+0x18c/0x1a8 [ 179.689512] ret_from_fork+0x10/0x20 [ 179.690924] [ 179.691644] The buggy address belongs to the object at ffff0000c6001a00 [ 179.691644] which belongs to the cache kmalloc-128 of size 128 [ 179.694026] The buggy address is located 105 bytes inside of [ 179.694026] allocated 120-byte region [ffff0000c6001a00, ffff0000c6001a78) [ 179.696491] [ 179.697549] The buggy address belongs to the physical page: [ 179.699515] page:00000000bb72779c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106001 [ 179.701503] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.703320] page_type: 0xffffffff() [ 179.704529] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 179.706610] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.708329] page dumped because: kasan: bad access detected [ 179.710259] [ 179.710903] Memory state around the buggy address: [ 179.712396] ffff0000c6001900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 179.714106] ffff0000c6001980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.715480] >ffff0000c6001a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 179.717333] ^ [ 179.719304] ffff0000c6001a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.721038] ffff0000c6001b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.723705] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
[ 179.556118] ================================================================== [ 179.558335] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xd8/0x1e8 [ 179.560321] Write of size 8 at addr ffff0000c6017d71 by task kunit_try_catch/154 [ 179.562378] [ 179.562875] CPU: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.564626] Hardware name: linux,dummy-virt (DT) [ 179.565756] Call trace: [ 179.566490] dump_backtrace+0x9c/0x128 [ 179.567597] show_stack+0x20/0x38 [ 179.568608] dump_stack_lvl+0x60/0xb0 [ 179.569991] print_report+0xf8/0x5d8 [ 179.571417] kasan_report+0xc8/0x118 [ 179.573094] kasan_check_range+0xe8/0x190 [ 179.574039] __asan_memset+0x34/0x78 [ 179.575121] kmalloc_oob_memset_8+0xd8/0x1e8 [ 179.576324] kunit_try_run_case+0xf8/0x260 [ 179.577779] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.579055] kthread+0x18c/0x1a8 [ 179.580565] ret_from_fork+0x10/0x20 [ 179.581691] [ 179.582168] Allocated by task 154: [ 179.583069] kasan_save_stack+0x3c/0x68 [ 179.584241] kasan_set_track+0x2c/0x40 [ 179.585466] kasan_save_alloc_info+0x24/0x38 [ 179.587685] __kasan_kmalloc+0xd4/0xd8 [ 179.588772] kmalloc_trace+0x68/0x130 [ 179.589802] kmalloc_oob_memset_8+0xa0/0x1e8 [ 179.590999] kunit_try_run_case+0xf8/0x260 [ 179.592263] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.593587] kthread+0x18c/0x1a8 [ 179.594689] ret_from_fork+0x10/0x20 [ 179.595893] [ 179.596762] The buggy address belongs to the object at ffff0000c6017d00 [ 179.596762] which belongs to the cache kmalloc-128 of size 128 [ 179.599213] The buggy address is located 113 bytes inside of [ 179.599213] allocated 120-byte region [ffff0000c6017d00, ffff0000c6017d78) [ 179.602193] [ 179.602663] The buggy address belongs to the physical page: [ 179.603566] page:00000000d97f6f57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106017 [ 179.606007] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.607677] page_type: 0xffffffff() [ 179.608751] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 179.610482] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.613180] page dumped because: kasan: bad access detected [ 179.614442] [ 179.614979] Memory state around the buggy address: [ 179.616176] ffff0000c6017c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 179.617924] ffff0000c6017c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.619890] >ffff0000c6017d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 179.621194] ^ [ 179.622799] ffff0000c6017d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.624345] ffff0000c6017e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.625941] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
[ 179.462060] ================================================================== [ 179.464012] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xd8/0x1e8 [ 179.466055] Write of size 4 at addr ffff0000c6017b75 by task kunit_try_catch/152 [ 179.467796] [ 179.468359] CPU: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.470201] Hardware name: linux,dummy-virt (DT) [ 179.471303] Call trace: [ 179.472441] dump_backtrace+0x9c/0x128 [ 179.473545] show_stack+0x20/0x38 [ 179.474603] dump_stack_lvl+0x60/0xb0 [ 179.476147] print_report+0xf8/0x5d8 [ 179.477433] kasan_report+0xc8/0x118 [ 179.478562] kasan_check_range+0xe8/0x190 [ 179.479838] __asan_memset+0x34/0x78 [ 179.481351] kmalloc_oob_memset_4+0xd8/0x1e8 [ 179.482416] kunit_try_run_case+0xf8/0x260 [ 179.483704] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.485436] kthread+0x18c/0x1a8 [ 179.486514] ret_from_fork+0x10/0x20 [ 179.487510] [ 179.488034] Allocated by task 152: [ 179.489102] kasan_save_stack+0x3c/0x68 [ 179.490418] kasan_set_track+0x2c/0x40 [ 179.491641] kasan_save_alloc_info+0x24/0x38 [ 179.493252] __kasan_kmalloc+0xd4/0xd8 [ 179.494468] kmalloc_trace+0x68/0x130 [ 179.495429] kmalloc_oob_memset_4+0xa0/0x1e8 [ 179.496681] kunit_try_run_case+0xf8/0x260 [ 179.498014] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.499319] kthread+0x18c/0x1a8 [ 179.500284] ret_from_fork+0x10/0x20 [ 179.501706] [ 179.502244] The buggy address belongs to the object at ffff0000c6017b00 [ 179.502244] which belongs to the cache kmalloc-128 of size 128 [ 179.504547] The buggy address is located 117 bytes inside of [ 179.504547] allocated 120-byte region [ffff0000c6017b00, ffff0000c6017b78) [ 179.507229] [ 179.507922] The buggy address belongs to the physical page: [ 179.509464] page:00000000d97f6f57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106017 [ 179.511514] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.513173] page_type: 0xffffffff() [ 179.514249] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 179.516501] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.518236] page dumped because: kasan: bad access detected [ 179.519447] [ 179.520081] Memory state around the buggy address: [ 179.521302] ffff0000c6017a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 179.523082] ffff0000c6017a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.525122] >ffff0000c6017b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 179.526817] ^ [ 179.528895] ffff0000c6017b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.531008] ffff0000c6017c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.532561] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
[ 179.365899] ================================================================== [ 179.368237] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xd8/0x1f0 [ 179.370186] Write of size 2 at addr ffff0000c6001677 by task kunit_try_catch/150 [ 179.373402] [ 179.374108] CPU: 1 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.376344] Hardware name: linux,dummy-virt (DT) [ 179.377531] Call trace: [ 179.378594] dump_backtrace+0x9c/0x128 [ 179.379700] show_stack+0x20/0x38 [ 179.380702] dump_stack_lvl+0x60/0xb0 [ 179.382167] print_report+0xf8/0x5d8 [ 179.383305] kasan_report+0xc8/0x118 [ 179.384433] kasan_check_range+0xe8/0x190 [ 179.385840] __asan_memset+0x34/0x78 [ 179.386873] kmalloc_oob_memset_2+0xd8/0x1f0 [ 179.388063] kunit_try_run_case+0xf8/0x260 [ 179.389630] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.392201] kthread+0x18c/0x1a8 [ 179.393779] ret_from_fork+0x10/0x20 [ 179.394957] [ 179.395484] Allocated by task 150: [ 179.396375] kasan_save_stack+0x3c/0x68 [ 179.397894] kasan_set_track+0x2c/0x40 [ 179.399144] kasan_save_alloc_info+0x24/0x38 [ 179.400427] __kasan_kmalloc+0xd4/0xd8 [ 179.401617] kmalloc_trace+0x68/0x130 [ 179.403004] kmalloc_oob_memset_2+0xa0/0x1f0 [ 179.404298] kunit_try_run_case+0xf8/0x260 [ 179.405797] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.407253] kthread+0x18c/0x1a8 [ 179.408220] ret_from_fork+0x10/0x20 [ 179.409641] [ 179.410114] The buggy address belongs to the object at ffff0000c6001600 [ 179.410114] which belongs to the cache kmalloc-128 of size 128 [ 179.413881] The buggy address is located 119 bytes inside of [ 179.413881] allocated 120-byte region [ffff0000c6001600, ffff0000c6001678) [ 179.416273] [ 179.416915] The buggy address belongs to the physical page: [ 179.418311] page:00000000bb72779c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106001 [ 179.420190] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.421758] page_type: 0xffffffff() [ 179.423118] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 179.424764] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.426652] page dumped because: kasan: bad access detected [ 179.427915] [ 179.428418] Memory state around the buggy address: [ 179.430283] ffff0000c6001500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 179.431543] ffff0000c6001580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.433677] >ffff0000c6001600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 179.434938] ^ [ 179.436550] ffff0000c6001680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.438433] ffff0000c6001700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.439951] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
[ 179.268735] ================================================================== [ 179.271206] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xd4/0x1e8 [ 179.273107] Write of size 128 at addr ffff0000c6017900 by task kunit_try_catch/148 [ 179.274691] [ 179.275431] CPU: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.277391] Hardware name: linux,dummy-virt (DT) [ 179.279236] Call trace: [ 179.280024] dump_backtrace+0x9c/0x128 [ 179.281430] show_stack+0x20/0x38 [ 179.282693] dump_stack_lvl+0x60/0xb0 [ 179.283878] print_report+0xf8/0x5d8 [ 179.285055] kasan_report+0xc8/0x118 [ 179.286449] kasan_check_range+0xe8/0x190 [ 179.287937] __asan_memset+0x34/0x78 [ 179.288780] kmalloc_oob_in_memset+0xd4/0x1e8 [ 179.290717] kunit_try_run_case+0xf8/0x260 [ 179.291815] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.293442] kthread+0x18c/0x1a8 [ 179.294246] ret_from_fork+0x10/0x20 [ 179.295498] [ 179.296117] Allocated by task 148: [ 179.297368] kasan_save_stack+0x3c/0x68 [ 179.299133] kasan_set_track+0x2c/0x40 [ 179.300446] kasan_save_alloc_info+0x24/0x38 [ 179.302001] __kasan_kmalloc+0xd4/0xd8 [ 179.303439] kmalloc_trace+0x68/0x130 [ 179.304858] kmalloc_oob_in_memset+0xa0/0x1e8 [ 179.306450] kunit_try_run_case+0xf8/0x260 [ 179.307833] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.309433] kthread+0x18c/0x1a8 [ 179.310271] ret_from_fork+0x10/0x20 [ 179.311888] [ 179.312423] The buggy address belongs to the object at ffff0000c6017900 [ 179.312423] which belongs to the cache kmalloc-128 of size 128 [ 179.315427] The buggy address is located 0 bytes inside of [ 179.315427] allocated 120-byte region [ffff0000c6017900, ffff0000c6017978) [ 179.317961] [ 179.318437] The buggy address belongs to the physical page: [ 179.320261] page:00000000d97f6f57 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106017 [ 179.323086] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.324733] page_type: 0xffffffff() [ 179.325905] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 179.327561] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.329419] page dumped because: kasan: bad access detected [ 179.330913] [ 179.331607] Memory state around the buggy address: [ 179.333460] ffff0000c6017800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 179.335427] ffff0000c6017880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.337102] >ffff0000c6017900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 179.339025] ^ [ 179.340603] ffff0000c6017980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.342282] ffff0000c6017a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.344076] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
[ 179.161841] ================================================================== [ 179.164127] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x100/0x258 [ 179.165646] Read of size 16 at addr ffff0000c0b71d20 by task kunit_try_catch/146 [ 179.167143] [ 179.167971] CPU: 1 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.170333] Hardware name: linux,dummy-virt (DT) [ 179.171593] Call trace: [ 179.172360] dump_backtrace+0x9c/0x128 [ 179.173612] show_stack+0x20/0x38 [ 179.175187] dump_stack_lvl+0x60/0xb0 [ 179.176370] print_report+0xf8/0x5d8 [ 179.177633] kasan_report+0xc8/0x118 [ 179.178776] __asan_load16+0xa4/0xa8 [ 179.179896] kmalloc_uaf_16+0x100/0x258 [ 179.180969] kunit_try_run_case+0xf8/0x260 [ 179.182708] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.183554] kthread+0x18c/0x1a8 [ 179.184717] ret_from_fork+0x10/0x20 [ 179.186029] [ 179.186875] Allocated by task 146: [ 179.188183] kasan_save_stack+0x3c/0x68 [ 179.189930] kasan_set_track+0x2c/0x40 [ 179.191228] kasan_save_alloc_info+0x24/0x38 [ 179.192550] __kasan_kmalloc+0xd4/0xd8 [ 179.193838] kmalloc_trace+0x68/0x130 [ 179.195001] kmalloc_uaf_16+0xcc/0x258 [ 179.196127] kunit_try_run_case+0xf8/0x260 [ 179.197435] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.198827] kthread+0x18c/0x1a8 [ 179.199766] ret_from_fork+0x10/0x20 [ 179.200835] [ 179.201687] Freed by task 146: [ 179.202455] kasan_save_stack+0x3c/0x68 [ 179.203676] kasan_set_track+0x2c/0x40 [ 179.204803] kasan_save_free_info+0x38/0x60 [ 179.206080] __kasan_slab_free+0x100/0x170 [ 179.207093] __kmem_cache_free+0x170/0x2e0 [ 179.209936] kfree+0x74/0x138 [ 179.211043] kmalloc_uaf_16+0xe8/0x258 [ 179.212159] kunit_try_run_case+0xf8/0x260 [ 179.213665] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.214802] kthread+0x18c/0x1a8 [ 179.215775] ret_from_fork+0x10/0x20 [ 179.216862] [ 179.217821] The buggy address belongs to the object at ffff0000c0b71d20 [ 179.217821] which belongs to the cache kmalloc-16 of size 16 [ 179.220741] The buggy address is located 0 bytes inside of [ 179.220741] freed 16-byte region [ffff0000c0b71d20, ffff0000c0b71d30) [ 179.223519] [ 179.224122] The buggy address belongs to the physical page: [ 179.225934] page:00000000617c99bc refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b71 [ 179.227530] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.229446] page_type: 0xffffffff() [ 179.230662] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 179.232372] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 179.234331] page dumped because: kasan: bad access detected [ 179.235624] [ 179.236104] Memory state around the buggy address: [ 179.237742] ffff0000c0b71c00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 179.239305] ffff0000c0b71c80: 00 04 fc fc 00 00 fc fc 00 03 fc fc 00 05 fc fc [ 179.241103] >ffff0000c0b71d00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 179.242754] ^ [ 179.243820] ffff0000c0b71d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.245706] ffff0000c0b71e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.247987] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
[ 179.071305] ================================================================== [ 179.073864] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf8/0x268 [ 179.075633] Write of size 16 at addr ffff0000c5e9f560 by task kunit_try_catch/144 [ 179.077861] [ 179.078543] CPU: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 179.080370] Hardware name: linux,dummy-virt (DT) [ 179.081606] Call trace: [ 179.082257] dump_backtrace+0x9c/0x128 [ 179.083314] show_stack+0x20/0x38 [ 179.084278] dump_stack_lvl+0x60/0xb0 [ 179.085621] print_report+0xf8/0x5d8 [ 179.086711] kasan_report+0xc8/0x118 [ 179.087839] __asan_store16+0xa4/0xa8 [ 179.089169] kmalloc_oob_16+0xf8/0x268 [ 179.090325] kunit_try_run_case+0xf8/0x260 [ 179.091491] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.093008] kthread+0x18c/0x1a8 [ 179.094319] ret_from_fork+0x10/0x20 [ 179.095429] [ 179.095909] Allocated by task 144: [ 179.096729] kasan_save_stack+0x3c/0x68 [ 179.098332] kasan_set_track+0x2c/0x40 [ 179.099549] kasan_save_alloc_info+0x24/0x38 [ 179.101293] __kasan_kmalloc+0xd4/0xd8 [ 179.102464] kmalloc_trace+0x68/0x130 [ 179.103477] kmalloc_oob_16+0xa4/0x268 [ 179.104546] kunit_try_run_case+0xf8/0x260 [ 179.105883] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.107550] kthread+0x18c/0x1a8 [ 179.108559] ret_from_fork+0x10/0x20 [ 179.109967] [ 179.110608] The buggy address belongs to the object at ffff0000c5e9f560 [ 179.110608] which belongs to the cache kmalloc-16 of size 16 [ 179.113010] The buggy address is located 0 bytes inside of [ 179.113010] allocated 13-byte region [ffff0000c5e9f560, ffff0000c5e9f56d) [ 179.116184] [ 179.116740] The buggy address belongs to the physical page: [ 179.118082] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 179.120141] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 179.122024] page_type: 0xffffffff() [ 179.123080] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 179.124887] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 179.126553] page dumped because: kasan: bad access detected [ 179.127867] [ 179.128451] Memory state around the buggy address: [ 179.130022] ffff0000c5e9f400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 179.131678] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 179.133347] >ffff0000c5e9f500: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 179.135308] ^ [ 179.136800] ffff0000c5e9f580: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.139066] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.140517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
[ 178.961704] ================================================================== [ 178.963489] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x10c/0x2c0 [ 178.964836] Read of size 1 at addr ffff0000c0b82600 by task kunit_try_catch/142 [ 178.967420] [ 178.968197] CPU: 1 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.971017] Hardware name: linux,dummy-virt (DT) [ 178.972704] Call trace: [ 178.973388] dump_backtrace+0x9c/0x128 [ 178.975111] show_stack+0x20/0x38 [ 178.976363] dump_stack_lvl+0x60/0xb0 [ 178.977774] print_report+0xf8/0x5d8 [ 178.979022] kasan_report+0xc8/0x118 [ 178.980373] __asan_load1+0x60/0x70 [ 178.982018] krealloc_uaf+0x10c/0x2c0 [ 178.982828] kunit_try_run_case+0xf8/0x260 [ 178.983979] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.986335] kthread+0x18c/0x1a8 [ 178.987808] ret_from_fork+0x10/0x20 [ 178.988930] [ 178.989478] Allocated by task 142: [ 178.990392] kasan_save_stack+0x3c/0x68 [ 178.991533] kasan_set_track+0x2c/0x40 [ 178.992654] kasan_save_alloc_info+0x24/0x38 [ 178.994054] __kasan_kmalloc+0xd4/0xd8 [ 178.995255] kmalloc_trace+0x68/0x130 [ 178.996143] krealloc_uaf+0xb0/0x2c0 [ 178.997027] kunit_try_run_case+0xf8/0x260 [ 178.998592] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.000109] kthread+0x18c/0x1a8 [ 179.001462] ret_from_fork+0x10/0x20 [ 179.002499] [ 179.003085] Freed by task 142: [ 179.004445] kasan_save_stack+0x3c/0x68 [ 179.005550] kasan_set_track+0x2c/0x40 [ 179.006704] kasan_save_free_info+0x38/0x60 [ 179.007964] __kasan_slab_free+0x100/0x170 [ 179.009240] __kmem_cache_free+0x170/0x2e0 [ 179.010447] kfree+0x74/0x138 [ 179.011508] krealloc_uaf+0xcc/0x2c0 [ 179.012392] kunit_try_run_case+0xf8/0x260 [ 179.013957] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 179.015486] kthread+0x18c/0x1a8 [ 179.016425] ret_from_fork+0x10/0x20 [ 179.017564] [ 179.018155] The buggy address belongs to the object at ffff0000c0b82600 [ 179.018155] which belongs to the cache kmalloc-256 of size 256 [ 179.021037] The buggy address is located 0 bytes inside of [ 179.021037] freed 256-byte region [ffff0000c0b82600, ffff0000c0b82700) [ 179.023847] [ 179.024383] The buggy address belongs to the physical page: [ 179.025425] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 179.027453] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 179.029545] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 179.031590] page_type: 0xffffffff() [ 179.032682] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 179.034334] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 179.035894] page dumped because: kasan: bad access detected [ 179.037259] [ 179.038189] Memory state around the buggy address: [ 179.039907] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.041133] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.043166] >ffff0000c0b82600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 179.044954] ^ [ 179.046000] ffff0000c0b82680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 179.048425] ffff0000c0b82700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 179.049941] ================================================================== [ 178.869815] ================================================================== [ 178.872139] BUG: KASAN: slab-use-after-free in krealloc_uaf+0xe4/0x2c0 [ 178.874404] Read of size 1 at addr ffff0000c0b82600 by task kunit_try_catch/142 [ 178.876148] [ 178.876707] CPU: 1 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.878534] Hardware name: linux,dummy-virt (DT) [ 178.879701] Call trace: [ 178.880333] dump_backtrace+0x9c/0x128 [ 178.881457] show_stack+0x20/0x38 [ 178.882731] dump_stack_lvl+0x60/0xb0 [ 178.883918] print_report+0xf8/0x5d8 [ 178.885118] kasan_report+0xc8/0x118 [ 178.886778] __kasan_check_byte+0x54/0x70 [ 178.887999] krealloc+0x48/0x1a0 [ 178.889153] krealloc_uaf+0xe4/0x2c0 [ 178.890396] kunit_try_run_case+0xf8/0x260 [ 178.891605] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.893681] kthread+0x18c/0x1a8 [ 178.894621] ret_from_fork+0x10/0x20 [ 178.895706] [ 178.896225] Allocated by task 142: [ 178.897533] kasan_save_stack+0x3c/0x68 [ 178.898652] kasan_set_track+0x2c/0x40 [ 178.899816] kasan_save_alloc_info+0x24/0x38 [ 178.901148] __kasan_kmalloc+0xd4/0xd8 [ 178.902317] kmalloc_trace+0x68/0x130 [ 178.903373] krealloc_uaf+0xb0/0x2c0 [ 178.904434] kunit_try_run_case+0xf8/0x260 [ 178.905833] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.907367] kthread+0x18c/0x1a8 [ 178.908383] ret_from_fork+0x10/0x20 [ 178.909907] [ 178.910368] Freed by task 142: [ 178.911221] kasan_save_stack+0x3c/0x68 [ 178.912381] kasan_set_track+0x2c/0x40 [ 178.913559] kasan_save_free_info+0x38/0x60 [ 178.915346] __kasan_slab_free+0x100/0x170 [ 178.916553] __kmem_cache_free+0x170/0x2e0 [ 178.917974] kfree+0x74/0x138 [ 178.919009] krealloc_uaf+0xcc/0x2c0 [ 178.920057] kunit_try_run_case+0xf8/0x260 [ 178.921533] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.923182] kthread+0x18c/0x1a8 [ 178.924063] ret_from_fork+0x10/0x20 [ 178.925604] [ 178.926242] The buggy address belongs to the object at ffff0000c0b82600 [ 178.926242] which belongs to the cache kmalloc-256 of size 256 [ 178.928560] The buggy address is located 0 bytes inside of [ 178.928560] freed 256-byte region [ffff0000c0b82600, ffff0000c0b82700) [ 178.931211] [ 178.931741] The buggy address belongs to the physical page: [ 178.933132] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.935624] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.937596] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.939266] page_type: 0xffffffff() [ 178.940318] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.942211] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.943959] page dumped because: kasan: bad access detected [ 178.945281] [ 178.945876] Memory state around the buggy address: [ 178.947333] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.948688] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.950747] >ffff0000c0b82600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 178.952352] ^ [ 178.953781] ffff0000c0b82680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 178.955100] ffff0000c0b82700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.956538] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
[ 178.029852] ================================================================== [ 178.032197] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x110/0x590 [ 178.033980] Write of size 1 at addr ffff0000c0b824c9 by task kunit_try_catch/136 [ 178.035417] [ 178.035975] CPU: 1 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.037904] Hardware name: linux,dummy-virt (DT) [ 178.039138] Call trace: [ 178.039865] dump_backtrace+0x9c/0x128 [ 178.041062] show_stack+0x20/0x38 [ 178.042049] dump_stack_lvl+0x60/0xb0 [ 178.043391] print_report+0xf8/0x5d8 [ 178.044525] kasan_report+0xc8/0x118 [ 178.045856] __asan_store1+0x60/0x70 [ 178.046838] krealloc_less_oob_helper+0x110/0x590 [ 178.048562] krealloc_less_oob+0x20/0x38 [ 178.049835] kunit_try_run_case+0xf8/0x260 [ 178.051123] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.052635] kthread+0x18c/0x1a8 [ 178.053767] ret_from_fork+0x10/0x20 [ 178.054684] [ 178.055358] Allocated by task 136: [ 178.056409] kasan_save_stack+0x3c/0x68 [ 178.057644] kasan_set_track+0x2c/0x40 [ 178.058800] kasan_save_alloc_info+0x24/0x38 [ 178.060145] __kasan_krealloc+0x10c/0x140 [ 178.061500] krealloc+0x10c/0x1a0 [ 178.062800] krealloc_less_oob_helper+0xd4/0x590 [ 178.064433] krealloc_less_oob+0x20/0x38 [ 178.065406] kunit_try_run_case+0xf8/0x260 [ 178.066704] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.068249] kthread+0x18c/0x1a8 [ 178.069525] ret_from_fork+0x10/0x20 [ 178.070449] [ 178.071112] The buggy address belongs to the object at ffff0000c0b82400 [ 178.071112] which belongs to the cache kmalloc-256 of size 256 [ 178.074288] The buggy address is located 0 bytes to the right of [ 178.074288] allocated 201-byte region [ffff0000c0b82400, ffff0000c0b824c9) [ 178.076760] [ 178.078375] The buggy address belongs to the physical page: [ 178.080106] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.082231] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.084090] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.086053] page_type: 0xffffffff() [ 178.088170] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.089918] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.091463] page dumped because: kasan: bad access detected [ 178.092705] [ 178.093219] Memory state around the buggy address: [ 178.095158] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.096928] ffff0000c0b82400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.098623] >ffff0000c0b82480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 178.100151] ^ [ 178.102051] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.103668] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.105439] ================================================================== [ 178.109621] ================================================================== [ 178.111237] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x590 [ 178.112959] Write of size 1 at addr ffff0000c0b824d0 by task kunit_try_catch/136 [ 178.114989] [ 178.115826] CPU: 1 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.117875] Hardware name: linux,dummy-virt (DT) [ 178.118856] Call trace: [ 178.119832] dump_backtrace+0x9c/0x128 [ 178.121469] show_stack+0x20/0x38 [ 178.122312] dump_stack_lvl+0x60/0xb0 [ 178.123539] print_report+0xf8/0x5d8 [ 178.124704] kasan_report+0xc8/0x118 [ 178.125929] __asan_store1+0x60/0x70 [ 178.127071] krealloc_less_oob_helper+0x140/0x590 [ 178.128319] krealloc_less_oob+0x20/0x38 [ 178.129273] kunit_try_run_case+0xf8/0x260 [ 178.130799] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.132123] kthread+0x18c/0x1a8 [ 178.133632] ret_from_fork+0x10/0x20 [ 178.135230] [ 178.135996] Allocated by task 136: [ 178.137018] kasan_save_stack+0x3c/0x68 [ 178.138199] kasan_set_track+0x2c/0x40 [ 178.139323] kasan_save_alloc_info+0x24/0x38 [ 178.140612] __kasan_krealloc+0x10c/0x140 [ 178.142142] krealloc+0x10c/0x1a0 [ 178.143644] krealloc_less_oob_helper+0xd4/0x590 [ 178.144917] krealloc_less_oob+0x20/0x38 [ 178.146040] kunit_try_run_case+0xf8/0x260 [ 178.147225] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.148657] kthread+0x18c/0x1a8 [ 178.149626] ret_from_fork+0x10/0x20 [ 178.150726] [ 178.151337] The buggy address belongs to the object at ffff0000c0b82400 [ 178.151337] which belongs to the cache kmalloc-256 of size 256 [ 178.153561] The buggy address is located 7 bytes to the right of [ 178.153561] allocated 201-byte region [ffff0000c0b82400, ffff0000c0b824c9) [ 178.156890] [ 178.157465] The buggy address belongs to the physical page: [ 178.158854] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.160861] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.162649] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.164658] page_type: 0xffffffff() [ 178.166487] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.168183] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.170624] page dumped because: kasan: bad access detected [ 178.171852] [ 178.172376] Memory state around the buggy address: [ 178.173517] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.175178] ffff0000c0b82400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.176787] >ffff0000c0b82480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 178.178427] ^ [ 178.179777] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.181397] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.182951] ================================================================== [ 178.796325] ================================================================== [ 178.798958] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x590 [ 178.800652] Write of size 1 at addr ffff0000c60220eb by task kunit_try_catch/140 [ 178.802866] [ 178.803456] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.805490] Hardware name: linux,dummy-virt (DT) [ 178.806686] Call trace: [ 178.808076] dump_backtrace+0x9c/0x128 [ 178.809312] show_stack+0x20/0x38 [ 178.810365] dump_stack_lvl+0x60/0xb0 [ 178.811591] print_report+0xf8/0x5d8 [ 178.813794] kasan_report+0xc8/0x118 [ 178.815176] __asan_store1+0x60/0x70 [ 178.816247] krealloc_less_oob_helper+0x1e0/0x590 [ 178.817310] krealloc_pagealloc_less_oob+0x20/0x38 [ 178.818613] kunit_try_run_case+0xf8/0x260 [ 178.819782] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.821238] kthread+0x18c/0x1a8 [ 178.822222] ret_from_fork+0x10/0x20 [ 178.823471] [ 178.824026] The buggy address belongs to the physical page: [ 178.825459] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 178.827549] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.829320] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.830938] page_type: 0xffffffff() [ 178.831975] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.833775] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.835358] page dumped because: kasan: bad access detected [ 178.837228] [ 178.837719] Memory state around the buggy address: [ 178.838752] ffff0000c6021f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.840314] ffff0000c6022000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.842644] >ffff0000c6022080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 178.844360] ^ [ 178.845875] ffff0000c6022100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.847477] ffff0000c6022180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.849834] ================================================================== [ 178.267936] ================================================================== [ 178.269498] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b8/0x590 [ 178.271230] Write of size 1 at addr ffff0000c0b824ea by task kunit_try_catch/136 [ 178.273080] [ 178.273964] CPU: 1 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.275450] Hardware name: linux,dummy-virt (DT) [ 178.276301] Call trace: [ 178.277360] dump_backtrace+0x9c/0x128 [ 178.278493] show_stack+0x20/0x38 [ 178.279466] dump_stack_lvl+0x60/0xb0 [ 178.280627] print_report+0xf8/0x5d8 [ 178.281735] kasan_report+0xc8/0x118 [ 178.282952] __asan_store1+0x60/0x70 [ 178.284348] krealloc_less_oob_helper+0x1b8/0x590 [ 178.286343] krealloc_less_oob+0x20/0x38 [ 178.287515] kunit_try_run_case+0xf8/0x260 [ 178.288797] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.290440] kthread+0x18c/0x1a8 [ 178.291417] ret_from_fork+0x10/0x20 [ 178.292502] [ 178.293102] Allocated by task 136: [ 178.294058] kasan_save_stack+0x3c/0x68 [ 178.295181] kasan_set_track+0x2c/0x40 [ 178.296376] kasan_save_alloc_info+0x24/0x38 [ 178.297805] __kasan_krealloc+0x10c/0x140 [ 178.299086] krealloc+0x10c/0x1a0 [ 178.300085] krealloc_less_oob_helper+0xd4/0x590 [ 178.301598] krealloc_less_oob+0x20/0x38 [ 178.302866] kunit_try_run_case+0xf8/0x260 [ 178.303949] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.305263] kthread+0x18c/0x1a8 [ 178.306054] ret_from_fork+0x10/0x20 [ 178.306941] [ 178.307399] The buggy address belongs to the object at ffff0000c0b82400 [ 178.307399] which belongs to the cache kmalloc-256 of size 256 [ 178.310455] The buggy address is located 33 bytes to the right of [ 178.310455] allocated 201-byte region [ffff0000c0b82400, ffff0000c0b824c9) [ 178.313983] [ 178.314952] The buggy address belongs to the physical page: [ 178.316184] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.318566] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.320664] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.322448] page_type: 0xffffffff() [ 178.323464] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.325231] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.327810] page dumped because: kasan: bad access detected [ 178.329564] [ 178.330082] Memory state around the buggy address: [ 178.331324] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.332955] ffff0000c0b82400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.334506] >ffff0000c0b82480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 178.335951] ^ [ 178.338169] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.339811] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.341770] ================================================================== [ 178.569757] ================================================================== [ 178.571957] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x110/0x590 [ 178.574075] Write of size 1 at addr ffff0000c60220c9 by task kunit_try_catch/140 [ 178.575893] [ 178.576471] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.579133] Hardware name: linux,dummy-virt (DT) [ 178.580271] Call trace: [ 178.581071] dump_backtrace+0x9c/0x128 [ 178.582493] show_stack+0x20/0x38 [ 178.583474] dump_stack_lvl+0x60/0xb0 [ 178.584606] print_report+0xf8/0x5d8 [ 178.586194] kasan_report+0xc8/0x118 [ 178.587297] __asan_store1+0x60/0x70 [ 178.588410] krealloc_less_oob_helper+0x110/0x590 [ 178.589836] krealloc_pagealloc_less_oob+0x20/0x38 [ 178.591372] kunit_try_run_case+0xf8/0x260 [ 178.592828] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.594359] kthread+0x18c/0x1a8 [ 178.595357] ret_from_fork+0x10/0x20 [ 178.596509] [ 178.597211] The buggy address belongs to the physical page: [ 178.598897] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 178.600940] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.602788] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.604565] page_type: 0xffffffff() [ 178.605889] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.607746] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.609587] page dumped because: kasan: bad access detected [ 178.610299] [ 178.610613] Memory state around the buggy address: [ 178.611940] ffff0000c6021f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.613870] ffff0000c6022000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.615783] >ffff0000c6022080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 178.617679] ^ [ 178.619163] ffff0000c6022100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.620793] ffff0000c6022180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.622453] ================================================================== [ 178.187395] ================================================================== [ 178.189296] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x18c/0x590 [ 178.191033] Write of size 1 at addr ffff0000c0b824da by task kunit_try_catch/136 [ 178.192773] [ 178.193462] CPU: 1 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.195732] Hardware name: linux,dummy-virt (DT) [ 178.196879] Call trace: [ 178.197501] dump_backtrace+0x9c/0x128 [ 178.198779] show_stack+0x20/0x38 [ 178.199807] dump_stack_lvl+0x60/0xb0 [ 178.201094] print_report+0xf8/0x5d8 [ 178.202145] kasan_report+0xc8/0x118 [ 178.203313] __asan_store1+0x60/0x70 [ 178.204421] krealloc_less_oob_helper+0x18c/0x590 [ 178.205848] krealloc_less_oob+0x20/0x38 [ 178.207120] kunit_try_run_case+0xf8/0x260 [ 178.208338] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.210084] kthread+0x18c/0x1a8 [ 178.211472] ret_from_fork+0x10/0x20 [ 178.213012] [ 178.213750] Allocated by task 136: [ 178.214671] kasan_save_stack+0x3c/0x68 [ 178.215844] kasan_set_track+0x2c/0x40 [ 178.216995] kasan_save_alloc_info+0x24/0x38 [ 178.218388] __kasan_krealloc+0x10c/0x140 [ 178.219787] krealloc+0x10c/0x1a0 [ 178.220960] krealloc_less_oob_helper+0xd4/0x590 [ 178.222507] krealloc_less_oob+0x20/0x38 [ 178.223777] kunit_try_run_case+0xf8/0x260 [ 178.225076] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.226675] kthread+0x18c/0x1a8 [ 178.227427] ret_from_fork+0x10/0x20 [ 178.228317] [ 178.228975] The buggy address belongs to the object at ffff0000c0b82400 [ 178.228975] which belongs to the cache kmalloc-256 of size 256 [ 178.232059] The buggy address is located 17 bytes to the right of [ 178.232059] allocated 201-byte region [ffff0000c0b82400, ffff0000c0b824c9) [ 178.234788] [ 178.235250] The buggy address belongs to the physical page: [ 178.236561] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.239080] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.240955] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.242641] page_type: 0xffffffff() [ 178.243664] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.245789] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.247898] page dumped because: kasan: bad access detected [ 178.249515] [ 178.250057] Memory state around the buggy address: [ 178.251182] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.252730] ffff0000c0b82400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.254429] >ffff0000c0b82480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 178.256002] ^ [ 178.257530] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.259591] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.261838] ================================================================== [ 178.681294] ================================================================== [ 178.683183] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x18c/0x590 [ 178.686035] Write of size 1 at addr ffff0000c60220da by task kunit_try_catch/140 [ 178.687918] [ 178.688400] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.691021] Hardware name: linux,dummy-virt (DT) [ 178.691975] Call trace: [ 178.692688] dump_backtrace+0x9c/0x128 [ 178.694309] show_stack+0x20/0x38 [ 178.695430] dump_stack_lvl+0x60/0xb0 [ 178.696834] print_report+0xf8/0x5d8 [ 178.697880] kasan_report+0xc8/0x118 [ 178.699048] __asan_store1+0x60/0x70 [ 178.700152] krealloc_less_oob_helper+0x18c/0x590 [ 178.701861] krealloc_pagealloc_less_oob+0x20/0x38 [ 178.703114] kunit_try_run_case+0xf8/0x260 [ 178.704555] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.706204] kthread+0x18c/0x1a8 [ 178.707137] ret_from_fork+0x10/0x20 [ 178.708248] [ 178.708909] The buggy address belongs to the physical page: [ 178.710634] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 178.712708] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.714819] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.716364] page_type: 0xffffffff() [ 178.717479] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.719414] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.721247] page dumped because: kasan: bad access detected [ 178.722940] [ 178.723633] Memory state around the buggy address: [ 178.724911] ffff0000c6021f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.726930] ffff0000c6022000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.728754] >ffff0000c6022080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 178.730104] ^ [ 178.731474] ffff0000c6022100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.733234] ffff0000c6022180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.734844] ================================================================== [ 178.347546] ================================================================== [ 178.349130] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1e0/0x590 [ 178.351788] Write of size 1 at addr ffff0000c0b824eb by task kunit_try_catch/136 [ 178.354350] [ 178.355002] CPU: 1 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.356839] Hardware name: linux,dummy-virt (DT) [ 178.357953] Call trace: [ 178.359489] dump_backtrace+0x9c/0x128 [ 178.360666] show_stack+0x20/0x38 [ 178.361722] dump_stack_lvl+0x60/0xb0 [ 178.362893] print_report+0xf8/0x5d8 [ 178.364006] kasan_report+0xc8/0x118 [ 178.365960] __asan_store1+0x60/0x70 [ 178.367006] krealloc_less_oob_helper+0x1e0/0x590 [ 178.368377] krealloc_less_oob+0x20/0x38 [ 178.369489] kunit_try_run_case+0xf8/0x260 [ 178.370723] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.372201] kthread+0x18c/0x1a8 [ 178.373436] ret_from_fork+0x10/0x20 [ 178.374356] [ 178.374844] Allocated by task 136: [ 178.375909] kasan_save_stack+0x3c/0x68 [ 178.377191] kasan_set_track+0x2c/0x40 [ 178.378341] kasan_save_alloc_info+0x24/0x38 [ 178.379636] __kasan_krealloc+0x10c/0x140 [ 178.380849] krealloc+0x10c/0x1a0 [ 178.381841] krealloc_less_oob_helper+0xd4/0x590 [ 178.383525] krealloc_less_oob+0x20/0x38 [ 178.384492] kunit_try_run_case+0xf8/0x260 [ 178.385493] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.387387] kthread+0x18c/0x1a8 [ 178.388515] ret_from_fork+0x10/0x20 [ 178.389746] [ 178.390415] The buggy address belongs to the object at ffff0000c0b82400 [ 178.390415] which belongs to the cache kmalloc-256 of size 256 [ 178.392586] The buggy address is located 34 bytes to the right of [ 178.392586] allocated 201-byte region [ffff0000c0b82400, ffff0000c0b824c9) [ 178.396031] [ 178.397171] The buggy address belongs to the physical page: [ 178.398538] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 178.400546] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.402739] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 178.405429] page_type: 0xffffffff() [ 178.406551] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 178.408307] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 178.410293] page dumped because: kasan: bad access detected [ 178.411174] [ 178.411696] Memory state around the buggy address: [ 178.412862] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.414433] ffff0000c0b82400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.416362] >ffff0000c0b82480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 178.418257] ^ [ 178.419946] ffff0000c0b82500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.421814] ffff0000c0b82580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.423412] ================================================================== [ 178.624960] ================================================================== [ 178.626662] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x140/0x590 [ 178.628138] Write of size 1 at addr ffff0000c60220d0 by task kunit_try_catch/140 [ 178.630309] [ 178.630912] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.632736] Hardware name: linux,dummy-virt (DT) [ 178.633863] Call trace: [ 178.634589] dump_backtrace+0x9c/0x128 [ 178.635818] show_stack+0x20/0x38 [ 178.636678] dump_stack_lvl+0x60/0xb0 [ 178.638361] print_report+0xf8/0x5d8 [ 178.639863] kasan_report+0xc8/0x118 [ 178.641304] __asan_store1+0x60/0x70 [ 178.643280] krealloc_less_oob_helper+0x140/0x590 [ 178.644963] krealloc_pagealloc_less_oob+0x20/0x38 [ 178.646411] kunit_try_run_case+0xf8/0x260 [ 178.647602] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.649099] kthread+0x18c/0x1a8 [ 178.649898] ret_from_fork+0x10/0x20 [ 178.651731] [ 178.652256] The buggy address belongs to the physical page: [ 178.653614] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 178.655670] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.657361] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.658841] page_type: 0xffffffff() [ 178.659645] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.661206] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.663140] page dumped because: kasan: bad access detected [ 178.664508] [ 178.665201] Memory state around the buggy address: [ 178.666525] ffff0000c6021f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.668229] ffff0000c6022000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.670060] >ffff0000c6022080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 178.671735] ^ [ 178.672788] ffff0000c6022100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.675106] ffff0000c6022180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.677611] ================================================================== [ 178.738297] ================================================================== [ 178.739821] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1b8/0x590 [ 178.741616] Write of size 1 at addr ffff0000c60220ea by task kunit_try_catch/140 [ 178.743546] [ 178.744729] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.746987] Hardware name: linux,dummy-virt (DT) [ 178.748157] Call trace: [ 178.748859] dump_backtrace+0x9c/0x128 [ 178.750102] show_stack+0x20/0x38 [ 178.751104] dump_stack_lvl+0x60/0xb0 [ 178.752334] print_report+0xf8/0x5d8 [ 178.753843] kasan_report+0xc8/0x118 [ 178.755192] __asan_store1+0x60/0x70 [ 178.756243] krealloc_less_oob_helper+0x1b8/0x590 [ 178.757862] krealloc_pagealloc_less_oob+0x20/0x38 [ 178.759255] kunit_try_run_case+0xf8/0x260 [ 178.760446] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.761852] kthread+0x18c/0x1a8 [ 178.762639] ret_from_fork+0x10/0x20 [ 178.763351] [ 178.763752] The buggy address belongs to the physical page: [ 178.765796] page:00000000dc26f172 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106020 [ 178.768081] head:00000000dc26f172 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.770134] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.771839] page_type: 0xffffffff() [ 178.772856] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.774536] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.776887] page dumped because: kasan: bad access detected [ 178.778181] [ 178.779163] Memory state around the buggy address: [ 178.780250] ffff0000c6021f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.782115] ffff0000c6022000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.783366] >ffff0000c6022080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 178.786207] ^ [ 178.787799] ffff0000c6022100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.789432] ffff0000c6022180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.791604] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
[ 177.859251] ================================================================== [ 177.861292] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x138/0x380 [ 177.863291] Write of size 1 at addr ffff0000c0b822eb by task kunit_try_catch/134 [ 177.865041] [ 177.866055] CPU: 1 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.867890] Hardware name: linux,dummy-virt (DT) [ 177.869034] Call trace: [ 177.869786] dump_backtrace+0x9c/0x128 [ 177.870983] show_stack+0x20/0x38 [ 177.871945] dump_stack_lvl+0x60/0xb0 [ 177.873133] print_report+0xf8/0x5d8 [ 177.874436] kasan_report+0xc8/0x118 [ 177.875607] __asan_store1+0x60/0x70 [ 177.876751] krealloc_more_oob_helper+0x138/0x380 [ 177.878109] krealloc_more_oob+0x20/0x38 [ 177.879210] kunit_try_run_case+0xf8/0x260 [ 177.880364] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.882951] kthread+0x18c/0x1a8 [ 177.884183] ret_from_fork+0x10/0x20 [ 177.885481] [ 177.886232] Allocated by task 134: [ 177.887167] kasan_save_stack+0x3c/0x68 [ 177.888362] kasan_set_track+0x2c/0x40 [ 177.889667] kasan_save_alloc_info+0x24/0x38 [ 177.890982] __kasan_krealloc+0x10c/0x140 [ 177.892142] krealloc+0x10c/0x1a0 [ 177.893369] krealloc_more_oob_helper+0xd4/0x380 [ 177.894812] krealloc_more_oob+0x20/0x38 [ 177.896038] kunit_try_run_case+0xf8/0x260 [ 177.897967] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.899902] kthread+0x18c/0x1a8 [ 177.900953] ret_from_fork+0x10/0x20 [ 177.902053] [ 177.902978] The buggy address belongs to the object at ffff0000c0b82200 [ 177.902978] which belongs to the cache kmalloc-256 of size 256 [ 177.905603] The buggy address is located 0 bytes to the right of [ 177.905603] allocated 235-byte region [ffff0000c0b82200, ffff0000c0b822eb) [ 177.908389] [ 177.908957] The buggy address belongs to the physical page: [ 177.910511] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 177.912622] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.914536] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 177.916289] page_type: 0xffffffff() [ 177.917719] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 177.919511] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 177.921626] page dumped because: kasan: bad access detected [ 177.922736] [ 177.923293] Memory state around the buggy address: [ 177.924541] ffff0000c0b82180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.926595] ffff0000c0b82200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.928257] >ffff0000c0b82280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 177.929944] ^ [ 177.931445] ffff0000c0b82300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.933100] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.934982] ================================================================== [ 178.500220] ================================================================== [ 178.501858] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x380 [ 178.503153] Write of size 1 at addr ffff0000c5f9e0f0 by task kunit_try_catch/138 [ 178.505562] [ 178.506250] CPU: 1 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.508008] Hardware name: linux,dummy-virt (DT) [ 178.509311] Call trace: [ 178.510273] dump_backtrace+0x9c/0x128 [ 178.511333] show_stack+0x20/0x38 [ 178.512264] dump_stack_lvl+0x60/0xb0 [ 178.513468] print_report+0xf8/0x5d8 [ 178.514733] kasan_report+0xc8/0x118 [ 178.515906] __asan_store1+0x60/0x70 [ 178.517037] krealloc_more_oob_helper+0x168/0x380 [ 178.518659] krealloc_pagealloc_more_oob+0x20/0x38 [ 178.520066] kunit_try_run_case+0xf8/0x260 [ 178.521637] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.523168] kthread+0x18c/0x1a8 [ 178.524258] ret_from_fork+0x10/0x20 [ 178.525660] [ 178.526169] The buggy address belongs to the physical page: [ 178.527614] page:00000000875d9a5f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 178.529528] head:00000000875d9a5f order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.531421] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.533026] page_type: 0xffffffff() [ 178.534107] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.535866] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.537932] page dumped because: kasan: bad access detected [ 178.538562] [ 178.538877] Memory state around the buggy address: [ 178.539461] ffff0000c5f9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.541647] ffff0000c5f9e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.544075] >ffff0000c5f9e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 178.546761] ^ [ 178.548269] ffff0000c5f9e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.549909] ffff0000c5f9e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.551371] ================================================================== [ 177.937927] ================================================================== [ 177.939762] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x168/0x380 [ 177.942067] Write of size 1 at addr ffff0000c0b822f0 by task kunit_try_catch/134 [ 177.943640] [ 177.944307] CPU: 1 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.946104] Hardware name: linux,dummy-virt (DT) [ 177.946776] Call trace: [ 177.947625] dump_backtrace+0x9c/0x128 [ 177.948788] show_stack+0x20/0x38 [ 177.949787] dump_stack_lvl+0x60/0xb0 [ 177.950969] print_report+0xf8/0x5d8 [ 177.952102] kasan_report+0xc8/0x118 [ 177.953319] __asan_store1+0x60/0x70 [ 177.954491] krealloc_more_oob_helper+0x168/0x380 [ 177.955757] krealloc_more_oob+0x20/0x38 [ 177.957047] kunit_try_run_case+0xf8/0x260 [ 177.958660] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.960141] kthread+0x18c/0x1a8 [ 177.961904] ret_from_fork+0x10/0x20 [ 177.963040] [ 177.963521] Allocated by task 134: [ 177.964531] kasan_save_stack+0x3c/0x68 [ 177.965903] kasan_set_track+0x2c/0x40 [ 177.966988] kasan_save_alloc_info+0x24/0x38 [ 177.968293] __kasan_krealloc+0x10c/0x140 [ 177.969681] krealloc+0x10c/0x1a0 [ 177.970710] krealloc_more_oob_helper+0xd4/0x380 [ 177.972021] krealloc_more_oob+0x20/0x38 [ 177.973523] kunit_try_run_case+0xf8/0x260 [ 177.974814] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.976402] kthread+0x18c/0x1a8 [ 177.977773] ret_from_fork+0x10/0x20 [ 177.979402] [ 177.980323] The buggy address belongs to the object at ffff0000c0b82200 [ 177.980323] which belongs to the cache kmalloc-256 of size 256 [ 177.983022] The buggy address is located 5 bytes to the right of [ 177.983022] allocated 235-byte region [ffff0000c0b82200, ffff0000c0b822eb) [ 177.985392] [ 177.986029] The buggy address belongs to the physical page: [ 177.987341] page:000000000369a94f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b82 [ 177.989465] head:000000000369a94f order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.991167] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 177.992749] page_type: 0xffffffff() [ 177.993826] raw: 0bfffc0000000840 ffff0000c0001b40 dead000000000122 0000000000000000 [ 177.995620] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 177.997247] page dumped because: kasan: bad access detected [ 177.998627] [ 177.999105] Memory state around the buggy address: [ 178.000237] ffff0000c0b82180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.001730] ffff0000c0b82200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.003873] >ffff0000c0b82280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 178.005496] ^ [ 178.007305] ffff0000c0b82300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.008973] ffff0000c0b82380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 178.010592] ================================================================== [ 178.444835] ================================================================== [ 178.447085] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x138/0x380 [ 178.448720] Write of size 1 at addr ffff0000c5f9e0eb by task kunit_try_catch/138 [ 178.450727] [ 178.451302] CPU: 1 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 178.453525] Hardware name: linux,dummy-virt (DT) [ 178.454652] Call trace: [ 178.455318] dump_backtrace+0x9c/0x128 [ 178.456390] show_stack+0x20/0x38 [ 178.457393] dump_stack_lvl+0x60/0xb0 [ 178.458899] print_report+0xf8/0x5d8 [ 178.460010] kasan_report+0xc8/0x118 [ 178.461978] __asan_store1+0x60/0x70 [ 178.462998] krealloc_more_oob_helper+0x138/0x380 [ 178.464360] krealloc_pagealloc_more_oob+0x20/0x38 [ 178.465974] kunit_try_run_case+0xf8/0x260 [ 178.467197] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 178.468674] kthread+0x18c/0x1a8 [ 178.469942] ret_from_fork+0x10/0x20 [ 178.471046] [ 178.471555] The buggy address belongs to the physical page: [ 178.472862] page:00000000875d9a5f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 178.474734] head:00000000875d9a5f order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 178.476699] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 178.478376] page_type: 0xffffffff() [ 178.479403] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 178.481209] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 178.482484] page dumped because: kasan: bad access detected [ 178.484390] [ 178.485290] Memory state around the buggy address: [ 178.486458] ffff0000c5f9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.488045] ffff0000c5f9e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 178.489968] >ffff0000c5f9e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 178.491336] ^ [ 178.493286] ffff0000c5f9e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.494859] ffff0000c5f9e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 178.496386] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
[ 177.763827] ================================================================== [ 177.765808] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xc8/0x1e0 [ 177.767613] Write of size 1 at addr ffff0000c6039f00 by task kunit_try_catch/132 [ 177.769814] [ 177.770298] CPU: 0 PID: 132 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.772271] Hardware name: linux,dummy-virt (DT) [ 177.774423] Call trace: [ 177.775219] dump_backtrace+0x9c/0x128 [ 177.776325] show_stack+0x20/0x38 [ 177.777532] dump_stack_lvl+0x60/0xb0 [ 177.778604] print_report+0xf8/0x5d8 [ 177.779683] kasan_report+0xc8/0x118 [ 177.781047] __asan_store1+0x60/0x70 [ 177.782559] kmalloc_large_oob_right+0xc8/0x1e0 [ 177.783826] kunit_try_run_case+0xf8/0x260 [ 177.785225] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.787331] kthread+0x18c/0x1a8 [ 177.788310] ret_from_fork+0x10/0x20 [ 177.789899] [ 177.790541] Allocated by task 132: [ 177.791337] kasan_save_stack+0x3c/0x68 [ 177.792593] kasan_set_track+0x2c/0x40 [ 177.793834] kasan_save_alloc_info+0x24/0x38 [ 177.794956] __kasan_kmalloc+0xd4/0xd8 [ 177.796365] kmalloc_trace+0x68/0x130 [ 177.797759] kmalloc_large_oob_right+0x9c/0x1e0 [ 177.799253] kunit_try_run_case+0xf8/0x260 [ 177.800633] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.802310] kthread+0x18c/0x1a8 [ 177.803102] ret_from_fork+0x10/0x20 [ 177.804537] [ 177.805560] The buggy address belongs to the object at ffff0000c6038000 [ 177.805560] which belongs to the cache kmalloc-8k of size 8192 [ 177.808140] The buggy address is located 0 bytes to the right of [ 177.808140] allocated 7936-byte region [ffff0000c6038000, ffff0000c6039f00) [ 177.811129] [ 177.811597] The buggy address belongs to the physical page: [ 177.813054] page:00000000ade0eed0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106038 [ 177.815301] head:00000000ade0eed0 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.817377] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 177.819500] page_type: 0xffffffff() [ 177.820666] raw: 0bfffc0000000840 ffff0000c0002280 dead000000000122 0000000000000000 [ 177.823023] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 177.824608] page dumped because: kasan: bad access detected [ 177.826242] [ 177.827263] Memory state around the buggy address: [ 177.828767] ffff0000c6039e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.830356] ffff0000c6039e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.832357] >ffff0000c6039f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.834078] ^ [ 177.835061] ffff0000c6039f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.837172] ffff0000c603a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.838630] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf: Failure
[ 177.529926] ================================================================== [ 177.532418] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xac/0x1b0 [ 177.534310] Read of size 1 at addr ffff0000c5f9c000 by task kunit_try_catch/124 [ 177.536633] [ 177.537260] CPU: 1 PID: 124 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.539215] Hardware name: linux,dummy-virt (DT) [ 177.540325] Call trace: [ 177.541152] dump_backtrace+0x9c/0x128 [ 177.542688] show_stack+0x20/0x38 [ 177.543753] dump_stack_lvl+0x60/0xb0 [ 177.545117] print_report+0xf8/0x5d8 [ 177.546294] kasan_report+0xc8/0x118 [ 177.547496] __asan_load1+0x60/0x70 [ 177.548626] kmalloc_pagealloc_uaf+0xac/0x1b0 [ 177.550082] kunit_try_run_case+0xf8/0x260 [ 177.551734] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.553199] kthread+0x18c/0x1a8 [ 177.554695] ret_from_fork+0x10/0x20 [ 177.555863] [ 177.556551] The buggy address belongs to the physical page: [ 177.557952] page:00000000875d9a5f refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 177.559801] flags: 0xbfffc0000000000(node=0|zone=2|lastcpupid=0xffff) [ 177.561920] page_type: 0xffffffff() [ 177.562908] raw: 0bfffc0000000000 fffffc000317e808 ffff0000daa324f8 0000000000000000 [ 177.564684] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 177.566279] page dumped because: kasan: bad access detected [ 177.567592] [ 177.568558] Memory state around the buggy address: [ 177.570006] ffff0000c5f9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.571668] ffff0000c5f9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.573248] >ffff0000c5f9c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.574926] ^ [ 177.575846] ffff0000c5f9c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.577809] ffff0000c5f9c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 177.579237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right: Failure
[ 177.459070] ================================================================== [ 177.461184] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xac/0x1c0 [ 177.462865] Write of size 1 at addr ffff0000c601e00a by task kunit_try_catch/122 [ 177.464539] [ 177.466036] CPU: 0 PID: 122 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.467584] Hardware name: linux,dummy-virt (DT) [ 177.468918] Call trace: [ 177.469647] dump_backtrace+0x9c/0x128 [ 177.470748] show_stack+0x20/0x38 [ 177.471781] dump_stack_lvl+0x60/0xb0 [ 177.472998] print_report+0xf8/0x5d8 [ 177.474300] kasan_report+0xc8/0x118 [ 177.476324] __asan_store1+0x60/0x70 [ 177.477445] kmalloc_pagealloc_oob_right+0xac/0x1c0 [ 177.478785] kunit_try_run_case+0xf8/0x260 [ 177.480001] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.481716] kthread+0x18c/0x1a8 [ 177.483005] ret_from_fork+0x10/0x20 [ 177.484271] [ 177.485732] The buggy address belongs to the physical page: [ 177.487179] page:0000000071e8d051 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10601c [ 177.489177] head:0000000071e8d051 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.491075] flags: 0xbfffc0000000040(head|node=0|zone=2|lastcpupid=0xffff) [ 177.492373] page_type: 0xffffffff() [ 177.493515] raw: 0bfffc0000000040 0000000000000000 dead000000000122 0000000000000000 [ 177.495513] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 177.497343] page dumped because: kasan: bad access detected [ 177.499261] [ 177.499727] Memory state around the buggy address: [ 177.501123] ffff0000c601df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.502592] ffff0000c601df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.504241] >ffff0000c601e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 177.506098] ^ [ 177.507363] ffff0000c601e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 177.509290] ffff0000c601e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 177.511291] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
[ 177.366902] ================================================================== [ 177.370266] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd0/0x1f0 [ 177.372074] Read of size 1 at addr ffff0000c5e73000 by task kunit_try_catch/120 [ 177.373744] [ 177.374307] CPU: 0 PID: 120 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.376237] Hardware name: linux,dummy-virt (DT) [ 177.378186] Call trace: [ 177.379128] dump_backtrace+0x9c/0x128 [ 177.380229] show_stack+0x20/0x38 [ 177.381249] dump_stack_lvl+0x60/0xb0 [ 177.382421] print_report+0xf8/0x5d8 [ 177.383534] kasan_report+0xc8/0x118 [ 177.384676] __asan_load1+0x60/0x70 [ 177.386517] kmalloc_node_oob_right+0xd0/0x1f0 [ 177.387590] kunit_try_run_case+0xf8/0x260 [ 177.389180] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.390718] kthread+0x18c/0x1a8 [ 177.391607] ret_from_fork+0x10/0x20 [ 177.392672] [ 177.393258] Allocated by task 120: [ 177.394153] kasan_save_stack+0x3c/0x68 [ 177.395358] kasan_set_track+0x2c/0x40 [ 177.396428] kasan_save_alloc_info+0x24/0x38 [ 177.397791] __kasan_kmalloc+0xd4/0xd8 [ 177.398987] kmalloc_node_trace+0x64/0x130 [ 177.400035] kmalloc_node_oob_right+0xa4/0x1f0 [ 177.401623] kunit_try_run_case+0xf8/0x260 [ 177.402844] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.404272] kthread+0x18c/0x1a8 [ 177.405417] ret_from_fork+0x10/0x20 [ 177.406348] [ 177.406971] The buggy address belongs to the object at ffff0000c5e72000 [ 177.406971] which belongs to the cache kmalloc-4k of size 4096 [ 177.409869] The buggy address is located 0 bytes to the right of [ 177.409869] allocated 4096-byte region [ffff0000c5e72000, ffff0000c5e73000) [ 177.412478] [ 177.413329] The buggy address belongs to the physical page: [ 177.415183] page:0000000021a8e1ed refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e70 [ 177.417330] head:0000000021a8e1ed order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.419072] flags: 0xbfffc0000000840(slab|head|node=0|zone=2|lastcpupid=0xffff) [ 177.420756] page_type: 0xffffffff() [ 177.421743] raw: 0bfffc0000000840 ffff0000c0002140 dead000000000122 0000000000000000 [ 177.423500] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 177.425215] page dumped because: kasan: bad access detected [ 177.426454] [ 177.426915] Memory state around the buggy address: [ 177.428442] ffff0000c5e72f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.430171] ffff0000c5e72f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 177.431838] >ffff0000c5e73000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.433652] ^ [ 177.434692] ffff0000c5e73080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.436472] ffff0000c5e73100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.438191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
[ 177.250280] ================================================================== [ 177.253148] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xc8/0x1f0 [ 177.255085] Read of size 1 at addr ffff0000c5e9f53f by task kunit_try_catch/118 [ 177.257847] [ 177.258346] CPU: 0 PID: 118 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.260744] Hardware name: linux,dummy-virt (DT) [ 177.262594] Call trace: [ 177.263277] dump_backtrace+0x9c/0x128 [ 177.264508] show_stack+0x20/0x38 [ 177.265635] dump_stack_lvl+0x60/0xb0 [ 177.266758] print_report+0xf8/0x5d8 [ 177.268044] kasan_report+0xc8/0x118 [ 177.269505] __asan_load1+0x60/0x70 [ 177.270719] kmalloc_oob_left+0xc8/0x1f0 [ 177.271826] kunit_try_run_case+0xf8/0x260 [ 177.273196] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.275099] kthread+0x18c/0x1a8 [ 177.276213] ret_from_fork+0x10/0x20 [ 177.277759] [ 177.278211] Allocated by task 11: [ 177.279135] kasan_save_stack+0x3c/0x68 [ 177.280268] kasan_set_track+0x2c/0x40 [ 177.281589] kasan_save_alloc_info+0x24/0x38 [ 177.282716] __kasan_kmalloc+0xd4/0xd8 [ 177.283921] __kmalloc_node_track_caller+0x74/0x1d0 [ 177.285670] krealloc+0x84/0x1a0 [ 177.286601] create_trace_option_files+0x188/0x370 [ 177.287925] tracer_init_tracefs_work_func+0x1fc/0x370 [ 177.289614] process_one_work+0x2a8/0x6d0 [ 177.290980] worker_thread+0x53c/0x708 [ 177.292468] kthread+0x18c/0x1a8 [ 177.293901] ret_from_fork+0x10/0x20 [ 177.295274] [ 177.295913] Freed by task 11: [ 177.296862] kasan_save_stack+0x3c/0x68 [ 177.298160] kasan_set_track+0x2c/0x40 [ 177.299406] kasan_save_free_info+0x38/0x60 [ 177.300855] __kasan_slab_free+0x100/0x170 [ 177.302288] __kmem_cache_free+0x170/0x2e0 [ 177.303467] kfree+0x74/0x138 [ 177.304709] krealloc+0xa8/0x1a0 [ 177.305920] create_trace_option_files+0x188/0x370 [ 177.307368] tracer_init_tracefs_work_func+0x1fc/0x370 [ 177.308834] process_one_work+0x2a8/0x6d0 [ 177.310373] worker_thread+0x53c/0x708 [ 177.311284] kthread+0x18c/0x1a8 [ 177.312459] ret_from_fork+0x10/0x20 [ 177.314113] [ 177.314539] The buggy address belongs to the object at ffff0000c5e9f520 [ 177.314539] which belongs to the cache kmalloc-16 of size 16 [ 177.317375] The buggy address is located 15 bytes to the right of [ 177.317375] allocated 16-byte region [ffff0000c5e9f520, ffff0000c5e9f530) [ 177.320185] [ 177.320642] The buggy address belongs to the physical page: [ 177.322815] page:00000000a166c351 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e9f [ 177.324792] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 177.326392] page_type: 0xffffffff() [ 177.327868] raw: 0bfffc0000000800 ffff0000c00013c0 dead000000000122 0000000000000000 [ 177.329670] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 177.331856] page dumped because: kasan: bad access detected [ 177.333424] [ 177.333924] Memory state around the buggy address: [ 177.334850] ffff0000c5e9f400: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 177.337011] ffff0000c5e9f480: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 02 fc fc [ 177.338707] >ffff0000c5e9f500: 00 02 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 177.340343] ^ [ 177.341729] ffff0000c5e9f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.343500] ffff0000c5e9f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.344849] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
[ 177.078463] ================================================================== [ 177.079636] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xf0/0x308 [ 177.082140] Write of size 1 at addr ffff0000c5f5a378 by task kunit_try_catch/116 [ 177.083355] [ 177.083793] CPU: 1 PID: 116 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.085967] Hardware name: linux,dummy-virt (DT) [ 177.087069] Call trace: [ 177.087768] dump_backtrace+0x9c/0x128 [ 177.088868] show_stack+0x20/0x38 [ 177.089923] dump_stack_lvl+0x60/0xb0 [ 177.091141] print_report+0xf8/0x5d8 [ 177.092436] kasan_report+0xc8/0x118 [ 177.093420] __asan_store1+0x60/0x70 [ 177.094753] kmalloc_oob_right+0xf0/0x308 [ 177.096166] kunit_try_run_case+0xf8/0x260 [ 177.097619] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.099151] kthread+0x18c/0x1a8 [ 177.100254] ret_from_fork+0x10/0x20 [ 177.101638] [ 177.102257] Allocated by task 116: [ 177.103203] kasan_save_stack+0x3c/0x68 [ 177.104471] kasan_set_track+0x2c/0x40 [ 177.106018] kasan_save_alloc_info+0x24/0x38 [ 177.107535] __kasan_kmalloc+0xd4/0xd8 [ 177.108887] kmalloc_trace+0x68/0x130 [ 177.110317] kmalloc_oob_right+0xa0/0x308 [ 177.111773] kunit_try_run_case+0xf8/0x260 [ 177.113093] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.114747] kthread+0x18c/0x1a8 [ 177.115899] ret_from_fork+0x10/0x20 [ 177.117057] [ 177.118300] The buggy address belongs to the object at ffff0000c5f5a300 [ 177.118300] which belongs to the cache kmalloc-128 of size 128 [ 177.120690] The buggy address is located 5 bytes to the right of [ 177.120690] allocated 115-byte region [ffff0000c5f5a300, ffff0000c5f5a373) [ 177.123613] [ 177.124273] The buggy address belongs to the physical page: [ 177.125873] page:00000000585cab0c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f5a [ 177.128062] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 177.129679] page_type: 0xffffffff() [ 177.131369] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 177.133205] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 177.134851] page dumped because: kasan: bad access detected [ 177.136048] [ 177.136836] Memory state around the buggy address: [ 177.138041] ffff0000c5f5a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 177.140102] ffff0000c5f5a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.141859] >ffff0000c5f5a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 177.143479] ^ [ 177.145219] ffff0000c5f5a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.146798] ffff0000c5f5a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.149146] ================================================================== [ 176.998278] ================================================================== [ 177.000499] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xc8/0x308 [ 177.003285] Write of size 1 at addr ffff0000c5f5a373 by task kunit_try_catch/116 [ 177.004805] [ 177.006156] CPU: 1 PID: 116 Comm: kunit_try_catch Tainted: G N 6.6.76-rc1 #1 [ 177.008331] Hardware name: linux,dummy-virt (DT) [ 177.010125] Call trace: [ 177.010816] dump_backtrace+0x9c/0x128 [ 177.011790] show_stack+0x20/0x38 [ 177.012325] dump_stack_lvl+0x60/0xb0 [ 177.013962] print_report+0xf8/0x5d8 [ 177.015153] kasan_report+0xc8/0x118 [ 177.016163] __asan_store1+0x60/0x70 [ 177.017310] kmalloc_oob_right+0xc8/0x308 [ 177.018649] kunit_try_run_case+0xf8/0x260 [ 177.019873] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.021711] kthread+0x18c/0x1a8 [ 177.022588] ret_from_fork+0x10/0x20 [ 177.023915] [ 177.024502] Allocated by task 116: [ 177.026091] kasan_save_stack+0x3c/0x68 [ 177.027300] kasan_set_track+0x2c/0x40 [ 177.028455] kasan_save_alloc_info+0x24/0x38 [ 177.029864] __kasan_kmalloc+0xd4/0xd8 [ 177.031167] kmalloc_trace+0x68/0x130 [ 177.032416] kmalloc_oob_right+0xa0/0x308 [ 177.033759] kunit_try_run_case+0xf8/0x260 [ 177.035171] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.036638] kthread+0x18c/0x1a8 [ 177.037842] ret_from_fork+0x10/0x20 [ 177.039111] [ 177.039756] The buggy address belongs to the object at ffff0000c5f5a300 [ 177.039756] which belongs to the cache kmalloc-128 of size 128 [ 177.042894] The buggy address is located 0 bytes to the right of [ 177.042894] allocated 115-byte region [ffff0000c5f5a300, ffff0000c5f5a373) [ 177.045894] [ 177.046865] The buggy address belongs to the physical page: [ 177.048417] page:00000000585cab0c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f5a [ 177.051193] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 177.053050] page_type: 0xffffffff() [ 177.054957] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 177.056666] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 177.058948] page dumped because: kasan: bad access detected [ 177.060084] [ 177.060696] Memory state around the buggy address: [ 177.062643] ffff0000c5f5a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 177.064250] ffff0000c5f5a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.066297] >ffff0000c5f5a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 177.067895] ^ [ 177.069785] ffff0000c5f5a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.071434] ffff0000c5f5a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.073918] ================================================================== [ 177.152289] ================================================================== [ 177.154090] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x118/0x308 [ 177.155314] Read of size 1 at addr ffff0000c5f5a380 by task kunit_try_catch/116 [ 177.157361] [ 177.159277] CPU: 1 PID: 116 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 177.161253] Hardware name: linux,dummy-virt (DT) [ 177.163411] Call trace: [ 177.164519] dump_backtrace+0x9c/0x128 [ 177.165778] show_stack+0x20/0x38 [ 177.166887] dump_stack_lvl+0x60/0xb0 [ 177.168081] print_report+0xf8/0x5d8 [ 177.169334] kasan_report+0xc8/0x118 [ 177.170559] __asan_load1+0x60/0x70 [ 177.171532] kmalloc_oob_right+0x118/0x308 [ 177.173049] kunit_try_run_case+0xf8/0x260 [ 177.174604] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.176043] kthread+0x18c/0x1a8 [ 177.177589] ret_from_fork+0x10/0x20 [ 177.179115] [ 177.179698] Allocated by task 116: [ 177.180642] kasan_save_stack+0x3c/0x68 [ 177.181799] kasan_set_track+0x2c/0x40 [ 177.183162] kasan_save_alloc_info+0x24/0x38 [ 177.184439] __kasan_kmalloc+0xd4/0xd8 [ 177.185621] kmalloc_trace+0x68/0x130 [ 177.186765] kmalloc_oob_right+0xa0/0x308 [ 177.188016] kunit_try_run_case+0xf8/0x260 [ 177.189197] kunit_generic_run_threadfn_adapter+0x38/0x60 [ 177.191146] kthread+0x18c/0x1a8 [ 177.192155] ret_from_fork+0x10/0x20 [ 177.193489] [ 177.193982] The buggy address belongs to the object at ffff0000c5f5a300 [ 177.193982] which belongs to the cache kmalloc-128 of size 128 [ 177.196530] The buggy address is located 13 bytes to the right of [ 177.196530] allocated 115-byte region [ffff0000c5f5a300, ffff0000c5f5a373) [ 177.199920] [ 177.200411] The buggy address belongs to the physical page: [ 177.202357] page:00000000585cab0c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f5a [ 177.203986] flags: 0xbfffc0000000800(slab|node=0|zone=2|lastcpupid=0xffff) [ 177.205934] page_type: 0xffffffff() [ 177.207221] raw: 0bfffc0000000800 ffff0000c00018c0 dead000000000122 0000000000000000 [ 177.208922] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 177.210838] page dumped because: kasan: bad access detected [ 177.211869] [ 177.212296] Memory state around the buggy address: [ 177.214034] ffff0000c5f5a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.216040] ffff0000c5f5a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 177.217856] >ffff0000c5f5a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.219516] ^ [ 177.220619] ffff0000c5f5a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.222497] ffff0000c5f5a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 177.224020] ==================================================================
Failure - boot - gcc-13-lkftconfig-kunit
KNOWN ISSUE - boot/gcc-13-lkftconfig-kunit: Failure
(no logs available)