Date
Feb. 5, 2025, 2:09 p.m.
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
[ 50.543593] ================================================================== [ 50.544520] BUG: KASAN: slab-use-after-free in strnlen+0x31/0x50 [ 50.545360] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.546422] [ 50.546767] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.547775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.548642] Call Trace: [ 50.549547] <TASK> [ 50.550126] dump_stack_lvl+0x4e/0x90 [ 50.550531] print_report+0xd2/0x660 [ 50.550947] ? __virt_addr_valid+0x156/0x1e0 [ 50.551709] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.552460] kasan_report+0xff/0x140 [ 50.553363] ? strnlen+0x31/0x50 [ 50.553923] ? strnlen+0x31/0x50 [ 50.554614] __asan_load1+0x66/0x70 [ 50.555358] strnlen+0x31/0x50 [ 50.555763] kasan_strings+0x21b/0x510 [ 50.556158] ? __pfx_kasan_strings+0x10/0x10 [ 50.556759] ? __schedule+0x70b/0x1190 [ 50.557355] ? ktime_get_ts64+0x118/0x140 [ 50.558052] kunit_try_run_case+0x126/0x290 [ 50.558758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.559352] ? __kasan_check_write+0x18/0x20 [ 50.560067] ? trace_preempt_on+0x20/0xa0 [ 50.560732] ? __kthread_parkme+0x4f/0xd0 [ 50.561314] ? preempt_count_sub+0x50/0x80 [ 50.562043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.562539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.563414] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.564072] kthread+0x19e/0x1e0 [ 50.564593] ? __pfx_kthread+0x10/0x10 [ 50.565223] ret_from_fork+0x41/0x70 [ 50.565843] ? __pfx_kthread+0x10/0x10 [ 50.566481] ret_from_fork_asm+0x1b/0x30 [ 50.567152] </TASK> [ 50.567403] [ 50.567671] Allocated by task 222: [ 50.568263] kasan_save_stack+0x3c/0x60 [ 50.568905] kasan_set_track+0x29/0x40 [ 50.569488] kasan_save_alloc_info+0x22/0x30 [ 50.570193] __kasan_kmalloc+0xb7/0xc0 [ 50.570771] kmalloc_trace+0x4c/0xb0 [ 50.571319] kasan_strings+0x9f/0x510 [ 50.571921] kunit_try_run_case+0x126/0x290 [ 50.572519] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.573326] kthread+0x19e/0x1e0 [ 50.573790] ret_from_fork+0x41/0x70 [ 50.574179] ret_from_fork_asm+0x1b/0x30 [ 50.574844] [ 50.575127] Freed by task 222: [ 50.575545] kasan_save_stack+0x3c/0x60 [ 50.576177] kasan_set_track+0x29/0x40 [ 50.576777] kasan_save_free_info+0x2f/0x50 [ 50.577399] ____kasan_slab_free+0x172/0x1d0 [ 50.577967] __kasan_slab_free+0x16/0x20 [ 50.578602] __kmem_cache_free+0x190/0x310 [ 50.579379] kfree+0x7c/0x120 [ 50.579809] kasan_strings+0xc3/0x510 [ 50.580461] kunit_try_run_case+0x126/0x290 [ 50.581034] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.581782] kthread+0x19e/0x1e0 [ 50.582300] ret_from_fork+0x41/0x70 [ 50.582938] ret_from_fork_asm+0x1b/0x30 [ 50.583561] [ 50.583910] The buggy address belongs to the object at ffff8881028cedc0 [ 50.583910] which belongs to the cache kmalloc-32 of size 32 [ 50.584776] The buggy address is located 16 bytes inside of [ 50.584776] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.586113] [ 50.586424] The buggy address belongs to the physical page: [ 50.587066] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.588180] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.588900] page_type: 0xffffffff() [ 50.589464] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.590297] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.591151] page dumped because: kasan: bad access detected [ 50.591595] [ 50.591978] Memory state around the buggy address: [ 50.592608] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.593537] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.594261] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.595173] ^ [ 50.595794] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.596367] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.597261] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
[ 50.479983] ================================================================== [ 50.480900] BUG: KASAN: slab-use-after-free in strlen+0x13/0x50 [ 50.481849] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.482583] [ 50.483157] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.484612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.485587] Call Trace: [ 50.486003] <TASK> [ 50.486545] dump_stack_lvl+0x4e/0x90 [ 50.487277] print_report+0xd2/0x660 [ 50.487843] ? __virt_addr_valid+0x156/0x1e0 [ 50.488578] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.489375] kasan_report+0xff/0x140 [ 50.489665] ? strlen+0x13/0x50 [ 50.490077] ? strlen+0x13/0x50 [ 50.490584] __asan_load1+0x66/0x70 [ 50.491176] strlen+0x13/0x50 [ 50.491926] kasan_strings+0x1dc/0x510 [ 50.492495] ? __pfx_kasan_strings+0x10/0x10 [ 50.493188] ? __schedule+0x70b/0x1190 [ 50.493921] ? ktime_get_ts64+0x118/0x140 [ 50.495035] kunit_try_run_case+0x126/0x290 [ 50.495817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.496590] ? __kasan_check_write+0x18/0x20 [ 50.497413] ? trace_preempt_on+0x20/0xa0 [ 50.498261] ? __kthread_parkme+0x4f/0xd0 [ 50.498960] ? preempt_count_sub+0x50/0x80 [ 50.499502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.500575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.501392] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.502107] kthread+0x19e/0x1e0 [ 50.502560] ? __pfx_kthread+0x10/0x10 [ 50.503185] ret_from_fork+0x41/0x70 [ 50.503911] ? __pfx_kthread+0x10/0x10 [ 50.504545] ret_from_fork_asm+0x1b/0x30 [ 50.505174] </TASK> [ 50.505519] [ 50.505843] Allocated by task 222: [ 50.506822] kasan_save_stack+0x3c/0x60 [ 50.507538] kasan_set_track+0x29/0x40 [ 50.508246] kasan_save_alloc_info+0x22/0x30 [ 50.508877] __kasan_kmalloc+0xb7/0xc0 [ 50.509346] kmalloc_trace+0x4c/0xb0 [ 50.509899] kasan_strings+0x9f/0x510 [ 50.510410] kunit_try_run_case+0x126/0x290 [ 50.511284] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.512465] kthread+0x19e/0x1e0 [ 50.512944] ret_from_fork+0x41/0x70 [ 50.513574] ret_from_fork_asm+0x1b/0x30 [ 50.514332] [ 50.514758] Freed by task 222: [ 50.515170] kasan_save_stack+0x3c/0x60 [ 50.515711] kasan_set_track+0x29/0x40 [ 50.516174] kasan_save_free_info+0x2f/0x50 [ 50.516914] ____kasan_slab_free+0x172/0x1d0 [ 50.518108] __kasan_slab_free+0x16/0x20 [ 50.519348] __kmem_cache_free+0x190/0x310 [ 50.519852] kfree+0x7c/0x120 [ 50.520497] kasan_strings+0xc3/0x510 [ 50.521281] kunit_try_run_case+0x126/0x290 [ 50.522215] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.523485] kthread+0x19e/0x1e0 [ 50.524302] ret_from_fork+0x41/0x70 [ 50.524801] ret_from_fork_asm+0x1b/0x30 [ 50.525623] [ 50.526118] The buggy address belongs to the object at ffff8881028cedc0 [ 50.526118] which belongs to the cache kmalloc-32 of size 32 [ 50.527423] The buggy address is located 16 bytes inside of [ 50.527423] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.528991] [ 50.529423] The buggy address belongs to the physical page: [ 50.530323] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.531333] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.532017] page_type: 0xffffffff() [ 50.532685] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.533941] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.534704] page dumped because: kasan: bad access detected [ 50.535459] [ 50.535704] Memory state around the buggy address: [ 50.536402] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.537604] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.538753] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.539654] ^ [ 50.540440] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.541319] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.542525] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
[ 50.414796] ================================================================== [ 50.416050] BUG: KASAN: slab-use-after-free in kasan_strings+0x19b/0x510 [ 50.417318] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.418206] [ 50.418443] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.419435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.420306] Call Trace: [ 50.420688] <TASK> [ 50.421309] dump_stack_lvl+0x4e/0x90 [ 50.422105] print_report+0xd2/0x660 [ 50.423094] ? __virt_addr_valid+0x156/0x1e0 [ 50.424314] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.424964] kasan_report+0xff/0x140 [ 50.425902] ? kasan_strings+0x19b/0x510 [ 50.426688] ? kasan_strings+0x19b/0x510 [ 50.427492] __asan_load1+0x66/0x70 [ 50.428127] kasan_strings+0x19b/0x510 [ 50.428729] ? __pfx_kasan_strings+0x10/0x10 [ 50.429551] ? __schedule+0x70b/0x1190 [ 50.430213] ? ktime_get_ts64+0x118/0x140 [ 50.430714] kunit_try_run_case+0x126/0x290 [ 50.431321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.432672] ? __kasan_check_write+0x18/0x20 [ 50.433442] ? trace_preempt_on+0x20/0xa0 [ 50.433980] ? __kthread_parkme+0x4f/0xd0 [ 50.434773] ? preempt_count_sub+0x50/0x80 [ 50.435574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.436589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.437522] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.438346] kthread+0x19e/0x1e0 [ 50.438933] ? __pfx_kthread+0x10/0x10 [ 50.439679] ret_from_fork+0x41/0x70 [ 50.440307] ? __pfx_kthread+0x10/0x10 [ 50.441196] ret_from_fork_asm+0x1b/0x30 [ 50.442012] </TASK> [ 50.442344] [ 50.442791] Allocated by task 222: [ 50.443486] kasan_save_stack+0x3c/0x60 [ 50.444286] kasan_set_track+0x29/0x40 [ 50.445001] kasan_save_alloc_info+0x22/0x30 [ 50.445635] __kasan_kmalloc+0xb7/0xc0 [ 50.446663] kmalloc_trace+0x4c/0xb0 [ 50.447384] kasan_strings+0x9f/0x510 [ 50.448260] kunit_try_run_case+0x126/0x290 [ 50.449010] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.450106] kthread+0x19e/0x1e0 [ 50.450501] ret_from_fork+0x41/0x70 [ 50.450909] ret_from_fork_asm+0x1b/0x30 [ 50.451494] [ 50.452655] Freed by task 222: [ 50.453344] kasan_save_stack+0x3c/0x60 [ 50.454169] kasan_set_track+0x29/0x40 [ 50.454827] kasan_save_free_info+0x2f/0x50 [ 50.455358] ____kasan_slab_free+0x172/0x1d0 [ 50.456127] __kasan_slab_free+0x16/0x20 [ 50.457203] __kmem_cache_free+0x190/0x310 [ 50.457732] kfree+0x7c/0x120 [ 50.458429] kasan_strings+0xc3/0x510 [ 50.459297] kunit_try_run_case+0x126/0x290 [ 50.459900] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.460707] kthread+0x19e/0x1e0 [ 50.461246] ret_from_fork+0x41/0x70 [ 50.461758] ret_from_fork_asm+0x1b/0x30 [ 50.462254] [ 50.462520] The buggy address belongs to the object at ffff8881028cedc0 [ 50.462520] which belongs to the cache kmalloc-32 of size 32 [ 50.464502] The buggy address is located 16 bytes inside of [ 50.464502] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.465639] [ 50.465952] The buggy address belongs to the physical page: [ 50.466654] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.468025] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.468653] page_type: 0xffffffff() [ 50.469330] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.470111] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.470962] page dumped because: kasan: bad access detected [ 50.471683] [ 50.472007] Memory state around the buggy address: [ 50.472727] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.473691] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.475046] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.475730] ^ [ 50.476516] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.477439] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.478355] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
[ 50.349712] ================================================================== [ 50.351699] BUG: KASAN: slab-use-after-free in strcmp+0x26/0x60 [ 50.352687] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.353957] [ 50.354700] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.355432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.356386] Call Trace: [ 50.357016] <TASK> [ 50.357326] dump_stack_lvl+0x4e/0x90 [ 50.357897] print_report+0xd2/0x660 [ 50.358448] ? __virt_addr_valid+0x156/0x1e0 [ 50.359065] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.359926] kasan_report+0xff/0x140 [ 50.360776] ? strcmp+0x26/0x60 [ 50.361449] ? strcmp+0x26/0x60 [ 50.361966] __asan_load1+0x66/0x70 [ 50.362504] strcmp+0x26/0x60 [ 50.362950] kasan_strings+0x161/0x510 [ 50.363634] ? __pfx_kasan_strings+0x10/0x10 [ 50.364494] ? __schedule+0x70b/0x1190 [ 50.365115] ? ktime_get_ts64+0x118/0x140 [ 50.365564] kunit_try_run_case+0x126/0x290 [ 50.366450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.367264] ? __kasan_check_write+0x18/0x20 [ 50.367648] ? trace_preempt_on+0x20/0xa0 [ 50.368469] ? __kthread_parkme+0x4f/0xd0 [ 50.368888] ? preempt_count_sub+0x50/0x80 [ 50.369654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.370453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.371458] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.372496] kthread+0x19e/0x1e0 [ 50.373078] ? __pfx_kthread+0x10/0x10 [ 50.373703] ret_from_fork+0x41/0x70 [ 50.374469] ? __pfx_kthread+0x10/0x10 [ 50.375192] ret_from_fork_asm+0x1b/0x30 [ 50.375830] </TASK> [ 50.376168] [ 50.376431] Allocated by task 222: [ 50.376932] kasan_save_stack+0x3c/0x60 [ 50.377514] kasan_set_track+0x29/0x40 [ 50.378181] kasan_save_alloc_info+0x22/0x30 [ 50.378888] __kasan_kmalloc+0xb7/0xc0 [ 50.379555] kmalloc_trace+0x4c/0xb0 [ 50.380217] kasan_strings+0x9f/0x510 [ 50.380836] kunit_try_run_case+0x126/0x290 [ 50.381578] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.382369] kthread+0x19e/0x1e0 [ 50.383067] ret_from_fork+0x41/0x70 [ 50.383720] ret_from_fork_asm+0x1b/0x30 [ 50.384477] [ 50.384976] Freed by task 222: [ 50.385707] kasan_save_stack+0x3c/0x60 [ 50.386179] kasan_set_track+0x29/0x40 [ 50.386588] kasan_save_free_info+0x2f/0x50 [ 50.387715] ____kasan_slab_free+0x172/0x1d0 [ 50.388468] __kasan_slab_free+0x16/0x20 [ 50.389295] __kmem_cache_free+0x190/0x310 [ 50.390124] kfree+0x7c/0x120 [ 50.390619] kasan_strings+0xc3/0x510 [ 50.391653] kunit_try_run_case+0x126/0x290 [ 50.392317] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.393282] kthread+0x19e/0x1e0 [ 50.393872] ret_from_fork+0x41/0x70 [ 50.394628] ret_from_fork_asm+0x1b/0x30 [ 50.395410] [ 50.395771] The buggy address belongs to the object at ffff8881028cedc0 [ 50.395771] which belongs to the cache kmalloc-32 of size 32 [ 50.397245] The buggy address is located 16 bytes inside of [ 50.397245] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.398602] [ 50.399247] The buggy address belongs to the physical page: [ 50.400051] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.401193] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.401944] page_type: 0xffffffff() [ 50.402962] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.404095] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.405211] page dumped because: kasan: bad access detected [ 50.405890] [ 50.406636] Memory state around the buggy address: [ 50.407593] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.408319] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.409411] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.410348] ^ [ 50.411305] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.412500] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.413498] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strrchr
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strrchr: Failure
[ 50.291197] ================================================================== [ 50.292009] BUG: KASAN: slab-use-after-free in strrchr+0x1e/0x40 [ 50.292321] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.292633] [ 50.292796] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.293984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.294721] Call Trace: [ 50.295416] <TASK> [ 50.295847] dump_stack_lvl+0x4e/0x90 [ 50.296514] print_report+0xd2/0x660 [ 50.297237] ? __virt_addr_valid+0x156/0x1e0 [ 50.297874] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.298534] kasan_report+0xff/0x140 [ 50.299426] ? strrchr+0x1e/0x40 [ 50.300168] ? strrchr+0x1e/0x40 [ 50.300676] __asan_load1+0x66/0x70 [ 50.301246] strrchr+0x1e/0x40 [ 50.301862] kasan_strings+0x11f/0x510 [ 50.302451] ? __pfx_kasan_strings+0x10/0x10 [ 50.303487] ? __schedule+0x70b/0x1190 [ 50.303978] ? ktime_get_ts64+0x118/0x140 [ 50.304559] kunit_try_run_case+0x126/0x290 [ 50.305130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.305916] ? __kasan_check_write+0x18/0x20 [ 50.306631] ? trace_preempt_on+0x20/0xa0 [ 50.307342] ? __kthread_parkme+0x4f/0xd0 [ 50.307920] ? preempt_count_sub+0x50/0x80 [ 50.308630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.309752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.310664] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.311522] kthread+0x19e/0x1e0 [ 50.312233] ? __pfx_kthread+0x10/0x10 [ 50.312840] ret_from_fork+0x41/0x70 [ 50.313433] ? __pfx_kthread+0x10/0x10 [ 50.314445] ret_from_fork_asm+0x1b/0x30 [ 50.315344] </TASK> [ 50.315922] [ 50.316444] Allocated by task 222: [ 50.316789] kasan_save_stack+0x3c/0x60 [ 50.317373] kasan_set_track+0x29/0x40 [ 50.317820] kasan_save_alloc_info+0x22/0x30 [ 50.318588] __kasan_kmalloc+0xb7/0xc0 [ 50.319191] kmalloc_trace+0x4c/0xb0 [ 50.319683] kasan_strings+0x9f/0x510 [ 50.320150] kunit_try_run_case+0x126/0x290 [ 50.321377] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.322113] kthread+0x19e/0x1e0 [ 50.322653] ret_from_fork+0x41/0x70 [ 50.323101] ret_from_fork_asm+0x1b/0x30 [ 50.323703] [ 50.324125] Freed by task 222: [ 50.324563] kasan_save_stack+0x3c/0x60 [ 50.325367] kasan_set_track+0x29/0x40 [ 50.325901] kasan_save_free_info+0x2f/0x50 [ 50.326493] ____kasan_slab_free+0x172/0x1d0 [ 50.326991] __kasan_slab_free+0x16/0x20 [ 50.327517] __kmem_cache_free+0x190/0x310 [ 50.328479] kfree+0x7c/0x120 [ 50.329085] kasan_strings+0xc3/0x510 [ 50.329615] kunit_try_run_case+0x126/0x290 [ 50.330706] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.331413] kthread+0x19e/0x1e0 [ 50.332005] ret_from_fork+0x41/0x70 [ 50.332476] ret_from_fork_asm+0x1b/0x30 [ 50.332954] [ 50.333231] The buggy address belongs to the object at ffff8881028cedc0 [ 50.333231] which belongs to the cache kmalloc-32 of size 32 [ 50.334664] The buggy address is located 16 bytes inside of [ 50.334664] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.336676] [ 50.336973] The buggy address belongs to the physical page: [ 50.337610] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.338500] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.338988] page_type: 0xffffffff() [ 50.339505] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.340376] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.341329] page dumped because: kasan: bad access detected [ 50.342094] [ 50.342408] Memory state around the buggy address: [ 50.343143] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.344003] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.344988] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.346036] ^ [ 50.346679] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.347316] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.348483] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-strchr
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-strchr: Failure
[ 50.226141] ================================================================== [ 50.227131] BUG: KASAN: slab-use-after-free in strchr+0x18/0x60 [ 50.227825] Read of size 1 at addr ffff8881028cedd0 by task kunit_try_catch/222 [ 50.228475] [ 50.229902] CPU: 1 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.231280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.231941] Call Trace: [ 50.232272] <TASK> [ 50.233333] dump_stack_lvl+0x4e/0x90 [ 50.234045] print_report+0xd2/0x660 [ 50.234613] ? __virt_addr_valid+0x156/0x1e0 [ 50.235474] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.236334] kasan_report+0xff/0x140 [ 50.236814] ? strchr+0x18/0x60 [ 50.237543] ? strchr+0x18/0x60 [ 50.237958] __asan_load1+0x66/0x70 [ 50.238572] strchr+0x18/0x60 [ 50.239169] kasan_strings+0xdf/0x510 [ 50.240011] ? __pfx_kasan_strings+0x10/0x10 [ 50.240617] ? __schedule+0x70b/0x1190 [ 50.241359] ? ktime_get_ts64+0x118/0x140 [ 50.242098] kunit_try_run_case+0x126/0x290 [ 50.243037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.243595] ? __kasan_check_write+0x18/0x20 [ 50.244476] ? trace_preempt_on+0x20/0xa0 [ 50.245203] ? __kthread_parkme+0x4f/0xd0 [ 50.245763] ? preempt_count_sub+0x50/0x80 [ 50.246362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.247065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.247972] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.249077] kthread+0x19e/0x1e0 [ 50.249633] ? __pfx_kthread+0x10/0x10 [ 50.250404] ret_from_fork+0x41/0x70 [ 50.251171] ? __pfx_kthread+0x10/0x10 [ 50.251904] ret_from_fork_asm+0x1b/0x30 [ 50.252576] </TASK> [ 50.252904] [ 50.253660] Allocated by task 222: [ 50.254349] kasan_save_stack+0x3c/0x60 [ 50.255129] kasan_set_track+0x29/0x40 [ 50.255614] kasan_save_alloc_info+0x22/0x30 [ 50.256328] __kasan_kmalloc+0xb7/0xc0 [ 50.256923] kmalloc_trace+0x4c/0xb0 [ 50.257706] kasan_strings+0x9f/0x510 [ 50.258810] kunit_try_run_case+0x126/0x290 [ 50.259626] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.260543] kthread+0x19e/0x1e0 [ 50.261119] ret_from_fork+0x41/0x70 [ 50.262364] ret_from_fork_asm+0x1b/0x30 [ 50.263053] [ 50.263361] Freed by task 222: [ 50.264243] kasan_save_stack+0x3c/0x60 [ 50.264960] kasan_set_track+0x29/0x40 [ 50.265438] kasan_save_free_info+0x2f/0x50 [ 50.266374] ____kasan_slab_free+0x172/0x1d0 [ 50.266869] __kasan_slab_free+0x16/0x20 [ 50.267509] __kmem_cache_free+0x190/0x310 [ 50.268110] kfree+0x7c/0x120 [ 50.268569] kasan_strings+0xc3/0x510 [ 50.269034] kunit_try_run_case+0x126/0x290 [ 50.269619] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.271392] kthread+0x19e/0x1e0 [ 50.271797] ret_from_fork+0x41/0x70 [ 50.272322] ret_from_fork_asm+0x1b/0x30 [ 50.272906] [ 50.273315] The buggy address belongs to the object at ffff8881028cedc0 [ 50.273315] which belongs to the cache kmalloc-32 of size 32 [ 50.274576] The buggy address is located 16 bytes inside of [ 50.274576] freed 32-byte region [ffff8881028cedc0, ffff8881028cede0) [ 50.276530] [ 50.276847] The buggy address belongs to the physical page: [ 50.277340] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.278661] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.279404] page_type: 0xffffffff() [ 50.280467] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.281268] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.282068] page dumped because: kasan: bad access detected [ 50.282446] [ 50.282710] Memory state around the buggy address: [ 50.283473] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.284534] ffff8881028ced00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.285459] >ffff8881028ced80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 50.286213] ^ [ 50.286803] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.287671] ffff8881028cee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.288580] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
[ 50.165756] ================================================================== [ 50.166700] BUG: KASAN: slab-out-of-bounds in memcmp+0x3d/0xb0 [ 50.167484] Read of size 1 at addr ffff8881028ced58 by task kunit_try_catch/220 [ 50.168912] [ 50.169321] CPU: 1 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.170331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.171369] Call Trace: [ 50.171635] <TASK> [ 50.172050] dump_stack_lvl+0x4e/0x90 [ 50.172643] print_report+0xd2/0x660 [ 50.173336] ? __virt_addr_valid+0x156/0x1e0 [ 50.173919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.174656] kasan_report+0xff/0x140 [ 50.175169] ? memcmp+0x3d/0xb0 [ 50.175871] ? memcmp+0x3d/0xb0 [ 50.176540] __asan_load1+0x66/0x70 [ 50.177524] memcmp+0x3d/0xb0 [ 50.178103] kasan_memcmp+0x100/0x230 [ 50.178794] ? __pfx_kasan_memcmp+0x10/0x10 [ 50.179607] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 50.180441] ? ktime_get_ts64+0x118/0x140 [ 50.181160] kunit_try_run_case+0x126/0x290 [ 50.181758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.182853] ? __kasan_check_write+0x18/0x20 [ 50.183430] ? trace_preempt_on+0x20/0xa0 [ 50.184174] ? __kthread_parkme+0x4f/0xd0 [ 50.184816] ? preempt_count_sub+0x50/0x80 [ 50.185310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.185842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.186685] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.187333] kthread+0x19e/0x1e0 [ 50.187836] ? __pfx_kthread+0x10/0x10 [ 50.188495] ret_from_fork+0x41/0x70 [ 50.189178] ? __pfx_kthread+0x10/0x10 [ 50.189968] ret_from_fork_asm+0x1b/0x30 [ 50.190555] </TASK> [ 50.190947] [ 50.191673] Allocated by task 220: [ 50.192474] kasan_save_stack+0x3c/0x60 [ 50.193234] kasan_set_track+0x29/0x40 [ 50.193715] kasan_save_alloc_info+0x22/0x30 [ 50.194530] __kasan_kmalloc+0xb7/0xc0 [ 50.194931] kmalloc_trace+0x4c/0xb0 [ 50.195494] kasan_memcmp+0xb0/0x230 [ 50.196121] kunit_try_run_case+0x126/0x290 [ 50.196879] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.197830] kthread+0x19e/0x1e0 [ 50.198483] ret_from_fork+0x41/0x70 [ 50.199309] ret_from_fork_asm+0x1b/0x30 [ 50.199851] [ 50.200090] The buggy address belongs to the object at ffff8881028ced40 [ 50.200090] which belongs to the cache kmalloc-32 of size 32 [ 50.201039] The buggy address is located 0 bytes to the right of [ 50.201039] allocated 24-byte region [ffff8881028ced40, ffff8881028ced58) [ 50.202111] [ 50.202448] The buggy address belongs to the physical page: [ 50.203438] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.204576] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.205633] page_type: 0xffffffff() [ 50.206406] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.207440] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.208137] page dumped because: kasan: bad access detected [ 50.209043] [ 50.209177] Memory state around the buggy address: [ 50.209413] ffff8881028cec00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.209722] ffff8881028cec80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.210862] >ffff8881028ced00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 50.212228] ^ [ 50.212935] ffff8881028ced80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.214334] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.215240] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-memchr
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-memchr: Failure
[ 50.102614] ================================================================== [ 50.104495] BUG: KASAN: slab-out-of-bounds in memchr+0x27/0x60 [ 50.105794] Read of size 1 at addr ffff8881028ced18 by task kunit_try_catch/218 [ 50.106720] [ 50.107071] CPU: 1 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.108105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.109286] Call Trace: [ 50.109763] <TASK> [ 50.110219] dump_stack_lvl+0x4e/0x90 [ 50.111397] print_report+0xd2/0x660 [ 50.112358] ? __virt_addr_valid+0x156/0x1e0 [ 50.113055] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.113834] kasan_report+0xff/0x140 [ 50.114496] ? memchr+0x27/0x60 [ 50.115056] ? memchr+0x27/0x60 [ 50.115576] __asan_load1+0x66/0x70 [ 50.116209] memchr+0x27/0x60 [ 50.116807] kasan_memchr+0xdd/0x1f0 [ 50.117451] ? __pfx_kasan_memchr+0x10/0x10 [ 50.118057] ? __schedule+0x70b/0x1190 [ 50.118818] ? ktime_get_ts64+0x118/0x140 [ 50.119438] kunit_try_run_case+0x126/0x290 [ 50.120002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.120552] ? __kasan_check_write+0x18/0x20 [ 50.121892] ? trace_preempt_on+0x20/0xa0 [ 50.122583] ? __kthread_parkme+0x4f/0xd0 [ 50.123476] ? preempt_count_sub+0x50/0x80 [ 50.124192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.124824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.125510] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.126158] kthread+0x19e/0x1e0 [ 50.126693] ? __pfx_kthread+0x10/0x10 [ 50.127335] ret_from_fork+0x41/0x70 [ 50.127936] ? __pfx_kthread+0x10/0x10 [ 50.128647] ret_from_fork_asm+0x1b/0x30 [ 50.129496] </TASK> [ 50.130008] [ 50.130487] Allocated by task 218: [ 50.130953] kasan_save_stack+0x3c/0x60 [ 50.131876] kasan_set_track+0x29/0x40 [ 50.132811] kasan_save_alloc_info+0x22/0x30 [ 50.133294] __kasan_kmalloc+0xb7/0xc0 [ 50.133841] kmalloc_trace+0x4c/0xb0 [ 50.134702] kasan_memchr+0x9f/0x1f0 [ 50.135464] kunit_try_run_case+0x126/0x290 [ 50.136372] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.137066] kthread+0x19e/0x1e0 [ 50.138013] ret_from_fork+0x41/0x70 [ 50.138720] ret_from_fork_asm+0x1b/0x30 [ 50.139415] [ 50.139678] The buggy address belongs to the object at ffff8881028ced00 [ 50.139678] which belongs to the cache kmalloc-32 of size 32 [ 50.140706] The buggy address is located 0 bytes to the right of [ 50.140706] allocated 24-byte region [ffff8881028ced00, ffff8881028ced18) [ 50.141914] [ 50.142265] The buggy address belongs to the physical page: [ 50.143022] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ce [ 50.144562] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.145492] page_type: 0xffffffff() [ 50.146202] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 50.147200] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 50.148247] page dumped because: kasan: bad access detected [ 50.148831] [ 50.149669] Memory state around the buggy address: [ 50.150818] ffff8881028cec00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 50.151496] ffff8881028cec80: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 50.152497] >ffff8881028ced00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.153244] ^ [ 50.153924] ffff8881028ced80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.155223] ffff8881028cee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.155893] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
[ 50.023535] ================================================================== [ 50.024623] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0xce/0x1d0 [ 50.025935] Read of size 1 at addr ffff888101ce1c80 by task kunit_try_catch/216 [ 50.027513] [ 50.027950] CPU: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.029034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.030136] Call Trace: [ 50.030400] <TASK> [ 50.030813] dump_stack_lvl+0x4e/0x90 [ 50.031480] print_report+0xd2/0x660 [ 50.032119] ? __virt_addr_valid+0x156/0x1e0 [ 50.032686] ? kasan_complete_mode_report_info+0x64/0x200 [ 50.033667] kasan_report+0xff/0x140 [ 50.034270] ? kmem_cache_double_destroy+0xce/0x1d0 [ 50.035494] ? kmem_cache_double_destroy+0xce/0x1d0 [ 50.036464] ? kmem_cache_double_destroy+0xce/0x1d0 [ 50.037253] __kasan_check_byte+0x3d/0x50 [ 50.037974] kmem_cache_destroy+0x25/0x170 [ 50.038766] kmem_cache_double_destroy+0xce/0x1d0 [ 50.039348] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 50.040035] ? __schedule+0x70b/0x1190 [ 50.041080] ? ktime_get_ts64+0x118/0x140 [ 50.041665] kunit_try_run_case+0x126/0x290 [ 50.042397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.043163] ? __kasan_check_write+0x18/0x20 [ 50.043968] ? trace_preempt_on+0x20/0xa0 [ 50.044657] ? __kthread_parkme+0x4f/0xd0 [ 50.045366] ? preempt_count_sub+0x50/0x80 [ 50.046162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.047082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.047766] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.048656] kthread+0x19e/0x1e0 [ 50.049080] ? __pfx_kthread+0x10/0x10 [ 50.049650] ret_from_fork+0x41/0x70 [ 50.050633] ? __pfx_kthread+0x10/0x10 [ 50.051504] ret_from_fork_asm+0x1b/0x30 [ 50.052278] </TASK> [ 50.052676] [ 50.052979] Allocated by task 216: [ 50.053562] kasan_save_stack+0x3c/0x60 [ 50.054119] kasan_set_track+0x29/0x40 [ 50.054788] kasan_save_alloc_info+0x22/0x30 [ 50.055522] __kasan_slab_alloc+0x91/0xa0 [ 50.056098] kmem_cache_alloc+0x180/0x3b0 [ 50.056943] kmem_cache_create_usercopy+0x13e/0x230 [ 50.057567] kmem_cache_create+0x1a/0x20 [ 50.058369] kmem_cache_double_destroy+0x97/0x1d0 [ 50.059153] kunit_try_run_case+0x126/0x290 [ 50.059616] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.060758] kthread+0x19e/0x1e0 [ 50.061432] ret_from_fork+0x41/0x70 [ 50.062279] ret_from_fork_asm+0x1b/0x30 [ 50.062851] [ 50.063099] Freed by task 216: [ 50.064183] kasan_save_stack+0x3c/0x60 [ 50.064700] kasan_set_track+0x29/0x40 [ 50.065471] kasan_save_free_info+0x2f/0x50 [ 50.066205] ____kasan_slab_free+0x172/0x1d0 [ 50.066876] __kasan_slab_free+0x16/0x20 [ 50.067760] kmem_cache_free+0x1a7/0x4b0 [ 50.068580] slab_kmem_cache_release+0x2e/0x40 [ 50.069292] kmem_cache_release+0x16/0x20 [ 50.069790] kobject_put+0xf6/0x250 [ 50.070372] sysfs_slab_release+0x24/0x30 [ 50.071290] kmem_cache_destroy+0xd2/0x170 [ 50.072012] kmem_cache_double_destroy+0xb7/0x1d0 [ 50.072921] kunit_try_run_case+0x126/0x290 [ 50.073678] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.074428] kthread+0x19e/0x1e0 [ 50.075414] ret_from_fork+0x41/0x70 [ 50.076223] ret_from_fork_asm+0x1b/0x30 [ 50.077017] [ 50.077297] The buggy address belongs to the object at ffff888101ce1c80 [ 50.077297] which belongs to the cache kmem_cache of size 208 [ 50.078814] The buggy address is located 0 bytes inside of [ 50.078814] freed 208-byte region [ffff888101ce1c80, ffff888101ce1d50) [ 50.080485] [ 50.081186] The buggy address belongs to the physical page: [ 50.082062] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ce1 [ 50.083279] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.084312] page_type: 0xffffffff() [ 50.084847] raw: 0200000000000800 ffff888100041000 dead000000000122 0000000000000000 [ 50.085867] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 50.086781] page dumped because: kasan: bad access detected [ 50.087412] [ 50.087669] Memory state around the buggy address: [ 50.088140] ffff888101ce1b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.088797] ffff888101ce1c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.089946] >ffff888101ce1c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.090604] ^ [ 50.091166] ffff888101ce1d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 50.091795] ffff888101ce1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.092660] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
[ 49.951842] ================================================================== [ 49.952863] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0xe4/0x260 [ 49.953633] Free of addr ffff88810294f001 by task kunit_try_catch/214 [ 49.954494] [ 49.954901] CPU: 1 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.955766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.956396] Call Trace: [ 49.956834] <TASK> [ 49.957251] dump_stack_lvl+0x4e/0x90 [ 49.957888] print_report+0xd2/0x660 [ 49.958474] ? __virt_addr_valid+0x156/0x1e0 [ 49.959136] ? kmem_cache_invalid_free+0xe4/0x260 [ 49.959783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 49.960492] ? kmem_cache_invalid_free+0xe4/0x260 [ 49.961170] kasan_report_invalid_free+0xcf/0x100 [ 49.961824] ? kmem_cache_invalid_free+0xe4/0x260 [ 49.962532] ? kmem_cache_invalid_free+0xe4/0x260 [ 49.963181] ____kasan_slab_free+0x1c0/0x1d0 [ 49.963879] ? kmem_cache_invalid_free+0xe4/0x260 [ 49.964429] __kasan_slab_free+0x16/0x20 [ 49.965080] kmem_cache_free+0x1a7/0x4b0 [ 49.965619] kmem_cache_invalid_free+0xe4/0x260 [ 49.966339] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 49.967015] ? __schedule+0x70b/0x1190 [ 49.967626] ? ktime_get_ts64+0x118/0x140 [ 49.968300] kunit_try_run_case+0x126/0x290 [ 49.968975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.969558] ? __kasan_check_write+0x18/0x20 [ 49.970244] ? trace_preempt_on+0x20/0xa0 [ 49.970859] ? __kthread_parkme+0x4f/0xd0 [ 49.971469] ? preempt_count_sub+0x50/0x80 [ 49.972067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.972762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.973565] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.974297] kthread+0x19e/0x1e0 [ 49.974833] ? __pfx_kthread+0x10/0x10 [ 49.975347] ret_from_fork+0x41/0x70 [ 49.975971] ? __pfx_kthread+0x10/0x10 [ 49.976547] ret_from_fork_asm+0x1b/0x30 [ 49.977162] </TASK> [ 49.977550] [ 49.977901] Allocated by task 214: [ 49.978294] kasan_save_stack+0x3c/0x60 [ 49.978935] kasan_set_track+0x29/0x40 [ 49.979473] kasan_save_alloc_info+0x22/0x30 [ 49.980153] __kasan_slab_alloc+0x91/0xa0 [ 49.980637] kmem_cache_alloc+0x180/0x3b0 [ 49.981309] kmem_cache_invalid_free+0xbd/0x260 [ 49.981885] kunit_try_run_case+0x126/0x290 [ 49.982509] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.983179] kthread+0x19e/0x1e0 [ 49.983638] ret_from_fork+0x41/0x70 [ 49.984195] ret_from_fork_asm+0x1b/0x30 [ 49.984659] [ 49.985043] The buggy address belongs to the object at ffff88810294f000 [ 49.985043] which belongs to the cache test_cache of size 200 [ 49.986202] The buggy address is located 1 bytes inside of [ 49.986202] 200-byte region [ffff88810294f000, ffff88810294f0c8) [ 49.987225] [ 49.987568] The buggy address belongs to the physical page: [ 49.988215] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294f [ 49.989274] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.989916] page_type: 0xffffffff() [ 49.990420] raw: 0200000000000800 ffff888102947140 dead000000000122 0000000000000000 [ 49.991313] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 49.992046] page dumped because: kasan: bad access detected [ 49.992589] [ 49.992956] Memory state around the buggy address: [ 49.993541] ffff88810294ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.994219] ffff88810294ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.995080] >ffff88810294f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.995751] ^ [ 49.996231] ffff88810294f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 49.996963] ffff88810294f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.997668] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
[ 49.873541] ================================================================== [ 49.874457] BUG: KASAN: double-free in kmem_cache_double_free+0xeb/0x250 [ 49.875287] Free of addr ffff888102850000 by task kunit_try_catch/212 [ 49.877415] [ 49.877671] CPU: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.878582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.879331] Call Trace: [ 49.879755] <TASK> [ 49.880255] dump_stack_lvl+0x4e/0x90 [ 49.880890] print_report+0xd2/0x660 [ 49.881514] ? __virt_addr_valid+0x156/0x1e0 [ 49.882202] ? kmem_cache_double_free+0xeb/0x250 [ 49.882858] ? kasan_complete_mode_report_info+0x64/0x200 [ 49.883481] ? kmem_cache_double_free+0xeb/0x250 [ 49.884114] kasan_report_invalid_free+0xcf/0x100 [ 49.884724] ? kmem_cache_double_free+0xeb/0x250 [ 49.885442] ? kmem_cache_double_free+0xeb/0x250 [ 49.886197] ____kasan_slab_free+0x19c/0x1d0 [ 49.886878] ? kmem_cache_double_free+0xeb/0x250 [ 49.887460] __kasan_slab_free+0x16/0x20 [ 49.888156] kmem_cache_free+0x1a7/0x4b0 [ 49.888603] kmem_cache_double_free+0xeb/0x250 [ 49.889347] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 49.890105] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 49.890828] ? kunit_try_run_case+0x11b/0x290 [ 49.891473] kunit_try_run_case+0x126/0x290 [ 49.892095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.892727] ? __kasan_check_write+0x18/0x20 [ 49.893383] ? trace_preempt_on+0x20/0xa0 [ 49.894010] ? __kthread_parkme+0x4f/0xd0 [ 49.894558] ? preempt_count_sub+0x50/0x80 [ 49.895190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.895885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.896592] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.897268] kthread+0x19e/0x1e0 [ 49.897710] ? __pfx_kthread+0x10/0x10 [ 49.898425] ret_from_fork+0x41/0x70 [ 49.898992] ? __pfx_kthread+0x10/0x10 [ 49.899607] ret_from_fork_asm+0x1b/0x30 [ 49.900246] </TASK> [ 49.900617] [ 49.900968] Allocated by task 212: [ 49.901488] kasan_save_stack+0x3c/0x60 [ 49.902085] kasan_set_track+0x29/0x40 [ 49.902575] kasan_save_alloc_info+0x22/0x30 [ 49.903258] __kasan_slab_alloc+0x91/0xa0 [ 49.903824] kmem_cache_alloc+0x180/0x3b0 [ 49.904429] kmem_cache_double_free+0xba/0x250 [ 49.905017] kunit_try_run_case+0x126/0x290 [ 49.905638] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.906372] kthread+0x19e/0x1e0 [ 49.906916] ret_from_fork+0x41/0x70 [ 49.908066] ret_from_fork_asm+0x1b/0x30 [ 49.908546] [ 49.908880] Freed by task 212: [ 49.909376] kasan_save_stack+0x3c/0x60 [ 49.909897] kasan_set_track+0x29/0x40 [ 49.910424] kasan_save_free_info+0x2f/0x50 [ 49.911109] ____kasan_slab_free+0x172/0x1d0 [ 49.911769] __kasan_slab_free+0x16/0x20 [ 49.912348] kmem_cache_free+0x1a7/0x4b0 [ 49.912999] kmem_cache_double_free+0xd1/0x250 [ 49.913520] kunit_try_run_case+0x126/0x290 [ 49.914173] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.914889] kthread+0x19e/0x1e0 [ 49.915406] ret_from_fork+0x41/0x70 [ 49.916026] ret_from_fork_asm+0x1b/0x30 [ 49.916541] [ 49.916901] The buggy address belongs to the object at ffff888102850000 [ 49.916901] which belongs to the cache test_cache of size 200 [ 49.918050] The buggy address is located 0 bytes inside of [ 49.918050] 200-byte region [ffff888102850000, ffff8881028500c8) [ 49.919221] [ 49.919522] The buggy address belongs to the physical page: [ 49.920226] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 49.921148] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.921850] page_type: 0xffffffff() [ 49.922337] raw: 0200000000000800 ffff888101ce1b40 dead000000000122 0000000000000000 [ 49.923112] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 49.923995] page dumped because: kasan: bad access detected [ 49.924564] [ 49.924852] Memory state around the buggy address: [ 49.925459] ffff88810284ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.926220] ffff88810284ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.927023] >ffff888102850000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.927667] ^ [ 49.928240] ffff888102850080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 49.928984] ffff888102850100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.929771] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
[ 49.743716] ================================================================== [ 49.744383] BUG: KASAN: slab-use-after-free in ksize_uaf+0x108/0x310 [ 49.745106] Read of size 1 at addr ffff88810284c900 by task kunit_try_catch/210 [ 49.745919] [ 49.746256] CPU: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.748084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.749596] Call Trace: [ 49.750086] <TASK> [ 49.750446] dump_stack_lvl+0x4e/0x90 [ 49.751120] print_report+0xd2/0x660 [ 49.752188] ? __virt_addr_valid+0x156/0x1e0 [ 49.753237] ? kasan_complete_mode_report_info+0x64/0x200 [ 49.753856] kasan_report+0xff/0x140 [ 49.754338] ? ksize_uaf+0x108/0x310 [ 49.754944] ? ksize_uaf+0x108/0x310 [ 49.756185] __asan_load1+0x66/0x70 [ 49.756662] ksize_uaf+0x108/0x310 [ 49.757174] ? __pfx_ksize_uaf+0x10/0x10 [ 49.757660] ? __schedule+0x70b/0x1190 [ 49.758307] ? ktime_get_ts64+0x118/0x140 [ 49.758869] kunit_try_run_case+0x126/0x290 [ 49.759927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.760604] ? __kasan_check_write+0x18/0x20 [ 49.761277] ? trace_preempt_on+0x20/0xa0 [ 49.762177] ? __kthread_parkme+0x4f/0xd0 [ 49.762705] ? preempt_count_sub+0x50/0x80 [ 49.764169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.764720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.765416] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.766329] kthread+0x19e/0x1e0 [ 49.767219] ? __pfx_kthread+0x10/0x10 [ 49.768321] ret_from_fork+0x41/0x70 [ 49.768795] ? __pfx_kthread+0x10/0x10 [ 49.769278] ret_from_fork_asm+0x1b/0x30 [ 49.769892] </TASK> [ 49.770228] [ 49.770502] Allocated by task 210: [ 49.771709] kasan_save_stack+0x3c/0x60 [ 49.772179] kasan_set_track+0x29/0x40 [ 49.772616] kasan_save_alloc_info+0x22/0x30 [ 49.773247] __kasan_kmalloc+0xb7/0xc0 [ 49.773762] kmalloc_trace+0x4c/0xb0 [ 49.774348] ksize_uaf+0x9d/0x310 [ 49.774902] kunit_try_run_case+0x126/0x290 [ 49.775453] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.776871] kthread+0x19e/0x1e0 [ 49.777361] ret_from_fork+0x41/0x70 [ 49.777967] ret_from_fork_asm+0x1b/0x30 [ 49.778541] [ 49.778852] Freed by task 210: [ 49.779316] kasan_save_stack+0x3c/0x60 [ 49.779819] kasan_set_track+0x29/0x40 [ 49.780903] kasan_save_free_info+0x2f/0x50 [ 49.782210] ____kasan_slab_free+0x172/0x1d0 [ 49.782675] __kasan_slab_free+0x16/0x20 [ 49.783121] __kmem_cache_free+0x190/0x310 [ 49.783555] kfree+0x7c/0x120 [ 49.784008] ksize_uaf+0xbd/0x310 [ 49.785356] kunit_try_run_case+0x126/0x290 [ 49.786163] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.786753] kthread+0x19e/0x1e0 [ 49.787308] ret_from_fork+0x41/0x70 [ 49.787804] ret_from_fork_asm+0x1b/0x30 [ 49.789143] [ 49.789358] The buggy address belongs to the object at ffff88810284c900 [ 49.789358] which belongs to the cache kmalloc-128 of size 128 [ 49.790573] The buggy address is located 0 bytes inside of [ 49.790573] freed 128-byte region [ffff88810284c900, ffff88810284c980) [ 49.792269] [ 49.792779] The buggy address belongs to the physical page: [ 49.793292] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.794555] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.795220] page_type: 0xffffffff() [ 49.795692] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.796562] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.797298] page dumped because: kasan: bad access detected [ 49.798395] [ 49.798937] Memory state around the buggy address: [ 49.799967] ffff88810284c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.800767] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.801666] >ffff88810284c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.802220] ^ [ 49.802545] ffff88810284c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.803250] ffff88810284ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.804454] ================================================================== [ 49.805606] ================================================================== [ 49.806296] BUG: KASAN: slab-use-after-free in ksize_uaf+0x140/0x310 [ 49.806983] Read of size 1 at addr ffff88810284c978 by task kunit_try_catch/210 [ 49.808405] [ 49.808699] CPU: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.809873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.810717] Call Trace: [ 49.811381] <TASK> [ 49.811726] dump_stack_lvl+0x4e/0x90 [ 49.812255] print_report+0xd2/0x660 [ 49.812899] ? __virt_addr_valid+0x156/0x1e0 [ 49.813842] ? kasan_complete_mode_report_info+0x64/0x200 [ 49.814762] kasan_report+0xff/0x140 [ 49.815222] ? ksize_uaf+0x140/0x310 [ 49.815487] ? ksize_uaf+0x140/0x310 [ 49.815804] __asan_load1+0x66/0x70 [ 49.816350] ksize_uaf+0x140/0x310 [ 49.817136] ? __pfx_ksize_uaf+0x10/0x10 [ 49.817873] ? __schedule+0x70b/0x1190 [ 49.818468] ? ktime_get_ts64+0x118/0x140 [ 49.819072] kunit_try_run_case+0x126/0x290 [ 49.819968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.820514] ? __kasan_check_write+0x18/0x20 [ 49.821254] ? trace_preempt_on+0x20/0xa0 [ 49.822237] ? __kthread_parkme+0x4f/0xd0 [ 49.822922] ? preempt_count_sub+0x50/0x80 [ 49.823463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.824170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.824973] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.825682] kthread+0x19e/0x1e0 [ 49.826789] ? __pfx_kthread+0x10/0x10 [ 49.827320] ret_from_fork+0x41/0x70 [ 49.827960] ? __pfx_kthread+0x10/0x10 [ 49.828443] ret_from_fork_asm+0x1b/0x30 [ 49.828817] </TASK> [ 49.829140] [ 49.829410] Allocated by task 210: [ 49.829764] kasan_save_stack+0x3c/0x60 [ 49.830305] kasan_set_track+0x29/0x40 [ 49.831327] kasan_save_alloc_info+0x22/0x30 [ 49.832063] __kasan_kmalloc+0xb7/0xc0 [ 49.832704] kmalloc_trace+0x4c/0xb0 [ 49.833216] ksize_uaf+0x9d/0x310 [ 49.833667] kunit_try_run_case+0x126/0x290 [ 49.834262] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.834987] kthread+0x19e/0x1e0 [ 49.835573] ret_from_fork+0x41/0x70 [ 49.836280] ret_from_fork_asm+0x1b/0x30 [ 49.837326] [ 49.837617] Freed by task 210: [ 49.838119] kasan_save_stack+0x3c/0x60 [ 49.838678] kasan_set_track+0x29/0x40 [ 49.839173] kasan_save_free_info+0x2f/0x50 [ 49.839796] ____kasan_slab_free+0x172/0x1d0 [ 49.840540] __kasan_slab_free+0x16/0x20 [ 49.841011] __kmem_cache_free+0x190/0x310 [ 49.842003] kfree+0x7c/0x120 [ 49.842385] ksize_uaf+0xbd/0x310 [ 49.842872] kunit_try_run_case+0x126/0x290 [ 49.843378] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.844197] kthread+0x19e/0x1e0 [ 49.845085] ret_from_fork+0x41/0x70 [ 49.845780] ret_from_fork_asm+0x1b/0x30 [ 49.846398] [ 49.846824] The buggy address belongs to the object at ffff88810284c900 [ 49.846824] which belongs to the cache kmalloc-128 of size 128 [ 49.847564] The buggy address is located 120 bytes inside of [ 49.847564] freed 128-byte region [ffff88810284c900, ffff88810284c980) [ 49.848407] [ 49.849252] The buggy address belongs to the physical page: [ 49.849997] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.850939] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.851472] page_type: 0xffffffff() [ 49.852117] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.853397] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.853912] page dumped because: kasan: bad access detected [ 49.854290] [ 49.854888] Memory state around the buggy address: [ 49.855641] ffff88810284c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.856634] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.857553] >ffff88810284c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.858838] ^ [ 49.859549] ffff88810284c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.860365] ffff88810284ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.861084] ================================================================== [ 49.687411] ================================================================== [ 49.688527] BUG: KASAN: slab-use-after-free in ksize_uaf+0xd4/0x310 [ 49.689215] Read of size 1 at addr ffff88810284c900 by task kunit_try_catch/210 [ 49.690120] [ 49.690416] CPU: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.691312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.692300] Call Trace: [ 49.692720] <TASK> [ 49.693110] dump_stack_lvl+0x4e/0x90 [ 49.693686] print_report+0xd2/0x660 [ 49.694328] ? __virt_addr_valid+0x156/0x1e0 [ 49.694967] ? kasan_complete_mode_report_info+0x64/0x200 [ 49.695585] kasan_report+0xff/0x140 [ 49.696209] ? ksize_uaf+0xd4/0x310 [ 49.696811] ? ksize_uaf+0xd4/0x310 [ 49.697329] ? ksize_uaf+0xd4/0x310 [ 49.697947] __kasan_check_byte+0x3d/0x50 [ 49.698503] ksize+0x20/0x60 [ 49.699242] ksize_uaf+0xd4/0x310 [ 49.700213] ? __pfx_ksize_uaf+0x10/0x10 [ 49.701202] ? __schedule+0x70b/0x1190 [ 49.701970] ? ktime_get_ts64+0x118/0x140 [ 49.702546] kunit_try_run_case+0x126/0x290 [ 49.703138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.703692] ? __kasan_check_write+0x18/0x20 [ 49.704343] ? trace_preempt_on+0x20/0xa0 [ 49.704960] ? __kthread_parkme+0x4f/0xd0 [ 49.705389] ? preempt_count_sub+0x50/0x80 [ 49.706274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.707071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.707688] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.708402] kthread+0x19e/0x1e0 [ 49.708844] ? __pfx_kthread+0x10/0x10 [ 49.709518] ret_from_fork+0x41/0x70 [ 49.710054] ? __pfx_kthread+0x10/0x10 [ 49.710533] ret_from_fork_asm+0x1b/0x30 [ 49.711336] </TASK> [ 49.711774] [ 49.712055] Allocated by task 210: [ 49.712498] kasan_save_stack+0x3c/0x60 [ 49.713110] kasan_set_track+0x29/0x40 [ 49.713623] kasan_save_alloc_info+0x22/0x30 [ 49.714315] __kasan_kmalloc+0xb7/0xc0 [ 49.714824] kmalloc_trace+0x4c/0xb0 [ 49.715467] ksize_uaf+0x9d/0x310 [ 49.716021] kunit_try_run_case+0x126/0x290 [ 49.716592] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.717330] kthread+0x19e/0x1e0 [ 49.717810] ret_from_fork+0x41/0x70 [ 49.718425] ret_from_fork_asm+0x1b/0x30 [ 49.718944] [ 49.719217] Freed by task 210: [ 49.719670] kasan_save_stack+0x3c/0x60 [ 49.720213] kasan_set_track+0x29/0x40 [ 49.720833] kasan_save_free_info+0x2f/0x50 [ 49.721411] ____kasan_slab_free+0x172/0x1d0 [ 49.722075] __kasan_slab_free+0x16/0x20 [ 49.722656] __kmem_cache_free+0x190/0x310 [ 49.723216] kfree+0x7c/0x120 [ 49.723682] ksize_uaf+0xbd/0x310 [ 49.724197] kunit_try_run_case+0x126/0x290 [ 49.724720] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.725534] kthread+0x19e/0x1e0 [ 49.726132] ret_from_fork+0x41/0x70 [ 49.726642] ret_from_fork_asm+0x1b/0x30 [ 49.727297] [ 49.727576] The buggy address belongs to the object at ffff88810284c900 [ 49.727576] which belongs to the cache kmalloc-128 of size 128 [ 49.728790] The buggy address is located 0 bytes inside of [ 49.728790] freed 128-byte region [ffff88810284c900, ffff88810284c980) [ 49.729907] [ 49.730231] The buggy address belongs to the physical page: [ 49.730842] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.731766] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.732337] page_type: 0xffffffff() [ 49.732928] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.733672] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.734517] page dumped because: kasan: bad access detected [ 49.735169] [ 49.735497] Memory state around the buggy address: [ 49.736041] ffff88810284c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.736848] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.737599] >ffff88810284c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.738415] ^ [ 49.738918] ffff88810284c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.739627] ffff88810284ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.740453] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
[ 49.630670] ================================================================== [ 49.631419] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x183/0x3b0 [ 49.632209] Read of size 1 at addr ffff88810284c87f by task kunit_try_catch/208 [ 49.633073] [ 49.633368] CPU: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.634354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.635148] Call Trace: [ 49.635477] <TASK> [ 49.635883] dump_stack_lvl+0x4e/0x90 [ 49.636435] print_report+0xd2/0x660 [ 49.637005] ? __virt_addr_valid+0x156/0x1e0 [ 49.637518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 49.638339] kasan_report+0xff/0x140 [ 49.638860] ? ksize_unpoisons_memory+0x183/0x3b0 [ 49.639574] ? ksize_unpoisons_memory+0x183/0x3b0 [ 49.640141] __asan_load1+0x66/0x70 [ 49.640652] ksize_unpoisons_memory+0x183/0x3b0 [ 49.641241] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 49.641963] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 49.642633] ? __schedule+0x70b/0x1190 [ 49.643289] ? ktime_get_ts64+0x118/0x140 [ 49.644035] kunit_try_run_case+0x126/0x290 [ 49.644684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.645381] ? __kasan_check_write+0x18/0x20 [ 49.646056] ? trace_preempt_on+0x20/0xa0 [ 49.646548] ? __kthread_parkme+0x4f/0xd0 [ 49.647365] ? preempt_count_sub+0x50/0x80 [ 49.648075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.648670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.649631] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.650457] kthread+0x19e/0x1e0 [ 49.651328] ? __pfx_kthread+0x10/0x10 [ 49.651994] ret_from_fork+0x41/0x70 [ 49.652521] ? __pfx_kthread+0x10/0x10 [ 49.653219] ret_from_fork_asm+0x1b/0x30 [ 49.653807] </TASK> [ 49.654204] [ 49.654444] Allocated by task 208: [ 49.654975] kasan_save_stack+0x3c/0x60 [ 49.655625] kasan_set_track+0x29/0x40 [ 49.656176] kasan_save_alloc_info+0x22/0x30 [ 49.656859] __kasan_kmalloc+0xb7/0xc0 [ 49.657413] kmalloc_trace+0x4c/0xb0 [ 49.658094] ksize_unpoisons_memory+0xb0/0x3b0 [ 49.658671] kunit_try_run_case+0x126/0x290 [ 49.659265] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.660147] kthread+0x19e/0x1e0 [ 49.660764] ret_from_fork+0x41/0x70 [ 49.661390] ret_from_fork_asm+0x1b/0x30 [ 49.661977] [ 49.662215] The buggy address belongs to the object at ffff88810284c800 [ 49.662215] which belongs to the cache kmalloc-128 of size 128 [ 49.663616] The buggy address is located 12 bytes to the right of [ 49.663616] allocated 115-byte region [ffff88810284c800, ffff88810284c873) [ 49.665505] [ 49.665819] The buggy address belongs to the physical page: [ 49.666413] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.667319] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.667884] page_type: 0xffffffff() [ 49.669006] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.669858] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.670625] page dumped because: kasan: bad access detected [ 49.671130] [ 49.671428] Memory state around the buggy address: [ 49.672090] ffff88810284c700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.672772] ffff88810284c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.673990] >ffff88810284c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 49.675147] ^ [ 49.675920] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.676665] ffff88810284c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.677675] ================================================================== [ 49.586239] ================================================================== [ 49.587029] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x146/0x3b0 [ 49.587868] Read of size 1 at addr ffff88810284c878 by task kunit_try_catch/208 [ 49.588511] [ 49.588866] CPU: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.589594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.590536] Call Trace: [ 49.590891] <TASK> [ 49.591261] dump_stack_lvl+0x4e/0x90 [ 49.591875] print_report+0xd2/0x660 [ 49.592322] ? __virt_addr_valid+0x156/0x1e0 [ 49.592905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 49.593610] kasan_report+0xff/0x140 [ 49.594215] ? ksize_unpoisons_memory+0x146/0x3b0 [ 49.594939] ? ksize_unpoisons_memory+0x146/0x3b0 [ 49.595475] __asan_load1+0x66/0x70 [ 49.595963] ksize_unpoisons_memory+0x146/0x3b0 [ 49.596617] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 49.597350] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 49.597955] ? __schedule+0x70b/0x1190 [ 49.598532] ? ktime_get_ts64+0x118/0x140 [ 49.599127] kunit_try_run_case+0x126/0x290 [ 49.599775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.600330] ? __kasan_check_write+0x18/0x20 [ 49.600962] ? trace_preempt_on+0x20/0xa0 [ 49.601524] ? __kthread_parkme+0x4f/0xd0 [ 49.602078] ? preempt_count_sub+0x50/0x80 [ 49.602584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.603245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.603978] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.604771] kthread+0x19e/0x1e0 [ 49.605308] ? __pfx_kthread+0x10/0x10 [ 49.605920] ret_from_fork+0x41/0x70 [ 49.606475] ? __pfx_kthread+0x10/0x10 [ 49.606956] ret_from_fork_asm+0x1b/0x30 [ 49.607581] </TASK> [ 49.607986] [ 49.608299] Allocated by task 208: [ 49.608675] kasan_save_stack+0x3c/0x60 [ 49.609270] kasan_set_track+0x29/0x40 [ 49.609819] kasan_save_alloc_info+0x22/0x30 [ 49.610402] __kasan_kmalloc+0xb7/0xc0 [ 49.610928] kmalloc_trace+0x4c/0xb0 [ 49.611389] ksize_unpoisons_memory+0xb0/0x3b0 [ 49.612017] kunit_try_run_case+0x126/0x290 [ 49.612567] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.613264] kthread+0x19e/0x1e0 [ 49.613775] ret_from_fork+0x41/0x70 [ 49.614242] ret_from_fork_asm+0x1b/0x30 [ 49.614668] [ 49.615003] The buggy address belongs to the object at ffff88810284c800 [ 49.615003] which belongs to the cache kmalloc-128 of size 128 [ 49.616290] The buggy address is located 5 bytes to the right of [ 49.616290] allocated 115-byte region [ffff88810284c800, ffff88810284c873) [ 49.617484] [ 49.617753] The buggy address belongs to the physical page: [ 49.618397] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.619374] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.620059] page_type: 0xffffffff() [ 49.620504] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.621375] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.622072] page dumped because: kasan: bad access detected [ 49.622581] [ 49.622906] Memory state around the buggy address: [ 49.623470] ffff88810284c700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.624141] ffff88810284c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.624901] >ffff88810284c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 49.625655] ^ [ 49.626363] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.627172] ffff88810284c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.627893] ================================================================== [ 49.540472] ================================================================== [ 49.541588] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x10d/0x3b0 [ 49.542392] Read of size 1 at addr ffff88810284c873 by task kunit_try_catch/208 [ 49.543180] [ 49.543480] CPU: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.544387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.545279] Call Trace: [ 49.545681] <TASK> [ 49.546125] dump_stack_lvl+0x4e/0x90 [ 49.546730] print_report+0xd2/0x660 [ 49.547199] ? __virt_addr_valid+0x156/0x1e0 [ 49.547944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 49.548578] kasan_report+0xff/0x140 [ 49.549209] ? ksize_unpoisons_memory+0x10d/0x3b0 [ 49.549957] ? ksize_unpoisons_memory+0x10d/0x3b0 [ 49.550652] __asan_load1+0x66/0x70 [ 49.551212] ksize_unpoisons_memory+0x10d/0x3b0 [ 49.551859] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 49.552398] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 49.553150] ? __schedule+0x70b/0x1190 [ 49.553764] ? ktime_get_ts64+0x118/0x140 [ 49.554335] kunit_try_run_case+0x126/0x290 [ 49.555026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.555646] ? __kasan_check_write+0x18/0x20 [ 49.556296] ? trace_preempt_on+0x20/0xa0 [ 49.556922] ? __kthread_parkme+0x4f/0xd0 [ 49.557495] ? preempt_count_sub+0x50/0x80 [ 49.558124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.558684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.559555] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.560306] kthread+0x19e/0x1e0 [ 49.560852] ? __pfx_kthread+0x10/0x10 [ 49.561426] ret_from_fork+0x41/0x70 [ 49.562049] ? __pfx_kthread+0x10/0x10 [ 49.562596] ret_from_fork_asm+0x1b/0x30 [ 49.563261] </TASK> [ 49.563608] [ 49.563949] Allocated by task 208: [ 49.564406] kasan_save_stack+0x3c/0x60 [ 49.565052] kasan_set_track+0x29/0x40 [ 49.565520] kasan_save_alloc_info+0x22/0x30 [ 49.566213] __kasan_kmalloc+0xb7/0xc0 [ 49.566816] kmalloc_trace+0x4c/0xb0 [ 49.567410] ksize_unpoisons_memory+0xb0/0x3b0 [ 49.567995] kunit_try_run_case+0x126/0x290 [ 49.568613] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.569389] kthread+0x19e/0x1e0 [ 49.569933] ret_from_fork+0x41/0x70 [ 49.570452] ret_from_fork_asm+0x1b/0x30 [ 49.571102] [ 49.571395] The buggy address belongs to the object at ffff88810284c800 [ 49.571395] which belongs to the cache kmalloc-128 of size 128 [ 49.572652] The buggy address is located 0 bytes to the right of [ 49.572652] allocated 115-byte region [ffff88810284c800, ffff88810284c873) [ 49.574037] [ 49.574325] The buggy address belongs to the physical page: [ 49.574956] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10284c [ 49.576064] flags: 0x200000000000800(slab|node=0|zone=2) [ 49.576550] page_type: 0xffffffff() [ 49.577050] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 49.577856] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 49.579021] page dumped because: kasan: bad access detected [ 49.579586] [ 49.579888] Memory state around the buggy address: [ 49.580413] ffff88810284c700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.581129] ffff88810284c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.581885] >ffff88810284c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 49.582508] ^ [ 49.583187] ffff88810284c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.583939] ffff88810284c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.584569] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
[ 48.413924] ================================================================== [ 48.415039] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0xea/0x1f0 [ 48.415863] Read of size 64 at addr ffff8881028cfa04 by task kunit_try_catch/178 [ 48.416726] [ 48.417077] CPU: 1 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.417888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.418906] Call Trace: [ 48.419387] <TASK> [ 48.419842] dump_stack_lvl+0x4e/0x90 [ 48.420432] print_report+0xd2/0x660 [ 48.421016] ? __virt_addr_valid+0x156/0x1e0 [ 48.421303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.421606] kasan_report+0xff/0x140 [ 48.422162] ? kmalloc_memmove_invalid_size+0xea/0x1f0 [ 48.423379] ? kmalloc_memmove_invalid_size+0xea/0x1f0 [ 48.424198] kasan_check_range+0x10c/0x1c0 [ 48.424795] __asan_memmove+0x27/0x70 [ 48.425259] kmalloc_memmove_invalid_size+0xea/0x1f0 [ 48.425926] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 48.426499] ? __schedule+0x70b/0x1190 [ 48.427184] ? ktime_get_ts64+0x118/0x140 [ 48.427813] kunit_try_run_case+0x126/0x290 [ 48.428534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.429257] ? __kasan_check_write+0x18/0x20 [ 48.429989] ? trace_preempt_on+0x20/0xa0 [ 48.430563] ? __kthread_parkme+0x4f/0xd0 [ 48.431296] ? preempt_count_sub+0x50/0x80 [ 48.431863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.432458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.433266] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.433968] kthread+0x19e/0x1e0 [ 48.434519] ? __pfx_kthread+0x10/0x10 [ 48.435096] ret_from_fork+0x41/0x70 [ 48.435731] ? __pfx_kthread+0x10/0x10 [ 48.436346] ret_from_fork_asm+0x1b/0x30 [ 48.436942] </TASK> [ 48.437288] [ 48.437624] Allocated by task 178: [ 48.438224] kasan_save_stack+0x3c/0x60 [ 48.438800] kasan_set_track+0x29/0x40 [ 48.439314] kasan_save_alloc_info+0x22/0x30 [ 48.439908] __kasan_kmalloc+0xb7/0xc0 [ 48.440439] kmalloc_trace+0x4c/0xb0 [ 48.441000] kmalloc_memmove_invalid_size+0x9f/0x1f0 [ 48.441646] kunit_try_run_case+0x126/0x290 [ 48.442269] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.443048] kthread+0x19e/0x1e0 [ 48.443548] ret_from_fork+0x41/0x70 [ 48.444172] ret_from_fork_asm+0x1b/0x30 [ 48.444775] [ 48.445059] The buggy address belongs to the object at ffff8881028cfa00 [ 48.445059] which belongs to the cache kmalloc-64 of size 64 [ 48.446587] The buggy address is located 4 bytes inside of [ 48.446587] allocated 64-byte region [ffff8881028cfa00, ffff8881028cfa40) [ 48.447347] [ 48.447542] The buggy address belongs to the physical page: [ 48.448768] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cf [ 48.450381] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.450873] page_type: 0xffffffff() [ 48.451365] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 48.452184] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 48.452684] page dumped because: kasan: bad access detected [ 48.453143] [ 48.453344] Memory state around the buggy address: [ 48.453782] ffff8881028cf900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.454323] ffff8881028cf980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.456199] >ffff8881028cfa00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 48.456992] ^ [ 48.457610] ffff8881028cfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.458477] ffff8881028cfb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.459286] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
[ 48.359383] ================================================================== [ 48.360438] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0xeb/0x1f0 [ 48.361182] Read of size 18446744073709551614 at addr ffff8881028cf984 by task kunit_try_catch/176 [ 48.362094] [ 48.362414] CPU: 1 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.363414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.364416] Call Trace: [ 48.364760] <TASK> [ 48.365388] dump_stack_lvl+0x4e/0x90 [ 48.366025] print_report+0xd2/0x660 [ 48.366683] ? __virt_addr_valid+0x156/0x1e0 [ 48.367265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.367957] kasan_report+0xff/0x140 [ 48.368405] ? kmalloc_memmove_negative_size+0xeb/0x1f0 [ 48.369139] ? kmalloc_memmove_negative_size+0xeb/0x1f0 [ 48.369801] kasan_check_range+0x10c/0x1c0 [ 48.370401] __asan_memmove+0x27/0x70 [ 48.370999] kmalloc_memmove_negative_size+0xeb/0x1f0 [ 48.371685] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 48.372356] ? ret_from_fork+0x41/0x70 [ 48.372981] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 48.373657] ? kunit_try_run_case+0x11b/0x290 [ 48.374290] kunit_try_run_case+0x126/0x290 [ 48.374901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.375528] ? __kasan_check_write+0x18/0x20 [ 48.376156] ? trace_preempt_on+0x20/0xa0 [ 48.376676] ? __kthread_parkme+0x4f/0xd0 [ 48.377222] ? preempt_count_sub+0x50/0x80 [ 48.377849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.378494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.379261] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.379954] kthread+0x19e/0x1e0 [ 48.380421] ? __pfx_kthread+0x10/0x10 [ 48.381042] ret_from_fork+0x41/0x70 [ 48.381568] ? __pfx_kthread+0x10/0x10 [ 48.382198] ret_from_fork_asm+0x1b/0x30 [ 48.382879] </TASK> [ 48.383225] [ 48.383453] Allocated by task 176: [ 48.383953] kasan_save_stack+0x3c/0x60 [ 48.384499] kasan_set_track+0x29/0x40 [ 48.385025] kasan_save_alloc_info+0x22/0x30 [ 48.385599] __kasan_kmalloc+0xb7/0xc0 [ 48.386160] kmalloc_trace+0x4c/0xb0 [ 48.386725] kmalloc_memmove_negative_size+0x9f/0x1f0 [ 48.387316] kunit_try_run_case+0x126/0x290 [ 48.387854] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.388529] kthread+0x19e/0x1e0 [ 48.389106] ret_from_fork+0x41/0x70 [ 48.389635] ret_from_fork_asm+0x1b/0x30 [ 48.390134] [ 48.390377] The buggy address belongs to the object at ffff8881028cf980 [ 48.390377] which belongs to the cache kmalloc-64 of size 64 [ 48.391599] The buggy address is located 4 bytes inside of [ 48.391599] 64-byte region [ffff8881028cf980, ffff8881028cf9c0) [ 48.392534] [ 48.392818] The buggy address belongs to the physical page: [ 48.393493] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028cf [ 48.394571] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.395313] page_type: 0xffffffff() [ 48.395908] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 48.396676] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 48.397572] page dumped because: kasan: bad access detected [ 48.398227] [ 48.398533] Memory state around the buggy address: [ 48.399085] ffff8881028cf880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.399973] ffff8881028cf900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.400781] >ffff8881028cf980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 48.401576] ^ [ 48.402104] ffff8881028cfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.402892] ffff8881028cfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.403626] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
[ 48.296861] ================================================================== [ 48.298013] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0xdd/0x1e0 [ 48.298921] Write of size 16 at addr ffff888102944169 by task kunit_try_catch/174 [ 48.299749] [ 48.300782] CPU: 1 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.301834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.302885] Call Trace: [ 48.303230] <TASK> [ 48.303484] dump_stack_lvl+0x4e/0x90 [ 48.304603] print_report+0xd2/0x660 [ 48.305142] ? __virt_addr_valid+0x156/0x1e0 [ 48.305929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.306770] kasan_report+0xff/0x140 [ 48.307669] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 48.308648] ? kmalloc_oob_memset_16+0xdd/0x1e0 [ 48.309496] kasan_check_range+0x10c/0x1c0 [ 48.310205] __asan_memset+0x27/0x50 [ 48.310813] kmalloc_oob_memset_16+0xdd/0x1e0 [ 48.311504] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 48.312095] ? __schedule+0x70b/0x1190 [ 48.312701] ? ktime_get_ts64+0x118/0x140 [ 48.313183] kunit_try_run_case+0x126/0x290 [ 48.313892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.314444] ? __kasan_check_write+0x18/0x20 [ 48.315150] ? trace_preempt_on+0x20/0xa0 [ 48.315774] ? __kthread_parkme+0x4f/0xd0 [ 48.316242] ? preempt_count_sub+0x50/0x80 [ 48.316931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.317575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.319129] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.320001] kthread+0x19e/0x1e0 [ 48.320652] ? __pfx_kthread+0x10/0x10 [ 48.321376] ret_from_fork+0x41/0x70 [ 48.322145] ? __pfx_kthread+0x10/0x10 [ 48.322639] ret_from_fork_asm+0x1b/0x30 [ 48.323387] </TASK> [ 48.324197] [ 48.324363] Allocated by task 174: [ 48.324551] kasan_save_stack+0x3c/0x60 [ 48.324897] kasan_set_track+0x29/0x40 [ 48.326343] kasan_save_alloc_info+0x22/0x30 [ 48.327062] __kasan_kmalloc+0xb7/0xc0 [ 48.327782] kmalloc_trace+0x4c/0xb0 [ 48.328843] kmalloc_oob_memset_16+0x9f/0x1e0 [ 48.329389] kunit_try_run_case+0x126/0x290 [ 48.330150] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.330901] kthread+0x19e/0x1e0 [ 48.331560] ret_from_fork+0x41/0x70 [ 48.332314] ret_from_fork_asm+0x1b/0x30 [ 48.332925] [ 48.333426] The buggy address belongs to the object at ffff888102944100 [ 48.333426] which belongs to the cache kmalloc-128 of size 128 [ 48.335488] The buggy address is located 105 bytes inside of [ 48.335488] allocated 120-byte region [ffff888102944100, ffff888102944178) [ 48.336718] [ 48.337183] The buggy address belongs to the physical page: [ 48.337782] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102944 [ 48.339327] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.339934] page_type: 0xffffffff() [ 48.340570] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 48.341347] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 48.342286] page dumped because: kasan: bad access detected [ 48.342936] [ 48.343217] Memory state around the buggy address: [ 48.343767] ffff888102944000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.344645] ffff888102944080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.346203] >ffff888102944100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 48.346858] ^ [ 48.347510] ffff888102944180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.348481] ffff888102944200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.349308] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
[ 48.236661] ================================================================== [ 48.237623] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0xdd/0x1e0 [ 48.238366] Write of size 8 at addr ffff888102944071 by task kunit_try_catch/172 [ 48.239669] [ 48.240391] CPU: 1 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.241396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.242225] Call Trace: [ 48.242650] <TASK> [ 48.243045] dump_stack_lvl+0x4e/0x90 [ 48.243655] print_report+0xd2/0x660 [ 48.244378] ? __virt_addr_valid+0x156/0x1e0 [ 48.245266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.245932] kasan_report+0xff/0x140 [ 48.246707] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 48.247634] ? kmalloc_oob_memset_8+0xdd/0x1e0 [ 48.248563] kasan_check_range+0x10c/0x1c0 [ 48.249414] __asan_memset+0x27/0x50 [ 48.250060] kmalloc_oob_memset_8+0xdd/0x1e0 [ 48.250617] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 48.251504] ? __schedule+0x70b/0x1190 [ 48.252408] ? ktime_get_ts64+0x118/0x140 [ 48.253189] kunit_try_run_case+0x126/0x290 [ 48.254092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.254608] ? __kasan_check_write+0x18/0x20 [ 48.255427] ? trace_preempt_on+0x20/0xa0 [ 48.256205] ? __kthread_parkme+0x4f/0xd0 [ 48.256470] ? preempt_count_sub+0x50/0x80 [ 48.256756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.257789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.258605] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.259362] kthread+0x19e/0x1e0 [ 48.259957] ? __pfx_kthread+0x10/0x10 [ 48.260541] ret_from_fork+0x41/0x70 [ 48.261334] ? __pfx_kthread+0x10/0x10 [ 48.261851] ret_from_fork_asm+0x1b/0x30 [ 48.262752] </TASK> [ 48.263159] [ 48.263653] Allocated by task 172: [ 48.264240] kasan_save_stack+0x3c/0x60 [ 48.264698] kasan_set_track+0x29/0x40 [ 48.265302] kasan_save_alloc_info+0x22/0x30 [ 48.265834] __kasan_kmalloc+0xb7/0xc0 [ 48.266654] kmalloc_trace+0x4c/0xb0 [ 48.267440] kmalloc_oob_memset_8+0x9f/0x1e0 [ 48.268263] kunit_try_run_case+0x126/0x290 [ 48.268956] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.270250] kthread+0x19e/0x1e0 [ 48.270929] ret_from_fork+0x41/0x70 [ 48.271678] ret_from_fork_asm+0x1b/0x30 [ 48.272423] [ 48.272932] The buggy address belongs to the object at ffff888102944000 [ 48.272932] which belongs to the cache kmalloc-128 of size 128 [ 48.274545] The buggy address is located 113 bytes inside of [ 48.274545] allocated 120-byte region [ffff888102944000, ffff888102944078) [ 48.275828] [ 48.276325] The buggy address belongs to the physical page: [ 48.277199] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102944 [ 48.278104] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.278922] page_type: 0xffffffff() [ 48.279567] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 48.280725] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 48.281769] page dumped because: kasan: bad access detected [ 48.282429] [ 48.282730] Memory state around the buggy address: [ 48.283307] ffff888102943f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.284106] ffff888102943f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.284890] >ffff888102944000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 48.285525] ^ [ 48.286254] ffff888102944080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.287039] ffff888102944100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.287832] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
[ 48.174667] ================================================================== [ 48.175670] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0xdd/0x1e0 [ 48.176282] Write of size 4 at addr ffff888102941e75 by task kunit_try_catch/170 [ 48.177165] [ 48.177485] CPU: 1 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.178757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.180258] Call Trace: [ 48.180550] <TASK> [ 48.181268] dump_stack_lvl+0x4e/0x90 [ 48.181903] print_report+0xd2/0x660 [ 48.182564] ? __virt_addr_valid+0x156/0x1e0 [ 48.183313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.184180] kasan_report+0xff/0x140 [ 48.184768] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 48.185478] ? kmalloc_oob_memset_4+0xdd/0x1e0 [ 48.186330] kasan_check_range+0x10c/0x1c0 [ 48.186893] __asan_memset+0x27/0x50 [ 48.187597] kmalloc_oob_memset_4+0xdd/0x1e0 [ 48.188436] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 48.189157] ? __schedule+0x70b/0x1190 [ 48.189876] ? ktime_get_ts64+0x118/0x140 [ 48.190556] kunit_try_run_case+0x126/0x290 [ 48.191357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.192161] ? __kasan_check_write+0x18/0x20 [ 48.192694] ? trace_preempt_on+0x20/0xa0 [ 48.193297] ? __kthread_parkme+0x4f/0xd0 [ 48.194182] ? preempt_count_sub+0x50/0x80 [ 48.194893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.195669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.196478] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.197382] kthread+0x19e/0x1e0 [ 48.197953] ? __pfx_kthread+0x10/0x10 [ 48.198433] ret_from_fork+0x41/0x70 [ 48.199305] ? __pfx_kthread+0x10/0x10 [ 48.199932] ret_from_fork_asm+0x1b/0x30 [ 48.200720] </TASK> [ 48.201067] [ 48.201624] Allocated by task 170: [ 48.202290] kasan_save_stack+0x3c/0x60 [ 48.202869] kasan_set_track+0x29/0x40 [ 48.203547] kasan_save_alloc_info+0x22/0x30 [ 48.204206] __kasan_kmalloc+0xb7/0xc0 [ 48.204771] kmalloc_trace+0x4c/0xb0 [ 48.205438] kmalloc_oob_memset_4+0x9f/0x1e0 [ 48.206167] kunit_try_run_case+0x126/0x290 [ 48.207049] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.207573] kthread+0x19e/0x1e0 [ 48.208347] ret_from_fork+0x41/0x70 [ 48.209078] ret_from_fork_asm+0x1b/0x30 [ 48.209600] [ 48.210021] The buggy address belongs to the object at ffff888102941e00 [ 48.210021] which belongs to the cache kmalloc-128 of size 128 [ 48.211272] The buggy address is located 117 bytes inside of [ 48.211272] allocated 120-byte region [ffff888102941e00, ffff888102941e78) [ 48.213068] [ 48.213335] The buggy address belongs to the physical page: [ 48.214292] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102941 [ 48.215393] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.216409] page_type: 0xffffffff() [ 48.217159] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 48.218184] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 48.219018] page dumped because: kasan: bad access detected [ 48.219688] [ 48.220274] Memory state around the buggy address: [ 48.220831] ffff888102941d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.221825] ffff888102941d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.222862] >ffff888102941e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 48.223993] ^ [ 48.224704] ffff888102941e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.225296] ffff888102941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.226416] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
[ 48.117359] ================================================================== [ 48.118410] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0xdd/0x1e0 [ 48.119276] Write of size 2 at addr ffff888102844a77 by task kunit_try_catch/168 [ 48.120147] [ 48.120449] CPU: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.121297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.122205] Call Trace: [ 48.122646] <TASK> [ 48.123115] dump_stack_lvl+0x4e/0x90 [ 48.123658] print_report+0xd2/0x660 [ 48.124300] ? __virt_addr_valid+0x156/0x1e0 [ 48.125142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.126878] kasan_report+0xff/0x140 [ 48.127396] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 48.127963] ? kmalloc_oob_memset_2+0xdd/0x1e0 [ 48.128634] kasan_check_range+0x10c/0x1c0 [ 48.129162] __asan_memset+0x27/0x50 [ 48.129729] kmalloc_oob_memset_2+0xdd/0x1e0 [ 48.130304] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 48.130933] ? __schedule+0x70b/0x1190 [ 48.131517] ? ktime_get_ts64+0x118/0x140 [ 48.132088] kunit_try_run_case+0x126/0x290 [ 48.132613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.133381] ? __kasan_check_write+0x18/0x20 [ 48.134052] ? trace_preempt_on+0x20/0xa0 [ 48.134630] ? __kthread_parkme+0x4f/0xd0 [ 48.135257] ? preempt_count_sub+0x50/0x80 [ 48.135948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.136526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.137255] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.138109] kthread+0x19e/0x1e0 [ 48.138602] ? __pfx_kthread+0x10/0x10 [ 48.139296] ret_from_fork+0x41/0x70 [ 48.139880] ? __pfx_kthread+0x10/0x10 [ 48.140423] ret_from_fork_asm+0x1b/0x30 [ 48.141138] </TASK> [ 48.141409] [ 48.141622] Allocated by task 168: [ 48.142153] kasan_save_stack+0x3c/0x60 [ 48.142665] kasan_set_track+0x29/0x40 [ 48.143267] kasan_save_alloc_info+0x22/0x30 [ 48.143847] __kasan_kmalloc+0xb7/0xc0 [ 48.144287] kmalloc_trace+0x4c/0xb0 [ 48.144904] kmalloc_oob_memset_2+0x9f/0x1e0 [ 48.145478] kunit_try_run_case+0x126/0x290 [ 48.146141] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.146667] kthread+0x19e/0x1e0 [ 48.147278] ret_from_fork+0x41/0x70 [ 48.147923] ret_from_fork_asm+0x1b/0x30 [ 48.148556] [ 48.148818] The buggy address belongs to the object at ffff888102844a00 [ 48.148818] which belongs to the cache kmalloc-128 of size 128 [ 48.150062] The buggy address is located 119 bytes inside of [ 48.150062] allocated 120-byte region [ffff888102844a00, ffff888102844a78) [ 48.151005] [ 48.151307] The buggy address belongs to the physical page: [ 48.152008] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102844 [ 48.152993] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.153620] page_type: 0xffffffff() [ 48.154187] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 48.155082] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 48.156056] page dumped because: kasan: bad access detected [ 48.156673] [ 48.157579] Memory state around the buggy address: [ 48.158542] ffff888102844900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 48.159303] ffff888102844980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.160636] >ffff888102844a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 48.161458] ^ [ 48.162479] ffff888102844a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.164204] ffff888102844b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.164926] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
[ 48.063898] ================================================================== [ 48.065011] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0xda/0x1e0 [ 48.065615] Write of size 128 at addr ffff888102941d00 by task kunit_try_catch/166 [ 48.066534] [ 48.066943] CPU: 1 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.067857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.068752] Call Trace: [ 48.069229] <TASK> [ 48.069618] dump_stack_lvl+0x4e/0x90 [ 48.070311] print_report+0xd2/0x660 [ 48.070998] ? __virt_addr_valid+0x156/0x1e0 [ 48.071476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.072208] kasan_report+0xff/0x140 [ 48.072997] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 48.073585] ? kmalloc_oob_in_memset+0xda/0x1e0 [ 48.074275] kasan_check_range+0x10c/0x1c0 [ 48.074810] __asan_memset+0x27/0x50 [ 48.075296] kmalloc_oob_in_memset+0xda/0x1e0 [ 48.075776] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 48.076527] ? __schedule+0x70b/0x1190 [ 48.077215] ? ktime_get_ts64+0x118/0x140 [ 48.077973] kunit_try_run_case+0x126/0x290 [ 48.078711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.079299] ? __kasan_check_write+0x18/0x20 [ 48.079889] ? trace_preempt_on+0x20/0xa0 [ 48.080502] ? __kthread_parkme+0x4f/0xd0 [ 48.081115] ? preempt_count_sub+0x50/0x80 [ 48.081591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.082184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.083068] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.083781] kthread+0x19e/0x1e0 [ 48.084390] ? __pfx_kthread+0x10/0x10 [ 48.085092] ret_from_fork+0x41/0x70 [ 48.085669] ? __pfx_kthread+0x10/0x10 [ 48.086362] ret_from_fork_asm+0x1b/0x30 [ 48.086786] </TASK> [ 48.087359] [ 48.087633] Allocated by task 166: [ 48.088347] kasan_save_stack+0x3c/0x60 [ 48.088850] kasan_set_track+0x29/0x40 [ 48.089429] kasan_save_alloc_info+0x22/0x30 [ 48.090066] __kasan_kmalloc+0xb7/0xc0 [ 48.090543] kmalloc_trace+0x4c/0xb0 [ 48.091120] kmalloc_oob_in_memset+0x9f/0x1e0 [ 48.092345] kunit_try_run_case+0x126/0x290 [ 48.093499] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.094127] kthread+0x19e/0x1e0 [ 48.094663] ret_from_fork+0x41/0x70 [ 48.095173] ret_from_fork_asm+0x1b/0x30 [ 48.095625] [ 48.095904] The buggy address belongs to the object at ffff888102941d00 [ 48.095904] which belongs to the cache kmalloc-128 of size 128 [ 48.097003] The buggy address is located 0 bytes inside of [ 48.097003] allocated 120-byte region [ffff888102941d00, ffff888102941d78) [ 48.098641] [ 48.099025] The buggy address belongs to the physical page: [ 48.099558] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102941 [ 48.100414] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.100693] page_type: 0xffffffff() [ 48.101456] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 48.102306] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 48.102630] page dumped because: kasan: bad access detected [ 48.103240] [ 48.103520] Memory state around the buggy address: [ 48.104016] ffff888102941c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.104620] ffff888102941c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.105493] >ffff888102941d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 48.106319] ^ [ 48.107126] ffff888102941d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.107772] ffff888102941e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.108656] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
[ 47.995357] ================================================================== [ 47.996212] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x108/0x250 [ 47.998374] Read of size 16 at addr ffff88810273e080 by task kunit_try_catch/164 [ 47.999222] [ 47.999501] CPU: 1 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.000752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.001591] Call Trace: [ 48.001943] <TASK> [ 48.002278] dump_stack_lvl+0x4e/0x90 [ 48.003527] print_report+0xd2/0x660 [ 48.004077] ? __virt_addr_valid+0x156/0x1e0 [ 48.004607] ? kasan_complete_mode_report_info+0x64/0x200 [ 48.005322] kasan_report+0xff/0x140 [ 48.006115] ? kmalloc_uaf_16+0x108/0x250 [ 48.006593] ? kmalloc_uaf_16+0x108/0x250 [ 48.007325] __asan_load16+0x69/0x90 [ 48.007886] kmalloc_uaf_16+0x108/0x250 [ 48.008972] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 48.009345] ? __schedule+0x70b/0x1190 [ 48.009910] ? ktime_get_ts64+0x118/0x140 [ 48.010450] kunit_try_run_case+0x126/0x290 [ 48.011420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.012255] ? __kasan_check_write+0x18/0x20 [ 48.012882] ? trace_preempt_on+0x20/0xa0 [ 48.013418] ? __kthread_parkme+0x4f/0xd0 [ 48.014024] ? preempt_count_sub+0x50/0x80 [ 48.014548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.015563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.016353] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.017353] kthread+0x19e/0x1e0 [ 48.017915] ? __pfx_kthread+0x10/0x10 [ 48.018649] ret_from_fork+0x41/0x70 [ 48.019285] ? __pfx_kthread+0x10/0x10 [ 48.019862] ret_from_fork_asm+0x1b/0x30 [ 48.020839] </TASK> [ 48.021122] [ 48.021449] Allocated by task 164: [ 48.022076] kasan_save_stack+0x3c/0x60 [ 48.022624] kasan_set_track+0x29/0x40 [ 48.023150] kasan_save_alloc_info+0x22/0x30 [ 48.023768] __kasan_kmalloc+0xb7/0xc0 [ 48.024505] kmalloc_trace+0x4c/0xb0 [ 48.025201] kmalloc_uaf_16+0xc9/0x250 [ 48.026078] kunit_try_run_case+0x126/0x290 [ 48.026829] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.027831] kthread+0x19e/0x1e0 [ 48.028528] ret_from_fork+0x41/0x70 [ 48.029299] ret_from_fork_asm+0x1b/0x30 [ 48.029848] [ 48.030179] Freed by task 164: [ 48.030533] kasan_save_stack+0x3c/0x60 [ 48.031070] kasan_set_track+0x29/0x40 [ 48.031670] kasan_save_free_info+0x2f/0x50 [ 48.032836] ____kasan_slab_free+0x172/0x1d0 [ 48.033552] __kasan_slab_free+0x16/0x20 [ 48.034298] __kmem_cache_free+0x190/0x310 [ 48.034912] kfree+0x7c/0x120 [ 48.035451] kmalloc_uaf_16+0xe9/0x250 [ 48.036012] kunit_try_run_case+0x126/0x290 [ 48.036479] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.037171] kthread+0x19e/0x1e0 [ 48.037675] ret_from_fork+0x41/0x70 [ 48.039012] ret_from_fork_asm+0x1b/0x30 [ 48.039491] [ 48.039767] The buggy address belongs to the object at ffff88810273e080 [ 48.039767] which belongs to the cache kmalloc-16 of size 16 [ 48.041176] The buggy address is located 0 bytes inside of [ 48.041176] freed 16-byte region [ffff88810273e080, ffff88810273e090) [ 48.042263] [ 48.042542] The buggy address belongs to the physical page: [ 48.043353] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10273e [ 48.044611] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.045166] page_type: 0xffffffff() [ 48.045605] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 48.046235] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 48.047367] page dumped because: kasan: bad access detected [ 48.047924] [ 48.048388] Memory state around the buggy address: [ 48.049150] ffff88810273df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.050470] ffff88810273e000: 00 04 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 48.051148] >ffff88810273e080: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.052147] ^ [ 48.052588] ffff88810273e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.053424] ffff88810273e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.054326] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
[ 47.944260] ================================================================== [ 47.945500] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0xf3/0x250 [ 47.946451] Write of size 16 at addr ffff88810273e020 by task kunit_try_catch/162 [ 47.948028] [ 47.948809] CPU: 1 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.949665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.950622] Call Trace: [ 47.951170] <TASK> [ 47.951535] dump_stack_lvl+0x4e/0x90 [ 47.952169] print_report+0xd2/0x660 [ 47.952713] ? __virt_addr_valid+0x156/0x1e0 [ 47.953260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.953941] kasan_report+0xff/0x140 [ 47.954473] ? kmalloc_oob_16+0xf3/0x250 [ 47.955053] ? kmalloc_oob_16+0xf3/0x250 [ 47.955572] __asan_store16+0x6c/0xa0 [ 47.956134] kmalloc_oob_16+0xf3/0x250 [ 47.956572] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 47.957221] ? __schedule+0x70b/0x1190 [ 47.957783] ? ktime_get_ts64+0x118/0x140 [ 47.958379] kunit_try_run_case+0x126/0x290 [ 47.958977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.959557] ? __kasan_check_write+0x18/0x20 [ 47.960141] ? trace_preempt_on+0x20/0xa0 [ 47.960750] ? __kthread_parkme+0x4f/0xd0 [ 47.961270] ? preempt_count_sub+0x50/0x80 [ 47.961882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.962443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.963176] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.963830] kthread+0x19e/0x1e0 [ 47.964352] ? __pfx_kthread+0x10/0x10 [ 47.964927] ret_from_fork+0x41/0x70 [ 47.965423] ? __pfx_kthread+0x10/0x10 [ 47.966001] ret_from_fork_asm+0x1b/0x30 [ 47.966557] </TASK> [ 47.966897] [ 47.967171] Allocated by task 162: [ 47.967615] kasan_save_stack+0x3c/0x60 [ 47.968190] kasan_set_track+0x29/0x40 [ 47.968656] kasan_save_alloc_info+0x22/0x30 [ 47.969229] __kasan_kmalloc+0xb7/0xc0 [ 47.969787] kmalloc_trace+0x4c/0xb0 [ 47.970275] kmalloc_oob_16+0x8f/0x250 [ 47.970728] kunit_try_run_case+0x126/0x290 [ 47.971330] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.972058] kthread+0x19e/0x1e0 [ 47.972552] ret_from_fork+0x41/0x70 [ 47.973096] ret_from_fork_asm+0x1b/0x30 [ 47.973649] [ 47.973981] The buggy address belongs to the object at ffff88810273e020 [ 47.973981] which belongs to the cache kmalloc-16 of size 16 [ 47.974957] The buggy address is located 0 bytes inside of [ 47.974957] allocated 13-byte region [ffff88810273e020, ffff88810273e02d) [ 47.976181] [ 47.976460] The buggy address belongs to the physical page: [ 47.977045] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10273e [ 47.978095] flags: 0x200000000000800(slab|node=0|zone=2) [ 47.978670] page_type: 0xffffffff() [ 47.979243] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 47.980105] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 47.980780] page dumped because: kasan: bad access detected [ 47.981363] [ 47.981616] Memory state around the buggy address: [ 47.982233] ffff88810273df00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 47.982944] ffff88810273df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.983643] >ffff88810273e000: 00 04 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 47.984368] ^ [ 47.984871] ffff88810273e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.985605] ffff88810273e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.986324] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
[ 47.875030] ================================================================== [ 47.875591] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x131/0x2e0 [ 47.876379] Read of size 1 at addr ffff888102857a00 by task kunit_try_catch/160 [ 47.877110] [ 47.877410] CPU: 1 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.878468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.879458] Call Trace: [ 47.879702] <TASK> [ 47.880327] dump_stack_lvl+0x4e/0x90 [ 47.881055] print_report+0xd2/0x660 [ 47.881666] ? __virt_addr_valid+0x156/0x1e0 [ 47.882295] ? kasan_complete_mode_report_info+0x64/0x200 [ 47.882951] kasan_report+0xff/0x140 [ 47.883385] ? krealloc_uaf+0x131/0x2e0 [ 47.884348] ? krealloc_uaf+0x131/0x2e0 [ 47.885009] __asan_load1+0x66/0x70 [ 47.885598] krealloc_uaf+0x131/0x2e0 [ 47.886147] ? __pfx_krealloc_uaf+0x10/0x10 [ 47.886827] ? sysvec_apic_timer_interrupt+0x94/0xa0 [ 47.887430] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 47.888556] ? __pfx_krealloc_uaf+0x10/0x10 [ 47.889246] ? kunit_try_run_case+0x11b/0x290 [ 47.890006] kunit_try_run_case+0x126/0x290 [ 47.890599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.891299] ? __kasan_check_write+0x18/0x20 [ 47.892071] ? trace_preempt_on+0x20/0xa0 [ 47.892728] ? __kthread_parkme+0x4f/0xd0 [ 47.893645] ? preempt_count_sub+0x50/0x80 [ 47.894331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.895359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.896179] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.897314] kthread+0x19e/0x1e0 [ 47.897786] ? __pfx_kthread+0x10/0x10 [ 47.898363] ret_from_fork+0x41/0x70 [ 47.899224] ? __pfx_kthread+0x10/0x10 [ 47.899770] ret_from_fork_asm+0x1b/0x30 [ 47.900272] </TASK> [ 47.900548] [ 47.901538] Allocated by task 160: [ 47.902078] kasan_save_stack+0x3c/0x60 [ 47.902630] kasan_set_track+0x29/0x40 [ 47.903347] kasan_save_alloc_info+0x22/0x30 [ 47.903939] __kasan_kmalloc+0xb7/0xc0 [ 47.904454] kmalloc_trace+0x4c/0xb0 [ 47.905135] krealloc_uaf+0xb0/0x2e0 [ 47.905621] kunit_try_run_case+0x126/0x290 [ 47.906708] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.907502] kthread+0x19e/0x1e0 [ 47.908185] ret_from_fork+0x41/0x70 [ 47.908698] ret_from_fork_asm+0x1b/0x30 [ 47.909268] [ 47.909540] Freed by task 160: [ 47.910416] kasan_save_stack+0x3c/0x60 [ 47.911370] kasan_set_track+0x29/0x40 [ 47.911811] kasan_save_free_info+0x2f/0x50 [ 47.912501] ____kasan_slab_free+0x172/0x1d0 [ 47.913194] __kasan_slab_free+0x16/0x20 [ 47.913704] __kmem_cache_free+0x190/0x310 [ 47.914215] kfree+0x7c/0x120 [ 47.914754] krealloc_uaf+0xd0/0x2e0 [ 47.915680] kunit_try_run_case+0x126/0x290 [ 47.916408] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.917188] kthread+0x19e/0x1e0 [ 47.917420] ret_from_fork+0x41/0x70 [ 47.917647] ret_from_fork_asm+0x1b/0x30 [ 47.918609] [ 47.919279] The buggy address belongs to the object at ffff888102857a00 [ 47.919279] which belongs to the cache kmalloc-256 of size 256 [ 47.920323] The buggy address is located 0 bytes inside of [ 47.920323] freed 256-byte region [ffff888102857a00, ffff888102857b00) [ 47.921330] [ 47.921517] The buggy address belongs to the physical page: [ 47.922358] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.923458] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.924677] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.925398] page_type: 0xffffffff() [ 47.925959] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.926826] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.928169] page dumped because: kasan: bad access detected [ 47.928852] [ 47.929046] Memory state around the buggy address: [ 47.929540] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.930403] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.931044] >ffff888102857a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.932117] ^ [ 47.932476] ffff888102857a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.933518] ffff888102857b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.934699] ================================================================== [ 47.814314] ================================================================== [ 47.815692] BUG: KASAN: slab-use-after-free in krealloc_uaf+0xf1/0x2e0 [ 47.816447] Read of size 1 at addr ffff888102857a00 by task kunit_try_catch/160 [ 47.817157] [ 47.817863] CPU: 1 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.818919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.819812] Call Trace: [ 47.820202] <TASK> [ 47.820648] dump_stack_lvl+0x4e/0x90 [ 47.821250] print_report+0xd2/0x660 [ 47.821697] ? __virt_addr_valid+0x156/0x1e0 [ 47.822469] ? kasan_complete_mode_report_info+0x64/0x200 [ 47.823135] kasan_report+0xff/0x140 [ 47.823389] ? krealloc_uaf+0xf1/0x2e0 [ 47.823626] ? krealloc_uaf+0xf1/0x2e0 [ 47.824717] ? krealloc_uaf+0xf1/0x2e0 [ 47.825336] __kasan_check_byte+0x3d/0x50 [ 47.826062] krealloc+0x35/0x140 [ 47.826787] krealloc_uaf+0xf1/0x2e0 [ 47.827338] ? __pfx_krealloc_uaf+0x10/0x10 [ 47.827923] ? sysvec_apic_timer_interrupt+0x94/0xa0 [ 47.828446] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 47.829187] ? __pfx_krealloc_uaf+0x10/0x10 [ 47.829904] ? kunit_try_run_case+0x11b/0x290 [ 47.830617] kunit_try_run_case+0x126/0x290 [ 47.831345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.832063] ? __kasan_check_write+0x18/0x20 [ 47.832788] ? trace_preempt_on+0x20/0xa0 [ 47.833252] ? __kthread_parkme+0x4f/0xd0 [ 47.833514] ? preempt_count_sub+0x50/0x80 [ 47.833871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.834522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.835415] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.836200] kthread+0x19e/0x1e0 [ 47.836818] ? __pfx_kthread+0x10/0x10 [ 47.837420] ret_from_fork+0x41/0x70 [ 47.838099] ? __pfx_kthread+0x10/0x10 [ 47.838733] ret_from_fork_asm+0x1b/0x30 [ 47.839448] </TASK> [ 47.839956] [ 47.840393] Allocated by task 160: [ 47.840958] kasan_save_stack+0x3c/0x60 [ 47.841396] kasan_set_track+0x29/0x40 [ 47.842278] kasan_save_alloc_info+0x22/0x30 [ 47.842765] __kasan_kmalloc+0xb7/0xc0 [ 47.843469] kmalloc_trace+0x4c/0xb0 [ 47.844188] krealloc_uaf+0xb0/0x2e0 [ 47.844893] kunit_try_run_case+0x126/0x290 [ 47.845626] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.846456] kthread+0x19e/0x1e0 [ 47.847144] ret_from_fork+0x41/0x70 [ 47.847888] ret_from_fork_asm+0x1b/0x30 [ 47.848650] [ 47.849159] Freed by task 160: [ 47.849509] kasan_save_stack+0x3c/0x60 [ 47.850281] kasan_set_track+0x29/0x40 [ 47.850925] kasan_save_free_info+0x2f/0x50 [ 47.851583] ____kasan_slab_free+0x172/0x1d0 [ 47.852480] __kasan_slab_free+0x16/0x20 [ 47.853206] __kmem_cache_free+0x190/0x310 [ 47.853806] kfree+0x7c/0x120 [ 47.854539] krealloc_uaf+0xd0/0x2e0 [ 47.855089] kunit_try_run_case+0x126/0x290 [ 47.855750] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.856309] kthread+0x19e/0x1e0 [ 47.856813] ret_from_fork+0x41/0x70 [ 47.857304] ret_from_fork_asm+0x1b/0x30 [ 47.857926] [ 47.858225] The buggy address belongs to the object at ffff888102857a00 [ 47.858225] which belongs to the cache kmalloc-256 of size 256 [ 47.859170] The buggy address is located 0 bytes inside of [ 47.859170] freed 256-byte region [ffff888102857a00, ffff888102857b00) [ 47.860509] [ 47.860798] The buggy address belongs to the physical page: [ 47.861451] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.862588] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.863424] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.864157] page_type: 0xffffffff() [ 47.864591] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.865610] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.866236] page dumped because: kasan: bad access detected [ 47.866485] [ 47.866604] Memory state around the buggy address: [ 47.867038] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.868253] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.868893] >ffff888102857a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.869662] ^ [ 47.870140] ffff888102857a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 47.870954] ffff888102857b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.871662] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
[ 47.723210] ================================================================== [ 47.724607] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x258/0x660 [ 47.725451] Write of size 1 at addr ffff88810256a0ea by task kunit_try_catch/158 [ 47.726633] [ 47.727072] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.728495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.729473] Call Trace: [ 47.729913] <TASK> [ 47.730148] dump_stack_lvl+0x4e/0x90 [ 47.730949] print_report+0xd2/0x660 [ 47.731603] ? __virt_addr_valid+0x156/0x1e0 [ 47.732060] ? kasan_addr_to_slab+0x11/0xb0 [ 47.732824] kasan_report+0xff/0x140 [ 47.733475] ? krealloc_less_oob_helper+0x258/0x660 [ 47.734149] ? krealloc_less_oob_helper+0x258/0x660 [ 47.734970] __asan_store1+0x69/0x70 [ 47.735777] krealloc_less_oob_helper+0x258/0x660 [ 47.736340] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.737175] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.738082] ? __schedule+0x70b/0x1190 [ 47.738602] ? ktime_get_ts64+0x118/0x140 [ 47.739203] krealloc_pagealloc_less_oob+0x1c/0x30 [ 47.740098] kunit_try_run_case+0x126/0x290 [ 47.741199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.741729] ? __kasan_check_write+0x18/0x20 [ 47.742249] ? trace_preempt_on+0x20/0xa0 [ 47.742704] ? __kthread_parkme+0x4f/0xd0 [ 47.743966] ? preempt_count_sub+0x50/0x80 [ 47.744568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.745434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.746262] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.746868] kthread+0x19e/0x1e0 [ 47.747413] ? __pfx_kthread+0x10/0x10 [ 47.748463] ret_from_fork+0x41/0x70 [ 47.749291] ? __pfx_kthread+0x10/0x10 [ 47.749848] ret_from_fork_asm+0x1b/0x30 [ 47.750591] </TASK> [ 47.751130] [ 47.751417] The buggy address belongs to the physical page: [ 47.752351] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.753312] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.753906] flags: 0x200000000000040(head|node=0|zone=2) [ 47.754769] page_type: 0xffffffff() [ 47.755337] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.756478] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.757543] page dumped because: kasan: bad access detected [ 47.758439] [ 47.758653] Memory state around the buggy address: [ 47.759192] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.759991] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.760518] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 47.761110] ^ [ 47.761932] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.762510] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.763987] ================================================================== [ 47.324390] ================================================================== [ 47.325336] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x21a/0x660 [ 47.326400] Write of size 1 at addr ffff8881028578da by task kunit_try_catch/154 [ 47.327169] [ 47.327691] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.329292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.330158] Call Trace: [ 47.330712] <TASK> [ 47.331099] dump_stack_lvl+0x4e/0x90 [ 47.331886] print_report+0xd2/0x660 [ 47.332919] ? __virt_addr_valid+0x156/0x1e0 [ 47.333585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.334242] kasan_report+0xff/0x140 [ 47.334813] ? krealloc_less_oob_helper+0x21a/0x660 [ 47.335649] ? krealloc_less_oob_helper+0x21a/0x660 [ 47.336480] __asan_store1+0x69/0x70 [ 47.337361] krealloc_less_oob_helper+0x21a/0x660 [ 47.338353] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.339039] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.339645] ? __schedule+0x70b/0x1190 [ 47.340603] ? ktime_get_ts64+0x118/0x140 [ 47.341278] krealloc_less_oob+0x1c/0x30 [ 47.341874] kunit_try_run_case+0x126/0x290 [ 47.342651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.343456] ? __kasan_check_write+0x18/0x20 [ 47.344440] ? trace_preempt_on+0x20/0xa0 [ 47.344963] ? __kthread_parkme+0x4f/0xd0 [ 47.345678] ? preempt_count_sub+0x50/0x80 [ 47.346477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.347092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.347715] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.348727] kthread+0x19e/0x1e0 [ 47.349232] ? __pfx_kthread+0x10/0x10 [ 47.349964] ret_from_fork+0x41/0x70 [ 47.350804] ? __pfx_kthread+0x10/0x10 [ 47.351356] ret_from_fork_asm+0x1b/0x30 [ 47.351999] </TASK> [ 47.352344] [ 47.352584] Allocated by task 154: [ 47.353553] kasan_save_stack+0x3c/0x60 [ 47.354396] kasan_set_track+0x29/0x40 [ 47.354923] kasan_save_alloc_info+0x22/0x30 [ 47.355645] __kasan_krealloc+0x12f/0x180 [ 47.356675] krealloc+0xc1/0x140 [ 47.357348] krealloc_less_oob_helper+0xe5/0x660 [ 47.358233] krealloc_less_oob+0x1c/0x30 [ 47.358750] kunit_try_run_case+0x126/0x290 [ 47.359252] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.360403] kthread+0x19e/0x1e0 [ 47.360820] ret_from_fork+0x41/0x70 [ 47.361531] ret_from_fork_asm+0x1b/0x30 [ 47.362382] [ 47.362626] The buggy address belongs to the object at ffff888102857800 [ 47.362626] which belongs to the cache kmalloc-256 of size 256 [ 47.363883] The buggy address is located 17 bytes to the right of [ 47.363883] allocated 201-byte region [ffff888102857800, ffff8881028578c9) [ 47.365452] [ 47.365731] The buggy address belongs to the physical page: [ 47.366589] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.367601] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.368793] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.369411] page_type: 0xffffffff() [ 47.370324] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.371100] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.371753] page dumped because: kasan: bad access detected [ 47.372340] [ 47.372587] Memory state around the buggy address: [ 47.373053] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.374522] ffff888102857800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.375324] >ffff888102857880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 47.376367] ^ [ 47.377078] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.378339] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.378979] ================================================================== [ 47.268633] ================================================================== [ 47.269384] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a6/0x660 [ 47.270899] Write of size 1 at addr ffff8881028578d0 by task kunit_try_catch/154 [ 47.272077] [ 47.272291] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.273187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.274228] Call Trace: [ 47.274733] <TASK> [ 47.275083] dump_stack_lvl+0x4e/0x90 [ 47.275561] print_report+0xd2/0x660 [ 47.276091] ? __virt_addr_valid+0x156/0x1e0 [ 47.276717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.277963] kasan_report+0xff/0x140 [ 47.278670] ? krealloc_less_oob_helper+0x1a6/0x660 [ 47.279441] ? krealloc_less_oob_helper+0x1a6/0x660 [ 47.280125] __asan_store1+0x69/0x70 [ 47.281105] krealloc_less_oob_helper+0x1a6/0x660 [ 47.281654] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.282280] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.283203] ? __schedule+0x70b/0x1190 [ 47.283765] ? ktime_get_ts64+0x118/0x140 [ 47.284462] krealloc_less_oob+0x1c/0x30 [ 47.284981] kunit_try_run_case+0x126/0x290 [ 47.285935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.286830] ? __kasan_check_write+0x18/0x20 [ 47.287552] ? trace_preempt_on+0x20/0xa0 [ 47.288447] ? __kthread_parkme+0x4f/0xd0 [ 47.289253] ? preempt_count_sub+0x50/0x80 [ 47.289769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.290698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.291534] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.292042] kthread+0x19e/0x1e0 [ 47.292577] ? __pfx_kthread+0x10/0x10 [ 47.293148] ret_from_fork+0x41/0x70 [ 47.293608] ? __pfx_kthread+0x10/0x10 [ 47.294551] ret_from_fork_asm+0x1b/0x30 [ 47.295475] </TASK> [ 47.295902] [ 47.296196] Allocated by task 154: [ 47.296843] kasan_save_stack+0x3c/0x60 [ 47.297443] kasan_set_track+0x29/0x40 [ 47.298515] kasan_save_alloc_info+0x22/0x30 [ 47.299266] __kasan_krealloc+0x12f/0x180 [ 47.300097] krealloc+0xc1/0x140 [ 47.300794] krealloc_less_oob_helper+0xe5/0x660 [ 47.301693] krealloc_less_oob+0x1c/0x30 [ 47.302458] kunit_try_run_case+0x126/0x290 [ 47.303079] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.304006] kthread+0x19e/0x1e0 [ 47.304654] ret_from_fork+0x41/0x70 [ 47.305497] ret_from_fork_asm+0x1b/0x30 [ 47.306258] [ 47.306591] The buggy address belongs to the object at ffff888102857800 [ 47.306591] which belongs to the cache kmalloc-256 of size 256 [ 47.307885] The buggy address is located 7 bytes to the right of [ 47.307885] allocated 201-byte region [ffff888102857800, ffff8881028578c9) [ 47.310079] [ 47.310402] The buggy address belongs to the physical page: [ 47.310982] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.312069] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.312799] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.313469] page_type: 0xffffffff() [ 47.314076] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.314915] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.315686] page dumped because: kasan: bad access detected [ 47.316362] [ 47.316599] Memory state around the buggy address: [ 47.317247] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.317923] ffff888102857800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.318791] >ffff888102857880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 47.319479] ^ [ 47.320207] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.321705] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.322550] ================================================================== [ 47.591721] ================================================================== [ 47.592856] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x146/0x660 [ 47.594149] Write of size 1 at addr ffff88810256a0c9 by task kunit_try_catch/158 [ 47.594919] [ 47.595462] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.596604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.597439] Call Trace: [ 47.597696] <TASK> [ 47.598513] dump_stack_lvl+0x4e/0x90 [ 47.599441] print_report+0xd2/0x660 [ 47.600131] ? __virt_addr_valid+0x156/0x1e0 [ 47.600884] ? kasan_addr_to_slab+0x11/0xb0 [ 47.601562] kasan_report+0xff/0x140 [ 47.602250] ? krealloc_less_oob_helper+0x146/0x660 [ 47.603298] ? krealloc_less_oob_helper+0x146/0x660 [ 47.603917] __asan_store1+0x69/0x70 [ 47.604760] krealloc_less_oob_helper+0x146/0x660 [ 47.605267] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.606088] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.606698] ? __schedule+0x70b/0x1190 [ 47.607459] ? ktime_get_ts64+0x118/0x140 [ 47.608058] krealloc_pagealloc_less_oob+0x1c/0x30 [ 47.608646] kunit_try_run_case+0x126/0x290 [ 47.609513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.609899] ? __kasan_check_write+0x18/0x20 [ 47.610624] ? trace_preempt_on+0x20/0xa0 [ 47.611539] ? __kthread_parkme+0x4f/0xd0 [ 47.612207] ? preempt_count_sub+0x50/0x80 [ 47.612820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.613452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.614344] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.615134] kthread+0x19e/0x1e0 [ 47.615748] ? __pfx_kthread+0x10/0x10 [ 47.616522] ret_from_fork+0x41/0x70 [ 47.617064] ? __pfx_kthread+0x10/0x10 [ 47.617585] ret_from_fork_asm+0x1b/0x30 [ 47.618120] </TASK> [ 47.618464] [ 47.619623] The buggy address belongs to the physical page: [ 47.620424] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.621248] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.621869] flags: 0x200000000000040(head|node=0|zone=2) [ 47.622498] page_type: 0xffffffff() [ 47.623325] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.624246] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.625244] page dumped because: kasan: bad access detected [ 47.625806] [ 47.626248] Memory state around the buggy address: [ 47.626694] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.627674] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.628554] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 47.629431] ^ [ 47.630247] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.631091] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.631830] ================================================================== [ 47.434921] ================================================================== [ 47.435752] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x294/0x660 [ 47.436601] Write of size 1 at addr ffff8881028578eb by task kunit_try_catch/154 [ 47.437274] [ 47.437575] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.439390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.440597] Call Trace: [ 47.440960] <TASK> [ 47.441313] dump_stack_lvl+0x4e/0x90 [ 47.441849] print_report+0xd2/0x660 [ 47.442286] ? __virt_addr_valid+0x156/0x1e0 [ 47.443259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.444132] kasan_report+0xff/0x140 [ 47.444593] ? krealloc_less_oob_helper+0x294/0x660 [ 47.445962] ? krealloc_less_oob_helper+0x294/0x660 [ 47.446533] __asan_store1+0x69/0x70 [ 47.447072] krealloc_less_oob_helper+0x294/0x660 [ 47.447726] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.448859] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.450019] ? __schedule+0x70b/0x1190 [ 47.450815] ? ktime_get_ts64+0x118/0x140 [ 47.451488] krealloc_less_oob+0x1c/0x30 [ 47.452095] kunit_try_run_case+0x126/0x290 [ 47.452990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.453541] ? __kasan_check_write+0x18/0x20 [ 47.454772] ? trace_preempt_on+0x20/0xa0 [ 47.455598] ? __kthread_parkme+0x4f/0xd0 [ 47.456126] ? preempt_count_sub+0x50/0x80 [ 47.456770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.457390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.459279] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.459860] kthread+0x19e/0x1e0 [ 47.460472] ? __pfx_kthread+0x10/0x10 [ 47.460978] ret_from_fork+0x41/0x70 [ 47.461685] ? __pfx_kthread+0x10/0x10 [ 47.462434] ret_from_fork_asm+0x1b/0x30 [ 47.462988] </TASK> [ 47.463917] [ 47.464192] Allocated by task 154: [ 47.464861] kasan_save_stack+0x3c/0x60 [ 47.465703] kasan_set_track+0x29/0x40 [ 47.466492] kasan_save_alloc_info+0x22/0x30 [ 47.467070] __kasan_krealloc+0x12f/0x180 [ 47.468091] krealloc+0xc1/0x140 [ 47.468791] krealloc_less_oob_helper+0xe5/0x660 [ 47.469594] krealloc_less_oob+0x1c/0x30 [ 47.470291] kunit_try_run_case+0x126/0x290 [ 47.471026] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.471733] kthread+0x19e/0x1e0 [ 47.472176] ret_from_fork+0x41/0x70 [ 47.472758] ret_from_fork_asm+0x1b/0x30 [ 47.473654] [ 47.473912] The buggy address belongs to the object at ffff888102857800 [ 47.473912] which belongs to the cache kmalloc-256 of size 256 [ 47.475848] The buggy address is located 34 bytes to the right of [ 47.475848] allocated 201-byte region [ffff888102857800, ffff8881028578c9) [ 47.477426] [ 47.477659] The buggy address belongs to the physical page: [ 47.479119] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.479801] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.480560] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.481306] page_type: 0xffffffff() [ 47.481893] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.482530] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.483411] page dumped because: kasan: bad access detected [ 47.484138] [ 47.484451] Memory state around the buggy address: [ 47.485031] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.485856] ffff888102857800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.486668] >ffff888102857880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 47.487522] ^ [ 47.489310] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.490113] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.490758] ================================================================== [ 47.765452] ================================================================== [ 47.766711] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x294/0x660 [ 47.768158] Write of size 1 at addr ffff88810256a0eb by task kunit_try_catch/158 [ 47.768630] [ 47.769414] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.770447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.771353] Call Trace: [ 47.771863] <TASK> [ 47.772321] dump_stack_lvl+0x4e/0x90 [ 47.772829] print_report+0xd2/0x660 [ 47.773399] ? __virt_addr_valid+0x156/0x1e0 [ 47.773996] ? kasan_addr_to_slab+0x11/0xb0 [ 47.774664] kasan_report+0xff/0x140 [ 47.775405] ? krealloc_less_oob_helper+0x294/0x660 [ 47.776172] ? krealloc_less_oob_helper+0x294/0x660 [ 47.776639] __asan_store1+0x69/0x70 [ 47.777303] krealloc_less_oob_helper+0x294/0x660 [ 47.778055] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.778760] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.779638] ? __schedule+0x70b/0x1190 [ 47.780267] ? ktime_get_ts64+0x118/0x140 [ 47.780731] krealloc_pagealloc_less_oob+0x1c/0x30 [ 47.781391] kunit_try_run_case+0x126/0x290 [ 47.782278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.782751] ? __kasan_check_write+0x18/0x20 [ 47.783383] ? trace_preempt_on+0x20/0xa0 [ 47.784035] ? __kthread_parkme+0x4f/0xd0 [ 47.784668] ? preempt_count_sub+0x50/0x80 [ 47.785436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.786226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.787048] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.787701] kthread+0x19e/0x1e0 [ 47.788357] ? __pfx_kthread+0x10/0x10 [ 47.788834] ret_from_fork+0x41/0x70 [ 47.789975] ? __pfx_kthread+0x10/0x10 [ 47.790607] ret_from_fork_asm+0x1b/0x30 [ 47.791410] </TASK> [ 47.792222] [ 47.792468] The buggy address belongs to the physical page: [ 47.793124] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.794343] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.795563] flags: 0x200000000000040(head|node=0|zone=2) [ 47.796401] page_type: 0xffffffff() [ 47.796837] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.797592] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.798618] page dumped because: kasan: bad access detected [ 47.799254] [ 47.799516] Memory state around the buggy address: [ 47.800098] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.801499] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.802254] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 47.803321] ^ [ 47.804336] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.804783] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.805988] ================================================================== [ 47.210271] ================================================================== [ 47.211869] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x146/0x660 [ 47.213013] Write of size 1 at addr ffff8881028578c9 by task kunit_try_catch/154 [ 47.214256] [ 47.215208] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.215870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.217479] Call Trace: [ 47.217795] <TASK> [ 47.218368] dump_stack_lvl+0x4e/0x90 [ 47.219220] print_report+0xd2/0x660 [ 47.219826] ? __virt_addr_valid+0x156/0x1e0 [ 47.220631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.221769] kasan_report+0xff/0x140 [ 47.222257] ? krealloc_less_oob_helper+0x146/0x660 [ 47.223266] ? krealloc_less_oob_helper+0x146/0x660 [ 47.223773] __asan_store1+0x69/0x70 [ 47.224651] krealloc_less_oob_helper+0x146/0x660 [ 47.225400] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.226178] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.226802] ? __schedule+0x70b/0x1190 [ 47.227315] ? ktime_get_ts64+0x118/0x140 [ 47.228092] krealloc_less_oob+0x1c/0x30 [ 47.228819] kunit_try_run_case+0x126/0x290 [ 47.229733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.230778] ? __kasan_check_write+0x18/0x20 [ 47.231357] ? trace_preempt_on+0x20/0xa0 [ 47.232040] ? __kthread_parkme+0x4f/0xd0 [ 47.232840] ? preempt_count_sub+0x50/0x80 [ 47.233366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.234067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.234792] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.235779] kthread+0x19e/0x1e0 [ 47.236249] ? __pfx_kthread+0x10/0x10 [ 47.236828] ret_from_fork+0x41/0x70 [ 47.237383] ? __pfx_kthread+0x10/0x10 [ 47.238487] ret_from_fork_asm+0x1b/0x30 [ 47.239359] </TASK> [ 47.239581] [ 47.239850] Allocated by task 154: [ 47.240573] kasan_save_stack+0x3c/0x60 [ 47.241331] kasan_set_track+0x29/0x40 [ 47.241888] kasan_save_alloc_info+0x22/0x30 [ 47.242321] __kasan_krealloc+0x12f/0x180 [ 47.242902] krealloc+0xc1/0x140 [ 47.243621] krealloc_less_oob_helper+0xe5/0x660 [ 47.244385] krealloc_less_oob+0x1c/0x30 [ 47.245005] kunit_try_run_case+0x126/0x290 [ 47.245825] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.246753] kthread+0x19e/0x1e0 [ 47.247275] ret_from_fork+0x41/0x70 [ 47.248402] ret_from_fork_asm+0x1b/0x30 [ 47.248803] [ 47.249084] The buggy address belongs to the object at ffff888102857800 [ 47.249084] which belongs to the cache kmalloc-256 of size 256 [ 47.250789] The buggy address is located 0 bytes to the right of [ 47.250789] allocated 201-byte region [ffff888102857800, ffff8881028578c9) [ 47.252114] [ 47.252401] The buggy address belongs to the physical page: [ 47.252950] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.254516] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.255505] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.256285] page_type: 0xffffffff() [ 47.256822] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.257610] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.259110] page dumped because: kasan: bad access detected [ 47.259949] [ 47.260527] Memory state around the buggy address: [ 47.261248] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.261968] ffff888102857800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.263216] >ffff888102857880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 47.264136] ^ [ 47.264693] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.265731] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.266715] ================================================================== [ 47.635609] ================================================================== [ 47.636163] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x1a6/0x660 [ 47.636729] Write of size 1 at addr ffff88810256a0d0 by task kunit_try_catch/158 [ 47.637526] [ 47.637841] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.638801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.640939] Call Trace: [ 47.641468] <TASK> [ 47.641801] dump_stack_lvl+0x4e/0x90 [ 47.642757] print_report+0xd2/0x660 [ 47.643563] ? __virt_addr_valid+0x156/0x1e0 [ 47.644493] ? kasan_addr_to_slab+0x11/0xb0 [ 47.645350] kasan_report+0xff/0x140 [ 47.646216] ? krealloc_less_oob_helper+0x1a6/0x660 [ 47.646755] ? krealloc_less_oob_helper+0x1a6/0x660 [ 47.647489] __asan_store1+0x69/0x70 [ 47.648507] krealloc_less_oob_helper+0x1a6/0x660 [ 47.649222] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.649965] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.650844] ? __schedule+0x70b/0x1190 [ 47.651587] ? ktime_get_ts64+0x118/0x140 [ 47.652288] krealloc_pagealloc_less_oob+0x1c/0x30 [ 47.652784] kunit_try_run_case+0x126/0x290 [ 47.653466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.654198] ? __kasan_check_write+0x18/0x20 [ 47.655052] ? trace_preempt_on+0x20/0xa0 [ 47.655804] ? __kthread_parkme+0x4f/0xd0 [ 47.656488] ? preempt_count_sub+0x50/0x80 [ 47.657238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.658214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.659092] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.660091] kthread+0x19e/0x1e0 [ 47.660615] ? __pfx_kthread+0x10/0x10 [ 47.661312] ret_from_fork+0x41/0x70 [ 47.662284] ? __pfx_kthread+0x10/0x10 [ 47.662664] ret_from_fork_asm+0x1b/0x30 [ 47.663519] </TASK> [ 47.663975] [ 47.664347] The buggy address belongs to the physical page: [ 47.664881] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.666125] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.666983] flags: 0x200000000000040(head|node=0|zone=2) [ 47.667699] page_type: 0xffffffff() [ 47.668293] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.669668] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.670439] page dumped because: kasan: bad access detected [ 47.670886] [ 47.671148] Memory state around the buggy address: [ 47.671597] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.672781] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.673838] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 47.674773] ^ [ 47.675681] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.676510] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.677347] ================================================================== [ 47.380301] ================================================================== [ 47.381038] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x258/0x660 [ 47.382810] Write of size 1 at addr ffff8881028578ea by task kunit_try_catch/154 [ 47.383493] [ 47.384315] CPU: 1 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.385279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.386493] Call Trace: [ 47.386873] <TASK> [ 47.387370] dump_stack_lvl+0x4e/0x90 [ 47.387863] print_report+0xd2/0x660 [ 47.388435] ? __virt_addr_valid+0x156/0x1e0 [ 47.389364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.390112] kasan_report+0xff/0x140 [ 47.390537] ? krealloc_less_oob_helper+0x258/0x660 [ 47.391277] ? krealloc_less_oob_helper+0x258/0x660 [ 47.391951] __asan_store1+0x69/0x70 [ 47.392415] krealloc_less_oob_helper+0x258/0x660 [ 47.393143] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.393730] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.394417] ? __schedule+0x70b/0x1190 [ 47.394982] ? ktime_get_ts64+0x118/0x140 [ 47.395548] krealloc_less_oob+0x1c/0x30 [ 47.396041] kunit_try_run_case+0x126/0x290 [ 47.396611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.397298] ? __kasan_check_write+0x18/0x20 [ 47.397879] ? trace_preempt_on+0x20/0xa0 [ 47.398620] ? __kthread_parkme+0x4f/0xd0 [ 47.399509] ? preempt_count_sub+0x50/0x80 [ 47.400339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.401424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.402373] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.403385] kthread+0x19e/0x1e0 [ 47.403881] ? __pfx_kthread+0x10/0x10 [ 47.404611] ret_from_fork+0x41/0x70 [ 47.405333] ? __pfx_kthread+0x10/0x10 [ 47.405908] ret_from_fork_asm+0x1b/0x30 [ 47.406638] </TASK> [ 47.406995] [ 47.407750] Allocated by task 154: [ 47.408173] kasan_save_stack+0x3c/0x60 [ 47.408758] kasan_set_track+0x29/0x40 [ 47.409225] kasan_save_alloc_info+0x22/0x30 [ 47.410087] __kasan_krealloc+0x12f/0x180 [ 47.410689] krealloc+0xc1/0x140 [ 47.411943] krealloc_less_oob_helper+0xe5/0x660 [ 47.412404] krealloc_less_oob+0x1c/0x30 [ 47.412983] kunit_try_run_case+0x126/0x290 [ 47.413485] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.414264] kthread+0x19e/0x1e0 [ 47.414811] ret_from_fork+0x41/0x70 [ 47.415293] ret_from_fork_asm+0x1b/0x30 [ 47.415673] [ 47.415885] The buggy address belongs to the object at ffff888102857800 [ 47.415885] which belongs to the cache kmalloc-256 of size 256 [ 47.417399] The buggy address is located 33 bytes to the right of [ 47.417399] allocated 201-byte region [ffff888102857800, ffff8881028578c9) [ 47.418716] [ 47.419006] The buggy address belongs to the physical page: [ 47.420181] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.421455] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.422295] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.423520] page_type: 0xffffffff() [ 47.424169] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.424849] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.425630] page dumped because: kasan: bad access detected [ 47.426502] [ 47.426807] Memory state around the buggy address: [ 47.427896] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.428568] ffff888102857800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.429649] >ffff888102857880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 47.430447] ^ [ 47.431125] ffff888102857900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.432040] ffff888102857980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.432631] ================================================================== [ 47.679844] ================================================================== [ 47.680605] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0x21a/0x660 [ 47.681461] Write of size 1 at addr ffff88810256a0da by task kunit_try_catch/158 [ 47.682331] [ 47.682634] CPU: 1 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.683799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.685300] Call Trace: [ 47.685924] <TASK> [ 47.686546] dump_stack_lvl+0x4e/0x90 [ 47.687270] print_report+0xd2/0x660 [ 47.687781] ? __virt_addr_valid+0x156/0x1e0 [ 47.688313] ? kasan_addr_to_slab+0x11/0xb0 [ 47.688964] kasan_report+0xff/0x140 [ 47.689575] ? krealloc_less_oob_helper+0x21a/0x660 [ 47.690106] ? krealloc_less_oob_helper+0x21a/0x660 [ 47.690867] __asan_store1+0x69/0x70 [ 47.691374] krealloc_less_oob_helper+0x21a/0x660 [ 47.692041] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 47.692759] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.693531] ? __schedule+0x70b/0x1190 [ 47.694115] ? ktime_get_ts64+0x118/0x140 [ 47.695176] krealloc_pagealloc_less_oob+0x1c/0x30 [ 47.696460] kunit_try_run_case+0x126/0x290 [ 47.697021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.697689] ? __kasan_check_write+0x18/0x20 [ 47.698404] ? trace_preempt_on+0x20/0xa0 [ 47.698953] ? __kthread_parkme+0x4f/0xd0 [ 47.699701] ? preempt_count_sub+0x50/0x80 [ 47.700394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.701302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.702645] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.703577] kthread+0x19e/0x1e0 [ 47.704218] ? __pfx_kthread+0x10/0x10 [ 47.705203] ret_from_fork+0x41/0x70 [ 47.705776] ? __pfx_kthread+0x10/0x10 [ 47.706455] ret_from_fork_asm+0x1b/0x30 [ 47.707231] </TASK> [ 47.707652] [ 47.708172] The buggy address belongs to the physical page: [ 47.708965] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.709685] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.710691] flags: 0x200000000000040(head|node=0|zone=2) [ 47.711599] page_type: 0xffffffff() [ 47.711957] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.713274] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.714238] page dumped because: kasan: bad access detected [ 47.714845] [ 47.715122] Memory state around the buggy address: [ 47.715857] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.717257] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.718024] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 47.718867] ^ [ 47.719818] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.720530] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.721732] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
[ 47.144519] ================================================================== [ 47.145166] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.146850] Write of size 1 at addr ffff8881028576f0 by task kunit_try_catch/152 [ 47.147830] [ 47.148169] CPU: 1 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.149541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.150813] Call Trace: [ 47.151105] <TASK> [ 47.151471] dump_stack_lvl+0x4e/0x90 [ 47.152436] print_report+0xd2/0x660 [ 47.153079] ? __virt_addr_valid+0x156/0x1e0 [ 47.153691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.154472] kasan_report+0xff/0x140 [ 47.155128] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.155675] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.156818] __asan_store1+0x69/0x70 [ 47.157386] krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.158068] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 47.158771] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.159454] ? __schedule+0x70b/0x1190 [ 47.159881] ? ktime_get_ts64+0x118/0x140 [ 47.160622] krealloc_more_oob+0x1c/0x30 [ 47.161237] kunit_try_run_case+0x126/0x290 [ 47.161850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.162453] ? __kasan_check_write+0x18/0x20 [ 47.163632] ? trace_preempt_on+0x20/0xa0 [ 47.164439] ? __kthread_parkme+0x4f/0xd0 [ 47.165222] ? preempt_count_sub+0x50/0x80 [ 47.165793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.166654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.167484] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.168333] kthread+0x19e/0x1e0 [ 47.168920] ? __pfx_kthread+0x10/0x10 [ 47.169664] ret_from_fork+0x41/0x70 [ 47.170426] ? __pfx_kthread+0x10/0x10 [ 47.170911] ret_from_fork_asm+0x1b/0x30 [ 47.171609] </TASK> [ 47.172363] [ 47.172583] Allocated by task 152: [ 47.173411] kasan_save_stack+0x3c/0x60 [ 47.173945] kasan_set_track+0x29/0x40 [ 47.174788] kasan_save_alloc_info+0x22/0x30 [ 47.175820] __kasan_krealloc+0x12f/0x180 [ 47.176344] krealloc+0xc1/0x140 [ 47.176717] krealloc_more_oob_helper+0xe2/0x3b0 [ 47.177223] krealloc_more_oob+0x1c/0x30 [ 47.177645] kunit_try_run_case+0x126/0x290 [ 47.178639] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.179857] kthread+0x19e/0x1e0 [ 47.180376] ret_from_fork+0x41/0x70 [ 47.180882] ret_from_fork_asm+0x1b/0x30 [ 47.181409] [ 47.181678] The buggy address belongs to the object at ffff888102857600 [ 47.181678] which belongs to the cache kmalloc-256 of size 256 [ 47.183858] The buggy address is located 5 bytes to the right of [ 47.183858] allocated 235-byte region [ffff888102857600, ffff8881028576eb) [ 47.185235] [ 47.185515] The buggy address belongs to the physical page: [ 47.186399] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.187653] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.188688] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.189571] page_type: 0xffffffff() [ 47.190330] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.191604] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.192420] page dumped because: kasan: bad access detected [ 47.193006] [ 47.193270] Memory state around the buggy address: [ 47.193671] ffff888102857580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.195099] ffff888102857600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.195864] >ffff888102857680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 47.196472] ^ [ 47.197133] ffff888102857700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.197788] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.198463] ================================================================== [ 47.093606] ================================================================== [ 47.094309] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x179/0x3b0 [ 47.094668] Write of size 1 at addr ffff8881028576eb by task kunit_try_catch/152 [ 47.095002] [ 47.095137] CPU: 1 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.095498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.096164] Call Trace: [ 47.096545] <TASK> [ 47.096887] dump_stack_lvl+0x4e/0x90 [ 47.097428] print_report+0xd2/0x660 [ 47.098639] ? __virt_addr_valid+0x156/0x1e0 [ 47.099551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.100414] kasan_report+0xff/0x140 [ 47.100857] ? krealloc_more_oob_helper+0x179/0x3b0 [ 47.101770] ? krealloc_more_oob_helper+0x179/0x3b0 [ 47.102801] __asan_store1+0x69/0x70 [ 47.103466] krealloc_more_oob_helper+0x179/0x3b0 [ 47.104399] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 47.105087] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.105800] ? __schedule+0x70b/0x1190 [ 47.106610] ? ktime_get_ts64+0x118/0x140 [ 47.107428] krealloc_more_oob+0x1c/0x30 [ 47.108001] kunit_try_run_case+0x126/0x290 [ 47.108566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.109485] ? __kasan_check_write+0x18/0x20 [ 47.110230] ? trace_preempt_on+0x20/0xa0 [ 47.110839] ? __kthread_parkme+0x4f/0xd0 [ 47.111453] ? preempt_count_sub+0x50/0x80 [ 47.111991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.112588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.113448] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.114372] kthread+0x19e/0x1e0 [ 47.114971] ? __pfx_kthread+0x10/0x10 [ 47.115692] ret_from_fork+0x41/0x70 [ 47.116352] ? __pfx_kthread+0x10/0x10 [ 47.116879] ret_from_fork_asm+0x1b/0x30 [ 47.117509] </TASK> [ 47.117856] [ 47.118145] Allocated by task 152: [ 47.118478] kasan_save_stack+0x3c/0x60 [ 47.119081] kasan_set_track+0x29/0x40 [ 47.119872] kasan_save_alloc_info+0x22/0x30 [ 47.120652] __kasan_krealloc+0x12f/0x180 [ 47.121176] krealloc+0xc1/0x140 [ 47.121635] krealloc_more_oob_helper+0xe2/0x3b0 [ 47.122315] krealloc_more_oob+0x1c/0x30 [ 47.123422] kunit_try_run_case+0x126/0x290 [ 47.124173] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.124805] kthread+0x19e/0x1e0 [ 47.125515] ret_from_fork+0x41/0x70 [ 47.126202] ret_from_fork_asm+0x1b/0x30 [ 47.126798] [ 47.127026] The buggy address belongs to the object at ffff888102857600 [ 47.127026] which belongs to the cache kmalloc-256 of size 256 [ 47.128668] The buggy address is located 0 bytes to the right of [ 47.128668] allocated 235-byte region [ffff888102857600, ffff8881028576eb) [ 47.130251] [ 47.130625] The buggy address belongs to the physical page: [ 47.131139] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 47.132647] head:(____ptrval____) order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.133546] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.134018] page_type: 0xffffffff() [ 47.134696] raw: 0200000000000840 ffff888100041b40 dead000000000122 0000000000000000 [ 47.135777] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 47.136514] page dumped because: kasan: bad access detected [ 47.137421] [ 47.137796] Memory state around the buggy address: [ 47.138657] ffff888102857580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.139610] ffff888102857600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.140531] >ffff888102857680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 47.140998] ^ [ 47.141666] ffff888102857700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.142722] ffff888102857780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.143355] ================================================================== [ 47.502423] ================================================================== [ 47.503542] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x179/0x3b0 [ 47.504288] Write of size 1 at addr ffff88810256a0eb by task kunit_try_catch/156 [ 47.505132] [ 47.505449] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.506582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.507970] Call Trace: [ 47.508390] <TASK> [ 47.508761] dump_stack_lvl+0x4e/0x90 [ 47.509373] print_report+0xd2/0x660 [ 47.510090] ? __virt_addr_valid+0x156/0x1e0 [ 47.510815] ? kasan_addr_to_slab+0x11/0xb0 [ 47.511699] kasan_report+0xff/0x140 [ 47.512525] ? krealloc_more_oob_helper+0x179/0x3b0 [ 47.513270] ? krealloc_more_oob_helper+0x179/0x3b0 [ 47.513937] __asan_store1+0x69/0x70 [ 47.514476] krealloc_more_oob_helper+0x179/0x3b0 [ 47.515383] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 47.515878] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.516379] ? __schedule+0x70b/0x1190 [ 47.517299] ? ktime_get_ts64+0x118/0x140 [ 47.517885] krealloc_pagealloc_more_oob+0x1c/0x30 [ 47.518445] kunit_try_run_case+0x126/0x290 [ 47.519155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.519624] ? __kasan_check_write+0x18/0x20 [ 47.520451] ? trace_preempt_on+0x20/0xa0 [ 47.521164] ? __kthread_parkme+0x4f/0xd0 [ 47.521790] ? preempt_count_sub+0x50/0x80 [ 47.522387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.523242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.524424] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.525278] kthread+0x19e/0x1e0 [ 47.525940] ? __pfx_kthread+0x10/0x10 [ 47.526291] ret_from_fork+0x41/0x70 [ 47.526849] ? __pfx_kthread+0x10/0x10 [ 47.528059] ret_from_fork_asm+0x1b/0x30 [ 47.528785] </TASK> [ 47.529146] [ 47.529526] The buggy address belongs to the physical page: [ 47.529973] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.531144] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.532262] flags: 0x200000000000040(head|node=0|zone=2) [ 47.532694] page_type: 0xffffffff() [ 47.533354] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.534264] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.535083] page dumped because: kasan: bad access detected [ 47.535698] [ 47.536680] Memory state around the buggy address: [ 47.537130] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.538053] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.538776] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 47.539544] ^ [ 47.540289] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.541583] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.542413] ================================================================== [ 47.543884] ================================================================== [ 47.545186] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.546287] Write of size 1 at addr ffff88810256a0f0 by task kunit_try_catch/156 [ 47.547014] [ 47.547327] CPU: 1 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.548257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.549321] Call Trace: [ 47.549667] <TASK> [ 47.550145] dump_stack_lvl+0x4e/0x90 [ 47.550819] print_report+0xd2/0x660 [ 47.551428] ? __virt_addr_valid+0x156/0x1e0 [ 47.552065] ? kasan_addr_to_slab+0x11/0xb0 [ 47.552758] kasan_report+0xff/0x140 [ 47.553457] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.554121] ? krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.554549] __asan_store1+0x69/0x70 [ 47.555356] krealloc_more_oob_helper+0x1bb/0x3b0 [ 47.556135] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 47.556828] ? finish_task_switch.isra.0+0xc8/0x3e0 [ 47.557763] ? __schedule+0x70b/0x1190 [ 47.558534] ? ktime_get_ts64+0x118/0x140 [ 47.559171] krealloc_pagealloc_more_oob+0x1c/0x30 [ 47.559898] kunit_try_run_case+0x126/0x290 [ 47.560569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.561278] ? __kasan_check_write+0x18/0x20 [ 47.561778] ? trace_preempt_on+0x20/0xa0 [ 47.562314] ? __kthread_parkme+0x4f/0xd0 [ 47.562954] ? preempt_count_sub+0x50/0x80 [ 47.563790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.564294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.565079] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.565887] kthread+0x19e/0x1e0 [ 47.566289] ? __pfx_kthread+0x10/0x10 [ 47.566968] ret_from_fork+0x41/0x70 [ 47.567665] ? __pfx_kthread+0x10/0x10 [ 47.568571] ret_from_fork_asm+0x1b/0x30 [ 47.569080] </TASK> [ 47.569441] [ 47.569769] The buggy address belongs to the physical page: [ 47.570430] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 47.571812] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.572490] flags: 0x200000000000040(head|node=0|zone=2) [ 47.573208] page_type: 0xffffffff() [ 47.573785] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 47.574649] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 47.575320] page dumped because: kasan: bad access detected [ 47.576171] [ 47.576618] Memory state around the buggy address: [ 47.577203] ffff888102569f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.578103] ffff88810256a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.578767] >ffff88810256a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 47.579563] ^ [ 47.580676] ffff88810256a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.581387] ffff88810256a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 47.582150] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
[ 47.029861] ================================================================== [ 47.030762] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0xd0/0x1e0 [ 47.031538] Write of size 1 at addr ffff888102a21f00 by task kunit_try_catch/150 [ 47.032451] [ 47.032926] CPU: 1 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 47.034588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.035572] Call Trace: [ 47.036148] <TASK> [ 47.036613] dump_stack_lvl+0x4e/0x90 [ 47.037412] print_report+0xd2/0x660 [ 47.037905] ? __virt_addr_valid+0x156/0x1e0 [ 47.038842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 47.039586] kasan_report+0xff/0x140 [ 47.040238] ? kmalloc_large_oob_right+0xd0/0x1e0 [ 47.041190] ? kmalloc_large_oob_right+0xd0/0x1e0 [ 47.041925] __asan_store1+0x69/0x70 [ 47.042395] kmalloc_large_oob_right+0xd0/0x1e0 [ 47.043001] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 47.043667] ? __schedule+0x70b/0x1190 [ 47.044337] ? ktime_get_ts64+0x118/0x140 [ 47.044969] kunit_try_run_case+0x126/0x290 [ 47.045574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.046656] ? __kasan_check_write+0x18/0x20 [ 47.047660] ? trace_preempt_on+0x20/0xa0 [ 47.048413] ? __kthread_parkme+0x4f/0xd0 [ 47.049181] ? preempt_count_sub+0x50/0x80 [ 47.049718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.050555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.051506] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.052528] kthread+0x19e/0x1e0 [ 47.053044] ? __pfx_kthread+0x10/0x10 [ 47.053792] ret_from_fork+0x41/0x70 [ 47.054733] ? __pfx_kthread+0x10/0x10 [ 47.055771] ret_from_fork_asm+0x1b/0x30 [ 47.056326] </TASK> [ 47.056833] [ 47.057399] Allocated by task 150: [ 47.057828] kasan_save_stack+0x3c/0x60 [ 47.058645] kasan_set_track+0x29/0x40 [ 47.059306] kasan_save_alloc_info+0x22/0x30 [ 47.060015] __kasan_kmalloc+0xb7/0xc0 [ 47.060661] kmalloc_trace+0x4c/0xb0 [ 47.061160] kmalloc_large_oob_right+0x9d/0x1e0 [ 47.061896] kunit_try_run_case+0x126/0x290 [ 47.063006] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.063875] kthread+0x19e/0x1e0 [ 47.064520] ret_from_fork+0x41/0x70 [ 47.064985] ret_from_fork_asm+0x1b/0x30 [ 47.065375] [ 47.065647] The buggy address belongs to the object at ffff888102a20000 [ 47.065647] which belongs to the cache kmalloc-8k of size 8192 [ 47.066914] The buggy address is located 0 bytes to the right of [ 47.066914] allocated 7936-byte region [ffff888102a20000, ffff888102a21f00) [ 47.068838] [ 47.069128] The buggy address belongs to the physical page: [ 47.069591] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a20 [ 47.071321] head:(____ptrval____) order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 47.072263] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 47.072775] page_type: 0xffffffff() [ 47.073461] raw: 0200000000000840 ffff888100042280 dead000000000122 0000000000000000 [ 47.074210] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000 [ 47.075005] page dumped because: kasan: bad access detected [ 47.075493] [ 47.076728] Memory state around the buggy address: [ 47.077397] ffff888102a21e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.078122] ffff888102a21e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 47.079023] >ffff888102a21f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.079977] ^ [ 47.080571] ffff888102a21f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.081725] ffff888102a22000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.082665] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-use-after-free-in-pagealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-use-after-free-in-pagealloc_uaf: Failure
[ 46.988664] ================================================================== [ 46.990167] BUG: KASAN: use-after-free in pagealloc_uaf+0xe9/0x1f0 [ 46.990866] Read of size 1 at addr ffff888102a30000 by task kunit_try_catch/148 [ 46.991724] [ 46.992046] CPU: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.992836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.993824] Call Trace: [ 46.994228] <TASK> [ 46.994590] dump_stack_lvl+0x4e/0x90 [ 46.995083] print_report+0xd2/0x660 [ 46.995680] ? __virt_addr_valid+0x156/0x1e0 [ 46.996356] ? kasan_addr_to_slab+0x11/0xb0 [ 46.996868] kasan_report+0xff/0x140 [ 46.997453] ? pagealloc_uaf+0xe9/0x1f0 [ 46.998146] ? pagealloc_uaf+0xe9/0x1f0 [ 46.998634] __asan_load1+0x66/0x70 [ 46.999269] pagealloc_uaf+0xe9/0x1f0 [ 46.999877] ? __pfx_pagealloc_uaf+0x10/0x10 [ 47.000340] ? __pfx_pagealloc_uaf+0x10/0x10 [ 47.000990] ? kunit_try_run_case+0x11b/0x290 [ 47.001638] kunit_try_run_case+0x126/0x290 [ 47.002221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.002925] ? __kasan_check_write+0x18/0x20 [ 47.003445] ? trace_preempt_on+0x20/0xa0 [ 47.004068] ? __kthread_parkme+0x4f/0xd0 [ 47.004679] ? preempt_count_sub+0x50/0x80 [ 47.005162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 47.005902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 47.006659] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 47.007450] kthread+0x19e/0x1e0 [ 47.007952] ? __pfx_kthread+0x10/0x10 [ 47.008590] ret_from_fork+0x41/0x70 [ 47.009128] ? __pfx_kthread+0x10/0x10 [ 47.009701] ret_from_fork_asm+0x1b/0x30 [ 47.010318] </TASK> [ 47.010628] [ 47.011005] The buggy address belongs to the physical page: [ 47.011620] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 47.012448] flags: 0x200000000000000(node=0|zone=2) [ 47.013096] page_type: 0xffffff7f(buddy) [ 47.013684] raw: 0200000000000000 ffff88817fffab60 ffff88817fffab60 0000000000000000 [ 47.014511] raw: 0000000000000000 0000000000000004 00000000ffffff7f 0000000000000000 [ 47.015270] page dumped because: kasan: bad access detected [ 47.015917] [ 47.016235] Memory state around the buggy address: [ 47.016710] ffff888102a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.017480] ffff888102a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.018332] >ffff888102a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.018926] ^ [ 47.019376] ffff888102a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.020164] ffff888102a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 47.020777] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-invalid-free-in-kfree: Failure
[ 46.924761] ================================================================== [ 46.926193] BUG: KASAN: invalid-free in kfree+0xfb/0x120 [ 46.926790] Free of addr ffff888102568001 by task kunit_try_catch/144 [ 46.927689] [ 46.928104] CPU: 1 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.929877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.931131] Call Trace: [ 46.931492] <TASK> [ 46.931870] dump_stack_lvl+0x4e/0x90 [ 46.933194] print_report+0xd2/0x660 [ 46.933682] ? __virt_addr_valid+0x156/0x1e0 [ 46.934450] ? kfree+0xfb/0x120 [ 46.934905] ? kasan_addr_to_slab+0x11/0xb0 [ 46.935568] ? kfree+0xfb/0x120 [ 46.936529] kasan_report_invalid_free+0xcf/0x100 [ 46.937197] ? kfree+0xfb/0x120 [ 46.937691] ? kfree+0xfb/0x120 [ 46.938355] __kasan_kfree_large+0x86/0xd0 [ 46.938916] free_large_kmalloc+0x46/0xd0 [ 46.939732] kfree+0xfb/0x120 [ 46.940694] kmalloc_pagealloc_invalid_free+0xa9/0x1a0 [ 46.941614] ? __pfx_kmalloc_pagealloc_invalid_free+0x10/0x10 [ 46.942466] ? __schedule+0x70b/0x1190 [ 46.943033] ? ktime_get_ts64+0x118/0x140 [ 46.943637] kunit_try_run_case+0x126/0x290 [ 46.944242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.944824] ? __kasan_check_write+0x18/0x20 [ 46.945349] ? trace_preempt_on+0x20/0xa0 [ 46.945920] ? __kthread_parkme+0x4f/0xd0 [ 46.946720] ? preempt_count_sub+0x50/0x80 [ 46.947641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.948444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.949599] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.950272] kthread+0x19e/0x1e0 [ 46.950684] ? __pfx_kthread+0x10/0x10 [ 46.951423] ret_from_fork+0x41/0x70 [ 46.952520] ? __pfx_kthread+0x10/0x10 [ 46.953193] ret_from_fork_asm+0x1b/0x30 [ 46.953673] </TASK> [ 46.953943] [ 46.954146] The buggy address belongs to the physical page: [ 46.954571] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102568 [ 46.956625] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 46.957824] flags: 0x200000000000040(head|node=0|zone=2) [ 46.959425] page_type: 0xffffffff() [ 46.960217] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 46.961390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 46.962960] page dumped because: kasan: bad access detected [ 46.964108] [ 46.965006] Memory state around the buggy address: [ 46.965938] ffff888102567f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.966987] ffff888102567f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.967828] >ffff888102568000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.968881] ^ [ 46.969547] ffff888102568080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.970235] ffff888102568100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.971535] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-use-after-free-in-kmalloc_pagealloc_uaf: Failure
[ 46.881685] ================================================================== [ 46.882713] BUG: KASAN: use-after-free in kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 46.883415] Read of size 1 at addr ffff888102078000 by task kunit_try_catch/142 [ 46.884478] [ 46.884784] CPU: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.886463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.887824] Call Trace: [ 46.888227] <TASK> [ 46.888627] dump_stack_lvl+0x4e/0x90 [ 46.889253] print_report+0xd2/0x660 [ 46.889773] ? __virt_addr_valid+0x156/0x1e0 [ 46.890451] ? kasan_addr_to_slab+0x11/0xb0 [ 46.890947] kasan_report+0xff/0x140 [ 46.891366] ? kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 46.891995] ? kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 46.892620] __asan_load1+0x66/0x70 [ 46.893100] kmalloc_pagealloc_uaf+0xaf/0x1b0 [ 46.893627] ? __pfx_kmalloc_pagealloc_uaf+0x10/0x10 [ 46.894203] ? __schedule+0x70b/0x1190 [ 46.894726] ? ktime_get_ts64+0x118/0x140 [ 46.895261] kunit_try_run_case+0x126/0x290 [ 46.895884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.896433] ? __kasan_check_write+0x18/0x20 [ 46.896993] ? trace_preempt_on+0x20/0xa0 [ 46.897578] ? __kthread_parkme+0x4f/0xd0 [ 46.898173] ? preempt_count_sub+0x50/0x80 [ 46.898758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.899382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.900216] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.900865] kthread+0x19e/0x1e0 [ 46.901427] ? __pfx_kthread+0x10/0x10 [ 46.902007] ret_from_fork+0x41/0x70 [ 46.902501] ? __pfx_kthread+0x10/0x10 [ 46.903075] ret_from_fork_asm+0x1b/0x30 [ 46.903695] </TASK> [ 46.904025] [ 46.904288] The buggy address belongs to the physical page: [ 46.904926] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102078 [ 46.905873] flags: 0x200000000000000(node=0|zone=2) [ 46.906512] page_type: 0xffffffff() [ 46.907017] raw: 0200000000000000 ffffea0004081f08 ffff88815b43c8b8 0000000000000000 [ 46.907782] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 46.908380] page dumped because: kasan: bad access detected [ 46.908976] [ 46.909230] Memory state around the buggy address: [ 46.909801] ffff888102077f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.910438] ffff888102077f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.911232] >ffff888102078000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.911955] ^ [ 46.912292] ffff888102078080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.912839] ffff888102078100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 46.913644] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
[ 81.684591] ================================================================== [ 81.685340] BUG: KFENCE: use-after-free read in test_krealloc+0x2e9/0x530 [ 81.685340] [ 81.686050] Use-after-free read at 0x(____ptrval____) (in kfence-#219): [ 81.686363] test_krealloc+0x2e9/0x530 [ 81.686607] kunit_try_run_case+0x126/0x290 [ 81.686961] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 81.687478] kthread+0x19e/0x1e0 [ 81.687862] ret_from_fork+0x41/0x70 [ 81.688340] ret_from_fork_asm+0x1b/0x30 [ 81.689061] [ 81.689334] kfence-#219: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 81.689334] [ 81.690134] allocated by task 295 on cpu 1 at 81.683825s: [ 81.691019] test_alloc+0x2a0/0x8d0 [ 81.691718] test_krealloc+0xb1/0x530 [ 81.692283] kunit_try_run_case+0x126/0x290 [ 81.692900] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 81.693409] kthread+0x19e/0x1e0 [ 81.694102] ret_from_fork+0x41/0x70 [ 81.694757] ret_from_fork_asm+0x1b/0x30 [ 81.695406] [ 81.695763] freed by task 295 on cpu 1 at 81.684233s: [ 81.696613] krealloc+0x83/0x140 [ 81.697210] test_krealloc+0x137/0x530 [ 81.697819] kunit_try_run_case+0x126/0x290 [ 81.698439] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 81.699118] kthread+0x19e/0x1e0 [ 81.699666] ret_from_fork+0x41/0x70 [ 81.700275] ret_from_fork_asm+0x1b/0x30 [ 81.700916] [ 81.701235] CPU: 1 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 81.702071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.702902] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
[ 81.586390] ================================================================== [ 81.587095] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x14f/0x370 [ 81.587095] [ 81.588172] Use-after-free read at 0x(____ptrval____) (in kfence-#218): [ 81.589047] test_memcache_typesafe_by_rcu+0x14f/0x370 [ 81.589871] kunit_try_run_case+0x126/0x290 [ 81.590380] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 81.591163] kthread+0x19e/0x1e0 [ 81.591673] ret_from_fork+0x41/0x70 [ 81.592163] ret_from_fork_asm+0x1b/0x30 [ 81.592705] [ 81.592954] kfence-#218: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 81.592954] [ 81.593799] allocated by task 293 on cpu 0 at 81.579805s: [ 81.594399] test_alloc+0x1e8/0x8d0 [ 81.594968] test_memcache_typesafe_by_rcu+0xec/0x370 [ 81.595515] kunit_try_run_case+0x126/0x290 [ 81.596131] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 81.596748] kthread+0x19e/0x1e0 [ 81.597255] ret_from_fork+0x41/0x70 [ 81.597742] ret_from_fork_asm+0x1b/0x30 [ 81.598298] [ 81.598607] freed by task 0 on cpu 0 at 81.586106s: [ 81.599749] rcu_guarded_free+0x2e/0x40 [ 81.600293] rcu_core+0x4be/0x1020 [ 81.600832] rcu_core_si+0x12/0x20 [ 81.601232] handle_softirqs+0x195/0x520 [ 81.601801] irq_exit_rcu+0x92/0xb0 [ 81.602227] sysvec_apic_timer_interrupt+0x80/0xa0 [ 81.602801] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 81.603457] default_idle+0xf/0x20 [ 81.604041] default_idle_call+0x42/0x70 [ 81.604512] do_idle+0x2ba/0x310 [ 81.605080] cpu_startup_entry+0x3c/0x40 [ 81.605557] rest_init+0xe9/0xf0 [ 81.606098] arch_call_rest_init+0x17/0x50 [ 81.606755] start_kernel+0x2e3/0x3c0 [ 81.607480] x86_64_start_reservations+0x1c/0x30 [ 81.608070] x86_64_start_kernel+0xcf/0xe0 [ 81.608586] secondary_startup_64_no_verify+0x178/0x17b [ 81.609217] [ 81.609475] CPU: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 81.610376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.611216] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
[ 59.966820] ================================================================== [ 59.968010] BUG: KFENCE: invalid read in test_invalid_access+0xba/0x150 [ 59.968010] [ 59.969277] Invalid read at 0x(____ptrval____): [ 59.969789] test_invalid_access+0xba/0x150 [ 59.970478] kunit_try_run_case+0x126/0x290 [ 59.971073] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.971763] kthread+0x19e/0x1e0 [ 59.972539] ret_from_fork+0x41/0x70 [ 59.973111] ret_from_fork_asm+0x1b/0x30 [ 59.973761] [ 59.974048] CPU: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 59.974854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 59.975806] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
[ 59.740306] ================================================================== [ 59.740994] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 59.740994] [ 59.741715] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . ] (in kfence-#214): [ 59.742950] test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 59.743575] kunit_try_run_case+0x126/0x290 [ 59.744222] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.744941] kthread+0x19e/0x1e0 [ 59.745912] ret_from_fork+0x41/0x70 [ 59.746420] ret_from_fork_asm+0x1b/0x30 [ 59.747050] [ 59.747348] kfence-#214: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 59.747348] [ 59.748267] allocated by task 283 on cpu 0 at 59.739688s: [ 59.749003] test_alloc+0x2a0/0x8d0 [ 59.749557] test_kmalloc_aligned_oob_write+0xc0/0x1f0 [ 59.750180] kunit_try_run_case+0x126/0x290 [ 59.750816] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.751412] kthread+0x19e/0x1e0 [ 59.751983] ret_from_fork+0x41/0x70 [ 59.752538] ret_from_fork_asm+0x1b/0x30 [ 59.753047] [ 59.753329] freed by task 283 on cpu 0 at 59.739918s: [ 59.754103] test_kmalloc_aligned_oob_write+0x158/0x1f0 [ 59.754722] kunit_try_run_case+0x126/0x290 [ 59.755381] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.756048] kthread+0x19e/0x1e0 [ 59.756543] ret_from_fork+0x41/0x70 [ 59.757147] ret_from_fork_asm+0x1b/0x30 [ 59.757672] [ 59.758010] CPU: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 59.758957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 59.759803] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
[ 59.636197] ================================================================== [ 59.636914] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x12a/0x250 [ 59.636914] [ 59.637862] Out-of-bounds read at 0x(____ptrval____) (81B right of kfence-#213): [ 59.638769] test_kmalloc_aligned_oob_read+0x12a/0x250 [ 59.639395] kunit_try_run_case+0x126/0x290 [ 59.640026] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.640655] kthread+0x19e/0x1e0 [ 59.641220] ret_from_fork+0x41/0x70 [ 59.641832] ret_from_fork_asm+0x1b/0x30 [ 59.642361] [ 59.642646] kfence-#213: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 59.642646] [ 59.643550] allocated by task 281 on cpu 1 at 59.635845s: [ 59.644281] test_alloc+0x2a0/0x8d0 [ 59.644833] test_kmalloc_aligned_oob_read+0xda/0x250 [ 59.645434] kunit_try_run_case+0x126/0x290 [ 59.646091] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 59.646794] kthread+0x19e/0x1e0 [ 59.647286] ret_from_fork+0x41/0x70 [ 59.647813] ret_from_fork_asm+0x1b/0x30 [ 59.648448] [ 59.648766] CPU: 1 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 59.649640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 59.650411] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
[ 55.788313] ================================================================== [ 55.789039] BUG: KFENCE: memory corruption in test_corruption+0x160/0x280 [ 55.789039] [ 55.789803] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#176): [ 55.790564] test_corruption+0x160/0x280 [ 55.791212] kunit_try_run_case+0x126/0x290 [ 55.791861] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.792544] kthread+0x19e/0x1e0 [ 55.793078] ret_from_fork+0x41/0x70 [ 55.793515] ret_from_fork_asm+0x1b/0x30 [ 55.794134] [ 55.794422] kfence-#176: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 55.794422] [ 55.795255] allocated by task 271 on cpu 1 at 55.787832s: [ 55.795850] test_alloc+0x1e8/0x8d0 [ 55.796372] test_corruption+0x133/0x280 [ 55.796962] kunit_try_run_case+0x126/0x290 [ 55.797565] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.798185] kthread+0x19e/0x1e0 [ 55.798623] ret_from_fork+0x41/0x70 [ 55.799168] ret_from_fork_asm+0x1b/0x30 [ 55.799725] [ 55.800058] freed by task 271 on cpu 1 at 55.788112s: [ 55.800777] test_corruption+0x160/0x280 [ 55.801340] kunit_try_run_case+0x126/0x290 [ 55.801964] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.802490] kthread+0x19e/0x1e0 [ 55.803056] ret_from_fork+0x41/0x70 [ 55.803609] ret_from_fork_asm+0x1b/0x30 [ 55.804186] [ 55.804489] CPU: 1 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 55.805305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 55.806113] ================================================================== [ 54.020341] ================================================================== [ 54.021164] BUG: KFENCE: memory corruption in test_corruption+0x1c0/0x280 [ 54.021164] [ 54.022712] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#159): [ 54.025308] test_corruption+0x1c0/0x280 [ 54.025896] kunit_try_run_case+0x126/0x290 [ 54.026431] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.027273] kthread+0x19e/0x1e0 [ 54.027829] ret_from_fork+0x41/0x70 [ 54.028456] ret_from_fork_asm+0x1b/0x30 [ 54.029299] [ 54.029687] kfence-#159: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 54.029687] [ 54.030518] allocated by task 269 on cpu 1 at 54.019725s: [ 54.031198] test_alloc+0x2a0/0x8d0 [ 54.031714] test_corruption+0xdb/0x280 [ 54.032298] kunit_try_run_case+0x126/0x290 [ 54.032866] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.033566] kthread+0x19e/0x1e0 [ 54.034201] ret_from_fork+0x41/0x70 [ 54.034621] ret_from_fork_asm+0x1b/0x30 [ 54.035172] [ 54.035543] freed by task 269 on cpu 1 at 54.019919s: [ 54.036467] test_corruption+0x1c0/0x280 [ 54.036863] kunit_try_run_case+0x126/0x290 [ 54.037353] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.038233] kthread+0x19e/0x1e0 [ 54.038753] ret_from_fork+0x41/0x70 [ 54.039286] ret_from_fork_asm+0x1b/0x30 [ 54.039964] [ 54.040211] CPU: 1 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 54.040845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.041897] ================================================================== [ 54.748458] ================================================================== [ 54.749120] BUG: KFENCE: memory corruption in test_corruption+0x20f/0x280 [ 54.749120] [ 54.750027] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#166): [ 54.750769] test_corruption+0x20f/0x280 [ 54.751363] kunit_try_run_case+0x126/0x290 [ 54.752356] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.752981] kthread+0x19e/0x1e0 [ 54.753501] ret_from_fork+0x41/0x70 [ 54.754097] ret_from_fork_asm+0x1b/0x30 [ 54.754646] [ 54.755021] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 54.755021] [ 54.756088] allocated by task 269 on cpu 1 at 54.747841s: [ 54.756919] test_alloc+0x2a0/0x8d0 [ 54.757484] test_corruption+0x133/0x280 [ 54.758027] kunit_try_run_case+0x126/0x290 [ 54.758470] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.759279] kthread+0x19e/0x1e0 [ 54.759808] ret_from_fork+0x41/0x70 [ 54.760362] ret_from_fork_asm+0x1b/0x30 [ 54.760995] [ 54.761274] freed by task 269 on cpu 1 at 54.748151s: [ 54.762130] test_corruption+0x20f/0x280 [ 54.762642] kunit_try_run_case+0x126/0x290 [ 54.763186] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 54.763946] kthread+0x19e/0x1e0 [ 54.764459] ret_from_fork+0x41/0x70 [ 54.765043] ret_from_fork_asm+0x1b/0x30 [ 54.765496] [ 54.765886] CPU: 1 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 54.766808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.767637] ================================================================== [ 55.372266] ================================================================== [ 55.373010] BUG: KFENCE: memory corruption in test_corruption+0x10c/0x280 [ 55.373010] [ 55.373724] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#172): [ 55.375517] test_corruption+0x10c/0x280 [ 55.376137] kunit_try_run_case+0x126/0x290 [ 55.376778] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.377497] kthread+0x19e/0x1e0 [ 55.377955] ret_from_fork+0x41/0x70 [ 55.378491] ret_from_fork_asm+0x1b/0x30 [ 55.378923] [ 55.379301] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 55.379301] [ 55.380317] allocated by task 271 on cpu 1 at 55.371793s: [ 55.381077] test_alloc+0x1e8/0x8d0 [ 55.381537] test_corruption+0xdb/0x280 [ 55.382121] kunit_try_run_case+0x126/0x290 [ 55.382785] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.383472] kthread+0x19e/0x1e0 [ 55.384220] ret_from_fork+0x41/0x70 [ 55.385006] ret_from_fork_asm+0x1b/0x30 [ 55.385517] [ 55.385817] freed by task 271 on cpu 1 at 55.372085s: [ 55.386473] test_corruption+0x10c/0x280 [ 55.387074] kunit_try_run_case+0x126/0x290 [ 55.387694] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 55.388292] kthread+0x19e/0x1e0 [ 55.388880] ret_from_fork+0x41/0x70 [ 55.389417] ret_from_fork_asm+0x1b/0x30 [ 55.389903] [ 55.390268] CPU: 1 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 55.391157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 55.392088] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
[ 53.812049] ================================================================== [ 53.812509] BUG: KFENCE: invalid free in test_invalid_addr_free+0x157/0x1d0 [ 53.812509] [ 53.813399] Invalid free of 0x(____ptrval____) (in kfence-#157): [ 53.814316] test_invalid_addr_free+0x157/0x1d0 [ 53.815530] kunit_try_run_case+0x126/0x290 [ 53.816185] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.816959] kthread+0x19e/0x1e0 [ 53.817426] ret_from_fork+0x41/0x70 [ 53.818196] ret_from_fork_asm+0x1b/0x30 [ 53.818822] [ 53.819041] kfence-#157: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 53.819041] [ 53.820785] allocated by task 265 on cpu 0 at 53.811756s: [ 53.821433] test_alloc+0x2a0/0x8d0 [ 53.822312] test_invalid_addr_free+0xd0/0x1d0 [ 53.822985] kunit_try_run_case+0x126/0x290 [ 53.823707] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.824258] kthread+0x19e/0x1e0 [ 53.824491] ret_from_fork+0x41/0x70 [ 53.824757] ret_from_fork_asm+0x1b/0x30 [ 53.825167] [ 53.825505] CPU: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.826313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.827212] ================================================================== [ 53.916073] ================================================================== [ 53.916748] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x1d0 [ 53.916748] [ 53.917496] Invalid free of 0x(____ptrval____) (in kfence-#158): [ 53.918162] test_invalid_addr_free+0xec/0x1d0 [ 53.918615] kunit_try_run_case+0x126/0x290 [ 53.919299] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.920403] kthread+0x19e/0x1e0 [ 53.920893] ret_from_fork+0x41/0x70 [ 53.921448] ret_from_fork_asm+0x1b/0x30 [ 53.922041] [ 53.922286] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 53.922286] [ 53.923238] allocated by task 267 on cpu 0 at 53.915798s: [ 53.923798] test_alloc+0x1e8/0x8d0 [ 53.924379] test_invalid_addr_free+0xd0/0x1d0 [ 53.925029] kunit_try_run_case+0x126/0x290 [ 53.925520] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.926241] kthread+0x19e/0x1e0 [ 53.926672] ret_from_fork+0x41/0x70 [ 53.927254] ret_from_fork_asm+0x1b/0x30 [ 53.927755] [ 53.928050] CPU: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.928800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.929585] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
[ 53.607397] ================================================================== [ 53.609062] BUG: KFENCE: invalid free in test_double_free+0x16a/0x1d0 [ 53.609062] [ 53.611607] Invalid free of 0x(____ptrval____) (in kfence-#155): [ 53.613223] test_double_free+0x16a/0x1d0 [ 53.614521] kunit_try_run_case+0x126/0x290 [ 53.615957] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.618041] kthread+0x19e/0x1e0 [ 53.619282] ret_from_fork+0x41/0x70 [ 53.619971] ret_from_fork_asm+0x1b/0x30 [ 53.620398] [ 53.620608] kfence-#155: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 53.620608] [ 53.623497] allocated by task 261 on cpu 0 at 53.606507s: [ 53.625683] test_alloc+0x2a0/0x8d0 [ 53.626893] test_double_free+0xd0/0x1d0 [ 53.628726] kunit_try_run_case+0x126/0x290 [ 53.629908] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.630979] kthread+0x19e/0x1e0 [ 53.631391] ret_from_fork+0x41/0x70 [ 53.632475] ret_from_fork_asm+0x1b/0x30 [ 53.633389] [ 53.633974] freed by task 261 on cpu 0 at 53.606758s: [ 53.635218] test_double_free+0x156/0x1d0 [ 53.636499] kunit_try_run_case+0x126/0x290 [ 53.637380] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.638236] kthread+0x19e/0x1e0 [ 53.638614] ret_from_fork+0x41/0x70 [ 53.639830] ret_from_fork_asm+0x1b/0x30 [ 53.640920] [ 53.641526] CPU: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.643183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.645099] ================================================================== [ 53.708278] ================================================================== [ 53.709012] BUG: KFENCE: invalid free in test_double_free+0xff/0x1d0 [ 53.709012] [ 53.709666] Invalid free of 0x(____ptrval____) (in kfence-#156): [ 53.710349] test_double_free+0xff/0x1d0 [ 53.711474] kunit_try_run_case+0x126/0x290 [ 53.712340] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.713000] kthread+0x19e/0x1e0 [ 53.713241] ret_from_fork+0x41/0x70 [ 53.713474] ret_from_fork_asm+0x1b/0x30 [ 53.713766] [ 53.714128] kfence-#156: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 53.714128] [ 53.715329] allocated by task 263 on cpu 1 at 53.707705s: [ 53.716294] test_alloc+0x1e8/0x8d0 [ 53.716932] test_double_free+0xd0/0x1d0 [ 53.717570] kunit_try_run_case+0x126/0x290 [ 53.718086] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.718895] kthread+0x19e/0x1e0 [ 53.719358] ret_from_fork+0x41/0x70 [ 53.719797] ret_from_fork_asm+0x1b/0x30 [ 53.720634] [ 53.720982] freed by task 263 on cpu 1 at 53.707861s: [ 53.721651] test_double_free+0xeb/0x1d0 [ 53.722175] kunit_try_run_case+0x126/0x290 [ 53.722672] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.723468] kthread+0x19e/0x1e0 [ 53.724041] ret_from_fork+0x41/0x70 [ 53.724600] ret_from_fork_asm+0x1b/0x30 [ 53.725013] [ 53.725255] CPU: 1 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.725958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.726696] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
[ 53.396415] ================================================================== [ 53.397158] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf7/0x1a0 [ 53.397158] [ 53.398555] Use-after-free read at 0x(____ptrval____) (in kfence-#153): [ 53.399357] test_use_after_free_read+0xf7/0x1a0 [ 53.400557] kunit_try_run_case+0x126/0x290 [ 53.401303] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.402158] kthread+0x19e/0x1e0 [ 53.403152] ret_from_fork+0x41/0x70 [ 53.403592] ret_from_fork_asm+0x1b/0x30 [ 53.404275] [ 53.404544] kfence-#153: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 53.404544] [ 53.405653] allocated by task 257 on cpu 0 at 53.395818s: [ 53.406699] test_alloc+0x2a0/0x8d0 [ 53.407208] test_use_after_free_read+0xd0/0x1a0 [ 53.407784] kunit_try_run_case+0x126/0x290 [ 53.408410] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.409250] kthread+0x19e/0x1e0 [ 53.409894] ret_from_fork+0x41/0x70 [ 53.410569] ret_from_fork_asm+0x1b/0x30 [ 53.411309] [ 53.411917] freed by task 257 on cpu 0 at 53.396088s: [ 53.413046] test_use_after_free_read+0x14b/0x1a0 [ 53.413552] kunit_try_run_case+0x126/0x290 [ 53.414278] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.415078] kthread+0x19e/0x1e0 [ 53.415730] ret_from_fork+0x41/0x70 [ 53.416437] ret_from_fork_asm+0x1b/0x30 [ 53.417186] [ 53.417695] CPU: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.418760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.419811] ================================================================== [ 53.500160] ================================================================== [ 53.500864] BUG: KFENCE: use-after-free read in test_use_after_free_read+0xf7/0x1a0 [ 53.500864] [ 53.501862] Use-after-free read at 0x(____ptrval____) (in kfence-#154): [ 53.502513] test_use_after_free_read+0xf7/0x1a0 [ 53.503004] kunit_try_run_case+0x126/0x290 [ 53.503675] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.504430] kthread+0x19e/0x1e0 [ 53.504964] ret_from_fork+0x41/0x70 [ 53.505462] ret_from_fork_asm+0x1b/0x30 [ 53.505969] [ 53.506189] kfence-#154: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 53.506189] [ 53.506809] allocated by task 259 on cpu 1 at 53.499726s: [ 53.507556] test_alloc+0x1e8/0x8d0 [ 53.508152] test_use_after_free_read+0xd0/0x1a0 [ 53.508813] kunit_try_run_case+0x126/0x290 [ 53.509439] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.510198] kthread+0x19e/0x1e0 [ 53.510732] ret_from_fork+0x41/0x70 [ 53.511318] ret_from_fork_asm+0x1b/0x30 [ 53.511923] [ 53.512149] freed by task 259 on cpu 1 at 53.499880s: [ 53.512956] test_use_after_free_read+0xeb/0x1a0 [ 53.513597] kunit_try_run_case+0x126/0x290 [ 53.514115] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.514911] kthread+0x19e/0x1e0 [ 53.515400] ret_from_fork+0x41/0x70 [ 53.516168] ret_from_fork_asm+0x1b/0x30 [ 53.516623] [ 53.516899] CPU: 1 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.517331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.517685] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
[ 53.188136] ================================================================== [ 53.188891] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd9/0x1a0 [ 53.188891] [ 53.190143] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#151): [ 53.191490] test_out_of_bounds_write+0xd9/0x1a0 [ 53.192216] kunit_try_run_case+0x126/0x290 [ 53.192880] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.193621] kthread+0x19e/0x1e0 [ 53.194160] ret_from_fork+0x41/0x70 [ 53.194714] ret_from_fork_asm+0x1b/0x30 [ 53.195294] [ 53.195585] kfence-#151: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 53.195585] [ 53.196567] allocated by task 253 on cpu 1 at 53.187911s: [ 53.197406] test_alloc+0x2a0/0x8d0 [ 53.197941] test_out_of_bounds_write+0xc9/0x1a0 [ 53.198650] kunit_try_run_case+0x126/0x290 [ 53.199268] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.200021] kthread+0x19e/0x1e0 [ 53.200460] ret_from_fork+0x41/0x70 [ 53.201055] ret_from_fork_asm+0x1b/0x30 [ 53.201629] [ 53.201950] CPU: 1 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.202759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.203648] ================================================================== [ 53.291905] ================================================================== [ 53.292594] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0xd9/0x1a0 [ 53.292594] [ 53.293392] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#152): [ 53.294448] test_out_of_bounds_write+0xd9/0x1a0 [ 53.295528] kunit_try_run_case+0x126/0x290 [ 53.296289] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.296834] kthread+0x19e/0x1e0 [ 53.297351] ret_from_fork+0x41/0x70 [ 53.297923] ret_from_fork_asm+0x1b/0x30 [ 53.298389] [ 53.298675] kfence-#152: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 53.298675] [ 53.299441] allocated by task 255 on cpu 0 at 53.291797s: [ 53.300175] test_alloc+0x1e8/0x8d0 [ 53.300690] test_out_of_bounds_write+0xc9/0x1a0 [ 53.301163] kunit_try_run_case+0x126/0x290 [ 53.301670] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.302370] kthread+0x19e/0x1e0 [ 53.302883] ret_from_fork+0x41/0x70 [ 53.303425] ret_from_fork_asm+0x1b/0x30 [ 53.303993] [ 53.304315] CPU: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.304964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.305650] ==================================================================
Failure - log-parser-test - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-test/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
[ 52.148233] ================================================================== [ 52.148934] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x151/0x290 [ 52.148934] [ 52.150114] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#141): [ 52.150832] test_out_of_bounds_read+0x151/0x290 [ 52.151511] kunit_try_run_case+0x126/0x290 [ 52.152109] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.152755] kthread+0x19e/0x1e0 [ 52.153180] ret_from_fork+0x41/0x70 [ 52.153752] ret_from_fork_asm+0x1b/0x30 [ 52.154304] [ 52.154565] kfence-#141: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 52.154565] [ 52.155515] allocated by task 249 on cpu 1 at 52.147820s: [ 52.156298] test_alloc+0x2a0/0x8d0 [ 52.156858] test_out_of_bounds_read+0x138/0x290 [ 52.157324] kunit_try_run_case+0x126/0x290 [ 52.157940] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.158566] kthread+0x19e/0x1e0 [ 52.159002] ret_from_fork+0x41/0x70 [ 52.159576] ret_from_fork_asm+0x1b/0x30 [ 52.160150] [ 52.160457] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 52.161258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 52.162080] ================================================================== [ 53.084020] ================================================================== [ 53.084920] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x151/0x290 [ 53.084920] [ 53.085961] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#150): [ 53.087116] test_out_of_bounds_read+0x151/0x290 [ 53.087620] kunit_try_run_case+0x126/0x290 [ 53.088112] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.088727] kthread+0x19e/0x1e0 [ 53.089422] ret_from_fork+0x41/0x70 [ 53.089935] ret_from_fork_asm+0x1b/0x30 [ 53.090526] [ 53.090883] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 53.090883] [ 53.092028] allocated by task 251 on cpu 1 at 53.083892s: [ 53.092850] test_alloc+0x1e8/0x8d0 [ 53.093318] test_out_of_bounds_read+0x138/0x290 [ 53.093914] kunit_try_run_case+0x126/0x290 [ 53.094492] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 53.095093] kthread+0x19e/0x1e0 [ 53.095615] ret_from_fork+0x41/0x70 [ 53.096225] ret_from_fork_asm+0x1b/0x30 [ 53.096750] [ 53.097012] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 53.097892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 53.098571] ================================================================== [ 52.356104] ================================================================== [ 52.356886] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xeb/0x290 [ 52.356886] [ 52.357647] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#143): [ 52.358542] test_out_of_bounds_read+0xeb/0x290 [ 52.359281] kunit_try_run_case+0x126/0x290 [ 52.359892] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.360651] kthread+0x19e/0x1e0 [ 52.361143] ret_from_fork+0x41/0x70 [ 52.361709] ret_from_fork_asm+0x1b/0x30 [ 52.362311] [ 52.362591] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 52.362591] [ 52.363438] allocated by task 251 on cpu 1 at 52.355977s: [ 52.364308] test_alloc+0x1e8/0x8d0 [ 52.364837] test_out_of_bounds_read+0xdb/0x290 [ 52.365329] kunit_try_run_case+0x126/0x290 [ 52.365974] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.366699] kthread+0x19e/0x1e0 [ 52.367288] ret_from_fork+0x41/0x70 [ 52.367779] ret_from_fork_asm+0x1b/0x30 [ 52.368449] [ 52.368773] CPU: 1 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 52.369610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 52.370334] ================================================================== [ 52.045446] ================================================================== [ 52.046276] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0xeb/0x290 [ 52.046276] [ 52.047148] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#140): [ 52.048050] test_out_of_bounds_read+0xeb/0x290 [ 52.048626] kunit_try_run_case+0x126/0x290 [ 52.049131] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.049836] kthread+0x19e/0x1e0 [ 52.050362] ret_from_fork+0x41/0x70 [ 52.050993] ret_from_fork_asm+0x1b/0x30 [ 52.051472] [ 52.052004] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 52.052004] [ 52.053244] allocated by task 249 on cpu 1 at 52.043715s: [ 52.054483] test_alloc+0x2a0/0x8d0 [ 52.055098] test_out_of_bounds_read+0xdb/0x290 [ 52.055660] kunit_try_run_case+0x126/0x290 [ 52.056169] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 52.056912] kthread+0x19e/0x1e0 [ 52.057406] ret_from_fork+0x41/0x70 [ 52.057981] ret_from_fork_asm+0x1b/0x30 [ 52.058508] [ 52.058904] CPU: 1 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 52.059699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 52.060479] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
[ 51.872858] ================================================================== [ 51.873933] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x166/0x2a0 [ 51.874730] Read of size 8 at addr ffff888102842a80 by task kunit_try_catch/232 [ 51.875565] [ 51.876026] CPU: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.877554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.878620] Call Trace: [ 51.879037] <TASK> [ 51.879389] dump_stack_lvl+0x4e/0x90 [ 51.880382] print_report+0xd2/0x660 [ 51.881109] ? __virt_addr_valid+0x156/0x1e0 [ 51.881685] ? kasan_complete_mode_report_info+0x64/0x200 [ 51.882626] kasan_report+0xff/0x140 [ 51.883384] ? workqueue_uaf+0x166/0x2a0 [ 51.884229] ? workqueue_uaf+0x166/0x2a0 [ 51.884687] __asan_load8+0x82/0xb0 [ 51.885407] workqueue_uaf+0x166/0x2a0 [ 51.886156] ? __pfx_workqueue_uaf+0x10/0x10 [ 51.886778] ? __schedule+0x70b/0x1190 [ 51.887517] ? ktime_get_ts64+0x118/0x140 [ 51.888051] kunit_try_run_case+0x126/0x290 [ 51.888667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.889253] ? __kasan_check_write+0x18/0x20 [ 51.890282] ? trace_preempt_on+0x20/0xa0 [ 51.890863] ? __kthread_parkme+0x4f/0xd0 [ 51.891614] ? preempt_count_sub+0x50/0x80 [ 51.892376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.893132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.894259] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.894902] kthread+0x19e/0x1e0 [ 51.895630] ? __pfx_kthread+0x10/0x10 [ 51.896377] ret_from_fork+0x41/0x70 [ 51.897121] ? __pfx_kthread+0x10/0x10 [ 51.897640] ret_from_fork_asm+0x1b/0x30 [ 51.898310] </TASK> [ 51.898662] [ 51.898892] Allocated by task 232: [ 51.899331] kasan_save_stack+0x3c/0x60 [ 51.900358] kasan_set_track+0x29/0x40 [ 51.901111] kasan_save_alloc_info+0x22/0x30 [ 51.901664] __kasan_kmalloc+0xb7/0xc0 [ 51.902413] kmalloc_trace+0x4c/0xb0 [ 51.903287] workqueue_uaf+0xdb/0x2a0 [ 51.903833] kunit_try_run_case+0x126/0x290 [ 51.904587] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.905397] kthread+0x19e/0x1e0 [ 51.906110] ret_from_fork+0x41/0x70 [ 51.906570] ret_from_fork_asm+0x1b/0x30 [ 51.907517] [ 51.907805] Freed by task 8: [ 51.908390] kasan_save_stack+0x3c/0x60 [ 51.908954] kasan_set_track+0x29/0x40 [ 51.909427] kasan_save_free_info+0x2f/0x50 [ 51.910359] ____kasan_slab_free+0x172/0x1d0 [ 51.911313] __kasan_slab_free+0x16/0x20 [ 51.911850] __kmem_cache_free+0x190/0x310 [ 51.912553] kfree+0x7c/0x120 [ 51.913213] workqueue_uaf_work+0x12/0x20 [ 51.913685] process_one_work+0x2fb/0x640 [ 51.914488] worker_thread+0x521/0x780 [ 51.915348] kthread+0x19e/0x1e0 [ 51.915834] ret_from_fork+0x41/0x70 [ 51.916497] ret_from_fork_asm+0x1b/0x30 [ 51.917073] [ 51.917307] Last potentially related work creation: [ 51.917857] kasan_save_stack+0x3c/0x60 [ 51.918341] __kasan_record_aux_stack+0xb3/0xd0 [ 51.919539] kasan_record_aux_stack_noalloc+0xf/0x20 [ 51.920386] __queue_work.part.0+0x269/0x730 [ 51.921096] __queue_work+0x44/0xc0 [ 51.921620] queue_work_on+0x91/0xa0 [ 51.922311] workqueue_uaf+0x147/0x2a0 [ 51.922772] kunit_try_run_case+0x126/0x290 [ 51.923678] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.924550] kthread+0x19e/0x1e0 [ 51.925199] ret_from_fork+0x41/0x70 [ 51.925727] ret_from_fork_asm+0x1b/0x30 [ 51.926307] [ 51.926531] The buggy address belongs to the object at ffff888102842a80 [ 51.926531] which belongs to the cache kmalloc-32 of size 32 [ 51.927651] The buggy address is located 0 bytes inside of [ 51.927651] freed 32-byte region [ffff888102842a80, ffff888102842aa0) [ 51.929557] [ 51.929859] The buggy address belongs to the physical page: [ 51.930509] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102842 [ 51.931895] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.932539] page_type: 0xffffffff() [ 51.933358] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 51.934331] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 51.935462] page dumped because: kasan: bad access detected [ 51.936264] [ 51.936479] Memory state around the buggy address: [ 51.937239] ffff888102842980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 51.938030] ffff888102842a00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 51.938671] >ffff888102842a80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 51.940234] ^ [ 51.940666] ffff888102842b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.941428] ffff888102842b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.942478] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
[ 51.785240] ================================================================== [ 51.786086] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x27/0x40 [ 51.787386] Read of size 4 at addr ffff8881028429c0 by task swapper/0/0 [ 51.788456] [ 51.788731] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.6.76-rc1 #1 [ 51.789675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.790646] Call Trace: [ 51.791185] <IRQ> [ 51.791624] dump_stack_lvl+0x4e/0x90 [ 51.792225] print_report+0xd2/0x660 [ 51.792836] ? __virt_addr_valid+0x156/0x1e0 [ 51.793543] ? kasan_complete_mode_report_info+0x64/0x200 [ 51.794342] kasan_report+0xff/0x140 [ 51.794830] ? rcu_uaf_reclaim+0x27/0x40 [ 51.795398] ? rcu_uaf_reclaim+0x27/0x40 [ 51.796000] ? __pfx_rcu_uaf_reclaim+0x10/0x10 [ 51.796523] __asan_load4+0x85/0xb0 [ 51.797043] rcu_uaf_reclaim+0x27/0x40 [ 51.797545] rcu_core+0x4be/0x1020 [ 51.798059] ? rcu_core+0x3ef/0x1020 [ 51.798530] ? __pfx_rcu_core+0x10/0x10 [ 51.799093] rcu_core_si+0x12/0x20 [ 51.799619] handle_softirqs+0x195/0x520 [ 51.800176] ? __pfx_handle_softirqs+0x10/0x10 [ 51.800843] irq_exit_rcu+0x92/0xb0 [ 51.801319] sysvec_apic_timer_interrupt+0x80/0xa0 [ 51.802037] </IRQ> [ 51.802345] <TASK> [ 51.802631] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 51.803564] RIP: 0010:default_idle+0xf/0x20 [ 51.804347] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 e4 28 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 51.806097] RSP: 0000:ffffffff98407df0 EFLAGS: 00010212 [ 51.806934] RAX: ffff88815b4342c0 RBX: ffffffff98418540 RCX: ffffffff973c96c8 [ 51.807661] RDX: ffffed102b686859 RSI: 0000000000000004 RDI: 0000000000043c2c [ 51.808422] RBP: ffffffff98407df8 R08: 0000000000000001 R09: ffffed102b686858 [ 51.809117] R10: ffff88815b4342c3 R11: ffffffff9560325b R12: 0000000000000000 [ 51.810004] R13: ffffffff98e15b50 R14: 0000000000000000 R15: ffffffff98418540 [ 51.810812] ? ret_from_fork_asm+0x1b/0x30 [ 51.811418] ? ct_kernel_exit.constprop.0+0xa8/0xd0 [ 51.812081] ? arch_cpu_idle+0xd/0x20 [ 51.812556] default_idle_call+0x42/0x70 [ 51.813086] do_idle+0x2ba/0x310 [ 51.813569] ? __pfx_do_idle+0x10/0x10 [ 51.814130] ? trace_preempt_on+0x20/0xa0 [ 51.814754] ? schedule+0xa7/0x130 [ 51.815290] ? preempt_count_sub+0x50/0x80 [ 51.815878] cpu_startup_entry+0x3c/0x40 [ 51.816487] rest_init+0xe9/0xf0 [ 51.817019] arch_call_rest_init+0x17/0x50 [ 51.817554] start_kernel+0x2e3/0x3c0 [ 51.818170] x86_64_start_reservations+0x1c/0x30 [ 51.818837] x86_64_start_kernel+0xcf/0xe0 [ 51.819348] secondary_startup_64_no_verify+0x178/0x17b [ 51.819991] </TASK> [ 51.820361] [ 51.820595] Allocated by task 230: [ 51.821124] kasan_save_stack+0x3c/0x60 [ 51.821666] kasan_set_track+0x29/0x40 [ 51.822310] kasan_save_alloc_info+0x22/0x30 [ 51.823036] __kasan_kmalloc+0xb7/0xc0 [ 51.823505] kmalloc_trace+0x4c/0xb0 [ 51.824151] rcu_uaf+0x9b/0x1e0 [ 51.824746] kunit_try_run_case+0x126/0x290 [ 51.825468] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.826170] kthread+0x19e/0x1e0 [ 51.826779] ret_from_fork+0x41/0x70 [ 51.827381] ret_from_fork_asm+0x1b/0x30 [ 51.828026] [ 51.828300] Freed by task 0: [ 51.828770] kasan_save_stack+0x3c/0x60 [ 51.829371] kasan_set_track+0x29/0x40 [ 51.830018] kasan_save_free_info+0x2f/0x50 [ 51.830617] ____kasan_slab_free+0x172/0x1d0 [ 51.831304] __kasan_slab_free+0x16/0x20 [ 51.831905] __kmem_cache_free+0x190/0x310 [ 51.832523] kfree+0x7c/0x120 [ 51.833031] rcu_uaf_reclaim+0x1f/0x40 [ 51.833409] rcu_core+0x4be/0x1020 [ 51.833964] rcu_core_si+0x12/0x20 [ 51.834472] handle_softirqs+0x195/0x520 [ 51.835897] irq_exit_rcu+0x92/0xb0 [ 51.836437] sysvec_apic_timer_interrupt+0x80/0xa0 [ 51.837596] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 51.838389] [ 51.838624] Last potentially related work creation: [ 51.839600] kasan_save_stack+0x3c/0x60 [ 51.839989] __kasan_record_aux_stack+0xb3/0xd0 [ 51.841411] kasan_record_aux_stack_noalloc+0xf/0x20 [ 51.841992] __call_rcu_common.constprop.0+0x4c/0x5e0 [ 51.842554] call_rcu+0x12/0x20 [ 51.843206] rcu_uaf+0xdd/0x1e0 [ 51.843433] kunit_try_run_case+0x126/0x290 [ 51.843684] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.844195] kthread+0x19e/0x1e0 [ 51.844646] ret_from_fork+0x41/0x70 [ 51.845104] ret_from_fork_asm+0x1b/0x30 [ 51.845688] [ 51.846025] The buggy address belongs to the object at ffff8881028429c0 [ 51.846025] which belongs to the cache kmalloc-32 of size 32 [ 51.847212] The buggy address is located 0 bytes inside of [ 51.847212] freed 32-byte region [ffff8881028429c0, ffff8881028429e0) [ 51.848309] [ 51.848557] The buggy address belongs to the physical page: [ 51.849236] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102842 [ 51.850084] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.850757] page_type: 0xffffffff() [ 51.851276] raw: 0200000000000800 ffff888100041500 dead000000000122 0000000000000000 [ 51.852018] raw: 0000000000000000 0000000080400040 00000001ffffffff 0000000000000000 [ 51.852864] page dumped because: kasan: bad access detected [ 51.853316] [ 51.853587] Memory state around the buggy address: [ 51.854213] ffff888102842880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 51.854831] ffff888102842900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 51.855630] >ffff888102842980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 51.856421] ^ [ 51.856975] ffff888102842a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.857791] ffff888102842a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.858455] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-double-free-in-kfree
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-double-free-in-kfree: Failure
[ 51.703983] ================================================================== [ 51.704680] BUG: KASAN: double-free in kfree+0x7c/0x120 [ 51.705999] Free of addr ffff888101a81400 by task kunit_try_catch/228 [ 51.706523] [ 51.706866] CPU: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.707770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.708577] Call Trace: [ 51.708977] <TASK> [ 51.710033] dump_stack_lvl+0x4e/0x90 [ 51.710550] print_report+0xd2/0x660 [ 51.711122] ? __virt_addr_valid+0x156/0x1e0 [ 51.711667] ? kfree+0x7c/0x120 [ 51.712620] ? kasan_complete_mode_report_info+0x64/0x200 [ 51.713769] ? kfree+0x7c/0x120 [ 51.714354] kasan_report_invalid_free+0xcf/0x100 [ 51.715272] ? kfree+0x7c/0x120 [ 51.715730] ? kfree+0x7c/0x120 [ 51.716146] ____kasan_slab_free+0x19c/0x1d0 [ 51.716657] ? kfree_sensitive+0x2e/0x90 [ 51.717631] __kasan_slab_free+0x16/0x20 [ 51.718416] __kmem_cache_free+0x190/0x310 [ 51.719162] kfree+0x7c/0x120 [ 51.719818] kfree_sensitive+0x2e/0x90 [ 51.720487] kmalloc_double_kzfree+0xd4/0x1d0 [ 51.721762] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 51.722506] ? __schedule+0x70b/0x1190 [ 51.723123] ? ktime_get_ts64+0x118/0x140 [ 51.723811] kunit_try_run_case+0x126/0x290 [ 51.724399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.725068] ? __kasan_check_write+0x18/0x20 [ 51.726137] ? trace_preempt_on+0x20/0xa0 [ 51.726404] ? __kthread_parkme+0x4f/0xd0 [ 51.726649] ? preempt_count_sub+0x50/0x80 [ 51.727458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.728134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.729638] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.730231] kthread+0x19e/0x1e0 [ 51.730749] ? __pfx_kthread+0x10/0x10 [ 51.731601] ret_from_fork+0x41/0x70 [ 51.732633] ? __pfx_kthread+0x10/0x10 [ 51.733386] ret_from_fork_asm+0x1b/0x30 [ 51.734333] </TASK> [ 51.734582] [ 51.734865] Allocated by task 228: [ 51.735311] kasan_save_stack+0x3c/0x60 [ 51.736135] kasan_set_track+0x29/0x40 [ 51.736540] kasan_save_alloc_info+0x22/0x30 [ 51.737355] __kasan_kmalloc+0xb7/0xc0 [ 51.738244] kmalloc_trace+0x4c/0xb0 [ 51.738776] kmalloc_double_kzfree+0x9d/0x1d0 [ 51.739550] kunit_try_run_case+0x126/0x290 [ 51.740515] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.741321] kthread+0x19e/0x1e0 [ 51.742038] ret_from_fork+0x41/0x70 [ 51.742613] ret_from_fork_asm+0x1b/0x30 [ 51.743103] [ 51.743759] Freed by task 228: [ 51.744211] kasan_save_stack+0x3c/0x60 [ 51.744858] kasan_set_track+0x29/0x40 [ 51.745762] kasan_save_free_info+0x2f/0x50 [ 51.746406] ____kasan_slab_free+0x172/0x1d0 [ 51.747657] __kasan_slab_free+0x16/0x20 [ 51.748330] __kmem_cache_free+0x190/0x310 [ 51.749012] kfree+0x7c/0x120 [ 51.749503] kfree_sensitive+0x67/0x90 [ 51.749967] kmalloc_double_kzfree+0xbd/0x1d0 [ 51.750489] kunit_try_run_case+0x126/0x290 [ 51.751167] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.751932] kthread+0x19e/0x1e0 [ 51.752337] ret_from_fork+0x41/0x70 [ 51.752948] ret_from_fork_asm+0x1b/0x30 [ 51.753440] [ 51.753633] The buggy address belongs to the object at ffff888101a81400 [ 51.753633] which belongs to the cache kmalloc-16 of size 16 [ 51.754958] The buggy address is located 0 bytes inside of [ 51.754958] 16-byte region [ffff888101a81400, ffff888101a81410) [ 51.755956] [ 51.756264] The buggy address belongs to the physical page: [ 51.757018] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.758156] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.758617] page_type: 0xffffffff() [ 51.759185] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.760052] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.760962] page dumped because: kasan: bad access detected [ 51.761482] [ 51.761667] Memory state around the buggy address: [ 51.762293] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.763206] ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 51.763898] >ffff888101a81400: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.764668] ^ [ 51.765140] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.765990] ffff888101a81500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.766636] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
[ 51.640284] ================================================================== [ 51.641296] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0xd4/0x1d0 [ 51.641659] Read of size 1 at addr ffff888101a81400 by task kunit_try_catch/228 [ 51.642495] [ 51.643296] CPU: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.645110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.646133] Call Trace: [ 51.646541] <TASK> [ 51.646921] dump_stack_lvl+0x4e/0x90 [ 51.647633] print_report+0xd2/0x660 [ 51.649045] ? __virt_addr_valid+0x156/0x1e0 [ 51.649559] ? kasan_complete_mode_report_info+0x64/0x200 [ 51.650335] kasan_report+0xff/0x140 [ 51.650993] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 51.651517] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 51.652361] ? kmalloc_double_kzfree+0xd4/0x1d0 [ 51.653065] __kasan_check_byte+0x3d/0x50 [ 51.653665] kfree_sensitive+0x22/0x90 [ 51.654363] kmalloc_double_kzfree+0xd4/0x1d0 [ 51.655002] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 51.655778] ? __schedule+0x70b/0x1190 [ 51.656270] ? ktime_get_ts64+0x118/0x140 [ 51.656926] kunit_try_run_case+0x126/0x290 [ 51.657575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.658794] ? __kasan_check_write+0x18/0x20 [ 51.659407] ? trace_preempt_on+0x20/0xa0 [ 51.660045] ? __kthread_parkme+0x4f/0xd0 [ 51.660631] ? preempt_count_sub+0x50/0x80 [ 51.661282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.662103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.663304] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.663944] kthread+0x19e/0x1e0 [ 51.664473] ? __pfx_kthread+0x10/0x10 [ 51.665008] ret_from_fork+0x41/0x70 [ 51.665609] ? __pfx_kthread+0x10/0x10 [ 51.666206] ret_from_fork_asm+0x1b/0x30 [ 51.666866] </TASK> [ 51.667362] [ 51.667640] Allocated by task 228: [ 51.668805] kasan_save_stack+0x3c/0x60 [ 51.669302] kasan_set_track+0x29/0x40 [ 51.669717] kasan_save_alloc_info+0x22/0x30 [ 51.670193] __kasan_kmalloc+0xb7/0xc0 [ 51.670593] kmalloc_trace+0x4c/0xb0 [ 51.671432] kmalloc_double_kzfree+0x9d/0x1d0 [ 51.672402] kunit_try_run_case+0x126/0x290 [ 51.673262] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.674122] kthread+0x19e/0x1e0 [ 51.674503] ret_from_fork+0x41/0x70 [ 51.674990] ret_from_fork_asm+0x1b/0x30 [ 51.676274] [ 51.676494] Freed by task 228: [ 51.676793] kasan_save_stack+0x3c/0x60 [ 51.677368] kasan_set_track+0x29/0x40 [ 51.678535] kasan_save_free_info+0x2f/0x50 [ 51.679187] ____kasan_slab_free+0x172/0x1d0 [ 51.679826] __kasan_slab_free+0x16/0x20 [ 51.680286] __kmem_cache_free+0x190/0x310 [ 51.681447] kfree+0x7c/0x120 [ 51.681875] kfree_sensitive+0x67/0x90 [ 51.682356] kmalloc_double_kzfree+0xbd/0x1d0 [ 51.682998] kunit_try_run_case+0x126/0x290 [ 51.683567] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.684359] kthread+0x19e/0x1e0 [ 51.685549] ret_from_fork+0x41/0x70 [ 51.686018] ret_from_fork_asm+0x1b/0x30 [ 51.686775] [ 51.687035] The buggy address belongs to the object at ffff888101a81400 [ 51.687035] which belongs to the cache kmalloc-16 of size 16 [ 51.688181] The buggy address is located 0 bytes inside of [ 51.688181] freed 16-byte region [ffff888101a81400, ffff888101a81410) [ 51.690277] [ 51.690493] The buggy address belongs to the physical page: [ 51.691567] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.692520] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.693283] page_type: 0xffffffff() [ 51.693702] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.694411] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.695438] page dumped because: kasan: bad access detected [ 51.696415] [ 51.696627] Memory state around the buggy address: [ 51.697619] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.698502] ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 51.699552] >ffff888101a81400: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.700271] ^ [ 51.700923] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.702314] ffff888101a81500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.702828] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
[ 51.296935] ================================================================== [ 51.297678] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 51.298885] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.299627] [ 51.299919] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.301148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.302152] Call Trace: [ 51.302513] <TASK> [ 51.302849] dump_stack_lvl+0x4e/0x90 [ 51.303542] print_report+0xd2/0x660 [ 51.304347] ? __virt_addr_valid+0x156/0x1e0 [ 51.305021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.305905] kasan_report+0xff/0x140 [ 51.306485] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 51.307456] ? kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 51.308394] kasan_check_range+0x10c/0x1c0 [ 51.309087] __kasan_check_write+0x18/0x20 [ 51.309684] kasan_bitops_test_and_modify.constprop.0+0x1a7/0x6a0 [ 51.310509] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.311427] ? kasan_set_track+0x29/0x40 [ 51.312138] ? kasan_save_alloc_info+0x22/0x30 [ 51.312851] ? __kasan_kmalloc+0xb7/0xc0 [ 51.313562] kasan_bitops_generic+0xb4/0x130 [ 51.314368] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.315174] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.316561] ? kunit_try_run_case+0x11b/0x290 [ 51.317144] kunit_try_run_case+0x126/0x290 [ 51.317842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.318522] ? __kasan_check_write+0x18/0x20 [ 51.319518] ? trace_preempt_on+0x20/0xa0 [ 51.320357] ? __kthread_parkme+0x4f/0xd0 [ 51.321353] ? preempt_count_sub+0x50/0x80 [ 51.321859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.322601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.323483] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.324373] kthread+0x19e/0x1e0 [ 51.324838] ? __pfx_kthread+0x10/0x10 [ 51.325335] ret_from_fork+0x41/0x70 [ 51.325815] ? __pfx_kthread+0x10/0x10 [ 51.326253] ret_from_fork_asm+0x1b/0x30 [ 51.326772] </TASK> [ 51.327113] [ 51.327393] Allocated by task 224: [ 51.327867] kasan_save_stack+0x3c/0x60 [ 51.329191] kasan_set_track+0x29/0x40 [ 51.329653] kasan_save_alloc_info+0x22/0x30 [ 51.330185] __kasan_kmalloc+0xb7/0xc0 [ 51.330754] kmalloc_trace+0x4c/0xb0 [ 51.331294] kasan_bitops_generic+0x8e/0x130 [ 51.331822] kunit_try_run_case+0x126/0x290 [ 51.333098] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.333941] kthread+0x19e/0x1e0 [ 51.334359] ret_from_fork+0x41/0x70 [ 51.334767] ret_from_fork_asm+0x1b/0x30 [ 51.335673] [ 51.335953] The buggy address belongs to the object at ffff888101a813e0 [ 51.335953] which belongs to the cache kmalloc-16 of size 16 [ 51.337999] The buggy address is located 8 bytes inside of [ 51.337999] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.339130] [ 51.339370] The buggy address belongs to the physical page: [ 51.339908] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.341553] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.342266] page_type: 0xffffffff() [ 51.343172] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.344013] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.344349] page dumped because: kasan: bad access detected [ 51.344593] [ 51.344716] Memory state around the buggy address: [ 51.345219] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.346541] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.347301] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.348803] ^ [ 51.349532] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.350944] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.351971] ================================================================== [ 51.570716] ================================================================== [ 51.571977] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 51.573033] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.574143] [ 51.574390] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.575342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.576336] Call Trace: [ 51.576690] <TASK> [ 51.577057] dump_stack_lvl+0x4e/0x90 [ 51.577517] print_report+0xd2/0x660 [ 51.578220] ? __virt_addr_valid+0x156/0x1e0 [ 51.578895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.579765] kasan_report+0xff/0x140 [ 51.580385] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 51.581227] ? kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 51.582079] kasan_check_range+0x10c/0x1c0 [ 51.582770] __kasan_check_write+0x18/0x20 [ 51.583404] kasan_bitops_test_and_modify.constprop.0+0x2c0/0x6a0 [ 51.584275] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.585114] ? kasan_set_track+0x29/0x40 [ 51.585675] ? kasan_save_alloc_info+0x22/0x30 [ 51.586347] ? __kasan_kmalloc+0xb7/0xc0 [ 51.586990] kasan_bitops_generic+0xb4/0x130 [ 51.587701] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.588369] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.589081] ? kunit_try_run_case+0x11b/0x290 [ 51.589817] kunit_try_run_case+0x126/0x290 [ 51.590445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.591126] ? __kasan_check_write+0x18/0x20 [ 51.591798] ? trace_preempt_on+0x20/0xa0 [ 51.592364] ? __kthread_parkme+0x4f/0xd0 [ 51.593075] ? preempt_count_sub+0x50/0x80 [ 51.593781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.594505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.595311] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.596101] kthread+0x19e/0x1e0 [ 51.596681] ? __pfx_kthread+0x10/0x10 [ 51.597289] ret_from_fork+0x41/0x70 [ 51.597879] ? __pfx_kthread+0x10/0x10 [ 51.598542] ret_from_fork_asm+0x1b/0x30 [ 51.599130] </TASK> [ 51.599555] [ 51.599841] Allocated by task 224: [ 51.600285] kasan_save_stack+0x3c/0x60 [ 51.600939] kasan_set_track+0x29/0x40 [ 51.601481] kasan_save_alloc_info+0x22/0x30 [ 51.602211] __kasan_kmalloc+0xb7/0xc0 [ 51.602749] kmalloc_trace+0x4c/0xb0 [ 51.603346] kasan_bitops_generic+0x8e/0x130 [ 51.604024] kunit_try_run_case+0x126/0x290 [ 51.604641] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.605416] kthread+0x19e/0x1e0 [ 51.606029] ret_from_fork+0x41/0x70 [ 51.606665] ret_from_fork_asm+0x1b/0x30 [ 51.607279] [ 51.607557] The buggy address belongs to the object at ffff888101a813e0 [ 51.607557] which belongs to the cache kmalloc-16 of size 16 [ 51.608715] The buggy address is located 8 bytes inside of [ 51.608715] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.609936] [ 51.610262] The buggy address belongs to the physical page: [ 51.610808] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.611671] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.612277] page_type: 0xffffffff() [ 51.612697] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.613663] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.614468] page dumped because: kasan: bad access detected [ 51.615140] [ 51.615429] Memory state around the buggy address: [ 51.616006] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.616749] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.617620] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.618309] ^ [ 51.619110] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.619898] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.620747] ================================================================== [ 51.407423] ================================================================== [ 51.408226] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 51.409291] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.410328] [ 51.410630] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.411578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.413288] Call Trace: [ 51.414412] <TASK> [ 51.414981] dump_stack_lvl+0x4e/0x90 [ 51.415664] print_report+0xd2/0x660 [ 51.416360] ? __virt_addr_valid+0x156/0x1e0 [ 51.417666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.418388] kasan_report+0xff/0x140 [ 51.419018] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 51.419947] ? kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 51.420635] kasan_check_range+0x10c/0x1c0 [ 51.421426] __kasan_check_write+0x18/0x20 [ 51.422190] kasan_bitops_test_and_modify.constprop.0+0x22c/0x6a0 [ 51.423243] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.424340] ? kasan_set_track+0x29/0x40 [ 51.424976] ? kasan_save_alloc_info+0x22/0x30 [ 51.426000] ? __kasan_kmalloc+0xb7/0xc0 [ 51.426508] kasan_bitops_generic+0xb4/0x130 [ 51.427394] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.428031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.428603] ? kunit_try_run_case+0x11b/0x290 [ 51.429753] kunit_try_run_case+0x126/0x290 [ 51.430285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.430968] ? __kasan_check_write+0x18/0x20 [ 51.431550] ? trace_preempt_on+0x20/0xa0 [ 51.432075] ? __kthread_parkme+0x4f/0xd0 [ 51.432603] ? preempt_count_sub+0x50/0x80 [ 51.433880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.434640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.435476] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.436137] kthread+0x19e/0x1e0 [ 51.436634] ? __pfx_kthread+0x10/0x10 [ 51.437500] ret_from_fork+0x41/0x70 [ 51.437936] ? __pfx_kthread+0x10/0x10 [ 51.438679] ret_from_fork_asm+0x1b/0x30 [ 51.439430] </TASK> [ 51.439795] [ 51.440100] Allocated by task 224: [ 51.440516] kasan_save_stack+0x3c/0x60 [ 51.441594] kasan_set_track+0x29/0x40 [ 51.442576] kasan_save_alloc_info+0x22/0x30 [ 51.443190] __kasan_kmalloc+0xb7/0xc0 [ 51.443529] kmalloc_trace+0x4c/0xb0 [ 51.444114] kasan_bitops_generic+0x8e/0x130 [ 51.444757] kunit_try_run_case+0x126/0x290 [ 51.445285] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.446330] kthread+0x19e/0x1e0 [ 51.447152] ret_from_fork+0x41/0x70 [ 51.447723] ret_from_fork_asm+0x1b/0x30 [ 51.448298] [ 51.448541] The buggy address belongs to the object at ffff888101a813e0 [ 51.448541] which belongs to the cache kmalloc-16 of size 16 [ 51.449680] The buggy address is located 8 bytes inside of [ 51.449680] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.451321] [ 51.451530] The buggy address belongs to the physical page: [ 51.452443] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.453567] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.454279] page_type: 0xffffffff() [ 51.454926] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.456112] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.456818] page dumped because: kasan: bad access detected [ 51.457292] [ 51.457561] Memory state around the buggy address: [ 51.458969] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.459703] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.460446] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.461579] ^ [ 51.462631] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.463439] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.464060] ================================================================== [ 51.182862] ================================================================== [ 51.184452] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 51.185303] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.185638] [ 51.185895] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.187373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.188300] Call Trace: [ 51.188695] <TASK> [ 51.189422] dump_stack_lvl+0x4e/0x90 [ 51.189962] print_report+0xd2/0x660 [ 51.190401] ? __virt_addr_valid+0x156/0x1e0 [ 51.191281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.192110] kasan_report+0xff/0x140 [ 51.192919] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 51.193987] ? kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 51.194960] kasan_check_range+0x10c/0x1c0 [ 51.195548] __kasan_check_write+0x18/0x20 [ 51.196258] kasan_bitops_test_and_modify.constprop.0+0x121/0x6a0 [ 51.197446] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.198495] ? kasan_set_track+0x29/0x40 [ 51.199149] ? kasan_save_alloc_info+0x22/0x30 [ 51.199694] ? __kasan_kmalloc+0xb7/0xc0 [ 51.201031] kasan_bitops_generic+0xb4/0x130 [ 51.201784] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.202532] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.203182] ? kunit_try_run_case+0x11b/0x290 [ 51.203749] kunit_try_run_case+0x126/0x290 [ 51.205177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.205934] ? __kasan_check_write+0x18/0x20 [ 51.206665] ? trace_preempt_on+0x20/0xa0 [ 51.207397] ? __kthread_parkme+0x4f/0xd0 [ 51.208393] ? preempt_count_sub+0x50/0x80 [ 51.208908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.210008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.210752] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.211505] kthread+0x19e/0x1e0 [ 51.212088] ? __pfx_kthread+0x10/0x10 [ 51.212657] ret_from_fork+0x41/0x70 [ 51.213540] ? __pfx_kthread+0x10/0x10 [ 51.213993] ret_from_fork_asm+0x1b/0x30 [ 51.214860] </TASK> [ 51.215282] [ 51.215609] Allocated by task 224: [ 51.216175] kasan_save_stack+0x3c/0x60 [ 51.216839] kasan_set_track+0x29/0x40 [ 51.217258] kasan_save_alloc_info+0x22/0x30 [ 51.218195] __kasan_kmalloc+0xb7/0xc0 [ 51.219297] kmalloc_trace+0x4c/0xb0 [ 51.220040] kasan_bitops_generic+0x8e/0x130 [ 51.220674] kunit_try_run_case+0x126/0x290 [ 51.221283] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.221884] kthread+0x19e/0x1e0 [ 51.222600] ret_from_fork+0x41/0x70 [ 51.223125] ret_from_fork_asm+0x1b/0x30 [ 51.223664] [ 51.223926] The buggy address belongs to the object at ffff888101a813e0 [ 51.223926] which belongs to the cache kmalloc-16 of size 16 [ 51.225423] The buggy address is located 8 bytes inside of [ 51.225423] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.226603] [ 51.227328] The buggy address belongs to the physical page: [ 51.228297] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.229264] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.229844] page_type: 0xffffffff() [ 51.230602] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.231622] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.232757] page dumped because: kasan: bad access detected [ 51.233513] [ 51.233941] Memory state around the buggy address: [ 51.234662] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.235450] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.236708] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.237610] ^ [ 51.238370] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.238960] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.239346] ================================================================== [ 51.069489] ================================================================== [ 51.070127] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 51.071201] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.072769] [ 51.073108] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.073921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.074921] Call Trace: [ 51.075642] <TASK> [ 51.076331] dump_stack_lvl+0x4e/0x90 [ 51.077253] print_report+0xd2/0x660 [ 51.077704] ? __virt_addr_valid+0x156/0x1e0 [ 51.078272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.079298] kasan_report+0xff/0x140 [ 51.079683] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 51.080825] ? kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 51.081527] kasan_check_range+0x10c/0x1c0 [ 51.082194] __kasan_check_write+0x18/0x20 [ 51.082791] kasan_bitops_test_and_modify.constprop.0+0x9c/0x6a0 [ 51.084156] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.085073] ? kasan_set_track+0x29/0x40 [ 51.085571] ? kasan_save_alloc_info+0x22/0x30 [ 51.086248] ? __kasan_kmalloc+0xb7/0xc0 [ 51.086817] kasan_bitops_generic+0xb4/0x130 [ 51.088054] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.088654] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.089291] ? kunit_try_run_case+0x11b/0x290 [ 51.089943] kunit_try_run_case+0x126/0x290 [ 51.090531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.091403] ? __kasan_check_write+0x18/0x20 [ 51.092566] ? trace_preempt_on+0x20/0xa0 [ 51.093140] ? __kthread_parkme+0x4f/0xd0 [ 51.093698] ? preempt_count_sub+0x50/0x80 [ 51.094311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.095100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.095672] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.096579] kthread+0x19e/0x1e0 [ 51.097192] ? __pfx_kthread+0x10/0x10 [ 51.097844] ret_from_fork+0x41/0x70 [ 51.098432] ? __pfx_kthread+0x10/0x10 [ 51.099012] ret_from_fork_asm+0x1b/0x30 [ 51.100232] </TASK> [ 51.100558] [ 51.100875] Allocated by task 224: [ 51.101246] kasan_save_stack+0x3c/0x60 [ 51.101650] kasan_set_track+0x29/0x40 [ 51.102201] kasan_save_alloc_info+0x22/0x30 [ 51.102651] __kasan_kmalloc+0xb7/0xc0 [ 51.104050] kmalloc_trace+0x4c/0xb0 [ 51.104639] kasan_bitops_generic+0x8e/0x130 [ 51.105289] kunit_try_run_case+0x126/0x290 [ 51.105870] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.106491] kthread+0x19e/0x1e0 [ 51.107032] ret_from_fork+0x41/0x70 [ 51.107512] ret_from_fork_asm+0x1b/0x30 [ 51.108682] [ 51.109026] The buggy address belongs to the object at ffff888101a813e0 [ 51.109026] which belongs to the cache kmalloc-16 of size 16 [ 51.110095] The buggy address is located 8 bytes inside of [ 51.110095] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.111320] [ 51.111639] The buggy address belongs to the physical page: [ 51.112538] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.114183] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.114834] page_type: 0xffffffff() [ 51.115375] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.116654] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.117465] page dumped because: kasan: bad access detected [ 51.118121] [ 51.118398] Memory state around the buggy address: [ 51.118996] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.119681] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.120444] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.121573] ^ [ 51.122572] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.123650] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.124200] ================================================================== [ 51.352998] ================================================================== [ 51.353615] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 51.355134] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.356067] [ 51.356967] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.357767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.358554] Call Trace: [ 51.359016] <TASK> [ 51.359424] dump_stack_lvl+0x4e/0x90 [ 51.360045] print_report+0xd2/0x660 [ 51.360653] ? __virt_addr_valid+0x156/0x1e0 [ 51.361253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.362073] kasan_report+0xff/0x140 [ 51.362622] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 51.363434] ? kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 51.364157] kasan_check_range+0x10c/0x1c0 [ 51.364768] __kasan_check_write+0x18/0x20 [ 51.365385] kasan_bitops_test_and_modify.constprop.0+0x1e9/0x6a0 [ 51.366410] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.367353] ? kasan_set_track+0x29/0x40 [ 51.368527] ? kasan_save_alloc_info+0x22/0x30 [ 51.369027] ? __kasan_kmalloc+0xb7/0xc0 [ 51.369667] kasan_bitops_generic+0xb4/0x130 [ 51.370399] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.371399] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.371888] ? kunit_try_run_case+0x11b/0x290 [ 51.372516] kunit_try_run_case+0x126/0x290 [ 51.373341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.374066] ? __kasan_check_write+0x18/0x20 [ 51.374875] ? trace_preempt_on+0x20/0xa0 [ 51.375438] ? __kthread_parkme+0x4f/0xd0 [ 51.376579] ? preempt_count_sub+0x50/0x80 [ 51.377032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.377488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.378252] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.378972] kthread+0x19e/0x1e0 [ 51.379447] ? __pfx_kthread+0x10/0x10 [ 51.380056] ret_from_fork+0x41/0x70 [ 51.380504] ? __pfx_kthread+0x10/0x10 [ 51.381103] ret_from_fork_asm+0x1b/0x30 [ 51.381624] </TASK> [ 51.382722] [ 51.382980] Allocated by task 224: [ 51.383345] kasan_save_stack+0x3c/0x60 [ 51.383939] kasan_set_track+0x29/0x40 [ 51.384355] kasan_save_alloc_info+0x22/0x30 [ 51.385004] __kasan_kmalloc+0xb7/0xc0 [ 51.385412] kmalloc_trace+0x4c/0xb0 [ 51.386659] kasan_bitops_generic+0x8e/0x130 [ 51.387169] kunit_try_run_case+0x126/0x290 [ 51.387655] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.388386] kthread+0x19e/0x1e0 [ 51.389016] ret_from_fork+0x41/0x70 [ 51.390048] ret_from_fork_asm+0x1b/0x30 [ 51.390902] [ 51.391187] The buggy address belongs to the object at ffff888101a813e0 [ 51.391187] which belongs to the cache kmalloc-16 of size 16 [ 51.392253] The buggy address is located 8 bytes inside of [ 51.392253] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.393528] [ 51.393893] The buggy address belongs to the physical page: [ 51.395286] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.396213] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.396791] page_type: 0xffffffff() [ 51.397332] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.398182] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.399658] page dumped because: kasan: bad access detected [ 51.400205] [ 51.400455] Memory state around the buggy address: [ 51.401089] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.401863] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.402637] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.403801] ^ [ 51.404842] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.405625] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.406467] ================================================================== [ 51.465683] ================================================================== [ 51.467257] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 51.468207] Read of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.469543] [ 51.469699] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.470816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.471942] Call Trace: [ 51.472780] <TASK> [ 51.473089] dump_stack_lvl+0x4e/0x90 [ 51.473561] print_report+0xd2/0x660 [ 51.474051] ? __virt_addr_valid+0x156/0x1e0 [ 51.474766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.475587] kasan_report+0xff/0x140 [ 51.476693] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 51.477459] ? kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 51.478315] kasan_check_range+0x10c/0x1c0 [ 51.478957] __kasan_check_read+0x15/0x20 [ 51.479513] kasan_bitops_test_and_modify.constprop.0+0x26e/0x6a0 [ 51.480694] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.481537] ? kasan_set_track+0x29/0x40 [ 51.482108] ? kasan_save_alloc_info+0x22/0x30 [ 51.482761] ? __kasan_kmalloc+0xb7/0xc0 [ 51.483347] kasan_bitops_generic+0xb4/0x130 [ 51.484365] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.485377] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.486186] ? kunit_try_run_case+0x11b/0x290 [ 51.486824] kunit_try_run_case+0x126/0x290 [ 51.487320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.488297] ? __kasan_check_write+0x18/0x20 [ 51.489022] ? trace_preempt_on+0x20/0xa0 [ 51.489546] ? __kthread_parkme+0x4f/0xd0 [ 51.490200] ? preempt_count_sub+0x50/0x80 [ 51.490902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.491579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.492324] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.493113] kthread+0x19e/0x1e0 [ 51.493586] ? __pfx_kthread+0x10/0x10 [ 51.494061] ret_from_fork+0x41/0x70 [ 51.494624] ? __pfx_kthread+0x10/0x10 [ 51.495258] ret_from_fork_asm+0x1b/0x30 [ 51.495949] </TASK> [ 51.496267] [ 51.496520] Allocated by task 224: [ 51.497024] kasan_save_stack+0x3c/0x60 [ 51.497403] kasan_set_track+0x29/0x40 [ 51.498014] kasan_save_alloc_info+0x22/0x30 [ 51.498659] __kasan_kmalloc+0xb7/0xc0 [ 51.499283] kmalloc_trace+0x4c/0xb0 [ 51.499913] kasan_bitops_generic+0x8e/0x130 [ 51.500486] kunit_try_run_case+0x126/0x290 [ 51.501051] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.501832] kthread+0x19e/0x1e0 [ 51.502394] ret_from_fork+0x41/0x70 [ 51.503007] ret_from_fork_asm+0x1b/0x30 [ 51.503611] [ 51.503943] The buggy address belongs to the object at ffff888101a813e0 [ 51.503943] which belongs to the cache kmalloc-16 of size 16 [ 51.505105] The buggy address is located 8 bytes inside of [ 51.505105] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.506186] [ 51.506470] The buggy address belongs to the physical page: [ 51.507175] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.508351] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.508951] page_type: 0xffffffff() [ 51.509458] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.510272] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.511143] page dumped because: kasan: bad access detected [ 51.511628] [ 51.511962] Memory state around the buggy address: [ 51.512568] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.513872] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.515197] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.515904] ^ [ 51.516851] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.517696] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.518578] ================================================================== [ 51.125646] ================================================================== [ 51.126881] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 51.128233] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.129400] [ 51.129626] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.130516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.131814] Call Trace: [ 51.132167] <TASK> [ 51.132480] dump_stack_lvl+0x4e/0x90 [ 51.133725] print_report+0xd2/0x660 [ 51.134295] ? __virt_addr_valid+0x156/0x1e0 [ 51.134936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.135805] kasan_report+0xff/0x140 [ 51.136408] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 51.137812] ? kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 51.138675] kasan_check_range+0x10c/0x1c0 [ 51.139364] __kasan_check_write+0x18/0x20 [ 51.140299] kasan_bitops_test_and_modify.constprop.0+0xdf/0x6a0 [ 51.141058] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.141756] ? kasan_set_track+0x29/0x40 [ 51.142882] ? kasan_save_alloc_info+0x22/0x30 [ 51.143580] ? __kasan_kmalloc+0xb7/0xc0 [ 51.144031] kasan_bitops_generic+0xb4/0x130 [ 51.144641] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.145233] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.146413] ? kunit_try_run_case+0x11b/0x290 [ 51.147153] kunit_try_run_case+0x126/0x290 [ 51.147721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.148301] ? __kasan_check_write+0x18/0x20 [ 51.149421] ? trace_preempt_on+0x20/0xa0 [ 51.149820] ? __kthread_parkme+0x4f/0xd0 [ 51.150960] ? preempt_count_sub+0x50/0x80 [ 51.151877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.152533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.153228] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.154048] kthread+0x19e/0x1e0 [ 51.154675] ? __pfx_kthread+0x10/0x10 [ 51.155623] ret_from_fork+0x41/0x70 [ 51.156386] ? __pfx_kthread+0x10/0x10 [ 51.156988] ret_from_fork_asm+0x1b/0x30 [ 51.157771] </TASK> [ 51.158239] [ 51.158442] Allocated by task 224: [ 51.158800] kasan_save_stack+0x3c/0x60 [ 51.159644] kasan_set_track+0x29/0x40 [ 51.160077] kasan_save_alloc_info+0x22/0x30 [ 51.160539] __kasan_kmalloc+0xb7/0xc0 [ 51.161557] kmalloc_trace+0x4c/0xb0 [ 51.162821] kasan_bitops_generic+0x8e/0x130 [ 51.163091] kunit_try_run_case+0x126/0x290 [ 51.163342] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.163631] kthread+0x19e/0x1e0 [ 51.164146] ret_from_fork+0x41/0x70 [ 51.164846] ret_from_fork_asm+0x1b/0x30 [ 51.165513] [ 51.165947] The buggy address belongs to the object at ffff888101a813e0 [ 51.165947] which belongs to the cache kmalloc-16 of size 16 [ 51.167872] The buggy address is located 8 bytes inside of [ 51.167872] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.169382] [ 51.170052] The buggy address belongs to the physical page: [ 51.170631] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.171400] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.171974] page_type: 0xffffffff() [ 51.172509] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.173375] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.175057] page dumped because: kasan: bad access detected [ 51.175725] [ 51.176046] Memory state around the buggy address: [ 51.176833] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.177832] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.178541] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.179468] ^ [ 51.180197] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.180943] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.181950] ================================================================== [ 51.520276] ================================================================== [ 51.521661] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 51.522995] Read of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.523887] [ 51.524192] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.525108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.526005] Call Trace: [ 51.526432] <TASK> [ 51.526795] dump_stack_lvl+0x4e/0x90 [ 51.527425] print_report+0xd2/0x660 [ 51.528078] ? __virt_addr_valid+0x156/0x1e0 [ 51.528653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.529440] kasan_report+0xff/0x140 [ 51.529986] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 51.530880] ? kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 51.531538] __asan_load8+0x82/0xb0 [ 51.532149] kasan_bitops_test_and_modify.constprop.0+0x276/0x6a0 [ 51.532901] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.533567] ? kasan_set_track+0x29/0x40 [ 51.534166] ? kasan_save_alloc_info+0x22/0x30 [ 51.534762] ? __kasan_kmalloc+0xb7/0xc0 [ 51.535381] kasan_bitops_generic+0xb4/0x130 [ 51.536006] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.536657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.537302] ? kunit_try_run_case+0x11b/0x290 [ 51.537991] kunit_try_run_case+0x126/0x290 [ 51.538659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.539282] ? __kasan_check_write+0x18/0x20 [ 51.539893] ? trace_preempt_on+0x20/0xa0 [ 51.540447] ? __kthread_parkme+0x4f/0xd0 [ 51.541064] ? preempt_count_sub+0x50/0x80 [ 51.541667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.542270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.543072] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.543866] kthread+0x19e/0x1e0 [ 51.544351] ? __pfx_kthread+0x10/0x10 [ 51.544972] ret_from_fork+0x41/0x70 [ 51.545519] ? __pfx_kthread+0x10/0x10 [ 51.546162] ret_from_fork_asm+0x1b/0x30 [ 51.546636] </TASK> [ 51.547551] [ 51.547940] Allocated by task 224: [ 51.548254] kasan_save_stack+0x3c/0x60 [ 51.548671] kasan_set_track+0x29/0x40 [ 51.549090] kasan_save_alloc_info+0x22/0x30 [ 51.549547] __kasan_kmalloc+0xb7/0xc0 [ 51.550571] kmalloc_trace+0x4c/0xb0 [ 51.551334] kasan_bitops_generic+0x8e/0x130 [ 51.552124] kunit_try_run_case+0x126/0x290 [ 51.552888] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.553744] kthread+0x19e/0x1e0 [ 51.554419] ret_from_fork+0x41/0x70 [ 51.555148] ret_from_fork_asm+0x1b/0x30 [ 51.555749] [ 51.556056] The buggy address belongs to the object at ffff888101a813e0 [ 51.556056] which belongs to the cache kmalloc-16 of size 16 [ 51.557216] The buggy address is located 8 bytes inside of [ 51.557216] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.558160] [ 51.558512] The buggy address belongs to the physical page: [ 51.559240] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.560198] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.560804] page_type: 0xffffffff() [ 51.561327] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.562132] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.563006] page dumped because: kasan: bad access detected [ 51.563511] [ 51.563815] Memory state around the buggy address: [ 51.564442] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.565163] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.565884] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.566586] ^ [ 51.567382] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.568133] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.568915] ================================================================== [ 51.239964] ================================================================== [ 51.240620] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 51.242084] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.243039] [ 51.243380] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.244545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.246459] Call Trace: [ 51.247252] <TASK> [ 51.247585] dump_stack_lvl+0x4e/0x90 [ 51.248097] print_report+0xd2/0x660 [ 51.248653] ? __virt_addr_valid+0x156/0x1e0 [ 51.249980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.250634] kasan_report+0xff/0x140 [ 51.251405] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 51.252303] ? kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 51.253794] kasan_check_range+0x10c/0x1c0 [ 51.254325] __kasan_check_write+0x18/0x20 [ 51.254820] kasan_bitops_test_and_modify.constprop.0+0x164/0x6a0 [ 51.255442] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 51.256187] ? kasan_set_track+0x29/0x40 [ 51.256500] ? kasan_save_alloc_info+0x22/0x30 [ 51.256949] ? __kasan_kmalloc+0xb7/0xc0 [ 51.257920] kasan_bitops_generic+0xb4/0x130 [ 51.258520] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.259557] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.260325] ? kunit_try_run_case+0x11b/0x290 [ 51.261129] kunit_try_run_case+0x126/0x290 [ 51.261868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.262439] ? __kasan_check_write+0x18/0x20 [ 51.263571] ? trace_preempt_on+0x20/0xa0 [ 51.264029] ? __kthread_parkme+0x4f/0xd0 [ 51.264809] ? preempt_count_sub+0x50/0x80 [ 51.265480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.266779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.267696] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.268370] kthread+0x19e/0x1e0 [ 51.269110] ? __pfx_kthread+0x10/0x10 [ 51.269370] ret_from_fork+0x41/0x70 [ 51.269610] ? __pfx_kthread+0x10/0x10 [ 51.270057] ret_from_fork_asm+0x1b/0x30 [ 51.270687] </TASK> [ 51.271211] [ 51.271583] Allocated by task 224: [ 51.272109] kasan_save_stack+0x3c/0x60 [ 51.272642] kasan_set_track+0x29/0x40 [ 51.273432] kasan_save_alloc_info+0x22/0x30 [ 51.274159] __kasan_kmalloc+0xb7/0xc0 [ 51.274803] kmalloc_trace+0x4c/0xb0 [ 51.275404] kasan_bitops_generic+0x8e/0x130 [ 51.276655] kunit_try_run_case+0x126/0x290 [ 51.277376] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.278237] kthread+0x19e/0x1e0 [ 51.278618] ret_from_fork+0x41/0x70 [ 51.279171] ret_from_fork_asm+0x1b/0x30 [ 51.279919] [ 51.280307] The buggy address belongs to the object at ffff888101a813e0 [ 51.280307] which belongs to the cache kmalloc-16 of size 16 [ 51.282277] The buggy address is located 8 bytes inside of [ 51.282277] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.283625] [ 51.284029] The buggy address belongs to the physical page: [ 51.284635] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.286000] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.286655] page_type: 0xffffffff() [ 51.287166] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.288164] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.288857] page dumped because: kasan: bad access detected [ 51.289473] [ 51.289706] Memory state around the buggy address: [ 51.290294] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.291005] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.291669] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.292449] ^ [ 51.294054] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.294990] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.295693] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
[ 50.666522] ================================================================== [ 50.667172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.667880] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.668897] [ 50.669175] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.670588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.671649] Call Trace: [ 50.672059] <TASK> [ 50.672421] dump_stack_lvl+0x4e/0x90 [ 50.673441] print_report+0xd2/0x660 [ 50.673957] ? __virt_addr_valid+0x156/0x1e0 [ 50.674527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.675180] kasan_report+0xff/0x140 [ 50.675644] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.676726] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.677657] kasan_check_range+0x10c/0x1c0 [ 50.678363] __kasan_check_write+0x18/0x20 [ 50.678918] kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.679793] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.680691] ? kasan_set_track+0x29/0x40 [ 50.681542] ? kasan_save_alloc_info+0x22/0x30 [ 50.682274] ? __kasan_kmalloc+0xb7/0xc0 [ 50.682815] kasan_bitops_generic+0xa9/0x130 [ 50.683514] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.684416] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.685390] ? kunit_try_run_case+0x11b/0x290 [ 50.685886] kunit_try_run_case+0x126/0x290 [ 50.686669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.687476] ? __kasan_check_write+0x18/0x20 [ 50.688264] ? trace_preempt_on+0x20/0xa0 [ 50.689098] ? __kthread_parkme+0x4f/0xd0 [ 50.689845] ? preempt_count_sub+0x50/0x80 [ 50.690116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.690384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.690706] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.691442] kthread+0x19e/0x1e0 [ 50.692506] ? __pfx_kthread+0x10/0x10 [ 50.693526] ret_from_fork+0x41/0x70 [ 50.694194] ? __pfx_kthread+0x10/0x10 [ 50.695090] ret_from_fork_asm+0x1b/0x30 [ 50.695810] </TASK> [ 50.696449] [ 50.696709] Allocated by task 224: [ 50.697751] kasan_save_stack+0x3c/0x60 [ 50.698629] kasan_set_track+0x29/0x40 [ 50.699265] kasan_save_alloc_info+0x22/0x30 [ 50.699996] __kasan_kmalloc+0xb7/0xc0 [ 50.700520] kmalloc_trace+0x4c/0xb0 [ 50.701489] kasan_bitops_generic+0x8e/0x130 [ 50.702245] kunit_try_run_case+0x126/0x290 [ 50.702771] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.703576] kthread+0x19e/0x1e0 [ 50.704318] ret_from_fork+0x41/0x70 [ 50.704849] ret_from_fork_asm+0x1b/0x30 [ 50.705830] [ 50.706315] The buggy address belongs to the object at ffff888101a813e0 [ 50.706315] which belongs to the cache kmalloc-16 of size 16 [ 50.708326] The buggy address is located 8 bytes inside of [ 50.708326] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.709872] [ 50.710583] The buggy address belongs to the physical page: [ 50.711232] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.712272] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.713017] page_type: 0xffffffff() [ 50.713576] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.714176] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.715435] page dumped because: kasan: bad access detected [ 50.716033] [ 50.716494] Memory state around the buggy address: [ 50.717430] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.718539] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.719464] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.720528] ^ [ 50.721383] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.722375] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.723477] ================================================================== [ 50.847258] ================================================================== [ 50.848156] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.848899] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.849426] [ 50.849597] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.850201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.851060] Call Trace: [ 50.852604] <TASK> [ 50.853016] dump_stack_lvl+0x4e/0x90 [ 50.853465] print_report+0xd2/0x660 [ 50.854082] ? __virt_addr_valid+0x156/0x1e0 [ 50.854654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.855466] kasan_report+0xff/0x140 [ 50.856530] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.857589] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.858344] kasan_check_range+0x10c/0x1c0 [ 50.859073] __kasan_check_write+0x18/0x20 [ 50.859622] kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.860246] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.861039] ? kasan_set_track+0x29/0x40 [ 50.862056] ? kasan_save_alloc_info+0x22/0x30 [ 50.862640] ? __kasan_kmalloc+0xb7/0xc0 [ 50.863207] kasan_bitops_generic+0xa9/0x130 [ 50.863863] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.864483] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.865729] ? kunit_try_run_case+0x11b/0x290 [ 50.866397] kunit_try_run_case+0x126/0x290 [ 50.867023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.867586] ? __kasan_check_write+0x18/0x20 [ 50.868311] ? trace_preempt_on+0x20/0xa0 [ 50.868915] ? __kthread_parkme+0x4f/0xd0 [ 50.869814] ? preempt_count_sub+0x50/0x80 [ 50.870379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.871038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.871869] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.872610] kthread+0x19e/0x1e0 [ 50.873257] ? __pfx_kthread+0x10/0x10 [ 50.874397] ret_from_fork+0x41/0x70 [ 50.874950] ? __pfx_kthread+0x10/0x10 [ 50.876163] ret_from_fork_asm+0x1b/0x30 [ 50.876634] </TASK> [ 50.876905] [ 50.877163] Allocated by task 224: [ 50.877666] kasan_save_stack+0x3c/0x60 [ 50.878758] kasan_set_track+0x29/0x40 [ 50.879631] kasan_save_alloc_info+0x22/0x30 [ 50.880250] __kasan_kmalloc+0xb7/0xc0 [ 50.880851] kmalloc_trace+0x4c/0xb0 [ 50.881099] kasan_bitops_generic+0x8e/0x130 [ 50.881341] kunit_try_run_case+0x126/0x290 [ 50.881585] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.882013] kthread+0x19e/0x1e0 [ 50.882801] ret_from_fork+0x41/0x70 [ 50.883360] ret_from_fork_asm+0x1b/0x30 [ 50.883923] [ 50.884973] The buggy address belongs to the object at ffff888101a813e0 [ 50.884973] which belongs to the cache kmalloc-16 of size 16 [ 50.886581] The buggy address is located 8 bytes inside of [ 50.886581] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.888639] [ 50.888919] The buggy address belongs to the physical page: [ 50.889650] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.890500] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.891212] page_type: 0xffffffff() [ 50.891751] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.892546] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.893635] page dumped because: kasan: bad access detected [ 50.894125] [ 50.894401] Memory state around the buggy address: [ 50.895039] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.895932] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.896569] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.897378] ^ [ 50.898481] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.899064] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.899616] ================================================================== [ 50.901302] ================================================================== [ 50.902569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.903288] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.904559] [ 50.905116] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.906152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.906820] Call Trace: [ 50.907116] <TASK> [ 50.907377] dump_stack_lvl+0x4e/0x90 [ 50.907881] print_report+0xd2/0x660 [ 50.908353] ? __virt_addr_valid+0x156/0x1e0 [ 50.908959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.909676] kasan_report+0xff/0x140 [ 50.910985] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.911923] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.912685] kasan_check_range+0x10c/0x1c0 [ 50.913306] __kasan_check_write+0x18/0x20 [ 50.913990] kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.915032] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.915778] ? kasan_set_track+0x29/0x40 [ 50.916299] ? kasan_save_alloc_info+0x22/0x30 [ 50.916942] ? __kasan_kmalloc+0xb7/0xc0 [ 50.917406] kasan_bitops_generic+0xa9/0x130 [ 50.918728] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.919298] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.919920] ? kunit_try_run_case+0x11b/0x290 [ 50.920442] kunit_try_run_case+0x126/0x290 [ 50.921084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.921653] ? __kasan_check_write+0x18/0x20 [ 50.922908] ? trace_preempt_on+0x20/0xa0 [ 50.923415] ? __kthread_parkme+0x4f/0xd0 [ 50.924029] ? preempt_count_sub+0x50/0x80 [ 50.924628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.925158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.925967] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.927514] kthread+0x19e/0x1e0 [ 50.927965] ? __pfx_kthread+0x10/0x10 [ 50.928524] ret_from_fork+0x41/0x70 [ 50.929115] ? __pfx_kthread+0x10/0x10 [ 50.929677] ret_from_fork_asm+0x1b/0x30 [ 50.930213] </TASK> [ 50.930591] [ 50.930850] Allocated by task 224: [ 50.931807] kasan_save_stack+0x3c/0x60 [ 50.932869] kasan_set_track+0x29/0x40 [ 50.933366] kasan_save_alloc_info+0x22/0x30 [ 50.934084] __kasan_kmalloc+0xb7/0xc0 [ 50.934627] kmalloc_trace+0x4c/0xb0 [ 50.935128] kasan_bitops_generic+0x8e/0x130 [ 50.935782] kunit_try_run_case+0x126/0x290 [ 50.937278] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.937594] kthread+0x19e/0x1e0 [ 50.938172] ret_from_fork+0x41/0x70 [ 50.938942] ret_from_fork_asm+0x1b/0x30 [ 50.939389] [ 50.939585] The buggy address belongs to the object at ffff888101a813e0 [ 50.939585] which belongs to the cache kmalloc-16 of size 16 [ 50.941607] The buggy address is located 8 bytes inside of [ 50.941607] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.942969] [ 50.943176] The buggy address belongs to the physical page: [ 50.944324] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.945245] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.946207] page_type: 0xffffffff() [ 50.946905] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.947850] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.948762] page dumped because: kasan: bad access detected [ 50.949200] [ 50.949482] Memory state around the buggy address: [ 50.950848] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.951544] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.952458] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.953589] ^ [ 50.954399] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.954976] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.955729] ================================================================== [ 50.957257] ================================================================== [ 50.957970] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.959334] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.960229] [ 50.960466] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.961319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.962583] Call Trace: [ 50.962908] <TASK> [ 50.963317] dump_stack_lvl+0x4e/0x90 [ 50.963952] print_report+0xd2/0x660 [ 50.964562] ? __virt_addr_valid+0x156/0x1e0 [ 50.965276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.966216] kasan_report+0xff/0x140 [ 50.966610] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.967544] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.968463] kasan_check_range+0x10c/0x1c0 [ 50.969246] __kasan_check_write+0x18/0x20 [ 50.969991] kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.971264] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.972119] ? kasan_set_track+0x29/0x40 [ 50.972857] ? kasan_save_alloc_info+0x22/0x30 [ 50.973613] ? __kasan_kmalloc+0xb7/0xc0 [ 50.974119] kasan_bitops_generic+0xa9/0x130 [ 50.974605] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.975779] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.976532] ? kunit_try_run_case+0x11b/0x290 [ 50.977321] kunit_try_run_case+0x126/0x290 [ 50.978127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.978981] ? __kasan_check_write+0x18/0x20 [ 50.980515] ? trace_preempt_on+0x20/0xa0 [ 50.980959] ? __kthread_parkme+0x4f/0xd0 [ 50.981651] ? preempt_count_sub+0x50/0x80 [ 50.982335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.983068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.983965] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.984574] kthread+0x19e/0x1e0 [ 50.985180] ? __pfx_kthread+0x10/0x10 [ 50.985868] ret_from_fork+0x41/0x70 [ 50.986541] ? __pfx_kthread+0x10/0x10 [ 50.987229] ret_from_fork_asm+0x1b/0x30 [ 50.987819] </TASK> [ 50.988353] [ 50.988626] Allocated by task 224: [ 50.989023] kasan_save_stack+0x3c/0x60 [ 50.989942] kasan_set_track+0x29/0x40 [ 50.990543] kasan_save_alloc_info+0x22/0x30 [ 50.991105] __kasan_kmalloc+0xb7/0xc0 [ 50.991545] kmalloc_trace+0x4c/0xb0 [ 50.992439] kasan_bitops_generic+0x8e/0x130 [ 50.993231] kunit_try_run_case+0x126/0x290 [ 50.993977] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.994609] kthread+0x19e/0x1e0 [ 50.995207] ret_from_fork+0x41/0x70 [ 50.995885] ret_from_fork_asm+0x1b/0x30 [ 50.996482] [ 50.996807] The buggy address belongs to the object at ffff888101a813e0 [ 50.996807] which belongs to the cache kmalloc-16 of size 16 [ 50.998135] The buggy address is located 8 bytes inside of [ 50.998135] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.999529] [ 50.999892] The buggy address belongs to the physical page: [ 51.000442] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.001562] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.002455] page_type: 0xffffffff() [ 51.003287] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.004105] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.004430] page dumped because: kasan: bad access detected [ 51.004671] [ 51.004971] Memory state around the buggy address: [ 51.006303] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.007321] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.008445] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.009274] ^ [ 51.010351] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.011254] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.011706] ================================================================== [ 51.013024] ================================================================== [ 51.014158] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.015025] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.015627] [ 51.015940] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.016693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.018359] Call Trace: [ 51.018933] <TASK> [ 51.019454] dump_stack_lvl+0x4e/0x90 [ 51.020014] print_report+0xd2/0x660 [ 51.020519] ? __virt_addr_valid+0x156/0x1e0 [ 51.021958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.022628] kasan_report+0xff/0x140 [ 51.023288] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.024312] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.025580] kasan_check_range+0x10c/0x1c0 [ 51.026222] __kasan_check_write+0x18/0x20 [ 51.026856] kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.027441] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 51.028150] ? kasan_set_track+0x29/0x40 [ 51.028762] ? kasan_save_alloc_info+0x22/0x30 [ 51.029920] ? __kasan_kmalloc+0xb7/0xc0 [ 51.030468] kasan_bitops_generic+0xa9/0x130 [ 51.031067] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.031756] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.032505] ? kunit_try_run_case+0x11b/0x290 [ 51.033787] kunit_try_run_case+0x126/0x290 [ 51.034323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.034970] ? __kasan_check_write+0x18/0x20 [ 51.035550] ? trace_preempt_on+0x20/0xa0 [ 51.036080] ? __kthread_parkme+0x4f/0xd0 [ 51.036656] ? preempt_count_sub+0x50/0x80 [ 51.038096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.038719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.039391] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.040331] kthread+0x19e/0x1e0 [ 51.040989] ? __pfx_kthread+0x10/0x10 [ 51.041884] ret_from_fork+0x41/0x70 [ 51.042314] ? __pfx_kthread+0x10/0x10 [ 51.042912] ret_from_fork_asm+0x1b/0x30 [ 51.043640] </TASK> [ 51.044058] [ 51.044411] Allocated by task 224: [ 51.044947] kasan_save_stack+0x3c/0x60 [ 51.045473] kasan_set_track+0x29/0x40 [ 51.046281] kasan_save_alloc_info+0x22/0x30 [ 51.047138] __kasan_kmalloc+0xb7/0xc0 [ 51.047568] kmalloc_trace+0x4c/0xb0 [ 51.048122] kasan_bitops_generic+0x8e/0x130 [ 51.048717] kunit_try_run_case+0x126/0x290 [ 51.050009] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.050643] kthread+0x19e/0x1e0 [ 51.051217] ret_from_fork+0x41/0x70 [ 51.051705] ret_from_fork_asm+0x1b/0x30 [ 51.052269] [ 51.052503] The buggy address belongs to the object at ffff888101a813e0 [ 51.052503] which belongs to the cache kmalloc-16 of size 16 [ 51.054245] The buggy address is located 8 bytes inside of [ 51.054245] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.055340] [ 51.055623] The buggy address belongs to the physical page: [ 51.056269] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.057893] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.058513] page_type: 0xffffffff() [ 51.058914] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.059752] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.060539] page dumped because: kasan: bad access detected [ 51.061922] [ 51.062103] Memory state around the buggy address: [ 51.062643] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.063442] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.064135] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.064844] ^ [ 51.065596] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.066331] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.067797] ================================================================== [ 50.607396] ================================================================== [ 50.608800] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.609797] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.610772] [ 50.611011] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.611637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.613508] Call Trace: [ 50.614222] <TASK> [ 50.614562] dump_stack_lvl+0x4e/0x90 [ 50.615058] print_report+0xd2/0x660 [ 50.616073] ? __virt_addr_valid+0x156/0x1e0 [ 50.617155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.618046] kasan_report+0xff/0x140 [ 50.618772] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.619702] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.620446] kasan_check_range+0x10c/0x1c0 [ 50.621050] __kasan_check_write+0x18/0x20 [ 50.621566] kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.622538] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.623268] ? kasan_set_track+0x29/0x40 [ 50.623519] ? kasan_save_alloc_info+0x22/0x30 [ 50.623899] ? __kasan_kmalloc+0xb7/0xc0 [ 50.624877] kasan_bitops_generic+0xa9/0x130 [ 50.625334] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.626272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.627168] ? kunit_try_run_case+0x11b/0x290 [ 50.628002] kunit_try_run_case+0x126/0x290 [ 50.628623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.629571] ? __kasan_check_write+0x18/0x20 [ 50.630444] ? trace_preempt_on+0x20/0xa0 [ 50.631087] ? __kthread_parkme+0x4f/0xd0 [ 50.631599] ? preempt_count_sub+0x50/0x80 [ 50.632321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.632900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.633574] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.634354] kthread+0x19e/0x1e0 [ 50.634840] ? __pfx_kthread+0x10/0x10 [ 50.635514] ret_from_fork+0x41/0x70 [ 50.636125] ? __pfx_kthread+0x10/0x10 [ 50.637289] ret_from_fork_asm+0x1b/0x30 [ 50.637859] </TASK> [ 50.638226] [ 50.638756] Allocated by task 224: [ 50.639456] kasan_save_stack+0x3c/0x60 [ 50.639957] kasan_set_track+0x29/0x40 [ 50.640403] kasan_save_alloc_info+0x22/0x30 [ 50.641495] __kasan_kmalloc+0xb7/0xc0 [ 50.641984] kmalloc_trace+0x4c/0xb0 [ 50.642686] kasan_bitops_generic+0x8e/0x130 [ 50.643912] kunit_try_run_case+0x126/0x290 [ 50.644360] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.644925] kthread+0x19e/0x1e0 [ 50.645418] ret_from_fork+0x41/0x70 [ 50.646222] ret_from_fork_asm+0x1b/0x30 [ 50.646764] [ 50.647533] The buggy address belongs to the object at ffff888101a813e0 [ 50.647533] which belongs to the cache kmalloc-16 of size 16 [ 50.648716] The buggy address is located 8 bytes inside of [ 50.648716] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.649852] [ 50.650365] The buggy address belongs to the physical page: [ 50.651364] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.652512] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.653063] page_type: 0xffffffff() [ 50.654012] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.655300] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.656461] page dumped because: kasan: bad access detected [ 50.656944] [ 50.657250] Memory state around the buggy address: [ 50.658064] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.658972] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.659893] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.660453] ^ [ 50.661658] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.662418] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.663352] ================================================================== [ 50.785598] ================================================================== [ 50.786118] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.788192] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.789334] [ 50.789879] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.791132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.791942] Call Trace: [ 50.792224] <TASK> [ 50.792475] dump_stack_lvl+0x4e/0x90 [ 50.793849] print_report+0xd2/0x660 [ 50.794267] ? __virt_addr_valid+0x156/0x1e0 [ 50.795323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.796484] kasan_report+0xff/0x140 [ 50.797348] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.798172] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.799472] kasan_check_range+0x10c/0x1c0 [ 50.800040] __kasan_check_write+0x18/0x20 [ 50.800832] kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.801843] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.802732] ? kasan_set_track+0x29/0x40 [ 50.803451] ? kasan_save_alloc_info+0x22/0x30 [ 50.804320] ? __kasan_kmalloc+0xb7/0xc0 [ 50.804982] kasan_bitops_generic+0xa9/0x130 [ 50.805675] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.806560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.807429] ? kunit_try_run_case+0x11b/0x290 [ 50.807895] kunit_try_run_case+0x126/0x290 [ 50.809036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.809618] ? __kasan_check_write+0x18/0x20 [ 50.810605] ? trace_preempt_on+0x20/0xa0 [ 50.811713] ? __kthread_parkme+0x4f/0xd0 [ 50.812329] ? preempt_count_sub+0x50/0x80 [ 50.813140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.813702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.814591] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.815483] kthread+0x19e/0x1e0 [ 50.816020] ? __pfx_kthread+0x10/0x10 [ 50.816625] ret_from_fork+0x41/0x70 [ 50.817614] ? __pfx_kthread+0x10/0x10 [ 50.818426] ret_from_fork_asm+0x1b/0x30 [ 50.819207] </TASK> [ 50.819461] [ 50.819650] Allocated by task 224: [ 50.820285] kasan_save_stack+0x3c/0x60 [ 50.820884] kasan_set_track+0x29/0x40 [ 50.821890] kasan_save_alloc_info+0x22/0x30 [ 50.822365] __kasan_kmalloc+0xb7/0xc0 [ 50.823308] kmalloc_trace+0x4c/0xb0 [ 50.824384] kasan_bitops_generic+0x8e/0x130 [ 50.825094] kunit_try_run_case+0x126/0x290 [ 50.825647] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.826762] kthread+0x19e/0x1e0 [ 50.827408] ret_from_fork+0x41/0x70 [ 50.827878] ret_from_fork_asm+0x1b/0x30 [ 50.828336] [ 50.828587] The buggy address belongs to the object at ffff888101a813e0 [ 50.828587] which belongs to the cache kmalloc-16 of size 16 [ 50.830786] The buggy address is located 8 bytes inside of [ 50.830786] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.832348] [ 50.832689] The buggy address belongs to the physical page: [ 50.833502] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.835029] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.835566] page_type: 0xffffffff() [ 50.836313] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.837305] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.838582] page dumped because: kasan: bad access detected [ 50.839048] [ 50.839334] Memory state around the buggy address: [ 50.840002] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.840949] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.841721] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.842584] ^ [ 50.843116] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.844305] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.845281] ================================================================== [ 50.725294] ================================================================== [ 50.727067] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.728776] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.729610] [ 50.729934] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.730845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.731643] Call Trace: [ 50.732030] <TASK> [ 50.732671] dump_stack_lvl+0x4e/0x90 [ 50.733728] print_report+0xd2/0x660 [ 50.734233] ? __virt_addr_valid+0x156/0x1e0 [ 50.734670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.735830] kasan_report+0xff/0x140 [ 50.736514] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.737448] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.738373] kasan_check_range+0x10c/0x1c0 [ 50.738962] __kasan_check_write+0x18/0x20 [ 50.739729] kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.740684] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.741418] ? kasan_set_track+0x29/0x40 [ 50.742568] ? kasan_save_alloc_info+0x22/0x30 [ 50.743389] ? __kasan_kmalloc+0xb7/0xc0 [ 50.744061] kasan_bitops_generic+0xa9/0x130 [ 50.744551] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.745342] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.745914] ? kunit_try_run_case+0x11b/0x290 [ 50.746552] kunit_try_run_case+0x126/0x290 [ 50.747656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.748422] ? __kasan_check_write+0x18/0x20 [ 50.748832] ? trace_preempt_on+0x20/0xa0 [ 50.749799] ? __kthread_parkme+0x4f/0xd0 [ 50.750765] ? preempt_count_sub+0x50/0x80 [ 50.751367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.751914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.752559] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.753655] kthread+0x19e/0x1e0 [ 50.754408] ? __pfx_kthread+0x10/0x10 [ 50.755212] ret_from_fork+0x41/0x70 [ 50.756119] ? __pfx_kthread+0x10/0x10 [ 50.756599] ret_from_fork_asm+0x1b/0x30 [ 50.757363] </TASK> [ 50.757710] [ 50.758074] Allocated by task 224: [ 50.758530] kasan_save_stack+0x3c/0x60 [ 50.759640] kasan_set_track+0x29/0x40 [ 50.760213] kasan_save_alloc_info+0x22/0x30 [ 50.760747] __kasan_kmalloc+0xb7/0xc0 [ 50.762279] kmalloc_trace+0x4c/0xb0 [ 50.762715] kasan_bitops_generic+0x8e/0x130 [ 50.763300] kunit_try_run_case+0x126/0x290 [ 50.764374] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.765173] kthread+0x19e/0x1e0 [ 50.765557] ret_from_fork+0x41/0x70 [ 50.765966] ret_from_fork_asm+0x1b/0x30 [ 50.767368] [ 50.767727] The buggy address belongs to the object at ffff888101a813e0 [ 50.767727] which belongs to the cache kmalloc-16 of size 16 [ 50.769166] The buggy address is located 8 bytes inside of [ 50.769166] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.771203] [ 50.771894] The buggy address belongs to the physical page: [ 50.772882] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.774015] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.774924] page_type: 0xffffffff() [ 50.775342] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.776610] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.777120] page dumped because: kasan: bad access detected [ 50.778324] [ 50.778514] Memory state around the buggy address: [ 50.779406] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.780484] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.781511] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.782072] ^ [ 50.782822] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.783494] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.784165] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
[ 49.487864] ================================================================== [ 49.488977] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x107/0x1f0 [ 49.490029] Read of size 1 at addr ffff888102ab7cca by task kunit_try_catch/206 [ 49.491536] [ 49.491920] CPU: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.493028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.494328] Call Trace: [ 49.494702] <TASK> [ 49.495448] dump_stack_lvl+0x4e/0x90 [ 49.496160] print_report+0xd2/0x660 [ 49.496832] ? __virt_addr_valid+0x156/0x1e0 [ 49.497503] ? kasan_addr_to_slab+0x11/0xb0 [ 49.498243] kasan_report+0xff/0x140 [ 49.498680] ? kasan_alloca_oob_right+0x107/0x1f0 [ 49.499637] ? kasan_alloca_oob_right+0x107/0x1f0 [ 49.500241] __asan_load1+0x66/0x70 [ 49.501089] kasan_alloca_oob_right+0x107/0x1f0 [ 49.501732] ? __pfx_rcu_preempt_deferred_qs+0x1/0x10 [ 49.502528] ? trace_event_raw_event_ipi_handler+0xf0/0x130 [ 49.503723] ? __schedule+0x70b/0x1190 [ 49.504335] ? trace_hardirqs_on+0x37/0xd0 [ 49.504901] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 49.505547] ? __schedule+0x70b/0x1190 [ 49.506131] ? ktime_get_ts64+0x118/0x140 [ 49.506731] kunit_try_run_case+0x126/0x290 [ 49.507647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.508431] ? __kasan_check_write+0x18/0x20 [ 49.509595] ? trace_preempt_on+0x20/0xa0 [ 49.510285] ? __kthread_parkme+0x4f/0xd0 [ 49.510785] ? preempt_count_sub+0x50/0x80 [ 49.511634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.512233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.513329] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.514188] kthread+0x19e/0x1e0 [ 49.514568] ? __pfx_kthread+0x10/0x10 [ 49.515463] ret_from_fork+0x41/0x70 [ 49.516063] ? __pfx_kthread+0x10/0x10 [ 49.516724] ret_from_fork_asm+0x1b/0x30 [ 49.517389] </TASK> [ 49.517823] [ 49.518185] The buggy address belongs to stack of task kunit_try_catch/206 [ 49.519024] [ 49.519372] The buggy address belongs to the physical page: [ 49.520094] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab7 [ 49.521319] flags: 0x200000000000000(node=0|zone=2) [ 49.521947] page_type: 0xffffffff() [ 49.522404] raw: 0200000000000000 ffffea00040aadc8 ffffea00040aadc8 0000000000000000 [ 49.523379] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 49.524227] page dumped because: kasan: bad access detected [ 49.524781] [ 49.525122] Memory state around the buggy address: [ 49.525808] ffff888102ab7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.526410] ffff888102ab7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.527177] >ffff888102ab7c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 49.528029] ^ [ 49.528729] ffff888102ab7d00: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 49.529532] ffff888102ab7d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 f1 [ 49.530239] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
[ 49.432364] ================================================================== [ 49.433439] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0xfe/0x1f0 [ 49.434467] Read of size 1 at addr ffff888102ac7cbf by task kunit_try_catch/204 [ 49.435109] [ 49.435489] CPU: 1 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.436847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.437655] Call Trace: [ 49.438645] <TASK> [ 49.439138] dump_stack_lvl+0x4e/0x90 [ 49.439695] print_report+0xd2/0x660 [ 49.440234] ? __virt_addr_valid+0x156/0x1e0 [ 49.441159] ? kasan_addr_to_slab+0x11/0xb0 [ 49.441777] kasan_report+0xff/0x140 [ 49.442800] ? kasan_alloca_oob_left+0xfe/0x1f0 [ 49.443601] ? kasan_alloca_oob_left+0xfe/0x1f0 [ 49.444390] __asan_load1+0x66/0x70 [ 49.445036] kasan_alloca_oob_left+0xfe/0x1f0 [ 49.445839] ? irqentry_exit+0x29/0x60 [ 49.446382] ? inat_get_escape_attribute+0x10/0xb0 [ 49.447158] ? trace_hardirqs_on+0x37/0xd0 [ 49.447644] ? irqentry_exit+0x29/0x60 [ 49.448491] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 49.449347] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 49.450261] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 49.451214] ? kunit_try_run_case+0x11b/0x290 [ 49.451836] kunit_try_run_case+0x126/0x290 [ 49.452775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.453345] ? __kasan_check_write+0x18/0x20 [ 49.453863] ? trace_preempt_on+0x20/0xa0 [ 49.454313] ? __kthread_parkme+0x4f/0xd0 [ 49.455549] ? preempt_count_sub+0x50/0x80 [ 49.456291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.457011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.458167] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.458493] kthread+0x19e/0x1e0 [ 49.458757] ? __pfx_kthread+0x10/0x10 [ 49.459830] ret_from_fork+0x41/0x70 [ 49.460818] ? __pfx_kthread+0x10/0x10 [ 49.461576] ret_from_fork_asm+0x1b/0x30 [ 49.462388] </TASK> [ 49.462812] [ 49.463350] The buggy address belongs to stack of task kunit_try_catch/204 [ 49.464126] [ 49.464329] The buggy address belongs to the physical page: [ 49.464880] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac7 [ 49.465897] flags: 0x200000000000000(node=0|zone=2) [ 49.466901] page_type: 0xffffffff() [ 49.467881] raw: 0200000000000000 ffffea00040ab1c8 ffffea00040ab1c8 0000000000000000 [ 49.468834] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 49.469843] page dumped because: kasan: bad access detected [ 49.470540] [ 49.470839] Memory state around the buggy address: [ 49.471719] ffff888102ac7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.472807] ffff888102ac7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.473588] >ffff888102ac7c80: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 49.474611] ^ [ 49.475490] ffff888102ac7d00: 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 [ 49.476210] ffff888102ac7d80: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 f1 [ 49.477336] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
[ 49.376772] ================================================================== [ 49.377919] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0xc1/0x190 [ 49.379109] Read of size 1 at addr ffff888102ac7d9a by task kunit_try_catch/202 [ 49.380347] [ 49.380898] CPU: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.382357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.383404] Call Trace: [ 49.383823] <TASK> [ 49.384308] dump_stack_lvl+0x4e/0x90 [ 49.384980] print_report+0xd2/0x660 [ 49.385448] ? __virt_addr_valid+0x156/0x1e0 [ 49.386287] ? kasan_addr_to_slab+0x11/0xb0 [ 49.386976] kasan_report+0xff/0x140 [ 49.387826] ? kasan_stack_oob+0xc1/0x190 [ 49.388409] ? kasan_stack_oob+0xc1/0x190 [ 49.388822] __asan_load1+0x66/0x70 [ 49.389604] kasan_stack_oob+0xc1/0x190 [ 49.390158] ? __pfx_kasan_stack_oob+0x10/0x10 [ 49.390822] ? __schedule+0x70b/0x1190 [ 49.391400] ? ktime_get_ts64+0x118/0x140 [ 49.392301] kunit_try_run_case+0x126/0x290 [ 49.392964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.393574] ? __kasan_check_write+0x18/0x20 [ 49.394395] ? trace_preempt_on+0x20/0xa0 [ 49.395110] ? __kthread_parkme+0x4f/0xd0 [ 49.395769] ? preempt_count_sub+0x50/0x80 [ 49.396510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.397277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.397945] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.398807] kthread+0x19e/0x1e0 [ 49.399377] ? __pfx_kthread+0x10/0x10 [ 49.400007] ret_from_fork+0x41/0x70 [ 49.400576] ? __pfx_kthread+0x10/0x10 [ 49.401204] ret_from_fork_asm+0x1b/0x30 [ 49.401993] </TASK> [ 49.402331] [ 49.402831] The buggy address belongs to stack of task kunit_try_catch/202 [ 49.404022] and is located at offset 138 in frame: [ 49.404906] kasan_stack_oob+0x0/0x190 [ 49.405824] [ 49.406241] This frame has 4 objects: [ 49.406877] [48, 49) '__assertion' [ 49.407069] [64, 72) 'array' [ 49.407622] [96, 112) '__assertion' [ 49.408203] [128, 138) 'stack_array' [ 49.408798] [ 49.409804] The buggy address belongs to the physical page: [ 49.410487] page:(____ptrval____) refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac7 [ 49.411537] flags: 0x200000000000000(node=0|zone=2) [ 49.412260] page_type: 0xffffffff() [ 49.412801] raw: 0200000000000000 ffffea00040ab1c8 ffffea00040ab1c8 0000000000000000 [ 49.413457] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 49.414269] page dumped because: kasan: bad access detected [ 49.414814] [ 49.415085] Memory state around the buggy address: [ 49.415780] ffff888102ac7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.416672] ffff888102ac7d00: 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 [ 49.417377] >ffff888102ac7d80: f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 00 f1 [ 49.418236] ^ [ 49.418795] ffff888102ac7e00: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 49.419618] ffff888102ac7e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.420499] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
[ 49.321677] ================================================================== [ 49.322732] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0xa3/0x170 [ 49.323905] Read of size 1 at addr ffffffff995a96ed by task kunit_try_catch/198 [ 49.325055] [ 49.325413] CPU: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 49.326785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.327827] Call Trace: [ 49.328217] <TASK> [ 49.328897] dump_stack_lvl+0x4e/0x90 [ 49.329816] print_report+0xd2/0x660 [ 49.330288] ? __virt_addr_valid+0x156/0x1e0 [ 49.331118] ? kasan_addr_to_slab+0x11/0xb0 [ 49.331963] kasan_report+0xff/0x140 [ 49.332600] ? kasan_global_oob_right+0xa3/0x170 [ 49.333433] ? kasan_global_oob_right+0xa3/0x170 [ 49.334319] __asan_load1+0x66/0x70 [ 49.334896] kasan_global_oob_right+0xa3/0x170 [ 49.335685] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 49.336428] ? ktime_get_ts64+0x118/0x140 [ 49.337424] kunit_try_run_case+0x126/0x290 [ 49.338150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.338721] ? __kasan_check_write+0x18/0x20 [ 49.339403] ? trace_preempt_on+0x20/0xa0 [ 49.340045] ? __kthread_parkme+0x4f/0xd0 [ 49.340553] ? preempt_count_sub+0x50/0x80 [ 49.341460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 49.342048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 49.342975] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 49.343557] kthread+0x19e/0x1e0 [ 49.344239] ? __pfx_kthread+0x10/0x10 [ 49.344893] ret_from_fork+0x41/0x70 [ 49.345571] ? __pfx_kthread+0x10/0x10 [ 49.346319] ret_from_fork_asm+0x1b/0x30 [ 49.347019] </TASK> [ 49.347488] [ 49.347955] The buggy address belongs to the variable: [ 49.348731] global_array+0xd/0x40 [ 49.349377] [ 49.349760] The buggy address belongs to the physical page: [ 49.350364] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6a7a9 [ 49.351159] flags: 0x100000000004000(reserved|node=0|zone=1) [ 49.351853] page_type: 0xffffffff() [ 49.352367] raw: 0100000000004000 ffffea0001a9ea48 ffffea0001a9ea48 0000000000000000 [ 49.353214] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 49.353906] page dumped because: kasan: bad access detected [ 49.354333] [ 49.354610] Memory state around the buggy address: [ 49.355280] ffffffff995a9580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.356123] ffffffff995a9600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 49.356764] >ffffffff995a9680: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 [ 49.357515] ^ [ 49.358281] ffffffff995a9700: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 49.359141] ffffffff995a9780: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 49.359705] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
[ 48.691512] ================================================================== [ 48.692512] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0xdd/0x260 [ 48.693034] Read of size 1 at addr ffff8881029470c8 by task kunit_try_catch/192 [ 48.693855] [ 48.694188] CPU: 1 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.694845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.695816] Call Trace: [ 48.696303] <TASK> [ 48.696634] dump_stack_lvl+0x4e/0x90 [ 48.697701] print_report+0xd2/0x660 [ 48.698906] ? __virt_addr_valid+0x156/0x1e0 [ 48.699458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 48.700075] kasan_report+0xff/0x140 [ 48.700599] ? kmem_cache_oob+0xdd/0x260 [ 48.701190] ? kmem_cache_oob+0xdd/0x260 [ 48.701700] __asan_load1+0x66/0x70 [ 48.702506] kmem_cache_oob+0xdd/0x260 [ 48.703158] ? __pfx_kmem_cache_oob+0x10/0x10 [ 48.703841] ? __schedule+0x70b/0x1190 [ 48.704360] ? ktime_get_ts64+0x118/0x140 [ 48.705135] kunit_try_run_case+0x126/0x290 [ 48.705769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.706537] ? __kasan_check_write+0x18/0x20 [ 48.707472] ? trace_preempt_on+0x20/0xa0 [ 48.708182] ? __kthread_parkme+0x4f/0xd0 [ 48.708866] ? preempt_count_sub+0x50/0x80 [ 48.709359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.709917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.710645] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.711253] kthread+0x19e/0x1e0 [ 48.711795] ? __pfx_kthread+0x10/0x10 [ 48.712367] ret_from_fork+0x41/0x70 [ 48.712982] ? __pfx_kthread+0x10/0x10 [ 48.713493] ret_from_fork_asm+0x1b/0x30 [ 48.714042] </TASK> [ 48.714389] [ 48.714664] Allocated by task 192: [ 48.715162] kasan_save_stack+0x3c/0x60 [ 48.716105] kasan_set_track+0x29/0x40 [ 48.716493] kasan_save_alloc_info+0x22/0x30 [ 48.717314] __kasan_slab_alloc+0x91/0xa0 [ 48.717872] kmem_cache_alloc+0x180/0x3b0 [ 48.718491] kmem_cache_oob+0xb6/0x260 [ 48.719107] kunit_try_run_case+0x126/0x290 [ 48.719820] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.721151] kthread+0x19e/0x1e0 [ 48.721589] ret_from_fork+0x41/0x70 [ 48.722201] ret_from_fork_asm+0x1b/0x30 [ 48.722791] [ 48.723094] The buggy address belongs to the object at ffff888102947000 [ 48.723094] which belongs to the cache test_cache of size 200 [ 48.724926] The buggy address is located 0 bytes to the right of [ 48.724926] allocated 200-byte region [ffff888102947000, ffff8881029470c8) [ 48.726055] [ 48.726345] The buggy address belongs to the physical page: [ 48.726978] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102947 [ 48.727884] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.729241] page_type: 0xffffffff() [ 48.729674] raw: 0200000000000800 ffff888101585dc0 dead000000000122 0000000000000000 [ 48.730444] raw: 0000000000000000 00000000800f000f 00000001ffffffff 0000000000000000 [ 48.731217] page dumped because: kasan: bad access detected [ 48.731840] [ 48.732129] Memory state around the buggy address: [ 48.732904] ffff888102946f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.734168] ffff888102947000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.734803] >ffff888102947080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 48.735555] ^ [ 48.736174] ffff888102947100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.736961] ffff888102947180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.737591] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
[ 48.605448] ================================================================== [ 48.606502] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x122/0x2b0 [ 48.607879] Read of size 1 at addr ffff888102849128 by task kunit_try_catch/184 [ 48.608559] [ 48.608866] CPU: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.609542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.610505] Call Trace: [ 48.610876] <TASK> [ 48.611208] dump_stack_lvl+0x4e/0x90 [ 48.611787] print_report+0xd2/0x660 [ 48.612340] ? __virt_addr_valid+0x156/0x1e0 [ 48.612994] ? kasan_complete_mode_report_info+0x64/0x200 [ 48.613774] kasan_report+0xff/0x140 [ 48.614268] ? kmalloc_uaf2+0x122/0x2b0 [ 48.614775] ? kmalloc_uaf2+0x122/0x2b0 [ 48.615363] __asan_load1+0x66/0x70 [ 48.615926] kmalloc_uaf2+0x122/0x2b0 [ 48.616361] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 48.616992] ? sysvec_apic_timer_interrupt+0x94/0xa0 [ 48.617541] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 48.618234] ? ret_from_fork_asm+0x1b/0x30 [ 48.618729] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 48.619274] ? kunit_try_run_case+0x11b/0x290 [ 48.619960] kunit_try_run_case+0x126/0x290 [ 48.620556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.621119] ? __kasan_check_write+0x18/0x20 [ 48.621778] ? trace_preempt_on+0x20/0xa0 [ 48.622346] ? __kthread_parkme+0x4f/0xd0 [ 48.622956] ? preempt_count_sub+0x50/0x80 [ 48.623484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.624074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.624807] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.625520] kthread+0x19e/0x1e0 [ 48.626088] ? __pfx_kthread+0x10/0x10 [ 48.626565] ret_from_fork+0x41/0x70 [ 48.627162] ? __pfx_kthread+0x10/0x10 [ 48.627778] ret_from_fork_asm+0x1b/0x30 [ 48.628258] </TASK> [ 48.628607] [ 48.628937] Allocated by task 184: [ 48.629377] kasan_save_stack+0x3c/0x60 [ 48.629880] kasan_set_track+0x29/0x40 [ 48.630395] kasan_save_alloc_info+0x22/0x30 [ 48.630956] __kasan_kmalloc+0xb7/0xc0 [ 48.631474] kmalloc_trace+0x4c/0xb0 [ 48.632065] kmalloc_uaf2+0xb0/0x2b0 [ 48.632546] kunit_try_run_case+0x126/0x290 [ 48.633103] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.633869] kthread+0x19e/0x1e0 [ 48.634360] ret_from_fork+0x41/0x70 [ 48.634946] ret_from_fork_asm+0x1b/0x30 [ 48.635464] [ 48.635777] Freed by task 184: [ 48.636186] kasan_save_stack+0x3c/0x60 [ 48.636764] kasan_set_track+0x29/0x40 [ 48.637227] kasan_save_free_info+0x2f/0x50 [ 48.637784] ____kasan_slab_free+0x172/0x1d0 [ 48.638317] __kasan_slab_free+0x16/0x20 [ 48.638886] __kmem_cache_free+0x190/0x310 [ 48.639470] kfree+0x7c/0x120 [ 48.639980] kmalloc_uaf2+0xd0/0x2b0 [ 48.640421] kunit_try_run_case+0x126/0x290 [ 48.640990] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.641658] kthread+0x19e/0x1e0 [ 48.642136] ret_from_fork+0x41/0x70 [ 48.642625] ret_from_fork_asm+0x1b/0x30 [ 48.643227] [ 48.643510] The buggy address belongs to the object at ffff888102849100 [ 48.643510] which belongs to the cache kmalloc-64 of size 64 [ 48.644572] The buggy address is located 40 bytes inside of [ 48.644572] freed 64-byte region [ffff888102849100, ffff888102849140) [ 48.645560] [ 48.645882] The buggy address belongs to the physical page: [ 48.646494] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102849 [ 48.647475] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.648066] page_type: 0xffffffff() [ 48.648555] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 48.649360] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 48.650134] page dumped because: kasan: bad access detected [ 48.650635] [ 48.650962] Memory state around the buggy address: [ 48.651519] ffff888102849000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.652215] ffff888102849080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.652934] >ffff888102849100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.653647] ^ [ 48.654095] ffff888102849180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 48.654917] ffff888102849200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.655544] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
[ 48.535642] ================================================================== [ 48.536501] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0xdb/0x1d0 [ 48.537599] Write of size 33 at addr ffff888102849080 by task kunit_try_catch/182 [ 48.538335] [ 48.538598] CPU: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.539639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.540416] Call Trace: [ 48.540844] <TASK> [ 48.541200] dump_stack_lvl+0x4e/0x90 [ 48.542223] print_report+0xd2/0x660 [ 48.542816] ? __virt_addr_valid+0x156/0x1e0 [ 48.543625] ? kasan_complete_mode_report_info+0x64/0x200 [ 48.544513] kasan_report+0xff/0x140 [ 48.545155] ? kmalloc_uaf_memset+0xdb/0x1d0 [ 48.545838] ? kmalloc_uaf_memset+0xdb/0x1d0 [ 48.546582] kasan_check_range+0x10c/0x1c0 [ 48.547227] __asan_memset+0x27/0x50 [ 48.547919] kmalloc_uaf_memset+0xdb/0x1d0 [ 48.548468] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 48.549249] ? __schedule+0x70b/0x1190 [ 48.550154] ? ktime_get_ts64+0x118/0x140 [ 48.550944] kunit_try_run_case+0x126/0x290 [ 48.551766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.552568] ? __kasan_check_write+0x18/0x20 [ 48.553301] ? trace_preempt_on+0x20/0xa0 [ 48.553917] ? __kthread_parkme+0x4f/0xd0 [ 48.554566] ? preempt_count_sub+0x50/0x80 [ 48.555254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.555828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.556667] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.557579] kthread+0x19e/0x1e0 [ 48.558140] ? __pfx_kthread+0x10/0x10 [ 48.558588] ret_from_fork+0x41/0x70 [ 48.559032] ? __pfx_kthread+0x10/0x10 [ 48.559532] ret_from_fork_asm+0x1b/0x30 [ 48.560637] </TASK> [ 48.561184] [ 48.561821] Allocated by task 182: [ 48.562294] kasan_save_stack+0x3c/0x60 [ 48.563010] kasan_set_track+0x29/0x40 [ 48.563721] kasan_save_alloc_info+0x22/0x30 [ 48.564223] __kasan_kmalloc+0xb7/0xc0 [ 48.564634] kmalloc_trace+0x4c/0xb0 [ 48.565065] kmalloc_uaf_memset+0x9d/0x1d0 [ 48.565501] kunit_try_run_case+0x126/0x290 [ 48.566807] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.567728] kthread+0x19e/0x1e0 [ 48.568380] ret_from_fork+0x41/0x70 [ 48.569092] ret_from_fork_asm+0x1b/0x30 [ 48.569718] [ 48.570292] Freed by task 182: [ 48.570637] kasan_save_stack+0x3c/0x60 [ 48.571295] kasan_set_track+0x29/0x40 [ 48.572199] kasan_save_free_info+0x2f/0x50 [ 48.572913] ____kasan_slab_free+0x172/0x1d0 [ 48.573356] __kasan_slab_free+0x16/0x20 [ 48.574119] __kmem_cache_free+0x190/0x310 [ 48.574714] kfree+0x7c/0x120 [ 48.575446] kmalloc_uaf_memset+0xbd/0x1d0 [ 48.576034] kunit_try_run_case+0x126/0x290 [ 48.576977] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.577705] kthread+0x19e/0x1e0 [ 48.578192] ret_from_fork+0x41/0x70 [ 48.578641] ret_from_fork_asm+0x1b/0x30 [ 48.579611] [ 48.580193] The buggy address belongs to the object at ffff888102849080 [ 48.580193] which belongs to the cache kmalloc-64 of size 64 [ 48.581899] The buggy address is located 0 bytes inside of [ 48.581899] freed 64-byte region [ffff888102849080, ffff8881028490c0) [ 48.583217] [ 48.583515] The buggy address belongs to the physical page: [ 48.584579] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102849 [ 48.585331] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.586284] page_type: 0xffffffff() [ 48.587141] raw: 0200000000000800 ffff888100041640 dead000000000122 0000000000000000 [ 48.588115] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000 [ 48.589177] page dumped because: kasan: bad access detected [ 48.589722] [ 48.589999] Memory state around the buggy address: [ 48.590435] ffff888102848f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.591574] ffff888102849000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.592530] >ffff888102849080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 48.593395] ^ [ 48.594043] ffff888102849100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.595043] ffff888102849180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.595937] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
[ 48.469711] ================================================================== [ 48.470631] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0xd5/0x1d0 [ 48.471595] Read of size 1 at addr ffff88810273e0a8 by task kunit_try_catch/180 [ 48.472344] [ 48.472632] CPU: 1 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 48.474220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.475084] Call Trace: [ 48.475530] <TASK> [ 48.476004] dump_stack_lvl+0x4e/0x90 [ 48.476627] print_report+0xd2/0x660 [ 48.477241] ? __virt_addr_valid+0x156/0x1e0 [ 48.477824] ? kasan_complete_mode_report_info+0x64/0x200 [ 48.478430] kasan_report+0xff/0x140 [ 48.478895] ? kmalloc_uaf+0xd5/0x1d0 [ 48.479372] ? kmalloc_uaf+0xd5/0x1d0 [ 48.479847] __asan_load1+0x66/0x70 [ 48.480918] kmalloc_uaf+0xd5/0x1d0 [ 48.481372] ? __pfx_kmalloc_uaf+0x10/0x10 [ 48.482047] ? __schedule+0x70b/0x1190 [ 48.482599] ? ktime_get_ts64+0x118/0x140 [ 48.483339] kunit_try_run_case+0x126/0x290 [ 48.483930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.484638] ? __kasan_check_write+0x18/0x20 [ 48.485354] ? trace_preempt_on+0x20/0xa0 [ 48.485784] ? __kthread_parkme+0x4f/0xd0 [ 48.486407] ? preempt_count_sub+0x50/0x80 [ 48.487059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 48.487685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 48.488748] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.489338] kthread+0x19e/0x1e0 [ 48.489850] ? __pfx_kthread+0x10/0x10 [ 48.490454] ret_from_fork+0x41/0x70 [ 48.491101] ? __pfx_kthread+0x10/0x10 [ 48.491648] ret_from_fork_asm+0x1b/0x30 [ 48.492361] </TASK> [ 48.492758] [ 48.493039] Allocated by task 180: [ 48.493524] kasan_save_stack+0x3c/0x60 [ 48.494108] kasan_set_track+0x29/0x40 [ 48.494672] kasan_save_alloc_info+0x22/0x30 [ 48.495272] __kasan_kmalloc+0xb7/0xc0 [ 48.495885] kmalloc_trace+0x4c/0xb0 [ 48.496394] kmalloc_uaf+0x9d/0x1d0 [ 48.496949] kunit_try_run_case+0x126/0x290 [ 48.497491] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.498215] kthread+0x19e/0x1e0 [ 48.498818] ret_from_fork+0x41/0x70 [ 48.499371] ret_from_fork_asm+0x1b/0x30 [ 48.499913] [ 48.500099] Freed by task 180: [ 48.500350] kasan_save_stack+0x3c/0x60 [ 48.500779] kasan_set_track+0x29/0x40 [ 48.501141] kasan_save_free_info+0x2f/0x50 [ 48.501541] ____kasan_slab_free+0x172/0x1d0 [ 48.502072] __kasan_slab_free+0x16/0x20 [ 48.502627] __kmem_cache_free+0x190/0x310 [ 48.503321] kfree+0x7c/0x120 [ 48.503814] kmalloc_uaf+0xbd/0x1d0 [ 48.504365] kunit_try_run_case+0x126/0x290 [ 48.505093] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 48.506043] kthread+0x19e/0x1e0 [ 48.506610] ret_from_fork+0x41/0x70 [ 48.508281] ret_from_fork_asm+0x1b/0x30 [ 48.509415] [ 48.509841] The buggy address belongs to the object at ffff88810273e0a0 [ 48.509841] which belongs to the cache kmalloc-16 of size 16 [ 48.511112] The buggy address is located 8 bytes inside of [ 48.511112] freed 16-byte region [ffff88810273e0a0, ffff88810273e0b0) [ 48.511887] [ 48.512173] The buggy address belongs to the physical page: [ 48.513611] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10273e [ 48.514944] flags: 0x200000000000800(slab|node=0|zone=2) [ 48.515633] page_type: 0xffffffff() [ 48.516144] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 48.516919] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 48.518198] page dumped because: kasan: bad access detected [ 48.519005] [ 48.519338] Memory state around the buggy address: [ 48.519989] ffff88810273df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.520953] ffff88810273e000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 48.521582] >ffff88810273e080: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 48.522768] ^ [ 48.523467] ffff88810273e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.524167] ffff88810273e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.524996] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_pagealloc_oob_right: Failure
[ 46.834440] ================================================================== [ 46.835983] BUG: KASAN: slab-out-of-bounds in kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 46.836777] Write of size 1 at addr ffff88810207a00a by task kunit_try_catch/140 [ 46.837474] [ 46.837719] CPU: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.838943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.840519] Call Trace: [ 46.840913] <TASK> [ 46.841284] dump_stack_lvl+0x4e/0x90 [ 46.841883] print_report+0xd2/0x660 [ 46.842463] ? __virt_addr_valid+0x156/0x1e0 [ 46.843100] ? kasan_addr_to_slab+0x11/0xb0 [ 46.844084] kasan_report+0xff/0x140 [ 46.844976] ? kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 46.845528] ? kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 46.846254] __asan_store1+0x69/0x70 [ 46.846774] kmalloc_pagealloc_oob_right+0xab/0x1c0 [ 46.847364] ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10 [ 46.847893] ? __pfx_kmalloc_pagealloc_oob_right+0x10/0x10 [ 46.848804] ? kunit_try_run_case+0x11b/0x290 [ 46.849610] kunit_try_run_case+0x126/0x290 [ 46.850274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.851182] ? __kasan_check_write+0x18/0x20 [ 46.851982] ? trace_preempt_on+0x20/0xa0 [ 46.852532] ? __kthread_parkme+0x4f/0xd0 [ 46.853134] ? preempt_count_sub+0x50/0x80 [ 46.853711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.854348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.855253] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.856255] kthread+0x19e/0x1e0 [ 46.856837] ? __pfx_kthread+0x10/0x10 [ 46.857370] ret_from_fork+0x41/0x70 [ 46.857930] ? __pfx_kthread+0x10/0x10 [ 46.858505] ret_from_fork_asm+0x1b/0x30 [ 46.859208] </TASK> [ 46.859999] [ 46.860334] The buggy address belongs to the physical page: [ 46.861402] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102078 [ 46.862300] head:(____ptrval____) order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 46.863487] flags: 0x200000000000040(head|node=0|zone=2) [ 46.864130] page_type: 0xffffffff() [ 46.864672] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 46.865461] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 46.866199] page dumped because: kasan: bad access detected [ 46.866837] [ 46.867293] Memory state around the buggy address: [ 46.867778] ffff888102079f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.869172] ffff888102079f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.869914] >ffff88810207a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 46.870643] ^ [ 46.871074] ffff88810207a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 46.872377] ffff88810207a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 46.873010] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
[ 46.776756] ================================================================== [ 46.777699] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0xd4/0x1f0 [ 46.778501] Read of size 1 at addr ffff888101d4d000 by task kunit_try_catch/138 [ 46.779473] [ 46.779789] CPU: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.781223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.782497] Call Trace: [ 46.782818] <TASK> [ 46.783130] dump_stack_lvl+0x4e/0x90 [ 46.783655] print_report+0xd2/0x660 [ 46.784235] ? __virt_addr_valid+0x156/0x1e0 [ 46.784785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.785469] kasan_report+0xff/0x140 [ 46.786637] ? kmalloc_node_oob_right+0xd4/0x1f0 [ 46.787206] ? kmalloc_node_oob_right+0xd4/0x1f0 [ 46.787877] __asan_load1+0x66/0x70 [ 46.788393] kmalloc_node_oob_right+0xd4/0x1f0 [ 46.788977] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 46.790402] ? __schedule+0x70b/0x1190 [ 46.790973] ? ktime_get_ts64+0x118/0x140 [ 46.791809] kunit_try_run_case+0x126/0x290 [ 46.792451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.793200] ? __kasan_check_write+0x18/0x20 [ 46.793665] ? trace_preempt_on+0x20/0xa0 [ 46.794375] ? __kthread_parkme+0x4f/0xd0 [ 46.795247] ? preempt_count_sub+0x50/0x80 [ 46.795881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.796434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.797081] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.797883] kthread+0x19e/0x1e0 [ 46.798428] ? __pfx_kthread+0x10/0x10 [ 46.799261] ret_from_fork+0x41/0x70 [ 46.799914] ? __pfx_kthread+0x10/0x10 [ 46.800555] ret_from_fork_asm+0x1b/0x30 [ 46.801117] </TASK> [ 46.801482] [ 46.801688] Allocated by task 138: [ 46.802090] kasan_save_stack+0x3c/0x60 [ 46.802643] kasan_set_track+0x29/0x40 [ 46.803205] kasan_save_alloc_info+0x22/0x30 [ 46.804019] __kasan_kmalloc+0xb7/0xc0 [ 46.804549] kmalloc_node_trace+0x49/0xb0 [ 46.805190] kmalloc_node_oob_right+0xa1/0x1f0 [ 46.805699] kunit_try_run_case+0x126/0x290 [ 46.806280] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.807566] kthread+0x19e/0x1e0 [ 46.808101] ret_from_fork+0x41/0x70 [ 46.808648] ret_from_fork_asm+0x1b/0x30 [ 46.809195] [ 46.809421] The buggy address belongs to the object at ffff888101d4c000 [ 46.809421] which belongs to the cache kmalloc-4k of size 4096 [ 46.810449] The buggy address is located 0 bytes to the right of [ 46.810449] allocated 4096-byte region [ffff888101d4c000, ffff888101d4d000) [ 46.812512] [ 46.812840] The buggy address belongs to the physical page: [ 46.813333] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d48 [ 46.814476] head:(____ptrval____) order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 46.815608] flags: 0x200000000000840(slab|head|node=0|zone=2) [ 46.816510] page_type: 0xffffffff() [ 46.816961] raw: 0200000000000840 ffff888100042140 dead000000000122 0000000000000000 [ 46.818055] raw: 0000000000000000 0000000080040004 00000001ffffffff 0000000000000000 [ 46.818814] page dumped because: kasan: bad access detected [ 46.819759] [ 46.819966] Memory state around the buggy address: [ 46.820696] ffff888101d4cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.821287] ffff888101d4cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.822175] >ffff888101d4d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.822915] ^ [ 46.823504] ffff888101d4d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.824510] ffff888101d4d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.825274] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
[ 46.722123] ================================================================== [ 46.723494] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0xcf/0x1f0 [ 46.724226] Read of size 1 at addr ffff888101a813bf by task kunit_try_catch/136 [ 46.724828] [ 46.725135] CPU: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.726060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.726807] Call Trace: [ 46.727164] <TASK> [ 46.727596] dump_stack_lvl+0x4e/0x90 [ 46.728266] print_report+0xd2/0x660 [ 46.728852] ? __virt_addr_valid+0x156/0x1e0 [ 46.729484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.730145] kasan_report+0xff/0x140 [ 46.730725] ? kmalloc_oob_left+0xcf/0x1f0 [ 46.731376] ? kmalloc_oob_left+0xcf/0x1f0 [ 46.732012] __asan_load1+0x66/0x70 [ 46.732553] kmalloc_oob_left+0xcf/0x1f0 [ 46.733118] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 46.733704] ? __schedule+0x70b/0x1190 [ 46.734206] ? ktime_get_ts64+0x118/0x140 [ 46.734865] kunit_try_run_case+0x126/0x290 [ 46.735524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.736195] ? __kasan_check_write+0x18/0x20 [ 46.736829] ? trace_preempt_on+0x20/0xa0 [ 46.737375] ? __kthread_parkme+0x4f/0xd0 [ 46.737879] ? preempt_count_sub+0x50/0x80 [ 46.738545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.739231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.739905] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.740675] kthread+0x19e/0x1e0 [ 46.741257] ? __pfx_kthread+0x10/0x10 [ 46.741783] ret_from_fork+0x41/0x70 [ 46.742360] ? __pfx_kthread+0x10/0x10 [ 46.742972] ret_from_fork_asm+0x1b/0x30 [ 46.743575] </TASK> [ 46.743974] [ 46.744268] Allocated by task 1: [ 46.744645] kasan_save_stack+0x3c/0x60 [ 46.745230] kasan_set_track+0x29/0x40 [ 46.745765] kasan_save_alloc_info+0x22/0x30 [ 46.746384] __kasan_kmalloc+0xb7/0xc0 [ 46.746951] __kmalloc_node_track_caller+0x69/0x170 [ 46.747520] kvasprintf+0xc6/0x150 [ 46.748117] __kthread_create_on_node+0x128/0x260 [ 46.748617] kthread_create_on_node+0xa8/0xe0 [ 46.749150] create_worker+0x19a/0x3d0 [ 46.749606] alloc_unbound_pwq+0x4bf/0x4d0 [ 46.750133] apply_wqattrs_prepare+0x1b7/0x3c0 [ 46.750667] apply_workqueue_attrs_locked+0x66/0xa0 [ 46.751222] alloc_workqueue+0x78c/0x910 [ 46.751815] latency_fsnotify_init+0x1b/0x50 [ 46.752408] do_one_initcall+0xb3/0x340 [ 46.752860] kernel_init_freeable+0x2ae/0x470 [ 46.753452] kernel_init+0x23/0x1e0 [ 46.753913] ret_from_fork+0x41/0x70 [ 46.754447] ret_from_fork_asm+0x1b/0x30 [ 46.754966] [ 46.755226] The buggy address belongs to the object at ffff888101a813a0 [ 46.755226] which belongs to the cache kmalloc-16 of size 16 [ 46.756315] The buggy address is located 18 bytes to the right of [ 46.756315] allocated 13-byte region [ffff888101a813a0, ffff888101a813ad) [ 46.757495] [ 46.757729] The buggy address belongs to the physical page: [ 46.758403] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 46.759251] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.759806] page_type: 0xffffffff() [ 46.760313] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 46.761078] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 46.761874] page dumped because: kasan: bad access detected [ 46.762332] [ 46.762606] Memory state around the buggy address: [ 46.763157] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 46.763725] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 46.764518] >ffff888101a81380: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 46.765211] ^ [ 46.765811] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.766429] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.767147] ==================================================================
Failure - log-parser-test - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-test/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
[ 46.575813] ================================================================== [ 46.577068] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xcf/0x330 [ 46.578236] Write of size 1 at addr ffff888102840473 by task kunit_try_catch/134 [ 46.579108] [ 46.580127] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G N 6.6.76-rc1 #1 [ 46.581104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.582548] Call Trace: [ 46.583012] <TASK> [ 46.583686] dump_stack_lvl+0x4e/0x90 [ 46.584344] print_report+0xd2/0x660 [ 46.584873] ? __virt_addr_valid+0x156/0x1e0 [ 46.585398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.586068] kasan_report+0xff/0x140 [ 46.586556] ? kmalloc_oob_right+0xcf/0x330 [ 46.587076] ? kmalloc_oob_right+0xcf/0x330 [ 46.587657] __asan_store1+0x69/0x70 [ 46.588134] kmalloc_oob_right+0xcf/0x330 [ 46.588704] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.589358] ? __schedule+0x70b/0x1190 [ 46.589935] ? ktime_get_ts64+0x118/0x140 [ 46.590545] kunit_try_run_case+0x126/0x290 [ 46.591066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.591684] ? __kasan_check_write+0x18/0x20 [ 46.592267] ? trace_preempt_on+0x20/0xa0 [ 46.592816] ? __kthread_parkme+0x4f/0xd0 [ 46.593395] ? preempt_count_sub+0x50/0x80 [ 46.593945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.594503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.595309] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.595970] kthread+0x19e/0x1e0 [ 46.596421] ? __pfx_kthread+0x10/0x10 [ 46.596897] ret_from_fork+0x41/0x70 [ 46.597453] ? __pfx_kthread+0x10/0x10 [ 46.597963] ret_from_fork_asm+0x1b/0x30 [ 46.598619] </TASK> [ 46.599159] [ 46.599516] Allocated by task 134: [ 46.600170] kasan_save_stack+0x3c/0x60 [ 46.600694] kasan_set_track+0x29/0x40 [ 46.601215] kasan_save_alloc_info+0x22/0x30 [ 46.601703] __kasan_kmalloc+0xb7/0xc0 [ 46.602231] kmalloc_trace+0x4c/0xb0 [ 46.602694] kmalloc_oob_right+0x9f/0x330 [ 46.603272] kunit_try_run_case+0x126/0x290 [ 46.603792] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.604497] kthread+0x19e/0x1e0 [ 46.604964] ret_from_fork+0x41/0x70 [ 46.605525] ret_from_fork_asm+0x1b/0x30 [ 46.606209] [ 46.606649] The buggy address belongs to the object at ffff888102840400 [ 46.606649] which belongs to the cache kmalloc-128 of size 128 [ 46.608081] The buggy address is located 0 bytes to the right of [ 46.608081] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.609213] [ 46.609702] The buggy address belongs to the physical page: [ 46.610545] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.611961] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.613040] page_type: 0xffffffff() [ 46.614274] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.614996] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.615813] page dumped because: kasan: bad access detected [ 46.616289] [ 46.616540] Memory state around the buggy address: [ 46.617446] ffff888102840300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.618275] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.619042] >ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.619852] ^ [ 46.620675] ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.621531] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.622451] ================================================================== [ 46.671212] ================================================================== [ 46.671716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x144/0x330 [ 46.672213] Read of size 1 at addr ffff888102840480 by task kunit_try_catch/134 [ 46.673136] [ 46.673448] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.674441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.675535] Call Trace: [ 46.675939] <TASK> [ 46.676324] dump_stack_lvl+0x4e/0x90 [ 46.677000] print_report+0xd2/0x660 [ 46.677633] ? __virt_addr_valid+0x156/0x1e0 [ 46.678237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.679066] kasan_report+0xff/0x140 [ 46.679684] ? kmalloc_oob_right+0x144/0x330 [ 46.680305] ? kmalloc_oob_right+0x144/0x330 [ 46.680984] __asan_load1+0x66/0x70 [ 46.681598] kmalloc_oob_right+0x144/0x330 [ 46.682260] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.682836] ? __schedule+0x70b/0x1190 [ 46.683565] ? ktime_get_ts64+0x118/0x140 [ 46.684171] kunit_try_run_case+0x126/0x290 [ 46.684799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.685337] ? __kasan_check_write+0x18/0x20 [ 46.685947] ? trace_preempt_on+0x20/0xa0 [ 46.686482] ? __kthread_parkme+0x4f/0xd0 [ 46.687069] ? preempt_count_sub+0x50/0x80 [ 46.687656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.688209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.689018] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.689707] kthread+0x19e/0x1e0 [ 46.690221] ? __pfx_kthread+0x10/0x10 [ 46.690786] ret_from_fork+0x41/0x70 [ 46.691389] ? __pfx_kthread+0x10/0x10 [ 46.691936] ret_from_fork_asm+0x1b/0x30 [ 46.692589] </TASK> [ 46.692959] [ 46.693234] Allocated by task 134: [ 46.693709] kasan_save_stack+0x3c/0x60 [ 46.694236] kasan_set_track+0x29/0x40 [ 46.694769] kasan_save_alloc_info+0x22/0x30 [ 46.695434] __kasan_kmalloc+0xb7/0xc0 [ 46.695973] kmalloc_trace+0x4c/0xb0 [ 46.696415] kmalloc_oob_right+0x9f/0x330 [ 46.697116] kunit_try_run_case+0x126/0x290 [ 46.697694] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.698394] kthread+0x19e/0x1e0 [ 46.698946] ret_from_fork+0x41/0x70 [ 46.699505] ret_from_fork_asm+0x1b/0x30 [ 46.700047] [ 46.700323] The buggy address belongs to the object at ffff888102840400 [ 46.700323] which belongs to the cache kmalloc-128 of size 128 [ 46.701474] The buggy address is located 13 bytes to the right of [ 46.701474] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.702585] [ 46.702922] The buggy address belongs to the physical page: [ 46.703460] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.704373] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.704967] page_type: 0xffffffff() [ 46.705534] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.706353] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.707125] page dumped because: kasan: bad access detected [ 46.707690] [ 46.707953] Memory state around the buggy address: [ 46.708554] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.709288] ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.709947] >ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.710614] ^ [ 46.711107] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.711803] ffff888102840580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.712556] ================================================================== [ 46.625274] ================================================================== [ 46.626063] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x108/0x330 [ 46.626932] Write of size 1 at addr ffff888102840478 by task kunit_try_catch/134 [ 46.627633] [ 46.628036] CPU: 0 PID: 134 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 46.629116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.630009] Call Trace: [ 46.630465] <TASK> [ 46.630838] dump_stack_lvl+0x4e/0x90 [ 46.631520] print_report+0xd2/0x660 [ 46.632154] ? __virt_addr_valid+0x156/0x1e0 [ 46.632710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 46.633681] kasan_report+0xff/0x140 [ 46.634326] ? kmalloc_oob_right+0x108/0x330 [ 46.634597] ? kmalloc_oob_right+0x108/0x330 [ 46.635015] __asan_store1+0x69/0x70 [ 46.635718] kmalloc_oob_right+0x108/0x330 [ 46.636447] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 46.637214] ? __schedule+0x70b/0x1190 [ 46.637899] ? ktime_get_ts64+0x118/0x140 [ 46.638479] kunit_try_run_case+0x126/0x290 [ 46.638938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.639453] ? __kasan_check_write+0x18/0x20 [ 46.640037] ? trace_preempt_on+0x20/0xa0 [ 46.640564] ? __kthread_parkme+0x4f/0xd0 [ 46.641258] ? preempt_count_sub+0x50/0x80 [ 46.641942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 46.642580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 46.643405] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.644205] kthread+0x19e/0x1e0 [ 46.644749] ? __pfx_kthread+0x10/0x10 [ 46.645319] ret_from_fork+0x41/0x70 [ 46.646006] ? __pfx_kthread+0x10/0x10 [ 46.646567] ret_from_fork_asm+0x1b/0x30 [ 46.647258] </TASK> [ 46.647623] [ 46.647962] Allocated by task 134: [ 46.648405] kasan_save_stack+0x3c/0x60 [ 46.649044] kasan_set_track+0x29/0x40 [ 46.649583] kasan_save_alloc_info+0x22/0x30 [ 46.650204] __kasan_kmalloc+0xb7/0xc0 [ 46.650798] kmalloc_trace+0x4c/0xb0 [ 46.651361] kmalloc_oob_right+0x9f/0x330 [ 46.651994] kunit_try_run_case+0x126/0x290 [ 46.652576] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 46.653340] kthread+0x19e/0x1e0 [ 46.653882] ret_from_fork+0x41/0x70 [ 46.654444] ret_from_fork_asm+0x1b/0x30 [ 46.655046] [ 46.655380] The buggy address belongs to the object at ffff888102840400 [ 46.655380] which belongs to the cache kmalloc-128 of size 128 [ 46.656540] The buggy address is located 5 bytes to the right of [ 46.656540] allocated 115-byte region [ffff888102840400, ffff888102840473) [ 46.657861] [ 46.658209] The buggy address belongs to the physical page: [ 46.658675] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102840 [ 46.659704] flags: 0x200000000000800(slab|node=0|zone=2) [ 46.660418] page_type: 0xffffffff() [ 46.661000] raw: 0200000000000800 ffff8881000418c0 dead000000000122 0000000000000000 [ 46.661792] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.662589] page dumped because: kasan: bad access detected [ 46.663101] [ 46.663424] Memory state around the buggy address: [ 46.664087] ffff888102840300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.664941] ffff888102840380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.665591] >ffff888102840400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 46.666250] ^ [ 46.666969] ffff888102840480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.667707] ffff888102840500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.668501] ==================================================================
Failure - boot - gcc-13-lkftconfig-kunit
KNOWN ISSUE - boot/gcc-13-lkftconfig-kunit: Failure
(no logs available)